From 6f545262a45379255a17b772ed0c592858419500 Mon Sep 17 00:00:00 2001 From: sebhoss Date: Fri, 28 Feb 2025 10:19:23 +0000 Subject: [PATCH] Update upstream specifications to their latest version --- .../v1alpha1/apimanagerbackups.yaml | 18 +- .../v1alpha1/apimanagerrestores.yaml | 18 +- .../apps.3scale.net/v1alpha1/apimanagers.yaml | 3610 ++--- .../v1alpha1/tenants.yaml | 20 +- .../v1beta1/activedocs.yaml | 32 +- .../v1beta1/applications.yaml | 18 +- .../v1beta1/backends.yaml | 25 +- .../v1beta1/custompolicydefinitions.yaml | 16 +- .../v1beta1/developeraccounts.yaml | 16 +- .../v1beta1/developerusers.yaml | 18 +- .../v1beta1/openapis.yaml | 38 +- .../v1beta1/products.yaml | 64 +- .../v1beta1/proxyconfigpromotes.yaml | 14 +- .../apps.3scale.net/v1alpha1/apicasts.yaml | 98 +- .../api.clever-cloud.com/v1/mysqls.yaml | 1 + .../api.clever-cloud.com/v1/postgresqls.yaml | 9 +- .../api.clever-cloud.com/v1/redis.yaml | 1 + .../api.clever-cloud.com/v1alpha1/kvs.yaml | 62 + .../v1alpha1/datadogmetrics.yaml | 2 +- .../v1alpha1/datadogmonitors.yaml | 2 +- .../datadoghq.com/v1alpha1/datadogslos.yaml | 6 +- .../datadoghq.com/v2alpha1/datadogagents.yaml | 982 +- .../v1alpha1/dopplersecrets.yaml | 2 +- .../v1beta2/scheduledsparkapplications.yaml | 858 +- .../v1beta2/sparkapplications.yaml | 858 +- .../kuadrant.io/v1alpha1/dnsrecords.yaml | 37 +- .../kuadrant.io/v1/authpolicies.yaml | 5464 +++++++ .../kuadrant.io/v1/ratelimitpolicies.yaml | 373 + .../kuadrant.io/v1beta1/kuadrants.yaml | 12 +- .../v1/redisenterpriseclusters.yaml | 27 + .../redisenterpriseactiveactivedatabases.yaml | 8 +- .../v1alpha1/redisenterpriseclusters.yaml | 20 + .../v1alpha1/redisenterprisedatabases.yaml | 6 +- .../redisenterpriseremoteclusters.yaml | 6 + .../v1beta1/vlogs.yaml | 106 +- .../v1beta1/vmagents.yaml | 124 +- .../v1beta1/vmalertmanagerconfigs.yaml | 85 +- .../v1beta1/vmalertmanagers.yaml | 111 +- .../v1beta1/vmalerts.yaml | 112 +- .../v1beta1/vmauths.yaml | 544 +- .../v1beta1/vmclusters.yaml | 136 +- .../v1beta1/vmnodescrapes.yaml | 69 +- .../v1beta1/vmpodscrapes.yaml | 69 +- .../v1beta1/vmprobes.yaml | 69 +- .../v1beta1/vmrules.yaml | 79 +- .../v1beta1/vmscrapeconfigs.yaml | 75 +- .../v1beta1/vmservicescrapes.yaml | 69 +- .../v1beta1/vmsingles.yaml | 119 +- .../v1beta1/vmstaticscrapes.yaml | 69 +- .../v1beta1/vmusers.yaml | 83 +- .../v1/aerospikeclusters.yaml | 814 +- .../temporal.io/v1beta1/temporalclusters.yaml | 33 + .../awx.ansible.com/v1beta1/awxs.yaml | 9 +- .../camel-k/camel.apache.org/v1/builds.yaml | 50 +- .../camel.apache.org/v1/integrationkits.yaml | 10 +- .../v1/integrationplatforms.yaml | 136 +- .../v1/integrationprofiles.yaml | 136 +- .../camel.apache.org/v1/integrations.yaml | 327 +- .../camel-k/camel.apache.org/v1/pipes.yaml | 280 +- .../v1beta1/flinkdeployments.yaml | 5 + .../v1beta1/flinksessionjobs.yaml | 4 + .../rocketmq.apache.org/v1alpha1/brokers.yaml | 5 + .../v1alpha1/nameservices.yaml | 5 + .../apps.kubeblocks.io/v1/clusters.yaml | 3706 ++--- .../v1/componentdefinitions.yaml | 281 +- .../apps.kubeblocks.io/v1/components.yaml | 1510 +- .../v1alpha1/clusterdefinitions.yaml | 3 + .../apps.kubeblocks.io/v1alpha1/clusters.yaml | 53 +- .../v1alpha1/componentdefinitions.yaml | 22 +- .../v1alpha1/components.yaml | 20 + .../v1alpha1/actionsets.yaml | 22 +- .../v1alpha1/backuppolicies.yaml | 4 + .../v1alpha1/backups.yaml | 35 + .../v1alpha1/backupschedules.yaml | 22 + .../v1alpha1/restores.yaml | 25 + .../v1/instancesets.yaml | 1905 +-- .../v1alpha1/instancesets.yaml | 37 +- .../rc.app.stacks/v1/runtimecomponents.yaml | 8 + .../argoproj.io/v1alpha1/applications.yaml | 236 + .../argoproj.io/v1alpha1/applicationsets.yaml | 914 +- .../argoproj.io/v1alpha1/appprojects.yaml | 19 + .../argoproj.io/v1alpha1/argocds.yaml | 49 +- .../argoproj.io/v1beta1/argocds.yaml | 52 +- .../authzed.com/v1alpha1/spicedbclusters.yaml | 6 +- .../v1alpha1/certificateauthorities.yaml | 18 +- .../certificateauthorityactivations.yaml | 14 +- .../v1alpha1/certificates.yaml | 26 +- .../v1alpha1/apis.yaml | 25 +- .../v1alpha1/authorizers.yaml | 13 +- .../v1alpha1/deployments.yaml | 10 +- .../v1alpha1/integrations.yaml | 22 +- .../v1alpha1/routes.yaml | 16 +- .../v1alpha1/stages.yaml | 19 +- .../v1alpha1/vpclinks.yaml | 11 +- .../v1alpha1/scalabletargets.yaml | 14 +- .../v1alpha1/scalingpolicies.yaml | 18 +- .../v1alpha1/cachepolicies.yaml | 2 +- .../v1alpha1/distributions.yaml | 26 +- .../v1alpha1/functions.yaml | 2 +- .../v1alpha1/originrequestpolicies.yaml | 2 +- .../v1alpha1/responseheaderspolicies.yaml | 2 +- .../v1alpha1/eventdatastores.yaml | 14 +- .../v1alpha1/trails.yaml | 21 +- .../v1alpha1/metricalarms.yaml | 10 +- .../v1alpha1/loggroups.yaml | 2 +- .../v1alpha1/dbclusters.yaml | 2 +- .../v1alpha1/dbinstances.yaml | 5 +- .../v1alpha1/dbsubnetgroups.yaml | 2 +- .../v1alpha1/backups.yaml | 4 +- .../v1alpha1/globaltables.yaml | 2 +- .../v1alpha1/tables.yaml | 26 +- .../v1alpha1/dhcpoptions.yaml | 5 +- .../v1alpha1/elasticipaddresses.yaml | 10 +- .../v1alpha1/instances.yaml | 60 +- .../v1alpha1/internetgateways.yaml | 2 +- .../v1alpha1/natgateways.yaml | 6 +- .../v1alpha1/routetables.yaml | 4 +- .../v1alpha1/securitygroups.yaml | 24 +- .../v1alpha1/subnets.yaml | 6 +- .../v1alpha1/transitgateways.yaml | 2 +- .../v1alpha1/vpcendpoints.yaml | 16 +- .../ec2.services.k8s.aws/v1alpha1/vpcs.yaml | 2 +- .../v1alpha1/pullthroughcacherules.yaml | 13 +- .../v1alpha1/repositories.yaml | 4 +- .../v1alpha1/accesspoints.yaml | 11 +- .../v1alpha1/filesystems.yaml | 12 +- .../v1alpha1/mounttargets.yaml | 2 +- .../eks.services.k8s.aws/v1alpha1/addons.yaml | 4 +- .../v1alpha1/clusters.yaml | 64 +- .../v1alpha1/fargateprofiles.yaml | 4 +- .../v1alpha1/nodegroups.yaml | 16 +- .../v1alpha1/cacheparametergroups.yaml | 10 +- .../v1alpha1/cachesubnetgroups.yaml | 14 +- .../v1alpha1/replicationgroups.yaml | 88 +- .../v1alpha1/snapshots.yaml | 22 +- .../v1alpha1/usergroups.yaml | 12 +- .../v1alpha1/users.yaml | 8 +- .../v1alpha1/jobruns.yaml | 24 +- .../v1alpha1/virtualclusters.yaml | 6 +- .../iam.services.k8s.aws/v1alpha1/groups.yaml | 2 +- .../v1alpha1/instanceprofiles.yaml | 5 +- .../v1alpha1/openidconnectproviders.yaml | 8 +- .../v1alpha1/policies.yaml | 2 +- .../iam.services.k8s.aws/v1alpha1/roles.yaml | 2 +- .../iam.services.k8s.aws/v1alpha1/users.yaml | 2 +- .../v1alpha1/clusters.yaml | 27 +- .../v1alpha1/keyspaces.yaml | 5 +- .../v1alpha1/tables.yaml | 2 +- .../v1alpha1/streams.yaml | 2 +- .../v1alpha1/aliases.yaml | 4 +- .../kms.services.k8s.aws/v1alpha1/grants.yaml | 12 +- .../kms.services.k8s.aws/v1alpha1/keys.yaml | 42 +- .../v1alpha1/aliases.yaml | 6 +- .../v1alpha1/codesigningconfigs.yaml | 2 +- .../v1alpha1/eventsourcemappings.yaml | 30 +- .../v1alpha1/functions.yaml | 18 +- .../v1alpha1/functionurlconfigs.yaml | 6 +- .../v1alpha1/layerversions.yaml | 4 +- .../v1alpha1/versions.yaml | 14 +- .../mq.services.k8s.aws/v1alpha1/brokers.yaml | 33 +- .../v1alpha1/firewallpolicies.yaml | 2 +- .../v1alpha1/firewalls.yaml | 20 +- .../v1alpha1/rulegroups.yaml | 6 +- .../v1alpha1/domains.yaml | 2 +- .../v1alpha1/organizationalunits.yaml | 6 +- .../v1alpha1/pipes.yaml | 16 +- .../v1alpha1/alertmanagerdefinitions.yaml | 11 +- .../v1alpha1/loggingconfigurations.yaml | 13 +- .../v1alpha1/rulegroupsnamespaces.yaml | 16 +- .../v1alpha1/workspaces.yaml | 10 +- .../v1alpha1/dbclusterparametergroups.yaml | 6 +- .../v1alpha1/dbclusters.yaml | 153 +- .../v1alpha1/dbinstances.yaml | 167 +- .../v1alpha1/dbparametergroups.yaml | 6 +- .../v1alpha1/dbproxies.yaml | 8 +- .../v1alpha1/dbsubnetgroups.yaml | 4 +- .../v1alpha1/globalclusters.yaml | 23 +- .../v1alpha1/hostedzones.yaml | 2 +- .../v1alpha1/recordsets.yaml | 20 +- .../v1alpha1/resolverendpoints.yaml | 30 +- .../v1alpha1/resolverrules.yaml | 5 +- .../s3.services.k8s.aws/v1alpha1/buckets.yaml | 57 +- .../v1alpha1/apps.yaml | 8 +- .../v1alpha1/dataqualityjobdefinitions.yaml | 6 +- .../v1alpha1/domains.yaml | 20 +- .../v1alpha1/endpointconfigs.yaml | 10 +- .../v1alpha1/endpoints.yaml | 22 +- .../v1alpha1/featuregroups.yaml | 26 +- .../v1alpha1/hyperparametertuningjobs.yaml | 38 +- .../v1alpha1/modelbiasjobdefinitions.yaml | 6 +- .../modelexplainabilityjobdefinitions.yaml | 6 +- .../v1alpha1/modelpackagegroups.yaml | 8 +- .../v1alpha1/modelpackages.yaml | 24 +- .../v1alpha1/modelqualityjobdefinitions.yaml | 6 +- .../v1alpha1/models.yaml | 14 +- .../v1alpha1/monitoringschedules.yaml | 8 +- .../notebookinstancelifecycleconfigs.yaml | 8 +- .../v1alpha1/notebookinstances.yaml | 14 +- .../v1alpha1/processingjobs.yaml | 10 +- .../v1alpha1/trainingjobs.yaml | 34 +- .../v1alpha1/transformjobs.yaml | 16 +- .../v1alpha1/userprofiles.yaml | 14 +- .../v1alpha1/secrets.yaml | 7 +- .../v1alpha1/activities.yaml | 11 +- .../v1alpha1/statemachines.yaml | 15 +- .../v1alpha1/platformapplications.yaml | 2 +- .../v1alpha1/platformendpoints.yaml | 4 +- .../v1alpha1/subscriptions.yaml | 2 +- .../sns.services.k8s.aws/v1alpha1/topics.yaml | 5 +- .../sqs.services.k8s.aws/v1alpha1/queues.yaml | 5 +- .../v1alpha1/amazoncloudwatchagents.yaml | 896 ++ .../v1alpha1/accesslogpolicies.yaml | 26 +- .../v1alpha1/iamauthpolicies.yaml | 26 +- .../v1alpha1/serviceexports.yaml | 12 +- .../v1alpha1/serviceimports.yaml | 25 +- .../v1alpha1/targetgrouppolicies.yaml | 32 +- .../v1alpha1/vpcassociationpolicies.yaml | 28 +- .../v1alpha1/awsdatacenterconfigs.yaml | 12 +- .../v1alpha1/awsiamconfigs.yaml | 14 +- .../v1alpha1/bundles.yaml | 76 + .../v1alpha1/cloudstackdatacenterconfigs.yaml | 28 +- .../v1alpha1/cloudstackmachineconfigs.yaml | 28 +- .../v1alpha1/clusters.yaml | 77 +- .../v1alpha1/controlplaneupgrades.yaml | 42 +- .../v1alpha1/dockerdatacenterconfigs.yaml | 12 +- .../v1alpha1/fluxconfigs.yaml | 14 +- .../v1alpha1/gitopsconfigs.yaml | 12 +- .../v1alpha1/machinedeploymentupgrades.yaml | 40 +- .../v1alpha1/nodeupgrades.yaml | 43 +- .../v1alpha1/nutanixdatacenterconfigs.yaml | 27 +- .../v1alpha1/nutanixmachineconfigs.yaml | 54 +- .../v1alpha1/oidcconfigs.yaml | 12 +- .../v1alpha1/snowdatacenterconfigs.yaml | 12 +- .../v1alpha1/snowippools.yaml | 12 +- .../v1alpha1/snowmachineconfigs.yaml | 52 +- .../v1alpha1/tinkerbelldatacenterconfigs.yaml | 24 +- .../v1alpha1/tinkerbellmachineconfigs.yaml | 40 +- .../v1alpha1/tinkerbelltemplateconfigs.yaml | 12 +- .../v1alpha1/vspheredatacenterconfigs.yaml | 45 +- .../v1alpha1/vspheremachineconfigs.yaml | 40 +- .../karpenter.k8s.aws/v1/ec2nodeclasses.yaml | 88 +- .../karpenter.sh/v1/nodeclaims.yaml | 17 +- .../karpenter.sh/v1/nodepools.yaml | 24 +- .../v1alpha1/replicationdestinations.yaml | 9 + .../v1alpha1/replicationsources.yaml | 12 + .../acme.cert-manager.io/v1/challenges.yaml | 6 +- .../cert-manager.io/v1/certificates.yaml | 16 +- .../cert-manager.io/v1/clusterissuers.yaml | 8 +- .../cert-manager.io/v1/issuers.yaml | 8 +- .../v1alpha1/bundles.yaml | 62 +- .../chaos-mesh.org/v1alpha1/awschaos.yaml | 12 +- .../chaos-mesh.org/v1alpha1/azurechaos.yaml | 12 +- .../chaos-mesh.org/v1alpha1/blockchaos.yaml | 34 +- .../chaos-mesh.org/v1alpha1/dnschaos.yaml | 36 +- .../chaos-mesh.org/v1alpha1/gcpchaos.yaml | 12 +- .../chaos-mesh.org/v1alpha1/httpchaos.yaml | 46 +- .../chaos-mesh.org/v1alpha1/iochaos.yaml | 44 +- .../chaos-mesh.org/v1alpha1/jvmchaos.yaml | 47 +- .../chaos-mesh.org/v1alpha1/kernelchaos.yaml | 44 +- .../chaos-mesh.org/v1alpha1/networkchaos.yaml | 62 +- .../v1alpha1/physicalmachinechaos.yaml | 76 +- .../v1alpha1/physicalmachines.yaml | 6 +- .../chaos-mesh.org/v1alpha1/podchaos.yaml | 38 +- .../chaos-mesh.org/v1alpha1/podhttpchaos.yaml | 22 +- .../chaos-mesh.org/v1alpha1/podiochaos.yaml | 8 +- .../v1alpha1/podnetworkchaos.yaml | 18 +- .../v1alpha1/remoteclusters.yaml | 6 +- .../chaos-mesh.org/v1alpha1/schedules.yaml | 1943 +-- .../chaos-mesh.org/v1alpha1/statuschecks.yaml | 24 +- .../chaos-mesh.org/v1alpha1/stresschaos.yaml | 46 +- .../chaos-mesh.org/v1alpha1/timechaos.yaml | 36 +- .../v1alpha1/workflownodes.yaml | 2944 ++-- .../chaos-mesh.org/v1alpha1/workflows.yaml | 1470 +- .../v2/ciliumclusterwideenvoyconfigs.yaml | 2 +- .../v2/ciliumclusterwidenetworkpolicies.yaml | 436 +- .../v2/ciliumegressgatewaypolicies.yaml | 43 +- .../cilium/cilium.io/v2/ciliumendpoints.yaml | 6 +- .../cilium.io/v2/ciliumenvoyconfigs.yaml | 2 +- .../cilium/cilium.io/v2/ciliumidentities.yaml | 2 +- .../v2/ciliumlocalredirectpolicies.yaml | 2 +- .../cilium.io/v2/ciliumnetworkpolicies.yaml | 436 +- .../cilium/cilium.io/v2/ciliumnodes.yaml | 2 +- .../v2alpha1/ciliumbgppeeringpolicies.yaml | 2 +- .../cilium.io/v2alpha1/ciliumcidrgroups.yaml | 2 +- .../v2alpha1/ciliumendpointslices.yaml | 4 +- .../ciliuml2announcementpolicies.yaml | 2 +- .../v2alpha1/ciliumloadbalancerippools.yaml | 2 +- .../cilium.io/v2alpha1/ciliumpodippools.yaml | 2 +- .../postgresql.cnpg.io/v1/backups.yaml | 2 +- .../postgresql.cnpg.io/v1/clusters.yaml | 150 +- .../postgresql.cnpg.io/v1/poolers.yaml | 207 +- .../v1/scheduledbackups.yaml | 2 +- .../v1beta1/ccruntimes.yaml | 198 +- .../pkg.crossplane.io/v1beta1/locks.yaml | 26 +- .../v1beta1/cryostats.yaml | 313 +- .../v1beta2/cryostats.yaml | 799 +- .../druid.apache.org/v1alpha1/druids.yaml | 2037 +-- .../digitalis.io/v1/valssecrets.yaml | 23 +- .../digitalis.io/v1beta1/dbsecrets.yaml | 6 +- .../org.eclipse.che/v2/checlusters.yaml | 2 +- .../getambassador.io/v1/authservices.yaml | 8 +- .../getambassador.io/v1/consulresolvers.yaml | 10 +- .../getambassador.io/v1/devportals.yaml | 22 +- .../v1/kubernetesendpointresolvers.yaml | 10 +- .../v1/kubernetesserviceresolvers.yaml | 10 +- .../getambassador.io/v1/logservices.yaml | 8 +- .../getambassador.io/v1/mappings.yaml | 42 +- .../emissary/getambassador.io/v1/modules.yaml | 10 +- .../v1/ratelimitservices.yaml | 10 +- .../getambassador.io/v1/tcpmappings.yaml | 8 +- .../getambassador.io/v1/tlscontexts.yaml | 8 +- .../getambassador.io/v1/tracingservices.yaml | 14 +- .../getambassador.io/v2/authservices.yaml | 8 +- .../getambassador.io/v2/consulresolvers.yaml | 10 +- .../getambassador.io/v2/devportals.yaml | 22 +- .../emissary/getambassador.io/v2/hosts.yaml | 34 +- .../v2/kubernetesendpointresolvers.yaml | 10 +- .../v2/kubernetesserviceresolvers.yaml | 10 +- .../getambassador.io/v2/logservices.yaml | 8 +- .../getambassador.io/v2/mappings.yaml | 42 +- .../emissary/getambassador.io/v2/modules.yaml | 10 +- .../v2/ratelimitservices.yaml | 10 +- .../getambassador.io/v2/tcpmappings.yaml | 8 +- .../getambassador.io/v2/tlscontexts.yaml | 8 +- .../getambassador.io/v2/tracingservices.yaml | 14 +- .../v3alpha1/authservices.yaml | 14 +- .../v3alpha1/consulresolvers.yaml | 10 +- .../getambassador.io/v3alpha1/devportals.yaml | 22 +- .../getambassador.io/v3alpha1/hosts.yaml | 42 +- .../v3alpha1/kubernetesendpointresolvers.yaml | 10 +- .../v3alpha1/kubernetesserviceresolvers.yaml | 10 +- .../getambassador.io/v3alpha1/listeners.yaml | 30 +- .../v3alpha1/logservices.yaml | 8 +- .../getambassador.io/v3alpha1/mappings.yaml | 48 +- .../getambassador.io/v3alpha1/modules.yaml | 10 +- .../v3alpha1/ratelimitservices.yaml | 16 +- .../v3alpha1/tcpmappings.yaml | 14 +- .../v3alpha1/tlscontexts.yaml | 8 +- .../v3alpha1/tracingservices.yaml | 16 +- .../apps.emqx.io/v1beta3/emqxbrokers.yaml | 2 +- .../apps.emqx.io/v1beta3/emqxenterprises.yaml | 2 +- .../apps.emqx.io/v1beta3/emqxplugins.yaml | 2 +- .../apps.emqx.io/v1beta4/emqxbrokers.yaml | 2 +- .../apps.emqx.io/v1beta4/emqxenterprises.yaml | 2 +- .../apps.emqx.io/v1beta4/emqxplugins.yaml | 2 +- .../apps.emqx.io/v1beta4/rebalances.yaml | 2 +- .../apps.emqx.io/v2alpha1/emqxes.yaml | 2 +- .../apps.emqx.io/v2beta1/emqxes.yaml | 28 +- .../apps.emqx.io/v2beta1/rebalances.yaml | 2 +- .../v1alpha1/clustersecretstores.yaml | 502 +- .../v1alpha1/externalsecrets.yaml | 42 +- .../v1alpha1/secretstores.yaml | 502 +- .../v1beta1/clusterexternalsecrets.yaml | 110 +- .../v1beta1/clustersecretstores.yaml | 1204 +- .../v1beta1/externalsecrets.yaml | 105 +- .../v1beta1/secretstores.yaml | 1204 +- .../v1alpha2/clusterfilters.yaml | 4 + .../v1alpha2/clusterfluentbitconfigs.yaml | 3 +- .../v1alpha2/clusterinputs.yaml | 6 + .../v1alpha2/clusteroutputs.yaml | 25 +- .../fluentbit.fluent.io/v1alpha2/filters.yaml | 4 + .../v1alpha2/fluentbitconfigs.yaml | 3 +- .../v1alpha2/fluentbits.yaml | 18 + .../fluentbit.fluent.io/v1alpha2/outputs.yaml | 25 +- .../v1alpha1/clusteroutputs.yaml | 14 + .../fluentd.fluent.io/v1alpha1/fluentds.yaml | 52 + .../fluentd.fluent.io/v1alpha1/outputs.yaml | 14 + .../flagger/flagger.app/v1beta1/canaries.yaml | 12 +- .../flagger.app/v1beta1/metrictemplates.yaml | 1 + .../v2/helmreleases.yaml | 6 + .../v1/kustomizations.yaml | 36 + .../v1/receivers.yaml | 3 + .../v1beta3/alerts.yaml | 2 +- .../v1/gitrepositories.yaml | 3 +- .../apps.gitlab.com/v1beta1/gitlabs.yaml | 26 +- .../apps.gitlab.com/v1beta2/runners.yaml | 22 + .../v1beta1/grafanadashboards.yaml | 33 +- .../v1beta1/grafanadatasources.yaml | 74 +- .../v1beta1/grafanafolders.yaml | 25 +- .../v1beta1/grafanas.yaml | 217 +- .../loki/loki.grafana.com/v1/lokistacks.yaml | 62 +- .../loki.grafana.com/v1beta1/lokistacks.yaml | 4 +- .../v1alpha1/tempomonolithics.yaml | 29 +- .../v1alpha1/tempostacks.yaml | 77 +- .../v2/teleportprovisiontokens.yaml | 53 + .../v2/teleportusers.yaml | 9 + .../v5/teleportroles.yaml | 75 +- .../v6/teleportroles.yaml | 75 +- .../app.terraform.io/v1alpha2/agentpools.yaml | 219 +- .../app.terraform.io/v1alpha2/modules.yaml | 6 +- .../app.terraform.io/v1alpha2/workspaces.yaml | 39 +- .../v1beta1/vaultpkisecrets.yaml | 2 +- .../v1beta1/vaultstaticsecrets.yaml | 2 +- .../v1alpha1/sopssecrets.yaml | 2 +- .../v1alpha2/sopssecrets.yaml | 2 +- .../v1alpha3/sopssecrets.yaml | 2 +- .../k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml | 2 +- .../v1beta1/cassandradatacenters.yaml | 634 +- .../v1alpha1/cassandratasks.yaml | 8 +- .../k8up-io/k8up/k8up.io/v1/backups.yaml | 34 + .../k8up-io/k8up/k8up.io/v1/schedules.yaml | 34 + .../v1alpha1/cronfederatedhpas.yaml | 4 +- .../v1alpha1/federatedhpas.yaml | 2 +- .../resourceinterpretercustomizations.yaml | 16 +- ...ourceinterpreterwebhookconfigurations.yaml | 10 +- .../v1alpha1/multiclusteringresses.yaml | 10 +- .../v1alpha1/multiclusterservices.yaml | 14 +- .../v1alpha1/clusteroverridepolicies.yaml | 14 +- .../v1alpha1/clusterpropagationpolicies.yaml | 53 +- .../v1alpha1/federatedresourcequotas.yaml | 2 +- .../v1alpha1/overridepolicies.yaml | 14 +- .../v1alpha1/propagationpolicies.yaml | 53 +- .../v1alpha1/clusterresourcebindings.yaml | 6 +- .../v1alpha1/resourcebindings.yaml | 6 +- .../work.karmada.io/v1alpha1/works.yaml | 6 +- .../v1alpha2/clusterresourcebindings.yaml | 65 +- .../v1alpha2/resourcebindings.yaml | 65 +- .../clustertriggerauthentications.yaml | 2 + .../keda/keda.sh/v1alpha1/scaledobjects.yaml | 8 + .../v1alpha1/triggerauthentications.yaml | 2 + .../kiali.io/v1alpha1/kialis.yaml | 73 +- .../sonataflow.org/v1alpha08/sonataflows.yaml | 3 + .../kube-green.com/v1alpha1/sleepinfos.yaml | 10 +- .../v1alpha1/eventtailers.yaml | 7 +- .../v1alpha1/hosttailers.yaml | 6 +- .../v1alpha1/clusterflows.yaml | 207 +- .../v1alpha1/clusteroutputs.yaml | 357 +- .../v1alpha1/flows.yaml | 207 +- .../v1alpha1/loggings.yaml | 2 +- .../v1alpha1/outputs.yaml | 353 +- .../v1beta1/clusterflows.yaml | 207 +- .../v1beta1/clusteroutputs.yaml | 357 +- .../logging.banzaicloud.io/v1beta1/flows.yaml | 207 +- .../v1beta1/fluentbitagents.yaml | 12 +- .../v1beta1/loggings.yaml | 459 +- .../v1beta1/nodeagents.yaml | 10 +- .../v1beta1/outputs.yaml | 353 +- .../v1beta1/syslogngclusterflows.yaml | 2 +- .../v1beta1/syslogngclusteroutputs.yaml | 6 +- .../v1beta1/syslogngflows.yaml | 2 +- .../v1beta1/syslogngoutputs.yaml | 2 +- .../v1alpha1/edgeapplications.yaml | 344 +- .../apps.kubeedge.io/v1alpha1/nodegroups.yaml | 12 +- .../v1alpha2/devicemodels.yaml | 14 +- .../devices.kubeedge.io/v1alpha2/devices.yaml | 73 +- .../v1beta1/devicemodels.yaml | 16 +- .../devices.kubeedge.io/v1beta1/devices.yaml | 44 +- .../v1alpha1/nodeupgradejobs.yaml | 53 +- .../v1alpha1/serviceaccountaccesses.yaml | 107 +- .../v1alpha1/clusterobjectsyncs.yaml | 22 +- .../v1alpha1/objectsyncs.yaml | 22 +- .../v1beta1/volumegroupsnapshotclasses.yaml | 64 + .../v1beta1/volumegroupsnapshotcontents.yaml | 195 + .../v1beta1/volumegroupsnapshots.yaml | 148 + .../v1alpha1/targetgroupbindings.yaml | 15 +- .../v1beta1/ingressclassparams.yaml | 10 + .../v1beta1/targetgroupbindings.yaml | 16 +- .../v1alpha1/bootstrapproviders.yaml | 84 +- .../v1alpha1/controlplaneproviders.yaml | 84 +- .../v1alpha1/coreproviders.yaml | 84 +- .../v1alpha1/infrastructureproviders.yaml | 84 +- .../v1alpha2/addonproviders.yaml | 154 +- .../v1alpha2/bootstrapproviders.yaml | 154 +- .../v1alpha2/controlplaneproviders.yaml | 154 +- .../v1alpha2/coreproviders.yaml | 154 +- .../v1alpha2/infrastructureproviders.yaml | 154 +- .../v1beta1/ibmpowervsclusters.yaml | 2 +- .../v1beta1/ibmpowervsclustertemplates.yaml | 4 +- .../v1beta1/ibmpowervsimages.yaml | 10 +- .../v1beta1/ibmpowervsmachines.yaml | 16 +- .../v1beta1/ibmpowervsmachinetemplates.yaml | 4 +- .../v1beta1/ibmvpcclusters.yaml | 10 +- .../v1beta1/ibmvpcmachines.yaml | 6 +- .../v1beta1/ibmvpcmachinetemplates.yaml | 6 +- .../v1beta2/ibmpowervsclusters.yaml | 10 +- .../v1beta2/ibmpowervsclustertemplates.yaml | 4 +- .../v1beta2/ibmpowervsimages.yaml | 10 +- .../v1beta2/ibmpowervsmachines.yaml | 16 +- .../v1beta2/ibmpowervsmachinetemplates.yaml | 4 +- .../v1beta2/ibmvpcclusters.yaml | 10 +- .../v1beta2/ibmvpcmachines.yaml | 14 +- .../v1beta2/ibmvpcmachinetemplates.yaml | 6 +- .../v1alpha1/kubevirtclusters.yaml | 18 +- .../v1alpha1/kubevirtclustertemplates.yaml | 10 +- .../v1alpha1/kubevirtmachines.yaml | 102 +- .../v1alpha1/kubevirtmachinetemplates.yaml | 90 +- .../v1alpha3/vsphereclusteridentities.yaml | 2 +- .../v1alpha3/vsphereclusters.yaml | 2 +- .../v1alpha3/vspheredeploymentzones.yaml | 2 +- .../v1alpha3/vspherefailuredomains.yaml | 2 +- .../v1alpha3/vspheremachines.yaml | 2 +- .../v1alpha3/vspheremachinetemplates.yaml | 2 +- .../v1alpha3/vspherevms.yaml | 2 +- .../v1alpha4/vsphereclusteridentities.yaml | 2 +- .../v1alpha4/vsphereclusters.yaml | 2 +- .../v1alpha4/vsphereclustertemplates.yaml | 2 +- .../v1alpha4/vspheredeploymentzones.yaml | 2 +- .../v1alpha4/vspherefailuredomains.yaml | 2 +- .../v1alpha4/vspheremachines.yaml | 2 +- .../v1alpha4/vspheremachinetemplates.yaml | 2 +- .../v1alpha4/vspherevms.yaml | 2 +- .../v1beta1/vsphereclusteridentities.yaml | 8 +- .../v1beta1/vsphereclusters.yaml | 8 +- .../v1beta1/vsphereclustertemplates.yaml | 2 +- .../v1beta1/vspheredeploymentzones.yaml | 8 +- .../v1beta1/vspherefailuredomains.yaml | 115 +- .../v1beta1/vspheremachines.yaml | 59 +- .../v1beta1/vspheremachinetemplates.yaml | 51 +- .../v1beta1/vspherevms.yaml | 48 +- .../v1alpha3/clusterresourcesetbindings.yaml | 2 +- .../v1alpha3/clusterresourcesets.yaml | 10 +- .../v1alpha4/clusterresourcesetbindings.yaml | 2 +- .../v1alpha4/clusterresourcesets.yaml | 10 +- .../v1beta1/clusterresourcesetbindings.yaml | 2 +- .../v1beta1/clusterresourcesets.yaml | 12 +- .../cluster.x-k8s.io/v1alpha3/clusters.yaml | 22 +- .../v1alpha3/machinedeployments.yaml | 40 +- .../v1alpha3/machinehealthchecks.yaml | 25 +- .../v1alpha3/machinepools.yaml | 32 +- .../cluster.x-k8s.io/v1alpha3/machines.yaml | 12 +- .../v1alpha3/machinesets.yaml | 17 +- .../v1alpha4/clusterclasses.yaml | 8 +- .../cluster.x-k8s.io/v1alpha4/clusters.yaml | 32 +- .../v1alpha4/machinedeployments.yaml | 44 +- .../v1alpha4/machinehealthchecks.yaml | 27 +- .../v1alpha4/machinepools.yaml | 22 +- .../cluster.x-k8s.io/v1alpha4/machines.yaml | 12 +- .../v1alpha4/machinesets.yaml | 21 +- .../v1beta1/clusterclasses.yaml | 48 +- .../cluster.x-k8s.io/v1beta1/clusters.yaml | 66 +- .../v1beta1/machinedeployments.yaml | 52 +- .../v1beta1/machinehealthchecks.yaml | 25 +- .../v1beta1/machinepools.yaml | 24 +- .../cluster.x-k8s.io/v1beta1/machines.yaml | 14 +- .../cluster.x-k8s.io/v1beta1/machinesets.yaml | 32 +- .../v1alpha1/ipaddressclaims.yaml | 8 +- .../v1alpha1/ipaddresses.yaml | 2 +- .../v1beta1/ipaddressclaims.yaml | 8 +- .../v1beta1/ipaddresses.yaml | 2 +- .../v1alpha1/extensionconfigs.yaml | 64 +- .../v1/gatewayclasses.yaml | 2 +- .../v1/gateways.yaml | 13 +- .../v1/grpcroutes.yaml | 44 +- .../v1/httproutes.yaml | 42 +- .../v1alpha2/backendlbpolicies.yaml | 4 +- .../v1alpha2/tcproutes.yaml | 12 +- .../v1alpha2/tlsroutes.yaml | 12 +- .../v1alpha2/udproutes.yaml | 12 +- .../v1alpha3/backendtlspolicies.yaml | 15 +- .../v1beta1/gatewayclasses.yaml | 2 +- .../v1beta1/gateways.yaml | 13 +- .../v1beta1/httproutes.yaml | 42 +- .../v1beta1/referencegrants.yaml | 2 +- .../jobset.x-k8s.io/v1alpha2/jobsets.yaml | 237 +- .../kmm.sigs.x-k8s.io/v1beta1/modules.yaml | 59 +- .../v1beta1/nodemodulesconfigs.yaml | 48 +- .../kueue.x-k8s.io/v1alpha1/cohorts.yaml | 14 +- .../v1beta1/admissionchecks.yaml | 2 +- .../kueue.x-k8s.io/v1beta1/clusterqueues.yaml | 10 +- .../kueue.x-k8s.io/v1beta1/localqueues.yaml | 2 +- .../v1beta1/multikueueclusters.yaml | 13 +- .../v1beta1/multikueueconfigs.yaml | 2 +- .../v1beta1/provisioningrequestconfigs.yaml | 2 +- .../v1beta1/resourceflavors.yaml | 6 +- .../v1beta1/workloadpriorityclasses.yaml | 2 +- .../kueue.x-k8s.io/v1beta1/workloads.yaml | 216 +- .../v1alpha1/serviceexports.yaml | 14 + .../v1alpha1/serviceimports.yaml | 2 +- .../v1alpha1/adminnetworkpolicies.yaml | 64 +- .../baselineadminnetworkpolicies.yaml | 60 +- .../v1alpha1/apparmorprofiles.yaml | 82 +- .../v1alpha1/profilebindings.yaml | 2 +- .../v1alpha1/profilerecordings.yaml | 4 +- .../v1alpha1/securityprofilenodestatuses.yaml | 4 +- .../securityprofilesoperatordaemons.yaml | 64 +- .../v1alpha2/rawselinuxprofiles.yaml | 4 +- .../v1alpha2/selinuxprofiles.yaml | 4 +- .../v1beta1/seccompprofiles.yaml | 4 +- .../multicluster.x-k8s.io/v1alpha1/works.yaml | 9 +- .../v1/verticalpodautoscalercheckpoints.yaml | 10 +- .../v1/verticalpodautoscalers.yaml | 66 +- .../verticalpodautoscalercheckpoints.yaml | 12 +- .../v1beta2/verticalpodautoscalers.yaml | 52 +- .../v1beta1/migrations.yaml | 25 + .../forklift.konveyor.io/v1beta1/plans.yaml | 46 + .../kuma.io/v1alpha1/circuitbreakers.yaml | 2 +- .../kuma.io/v1alpha1/containerpatches.yaml | 2 +- .../kuma.io/v1alpha1/dataplaneinsights.yaml | 2 +- .../kuma/kuma.io/v1alpha1/dataplanes.yaml | 4 +- .../kuma.io/v1alpha1/externalservices.yaml | 2 +- .../kuma.io/v1alpha1/faultinjections.yaml | 2 +- .../kuma/kuma.io/v1alpha1/healthchecks.yaml | 2 +- .../kuma/kuma.io/v1alpha1/meshaccesslogs.yaml | 178 +- .../kuma.io/v1alpha1/meshcircuitbreakers.yaml | 141 +- .../kumahq/kuma/kuma.io/v1alpha1/meshes.yaml | 4 +- .../kuma.io/v1alpha1/meshfaultinjections.yaml | 7 +- .../kuma.io/v1alpha1/meshgatewayconfigs.yaml | 2 +- .../v1alpha1/meshgatewayinstances.yaml | 3 +- .../kuma.io/v1alpha1/meshgatewayroutes.yaml | 2 +- .../kuma/kuma.io/v1alpha1/meshgateways.yaml | 4 +- .../kuma.io/v1alpha1/meshhealthchecks.yaml | 23 +- .../kuma/kuma.io/v1alpha1/meshhttproutes.yaml | 11 +- .../kuma/kuma.io/v1alpha1/meshinsights.yaml | 2 +- .../v1alpha1/meshloadbalancingstrategies.yaml | 8 +- .../kuma.io/v1alpha1/meshproxypatches.yaml | 7 +- .../kuma/kuma.io/v1alpha1/meshratelimits.yaml | 113 +- .../kuma/kuma.io/v1alpha1/meshretries.yaml | 18 +- .../kuma/kuma.io/v1alpha1/meshtcproutes.yaml | 11 +- .../kuma/kuma.io/v1alpha1/meshtimeouts.yaml | 42 +- .../kuma/kuma.io/v1alpha1/meshtraces.yaml | 14 +- .../v1alpha1/meshtrafficpermissions.yaml | 6 +- .../kuma/kuma.io/v1alpha1/proxytemplates.yaml | 2 +- .../kuma/kuma.io/v1alpha1/ratelimits.yaml | 2 +- .../kumahq/kuma/kuma.io/v1alpha1/retries.yaml | 2 +- .../kuma.io/v1alpha1/serviceinsights.yaml | 2 +- .../kuma/kuma.io/v1alpha1/timeouts.yaml | 2 +- .../kuma/kuma.io/v1alpha1/trafficlogs.yaml | 2 +- .../kuma.io/v1alpha1/trafficpermissions.yaml | 2 +- .../kuma/kuma.io/v1alpha1/trafficroutes.yaml | 2 +- .../kuma/kuma.io/v1alpha1/traffictraces.yaml | 2 +- .../kuma.io/v1alpha1/virtualoutbounds.yaml | 2 +- .../kuma/kuma.io/v1alpha1/zoneegresses.yaml | 4 +- .../kuma.io/v1alpha1/zoneegressinsights.yaml | 2 +- .../kuma/kuma.io/v1alpha1/zoneingresses.yaml | 4 +- .../kuma.io/v1alpha1/zoneingressinsights.yaml | 2 +- .../kuma/kuma.io/v1alpha1/zoneinsights.yaml | 2 +- .../kumahq/kuma/kuma.io/v1alpha1/zones.yaml | 2 +- .../v1alpha1/configurations.yaml | 6 + .../chainsaw.kyverno.io/v1alpha1/tests.yaml | 30 + .../v1alpha2/configurations.yaml | 6 + .../kyverno.io/v1/clusterpolicies.yaml | 20 +- .../kyverno/kyverno.io/v1/policies.yaml | 20 +- .../v2alpha1/globalcontextentries.yaml | 18 +- .../kyverno.io/v2beta1/clusterpolicies.yaml | 18 +- .../kyverno/kyverno.io/v2beta1/policies.yaml | 18 +- .../v1beta1/backingimagedatasources.yaml | 4 +- .../v1beta1/backingimagemanagers.yaml | 4 +- .../longhorn.io/v1beta1/backingimages.yaml | 4 +- .../longhorn/longhorn.io/v1beta1/backups.yaml | 4 +- .../longhorn.io/v1beta1/backuptargets.yaml | 4 +- .../longhorn.io/v1beta1/backupvolumes.yaml | 4 +- .../longhorn.io/v1beta1/engineimages.yaml | 4 +- .../longhorn/longhorn.io/v1beta1/engines.yaml | 4 +- .../longhorn.io/v1beta1/instancemanagers.yaml | 4 +- .../longhorn/longhorn.io/v1beta1/nodes.yaml | 4 +- .../longhorn.io/v1beta1/recurringjobs.yaml | 4 +- .../longhorn.io/v1beta1/replicas.yaml | 4 +- .../longhorn.io/v1beta1/settings.yaml | 4 +- .../longhorn.io/v1beta1/sharemanagers.yaml | 4 +- .../longhorn/longhorn.io/v1beta1/volumes.yaml | 4 +- .../v1beta2/backingimagedatasources.yaml | 4 +- .../v1beta2/backingimagemanagers.yaml | 4 +- .../longhorn.io/v1beta2/backingimages.yaml | 25 +- .../v1beta2/backupbackingimages.yaml | 14 +- .../longhorn/longhorn.io/v1beta2/backups.yaml | 11 +- .../longhorn.io/v1beta2/backuptargets.yaml | 4 +- .../longhorn.io/v1beta2/backupvolumes.yaml | 15 +- .../longhorn.io/v1beta2/engineimages.yaml | 4 +- .../longhorn/longhorn.io/v1beta2/engines.yaml | 4 +- .../longhorn.io/v1beta2/instancemanagers.yaml | 27 +- .../longhorn/longhorn.io/v1beta2/nodes.yaml | 4 +- .../longhorn/longhorn.io/v1beta2/orphans.yaml | 4 +- .../longhorn.io/v1beta2/recurringjobs.yaml | 11 +- .../longhorn.io/v1beta2/replicas.yaml | 7 +- .../longhorn.io/v1beta2/settings.yaml | 4 +- .../longhorn.io/v1beta2/sharemanagers.yaml | 4 +- .../longhorn.io/v1beta2/snapshots.yaml | 6 +- .../longhorn.io/v1beta2/supportbundles.yaml | 4 +- .../longhorn.io/v1beta2/systembackups.yaml | 4 +- .../longhorn.io/v1beta2/systemrestores.yaml | 4 +- .../v1beta2/volumeattachments.yaml | 4 +- .../longhorn/longhorn.io/v1beta2/volumes.yaml | 7 +- .../k8s.mariadb.com/v1alpha1/backups.yaml | 2 - .../k8s.mariadb.com/v1alpha1/connections.yaml | 10 +- .../k8s.mariadb.com/v1alpha1/mariadbs.yaml | 501 +- .../k8s.mariadb.com/v1alpha1/maxscales.yaml | 264 + .../k8s.mariadb.com/v1alpha1/restores.yaml | 2 - .../k8s.mariadb.com/v1alpha1/sqljobs.yaml | 14 + .../k8s.mariadb.com/v1alpha1/users.yaml | 16 + .../v1beta1/mattermosts.yaml | 7 + .../v1alpha1/selfnoderemediationconfigs.yaml | 5 + .../metal3.io/v1alpha1/baremetalhosts.yaml | 2 + .../operator/minio.min.io/v2/tenants.yaml | 57 +- .../sts.min.io/v1alpha1/policybindings.yaml | 4 +- .../sts.min.io/v1beta1/policybindings.yaml | 4 +- .../v1beta1/flowcollectors.yaml | 189 +- .../v1beta2/flowcollectors.yaml | 216 +- .../v1beta1/dosprotectedresources.yaml | 2 +- .../v1/dnsendpoints.yaml | 2 +- .../v1/globalconfigurations.yaml | 2 +- .../k8s.nginx.org/v1/policies.yaml | 21 +- .../k8s.nginx.org/v1/transportservers.yaml | 2 +- .../k8s.nginx.org/v1/virtualserverroutes.yaml | 2 +- .../k8s.nginx.org/v1/virtualservers.yaml | 2 +- .../v1alpha1/clientsettingspolicies.yaml | 2 +- .../v1alpha1/nginxgateways.yaml | 2 +- .../v1alpha1/nginxproxies.yaml | 27 +- .../v1alpha1/observabilitypolicies.yaml | 9 +- .../v1alpha2/observabilitypolicies.yaml | 260 + .../v1/clustermanagers.yaml | 20 + .../v1/klusterlets.yaml | 2 + .../v1alpha1/featureflagconfigurations.yaml | 12 +- .../v1alpha2/featureflagconfigurations.yaml | 17 +- .../v1alpha1/configs.yaml | 31 + .../v1beta1/constraintpodstatuses.yaml | 18 + .../constrainttemplatepodstatuses.yaml | 11 + .../v1alpha1/instrumentations.yaml | 2 +- .../v1alpha1/opampbridges.yaml | 4 +- .../v1alpha1/opentelemetrycollectors.yaml | 6 +- .../v1beta1/opentelemetrycollectors.yaml | 58 +- .../v1/clusterdeploymentcustomizations.yaml | 30 +- .../v1/clusterdeployments.yaml | 3 + .../hive.openshift.io/v1/clusterpools.yaml | 3 + .../hive.openshift.io/v1/machinepools.yaml | 10 +- .../v1/selectorsyncsets.yaml | 3 + .../hive/hive.openshift.io/v1/syncsets.yaml | 3 + .../v1alpha1/managednotifications.yaml | 2 + .../v1/sriovnetworknodepolicies.yaml | 3 + .../v1/sriovnetworknodestates.yaml | 24 + .../v1/sriovnetworkpoolconfigs.yaml | 6 + .../v1alpha1/databaseclusters.yaml | 2 +- .../pgv2.percona.com/v2/perconapgbackups.yaml | 3 +- .../v2/perconapgclusters.yaml | 172 +- .../v2/perconapgrestores.yaml | 2 +- .../v2/perconapgupgrades.yaml | 44 +- .../v1/perconaservermongodbbackups.yaml | 7 + .../v1/perconaservermongodbrestores.yaml | 7 + .../v1/perconaservermongodbs.yaml | 54 +- .../v1alpha1/perconaservermysqlbackups.yaml | 4 +- .../v1alpha1/perconaservermysqlrestores.yaml | 4 +- .../v1alpha1/perconaservermysqls.yaml | 19 +- .../v1/perconaxtradbclusterbackups.yaml | 11 + .../v1/perconaxtradbclusterrestores.yaml | 4 + .../v1/perconaxtradbclusters.yaml | 207 + .../v1beta2/appwrappers.yaml | 28 +- .../v1/bgpconfigurations.yaml | 31 +- .../crd.projectcalico.org/v1/bgpfilters.yaml | 13 +- .../crd.projectcalico.org/v1/bgppeers.yaml | 35 +- .../v1/blockaffinities.yaml | 16 +- .../v1/caliconodestatuses.yaml | 24 +- .../v1/clusterinformations.yaml | 14 +- .../v1/felixconfigurations.yaml | 312 +- .../v1/globalnetworkpolicies.yaml | 160 +- .../v1/globalnetworksets.yaml | 14 +- .../v1/hostendpoints.yaml | 18 +- .../crd.projectcalico.org/v1/ipamblocks.yaml | 24 +- .../crd.projectcalico.org/v1/ipamconfigs.yaml | 14 +- .../crd.projectcalico.org/v1/ipamhandles.yaml | 12 +- .../crd.projectcalico.org/v1/ippools.yaml | 34 +- .../v1/ipreservations.yaml | 12 +- .../v1/kubecontrollersconfigurations.yaml | 38 +- .../v1/networkpolicies.yaml | 158 +- .../crd.projectcalico.org/v1/networksets.yaml | 12 +- .../v1/stagedglobalnetworkpolicies.yaml | 478 + .../v1/stagedkubernetesnetworkpolicies.yaml | 310 + .../v1/stagednetworkpolicies.yaml | 466 + .../crd.projectcalico.org/v1/tiers.yaml | 17 +- .../projectcontour.io/v1/httpproxies.yaml | 12 +- .../v1/tlscertificatedelegations.yaml | 2 +- .../v1alpha1/contourconfigurations.yaml | 8 +- .../v1alpha1/contourdeployments.yaml | 44 +- .../v1alpha1/extensionservices.yaml | 2 +- .../v1/alertmanagers.yaml | 162 +- .../monitoring.coreos.com/v1/podmonitors.yaml | 32 +- .../monitoring.coreos.com/v1/probes.yaml | 16 +- .../v1/prometheuses.yaml | 264 +- .../v1/prometheusrules.yaml | 7 +- .../v1/servicemonitors.yaml | 22 +- .../v1/thanosrulers.yaml | 178 +- .../v1alpha1/alertmanagerconfigs.yaml | 38 +- .../v1alpha1/prometheusagents.yaml | 233 +- .../v1alpha1/scrapeconfigs.yaml | 760 +- .../v1beta1/alertmanagerconfigs.yaml | 38 +- .../v1beta2/pulpbackups.yaml | 22 +- .../v1beta2/pulprestores.yaml | 6 +- .../v1beta2/pulps.yaml | 269 +- .../upgrade.cattle.io/v1/plans.yaml | 22 + .../kuberay/ray.io/v1/rayclusters.yaml | 141 + .../kuberay/ray.io/v1/rayjobs.yaml | 153 + .../kuberay/ray.io/v1/rayservices.yaml | 199 +- .../rook/ceph.rook.io/v1/cephblockpools.yaml | 3 + .../rook/ceph.rook.io/v1/cephclusters.yaml | 30 +- .../rook/ceph.rook.io/v1/cephfilesystems.yaml | 22 +- .../rook/rook/ceph.rook.io/v1/cephnfses.yaml | 8 +- .../ceph.rook.io/v1/cephobjectstores.yaml | 90 +- .../v1/scyllaclusters.yaml | 789 +- .../v1alpha1/nodeconfigs.yaml | 222 +- .../v1alpha1/scyllaoperatorconfigs.yaml | 64 +- .../v1alpha1/shipwrightbuilds.yaml | 24 +- .../v1/authconfigs.yaml | 30 + .../gloo/gateway.solo.io/v1/gateways.yaml | 303 + .../gloo/gateway.solo.io/v1/httpgateways.yaml | 32 + .../gloo/gateway.solo.io/v1/routeoptions.yaml | 92 + .../gloo/gateway.solo.io/v1/routetables.yaml | 196 + .../v1/virtualhostoptions.yaml | 90 + .../gateway.solo.io/v1/virtualservices.yaml | 284 + .../solo-io/gloo/gloo.solo.io/v1/proxies.yaml | 5 + .../gloo/gloo.solo.io/v1/settings.yaml | 2 + .../gloo/gloo.solo.io/v1/upstreamgroups.yaml | 98 + .../gloo/gloo.solo.io/v1/upstreams.yaml | 52 + .../v1beta1/graphqlapis.yaml | 3 + .../v1alpha1/airflowclusters.yaml | 40 +- .../v1alpha1/druidclusters.yaml | 44 +- .../v1alpha1/hbaseclusters.yaml | 258 +- .../v1alpha1/hdfsclusters.yaml | 184 +- .../v1alpha1/hiveclusters.yaml | 56 +- .../v1alpha1/kafkaclusters.yaml | 68 +- .../v1alpha1/nificlusters.yaml | 66 +- .../v1alpha1/opaclusters.yaml | 10 +- .../v1alpha1/secretclasses.yaml | 22 + .../v1alpha1/sparkapplications.yaml | 18 +- .../v1alpha1/sparkhistoryservers.yaml | 14 +- .../v1alpha1/supersetclusters.yaml | 41 +- .../v1alpha1/trinoclusters.yaml | 124 +- .../v1alpha1/zookeeperclusters.yaml | 64 +- .../v1beta2/kafkabridges.yaml | 20 + .../v1beta2/kafkaconnects.yaml | 42 +- .../v1beta2/kafkamirrormaker2s.yaml | 40 + .../v1beta2/kafkamirrormakers.yaml | 20 + .../v1beta2/kafkanodepools.yaml | 21 + .../v1beta2/kafkarebalances.yaml | 19 +- .../kafka.strimzi.io/v1beta2/kafkas.yaml | 123 + .../submariner.io/v1alpha1/brokers.yaml | 6 +- .../v1alpha1/servicediscoveries.yaml | 18 +- .../submariner.io/v1alpha1/submariners.yaml | 146 +- .../operator.tigera.io/v1/apiservers.yaml | 62 +- .../v1/applicationlayers.yaml | 12 +- .../v1/authentications.yaml | 14 +- .../operator.tigera.io/v1/compliances.yaml | 36 +- .../operator.tigera.io/v1/egressgateways.yaml | 40 +- .../operator.tigera.io/v1/imagesets.yaml | 4 +- .../operator.tigera.io/v1/installations.yaml | 324 +- .../v1/intrusiondetections.yaml | 18 +- .../operator.tigera.io/v1/logcollectors.yaml | 18 +- .../operator.tigera.io/v1/logstorages.yaml | 160 +- .../v1/managementclusterconnections.yaml | 12 +- .../v1/managementclusters.yaml | 2 +- .../operator.tigera.io/v1/managers.yaml | 12 +- .../operator.tigera.io/v1/monitors.yaml | 17 +- .../v1/policyrecommendations.yaml | 8 +- .../operator.tigera.io/v1/tenants.yaml | 31 +- .../operator.tigera.io/v1/tigerastatuses.yaml | 2 +- .../v1/tlspassthroughroutes.yaml | 2 +- .../v1/tlsterminatedroutes.yaml | 9 +- .../v1beta1/tinkerbellmachines.yaml | 4 +- .../v1beta1/tinkerbellmachinetemplates.yaml | 4 +- .../bmc.tinkerbell.org/v1alpha1/machines.yaml | 3 + .../tinkerbell.org/v1alpha1/hardware.yaml | 3 + .../traefik.io/v1alpha1/ingressroutes.yaml | 38 +- .../traefik.io/v1alpha1/ingressroutetcps.yaml | 18 +- .../traefik.io/v1alpha1/ingressrouteudps.yaml | 2 +- .../traefik.io/v1alpha1/middlewares.yaml | 80 +- .../traefik.io/v1alpha1/middlewaretcps.yaml | 6 +- .../v1alpha1/serverstransports.yaml | 2 +- .../v1alpha1/serverstransporttcps.yaml | 2 +- .../traefik.io/v1alpha1/tlsoptions.yaml | 8 +- .../traefik.io/v1alpha1/tlsstores.yaml | 2 +- .../traefik.io/v1alpha1/traefikservices.yaml | 10 +- .../velero.io/v1/backuprepositories.yaml | 29 +- .../velero/velero.io/v1/backups.yaml | 4 +- .../velero.io/v1/backupstoragelocations.yaml | 8 +- .../velero.io/v1/deletebackuprequests.yaml | 2 +- .../velero/velero.io/v1/downloadrequests.yaml | 2 +- .../velero/velero.io/v1/podvolumebackups.yaml | 4 +- .../velero.io/v1/podvolumerestores.yaml | 4 +- .../velero/velero.io/v1/restores.yaml | 2 +- .../velero/velero.io/v1/schedules.yaml | 4 +- .../velero.io/v1/serverstatusrequests.yaml | 2 +- .../velero.io/v1/volumesnapshotlocations.yaml | 4 +- .../velero.io/v2alpha1/datadownloads.yaml | 17 +- .../velero.io/v2alpha1/datauploads.yaml | 17 +- .../batch.volcano.sh/v1alpha1/jobs.yaml | 54 + .../flow.volcano.sh/v1alpha1/jobflows.yaml | 8 + .../v1alpha1/jobtemplates.yaml | 54 + .../v1alpha1/numatopologies.yaml | 3 + .../v1alpha1/terraforms.yaml | 209 +- .../v1alpha2/terraforms.yaml | 224 +- .../v1/operatorconfigurations.yaml | 6 +- .../acid.zalan.do/v1/postgresqls.yaml | 10 +- .../src/acme_cert_manager_io/v1/challenges.rs | 6 +- .../v1alpha1/certificateauthorities.rs | 36 +- .../certificateauthorityactivations.rs | 2 +- .../v1alpha1/certificates.rs | 2 +- .../v1alpha3/clusterresourcesets.rs | 4 +- .../v1alpha4/clusterresourcesets.rs | 4 +- .../v1beta1/clusterresourcesets.rs | 4 +- .../v1alpha1/awsiamconfigs.rs | 3 +- .../v1alpha1/bundles.rs | 91 + .../v1alpha1/cloudstackdatacenterconfigs.rs | 33 +- .../v1alpha1/cloudstackmachineconfigs.rs | 45 +- .../v1alpha1/clusters.rs | 109 +- .../v1alpha1/controlplaneupgrades.rs | 29 +- .../v1alpha1/machinedeploymentupgrades.rs | 23 +- .../v1alpha1/nodeupgrades.rs | 35 +- .../v1alpha1/nutanixdatacenterconfigs.rs | 35 +- .../v1alpha1/nutanixmachineconfigs.rs | 98 +- .../v1alpha1/snowmachineconfigs.rs | 67 +- .../v1alpha1/tinkerbelldatacenterconfigs.rs | 23 +- .../v1alpha1/tinkerbellmachineconfigs.rs | 47 +- .../v1alpha1/vspheredatacenterconfigs.rs | 24 +- .../v1alpha1/vspheremachineconfigs.rs | 45 +- .../src/api_clever_cloud_com/mod.rs | 1 + .../src/api_clever_cloud_com/v1/mysqls.rs | 2 + .../api_clever_cloud_com/v1/postgresqls.rs | 18 +- .../src/api_clever_cloud_com/v1/redis.rs | 2 + .../src/api_clever_cloud_com/v1alpha1/kvs.rs | 34 + .../src/api_clever_cloud_com/v1alpha1/mod.rs | 1 + .../v1alpha1/apis.rs | 63 +- .../v1alpha1/authorizers.rs | 54 +- .../v1alpha1/deployments.rs | 10 +- .../v1alpha1/routes.rs | 28 +- .../v1alpha1/stages.rs | 30 +- .../v1alpha1/vpclinks.rs | 11 +- .../v1/redisenterpriseclusters.rs | 35 + .../redisenterpriseactiveactivedatabases.rs | 9 +- .../v1alpha1/redisenterpriseclusters.rs | 25 + .../v1alpha1/redisenterprisedatabases.rs | 6 +- .../v1alpha1/redisenterpriseremoteclusters.rs | 6 + .../app_terraform_io/v1alpha2/agentpools.rs | 273 +- .../src/app_terraform_io/v1alpha2/modules.rs | 2 - .../app_terraform_io/v1alpha2/workspaces.rs | 41 +- .../v1alpha1/accesslogpolicies.rs | 36 +- .../v1alpha1/iamauthpolicies.rs | 34 +- .../v1alpha1/serviceexports.rs | 5 +- .../v1alpha1/serviceimports.rs | 40 +- .../v1alpha1/targetgrouppolicies.rs | 65 +- .../v1alpha1/vpcassociationpolicies.rs | 40 +- .../v1alpha1/scalabletargets.rs | 73 +- .../v1alpha1/scalingpolicies.rs | 78 +- .../src/apps_3scale_net/v1alpha1/apicasts.rs | 184 +- .../v1alpha1/apimanagerbackups.rs | 23 +- .../v1alpha1/apimanagerrestores.rs | 28 +- .../apps_3scale_net/v1alpha1/apimanagers.rs | 10944 ++++++++++--- .../src/apps_emqx_io/v2beta1/emqxes.rs | 8 + .../src/apps_gitlab_com/v1beta1/gitlabs.rs | 3 +- .../src/apps_gitlab_com/v1beta2/runners.rs | 23 + .../src/apps_kubeblocks_io/v1/clusters.rs | 13165 +++++++--------- .../v1/componentdefinitions.rs | 512 +- .../src/apps_kubeblocks_io/v1/components.rs | 2465 +-- .../v1alpha1/clusterdefinitions.rs | 5 + .../apps_kubeblocks_io/v1alpha1/clusters.rs | 30 + .../v1alpha1/componentdefinitions.rs | 22 +- .../apps_kubeblocks_io/v1alpha1/components.rs | 12 + .../src/argoproj_io/v1alpha1/applications.rs | 234 + .../src/argoproj_io/v1alpha1/appprojects.rs | 16 + .../src/argoproj_io/v1alpha1/argocds.rs | 11 +- .../src/argoproj_io/v1beta1/argocds.rs | 14 +- .../v1/aerospikeclusters.rs | 975 +- .../v1/verticalpodautoscalercheckpoints.rs | 3 +- .../v1/verticalpodautoscalers.rs | 145 +- .../verticalpodautoscalercheckpoints.rs | 3 +- .../v1beta2/verticalpodautoscalers.rs | 104 +- .../v1alpha1/cronfederatedhpas.rs | 1 - .../src/awx_ansible_com/v1beta1/awxs.rs | 6 + .../src/batch_volcano_sh/v1alpha1/jobs.rs | 50 +- .../src/camel_apache_org/v1/builds.rs | 98 +- .../v1alpha1/tenants.rs | 21 +- .../v1beta1/activedocs.rs | 38 +- .../v1beta1/applications.rs | 11 +- .../v1beta1/backends.rs | 30 +- .../v1beta1/custompolicydefinitions.rs | 7 +- .../v1beta1/developeraccounts.rs | 7 +- .../v1beta1/developerusers.rs | 11 +- .../v1beta1/openapis.rs | 51 +- .../v1beta1/products.rs | 122 +- .../v1beta1/proxyconfigpromotes.rs | 3 +- .../v1beta1/cassandradatacenters.rs | 777 +- .../src/ceph_rook_io/v1/cephblockpools.rs | 3 + .../src/ceph_rook_io/v1/cephfilesystems.rs | 38 +- .../src/ceph_rook_io/v1/cephnfses.rs | 16 +- .../src/ceph_rook_io/v1/cephobjectstores.rs | 100 +- .../src/cert_manager_io/v1/certificates.rs | 42 +- .../src/cert_manager_io/v1/clusterissuers.rs | 8 +- .../src/cert_manager_io/v1/issuers.rs | 8 +- .../v1alpha1/configurations.rs | 6 + .../src/chainsaw_kyverno_io/v1alpha1/tests.rs | 30 + .../v1alpha2/configurations.rs | 6 + .../src/chaos_mesh_org/v1alpha1/awschaos.rs | 10 +- .../src/chaos_mesh_org/v1alpha1/azurechaos.rs | 10 +- .../src/chaos_mesh_org/v1alpha1/blockchaos.rs | 48 +- .../src/chaos_mesh_org/v1alpha1/dnschaos.rs | 57 +- .../src/chaos_mesh_org/v1alpha1/gcpchaos.rs | 10 +- .../src/chaos_mesh_org/v1alpha1/httpchaos.rs | 72 +- .../src/chaos_mesh_org/v1alpha1/iochaos.rs | 70 +- .../src/chaos_mesh_org/v1alpha1/jvmchaos.rs | 67 +- .../chaos_mesh_org/v1alpha1/kernelchaos.rs | 81 +- .../chaos_mesh_org/v1alpha1/networkchaos.rs | 98 +- .../v1alpha1/physicalmachinechaos.rs | 113 +- .../src/chaos_mesh_org/v1alpha1/podchaos.rs | 59 +- .../chaos_mesh_org/v1alpha1/podhttpchaos.rs | 30 +- .../src/chaos_mesh_org/v1alpha1/podiochaos.rs | 5 +- .../v1alpha1/podnetworkchaos.rs | 19 +- .../src/chaos_mesh_org/v1alpha1/schedules.rs | 4056 +++-- .../chaos_mesh_org/v1alpha1/statuschecks.rs | 38 +- .../chaos_mesh_org/v1alpha1/stresschaos.rs | 76 +- .../src/chaos_mesh_org/v1alpha1/timechaos.rs | 54 +- .../chaos_mesh_org/v1alpha1/workflownodes.rs | 6486 ++++++-- .../src/chaos_mesh_org/v1alpha1/workflows.rs | 3234 +++- .../v2/ciliumclusterwidenetworkpolicies.rs | 420 +- .../v2/ciliumegressgatewaypolicies.rs | 45 + .../src/cilium_io/v2/ciliumendpoints.rs | 4 +- .../src/cilium_io/v2/ciliumnetworkpolicies.rs | 420 +- .../v2alpha1/ciliumendpointslices.rs | 2 +- .../v1alpha1/cachepolicies.rs | 2 +- .../v1alpha1/distributions.rs | 74 +- .../v1alpha1/functions.rs | 2 +- .../v1alpha1/originrequestpolicies.rs | 2 +- .../v1alpha1/responseheaderspolicies.rs | 2 +- .../v1alpha1/eventdatastores.rs | 117 +- .../v1alpha1/trails.rs | 29 +- .../v1alpha1/amazoncloudwatchagents.rs | 1296 ++ .../v1alpha1/metricalarms.rs | 36 +- .../v1alpha1/loggroups.rs | 2 +- .../src/cluster_x_k8s_io/v1alpha3/clusters.rs | 20 +- .../v1alpha3/machinedeployments.rs | 46 +- .../v1alpha3/machinehealthchecks.rs | 25 +- .../cluster_x_k8s_io/v1alpha3/machinepools.rs | 30 +- .../src/cluster_x_k8s_io/v1alpha3/machines.rs | 4 +- .../cluster_x_k8s_io/v1alpha3/machinesets.rs | 21 +- .../v1alpha4/clusterclasses.rs | 8 +- .../src/cluster_x_k8s_io/v1alpha4/clusters.rs | 32 +- .../v1alpha4/machinedeployments.rs | 48 +- .../v1alpha4/machinehealthchecks.rs | 28 +- .../cluster_x_k8s_io/v1alpha4/machinepools.rs | 16 +- .../src/cluster_x_k8s_io/v1alpha4/machines.rs | 4 +- .../cluster_x_k8s_io/v1alpha4/machinesets.rs | 19 +- .../v1beta1/clusterclasses.rs | 58 +- .../src/cluster_x_k8s_io/v1beta1/clusters.rs | 83 +- .../v1beta1/machinedeployments.rs | 84 +- .../v1beta1/machinehealthchecks.rs | 24 +- .../cluster_x_k8s_io/v1beta1/machinepools.rs | 24 +- .../src/cluster_x_k8s_io/v1beta1/machines.rs | 10 +- .../cluster_x_k8s_io/v1beta1/machinesets.rs | 56 +- .../v1beta1/ccruntimes.rs | 441 +- .../config_gatekeeper_sh/v1alpha1/configs.rs | 27 + .../resourceinterpretercustomizations.rs | 30 - ...esourceinterpreterwebhookconfigurations.rs | 44 +- .../v1alpha1/cassandratasks.rs | 1 - .../v1alpha1/featureflagconfigurations.rs | 41 +- .../v1alpha2/featureflagconfigurations.rs | 48 +- .../v1/bgpconfigurations.rs | 39 +- .../src/crd_projectcalico_org/v1/bgppeers.rs | 46 +- .../v1/blockaffinities.rs | 6 +- .../v1/caliconodestatuses.rs | 18 +- .../v1/clusterinformations.rs | 3 +- .../crd_projectcalico_org/v1/hostendpoints.rs | 31 +- .../crd_projectcalico_org/v1/ipamblocks.rs | 24 +- .../crd_projectcalico_org/v1/ipamconfigs.rs | 3 +- .../src/crd_projectcalico_org/v1/ippools.rs | 40 +- .../v1/kubecontrollersconfigurations.rs | 45 +- .../src/crd_projectcalico_org/v1/mod.rs | 3 + .../v1/stagedglobalnetworkpolicies.rs | 4 + .../v1/stagedkubernetesnetworkpolicies.rs | 401 + .../v1/stagednetworkpolicies.rs | 4 + .../src/crd_projectcalico_org/v1/tiers.rs | 10 +- .../datadoghq_com/v2alpha1/datadogagents.rs | 1365 +- .../v1alpha1/actionsets.rs | 24 + .../v1alpha1/backuppolicies.rs | 3 + .../v1alpha1/backups.rs | 23 + .../v1alpha1/backupschedules.rs | 16 + .../v1alpha1/restores.rs | 12 + .../v1alpha2/devicemodels.rs | 3 +- .../devices_kubeedge_io/v1alpha2/devices.rs | 106 +- .../v1beta1/devicemodels.rs | 6 +- .../devices_kubeedge_io/v1beta1/devices.rs | 79 +- .../src/digitalis_io/v1/valssecrets.rs | 14 +- .../v1alpha1/dbclusters.rs | 2 +- .../v1alpha1/dbinstances.rs | 2 +- .../v1alpha1/dbsubnetgroups.rs | 2 +- .../src/druid_apache_org/v1alpha1/druids.rs | 5966 +++++-- .../v1alpha1/backups.rs | 5 +- .../v1alpha1/globaltables.rs | 2 +- .../v1alpha1/tables.rs | 34 +- .../v1alpha1/dhcpoptions.rs | 5 +- .../v1alpha1/elasticipaddresses.rs | 16 +- .../v1alpha1/instances.rs | 169 +- .../v1alpha1/internetgateways.rs | 2 +- .../v1alpha1/natgateways.rs | 12 +- .../v1alpha1/routetables.rs | 4 +- .../v1alpha1/securitygroups.rs | 36 +- .../ec2_services_k8s_aws/v1alpha1/subnets.rs | 11 +- .../v1alpha1/transitgateways.rs | 2 +- .../v1alpha1/vpcendpoints.rs | 26 +- .../src/ec2_services_k8s_aws/v1alpha1/vpcs.rs | 2 +- .../v1alpha1/pullthroughcacherules.rs | 17 +- .../v1alpha1/repositories.rs | 5 +- .../v1alpha1/accesspoints.rs | 2 +- .../v1alpha1/filesystems.rs | 26 +- .../v1alpha1/mounttargets.rs | 2 +- .../eks_services_k8s_aws/v1alpha1/addons.rs | 4 +- .../eks_services_k8s_aws/v1alpha1/clusters.rs | 149 +- .../v1alpha1/fargateprofiles.rs | 4 +- .../v1alpha1/nodegroups.rs | 4 +- .../v1alpha1/cacheparametergroups.rs | 7 +- .../v1alpha1/cachesubnetgroups.rs | 11 +- .../v1alpha1/replicationgroups.rs | 295 +- .../v1alpha1/snapshots.rs | 124 +- .../v1alpha1/usergroups.rs | 10 +- .../v1alpha1/users.rs | 5 +- .../v1alpha1/targetgroupbindings.rs | 13 +- .../v1beta1/ingressclassparams.rs | 11 + .../v1beta1/targetgroupbindings.rs | 13 +- .../v1alpha1/jobruns.rs | 14 +- .../v1alpha1/virtualclusters.rs | 12 +- .../v1alpha1/databaseclusters.rs | 2 + .../v1alpha1/clustersecretstores.rs | 296 +- .../v1alpha1/externalsecrets.rs | 26 +- .../v1alpha1/secretstores.rs | 296 +- .../v1beta1/clusterexternalsecrets.rs | 128 +- .../v1beta1/clustersecretstores.rs | 780 +- .../v1beta1/externalsecrets.rs | 125 +- .../v1beta1/secretstores.rs | 780 +- .../src/flagger_app/v1beta1/canaries.rs | 10 +- .../flagger_app/v1beta1/metrictemplates.rs | 2 + .../v1beta1/flinkdeployments.rs | 8 + .../v1beta1/flinksessionjobs.rs | 6 + .../src/flow_volcano_sh/v1alpha1/jobflows.rs | 10 +- .../flow_volcano_sh/v1alpha1/jobtemplates.rs | 50 +- .../v1beta1/flowcollectors.rs | 249 +- .../v1beta2/flowcollectors.rs | 285 +- .../v1alpha2/clusterfilters.rs | 3 + .../v1alpha2/clusterfluentbitconfigs.rs | 2 +- .../v1alpha2/clusterinputs.rs | 7 + .../v1alpha2/clusteroutputs.rs | 21 +- .../fluentbit_fluent_io/v1alpha2/filters.rs | 3 + .../v1alpha2/fluentbitconfigs.rs | 2 +- .../v1alpha2/fluentbits.rs | 14 + .../fluentbit_fluent_io/v1alpha2/outputs.rs | 21 +- .../v1alpha1/clusteroutputs.rs | 12 + .../fluentd_fluent_io/v1alpha1/fluentds.rs | 65 + .../src/fluentd_fluent_io/v1alpha1/outputs.rs | 12 + .../v1beta1/migrations.rs | 53 + .../src/forklift_konveyor_io/v1beta1/plans.rs | 138 + .../gateway_networking_k8s_io/v1/gateways.rs | 162 +- .../v1/grpcroutes.rs | 67 +- .../v1/httproutes.rs | 67 +- .../v1alpha2/backendlbpolicies.rs | 2 + .../v1alpha2/tcproutes.rs | 14 +- .../v1alpha2/tlsroutes.rs | 14 +- .../v1alpha2/udproutes.rs | 14 +- .../v1alpha3/backendtlspolicies.rs | 18 +- .../v1beta1/gateways.rs | 162 +- .../v1beta1/httproutes.rs | 67 +- .../src/gateway_nginx_org/mod.rs | 1 + .../v1alpha1/nginxproxies.rs | 34 +- .../src/gateway_nginx_org/v1alpha2/mod.rs | 1 + .../v1alpha2/observabilitypolicies.rs | 308 + .../getambassador_io/v3alpha1/authservices.rs | 54 +- .../v3alpha1/consulresolvers.rs | 11 +- .../getambassador_io/v3alpha1/devportals.rs | 31 +- .../src/getambassador_io/v3alpha1/hosts.rs | 128 +- .../v3alpha1/kubernetesendpointresolvers.rs | 11 +- .../v3alpha1/kubernetesserviceresolvers.rs | 11 +- .../getambassador_io/v3alpha1/listeners.rs | 46 +- .../getambassador_io/v3alpha1/logservices.rs | 7 +- .../src/getambassador_io/v3alpha1/modules.rs | 7 +- .../v3alpha1/ratelimitservices.rs | 54 +- .../getambassador_io/v3alpha1/tcpmappings.rs | 54 +- .../getambassador_io/v3alpha1/tlscontexts.rs | 7 +- .../v3alpha1/tracingservices.rs | 28 +- .../v1beta1/grafanadashboards.rs | 32 +- .../v1beta1/grafanadatasources.rs | 23 +- .../v1beta1/grafanafolders.rs | 15 +- .../src/groupsnapshot_storage_k8s_io/mod.rs | 1 + .../v1beta1/mod.rs | 3 + .../v1beta1/volumegroupsnapshotclasses.rs | 11 + .../v1beta1/volumegroupsnapshotcontents.rs | 229 + .../v1beta1/volumegroupsnapshots.rs | 156 + .../helm_toolkit_fluxcd_io/v2/helmreleases.rs | 8 + .../v1/clusterdeployments.rs | 7 + .../src/hive_openshift_io/v1/clusterpools.rs | 7 + .../src/hive_openshift_io/v1/machinepools.rs | 18 +- .../iam_services_k8s_aws/v1alpha1/groups.rs | 2 +- .../v1alpha1/instanceprofiles.rs | 2 +- .../v1alpha1/openidconnectproviders.rs | 10 +- .../iam_services_k8s_aws/v1alpha1/policies.rs | 2 +- .../iam_services_k8s_aws/v1alpha1/roles.rs | 2 +- .../iam_services_k8s_aws/v1alpha1/users.rs | 2 +- .../v1alpha1/terraforms.rs | 344 +- .../v1alpha2/terraforms.rs | 358 +- .../v1alpha1/kubevirtclusters.rs | 6 +- .../v1alpha1/kubevirtclustertemplates.rs | 12 +- .../v1alpha1/kubevirtmachines.rs | 112 +- .../v1alpha1/kubevirtmachinetemplates.rs | 108 +- .../v1beta1/ibmpowervsclustertemplates.rs | 2 +- .../v1beta1/ibmpowervsmachines.rs | 6 - .../v1beta1/ibmpowervsmachinetemplates.rs | 2 - .../v1beta1/ibmvpcmachines.rs | 2 - .../v1beta1/ibmvpcmachinetemplates.rs | 2 - .../v1beta1/tinkerbellmachines.rs | 13 +- .../v1beta1/tinkerbellmachinetemplates.rs | 13 +- .../v1beta1/vspherefailuredomains.rs | 159 + .../v1beta1/vspheremachines.rs | 78 +- .../v1beta1/vspheremachinetemplates.rs | 76 +- .../v1beta1/vspherevms.rs | 50 +- .../v1beta2/ibmpowervsclustertemplates.rs | 2 +- .../v1beta2/ibmpowervsmachines.rs | 6 - .../v1beta2/ibmpowervsmachinetemplates.rs | 2 - .../v1beta2/ibmvpcmachines.rs | 2 - .../v1beta2/ibmvpcmachinetemplates.rs | 2 - .../v1beta1/mattermosts.rs | 14 + .../src/jobset_x_k8s_io/v1alpha2/jobsets.rs | 462 +- .../src/k8gb_absa_oss/v1beta1/gslbs.rs | 2 +- .../src/k8s_mariadb_com/v1alpha1/backups.rs | 8 +- .../k8s_mariadb_com/v1alpha1/connections.rs | 22 +- .../src/k8s_mariadb_com/v1alpha1/mariadbs.rs | 585 +- .../src/k8s_mariadb_com/v1alpha1/maxscales.rs | 304 + .../src/k8s_mariadb_com/v1alpha1/restores.rs | 8 +- .../src/k8s_mariadb_com/v1alpha1/sqljobs.rs | 24 + .../src/k8s_mariadb_com/v1alpha1/users.rs | 20 + .../src/k8s_nginx_org/v1/policies.rs | 21 + .../src/k8up_io/v1/backups.rs | 36 + .../src/k8up_io/v1/schedules.rs | 36 + .../v1alpha1/clusters.rs | 58 +- .../kafka_strimzi_io/v1beta2/kafkabridges.rs | 24 + .../kafka_strimzi_io/v1beta2/kafkaconnects.rs | 50 +- .../v1beta2/kafkamirrormakers.rs | 24 + .../v1beta2/kafkanodepools.rs | 24 + .../v1beta2/kafkarebalances.rs | 18 +- .../src/kafka_strimzi_io/v1beta2/kafkas.rs | 149 + .../karpenter_k8s_aws/v1/ec2nodeclasses.rs | 67 +- .../src/karpenter_sh/v1/nodepools.rs | 2 +- .../v1alpha1/clustertriggerauthentications.rs | 2 + .../src/keda_sh/v1alpha1/scaledobjects.rs | 15 + .../v1alpha1/triggerauthentications.rs | 2 + .../v1alpha1/keyspaces.rs | 2 +- .../v1alpha1/tables.rs | 2 +- .../v1alpha1/streams.rs | 2 +- .../src/kmm_sigs_x_k8s_io/v1beta1/modules.rs | 113 +- .../v1beta1/nodemodulesconfigs.rs | 74 +- .../kms_services_k8s_aws/v1alpha1/aliases.rs | 5 +- .../kms_services_k8s_aws/v1alpha1/grants.rs | 87 +- .../src/kms_services_k8s_aws/v1alpha1/keys.rs | 166 +- .../src/kuadrant_io/mod.rs | 1 + .../src/kuadrant_io/v1/authpolicies.rs | 7376 +++++++++ .../src/kuadrant_io/v1/mod.rs | 2 + .../src/kuadrant_io/v1/ratelimitpolicies.rs | 272 + .../src/kuadrant_io/v1alpha1/dnsrecords.rs | 4 + .../src/kuadrant_io/v1beta1/kuadrants.rs | 8 + .../src/kube_green_com/v1alpha1/sleepinfos.rs | 7 +- .../src/kueue_x_k8s_io/v1alpha1/cohorts.rs | 24 + .../kueue_x_k8s_io/v1beta1/clusterqueues.rs | 49 +- .../kueue_x_k8s_io/v1beta1/resourceflavors.rs | 2 + .../src/kueue_x_k8s_io/v1beta1/workloads.rs | 481 +- .../src/kuma_io/v1alpha1/meshaccesslogs.rs | 185 +- .../kuma_io/v1alpha1/meshcircuitbreakers.rs | 314 + .../kuma_io/v1alpha1/meshfaultinjections.rs | 3 + .../kuma_io/v1alpha1/meshgatewayinstances.rs | 1 + .../src/kuma_io/v1alpha1/meshhealthchecks.rs | 9 + .../src/kuma_io/v1alpha1/meshhttproutes.rs | 11 +- .../v1alpha1/meshloadbalancingstrategies.rs | 4 + .../src/kuma_io/v1alpha1/meshproxypatches.rs | 5 +- .../src/kuma_io/v1alpha1/meshratelimits.rs | 115 + .../src/kuma_io/v1alpha1/meshretries.rs | 6 + .../src/kuma_io/v1alpha1/meshtcproutes.rs | 10 +- .../src/kuma_io/v1alpha1/meshtimeouts.rs | 61 + .../src/kuma_io/v1alpha1/meshtraces.rs | 4 + .../v1alpha1/meshtrafficpermissions.rs | 2 + .../v1/kustomizations.rs | 48 + .../src/kyverno_io/v1/clusterpolicies.rs | 20 +- .../src/kyverno_io/v1/policies.rs | 20 +- .../v2alpha1/globalcontextentries.rs | 12 + .../src/kyverno_io/v2beta1/clusterpolicies.rs | 18 +- .../src/kyverno_io/v2beta1/policies.rs | 18 +- .../v1alpha1/codesigningconfigs.rs | 2 +- .../v1alpha1/eventsourcemappings.rs | 82 +- .../v1alpha1/functions.rs | 65 +- .../v1alpha1/functionurlconfigs.rs | 10 +- .../v1alpha1/layerversions.rs | 5 +- .../v1alpha1/versions.rs | 57 +- kube-custom-resources-rs/src/lib.rs | 18 + .../v1alpha1/clusterflows.rs | 218 - .../v1alpha1/clusteroutputs.rs | 358 +- .../logging_banzaicloud_io/v1alpha1/flows.rs | 218 - .../v1alpha1/outputs.rs | 356 +- .../v1beta1/clusterflows.rs | 218 - .../v1beta1/clusteroutputs.rs | 358 +- .../logging_banzaicloud_io/v1beta1/flows.rs | 218 - .../logging_banzaicloud_io/v1beta1/outputs.rs | 356 +- .../v1beta1/syslogngclusteroutputs.rs | 2 - .../v1alpha1/hosttailers.rs | 6 +- .../src/loki_grafana_com/v1/lokistacks.rs | 114 +- .../loki_grafana_com/v1beta1/lokistacks.rs | 4 +- .../src/longhorn_io/v1beta2/backingimages.rs | 36 + .../v1beta2/backupbackingimages.rs | 7 +- .../src/longhorn_io/v1beta2/backups.rs | 3 + .../src/longhorn_io/v1beta2/backupvolumes.rs | 6 + .../longhorn_io/v1beta2/instancemanagers.rs | 22 + .../src/longhorn_io/v1beta2/recurringjobs.rs | 6 +- .../src/longhorn_io/v1beta2/replicas.rs | 4 + .../src/longhorn_io/v1beta2/snapshots.rs | 1 - .../src/longhorn_io/v1beta2/volumes.rs | 3 + .../src/minio_min_io/v2/tenants.rs | 34 + .../monitoring_coreos_com/v1/alertmanagers.rs | 395 +- .../monitoring_coreos_com/v1/podmonitors.rs | 44 +- .../src/monitoring_coreos_com/v1/probes.rs | 20 + .../monitoring_coreos_com/v1/prometheuses.rs | 578 +- .../v1/prometheusrules.rs | 7 + .../v1/servicemonitors.rs | 37 + .../monitoring_coreos_com/v1/thanosrulers.rs | 538 +- .../v1alpha1/alertmanagerconfigs.rs | 84 +- .../v1alpha1/prometheusagents.rs | 532 +- .../v1alpha1/scrapeconfigs.rs | 3998 +++-- .../v1beta1/alertmanagerconfigs.rs | 84 +- .../mq_services_k8s_aws/v1alpha1/brokers.rs | 106 +- .../v1alpha1/serviceexports.rs | 18 + .../v1alpha1/firewallpolicies.rs | 2 +- .../v1alpha1/firewalls.rs | 30 +- .../v1alpha1/rulegroups.rs | 8 +- .../v1alpha1/multiclusteringresses.rs | 6 +- .../v1alpha1/multiclusterservices.rs | 11 +- .../v1/receivers.rs | 9 + .../v1beta3/alerts.rs | 1 + .../v1alpha1/managednotifications.rs | 2 + .../v1alpha1/domains.rs | 2 +- .../opentelemetry_io/v1alpha1/opampbridges.rs | 2 + .../v1alpha1/opentelemetrycollectors.rs | 4 + .../v1beta1/opentelemetrycollectors.rs | 40 + .../v1alpha1/nodeupgradejobs.rs | 77 +- .../v1alpha1/bootstrapproviders.rs | 90 +- .../v1alpha1/controlplaneproviders.rs | 90 +- .../v1alpha1/coreproviders.rs | 90 +- .../v1alpha1/infrastructureproviders.rs | 90 +- .../v1alpha2/addonproviders.rs | 177 +- .../v1alpha2/bootstrapproviders.rs | 177 +- .../v1alpha2/controlplaneproviders.rs | 177 +- .../v1alpha2/coreproviders.rs | 177 +- .../v1alpha2/infrastructureproviders.rs | 177 +- .../operator_cryostat_io/v1beta1/cryostats.rs | 422 +- .../operator_cryostat_io/v1beta2/cryostats.rs | 1232 +- .../v1/clustermanagers.rs | 23 + .../src/operator_tigera_io/v1/apiservers.rs | 73 +- .../v1/applicationlayers.rs | 10 + .../operator_tigera_io/v1/authentications.rs | 14 +- .../src/operator_tigera_io/v1/compliances.rs | 50 + .../operator_tigera_io/v1/egressgateways.rs | 37 +- .../src/operator_tigera_io/v1/imagesets.rs | 5 +- .../operator_tigera_io/v1/installations.rs | 414 +- .../v1/intrusiondetections.rs | 20 + .../operator_tigera_io/v1/logcollectors.rs | 20 + .../src/operator_tigera_io/v1/logstorages.rs | 208 + .../v1/managementclusterconnections.rs | 10 + .../src/operator_tigera_io/v1/managers.rs | 10 + .../src/operator_tigera_io/v1/monitors.rs | 17 +- .../v1/policyrecommendations.rs | 10 + .../src/operator_tigera_io/v1/tenants.rs | 39 +- .../v1/tlsterminatedroutes.rs | 10 +- .../v1beta1/vmalertmanagerconfigs.rs | 26 +- .../v1beta1/vmnodescrapes.rs | 24 +- .../v1beta1/vmpodscrapes.rs | 24 +- .../v1beta1/vmprobes.rs | 24 +- .../v1beta1/vmrules.rs | 22 +- .../v1beta1/vmscrapeconfigs.rs | 30 +- .../v1beta1/vmservicescrapes.rs | 24 +- .../v1beta1/vmstaticscrapes.rs | 24 +- .../v1beta1/vmusers.rs | 33 +- .../src/org_eclipse_che/v2/checlusters.rs | 2 +- .../v1alpha1/organizationalunits.rs | 7 +- .../pgv2_percona_com/v2/perconapgclusters.rs | 407 +- .../pgv2_percona_com/v2/perconapgupgrades.rs | 88 +- .../pipes_services_k8s_aws/v1alpha1/pipes.rs | 54 +- .../src/pkg_crossplane_io/v1beta1/locks.rs | 40 +- .../v1alpha1/clusteroverridepolicies.rs | 24 +- .../v1alpha1/clusterpropagationpolicies.rs | 151 +- .../v1alpha1/overridepolicies.rs | 24 +- .../v1alpha1/propagationpolicies.rs | 151 +- .../v1alpha1/serviceaccountaccesses.rs | 126 +- .../v1alpha1/adminnetworkpolicies.rs | 39 - .../v1alpha1/baselineadminnetworkpolicies.rs | 37 - .../src/postgresql_cnpg_io/v1/poolers.rs | 432 +- .../src/projectcontour_io/v1/httpproxies.rs | 12 +- .../v1alpha1/contourconfigurations.rs | 17 +- .../v1alpha1/contourdeployments.rs | 97 +- .../v1alpha1/alertmanagerdefinitions.rs | 8 +- .../v1alpha1/loggingconfigurations.rs | 11 +- .../v1alpha1/rulegroupsnamespaces.rs | 12 +- .../v1alpha1/workspaces.rs | 19 +- .../v1alpha1/perconaservermysqlbackups.rs | 2 + .../v1alpha1/perconaservermysqlrestores.rs | 2 + .../v1alpha1/perconaservermysqls.rs | 32 +- .../v1/perconaservermongodbbackups.rs | 7 + .../v1/perconaservermongodbrestores.rs | 7 + .../v1/perconaxtradbclusterbackups.rs | 8 + .../v1/perconaxtradbclusterrestores.rs | 4 + .../v1/perconaxtradbclusters.rs | 170 + .../src/ray_io/v1/rayclusters.rs | 130 + .../src/ray_io/v1/rayjobs.rs | 134 + .../src/ray_io/v1/rayservices.rs | 150 +- .../src/rc_app_stacks/v1/runtimecomponents.rs | 3 + .../v1alpha1/dbclusterparametergroups.rs | 20 +- .../v1alpha1/dbclusters.rs | 519 +- .../v1alpha1/dbinstances.rs | 951 +- .../v1alpha1/dbparametergroups.rs | 18 +- .../v1alpha1/dbproxies.rs | 20 +- .../v1alpha1/dbsubnetgroups.rs | 8 +- .../v1alpha1/globalclusters.rs | 78 +- .../v1alpha1/clusterobjectsyncs.rs | 12 +- .../v1alpha1/objectsyncs.rs | 12 +- .../v1beta2/pulpbackups.rs | 16 +- .../v1beta2/pulps.rs | 285 +- .../v2/teleportusers.rs | 9 + .../rocketmq_apache_org/v1alpha1/brokers.rs | 3 + .../v1alpha1/nameservices.rs | 3 + .../v1alpha1/hostedzones.rs | 2 +- .../v1alpha1/recordsets.rs | 24 +- .../v1alpha1/resolverendpoints.rs | 39 +- .../v1alpha1/resolverrules.rs | 9 +- .../v1alpha1/extensionconfigs.rs | 16 +- .../s3_services_k8s_aws/v1alpha1/buckets.rs | 211 +- .../v1alpha1/apps.rs | 5 - .../v1alpha1/dataqualityjobdefinitions.rs | 3 - .../v1alpha1/domains.rs | 24 +- .../v1alpha1/endpointconfigs.rs | 13 - .../v1alpha1/endpoints.rs | 23 - .../v1alpha1/featuregroups.rs | 49 +- .../v1alpha1/hyperparametertuningjobs.rs | 106 +- .../v1alpha1/modelbiasjobdefinitions.rs | 3 - .../modelexplainabilityjobdefinitions.rs | 3 - .../v1alpha1/modelpackagegroups.rs | 4 - .../v1alpha1/modelpackages.rs | 26 +- .../v1alpha1/modelqualityjobdefinitions.rs | 3 - .../v1alpha1/models.rs | 13 - .../v1alpha1/monitoringschedules.rs | 4 - .../notebookinstancelifecycleconfigs.rs | 11 - .../v1alpha1/notebookinstances.rs | 15 +- .../v1alpha1/processingjobs.rs | 10 - .../v1alpha1/trainingjobs.rs | 73 - .../v1alpha1/transformjobs.rs | 20 +- .../v1alpha1/userprofiles.rs | 18 +- .../scylla_scylladb_com/v1/scyllaclusters.rs | 1963 ++- .../v1alpha1/nodeconfigs.rs | 484 +- .../v1alpha1/scyllaoperatorconfigs.rs | 25 +- .../v1beta1/vaultstaticsecrets.rs | 2 +- .../v1alpha1/secretclasses.rs | 26 + .../v1alpha1/secrets.rs | 10 +- .../v1alpha1/apparmorprofiles.rs | 44 +- .../v1alpha1/securityprofilenodestatuses.rs | 1 - .../securityprofilesoperatordaemons.rs | 75 +- .../v1alpha2/rawselinuxprofiles.rs | 1 - .../v1beta1/seccompprofiles.rs | 1 - .../v1alpha1/selfnoderemediationconfigs.rs | 7 + .../v1alpha1/activities.rs | 29 +- .../v1alpha1/statemachines.rs | 29 +- .../v1alpha1/platformapplications.rs | 2 +- .../v1alpha1/platformendpoints.rs | 10 +- .../v1alpha1/subscriptions.rs | 2 +- .../sns_services_k8s_aws/v1alpha1/topics.rs | 2 +- .../v1/gitrepositories.rs | 4 +- .../v1beta2/scheduledsparkapplications.rs | 1360 +- .../v1beta2/sparkapplications.rs | 1360 +- .../sqs_services_k8s_aws/v1alpha1/queues.rs | 2 +- .../v1/sriovnetworknodepolicies.rs | 3 + .../v1/sriovnetworknodestates.rs | 40 + .../v1/sriovnetworkpoolconfigs.rs | 12 + .../v1beta1/constraintpodstatuses.rs | 14 + .../v1beta1/constrainttemplatepodstatuses.rs | 14 + .../v1alpha1/servicediscoveries.rs | 22 +- .../src/submariner_io/v1alpha1/submariners.rs | 200 +- .../v1alpha1/tempomonolithics.rs | 33 +- .../tempo_grafana_com/v1alpha1/tempostacks.rs | 70 +- .../src/traefik_io/v1alpha1/ingressroutes.rs | 50 +- .../traefik_io/v1alpha1/ingressroutetcps.rs | 24 +- .../traefik_io/v1alpha1/ingressrouteudps.rs | 2 +- .../src/traefik_io/v1alpha1/middlewaretcps.rs | 8 +- .../src/traefik_io/v1alpha1/tlsoptions.rs | 6 +- .../traefik_io/v1alpha1/traefikservices.rs | 16 +- .../trust_cert_manager_io/v1alpha1/bundles.rs | 59 +- .../src/upgrade_cattle_io/v1/plans.rs | 16 + .../src/velero_io/v1/backuprepositories.rs | 27 +- .../src/velero_io/v1/backups.rs | 1 - .../velero_io/v1/backupstoragelocations.rs | 4 - .../src/velero_io/v1/podvolumebackups.rs | 1 - .../src/velero_io/v1/podvolumerestores.rs | 1 - .../src/velero_io/v1/schedules.rs | 1 - .../velero_io/v1/volumesnapshotlocations.rs | 2 - .../src/velero_io/v2alpha1/datadownloads.rs | 21 + .../src/velero_io/v2alpha1/datauploads.rs | 21 + .../v1alpha1/replicationdestinations.rs | 75 + .../v1alpha1/replicationsources.rs | 100 + .../v1alpha2/clusterresourcebindings.rs | 113 +- .../v1alpha2/resourcebindings.rs | 113 +- .../v1beta2/appwrappers.rs | 15 +- .../v1/instancesets.rs | 2753 +--- .../v1alpha1/instancesets.rs | 55 +- 1484 files changed, 120290 insertions(+), 55255 deletions(-) create mode 100644 crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1alpha1/kvs.yaml create mode 100644 crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/authpolicies.yaml create mode 100644 crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/ratelimitpolicies.yaml create mode 100644 crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotclasses.yaml create mode 100644 crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotcontents.yaml create mode 100644 crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshots.yaml create mode 100644 crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha2/observabilitypolicies.yaml create mode 100644 crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedglobalnetworkpolicies.yaml create mode 100644 crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedkubernetesnetworkpolicies.yaml create mode 100644 crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagednetworkpolicies.yaml create mode 100644 kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/kvs.rs create mode 100644 kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/mod.rs create mode 100644 kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedglobalnetworkpolicies.rs create mode 100644 kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedkubernetesnetworkpolicies.rs create mode 100644 kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagednetworkpolicies.rs create mode 100644 kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/mod.rs create mode 100644 kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/observabilitypolicies.rs create mode 100644 kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/mod.rs create mode 100644 kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotclasses.rs create mode 100644 kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotcontents.rs create mode 100644 kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshots.rs create mode 100644 kube-custom-resources-rs/src/kuadrant_io/v1/authpolicies.rs create mode 100644 kube-custom-resources-rs/src/kuadrant_io/v1/mod.rs create mode 100644 kube-custom-resources-rs/src/kuadrant_io/v1/ratelimitpolicies.rs diff --git a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerbackups.yaml b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerbackups.yaml index b1825ff3d..c74ff8ff1 100644 --- a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerbackups.yaml +++ b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerbackups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "apimanagerbackups.apps.3scale.net" spec: group: "apps.3scale.net" @@ -19,10 +19,10 @@ spec: description: "APIManagerBackup represents an APIManager backup" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -36,23 +36,23 @@ spec: description: "PersistentVolumeClaim as backup data destination configuration" properties: resources: - description: "Resources configuration for the backup data PersistentVolumeClaim. Ignored when VolumeName field is set" + description: "Resources configuration for the backup data PersistentVolumeClaim.\nIgnored when VolumeName field is set" properties: requests: anyOf: - type: "integer" - type: "string" - description: "Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Storage Resource requests to be used on the PersistentVolumeClaim.\nTo learn more about resource requests see:\nhttps://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: - "requests" type: "object" storageClass: - description: "Storage class to be used by the PersistentVolumeClaim. Ignored when VolumeName field is set" + description: "Storage class to be used by the PersistentVolumeClaim. Ignored\nwhen VolumeName field is set" type: "string" volumeName: - description: "Name of an existing PersistentVolume to be bound to the backup data PersistentVolumeClaim" + description: "Name of an existing PersistentVolume to be bound to the\nbackup data PersistentVolumeClaim" type: "string" type: "object" type: "object" @@ -66,7 +66,7 @@ spec: description: "Name of the APIManager from which the backup has been performed" type: "string" backupPersistentVolumeClaimName: - description: "Name of the backup data PersistentVolumeClaim. Only set when PersistentVolumeClaim is used as the backup data destination" + description: "Name of the backup data PersistentVolumeClaim. Only set when\nPersistentVolumeClaim is used as the backup data destination" type: "string" completed: description: "Set to true when backup has been completed" @@ -76,7 +76,7 @@ spec: format: "date-time" type: "string" mainStepsCompleted: - description: "Set to true when main steps have been completed. At this point backup still cannot be considered fully completed due to some remaining post-backup tasks are pending (cleanup, ...)" + description: "Set to true when main steps have been completed. At this point\nbackup still cannot be considered fully completed due to some remaining\npost-backup tasks are pending (cleanup, ...)" type: "boolean" startTime: description: "Backup start time. It is represented in RFC3339 form and is in UTC." diff --git a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerrestores.yaml b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerrestores.yaml index 3f2f36ae7..013bd8b88 100644 --- a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerrestores.yaml +++ b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagerrestores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "apimanagerrestores.apps.3scale.net" spec: group: "apps.3scale.net" @@ -19,10 +19,10 @@ spec: description: "APIManagerRestore represents an APIManager restore" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,19 +30,19 @@ spec: description: "APIManagerRestoreSpec defines the desired state of APIManagerRestore" properties: restoreSource: - description: "APIManagerRestoreSource defines the backup data restore source configurability. It is a union type. Only one of the fields can be set" + description: "APIManagerRestoreSource defines the backup data restore source\nconfigurability. It is a union type. Only one of the fields can be\nset" properties: persistentVolumeClaim: description: "Restore data soure configuration" properties: claimSource: - description: "PersistentVolumeClaim source of an existing PersistentVolumeClaim. See" + description: "PersistentVolumeClaim source of an existing PersistentVolumeClaim.\nSee" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -61,7 +61,7 @@ spec: description: "Name of the APIManager to be restored" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -73,7 +73,7 @@ spec: format: "date-time" type: "string" mainStepsCompleted: - description: "Set to true when main steps have been completed. At this point restore still cannot be considered fully completed due to some remaining post-backup tasks are pending (cleanup, ...)" + description: "Set to true when main steps have been completed. At this point\nrestore still cannot be considered fully completed due to some remaining\npost-backup tasks are pending (cleanup, ...)" type: "boolean" startTime: description: "Restore start time. It is represented in RFC3339 form and is in UTC." diff --git a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml index ed796f4e8..78f0d5204 100644 --- a/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml +++ b/crd-catalog/3scale/3scale-operator/apps.3scale.net/v1alpha1/apimanagers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "apimanagers.apps.3scale.net" spec: group: "apps.3scale.net" @@ -19,10 +19,10 @@ spec: description: "APIManager is the Schema for the apimanagers API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,9 +46,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -56,16 +56,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -77,16 +77,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -107,26 +107,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -138,16 +138,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -168,7 +168,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -176,21 +176,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -202,38 +202,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -245,23 +245,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -270,26 +270,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -301,38 +301,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -344,17 +344,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -365,7 +365,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -373,21 +373,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -399,38 +399,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -442,23 +442,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -467,26 +467,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -498,38 +498,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -541,17 +541,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -560,7 +560,7 @@ spec: type: "object" type: "object" allProxy: - description: "AllProxy specifies a HTTP(S) proxy to be used for connecting to services if a protocol-specific proxy is not specified. Authentication is not supported. Format is ://:" + description: "AllProxy specifies a HTTP(S) proxy to be used for connecting to services if\na protocol-specific proxy is not specified. Authentication is not supported.\nFormat is ://:" type: "string" annotations: additionalProperties: @@ -572,10 +572,10 @@ spec: description: "CustomEnvironmentSpec contains or has reference to an APIcast custom environment" properties: secretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -595,7 +595,7 @@ spec: description: "SecretRef specifies the secret holding the custom policy metadata and lua code" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -612,22 +612,22 @@ spec: description: "Hpa specifies an array of defined HPA values" type: "boolean" httpProxy: - description: "HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. Authentication is not supported. Format is ://:" + description: "HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services.\nAuthentication is not supported. Format is ://:" type: "string" httpsCertificateSecretRef: - description: "HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." + description: "HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key.\nEnable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" httpsPort: - description: "HttpsPort controls on which port APIcast should start listening for HTTPS connections. If this clashes with HTTP port it will be used only for HTTPS. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." + description: "HttpsPort controls on which port APIcast should start listening for HTTPS connections.\nIf this clashes with HTTP port it will be used only for HTTPS.\nEnable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." format: "int32" type: "integer" httpsProxy: - description: "HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. Authentication is not supported. Format is ://:" + description: "HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services.\nAuthentication is not supported. Format is ://:" type: "string" httpsVerifyDepth: description: "HTTPSVerifyDepth defines the maximum length of the client certificate chain." @@ -650,42 +650,42 @@ spec: - "emerg" type: "string" noProxy: - description: "NoProxy specifies a comma-separated list of hostnames and domain names for which the requests should not be proxied. Setting to a single * character, which matches all hosts, effectively disables the proxy." + description: "NoProxy specifies a comma-separated list of hostnames and domain\nnames for which the requests should not be proxied. Setting to a single\n* character, which matches all hosts, effectively disables the proxy." type: "string" openTelemetry: - description: "OpenTelemetry contains the gateway instrumentation configuration with APIcast." + description: "OpenTelemetry contains the gateway instrumentation configuration\nwith APIcast." properties: enabled: - description: "Enabled controls whether OpenTelemetry integration with APIcast is enabled. By default it is not enabled." + description: "Enabled controls whether OpenTelemetry integration with APIcast is enabled.\nBy default it is not enabled." type: "boolean" tracingConfigSecretKey: - description: "TracingConfigSecretKey contains the key of the secret to select the configuration from. if unspecified, the first secret key in lexicographical order will be selected." + description: "TracingConfigSecretKey contains the key of the secret to select the configuration from.\nif unspecified, the first secret key in lexicographical order will be selected." type: "string" tracingConfigSecretRef: - description: "TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx" + description: "TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration.\nThe configuration file specification is defined in the Nginx instrumentation library repo\nhttps://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "object" openTracing: - description: "OpenTracing contains the OpenTracing integration configuration with APIcast in the production environment. Deprecated" + description: "OpenTracing contains the OpenTracing integration configuration\nwith APIcast in the production environment.\nDeprecated" properties: enabled: - description: "Enabled controls whether OpenTracing integration with APIcast is enabled. By default it is not enabled." + description: "Enabled controls whether OpenTracing integration with APIcast is enabled.\nBy default it is not enabled." type: "boolean" tracingConfigSecretRef: - description: "TracingConfigSecretRef contains a secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified." + description: "TracingConfigSecretRef contains a secret reference the OpenTracing configuration.\nEach supported tracing library provides a default configuration file\nthat is used if TracingConfig is not specified." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" tracingLibrary: - description: "TracingLibrary controls which OpenTracing library is loaded. At the moment the only supported tracer is `jaeger`. If not set, `jaeger` will be used." + description: "TracingLibrary controls which OpenTracing library is loaded. At the moment\nthe only supported tracer is `jaeger`. If not set, `jaeger` will be used." type: "string" type: "object" priorityClassName: @@ -697,12 +697,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -718,7 +718,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -727,7 +727,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" serviceCacheSize: @@ -736,23 +736,23 @@ spec: type: "integer" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -761,21 +761,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -787,35 +787,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -841,9 +841,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -851,16 +851,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -872,16 +872,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -902,26 +902,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -933,16 +933,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -963,7 +963,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -971,21 +971,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -997,38 +997,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1040,23 +1040,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1065,26 +1065,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1096,38 +1096,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1139,17 +1139,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -1160,7 +1160,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1168,21 +1168,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1194,38 +1194,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1237,23 +1237,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1262,26 +1262,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1293,38 +1293,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1336,17 +1336,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -1355,7 +1355,7 @@ spec: type: "object" type: "object" allProxy: - description: "AllProxy specifies a HTTP(S) proxy to be used for connecting to services if a protocol-specific proxy is not specified. Authentication is not supported. Format is ://:" + description: "AllProxy specifies a HTTP(S) proxy to be used for connecting to services if\na protocol-specific proxy is not specified. Authentication is not supported.\nFormat is ://:" type: "string" annotations: additionalProperties: @@ -1367,10 +1367,10 @@ spec: description: "CustomEnvironmentSpec contains or has reference to an APIcast custom environment" properties: secretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1390,7 +1390,7 @@ spec: description: "SecretRef specifies the secret holding the custom policy metadata and lua code" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1404,22 +1404,22 @@ spec: type: "object" type: "array" httpProxy: - description: "HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. Authentication is not supported. Format is ://:" + description: "HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services.\nAuthentication is not supported. Format is ://:" type: "string" httpsCertificateSecretRef: - description: "HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." + description: "HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key.\nEnable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" httpsPort: - description: "HttpsPort controls on which port APIcast should start listening for HTTPS connections. If this clashes with HTTP port it will be used only for HTTPS. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." + description: "HttpsPort controls on which port APIcast should start listening for HTTPS connections.\nIf this clashes with HTTP port it will be used only for HTTPS.\nEnable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both." format: "int32" type: "integer" httpsProxy: - description: "HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. Authentication is not supported. Format is ://:" + description: "HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services.\nAuthentication is not supported. Format is ://:" type: "string" httpsVerifyDepth: description: "HTTPSVerifyDepth defines the maximum length of the client certificate chain." @@ -1442,42 +1442,42 @@ spec: - "emerg" type: "string" noProxy: - description: "NoProxy specifies a comma-separated list of hostnames and domain names for which the requests should not be proxied. Setting to a single * character, which matches all hosts, effectively disables the proxy." + description: "NoProxy specifies a comma-separated list of hostnames and domain\nnames for which the requests should not be proxied. Setting to a single\n* character, which matches all hosts, effectively disables the proxy." type: "string" openTelemetry: - description: "OpenTelemetry contains the gateway instrumentation configuration with APIcast." + description: "OpenTelemetry contains the gateway instrumentation configuration\nwith APIcast." properties: enabled: - description: "Enabled controls whether OpenTelemetry integration with APIcast is enabled. By default it is not enabled." + description: "Enabled controls whether OpenTelemetry integration with APIcast is enabled.\nBy default it is not enabled." type: "boolean" tracingConfigSecretKey: - description: "TracingConfigSecretKey contains the key of the secret to select the configuration from. if unspecified, the first secret key in lexicographical order will be selected." + description: "TracingConfigSecretKey contains the key of the secret to select the configuration from.\nif unspecified, the first secret key in lexicographical order will be selected." type: "string" tracingConfigSecretRef: - description: "TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx" + description: "TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration.\nThe configuration file specification is defined in the Nginx instrumentation library repo\nhttps://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "object" openTracing: - description: "OpenTracing contains the OpenTracing integration configuration with APIcast in the staging environment. Deprecated" + description: "OpenTracing contains the OpenTracing integration configuration\nwith APIcast in the staging environment.\nDeprecated" properties: enabled: - description: "Enabled controls whether OpenTracing integration with APIcast is enabled. By default it is not enabled." + description: "Enabled controls whether OpenTracing integration with APIcast is enabled.\nBy default it is not enabled." type: "boolean" tracingConfigSecretRef: - description: "TracingConfigSecretRef contains a secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified." + description: "TracingConfigSecretRef contains a secret reference the OpenTracing configuration.\nEach supported tracing library provides a default configuration file\nthat is used if TracingConfig is not specified." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" tracingLibrary: - description: "TracingLibrary controls which OpenTracing library is loaded. At the moment the only supported tracer is `jaeger`. If not set, `jaeger` will be used." + description: "TracingLibrary controls which OpenTracing library is loaded. At the moment\nthe only supported tracer is `jaeger`. If not set, `jaeger` will be used." type: "string" type: "object" priorityClassName: @@ -1489,12 +1489,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1510,7 +1510,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1519,7 +1519,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" serviceCacheSize: @@ -1528,23 +1528,23 @@ spec: type: "integer" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -1553,21 +1553,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1579,35 +1579,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -1630,9 +1630,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -1640,16 +1640,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1661,16 +1661,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1691,26 +1691,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1722,16 +1722,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1752,7 +1752,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1760,21 +1760,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1786,38 +1786,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1829,23 +1829,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1854,26 +1854,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1885,38 +1885,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1928,17 +1928,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -1949,7 +1949,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1957,21 +1957,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1983,38 +1983,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2026,23 +2026,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2051,26 +2051,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2082,38 +2082,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2125,17 +2125,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2160,12 +2160,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2181,7 +2181,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2190,28 +2190,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -2220,21 +2220,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2246,35 +2246,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -2294,9 +2294,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -2304,16 +2304,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2325,16 +2325,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2355,26 +2355,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2386,16 +2386,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2416,7 +2416,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -2424,21 +2424,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2450,38 +2450,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2493,23 +2493,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2518,26 +2518,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2549,38 +2549,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2592,17 +2592,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2613,7 +2613,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -2621,21 +2621,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2647,38 +2647,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2690,23 +2690,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -2715,26 +2715,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2746,38 +2746,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2789,17 +2789,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2827,12 +2827,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2848,7 +2848,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2857,28 +2857,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -2887,21 +2887,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2913,35 +2913,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -2957,9 +2957,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -2967,16 +2967,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -2988,16 +2988,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3018,26 +3018,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3049,16 +3049,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3079,7 +3079,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -3087,21 +3087,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3113,38 +3113,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3156,23 +3156,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -3181,26 +3181,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3212,38 +3212,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3255,17 +3255,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -3276,7 +3276,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -3284,21 +3284,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3310,38 +3310,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3353,23 +3353,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -3378,26 +3378,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3409,38 +3409,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3452,17 +3452,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -3491,12 +3491,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3512,7 +3512,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3521,28 +3521,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" redisTolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -3551,21 +3551,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3577,35 +3577,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -3622,9 +3622,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -3632,16 +3632,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3653,16 +3653,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3683,26 +3683,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3714,16 +3714,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -3744,7 +3744,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -3752,21 +3752,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3778,38 +3778,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3821,23 +3821,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -3846,26 +3846,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3877,38 +3877,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3920,17 +3920,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -3941,7 +3941,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -3949,21 +3949,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3975,38 +3975,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4018,23 +4018,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -4043,26 +4043,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4074,38 +4074,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4117,17 +4117,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -4155,12 +4155,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4176,7 +4176,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4185,28 +4185,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -4215,21 +4215,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4241,35 +4241,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -4308,10 +4308,10 @@ spec: type: "object" imagePullSecrets: items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4341,9 +4341,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -4351,16 +4351,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4372,16 +4372,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4402,26 +4402,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4433,16 +4433,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -4463,7 +4463,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -4471,21 +4471,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4497,38 +4497,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4540,23 +4540,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -4565,26 +4565,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4596,38 +4596,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4639,17 +4639,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -4660,7 +4660,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -4668,21 +4668,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4694,38 +4694,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4737,23 +4737,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -4762,26 +4762,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4793,38 +4793,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4836,17 +4836,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -4862,12 +4862,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4883,7 +4883,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4892,7 +4892,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" labels: @@ -4903,12 +4903,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4924,7 +4924,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4933,7 +4933,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" priorityClassName: @@ -4942,12 +4942,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4963,7 +4963,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4972,7 +4972,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" replicas: @@ -4980,23 +4980,23 @@ spec: type: "integer" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -5005,21 +5005,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5031,35 +5031,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -5080,9 +5080,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -5090,16 +5090,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5111,16 +5111,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5141,26 +5141,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5172,16 +5172,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5202,7 +5202,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -5210,21 +5210,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5236,38 +5236,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5279,23 +5279,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -5304,26 +5304,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5335,38 +5335,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5378,17 +5378,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -5399,7 +5399,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -5407,21 +5407,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5433,38 +5433,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5476,23 +5476,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -5501,26 +5501,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5532,38 +5532,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5575,17 +5575,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -5606,13 +5606,13 @@ spec: persistentVolumeClaim: properties: resources: - description: "Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set" + description: "Resources represents the minimum resources the volume should have.\nIgnored when VolumeName field is set" properties: requests: anyOf: - type: "integer" - type: "string" - description: "Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Storage Resource requests to be used on the PersistentVolumeClaim.\nTo learn more about resource requests see:\nhttps://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: @@ -5630,12 +5630,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -5651,7 +5651,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -5660,28 +5660,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -5690,21 +5690,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5716,35 +5716,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -5762,9 +5762,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -5772,16 +5772,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5793,16 +5793,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5823,26 +5823,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5854,16 +5854,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -5884,7 +5884,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -5892,21 +5892,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5918,38 +5918,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5961,23 +5961,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -5986,26 +5986,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6017,38 +6017,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6060,17 +6060,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -6081,7 +6081,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -6089,21 +6089,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6115,38 +6115,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6158,23 +6158,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -6183,26 +6183,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6214,38 +6214,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6257,17 +6257,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -6288,13 +6288,13 @@ spec: persistentVolumeClaim: properties: resources: - description: "Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set" + description: "Resources represents the minimum resources the volume should have.\nIgnored when VolumeName field is set" properties: requests: anyOf: - type: "integer" - type: "string" - description: "Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Storage Resource requests to be used on the PersistentVolumeClaim.\nTo learn more about resource requests see:\nhttps://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: @@ -6312,12 +6312,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -6333,7 +6333,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6342,28 +6342,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -6372,21 +6372,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6398,35 +6398,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -6448,7 +6448,7 @@ spec: description: "Deprecated" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6464,13 +6464,13 @@ spec: description: "Union type. Only one of the fields can be set." properties: resources: - description: "Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set" + description: "Resources represents the minimum resources the volume should have.\nIgnored when VolumeName field is set" properties: requests: anyOf: - type: "integer" - type: "string" - description: "Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Storage Resource requests to be used on the PersistentVolumeClaim.\nTo learn more about resource requests see:\nhttps://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: @@ -6485,10 +6485,10 @@ spec: simpleStorageService: properties: configurationSecretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6515,9 +6515,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -6525,16 +6525,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6546,16 +6546,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6576,26 +6576,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6607,16 +6607,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -6637,7 +6637,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -6645,21 +6645,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6671,38 +6671,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6714,23 +6714,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -6739,26 +6739,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6770,38 +6770,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6813,17 +6813,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -6834,7 +6834,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -6842,21 +6842,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6868,38 +6868,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6911,23 +6911,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -6936,26 +6936,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6967,38 +6967,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7010,17 +7010,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -7044,12 +7044,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -7065,7 +7065,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -7074,28 +7074,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" memcachedTolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -7104,21 +7104,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7130,35 +7130,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -7173,9 +7173,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -7183,16 +7183,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7204,16 +7204,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7234,26 +7234,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7265,16 +7265,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7295,7 +7295,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -7303,21 +7303,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7329,38 +7329,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7372,23 +7372,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -7397,26 +7397,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7428,38 +7428,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7471,17 +7471,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -7492,7 +7492,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -7500,21 +7500,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7526,38 +7526,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7569,23 +7569,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -7594,26 +7594,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7625,38 +7625,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7668,17 +7668,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -7707,12 +7707,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -7728,7 +7728,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -7737,28 +7737,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" redisTolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -7767,21 +7767,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7793,35 +7793,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -7838,9 +7838,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -7848,16 +7848,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7869,16 +7869,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7899,26 +7899,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7930,16 +7930,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -7960,7 +7960,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -7968,21 +7968,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7994,38 +7994,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8037,23 +8037,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -8062,26 +8062,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8093,38 +8093,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8136,17 +8136,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -8157,7 +8157,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -8165,21 +8165,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8191,38 +8191,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8234,23 +8234,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -8259,26 +8259,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8290,38 +8290,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8333,17 +8333,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -8364,13 +8364,13 @@ spec: persistentVolumeClaim: properties: resources: - description: "Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set" + description: "Resources represents the minimum resources the volume should have.\nIgnored when VolumeName field is set" properties: requests: anyOf: - type: "integer" - type: "string" - description: "Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Storage Resource requests to be used on the PersistentVolumeClaim.\nTo learn more about resource requests see:\nhttps://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true required: @@ -8388,12 +8388,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -8409,7 +8409,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -8418,28 +8418,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -8448,21 +8448,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8474,35 +8474,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -8520,9 +8520,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -8530,16 +8530,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -8551,16 +8551,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -8581,26 +8581,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -8612,16 +8612,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -8642,7 +8642,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -8650,21 +8650,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8676,38 +8676,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8719,23 +8719,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -8744,26 +8744,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8775,38 +8775,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8818,17 +8818,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -8839,7 +8839,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -8847,21 +8847,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8873,38 +8873,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8916,23 +8916,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -8941,26 +8941,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8972,38 +8972,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9015,17 +9015,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -9050,12 +9050,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -9071,7 +9071,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -9080,28 +9080,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -9110,21 +9110,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9136,35 +9136,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -9183,9 +9183,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -9193,16 +9193,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9214,16 +9214,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9244,26 +9244,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9275,16 +9275,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9305,7 +9305,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -9313,21 +9313,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9339,38 +9339,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9382,23 +9382,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -9407,26 +9407,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9438,38 +9438,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9481,17 +9481,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -9502,7 +9502,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -9510,21 +9510,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9536,38 +9536,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9579,23 +9579,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -9604,26 +9604,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9635,38 +9635,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9678,17 +9678,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -9702,12 +9702,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -9723,7 +9723,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -9732,28 +9732,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -9762,21 +9762,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9788,35 +9788,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -9825,6 +9825,8 @@ spec: type: "object" type: "array" type: "object" + systemDatabaseTLSEnabled: + type: "boolean" type: "object" tenantName: type: "string" @@ -9842,9 +9844,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -9852,16 +9854,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9873,16 +9875,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9903,26 +9905,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9934,16 +9936,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -9964,7 +9966,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -9972,21 +9974,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9998,38 +10000,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10041,23 +10043,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -10066,26 +10068,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10097,38 +10099,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10140,17 +10142,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -10161,7 +10163,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -10169,21 +10171,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10195,38 +10197,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10238,23 +10240,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -10263,26 +10265,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10294,38 +10296,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10337,17 +10339,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -10372,12 +10374,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -10393,7 +10395,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -10402,28 +10404,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -10432,21 +10434,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10458,35 +10460,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -10502,9 +10504,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -10512,16 +10514,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -10533,16 +10535,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -10563,26 +10565,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -10594,16 +10596,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -10624,7 +10626,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -10632,21 +10634,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10658,38 +10660,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10701,23 +10703,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -10726,26 +10728,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10757,38 +10759,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10800,17 +10802,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -10821,7 +10823,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -10829,21 +10831,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10855,38 +10857,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10898,23 +10900,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -10923,26 +10925,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10954,38 +10956,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10997,17 +10999,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -11029,12 +11031,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -11050,7 +11052,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -11059,28 +11061,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" databaseTolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -11089,21 +11091,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11115,35 +11117,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -11151,6 +11153,8 @@ spec: - "whenUnsatisfiable" type: "object" type: "array" + enabled: + type: "boolean" image: type: "string" postgreSQLImage: @@ -11164,9 +11168,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -11174,16 +11178,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -11195,16 +11199,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -11225,26 +11229,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -11256,16 +11260,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -11286,7 +11290,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -11294,21 +11298,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11320,38 +11324,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11363,23 +11367,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -11388,26 +11392,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11419,38 +11423,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11462,17 +11466,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -11483,7 +11487,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -11491,21 +11495,21 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11517,38 +11521,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11560,23 +11564,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -11585,26 +11589,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11616,38 +11620,38 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11659,17 +11663,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -11694,12 +11698,12 @@ spec: description: "ResourceRequirements describes the compute resource requirements." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -11715,7 +11719,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -11724,28 +11728,28 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -11754,21 +11758,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11780,35 +11784,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -11817,6 +11821,8 @@ spec: type: "object" type: "array" type: "object" + zyncDatabaseTLSEnabled: + type: "boolean" type: "object" required: - "wildcardDomain" @@ -11826,9 +11832,9 @@ spec: description: "APIManagerStatus defines the observed state of APIManager" properties: conditions: - description: "Current state of the APIManager resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the APIManager resource.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -11836,12 +11842,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1alpha1/tenants.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1alpha1/tenants.yaml index 534e3d15f..5a64d715e 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1alpha1/tenants.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1alpha1/tenants.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "tenants.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "Tenant is the Schema for the tenants API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: description: "additional parameters, used for Update, as in master portal Api Docs" type: "string" masterCredentialsRef: - description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace" + description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret\nin any namespace" properties: name: description: "name is unique within a namespace to reference a secret resource." @@ -50,7 +50,7 @@ spec: organizationName: type: "string" passwordCredentialsRef: - description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace" + description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret\nin any namespace" properties: name: description: "name is unique within a namespace to reference a secret resource." @@ -67,7 +67,7 @@ spec: systemMasterUrl: type: "string" tenantSecretRef: - description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace" + description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret\nin any namespace" properties: name: description: "name is unique within a namespace to reference a secret resource." @@ -95,9 +95,9 @@ spec: format: "int64" type: "integer" conditions: - description: "Current state of the tenant resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the tenant resource.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -105,12 +105,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/activedocs.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/activedocs.yaml index b41d93f63..9a93dd2a5 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/activedocs.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/activedocs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "activedocs.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -29,10 +29,10 @@ spec: description: "ActiveDoc is the Schema for the activedocs API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -49,22 +49,22 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -86,7 +86,7 @@ spec: description: "ProviderAccountRef references account provider credentials" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -97,7 +97,7 @@ spec: description: "SkipSwaggerValidations switch to skip OpenAPI validation" type: "boolean" systemName: - description: "SystemName identifies uniquely the activedoc within the account provider Default value will be sanitized Name" + description: "SystemName identifies uniquely the activedoc within the account provider\nDefault value will be sanitized Name" pattern: "^[a-z0-9]+$" type: "string" required: @@ -111,9 +111,9 @@ spec: format: "int64" type: "integer" conditions: - description: "Current state of the activedoc resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the activedoc resource.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -121,12 +121,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" @@ -141,7 +141,7 @@ spec: description: "ProductResourceName references the managed 3scale product" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/applications.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/applications.yaml index 2233fa1fb..14ca43888 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/applications.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/applications.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "applications.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "Application is the Schema for the applications API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,7 +33,7 @@ spec: description: "AccountCRName name of account custom resource under which the application will be created" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -50,7 +50,7 @@ spec: description: "ProductCRName of product custom resource from which the application plan will be used" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -71,9 +71,9 @@ spec: format: "int64" type: "integer" conditions: - description: "Current state of the 3scale application. Conditions represent the latest available observations of an object's state" + description: "Current state of the 3scale application.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -81,12 +81,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml index 5dfbaf7e6..9688dbef7 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/backends.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "backends.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "Backend is the Schema for the backends API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -74,7 +74,7 @@ spec: required: - "friendlyName" type: "object" - description: "Methods Map: system_name -> MethodSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A." + description: "Methods\nMap: system_name -> MethodSpec\nsystem_name attr is unique for all metrics AND methods\nIn other words, if metric's system_name is A, there is no metric or method with system_name A." type: "object" metrics: additionalProperties: @@ -90,7 +90,7 @@ spec: - "friendlyName" - "unit" type: "object" - description: "Metrics Map: system_name -> MetricSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A." + description: "Metrics\nMap: system_name -> MetricSpec\nsystem_name attr is unique for all metrics AND methods\nIn other words, if metric's system_name is A, there is no metric or method with system_name A." type: "object" name: description: "Name is human readable name for the backend" @@ -103,13 +103,16 @@ spec: description: "ProviderAccountRef references account provider credentials" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" systemName: - description: "SystemName identifies uniquely the backend within the account provider Default value will be sanitized Name" + description: "SystemName identifies uniquely the backend within the account provider\nDefault value will be sanitized Name" type: "string" + x-kubernetes-validations: + - message: "SystemName is immutable" + rule: "self == oldSelf" required: - "name" - "privateBaseURL" @@ -121,9 +124,9 @@ spec: format: "int64" type: "integer" conditions: - description: "Current state of the 3scale backend. Conditions represent the latest available observations of an object's state" + description: "Current state of the 3scale backend.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -131,12 +134,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/custompolicydefinitions.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/custompolicydefinitions.yaml index 3f8c2d05b..6f4433c7a 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/custompolicydefinitions.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/custompolicydefinitions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "custompolicydefinitions.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -29,10 +29,10 @@ spec: description: "CustomPolicyDefinition is the Schema for the custompolicydefinitions API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: description: "ProviderAccountRef references account provider credentials" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -93,9 +93,9 @@ spec: description: "CustomPolicyDefinitionStatus defines the observed state of CustomPolicyDefinition" properties: conditions: - description: "Current state of the custom policy resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the custom policy resource.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -103,12 +103,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developeraccounts.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developeraccounts.yaml index 8b6ab9bc9..092632800 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developeraccounts.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developeraccounts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "developeraccounts.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "DeveloperAccount is the Schema for the developeraccounts API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -42,7 +42,7 @@ spec: description: "ProviderAccountRef references account provider credentials" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -58,9 +58,9 @@ spec: accountState: type: "string" conditions: - description: "Current state of the policy resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the policy resource.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -68,12 +68,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developerusers.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developerusers.yaml index 91954cdf8..6cc5ac2c7 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developerusers.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/developerusers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "developerusers.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "DeveloperUser is the Schema for the developerusers API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,7 +33,7 @@ spec: description: "DeveloperAccountRef is the reference to the parent developer account" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -55,7 +55,7 @@ spec: description: "ProviderAccountRef references account provider credentials" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -84,9 +84,9 @@ spec: format: "int64" type: "integer" conditions: - description: "Current state of the 3scale backend. Conditions represent the latest available observations of an object's state" + description: "Current state of the 3scale backend.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -94,12 +94,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/openapis.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/openapis.yaml index 1b702709e..7a6bc1790 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/openapis.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/openapis.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "openapis.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "OpenAPI is the Schema for the openapis API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -51,7 +51,7 @@ spec: - "standardFlowEnabled" type: "object" credentials: - description: "Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication" + description: "Credentials Location available options:\nheaders: As HTTP Headers\nquery: As query parameters (GET) or body parameters (POST/PUT/DELETE)\nauthorization: As HTTP Basic Authentication" enum: - "headers" - "query" @@ -137,7 +137,7 @@ spec: description: "HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host." type: "string" secretToken: - description: "SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." + description: "SecretToken Enables you to block any direct developer requests to your API backend;\neach 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token.\nThe value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." type: "string" type: "object" required: @@ -153,22 +153,22 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -200,7 +200,7 @@ spec: description: "ProviderAccountRef references account provider credentials" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -217,18 +217,18 @@ spec: backendResourceNames: description: "BackendResourceNames contains a list of references to the managed 3scale backends" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" conditions: - description: "Current state of the openapi resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the openapi resource.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -236,12 +236,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" @@ -256,7 +256,7 @@ spec: description: "ProductResourceName references the managed 3scale product" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/products.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/products.yaml index 860145f60..ababf31bf 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/products.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/products.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "products.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "Product is the Schema for the products API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -34,7 +34,7 @@ spec: description: "ApplicationPlanSpec defines the desired state of Product's Application Plan" properties: appsRequireApproval: - description: "Set whether or not applications can be created on demand or if approval is required from you before they are activated." + description: "Set whether or not applications can be created on demand\nor if approval is required from you before they are activated." type: "boolean" costMonth: description: "Cost per Month (USD)" @@ -43,13 +43,13 @@ spec: limits: description: "Limits" items: - description: "LimitSpec defines the maximum value a metric can take on a contract before the user is no longer authorized to use resources. Once a limit has been passed in a given period, reject messages will be issued if the service is accessed under this contract." + description: "LimitSpec defines the maximum value a metric can take on a contract before the user is no longer authorized to use resources.\nOnce a limit has been passed in a given period, reject messages will be issued if the service is accessed under this contract." properties: metricMethodRef: description: "Metric or Method Reference" properties: backend: - description: "BackendSystemName identifies uniquely the backend Backend reference must be used by the product" + description: "BackendSystemName identifies uniquely the backend\nBackend reference must be used by the product" type: "string" systemName: description: "SystemName identifies uniquely the metric or methods" @@ -82,7 +82,7 @@ spec: pricingRules: description: "Pricing Rules" items: - description: "PricingRuleSpec defines the cost of each operation performed on an API. Multiple pricing rules on the same metric divide up the ranges of when a pricing rule applies." + description: "PricingRuleSpec defines the cost of each operation performed on an API.\nMultiple pricing rules on the same metric divide up the ranges of when a pricing rule applies." properties: from: description: "Range From" @@ -91,7 +91,7 @@ spec: description: "Metric or Method Reference" properties: backend: - description: "BackendSystemName identifies uniquely the backend Backend reference must be used by the product" + description: "BackendSystemName identifies uniquely the backend\nBackend reference must be used by the product" type: "string" systemName: description: "SystemName identifies uniquely the metric or methods" @@ -114,7 +114,7 @@ spec: type: "object" type: "array" published: - description: "Controls whether the application plan is published. If not specified it is hidden by default" + description: "Controls whether the application plan is published. If not specified it is\nhidden by default" type: "boolean" setupFee: description: "Setup fee (USD)" @@ -125,7 +125,7 @@ spec: minimum: 0.0 type: "integer" type: "object" - description: "Application Plans Map: system_name -> Application Plan Spec" + description: "Application Plans\nMap: system_name -> Application Plan Spec" type: "object" backendUsages: additionalProperties: @@ -136,7 +136,7 @@ spec: required: - "path" type: "object" - description: "Backend usage will be a map of Map: system_name -> BackendUsageSpec Having system_name as the index, the structure ensures one backend is not used multiple times." + description: "Backend usage will be a map of\nMap: system_name -> BackendUsageSpec\nHaving system_name as the index, the structure ensures one backend is not used multiple times." type: "object" deployment: description: "Deployment defined 3scale product deployment mode" @@ -157,7 +157,7 @@ spec: description: "AppKey is the name of the parameter that acts of behalf of app key" type: "string" credentials: - description: "CredentialsLoc available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication" + description: "CredentialsLoc available options:\nheaders: As HTTP Headers\nquery: As query parameters (GET) or body parameters (POST/PUT/DELETE)\nauthorization: As HTTP Basic Authentication" enum: - "headers" - "query" @@ -214,7 +214,7 @@ spec: description: "HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host." type: "string" secretToken: - description: "SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." + description: "SecretToken Enables you to block any direct developer requests to your API backend;\neach 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token.\nThe value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." type: "string" type: "object" type: "object" @@ -240,7 +240,7 @@ spec: - "standardFlowEnabled" type: "object" credentials: - description: "Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication" + description: "Credentials Location available options:\nheaders: As HTTP Headers\nquery: As query parameters (GET) or body parameters (POST/PUT/DELETE)\nauthorization: As HTTP Basic Authentication" enum: - "headers" - "query" @@ -326,7 +326,7 @@ spec: description: "HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host." type: "string" secretToken: - description: "SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." + description: "SecretToken Enables you to block any direct developer requests to your API backend;\neach 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token.\nThe value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." type: "string" type: "object" required: @@ -338,7 +338,7 @@ spec: authUserKey: type: "string" credentials: - description: "Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication" + description: "Credentials Location available options:\nheaders: As HTTP Headers\nquery: As query parameters (GET) or body parameters (POST/PUT/DELETE)\nauthorization: As HTTP Basic Authentication" enum: - "headers" - "query" @@ -395,7 +395,7 @@ spec: description: "HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host." type: "string" secretToken: - description: "SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." + description: "SecretToken Enables you to block any direct developer requests to your API backend;\neach 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token.\nThe value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." type: "string" type: "object" type: "object" @@ -417,7 +417,7 @@ spec: description: "AppKey is the name of the parameter that acts of behalf of app key" type: "string" credentials: - description: "CredentialsLoc available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication" + description: "CredentialsLoc available options:\nheaders: As HTTP Headers\nquery: As query parameters (GET) or body parameters (POST/PUT/DELETE)\nauthorization: As HTTP Basic Authentication" enum: - "headers" - "query" @@ -474,7 +474,7 @@ spec: description: "HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host." type: "string" secretToken: - description: "SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." + description: "SecretToken Enables you to block any direct developer requests to your API backend;\neach 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token.\nThe value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." type: "string" type: "object" type: "object" @@ -500,7 +500,7 @@ spec: - "standardFlowEnabled" type: "object" credentials: - description: "Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication" + description: "Credentials Location available options:\nheaders: As HTTP Headers\nquery: As query parameters (GET) or body parameters (POST/PUT/DELETE)\nauthorization: As HTTP Basic Authentication" enum: - "headers" - "query" @@ -586,7 +586,7 @@ spec: description: "HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host." type: "string" secretToken: - description: "SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." + description: "SecretToken Enables you to block any direct developer requests to your API backend;\neach 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token.\nThe value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." type: "string" type: "object" required: @@ -598,7 +598,7 @@ spec: authUserKey: type: "string" credentials: - description: "Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication" + description: "Credentials Location available options:\nheaders: As HTTP Headers\nquery: As query parameters (GET) or body parameters (POST/PUT/DELETE)\nauthorization: As HTTP Basic Authentication" enum: - "headers" - "query" @@ -655,7 +655,7 @@ spec: description: "HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host." type: "string" secretToken: - description: "SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." + description: "SecretToken Enables you to block any direct developer requests to your API backend;\neach 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token.\nThe value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header." type: "string" type: "object" type: "object" @@ -672,7 +672,7 @@ spec: description: "Description is a human readable text of the product" type: "string" mappingRules: - description: "Mapping Rules Array: MappingRule Spec" + description: "Mapping Rules\nArray: MappingRule Spec" items: description: "MappingRuleSpec defines the desired state of Product's MappingRule" properties: @@ -714,7 +714,7 @@ spec: required: - "friendlyName" type: "object" - description: "Methods Map: system_name -> MethodSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A." + description: "Methods\nMap: system_name -> MethodSpec\nsystem_name attr is unique for all metrics AND methods\nIn other words, if metric's system_name is A, there is no metric or method with system_name A." type: "object" metrics: additionalProperties: @@ -730,7 +730,7 @@ spec: - "friendlyName" - "unit" type: "object" - description: "Metrics Map: system_name -> MetricSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A." + description: "Metrics\nMap: system_name -> MetricSpec\nsystem_name attr is unique for all metrics AND methods\nIn other words, if metric's system_name is A, there is no metric or method with system_name A." type: "object" name: description: "Name is human readable name for the product" @@ -774,12 +774,12 @@ spec: description: "ProviderAccountRef references account provider credentials" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" systemName: - description: "SystemName identifies uniquely the product within the account provider Default value will be sanitized Name" + description: "SystemName identifies uniquely the product within the account provider\nDefault value will be sanitized Name" type: "string" required: - "name" @@ -788,9 +788,9 @@ spec: description: "ProductStatus defines the observed state of Product" properties: conditions: - description: "Current state of the 3scale product. Conditions represent the latest available observations of an object's state" + description: "Current state of the 3scale product.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -798,12 +798,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml index c8eee9cd9..e5b3fc562 100644 --- a/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml +++ b/crd-catalog/3scale/3scale-operator/capabilities.3scale.net/v1beta1/proxyconfigpromotes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "proxyconfigpromotes.capabilities.3scale.net" spec: group: "capabilities.3scale.net" @@ -19,10 +19,10 @@ spec: description: "ProxyConfigPromote is the Schema for the proxyconfigpromotes API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -45,9 +45,9 @@ spec: description: "ProxyConfigPromoteStatus defines the observed state of ProxyConfigPromote" properties: conditions: - description: "Current state of the ProxyConfigPromote resource. Conditions represent the latest available observations of an object's state" + description: "Current state of the ProxyConfigPromote resource.\nConditions represent the latest available observations of an object's state" items: - description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + description: "Condition represents an observation of an object's state. Conditions are an\nextension mechanism intended to be used when the details of an observation\nare not a priori known or would not apply to all instances of a given Kind.\n\n\nConditions should be added to explicitly convey properties that users and\ncomponents care about rather than requiring those properties to be inferred\nfrom other observations. Once defined, the meaning of a Condition can not be\nchanged arbitrarily - it becomes part of the API, and has the same\nbackwards- and forwards-compatibility concerns of any other part of the API." properties: lastTransitionTime: format: "date-time" @@ -55,12 +55,12 @@ spec: message: type: "string" reason: - description: "ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes." + description: "ConditionReason is intended to be a one-word, CamelCase representation of\nthe category of cause of the current status. It is intended to be used in\nconcise output, such as one-line kubectl get output, and in summarizing\noccurrences of causes." type: "string" status: type: "string" type: - description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + description: "ConditionType is the type of the condition and is typically a CamelCased\nword or short phrase.\n\n\nCondition types should indicate state in the \"abnormal-true\" polarity. For\nexample, if the condition indicates when a policy is invalid, the \"is valid\"\ncase is probably the norm, so the condition should be called \"Invalid\"." type: "string" required: - "status" diff --git a/crd-catalog/3scale/apicast-operator/apps.3scale.net/v1alpha1/apicasts.yaml b/crd-catalog/3scale/apicast-operator/apps.3scale.net/v1alpha1/apicasts.yaml index f7005df5e..fa8f1e05a 100644 --- a/crd-catalog/3scale/apicast-operator/apps.3scale.net/v1alpha1/apicasts.yaml +++ b/crd-catalog/3scale/apicast-operator/apps.3scale.net/v1alpha1/apicasts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "apicasts.apps.3scale.net" spec: group: "apps.3scale.net" @@ -19,10 +19,10 @@ spec: description: "APIcast is the Schema for the apicasts API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,18 +30,18 @@ spec: description: "APIcastSpec defines the desired state of APIcast." properties: adminPortalCredentialsRef: - description: "Secret reference to a Kubernetes Secret containing the admin portal endpoint URL. The Secret must be located in the same namespace." + description: "Secret reference to a Kubernetes Secret containing the admin portal\nendpoint URL. The Secret must be located in the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" allProxy: - description: "AllProxy specifies a HTTP(S) proxy to be used for connecting to services if a protocol-specific proxy is not specified. Authentication is not supported. Format is ://:" + description: "AllProxy specifies a HTTP(S) proxy to be used for connecting to services if\na protocol-specific proxy is not specified. Authentication is not supported.\nFormat is ://:" type: "string" cacheConfigurationSeconds: - description: "The period (in seconds) that the APIcast configuration will be stored in APIcast's cache." + description: "The period (in seconds) that the APIcast configuration will be stored in\nAPIcast's cache." format: "int64" type: "integer" cacheMaxTime: @@ -62,10 +62,10 @@ spec: description: "CustomEnvironmentSpec contains or has reference to an APIcast custom environment" properties: secretRef: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -85,7 +85,7 @@ spec: description: "SecretRef specifies the secret holding the custom policy metadata and lua code" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -99,26 +99,26 @@ spec: type: "object" type: "array" deploymentEnvironment: - description: "DeploymentEnvironment is the environment for which the configuration will be downloaded from 3scale (Staging or Production), when using APIcast. The value will also be used in the header X-3scale-User-Agent in the authorize/report requests made to 3scale Service Management API. It is used by 3scale for statistics." + description: "DeploymentEnvironment is the environment for which the configuration will\nbe downloaded from 3scale (Staging or Production), when using APIcast.\nThe value will also be used in the header X-3scale-User-Agent in the\nauthorize/report requests made to 3scale Service Management API. It is\nused by 3scale for statistics." type: "string" dnsResolverAddress: - description: "DNSResolverAddress can be used to specify a custom DNS resolver address to be used by OpenResty." + description: "DNSResolverAddress can be used to specify a custom DNS resolver address\nto be used by OpenResty." type: "string" embeddedConfigurationSecretRef: - description: "Secret reference to a Kubernetes secret containing the gateway configuration. The Secret must be located in the same namespace." + description: "Secret reference to a Kubernetes secret containing the gateway\nconfiguration. The Secret must be located in the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" enabledServices: - description: "EnabledServices can be used to specify a list of service IDs used to filter the configured services." + description: "EnabledServices can be used to specify a list of service IDs used to\nfilter the configured services." items: type: "string" type: "array" exposedHost: - description: "ExposedHost is the domain name used for external access. By default no external access is configured." + description: "ExposedHost is the domain name used for external access. By default no\nexternal access is configured." properties: host: type: "string" @@ -127,13 +127,13 @@ spec: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -147,13 +147,13 @@ spec: description: "Enables/disables HPA" type: "boolean" httpProxy: - description: "HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. Authentication is not supported. Format is ://:" + description: "HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services.\nAuthentication is not supported. Format is ://:" type: "string" httpsCertificateSecretRef: description: "HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -162,7 +162,7 @@ spec: format: "int32" type: "integer" httpsProxy: - description: "HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. Authentication is not supported. Format is ://:" + description: "HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services.\nAuthentication is not supported. Format is ://:" type: "string" httpsVerifyDepth: description: "HTTPSVerifyDepth defines the maximum length of the client certificate chain." @@ -170,7 +170,7 @@ spec: minimum: 0.0 type: "integer" image: - description: "Image allows overriding the default APIcast gateway container image. This setting should only be used for dev/testing purposes. Setting this disables automated upgrades of the image." + description: "Image allows overriding the default APIcast gateway container image.\nThis setting should only be used for dev/testing purposes. Setting\nthis disables automated upgrades of the image." type: "string" loadServicesWhenNeeded: description: "LoadServicesWhenNeeded makes the configurations to be loaded lazily. APIcast will only load the ones configured for the host specified in the host header of the request." @@ -188,7 +188,7 @@ spec: - "emerg" type: "string" managementAPIScope: - description: "ManagementAPIScope controls APIcast Management API scope. The Management API is powerful and can control the APIcast configuration. debug level should only be enabled for debugging purposes." + description: "ManagementAPIScope controls APIcast Management API scope. The Management\nAPI is powerful and can control the APIcast configuration. debug level\nshould only be enabled for debugging purposes." enum: - "disabled" - "status" @@ -196,7 +196,7 @@ spec: - "debug" type: "string" noProxy: - description: "NoProxy specifies a comma-separated list of hostnames and domain names for which the requests should not be proxied. Setting to a single * character, which matches all hosts, effectively disables the proxy." + description: "NoProxy specifies a comma-separated list of hostnames and domain\nnames for which the requests should not be proxied. Setting to a single\n* character, which matches all hosts, effectively disables the proxy." type: "string" oidcLogLevel: description: "OidcLogLevel allows to set the log level for the logs related to OpenID Connect integration." @@ -214,58 +214,58 @@ spec: description: "OpenSSLPeerVerificationEnabled controls OpenSSL peer verification." type: "boolean" openTelemetry: - description: "OpenTelemetry contains the gateway instrumentation configuration with APIcast." + description: "OpenTelemetry contains the gateway instrumentation configuration\nwith APIcast." properties: enabled: - description: "Enabled controls whether OpenTelemetry integration with APIcast is enabled. By default it is not enabled." + description: "Enabled controls whether OpenTelemetry integration with APIcast is enabled.\nBy default it is not enabled." type: "boolean" tracingConfigSecretKey: - description: "TracingConfigSecretKey contains the key of the secret to select the configuration from. if unspecified, the first secret key in lexicographical order will be selected." + description: "TracingConfigSecretKey contains the key of the secret to select the configuration from.\nif unspecified, the first secret key in lexicographical order will be selected." type: "string" tracingConfigSecretRef: - description: "TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx" + description: "TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration.\nThe configuration file specification is defined in the Nginx instrumentation library repo\nhttps://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "object" openTracing: - description: "OpenTracingSpec contains the OpenTracing integration configuration with APIcast. Deprecated" + description: "OpenTracingSpec contains the OpenTracing integration configuration\nwith APIcast.\nDeprecated" properties: enabled: - description: "Enabled controls whether OpenTracing integration with APIcast is enabled. By default it is not enabled." + description: "Enabled controls whether OpenTracing integration with APIcast is enabled.\nBy default it is not enabled." type: "boolean" tracingConfigSecretRef: - description: "TracingConfigSecretRef contains a Secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified." + description: "TracingConfigSecretRef contains a Secret reference the OpenTracing configuration.\nEach supported tracing library provides a default configuration file\nthat is used if TracingConfig is not specified." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" tracingLibrary: - description: "TracingLibrary controls which OpenTracing library is loaded. At the moment the only supported tracer is `jaeger`. If not set, `jaeger` will be used." + description: "TracingLibrary controls which OpenTracing library is loaded. At the moment\nthe only supported tracer is `jaeger`. If not set, `jaeger` will be used." type: "string" type: "object" pathRoutingEnabled: - description: "PathRoutingEnabled can be used to enable APIcast's path-based routing in addition to to the default host-based routing." + description: "PathRoutingEnabled can be used to enable APIcast's path-based routing\nin addition to to the default host-based routing." type: "boolean" replicas: description: "Number of replicas of the APIcast Deployment." format: "int64" type: "integer" resources: - description: "Resources can be used to set custom compute Kubernetes Resource Requirements for the APIcast deployment." + description: "Resources can be used to set custom compute Kubernetes Resource\nRequirements for the APIcast deployment." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -281,7 +281,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -290,14 +290,14 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" responseCodesIncluded: - description: "ResponseCodesIncluded can be set to log the response codes of the responses in Apisonator, so they can then be visualized in the 3scale admin portal." + description: "ResponseCodesIncluded can be set to log the response codes of the responses\nin Apisonator, so they can then be visualized in the 3scale admin portal." type: "boolean" serviceAccount: - description: "Kubernetes Service Account name to be used for the APIcast Deployment. The Service Account must exist beforehand." + description: "Kubernetes Service Account name to be used for the APIcast Deployment. The\nService Account must exist beforehand." type: "string" serviceCacheSize: description: "ServiceCacheSize specifies the number of services that APICast can store in the internal cache" @@ -340,25 +340,25 @@ spec: description: "APIcastStatus defines the observed state of APIcast." properties: conditions: - description: "Represents the observations of a foo's current state. Known .status.conditions.type are: \"Available\"" + description: "Represents the observations of a foo's current state.\nKnown .status.conditions.type are: \"Available\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -371,7 +371,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/mysqls.yaml b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/mysqls.yaml index f361400b3..663120aec 100644 --- a/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/mysqls.yaml +++ b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/mysqls.yaml @@ -63,6 +63,7 @@ spec: enum: - 57 - 80 + - 84 type: "integer" required: - "encryption" diff --git a/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/postgresqls.yaml b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/postgresqls.yaml index a3e71146b..4757786f7 100644 --- a/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/postgresqls.yaml +++ b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/postgresqls.yaml @@ -61,11 +61,12 @@ spec: type: "boolean" version: enum: - - 14 - - 13 - - 12 - - 11 - 10 + - 11 + - 12 + - 13 + - 14 + - 15 type: "integer" required: - "encryption" diff --git a/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/redis.yaml b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/redis.yaml index f066e9978..76ba0b803 100644 --- a/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/redis.yaml +++ b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1/redis.yaml @@ -63,6 +63,7 @@ spec: enum: - 626 - 704 + - 724 type: "integer" required: - "encryption" diff --git a/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1alpha1/kvs.yaml b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1alpha1/kvs.yaml new file mode 100644 index 000000000..fe09cc6f2 --- /dev/null +++ b/crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1alpha1/kvs.yaml @@ -0,0 +1,62 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + name: "kvs.api.clever-cloud.com" +spec: + group: "api.clever-cloud.com" + names: + categories: [] + kind: "KV" + plural: "kvs" + shortNames: [] + singular: "kv" + scope: "Namespaced" + versions: + - additionalPrinterColumns: + - description: "Organisation" + jsonPath: ".spec.organisation" + name: "organisation" + type: "string" + - description: "Addon" + jsonPath: ".status.addon" + name: "addon" + type: "string" + - description: "Region" + jsonPath: ".spec.instance.region" + name: "region" + type: "string" + name: "v1alpha1" + schema: + openAPIV3Schema: + description: "Auto-generated derived type for Spec via `CustomResource`" + properties: + spec: + properties: + instance: + properties: + region: + type: "string" + required: + - "region" + type: "object" + organisation: + type: "string" + required: + - "instance" + - "organisation" + type: "object" + status: + nullable: true + properties: + addon: + nullable: true + type: "string" + type: "object" + required: + - "spec" + title: "KV" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml index 16049821e..11471be0b 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmetrics.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.3" name: "datadogmetrics.datadoghq.com" spec: group: "datadoghq.com" diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml index 94a5f63b6..97daa0aab 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogmonitors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.3" name: "datadogmonitors.datadoghq.com" spec: group: "datadoghq.com" diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml index e60ae9ee4..4027aed86 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v1alpha1/datadogslos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.3" name: "datadogslos.datadoghq.com" spec: group: "datadoghq.com" @@ -117,7 +117,7 @@ spec: conditions: description: "Conditions represents the latest available observations of the state of a DatadogSLO." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -146,7 +146,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml index e41d10705..111ea36bf 100644 --- a/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml +++ b/crd-catalog/DataDog/datadog-operator/datadoghq.com/v2alpha1/datadogagents.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.3" name: "datadogagents.datadoghq.com" spec: group: "datadoghq.com" @@ -69,7 +69,7 @@ spec: description: "Define whether the Agent image should support JMX.\nTo be used if the Name field does not correspond to a full image string." type: "boolean" name: - description: "Define the image to use:\nUse \"gcr.io/datadoghq/agent:latest\" for Datadog Agent 7.\nUse \"datadog/dogstatsd:latest\" for standalone Datadog Agent DogStatsD 7.\nUse \"gcr.io/datadoghq/cluster-agent:latest\" for Datadog Cluster Agent.\nUse \"agent\" with the registry and tag configurations for /agent:.\nUse \"cluster-agent\" with the registry and tag configurations for /cluster-agent:.\nIf the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`,\nand `global.registry` values are ignored.\nOtherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values;\nimage string is created using default registry unless `global.registry` is configured." + description: "Defines the Agent image name for the pod. You can provide this as:\n* - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD.\n The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled.\n* : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored.\n* /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified\n like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored." type: "string" pullPolicy: description: "The Kubernetes pull policy:\nUse Always, Never, or IfNotPresent." @@ -80,7 +80,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -115,7 +116,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -164,7 +166,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -185,13 +188,16 @@ spec: description: "ResourceRequirements specifies the resource requirements for the profile." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -251,11 +257,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -282,11 +290,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -314,15 +324,36 @@ spec: failurePolicy: description: "FailurePolicy determines how unrecognized and timeout errors are handled." type: "string" + kubernetesAdmissionEvents: + description: "KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration." + properties: + enabled: + description: "Enable the Kubernetes Admission Events feature.\nDefault: false" + type: "boolean" + type: "object" mutateUnlabelled: description: "MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled=\"true\"'.\nDefault: false" type: "boolean" + mutation: + description: "Mutation contains Admission Controller mutation configurations." + properties: + enabled: + description: "Enabled enables the Admission Controller mutation webhook.\nDefault: true" + type: "boolean" + type: "object" registry: description: "Registry defines an image registry for the admission controller." type: "string" serviceName: description: "ServiceName corresponds to the webhook service name." type: "string" + validation: + description: "Validation contains Admission Controller validation configurations." + properties: + enabled: + description: "Enabled enables the Admission Controller validation webhook.\nDefault: true" + type: "boolean" + type: "object" webhookName: description: "WebhookName is a custom name for the MutatingWebhookConfiguration.\nDefault: \"datadog-webhook\"" type: "string" @@ -337,7 +368,7 @@ spec: description: "HostPortConfig contains host port configuration.\nEnabled Default: false\nPort Default: 8126" properties: enabled: - description: "Enabled enables host port configuration\nDefault: false" + description: "Enabled enables host port configuration" type: "boolean" hostPort: description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." @@ -558,7 +589,7 @@ spec: description: "HostPortConfig contains host port configuration.\nEnabled Default: false\nPort Default: 8125" properties: enabled: - description: "Enabled enables host port configuration\nDefault: false" + description: "Enabled enables host port configuration" type: "boolean" hostPort: description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." @@ -907,6 +938,91 @@ spec: description: "ScrubContainers enables scrubbing of sensitive container data (passwords, tokens, etc. ).\nDefault: true" type: "boolean" type: "object" + otelCollector: + description: "OtelCollector configuration." + properties: + conf: + description: "Conf overrides the configuration for the default Kubernetes State Metrics Core check.\nThis must point to a ConfigMap containing a valid cluster check configuration.\nWhen passing a configmap, file name *must* be otel-config.yaml." + properties: + configData: + description: "ConfigData corresponds to the configuration file content." + type: "string" + configMap: + description: "ConfigMap references an existing ConfigMap with the configuration file content." + properties: + items: + description: "Items maps a ConfigMap data `key` to a file `path` mount." + items: + description: "Maps a string key to a path within a volume." + properties: + key: + description: "key is the key to project." + type: "string" + mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." + format: "int32" + type: "integer" + path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "key" + x-kubernetes-list-type: "map" + name: + description: "Name is the name of the ConfigMap." + type: "string" + type: "object" + type: "object" + coreConfig: + description: "OTelCollector Config Relevant to the Core agent" + properties: + enabled: + description: "Enabled marks otelcollector as enabled in core agent." + type: "boolean" + extensionTimeout: + description: "Extension URL provides the timout of the ddflareextension to\nthe core agent." + type: "integer" + extensionURL: + description: "Extension URL provides the URL of the ddflareextension to\nthe core agent." + type: "string" + type: "object" + enabled: + description: "Enabled enables the OTel Agent.\nDefault: true" + type: "boolean" + ports: + description: "Ports contains the ports for the otel-agent.\nDefaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317\nor 4318 manually is *only* supported if name match default names (otel-grpc, otel-http).\nIf not, this will lead to a port conflict.\nThis limitation will be lifted once annotations support is removed." + items: + description: "ContainerPort represents a network port in a single container." + properties: + containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." + format: "int32" + type: "integer" + hostIP: + description: "What host IP to bind the external port to." + type: "string" + hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." + format: "int32" + type: "integer" + name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." + type: "string" + protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." + type: "string" + required: + - "containerPort" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" otlp: description: "OTLP ingest configuration" properties: @@ -920,21 +1036,43 @@ spec: description: "GRPC contains configuration for the OTLP ingest OTLP/gRPC receiver." properties: enabled: - description: "Enable the OTLP/gRPC endpoint." + description: "Enable the OTLP/gRPC endpoint. Host port is enabled by default and can be disabled." type: "boolean" endpoint: description: "Endpoint for OTLP/gRPC.\ngRPC supports several naming schemes: https://github.com/grpc/grpc/blob/master/doc/naming.md\nThe Datadog Operator supports only 'host:port' (usually `0.0.0.0:port`).\nDefault: `0.0.0.0:4317`." type: "string" + hostPortConfig: + description: "Enable hostPort for OTLP/gRPC\nDefault: true" + properties: + enabled: + description: "Enabled enables host port configuration" + type: "boolean" + hostPort: + description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." + format: "int32" + type: "integer" + type: "object" type: "object" http: description: "HTTP contains configuration for the OTLP ingest OTLP/HTTP receiver." properties: enabled: - description: "Enable the OTLP/HTTP endpoint." + description: "Enable the OTLP/HTTP endpoint. Host port is enabled by default and can be disabled." type: "boolean" endpoint: description: "Endpoint for OTLP/HTTP.\nDefault: '0.0.0.0:4318'." type: "string" + hostPortConfig: + description: "Enable hostPorts for OTLP/HTTP\nDefault: true" + properties: + enabled: + description: "Enabled enables host port configuration" + type: "boolean" + hostPort: + description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." + format: "int32" + type: "integer" + type: "object" type: "object" type: "object" type: "object" @@ -1008,6 +1146,13 @@ spec: type: "boolean" type: "object" type: "object" + serviceDiscovery: + description: "ServiceDiscovery" + properties: + enabled: + description: "Enables the service discovery check.\nDefault: false" + type: "boolean" + type: "object" tcpQueueLength: description: "TCPQueueLength configuration." properties: @@ -1026,6 +1171,9 @@ spec: global: description: "Global settings to configure the agents" properties: + checksTagCardinality: + description: "ChecksTagCardinality configures tag cardinality for the metrics collected by integrations (`low`, `orchestrator` or `high`).\nSee also: https://docs.datadoghq.com/getting_started/tagging/assigning_tags/?tab=containerizedenvironments#tags-cardinality.\nNot set by default to avoid overriding existing DD_CHECKS_TAG_CARDINALITY configurations, the default value in the Agent is low.\nRef: https://github.com/DataDog/datadog-agent/blob/856cf4a66142ce91fd4f8a278149436eb971184a/pkg/config/setup/config.go#L625." + type: "string" clusterAgentToken: description: "ClusterAgentToken is the token for communication between the NodeAgent and ClusterAgent." type: "string" @@ -1131,6 +1279,95 @@ spec: description: "URL defines the endpoint URL." type: "string" type: "object" + env: + description: "Env contains a list of environment variables that are set for all Agents." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" fips: description: "FIPS contains configuration used to customize the FIPS proxy sidecar." properties: @@ -1181,7 +1418,7 @@ spec: description: "Define whether the Agent image should support JMX.\nTo be used if the Name field does not correspond to a full image string." type: "boolean" name: - description: "Define the image to use:\nUse \"gcr.io/datadoghq/agent:latest\" for Datadog Agent 7.\nUse \"datadog/dogstatsd:latest\" for standalone Datadog Agent DogStatsD 7.\nUse \"gcr.io/datadoghq/cluster-agent:latest\" for Datadog Cluster Agent.\nUse \"agent\" with the registry and tag configurations for /agent:.\nUse \"cluster-agent\" with the registry and tag configurations for /cluster-agent:.\nIf the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`,\nand `global.registry` values are ignored.\nOtherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values;\nimage string is created using default registry unless `global.registry` is configured." + description: "Defines the Agent image name for the pod. You can provide this as:\n* - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD.\n The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled.\n* : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored.\n* /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified\n like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored." type: "string" pullPolicy: description: "The Kubernetes pull policy:\nUse Always, Never, or IfNotPresent." @@ -1192,7 +1429,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1216,13 +1454,16 @@ spec: description: "Resources is the requests and limits for the FIPS sidecar container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1269,7 +1510,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1318,7 +1560,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1335,6 +1578,20 @@ spec: description: "TLSVerify toggles kubelet TLS verification.\nDefault: true" type: "boolean" type: "object" + kubernetesResourcesAnnotationsAsTags: + additionalProperties: + additionalProperties: + type: "string" + type: "object" + description: "Provide a mapping of Kubernetes Resource Groups to annotations mapping to Datadog Tags.\n:\n\t\t: \nKUBERNETES_RESOURCE_GROUP should be in the form `{resource}.{group}` or `{resource}` (example: deployments.apps, pods)" + type: "object" + kubernetesResourcesLabelsAsTags: + additionalProperties: + additionalProperties: + type: "string" + type: "object" + description: "Provide a mapping of Kubernetes Resource Groups to labels mapping to Datadog Tags.\n:\n\t\t: \nKUBERNETES_RESOURCE_GROUP should be in the form `{resource}.{group}` or `{resource}` (example: deployments.apps, pods)" + type: "object" localService: description: "LocalService contains configuration to customize the internal traffic policy service." properties: @@ -1385,11 +1642,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1426,8 +1685,48 @@ spec: description: "Provide a mapping of Kubernetes Labels to Datadog Tags.\n: " type: "object" registry: - description: "Registry is the image registry to use for all Agent images.\nUse 'public.ecr.aws/datadog' for AWS ECR.\nUse 'docker.io/datadog' for DockerHub.\nDefault: 'gcr.io/datadoghq'" + description: "Registry is the image registry to use for all Agent images.\nUse 'public.ecr.aws/datadog' for AWS ECR.\nUse 'datadoghq.azurecr.io' for Azure Container Registry.\nUse 'gcr.io/datadoghq' for Google Container Registry.\nUse 'eu.gcr.io/datadoghq' for Google Container Registry in the EU region.\nUse 'asia.gcr.io/datadoghq' for Google Container Registry in the Asia region.\nUse 'docker.io/datadog' for DockerHub.\nDefault: 'gcr.io/datadoghq'" type: "string" + runProcessChecksInCoreAgent: + description: "Configure whether the Process Agent or core Agent collects process and/or container information (Linux only).\nThe Process Agent container won't spin up if there are no other running checks as a result.\n(Requires Agent 7.57.0+)\nDefault: 'false'" + type: "boolean" + secretBackend: + description: "Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management\nSee also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md" + properties: + args: + description: "List of arguments to pass to the command (space-separated strings)." + type: "string" + command: + description: "The secret backend command to use. Datadog provides a pre-defined binary `/readsecret_multiple_providers.sh`.\nRead more about `/readsecret_multiple_providers.sh` at https://docs.datadoghq.com/agent/configuration/secrets-management/?tab=linux#script-for-reading-from-multiple-secret-providers." + type: "string" + enableGlobalPermissions: + description: "Whether to create a global permission allowing Datadog agents to read all Kubernetes secrets.\nDefault: `false`." + type: "boolean" + roles: + description: "Roles for Datadog to read the specified secrets, replacing `enableGlobalPermissions`.\nThey are defined as a list of namespace/secrets.\nEach defined namespace needs to be present in the DatadogAgent controller using `WATCH_NAMESPACE` or `DD_AGENT_WATCH_NAMESPACE`.\nSee also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md#how-to-deploy-the-agent-components-using-the-secret-backend-feature-with-datadogagent." + items: + description: "SecretBackendRolesConfig provides configuration of the secrets Datadog agents can read for the SecretBackend feature" + properties: + namespace: + description: "Namespace defines the namespace in which the secrets reside." + type: "string" + secrets: + description: "Secrets defines the list of secrets for which a role should be created." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "set" + required: + - "namespace" + - "secrets" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + timeout: + description: "The command timeout in seconds.\nDefault: `30`." + format: "int32" + type: "integer" + type: "object" site: description: "Site is the Datadog intake site Agent data are sent to.\nSet to 'datadoghq.com' to send data to the US1 site (default).\nSet to 'datadoghq.eu' to send data to the EU site.\nSet to 'us3.datadoghq.com' to send data to the US3 site.\nSet to 'us5.datadoghq.com' to send data to the US5 site.\nSet to 'ddog-gov.com' to send data to the US1-FED site.\nSet to 'ap1.datadoghq.com' to send data to the AP1 site.\nDefault: 'datadoghq.com'" type: "string" @@ -1472,11 +1771,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1493,11 +1794,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -1509,6 +1812,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -1533,11 +1837,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1554,14 +1860,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1579,7 +1888,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1597,11 +1906,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1609,6 +1920,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1628,11 +1951,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1645,6 +1970,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1660,13 +1986,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1684,11 +2011,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1696,6 +2025,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1715,11 +2056,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1732,6 +2075,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1739,6 +2083,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -1752,7 +2097,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1770,11 +2115,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1782,6 +2129,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1801,11 +2160,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1818,6 +2179,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1833,13 +2195,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1857,11 +2220,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1869,6 +2234,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1888,11 +2265,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1905,6 +2284,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1912,6 +2292,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -1959,7 +2340,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2008,7 +2390,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2040,6 +2423,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2053,7 +2437,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2080,6 +2465,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2148,6 +2534,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2161,7 +2548,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2188,6 +2576,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2243,13 +2632,16 @@ spec: description: "Specify the Request and Limits of the pods\nTo get guaranteed QoS class, specify requests and limits equal.\nSee also: http://kubernetes.io/docs/user-guide/compute-resources/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2326,6 +2718,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2335,18 +2739,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2385,7 +2791,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2407,6 +2813,111 @@ spec: type: "string" type: "object" type: "object" + startupProbe: + description: "Configure the Startup Probe of the container" + properties: + exec: + description: "Exec specifies the action to take." + properties: + command: + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." + format: "int32" + type: "integer" + grpc: + description: "GRPC specifies an action involving a GRPC port." + properties: + port: + description: "Port number of the gRPC service. Number must be in the range 1 to 65535." + format: "int32" + type: "integer" + service: + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." + type: "string" + required: + - "port" + type: "object" + httpGet: + description: "HTTPGet specifies the http request to perform." + properties: + host: + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." + type: "string" + httpHeaders: + description: "Custom headers to set in the request. HTTP allows repeated headers." + items: + description: "HTTPHeader describes a custom header to be used in HTTP probes" + properties: + name: + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." + type: "string" + value: + description: "The header field value" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + path: + description: "Path to access on the HTTP server." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + scheme: + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." + format: "int32" + type: "integer" + successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + format: "int32" + type: "integer" + tcpSocket: + description: "TCPSocket specifies an action involving a TCP port." + properties: + host: + description: "Optional: Host name to connect to, defaults to the pod IP." + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" + timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + type: "object" volumeMounts: description: "Specify additional volume mounts in the container." items: @@ -2416,7 +2927,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2424,6 +2935,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2440,8 +2954,11 @@ spec: - "mountPath" x-kubernetes-list-type: "map" type: "object" - description: "Configure the basic configurations for each Agent container. Valid Agent container names are:\n`agent`, `cluster-agent`, `init-config`, `init-volume`, `process-agent`, `seccomp-setup`,\n`security-agent`, `system-probe`, `trace-agent`, and `all`.\nConfiguration under `all` applies to all configured containers." + description: "Configure the basic configurations for each Agent container. Valid Agent container names are:\n`agent`, `cluster-agent`, `init-config`, `init-volume`, `process-agent`, `seccomp-setup`,\n`security-agent`, `system-probe`, and `trace-agent`." type: "object" + createPodDisruptionBudget: + description: "Set CreatePodDisruptionBudget to true to create a PodDisruptionBudget for this component.\nNot applicable for the Node Agent. A Cluster Agent PDB is set with 1 minimum available pod, and a Cluster Checks Runner PDB is set with 1 maximum unavailable pod." + type: "boolean" createRbac: description: "Set CreateRbac to false to prevent automatic creation of Role/ClusterRole for this component" type: "boolean" @@ -2496,6 +3013,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: @@ -2508,11 +3026,13 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" dnsPolicy: description: "Set DNS policy for the pod.\nDefaults to \"ClusterFirst\".\nValid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.\nDNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.\nTo have DNS options set along with hostNetwork, you have to specify DNS policy\nexplicitly to 'ClusterFirstWithHostNet'." @@ -2538,7 +3058,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2587,7 +3108,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2604,6 +3126,40 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + envFrom: + description: "EnvFrom specifies the ConfigMaps and Secrets to expose as environment variables.\nPriority is env > envFrom." + items: + description: "EnvFromSource represents the source of a set of ConfigMaps" + properties: + configMapRef: + description: "The ConfigMap to select from" + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap must be defined" + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" + prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." + type: "string" + secretRef: + description: "The Secret to select from" + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret must be defined" + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "array" extraChecksd: description: "Checksd configuration allowing to specify custom checks placed under /etc/datadog-agent/checks.d/\nSee https://docs.datadoghq.com/agent/guide/agent-configuration-files/?tab=agentv6 for more details." properties: @@ -2695,7 +3251,7 @@ spec: description: "Define whether the Agent image should support JMX.\nTo be used if the Name field does not correspond to a full image string." type: "boolean" name: - description: "Define the image to use:\nUse \"gcr.io/datadoghq/agent:latest\" for Datadog Agent 7.\nUse \"datadog/dogstatsd:latest\" for standalone Datadog Agent DogStatsD 7.\nUse \"gcr.io/datadoghq/cluster-agent:latest\" for Datadog Cluster Agent.\nUse \"agent\" with the registry and tag configurations for /agent:.\nUse \"cluster-agent\" with the registry and tag configurations for /cluster-agent:.\nIf the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`,\nand `global.registry` values are ignored.\nOtherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values;\nimage string is created using default registry unless `global.registry` is configured." + description: "Defines the Agent image name for the pod. You can provide this as:\n* - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD.\n The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled.\n* : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored.\n* /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified\n like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored." type: "string" pullPolicy: description: "The Kubernetes pull policy:\nUse Always, Never, or IfNotPresent." @@ -2706,7 +3262,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2726,7 +3283,7 @@ spec: nodeSelector: additionalProperties: type: "string" - description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + description: "A map of key-value pairs. For this pod to run on a specific node, the node must have these key-value pairs as labels.\nSee https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" type: "object" priorityClassName: description: "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\"\nare two special keywords which indicate the highest priorities with the former being the highest priority.\nAny other name must be defined by creating a PriorityClass object with that name. If not specified,\nthe pod priority is default, or zero if there is no default." @@ -2735,11 +3292,26 @@ spec: description: "Number of the replicas.\nNot applicable for a DaemonSet/ExtendedDaemonSet deployment" format: "int32" type: "integer" + runtimeClassName: + description: "If specified, indicates the pod's RuntimeClass kubelet should use to run the pod.\nIf the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase.\nIf no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled." + type: "string" securityContext: description: "Pod-level SecurityContext." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -2779,17 +3351,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -2806,6 +3382,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2823,6 +3400,11 @@ spec: type: "string" type: "object" type: "object" + serviceAccountAnnotations: + additionalProperties: + type: "string" + description: "Sets the ServiceAccountAnnotations used by this component." + type: "object" serviceAccountName: description: "Sets the ServiceAccount used by this component.\nIgnored if the field CreateRbac is true." type: "string" @@ -2882,7 +3464,7 @@ spec: description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -2910,12 +3492,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -2946,6 +3530,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -2959,7 +3544,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2982,7 +3568,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3019,8 +3606,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3040,7 +3629,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3068,7 +3658,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3111,6 +3701,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -3127,10 +3718,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -3143,6 +3734,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3182,21 +3774,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3235,11 +3812,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3250,6 +3829,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -3265,7 +3847,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -3279,11 +3861,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -3306,7 +3890,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3327,7 +3912,7 @@ spec: description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -3374,7 +3959,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -3385,6 +3970,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -3395,7 +3990,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -3404,6 +3999,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -3415,6 +4011,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -3422,7 +4019,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3500,10 +4098,61 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -3527,8 +4176,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3544,7 +4195,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3587,6 +4238,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -3611,8 +4263,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -3637,6 +4291,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -3667,12 +4322,13 @@ spec: description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -3680,7 +4336,9 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -3690,11 +4348,13 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -3705,6 +4365,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -3720,7 +4381,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3728,6 +4390,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -3771,6 +4434,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -3791,7 +4455,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4019,7 +4684,7 @@ spec: conditions: description: "Conditions Represents the latest available observations of a DatadogAgent's current state." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -4048,7 +4713,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -4091,7 +4756,7 @@ spec: description: "Define whether the Agent image should support JMX.\nTo be used if the Name field does not correspond to a full image string." type: "boolean" name: - description: "Define the image to use:\nUse \"gcr.io/datadoghq/agent:latest\" for Datadog Agent 7.\nUse \"datadog/dogstatsd:latest\" for standalone Datadog Agent DogStatsD 7.\nUse \"gcr.io/datadoghq/cluster-agent:latest\" for Datadog Cluster Agent.\nUse \"agent\" with the registry and tag configurations for /agent:.\nUse \"cluster-agent\" with the registry and tag configurations for /cluster-agent:.\nIf the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`,\nand `global.registry` values are ignored.\nOtherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values;\nimage string is created using default registry unless `global.registry` is configured." + description: "Defines the Agent image name for the pod. You can provide this as:\n* - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD.\n The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled.\n* : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored.\n* /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified\n like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored." type: "string" pullPolicy: description: "The Kubernetes pull policy:\nUse Always, Never, or IfNotPresent." @@ -4102,7 +4767,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4137,7 +4803,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4186,7 +4853,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4207,13 +4875,16 @@ spec: description: "ResourceRequirements specifies the resource requirements for the profile." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4273,11 +4944,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4304,11 +4977,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4336,15 +5011,36 @@ spec: failurePolicy: description: "FailurePolicy determines how unrecognized and timeout errors are handled." type: "string" + kubernetesAdmissionEvents: + description: "KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration." + properties: + enabled: + description: "Enable the Kubernetes Admission Events feature.\nDefault: false" + type: "boolean" + type: "object" mutateUnlabelled: description: "MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled=\"true\"'.\nDefault: false" type: "boolean" + mutation: + description: "Mutation contains Admission Controller mutation configurations." + properties: + enabled: + description: "Enabled enables the Admission Controller mutation webhook.\nDefault: true" + type: "boolean" + type: "object" registry: description: "Registry defines an image registry for the admission controller." type: "string" serviceName: description: "ServiceName corresponds to the webhook service name." type: "string" + validation: + description: "Validation contains Admission Controller validation configurations." + properties: + enabled: + description: "Enabled enables the Admission Controller validation webhook.\nDefault: true" + type: "boolean" + type: "object" webhookName: description: "WebhookName is a custom name for the MutatingWebhookConfiguration.\nDefault: \"datadog-webhook\"" type: "string" @@ -4359,7 +5055,7 @@ spec: description: "HostPortConfig contains host port configuration.\nEnabled Default: false\nPort Default: 8126" properties: enabled: - description: "Enabled enables host port configuration\nDefault: false" + description: "Enabled enables host port configuration" type: "boolean" hostPort: description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." @@ -4580,7 +5276,7 @@ spec: description: "HostPortConfig contains host port configuration.\nEnabled Default: false\nPort Default: 8125" properties: enabled: - description: "Enabled enables host port configuration\nDefault: false" + description: "Enabled enables host port configuration" type: "boolean" hostPort: description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." @@ -4929,6 +5625,91 @@ spec: description: "ScrubContainers enables scrubbing of sensitive container data (passwords, tokens, etc. ).\nDefault: true" type: "boolean" type: "object" + otelCollector: + description: "OtelCollector configuration." + properties: + conf: + description: "Conf overrides the configuration for the default Kubernetes State Metrics Core check.\nThis must point to a ConfigMap containing a valid cluster check configuration.\nWhen passing a configmap, file name *must* be otel-config.yaml." + properties: + configData: + description: "ConfigData corresponds to the configuration file content." + type: "string" + configMap: + description: "ConfigMap references an existing ConfigMap with the configuration file content." + properties: + items: + description: "Items maps a ConfigMap data `key` to a file `path` mount." + items: + description: "Maps a string key to a path within a volume." + properties: + key: + description: "key is the key to project." + type: "string" + mode: + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." + format: "int32" + type: "integer" + path: + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." + type: "string" + required: + - "key" + - "path" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "key" + x-kubernetes-list-type: "map" + name: + description: "Name is the name of the ConfigMap." + type: "string" + type: "object" + type: "object" + coreConfig: + description: "OTelCollector Config Relevant to the Core agent" + properties: + enabled: + description: "Enabled marks otelcollector as enabled in core agent." + type: "boolean" + extensionTimeout: + description: "Extension URL provides the timout of the ddflareextension to\nthe core agent." + type: "integer" + extensionURL: + description: "Extension URL provides the URL of the ddflareextension to\nthe core agent." + type: "string" + type: "object" + enabled: + description: "Enabled enables the OTel Agent.\nDefault: true" + type: "boolean" + ports: + description: "Ports contains the ports for the otel-agent.\nDefaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317\nor 4318 manually is *only* supported if name match default names (otel-grpc, otel-http).\nIf not, this will lead to a port conflict.\nThis limitation will be lifted once annotations support is removed." + items: + description: "ContainerPort represents a network port in a single container." + properties: + containerPort: + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." + format: "int32" + type: "integer" + hostIP: + description: "What host IP to bind the external port to." + type: "string" + hostPort: + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." + format: "int32" + type: "integer" + name: + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." + type: "string" + protocol: + default: "TCP" + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." + type: "string" + required: + - "containerPort" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" otlp: description: "OTLP ingest configuration" properties: @@ -4942,21 +5723,43 @@ spec: description: "GRPC contains configuration for the OTLP ingest OTLP/gRPC receiver." properties: enabled: - description: "Enable the OTLP/gRPC endpoint." + description: "Enable the OTLP/gRPC endpoint. Host port is enabled by default and can be disabled." type: "boolean" endpoint: description: "Endpoint for OTLP/gRPC.\ngRPC supports several naming schemes: https://github.com/grpc/grpc/blob/master/doc/naming.md\nThe Datadog Operator supports only 'host:port' (usually `0.0.0.0:port`).\nDefault: `0.0.0.0:4317`." type: "string" + hostPortConfig: + description: "Enable hostPort for OTLP/gRPC\nDefault: true" + properties: + enabled: + description: "Enabled enables host port configuration" + type: "boolean" + hostPort: + description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." + format: "int32" + type: "integer" + type: "object" type: "object" http: description: "HTTP contains configuration for the OTLP ingest OTLP/HTTP receiver." properties: enabled: - description: "Enable the OTLP/HTTP endpoint." + description: "Enable the OTLP/HTTP endpoint. Host port is enabled by default and can be disabled." type: "boolean" endpoint: description: "Endpoint for OTLP/HTTP.\nDefault: '0.0.0.0:4318'." type: "string" + hostPortConfig: + description: "Enable hostPorts for OTLP/HTTP\nDefault: true" + properties: + enabled: + description: "Enabled enables host port configuration" + type: "boolean" + hostPort: + description: "Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.)\nIf HostNetwork is enabled, this value must match the ContainerPort." + format: "int32" + type: "integer" + type: "object" type: "object" type: "object" type: "object" @@ -5030,6 +5833,13 @@ spec: type: "boolean" type: "object" type: "object" + serviceDiscovery: + description: "ServiceDiscovery" + properties: + enabled: + description: "Enables the service discovery check.\nDefault: false" + type: "boolean" + type: "object" tcpQueueLength: description: "TCPQueueLength configuration." properties: diff --git a/crd-catalog/DopplerHQ/kubernetes-operator/secrets.doppler.com/v1alpha1/dopplersecrets.yaml b/crd-catalog/DopplerHQ/kubernetes-operator/secrets.doppler.com/v1alpha1/dopplersecrets.yaml index 3b3a16977..caa1f56d0 100644 --- a/crd-catalog/DopplerHQ/kubernetes-operator/secrets.doppler.com/v1alpha1/dopplersecrets.yaml +++ b/crd-catalog/DopplerHQ/kubernetes-operator/secrets.doppler.com/v1alpha1/dopplersecrets.yaml @@ -131,7 +131,7 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n \ttype FooStatus struct{ \t // Represents the observations of a foo's current state. \t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map \t // +listMapKey=type \t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields \t}" properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." diff --git a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml index bd9563440..05bd1809b 100644 --- a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml +++ b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/scheduledsparkapplications.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubeflow/spark-operator/pull/1298" - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "scheduledsparkapplications.sparkoperator.k8s.io" spec: group: "sparkoperator.k8s.io" @@ -167,11 +167,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -188,11 +190,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -204,6 +208,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -228,11 +233,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -249,14 +256,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -292,11 +302,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -305,13 +317,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -335,11 +347,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -352,6 +366,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -367,6 +382,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -391,11 +407,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -404,13 +422,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -434,11 +452,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -451,6 +471,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -458,6 +479,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -489,11 +511,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -502,13 +526,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -532,11 +556,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -549,6 +575,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -564,6 +591,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -588,11 +616,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -601,13 +631,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -631,11 +661,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -648,6 +680,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -655,6 +688,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -695,23 +729,27 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" env: description: "Env carries the environment variables to add to the pod." @@ -734,7 +772,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -783,7 +822,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -806,7 +846,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -820,7 +861,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -872,9 +914,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: description: "IP address of the host file entry." type: "string" + required: + - "ip" type: "object" type: "array" hostNetwork: @@ -893,11 +938,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -919,7 +966,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -968,7 +1016,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -982,6 +1031,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -991,7 +1043,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1005,7 +1058,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1014,6 +1068,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -1027,16 +1082,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1057,6 +1113,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1073,7 +1130,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1083,7 +1140,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1102,16 +1159,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1132,6 +1190,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1148,7 +1207,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1158,7 +1217,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1178,33 +1237,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1225,6 +1286,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1253,7 +1315,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1314,33 +1376,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1361,6 +1425,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1389,7 +1454,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1433,13 +1498,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1475,6 +1543,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1484,18 +1564,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1534,7 +1616,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1560,33 +1642,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1607,6 +1691,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1635,7 +1720,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1689,6 +1774,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1698,7 +1786,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1706,6 +1794,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1717,6 +1808,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1742,16 +1836,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1772,6 +1867,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1788,7 +1884,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1798,7 +1894,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1817,16 +1913,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1847,6 +1944,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1863,7 +1961,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1873,7 +1971,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1907,8 +2005,20 @@ spec: podSecurityContext: description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -1925,6 +2035,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1948,17 +2061,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -1975,6 +2092,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2040,6 +2158,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2049,18 +2179,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2099,7 +2231,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2147,11 +2279,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -2173,7 +2307,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2222,7 +2357,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2236,6 +2372,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -2245,7 +2384,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2259,7 +2399,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2268,6 +2409,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -2281,16 +2423,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2311,6 +2454,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2327,7 +2471,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2337,7 +2481,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2356,16 +2500,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2386,6 +2531,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2402,7 +2548,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2412,7 +2558,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2432,33 +2578,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2479,6 +2627,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2507,7 +2656,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2568,33 +2717,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2615,6 +2766,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2643,7 +2795,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2687,13 +2839,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2729,6 +2884,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2738,18 +2905,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2788,7 +2957,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2814,33 +2983,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2861,6 +3032,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2889,7 +3061,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2943,6 +3115,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -2952,7 +3127,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2960,6 +3135,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2971,6 +3149,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -3018,7 +3199,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3026,6 +3207,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -3148,11 +3332,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3169,11 +3355,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -3185,6 +3373,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -3209,11 +3398,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3230,14 +3421,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -3273,11 +3467,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3286,13 +3482,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3316,11 +3512,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3333,6 +3531,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3348,6 +3547,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -3372,11 +3572,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3385,13 +3587,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3415,11 +3617,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3432,6 +3636,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3439,6 +3644,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -3470,11 +3676,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3483,13 +3691,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3513,11 +3721,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3530,6 +3740,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3545,6 +3756,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -3569,11 +3781,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3582,13 +3796,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3612,11 +3826,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3629,6 +3845,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3636,6 +3853,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -3679,23 +3897,27 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" env: description: "Env carries the environment variables to add to the pod." @@ -3718,7 +3940,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3767,7 +3990,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3790,7 +4014,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -3804,7 +4029,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -3856,9 +4082,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: description: "IP address of the host file entry." type: "string" + required: + - "ip" type: "object" type: "array" hostNetwork: @@ -3877,11 +4106,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -3903,7 +4134,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3952,7 +4184,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3966,6 +4199,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -3975,7 +4211,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -3989,7 +4226,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -3998,6 +4236,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -4011,16 +4250,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4041,6 +4281,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4057,7 +4298,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4067,7 +4308,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4086,16 +4327,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4116,6 +4358,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4132,7 +4375,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4142,7 +4385,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4162,33 +4405,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4209,6 +4454,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4237,7 +4483,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4298,33 +4544,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4345,6 +4593,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4373,7 +4622,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4417,13 +4666,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4459,6 +4711,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -4468,18 +4732,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -4518,7 +4784,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -4544,33 +4810,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4591,6 +4859,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4619,7 +4888,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4673,6 +4942,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -4682,7 +4954,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -4690,6 +4962,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -4701,6 +4976,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -4728,16 +5006,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4758,6 +5037,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4774,7 +5054,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4784,7 +5064,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4803,16 +5083,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4833,6 +5114,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4849,7 +5131,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4859,7 +5141,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4889,8 +5171,20 @@ spec: podSecurityContext: description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -4907,6 +5201,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -4930,17 +5227,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -4957,6 +5258,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -5022,6 +5324,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5031,18 +5345,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -5081,7 +5397,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -5119,11 +5435,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -5145,7 +5463,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -5194,7 +5513,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5208,6 +5528,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -5217,7 +5540,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -5231,7 +5555,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -5240,6 +5565,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -5253,16 +5579,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5283,6 +5610,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5299,7 +5627,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -5309,7 +5637,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5328,16 +5656,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5358,6 +5687,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5374,7 +5704,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -5384,7 +5714,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5404,33 +5734,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5451,6 +5783,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5479,7 +5812,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5540,33 +5873,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5587,6 +5922,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5615,7 +5951,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5659,13 +5995,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -5701,6 +6040,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5710,18 +6061,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -5760,7 +6113,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -5786,33 +6139,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5833,6 +6188,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5861,7 +6217,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5915,6 +6271,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -5924,7 +6283,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -5932,6 +6291,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -5943,6 +6305,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -5990,7 +6355,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -5998,6 +6363,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -6214,10 +6582,10 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -6233,7 +6601,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -6245,12 +6613,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -6258,7 +6628,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -6274,13 +6644,14 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -6294,7 +6665,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6305,7 +6677,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -6317,7 +6689,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6354,8 +6727,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6363,7 +6738,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -6375,7 +6750,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6403,7 +6779,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -6446,6 +6822,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -6462,10 +6839,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -6495,6 +6872,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -6572,11 +6950,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6588,7 +6968,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -6605,7 +6985,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -6619,14 +6999,16 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -6646,7 +7028,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6654,7 +7037,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -6664,10 +7047,10 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -6683,7 +7066,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -6698,7 +7081,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -6714,7 +7097,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -6725,6 +7108,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -6735,7 +7128,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -6744,6 +7137,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -6755,6 +7149,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -6762,7 +7157,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6806,7 +7202,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -6818,7 +7214,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -6840,12 +7236,12 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." @@ -6866,11 +7262,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6916,8 +7314,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6933,7 +7333,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -6976,6 +7376,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -7000,8 +7401,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -7026,9 +7429,10 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -7053,15 +7457,16 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -7069,7 +7474,9 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -7079,11 +7486,13 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -7091,9 +7500,10 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -7109,7 +7519,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7117,6 +7528,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -7160,6 +7572,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -7168,7 +7581,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -7180,7 +7593,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7192,7 +7606,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." diff --git a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml index e8deb35ed..b0bfef691 100644 --- a/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml +++ b/crd-catalog/GoogleCloudPlatform/spark-on-k8s-operator/sparkoperator.k8s.io/v1beta2/sparkapplications.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubeflow/spark-operator/pull/1298" - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "sparkapplications.sparkoperator.k8s.io" spec: group: "sparkoperator.k8s.io" @@ -147,11 +147,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -168,11 +170,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -184,6 +188,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -208,11 +213,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -229,14 +236,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -272,11 +282,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -285,13 +297,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -315,11 +327,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -332,6 +346,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -347,6 +362,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -371,11 +387,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -384,13 +402,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -414,11 +432,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -431,6 +451,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -438,6 +459,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -469,11 +491,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -482,13 +506,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -512,11 +536,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -529,6 +555,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -544,6 +571,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -568,11 +596,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -581,13 +611,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -611,11 +641,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -628,6 +660,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -635,6 +668,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -675,23 +709,27 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" env: description: "Env carries the environment variables to add to the pod." @@ -714,7 +752,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -763,7 +802,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -786,7 +826,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -800,7 +841,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -852,9 +894,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: description: "IP address of the host file entry." type: "string" + required: + - "ip" type: "object" type: "array" hostNetwork: @@ -873,11 +918,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -899,7 +946,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -948,7 +996,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -962,6 +1011,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -971,7 +1023,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -985,7 +1038,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -994,6 +1048,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -1007,16 +1062,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1037,6 +1093,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1053,7 +1110,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1063,7 +1120,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1082,16 +1139,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1112,6 +1170,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1128,7 +1187,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1138,7 +1197,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1158,33 +1217,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1205,6 +1266,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1233,7 +1295,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1294,33 +1356,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1341,6 +1405,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1369,7 +1434,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1413,13 +1478,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1455,6 +1523,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1464,18 +1544,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1514,7 +1596,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1540,33 +1622,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1587,6 +1671,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1615,7 +1700,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1669,6 +1754,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1678,7 +1766,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1686,6 +1774,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1697,6 +1788,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1722,16 +1816,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1752,6 +1847,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1768,7 +1864,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1778,7 +1874,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1797,16 +1893,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1827,6 +1924,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1843,7 +1941,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1853,7 +1951,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1887,8 +1985,20 @@ spec: podSecurityContext: description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -1905,6 +2015,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1928,17 +2041,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -1955,6 +2072,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2020,6 +2138,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2029,18 +2159,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2079,7 +2211,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2127,11 +2259,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -2153,7 +2287,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2202,7 +2337,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2216,6 +2352,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -2225,7 +2364,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2239,7 +2379,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2248,6 +2389,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -2261,16 +2403,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2291,6 +2434,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2307,7 +2451,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2317,7 +2461,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2336,16 +2480,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2366,6 +2511,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2382,7 +2528,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2392,7 +2538,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2412,33 +2558,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2459,6 +2607,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2487,7 +2636,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2548,33 +2697,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2595,6 +2746,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2623,7 +2775,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2667,13 +2819,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2709,6 +2864,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2718,18 +2885,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2768,7 +2937,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2794,33 +2963,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2841,6 +3012,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2869,7 +3041,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2923,6 +3095,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -2932,7 +3107,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2940,6 +3115,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2951,6 +3129,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -2998,7 +3179,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3006,6 +3187,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -3128,11 +3312,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3149,11 +3335,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -3165,6 +3353,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -3189,11 +3378,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3210,14 +3401,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -3253,11 +3447,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3266,13 +3462,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3296,11 +3492,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3313,6 +3511,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3328,6 +3527,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -3352,11 +3552,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3365,13 +3567,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3395,11 +3597,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3412,6 +3616,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3419,6 +3624,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -3450,11 +3656,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3463,13 +3671,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3493,11 +3701,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3510,6 +3720,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3525,6 +3736,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -3549,11 +3761,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3562,13 +3776,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3592,11 +3806,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3609,6 +3825,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3616,6 +3833,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" annotations: @@ -3659,23 +3877,27 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" env: description: "Env carries the environment variables to add to the pod." @@ -3698,7 +3920,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3747,7 +3970,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3770,7 +3994,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -3784,7 +4009,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -3836,9 +4062,12 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: description: "IP address of the host file entry." type: "string" + required: + - "ip" type: "object" type: "array" hostNetwork: @@ -3857,11 +4086,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -3883,7 +4114,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3932,7 +4164,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3946,6 +4179,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -3955,7 +4191,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -3969,7 +4206,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -3978,6 +4216,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -3991,16 +4230,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4021,6 +4261,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4037,7 +4278,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4047,7 +4288,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4066,16 +4307,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4096,6 +4338,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4112,7 +4355,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4122,7 +4365,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4142,33 +4385,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4189,6 +4434,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4217,7 +4463,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4278,33 +4524,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4325,6 +4573,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4353,7 +4602,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4397,13 +4646,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4439,6 +4691,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -4448,18 +4712,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -4498,7 +4764,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -4524,33 +4790,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4571,6 +4839,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4599,7 +4868,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4653,6 +4922,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -4662,7 +4934,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -4670,6 +4942,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -4681,6 +4956,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -4708,16 +4986,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4738,6 +5017,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4754,7 +5034,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4764,7 +5044,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4783,16 +5063,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -4813,6 +5094,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -4829,7 +5111,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -4839,7 +5121,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -4869,8 +5151,20 @@ spec: podSecurityContext: description: "PodSecurityContext specifies the PodSecurityContext to apply." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -4887,6 +5181,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -4910,17 +5207,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -4937,6 +5238,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -5002,6 +5304,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5011,18 +5325,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -5061,7 +5377,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -5099,11 +5415,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -5125,7 +5443,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -5174,7 +5493,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5188,6 +5508,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -5197,7 +5520,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -5211,7 +5535,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -5220,6 +5545,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -5233,16 +5559,17 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5263,6 +5590,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5279,7 +5607,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -5289,7 +5617,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5308,16 +5636,17 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5338,6 +5667,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5354,7 +5684,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -5364,7 +5694,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5384,33 +5714,35 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5431,6 +5763,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5459,7 +5792,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5520,33 +5853,35 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5567,6 +5902,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5595,7 +5931,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5639,13 +5975,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -5681,6 +6020,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5690,18 +6041,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -5740,7 +6093,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -5766,33 +6119,35 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5813,6 +6168,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -5841,7 +6197,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5895,6 +6251,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -5904,7 +6263,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -5912,6 +6271,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -5923,6 +6285,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -5970,7 +6335,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -5978,6 +6343,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -6194,10 +6562,10 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -6213,7 +6581,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -6225,12 +6593,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -6238,7 +6608,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -6254,13 +6624,14 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -6274,7 +6645,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6285,7 +6657,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -6297,7 +6669,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6334,8 +6707,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6343,7 +6718,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -6355,7 +6730,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6383,7 +6759,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -6426,6 +6802,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -6442,10 +6819,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -6475,6 +6852,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -6552,11 +6930,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6568,7 +6948,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -6585,7 +6965,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -6599,14 +6979,16 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -6626,7 +7008,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6634,7 +7017,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -6644,10 +7027,10 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -6663,7 +7046,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -6678,7 +7061,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -6694,7 +7077,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -6705,6 +7088,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -6715,7 +7108,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -6724,6 +7117,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -6735,6 +7129,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -6742,7 +7137,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6786,7 +7182,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -6798,7 +7194,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -6820,12 +7216,12 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." @@ -6846,11 +7242,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6896,8 +7294,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6913,7 +7313,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -6956,6 +7356,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -6980,8 +7381,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -7006,9 +7409,10 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -7033,15 +7437,16 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -7049,7 +7454,9 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -7059,11 +7466,13 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -7071,9 +7480,10 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -7089,7 +7499,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7097,6 +7508,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -7140,6 +7552,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -7148,7 +7561,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -7160,7 +7573,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7172,7 +7586,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." diff --git a/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml b/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml index 449130805..b2387d960 100644 --- a/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml +++ b/crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml @@ -18,6 +18,31 @@ spec: jsonPath: ".status.conditions[?(@.type==\"Ready\")].status" name: "Ready" type: "string" + - description: "DNSRecord healthy." + jsonPath: ".status.conditions[?(@.type==\"Healthy\")].status" + name: "Healthy" + priority: 2 + type: "string" + - description: "DNSRecord root host." + jsonPath: ".spec.rootHost" + name: "Root Host" + priority: 2 + type: "string" + - description: "DNSRecord owner id." + jsonPath: ".status.ownerID" + name: "Owner ID" + priority: 2 + type: "string" + - description: "DNSRecord zone domain name." + jsonPath: ".status.zoneDomainName" + name: "Zone Domain" + priority: 2 + type: "string" + - description: "DNSRecord zone id." + jsonPath: ".status.zoneID" + name: "Zone ID" + priority: 2 + type: "string" name: "v1alpha1" schema: openAPIV3Schema: @@ -88,26 +113,30 @@ spec: - "name" type: "object" failureThreshold: - description: "FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy" + default: 5 + description: "FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy\nDefaults to 5" type: "integer" x-kubernetes-validations: - message: "Failure threshold must be greater than 0" rule: "self > 0" interval: - description: "Interval defines how frequently this probe should execute" + default: "5m" + description: "Interval defines how frequently this probe should execute\nDefaults to 5 minutes" type: "string" path: description: "Path is the path to append to the host to reach the expected health check.\nMust start with \"?\" or \"/\", contain only valid URL characters and end with alphanumeric char or \"/\". For example \"/\" or \"/healthz\" are common" pattern: "^(?:\\?|\\/)[\\w\\-.~:\\/?#\\[\\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\\/){1}$" type: "string" port: - description: "Port to connect to the host on. Must be either 80, 443 or 1024-49151" + default: 443 + description: "Port to connect to the host on. Must be either 80, 443 or 1024-49151\nDefaults to port 443" type: "integer" x-kubernetes-validations: - message: "Only ports 80, 443, 1024-49151 are allowed" rule: "self in [80, 443] || (self >= 1024 && self <= 49151)" protocol: - description: "Protocol to use when connecting to the host, valid values are \"HTTP\" or \"HTTPS\"" + default: "HTTPS" + description: "Protocol to use when connecting to the host, valid values are \"HTTP\" or \"HTTPS\"\nDefaults to HTTPS" type: "string" x-kubernetes-validations: - message: "Only HTTP or HTTPS protocols are allowed" diff --git a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/authpolicies.yaml b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/authpolicies.yaml new file mode 100644 index 000000000..b0595c363 --- /dev/null +++ b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/authpolicies.yaml @@ -0,0 +1,5464 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" + labels: + gateway.networking.k8s.io/policy: "inherited" + name: "authpolicies.kuadrant.io" +spec: + group: "kuadrant.io" + names: + kind: "AuthPolicy" + listKind: "AuthPolicyList" + plural: "authpolicies" + singular: "authpolicy" + scope: "Namespaced" + versions: + - additionalPrinterColumns: + - description: "AuthPolicy Accepted" + jsonPath: ".status.conditions[?(@.type==\"Accepted\")].status" + name: "Accepted" + priority: 2 + type: "string" + - description: "AuthPolicy Enforced" + jsonPath: ".status.conditions[?(@.type==\"Enforced\")].status" + name: "Enforced" + priority: 2 + type: "string" + - description: "Kind of the object to which the policy aaplies" + jsonPath: ".spec.targetRef.kind" + name: "TargetKind" + priority: 2 + type: "string" + - description: "Name of the object to which the policy applies" + jsonPath: ".spec.targetRef.name" + name: "TargetName" + priority: 2 + type: "string" + - description: "Name of the section within the object to which the policy applies " + jsonPath: ".spec.targetRef.sectionName" + name: "TargetSection" + priority: 2 + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1" + schema: + openAPIV3Schema: + description: "AuthPolicy enables authentication and authorization for service workloads in a Gateway API network" + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + properties: + defaults: + description: "Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides.\nUse one of: defaults, overrides, or bare set of policy rules (implicit defaults)." + properties: + patterns: + additionalProperties: + properties: + allOf: + items: + properties: + operator: + description: "The binary operator to be applied to the content fetched from the authorization JSON, for comparison with \"value\".\nPossible values are: \"eq\" (equal to), \"neq\" (not equal to), \"incl\" (includes; for arrays), \"excl\" (excludes; for arrays), \"matches\" (regex)" + enum: + - "eq" + - "neq" + - "incl" + - "excl" + - "matches" + type: "string" + selector: + description: "Path selector to fetch content from the authorization JSON (e.g. 'request.method').\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nAuthorino custom JSON path modifiers are also supported." + type: "string" + value: + description: "The value of reference for the comparison with the content fetched from the authorization JSON.\nIf used with the \"matches\" operator, the value must compile to a valid Golang regex." + type: "string" + type: "object" + type: "array" + required: + - "allOf" + type: "object" + description: "Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules." + type: "object" + rules: + description: "The auth rules of the policy.\nSee Authorino's AuthConfig CRD for more details." + properties: + authentication: + additionalProperties: + properties: + anonymous: + description: "Anonymous access." + type: "object" + apiKey: + description: "Authentication based on API keys stored in Kubernetes secrets." + properties: + allNamespaces: + default: false + description: "Whether Authorino should look for API key secrets in all namespaces or only in the same namespace as the AuthConfig.\nEnabling this option in namespaced Authorino instances has no effect." + type: "boolean" + selector: + description: "Label selector used by Authorino to match secrets from the cluster storing valid credentials to authenticate to this service" + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + required: + - "selector" + type: "object" + cache: + description: "Caching options for the resolved object returned when applying this config.\nOmit it to avoid caching objects for this config." + properties: + key: + description: "Key used to store the entry in the cache.\nThe resolved key must be unique within the scope of this particular config." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + ttl: + default: 60 + description: "Duration (in seconds) of the external data in the cache before pulled again from the source." + type: "integer" + required: + - "key" + type: "object" + credentials: + description: "Defines where credentials are required to be passed in the request for authentication based on this config.\nIf omitted, it defaults to credentials passed in the HTTP Authorization header and the \"Bearer\" prefix prepended to the secret credential value." + properties: + authorizationHeader: + properties: + prefix: + type: "string" + type: "object" + cookie: + properties: + name: + type: "string" + required: + - "name" + type: "object" + customHeader: + properties: + name: + type: "string" + required: + - "name" + type: "object" + queryString: + properties: + name: + type: "string" + required: + - "name" + type: "object" + type: "object" + defaults: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Set default property values (claims) for the resolved identity object, that are set before appending the object to\nthe authorization JSON. If the property is already present in the resolved identity object, the default value is ignored.\nIt requires the resolved identity object to always be a JSON object.\nDo not use this option with identity objects of other JSON types (array, string, etc)." + type: "object" + jwt: + description: "Authentication based on JWT tokens." + properties: + issuerUrl: + description: "URL of the issuer of the JWT.\nIf `jwksUrl` is omitted, Authorino will append the path to the OpenID Connect Well-Known Discovery endpoint\n(i.e. \"/.well-known/openid-configuration\") to this URL, to discover the OIDC configuration where to obtain\nthe \"jkws_uri\" claim from.\nThe value must coincide with the value of the \"iss\" (issuer) claim of the discovered OpenID Connect configuration." + type: "string" + ttl: + description: "Decides how long to wait before refreshing the JWKS (in seconds).\nIf omitted, Authorino will never refresh the JWKS." + type: "integer" + type: "object" + kubernetesTokenReview: + description: "Authentication by Kubernetes token review." + properties: + audiences: + description: "The list of audiences (scopes) that must be claimed in a Kubernetes authentication token supplied in the request, and reviewed by Authorino.\nIf omitted, Authorino will review tokens expecting the host name of the requested protected service amongst the audiences." + items: + type: "string" + type: "array" + type: "object" + metrics: + default: false + description: "Whether this config should generate individual observability metrics" + type: "boolean" + oauth2Introspection: + description: "Authentication by OAuth2 token introspection." + properties: + credentialsRef: + description: "Reference to a Kubernetes secret in the same namespace, that stores client credentials to the OAuth2 server." + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + endpoint: + description: "The full URL of the token introspection endpoint." + type: "string" + tokenTypeHint: + description: "The token type hint for the token introspection.\nIf omitted, it defaults to \"access_token\"." + type: "string" + required: + - "credentialsRef" + - "endpoint" + type: "object" + overrides: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Overrides the resolved identity object by setting the additional properties (claims) specified in this config,\nbefore appending the object to the authorization JSON.\nIt requires the resolved identity object to always be a JSON object.\nDo not use this option with identity objects of other JSON types (array, string, etc)." + type: "object" + plain: + description: "Identity object extracted from the context.\nUse this method when authentication is performed beforehand by a proxy and the resulting object passed to Authorino as JSON in the auth request." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value that represents an identity.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + type: "object" + priority: + default: 0 + description: "Priority group of the config.\nAll configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially." + type: "integer" + when: + description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped." + items: + properties: + all: + description: "A list of pattern expressions to be evaluated as a logical AND." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + any: + description: "A list of pattern expressions to be evaluated as a logical OR." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + operator: + description: "The binary operator to be applied to the content fetched from the authorization JSON, for comparison with \"value\".\nPossible values are: \"eq\" (equal to), \"neq\" (not equal to), \"incl\" (includes; for arrays), \"excl\" (excludes; for arrays), \"matches\" (regex)" + enum: + - "eq" + - "neq" + - "incl" + - "excl" + - "matches" + type: "string" + patternRef: + description: "Reference to a named set of pattern expressions" + type: "string" + predicate: + description: "A Common Expression Language (CEL) expression that evaluates to a boolean.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Path selector to fetch content from the authorization JSON (e.g. 'request.method').\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nAuthorino custom JSON path modifiers are also supported." + type: "string" + value: + description: "The value of reference for the comparison with the content fetched from the authorization JSON.\nIf used with the \"matches\" operator, the value must compile to a valid Golang regex." + type: "string" + type: "object" + type: "array" + x509: + description: "Authentication based on client X.509 certificates.\nThe certificates presented by the clients must be signed by a trusted CA whose certificates are stored in Kubernetes secrets." + properties: + allNamespaces: + default: false + description: "Whether Authorino should look for TLS secrets in all namespaces or only in the same namespace as the AuthConfig.\nEnabling this option in namespaced Authorino instances has no effect." + type: "boolean" + selector: + description: "Label selector used by Authorino to match secrets from the cluster storing trusted CA certificates to validate\nclients trying to authenticate to this service" + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + required: + - "selector" + type: "object" + type: "object" + description: "Authentication configs.\nAt least one config MUST evaluate to a valid identity object for the auth request to be successful." + type: "object" + authorization: + additionalProperties: + properties: + cache: + description: "Caching options for the resolved object returned when applying this config.\nOmit it to avoid caching objects for this config." + properties: + key: + description: "Key used to store the entry in the cache.\nThe resolved key must be unique within the scope of this particular config." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + ttl: + default: 60 + description: "Duration (in seconds) of the external data in the cache before pulled again from the source." + type: "integer" + required: + - "key" + type: "object" + kubernetesSubjectAccessReview: + description: "Authorization by Kubernetes SubjectAccessReview" + properties: + authorizationGroups: + description: "Groups to check for existing permission in the Kubernetes RBAC alternatively to a specific user. This is typically obtained from a list of groups the user is a member of. Must be a static list of group names or dynamically resolve to one from the Authorization JSON." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + groups: + description: "Groups the user must be a member of or, if `user` is omitted, the groups to check for authorization in the Kubernetes RBAC.\nDeprecated: Use authorizationGroups instead." + items: + type: "string" + type: "array" + resourceAttributes: + description: "Use resourceAttributes to check permissions on Kubernetes resources.\nIf omitted, it performs a non-resource SubjectAccessReview, with verb and path inferred from the request." + properties: + group: + description: "API group of the resource.\nUse '*' for all API groups." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + name: + description: "Resource name\nOmit it to check for authorization on all resources of the specified kind." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + namespace: + description: "Namespace where the user must have permissions on the resource." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + resource: + description: "Resource kind\nUse '*' for all resource kinds." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + subresource: + description: "Subresource kind" + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + verb: + description: "Verb to check for authorization on the resource.\nUse '*' for all verbs." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "object" + user: + description: "User to check for authorization in the Kubernetes RBAC.\nOmit it to check for group authorization only." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "object" + metrics: + default: false + description: "Whether this config should generate individual observability metrics" + type: "boolean" + opa: + description: "Open Policy Agent (OPA) Rego policy." + properties: + allValues: + default: false + description: "Returns the value of all Rego rules in the virtual document. Values can be read in subsequent evaluators/phases of the Auth Pipeline.\nOtherwise, only the default `allow` rule will be exposed.\nReturning all Rego rules can affect performance of OPA policies during reconciliation (policy precompile) and at runtime." + type: "boolean" + externalPolicy: + description: "Settings for fetching the OPA policy from an external registry.\nUse it alternatively to 'rego'.\nFor the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters',\n'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'." + properties: + body: + description: "Raw body of the HTTP request.\nSupersedes 'bodyParameters'; use either one or the other.\nUse it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used)." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + bodyParameters: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Custom parameters to encode in the body of the HTTP request.\nSuperseded by 'body'; use either one or the other.\nUse it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used)." + type: "object" + contentType: + default: "application/x-www-form-urlencoded" + description: "Content-Type of the request body. Shapes how 'bodyParameters' are encoded.\nUse it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'." + enum: + - "application/x-www-form-urlencoded" + - "application/json" + type: "string" + credentials: + description: "Defines where client credentials will be passed in the request to the service.\nIf omitted, it defaults to client credentials passed in the HTTP Authorization header and the \"Bearer\" prefix expected prepended to the secret value." + properties: + authorizationHeader: + properties: + prefix: + type: "string" + type: "object" + cookie: + properties: + name: + type: "string" + required: + - "name" + type: "object" + customHeader: + properties: + name: + type: "string" + required: + - "name" + type: "object" + queryString: + properties: + name: + type: "string" + required: + - "name" + type: "object" + type: "object" + headers: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Custom headers in the HTTP request." + type: "object" + method: + default: "GET" + description: "HTTP verb used in the request to the service. Accepted values: GET (default), POST.\nWhen the request method is POST, the authorization JSON is passed in the body of the request." + enum: + - "GET" + - "POST" + - "PUT" + - "PATCH" + - "DELETE" + - "HEAD" + - "OPTIONS" + - "CONNECT" + - "TRACE" + type: "string" + oauth2: + description: "Authentication with the HTTP service by OAuth2 Client Credentials grant." + properties: + cache: + default: true + description: "Caches and reuses the token until expired.\nSet it to false to force fetch the token at every authorization request regardless of expiration." + type: "boolean" + clientId: + description: "OAuth2 Client ID." + type: "string" + clientSecretRef: + description: "Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "The name of the secret in the Authorino's namespace to select from." + type: "string" + required: + - "key" + - "name" + type: "object" + extraParams: + additionalProperties: + type: "string" + description: "Optional extra parameters for the requests to the token URL." + type: "object" + scopes: + description: "Optional scopes for the client credentials grant, if supported by he OAuth2 server." + items: + type: "string" + type: "array" + tokenUrl: + description: "Token endpoint URL of the OAuth2 resource server." + type: "string" + required: + - "clientId" + - "clientSecretRef" + - "tokenUrl" + type: "object" + sharedSecretRef: + description: "Reference to a Secret key whose value will be passed by Authorino in the request.\nThe HTTP service can use the shared secret to authenticate the origin of the request.\nIgnored if used together with oauth2." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "The name of the secret in the Authorino's namespace to select from." + type: "string" + required: + - "key" + - "name" + type: "object" + ttl: + description: "Duration (in seconds) of the external data in the cache before pulled again from the source." + type: "integer" + url: + description: "Endpoint URL of the HTTP service.\nThe value can include variable placeholders in the format \"{selector}\", where \"selector\" is any pattern supported\nby https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON.\nE.g. https://ext-auth-server.io/metadata?p={request.path}" + type: "string" + urlExpression: + description: "A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + type: "object" + rego: + description: "Authorization policy as a Rego language document.\nThe Rego document must include the \"allow\" condition, set by Authorino to \"false\" by default (i.e. requests are unauthorized unless changed).\nThe Rego document must NOT include the \"package\" declaration in line 1." + type: "string" + type: "object" + patternMatching: + description: "Pattern-matching authorization rules." + properties: + patterns: + items: + properties: + all: + description: "A list of pattern expressions to be evaluated as a logical AND." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + any: + description: "A list of pattern expressions to be evaluated as a logical OR." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + operator: + description: "The binary operator to be applied to the content fetched from the authorization JSON, for comparison with \"value\".\nPossible values are: \"eq\" (equal to), \"neq\" (not equal to), \"incl\" (includes; for arrays), \"excl\" (excludes; for arrays), \"matches\" (regex)" + enum: + - "eq" + - "neq" + - "incl" + - "excl" + - "matches" + type: "string" + patternRef: + description: "Reference to a named set of pattern expressions" + type: "string" + predicate: + description: "A Common Expression Language (CEL) expression that evaluates to a boolean.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Path selector to fetch content from the authorization JSON (e.g. 'request.method').\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nAuthorino custom JSON path modifiers are also supported." + type: "string" + value: + description: "The value of reference for the comparison with the content fetched from the authorization JSON.\nIf used with the \"matches\" operator, the value must compile to a valid Golang regex." + type: "string" + type: "object" + type: "array" + required: + - "patterns" + type: "object" + priority: + default: 0 + description: "Priority group of the config.\nAll configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially." + type: "integer" + spicedb: + description: "Authorization decision delegated to external Authzed/SpiceDB server." + properties: + endpoint: + description: "Hostname and port number to the GRPC interface of the SpiceDB server (e.g. spicedb:50051)." + type: "string" + insecure: + description: "Insecure HTTP connection (i.e. disables TLS verification)" + type: "boolean" + permission: + description: "The name of the permission (or relation) on which to execute the check." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + resource: + description: "The resource on which to check the permission or relation." + properties: + kind: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + name: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "object" + sharedSecretRef: + description: "Reference to a Secret key whose value will be used by Authorino to authenticate with the Authzed service." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "The name of the secret in the Authorino's namespace to select from." + type: "string" + required: + - "key" + - "name" + type: "object" + subject: + description: "The subject that will be checked for the permission or relation." + properties: + kind: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + name: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "object" + required: + - "endpoint" + type: "object" + when: + description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped." + items: + properties: + all: + description: "A list of pattern expressions to be evaluated as a logical AND." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + any: + description: "A list of pattern expressions to be evaluated as a logical OR." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + operator: + description: "The binary operator to be applied to the content fetched from the authorization JSON, for comparison with \"value\".\nPossible values are: \"eq\" (equal to), \"neq\" (not equal to), \"incl\" (includes; for arrays), \"excl\" (excludes; for arrays), \"matches\" (regex)" + enum: + - "eq" + - "neq" + - "incl" + - "excl" + - "matches" + type: "string" + patternRef: + description: "Reference to a named set of pattern expressions" + type: "string" + predicate: + description: "A Common Expression Language (CEL) expression that evaluates to a boolean.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Path selector to fetch content from the authorization JSON (e.g. 'request.method').\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nAuthorino custom JSON path modifiers are also supported." + type: "string" + value: + description: "The value of reference for the comparison with the content fetched from the authorization JSON.\nIf used with the \"matches\" operator, the value must compile to a valid Golang regex." + type: "string" + type: "object" + type: "array" + type: "object" + description: "Authorization policies.\nAll policies MUST evaluate to \"allowed = true\" for the auth request be successful." + type: "object" + callbacks: + additionalProperties: + properties: + cache: + description: "Caching options for the resolved object returned when applying this config.\nOmit it to avoid caching objects for this config." + properties: + key: + description: "Key used to store the entry in the cache.\nThe resolved key must be unique within the scope of this particular config." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + ttl: + default: 60 + description: "Duration (in seconds) of the external data in the cache before pulled again from the source." + type: "integer" + required: + - "key" + type: "object" + http: + description: "Settings of the external HTTP request" + properties: + body: + description: "Raw body of the HTTP request.\nSupersedes 'bodyParameters'; use either one or the other.\nUse it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used)." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + bodyParameters: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Custom parameters to encode in the body of the HTTP request.\nSuperseded by 'body'; use either one or the other.\nUse it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used)." + type: "object" + contentType: + default: "application/x-www-form-urlencoded" + description: "Content-Type of the request body. Shapes how 'bodyParameters' are encoded.\nUse it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'." + enum: + - "application/x-www-form-urlencoded" + - "application/json" + type: "string" + credentials: + description: "Defines where client credentials will be passed in the request to the service.\nIf omitted, it defaults to client credentials passed in the HTTP Authorization header and the \"Bearer\" prefix expected prepended to the secret value." + properties: + authorizationHeader: + properties: + prefix: + type: "string" + type: "object" + cookie: + properties: + name: + type: "string" + required: + - "name" + type: "object" + customHeader: + properties: + name: + type: "string" + required: + - "name" + type: "object" + queryString: + properties: + name: + type: "string" + required: + - "name" + type: "object" + type: "object" + headers: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Custom headers in the HTTP request." + type: "object" + method: + default: "GET" + description: "HTTP verb used in the request to the service. Accepted values: GET (default), POST.\nWhen the request method is POST, the authorization JSON is passed in the body of the request." + enum: + - "GET" + - "POST" + - "PUT" + - "PATCH" + - "DELETE" + - "HEAD" + - "OPTIONS" + - "CONNECT" + - "TRACE" + type: "string" + oauth2: + description: "Authentication with the HTTP service by OAuth2 Client Credentials grant." + properties: + cache: + default: true + description: "Caches and reuses the token until expired.\nSet it to false to force fetch the token at every authorization request regardless of expiration." + type: "boolean" + clientId: + description: "OAuth2 Client ID." + type: "string" + clientSecretRef: + description: "Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "The name of the secret in the Authorino's namespace to select from." + type: "string" + required: + - "key" + - "name" + type: "object" + extraParams: + additionalProperties: + type: "string" + description: "Optional extra parameters for the requests to the token URL." + type: "object" + scopes: + description: "Optional scopes for the client credentials grant, if supported by he OAuth2 server." + items: + type: "string" + type: "array" + tokenUrl: + description: "Token endpoint URL of the OAuth2 resource server." + type: "string" + required: + - "clientId" + - "clientSecretRef" + - "tokenUrl" + type: "object" + sharedSecretRef: + description: "Reference to a Secret key whose value will be passed by Authorino in the request.\nThe HTTP service can use the shared secret to authenticate the origin of the request.\nIgnored if used together with oauth2." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "The name of the secret in the Authorino's namespace to select from." + type: "string" + required: + - "key" + - "name" + type: "object" + url: + description: "Endpoint URL of the HTTP service.\nThe value can include variable placeholders in the format \"{selector}\", where \"selector\" is any pattern supported\nby https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON.\nE.g. https://ext-auth-server.io/metadata?p={request.path}" + type: "string" + urlExpression: + description: "A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + type: "object" + metrics: + default: false + description: "Whether this config should generate individual observability metrics" + type: "boolean" + priority: + default: 0 + description: "Priority group of the config.\nAll configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially." + type: "integer" + when: + description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped." + items: + properties: + all: + description: "A list of pattern expressions to be evaluated as a logical AND." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + any: + description: "A list of pattern expressions to be evaluated as a logical OR." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + operator: + description: "The binary operator to be applied to the content fetched from the authorization JSON, for comparison with \"value\".\nPossible values are: \"eq\" (equal to), \"neq\" (not equal to), \"incl\" (includes; for arrays), \"excl\" (excludes; for arrays), \"matches\" (regex)" + enum: + - "eq" + - "neq" + - "incl" + - "excl" + - "matches" + type: "string" + patternRef: + description: "Reference to a named set of pattern expressions" + type: "string" + predicate: + description: "A Common Expression Language (CEL) expression that evaluates to a boolean.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Path selector to fetch content from the authorization JSON (e.g. 'request.method').\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nAuthorino custom JSON path modifiers are also supported." + type: "string" + value: + description: "The value of reference for the comparison with the content fetched from the authorization JSON.\nIf used with the \"matches\" operator, the value must compile to a valid Golang regex." + type: "string" + type: "object" + type: "array" + required: + - "http" + type: "object" + description: "Callback functions.\nAuthorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config." + type: "object" + metadata: + additionalProperties: + properties: + cache: + description: "Caching options for the resolved object returned when applying this config.\nOmit it to avoid caching objects for this config." + properties: + key: + description: "Key used to store the entry in the cache.\nThe resolved key must be unique within the scope of this particular config." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + ttl: + default: 60 + description: "Duration (in seconds) of the external data in the cache before pulled again from the source." + type: "integer" + required: + - "key" + type: "object" + http: + description: "External source of auth metadata via HTTP request" + properties: + body: + description: "Raw body of the HTTP request.\nSupersedes 'bodyParameters'; use either one or the other.\nUse it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used)." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + bodyParameters: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Custom parameters to encode in the body of the HTTP request.\nSuperseded by 'body'; use either one or the other.\nUse it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used)." + type: "object" + contentType: + default: "application/x-www-form-urlencoded" + description: "Content-Type of the request body. Shapes how 'bodyParameters' are encoded.\nUse it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'." + enum: + - "application/x-www-form-urlencoded" + - "application/json" + type: "string" + credentials: + description: "Defines where client credentials will be passed in the request to the service.\nIf omitted, it defaults to client credentials passed in the HTTP Authorization header and the \"Bearer\" prefix expected prepended to the secret value." + properties: + authorizationHeader: + properties: + prefix: + type: "string" + type: "object" + cookie: + properties: + name: + type: "string" + required: + - "name" + type: "object" + customHeader: + properties: + name: + type: "string" + required: + - "name" + type: "object" + queryString: + properties: + name: + type: "string" + required: + - "name" + type: "object" + type: "object" + headers: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Custom headers in the HTTP request." + type: "object" + method: + default: "GET" + description: "HTTP verb used in the request to the service. Accepted values: GET (default), POST.\nWhen the request method is POST, the authorization JSON is passed in the body of the request." + enum: + - "GET" + - "POST" + - "PUT" + - "PATCH" + - "DELETE" + - "HEAD" + - "OPTIONS" + - "CONNECT" + - "TRACE" + type: "string" + oauth2: + description: "Authentication with the HTTP service by OAuth2 Client Credentials grant." + properties: + cache: + default: true + description: "Caches and reuses the token until expired.\nSet it to false to force fetch the token at every authorization request regardless of expiration." + type: "boolean" + clientId: + description: "OAuth2 Client ID." + type: "string" + clientSecretRef: + description: "Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "The name of the secret in the Authorino's namespace to select from." + type: "string" + required: + - "key" + - "name" + type: "object" + extraParams: + additionalProperties: + type: "string" + description: "Optional extra parameters for the requests to the token URL." + type: "object" + scopes: + description: "Optional scopes for the client credentials grant, if supported by he OAuth2 server." + items: + type: "string" + type: "array" + tokenUrl: + description: "Token endpoint URL of the OAuth2 resource server." + type: "string" + required: + - "clientId" + - "clientSecretRef" + - "tokenUrl" + type: "object" + sharedSecretRef: + description: "Reference to a Secret key whose value will be passed by Authorino in the request.\nThe HTTP service can use the shared secret to authenticate the origin of the request.\nIgnored if used together with oauth2." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "The name of the secret in the Authorino's namespace to select from." + type: "string" + required: + - "key" + - "name" + type: "object" + url: + description: "Endpoint URL of the HTTP service.\nThe value can include variable placeholders in the format \"{selector}\", where \"selector\" is any pattern supported\nby https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON.\nE.g. https://ext-auth-server.io/metadata?p={request.path}" + type: "string" + urlExpression: + description: "A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + type: "object" + metrics: + default: false + description: "Whether this config should generate individual observability metrics" + type: "boolean" + priority: + default: 0 + description: "Priority group of the config.\nAll configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially." + type: "integer" + uma: + description: "User-Managed Access (UMA) source of resource data." + properties: + credentialsRef: + description: "Reference to a Kubernetes secret in the same namespace, that stores client credentials to the resource registration API of the UMA server." + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + endpoint: + description: "The endpoint of the UMA server.\nThe value must coincide with the \"issuer\" claim of the UMA config discovered from the well-known uma configuration endpoint." + type: "string" + required: + - "credentialsRef" + - "endpoint" + type: "object" + userInfo: + description: "OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig." + properties: + identitySource: + description: "The name of an OIDC-enabled JWT authentication config whose OpenID Connect configuration discovered includes the OIDC \"userinfo_endpoint\" claim." + type: "string" + required: + - "identitySource" + type: "object" + when: + description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped." + items: + properties: + all: + description: "A list of pattern expressions to be evaluated as a logical AND." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + any: + description: "A list of pattern expressions to be evaluated as a logical OR." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + operator: + description: "The binary operator to be applied to the content fetched from the authorization JSON, for comparison with \"value\".\nPossible values are: \"eq\" (equal to), \"neq\" (not equal to), \"incl\" (includes; for arrays), \"excl\" (excludes; for arrays), \"matches\" (regex)" + enum: + - "eq" + - "neq" + - "incl" + - "excl" + - "matches" + type: "string" + patternRef: + description: "Reference to a named set of pattern expressions" + type: "string" + predicate: + description: "A Common Expression Language (CEL) expression that evaluates to a boolean.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Path selector to fetch content from the authorization JSON (e.g. 'request.method').\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nAuthorino custom JSON path modifiers are also supported." + type: "string" + value: + description: "The value of reference for the comparison with the content fetched from the authorization JSON.\nIf used with the \"matches\" operator, the value must compile to a valid Golang regex." + type: "string" + type: "object" + type: "array" + type: "object" + description: "Metadata sources.\nAuthorino fetches auth metadata as JSON from sources specified in this config." + type: "object" + response: + description: "Response items.\nAuthorino builds custom responses to the client of the auth request." + properties: + success: + description: "Response items to be included in the auth response when the request is authenticated and authorized.\nFor integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request." + properties: + filters: + additionalProperties: + properties: + cache: + description: "Caching options for the resolved object returned when applying this config.\nOmit it to avoid caching objects for this config." + properties: + key: + description: "Key used to store the entry in the cache.\nThe resolved key must be unique within the scope of this particular config." + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + ttl: + default: 60 + description: "Duration (in seconds) of the external data in the cache before pulled again from the source." + type: "integer" + required: + - "key" + type: "object" + json: + description: "JSON object\nSpecify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON." + properties: + properties: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "object" + required: + - "properties" + type: "object" + key: + description: "The key used to add the custom response item (name of the HTTP header or root property of the Dynamic Metadata object).\nIf omitted, it will be set to the name of the response config." + type: "string" + metrics: + default: false + description: "Whether this config should generate individual observability metrics" + type: "boolean" + plain: + description: "Plain text content" + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + priority: + default: 0 + description: "Priority group of the config.\nAll configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially." + type: "integer" + when: + description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped." + items: + properties: + all: + description: "A list of pattern expressions to be evaluated as a logical AND." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + any: + description: "A list of pattern expressions to be evaluated as a logical OR." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" + operator: + description: "The binary operator to be applied to the content fetched from the authorization JSON, for comparison with \"value\".\nPossible values are: \"eq\" (equal to), \"neq\" (not equal to), \"incl\" (includes; for arrays), \"excl\" (excludes; for arrays), \"matches\" (regex)" + enum: + - "eq" + - "neq" + - "incl" + - "excl" + - "matches" + type: "string" + patternRef: + description: "Reference to a named set of pattern expressions" + type: "string" + predicate: + description: "A Common Expression Language (CEL) expression that evaluates to a boolean.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Path selector to fetch content from the authorization JSON (e.g. 'request.method').\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nAuthorino custom JSON path modifiers are also supported." + type: "string" + value: + description: "The value of reference for the comparison with the content fetched from the authorization JSON.\nIf used with the \"matches\" operator, the value must compile to a valid Golang regex." + type: "string" + type: "object" + type: "array" + wristband: + description: "Authorino Festival Wristband token" + properties: + customClaims: + additionalProperties: + properties: + expression: + description: "A Common Expression Language (CEL) expression that evaluates to a value.\nString expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings)." + type: "string" + selector: + description: "Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. \"Hello, {auth.identity.name}!\").\nAny pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used.\nThe following Authorino custom modifiers are supported: @extract:{sep:\" \",pos:0}, @replace{old:\"\",new:\"\"}, @case:upper|lower, @base64:encode|decode and @strip." + type: "string" + value: + description: "Static value" + x-kubernetes-preserve-unknown-fields: true + type: "object" + description: "Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default." + type: "object" + issuer: + description: "The endpoint to the Authorino service that issues the wristband (format: ://:/, where = /://:/, where = /://:/, where = /://:/, where = /://:/, where = /://:/, where = / 0) || (has(self.rules.metadata) && size(self.rules.metadata) > 0) || (has(self.rules.authorization) && size(self.rules.authorization) > 0) || (has(self.rules.response) && (has(self.rules.response.unauthenticated) || has(self.rules.response.unauthorized) || (has(self.rules.response.success) && (size(self.rules.response.success.headers) > 0 || size(self.rules.response.success.filters) > 0)))) || (has(self.rules.callbacks) && size(self.rules.callbacks) > 0)) : true" + - message: "At least one spec.defaults.rules must be defined" + rule: "has(self.defaults) ? has(self.defaults.rules) && ((has(self.defaults.rules.authentication) && size(self.defaults.rules.authentication) > 0) || (has(self.defaults.rules.metadata) && size(self.defaults.rules.metadata) > 0) || (has(self.defaults.rules.authorization) && size(self.defaults.rules.authorization) > 0) || (has(self.defaults.rules.response) && (has(self.defaults.rules.response.unauthenticated) || has(self.defaults.rules.response.unauthorized) || (has(self.defaults.rules.response.success) && (size(self.defaults.rules.response.success.headers) > 0 || size(self.defaults.rules.response.success.filters) > 0)))) || (has(self.defaults.rules.callbacks) && size(self.defaults.rules.callbacks) > 0)) : true" + - message: "At least one spec.overrides.rules must be defined" + rule: "has(self.overrides) ? has(self.overrides.rules) && ((has(self.overrides.rules.authentication) && size(self.overrides.rules.authentication) > 0) || (has(self.overrides.rules.metadata) && size(self.overrides.rules.metadata) > 0) || (has(self.overrides.rules.authorization) && size(self.overrides.rules.authorization) > 0) || (has(self.overrides.rules.response) && (has(self.overrides.rules.response.unauthenticated) || has(self.overrides.rules.response.unauthorized) || (has(self.overrides.rules.response.success) && (size(self.overrides.rules.response.success.headers) > 0 || size(self.overrides.rules.response.success.filters) > 0)))) || (has(self.overrides.rules.callbacks) && size(self.overrides.rules.callbacks) > 0)) : true" + status: + properties: + conditions: + description: "Represents the observations of a foo's current state.\nKnown .status.conditions.type are: \"Available\"" + items: + description: "Condition contains details for one aspect of the current state of this API Resource." + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase." + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration reflects the generation of the most recently observed spec." + format: "int64" + type: "integer" + type: "object" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/ratelimitpolicies.yaml b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/ratelimitpolicies.yaml new file mode 100644 index 000000000..4471d351f --- /dev/null +++ b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/ratelimitpolicies.yaml @@ -0,0 +1,373 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" + labels: + gateway.networking.k8s.io/policy: "inherited" + name: "ratelimitpolicies.kuadrant.io" +spec: + group: "kuadrant.io" + names: + kind: "RateLimitPolicy" + listKind: "RateLimitPolicyList" + plural: "ratelimitpolicies" + singular: "ratelimitpolicy" + scope: "Namespaced" + versions: + - additionalPrinterColumns: + - description: "RateLimitPolicy Accepted" + jsonPath: ".status.conditions[?(@.type==\"Accepted\")].status" + name: "Accepted" + priority: 2 + type: "string" + - description: "RateLimitPolicy Enforced" + jsonPath: ".status.conditions[?(@.type==\"Enforced\")].status" + name: "Enforced" + priority: 2 + type: "string" + - description: "Kind of the object to which the policy aaplies" + jsonPath: ".spec.targetRef.kind" + name: "TargetKind" + priority: 2 + type: "string" + - description: "Name of the object to which the policy applies" + jsonPath: ".spec.targetRef.name" + name: "TargetName" + priority: 2 + type: "string" + - description: "Name of the section within the object to which the policy applies " + jsonPath: ".spec.targetRef.sectionName" + name: "TargetSection" + priority: 2 + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1" + schema: + openAPIV3Schema: + description: "RateLimitPolicy enables rate limiting for service workloads in a Gateway API network" + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + properties: + defaults: + description: "Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides.\nUse one of: defaults, overrides, or bare set of policy rules (implicit defaults)." + properties: + limits: + additionalProperties: + description: "Limit represents a complete rate limit configuration" + properties: + counters: + description: "Counters defines additional rate limit counters based on CEL expressions which can reference well known selectors" + items: + properties: + expression: + description: "Expression defines one CEL expression\nExpression can use well known attributes\nAttributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes\nWell-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors\nThey are named by a dot-separated path (e.g. request.path)\nExample: \"request.path\" -> The path portion of the URL" + minLength: 1 + type: "string" + required: + - "expression" + type: "object" + type: "array" + rates: + description: "Rates holds the list of limit rates" + items: + description: "Rate defines the actual rate limit that will be used when there is a match" + properties: + limit: + description: "Limit defines the max value allowed for a given period of time" + type: "integer" + window: + description: "Window defines the time period for which the Limit specified above applies." + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + required: + - "limit" + - "window" + type: "object" + type: "array" + when: + description: "When holds a list of \"limit-level\" `Predicate`s\nCalled also \"soft\" conditions as route selectors must also match" + items: + description: "Predicate defines one CEL expression that must be evaluated to bool" + properties: + predicate: + minLength: 1 + type: "string" + required: + - "predicate" + type: "object" + type: "array" + type: "object" + description: "Limits holds the struct of limits indexed by a unique name" + type: "object" + strategy: + default: "atomic" + description: "Strategy defines the merge strategy to apply when merging this policy with other policies." + enum: + - "atomic" + - "merge" + type: "string" + when: + description: "Overall conditions for the policy to be enforced.\nIf omitted, the policy will be enforced at all requests to the protected routes.\nIf present, all conditions must match for the policy to be enforced." + items: + description: "Predicate defines one CEL expression that must be evaluated to bool" + properties: + predicate: + minLength: 1 + type: "string" + required: + - "predicate" + type: "object" + type: "array" + type: "object" + limits: + additionalProperties: + description: "Limit represents a complete rate limit configuration" + properties: + counters: + description: "Counters defines additional rate limit counters based on CEL expressions which can reference well known selectors" + items: + properties: + expression: + description: "Expression defines one CEL expression\nExpression can use well known attributes\nAttributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes\nWell-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors\nThey are named by a dot-separated path (e.g. request.path)\nExample: \"request.path\" -> The path portion of the URL" + minLength: 1 + type: "string" + required: + - "expression" + type: "object" + type: "array" + rates: + description: "Rates holds the list of limit rates" + items: + description: "Rate defines the actual rate limit that will be used when there is a match" + properties: + limit: + description: "Limit defines the max value allowed for a given period of time" + type: "integer" + window: + description: "Window defines the time period for which the Limit specified above applies." + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + required: + - "limit" + - "window" + type: "object" + type: "array" + when: + description: "When holds a list of \"limit-level\" `Predicate`s\nCalled also \"soft\" conditions as route selectors must also match" + items: + description: "Predicate defines one CEL expression that must be evaluated to bool" + properties: + predicate: + minLength: 1 + type: "string" + required: + - "predicate" + type: "object" + type: "array" + type: "object" + description: "Limits holds the struct of limits indexed by a unique name" + type: "object" + overrides: + description: "Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides.\nUse one of: defaults, overrides, or bare set of policy rules (implicit defaults)." + properties: + limits: + additionalProperties: + description: "Limit represents a complete rate limit configuration" + properties: + counters: + description: "Counters defines additional rate limit counters based on CEL expressions which can reference well known selectors" + items: + properties: + expression: + description: "Expression defines one CEL expression\nExpression can use well known attributes\nAttributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes\nWell-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors\nThey are named by a dot-separated path (e.g. request.path)\nExample: \"request.path\" -> The path portion of the URL" + minLength: 1 + type: "string" + required: + - "expression" + type: "object" + type: "array" + rates: + description: "Rates holds the list of limit rates" + items: + description: "Rate defines the actual rate limit that will be used when there is a match" + properties: + limit: + description: "Limit defines the max value allowed for a given period of time" + type: "integer" + window: + description: "Window defines the time period for which the Limit specified above applies." + pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" + type: "string" + required: + - "limit" + - "window" + type: "object" + type: "array" + when: + description: "When holds a list of \"limit-level\" `Predicate`s\nCalled also \"soft\" conditions as route selectors must also match" + items: + description: "Predicate defines one CEL expression that must be evaluated to bool" + properties: + predicate: + minLength: 1 + type: "string" + required: + - "predicate" + type: "object" + type: "array" + type: "object" + description: "Limits holds the struct of limits indexed by a unique name" + type: "object" + strategy: + default: "atomic" + description: "Strategy defines the merge strategy to apply when merging this policy with other policies." + enum: + - "atomic" + - "merge" + type: "string" + when: + description: "Overall conditions for the policy to be enforced.\nIf omitted, the policy will be enforced at all requests to the protected routes.\nIf present, all conditions must match for the policy to be enforced." + items: + description: "Predicate defines one CEL expression that must be evaluated to bool" + properties: + predicate: + minLength: 1 + type: "string" + required: + - "predicate" + type: "object" + type: "array" + type: "object" + targetRef: + description: "Reference to the object to which this policy applies." + properties: + group: + description: "Group is the group of the target resource." + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + description: "Kind is kind of the target resource." + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the target resource." + maxLength: 253 + minLength: 1 + type: "string" + sectionName: + description: "SectionName is the name of a section within the target resource. When\nunspecified, this targetRef targets the entire resource. In the following\nresources, SectionName is interpreted as the following:\n\n* Gateway: Listener name\n* HTTPRoute: HTTPRouteRule name\n* Service: Port name\n\nIf a SectionName is specified, but does not exist on the targeted object,\nthe Policy must fail to attach, and the policy implementation should record\na `ResolvedRefs` or similar Condition in the Policy's status." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + required: + - "group" + - "kind" + - "name" + type: "object" + x-kubernetes-validations: + - message: "Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'" + rule: "self.group == 'gateway.networking.k8s.io'" + - message: "Invalid targetRef.kind. The only supported values are 'HTTPRoute' and 'Gateway'" + rule: "self.kind == 'HTTPRoute' || self.kind == 'Gateway'" + when: + description: "Overall conditions for the policy to be enforced.\nIf omitted, the policy will be enforced at all requests to the protected routes.\nIf present, all conditions must match for the policy to be enforced." + items: + description: "Predicate defines one CEL expression that must be evaluated to bool" + properties: + predicate: + minLength: 1 + type: "string" + required: + - "predicate" + type: "object" + type: "array" + required: + - "targetRef" + type: "object" + x-kubernetes-validations: + - message: "Implicit and explicit defaults are mutually exclusive" + rule: "!(has(self.defaults) && has(self.limits))" + - message: "Overrides and explicit defaults are mutually exclusive" + rule: "!(has(self.defaults) && has(self.overrides))" + - message: "Overrides and implicit defaults are mutually exclusive" + rule: "!(has(self.overrides) && has(self.limits))" + - message: "At least one spec.limits must be defined" + rule: "!(has(self.overrides) || has(self.defaults)) ? has(self.limits) && size(self.limits) > 0 : true" + - message: "At least one spec.overrides.limits must be defined" + rule: "has(self.overrides) ? has(self.overrides.limits) && size(self.overrides.limits) > 0 : true" + - message: "At least one spec.defaults.limits must be defined" + rule: "has(self.defaults) ? has(self.defaults.limits) && size(self.defaults.limits) > 0 : true" + status: + properties: + conditions: + description: "Represents the observations of a foo's current state.\nKnown .status.conditions.type are: \"Available\"" + items: + description: "Condition contains details for one aspect of the current state of this API Resource." + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase." + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration reflects the generation of the most recently observed spec." + format: "int64" + type: "integer" + type: "object" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml index 2c6828756..9a2551504 100644 --- a/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml +++ b/crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1beta1/kuadrants.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "kuadrants.kuadrant.io" spec: group: "kuadrant.io" @@ -36,6 +36,12 @@ spec: type: "object" spec: description: "KuadrantSpec defines the desired state of Kuadrant" + properties: + observability: + properties: + enable: + type: "boolean" + type: "object" type: "object" status: description: "KuadrantStatus defines the observed state of Kuadrant" @@ -43,7 +49,7 @@ spec: conditions: description: "Represents the observations of a foo's current state.\nKnown .status.conditions.type are: \"Available\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -72,7 +78,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1/redisenterpriseclusters.yaml b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1/redisenterpriseclusters.yaml index 70fde8318..8c12d463f 100644 --- a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1/redisenterpriseclusters.yaml +++ b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1/redisenterpriseclusters.yaml @@ -382,6 +382,9 @@ spec: cacheTTLSeconds: description: "The maximum TTL of cached entries." type: "integer" + directoryTimeoutSeconds: + description: "The connection timeout to the LDAP server when authenticating a user, in seconds" + type: "integer" enabledForControlPlane: description: "Whether to enable LDAP for control plane access. Disabled by default." type: "boolean" @@ -3431,6 +3434,19 @@ spec: resp3Default: description: "Whether databases will turn on RESP3 compatibility upon database upgrade. Note - Deleting this property after explicitly setting its value shall have no effect. Please view the corresponding field in RS doc for more info." type: "boolean" + securityContext: + description: "the security configuration that will be applied to RS pods." + properties: + readOnlyRootFilesystemPolicy: + description: "Whether RS containers has a read-only root filesystem and what is the policy. some mandatory paths are still writable so RS can work properly." + properties: + enabled: + description: "Whether RS containers has a read-only root filesystem. Default is false." + type: "boolean" + required: + - "enabled" + type: "object" + type: "object" serviceAccountName: description: "Name of the service account to use" type: "string" @@ -7324,6 +7340,17 @@ spec: - "version" type: "object" type: "array" + certificatesStatus: + description: "Stores information about cluster certificates and their update process. In Active-Active databases, this is used to detect updates to the certificates, and trigger synchronization across the participating clusters." + properties: + generation: + description: "Generation stores the version of the cluster's Proxy and Syncer certificate secrets. In Active-Active databases, when a user updates the proxy or syncer certificate, a crdb-update command needs to be triggered to avoid potential sync issues. This helps the REAADB controller detect a change in a certificate and trigger a crdb-update. The version of the cluster's Proxy certificate secret." + format: "int64" + type: "integer" + updateStatus: + description: "The status of the cluster's certificates update" + type: "string" + type: "object" ingressOrRouteMethodStatus: description: "The ingressOrRouteSpec/ActiveActive spec method that exist" type: "string" diff --git a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseactiveactivedatabases.yaml b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseactiveactivedatabases.yaml index 658277401..2be532b3c 100644 --- a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseactiveactivedatabases.yaml +++ b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseactiveactivedatabases.yaml @@ -60,7 +60,7 @@ spec: - "participatingClusterName" type: "object" alertSettings: - description: "Settings for database alerts" + description: "Settings for database alerts. Note - Alert settings are not supported for Active-Active database." properties: bdb_backup_delayed: description: "Periodic backup has been delayed for longer than specified threshold value [minutes]" @@ -425,7 +425,7 @@ spec: - "name" type: "object" redisVersion: - description: "Redis OSS version. Version can be specified via prefix, or via channels - for existing databases - Upgrade Redis OSS version. For new databases - the version which the database will be created with. If set to 'major' - will always upgrade to the most recent major Redis version. If set to 'latest' - will always upgrade to the most recent Redis version. Depends on 'redisUpgradePolicy' - if you want to set the value to 'latest' for some databases, you must set redisUpgradePolicy on the cluster before. Possible values are 'major' or 'latest' When using upgrade - make sure to backup the database before. This value is used only for database type 'redis'" + description: "Redis OSS version. Version can be specified via prefix, or via channels - for existing databases - Upgrade Redis OSS version. For new databases - the version which the database will be created with. If set to 'major' - will always upgrade to the most recent major Redis version. If set to 'latest' - will always upgrade to the most recent Redis version. Depends on 'redisUpgradePolicy' - if you want to set the value to 'latest' for some databases, you must set redisUpgradePolicy on the cluster before. Possible values are 'major' or 'latest' When using upgrade - make sure to backup the database before. This value is used only for database type 'redis'. Note - Specifying Redis version is currently not supported for Active-Active database." type: "string" replicaSources: description: "What databases to replicate from" @@ -541,6 +541,10 @@ spec: status: description: "RedisEnterpriseActiveActiveDatabaseStatus defines the observed state of RedisEnterpriseActiveActiveDatabase" properties: + clusterCertificatesGeneration: + description: "Versions of the cluster's Proxy and Syncer certificates. In Active-Active databases, these are used to detect updates to the certificates, and trigger synchronization across the participating clusters. ." + format: "int64" + type: "integer" guid: description: "The active-active database corresponding GUID." type: "string" diff --git a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseclusters.yaml b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseclusters.yaml index 1f91d68f1..7814c673e 100644 --- a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseclusters.yaml +++ b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseclusters.yaml @@ -320,6 +320,8 @@ spec: type: "string" cacheTTLSeconds: type: "integer" + directoryTimeoutSeconds: + type: "integer" enabledForControlPlane: type: "boolean" enabledForDataPlane: @@ -3306,6 +3308,16 @@ spec: type: "string" resp3Default: type: "boolean" + securityContext: + properties: + readOnlyRootFilesystemPolicy: + properties: + enabled: + type: "boolean" + required: + - "enabled" + type: "object" + type: "object" serviceAccountName: type: "string" services: @@ -7162,6 +7174,14 @@ spec: - "version" type: "object" type: "array" + certificatesStatus: + properties: + generation: + format: "int64" + type: "integer" + updateStatus: + type: "string" + type: "object" ingressOrRouteMethodStatus: type: "string" licenseStatus: diff --git a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterprisedatabases.yaml b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterprisedatabases.yaml index 032f0e10c..701372be8 100644 --- a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterprisedatabases.yaml +++ b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterprisedatabases.yaml @@ -315,7 +315,7 @@ spec: description: "memory size of database. use formats like 100MB, 0.1GB. minimum value in 100MB. When redis on flash (RoF) is enabled, this value refers to RAM+Flash memory, and it must not be below 1GB." type: "string" modulesList: - description: "List of modules associated with database. Note - For Active-Active databases this feature is currently in preview. For this feature to take effect for Active-Active databases, set a boolean environment variable with the name \"ENABLE_ALPHA_FEATURES\" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map." + description: "List of modules associated with database. Note - For Active-Active databases this feature is currently in preview. For this feature to take effect for Active-Active databases, set a boolean environment variable with the name \"ENABLE_ALPHA_FEATURES\" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map. Note - if you do not want to upgrade to the latest version you must set upgradeSpec -> upgradeModulesToLatest to false. if you specify a version and do not set the upgradeModulesToLatest it can result errors in the operator. in addition, the option to specify specific version is Deprecated and will be deleted in next releases." items: description: "Redis Enterprise Module: https://redislabs.com/redis-enterprise/modules/" properties: @@ -326,7 +326,7 @@ spec: description: "The module's name e.g \"ft\" for redissearch" type: "string" version: - description: "Module's semantic version e.g \"1.6.12\" - optional only in REDB, must be set in REAADB" + description: "DEPRECATED - Module's semantic version e.g \"1.6.12\" - optional only in REDB, must be set in REAADB" type: "string" required: - "name" @@ -448,7 +448,7 @@ spec: description: "Specifications for DB upgrade." properties: upgradeModulesToLatest: - description: "Upgrades the modules to the latest version that supportes the DB version during a DB upgrade action, to upgrade the DB version view the 'redisVersion' field. Notes - All modules must be without specifing the version. in addition, This field is currently not supported for Active-Active databases." + description: "DEPRECATED Upgrades the modules to the latest version that supports the DB version during a DB upgrade action, to upgrade the DB version view the 'redisVersion' field. Notes - All modules must be without specifying the version. in addition, This field is currently not supported for Active-Active databases. The default is true" type: "boolean" required: - "upgradeModulesToLatest" diff --git a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseremoteclusters.yaml b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseremoteclusters.yaml index 0c766ef28..b4fbf2506 100644 --- a/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseremoteclusters.yaml +++ b/crd-catalog/RedisLabs/redis-enterprise-k8s-docs/app.redislabs.com/v1alpha1/redisenterpriseremoteclusters.yaml @@ -41,6 +41,9 @@ spec: apiFqdnUrl: description: "The URL of the cluster, will be used for the active-active database URL." type: "string" + apiPort: + description: "The port number of the cluster's URL used for connectivity/sync" + type: "integer" dbFqdnSuffix: description: "The database URL suffix, will be used for the active-active database replication endpoint and replication endpoint SNI." type: "string" @@ -60,6 +63,9 @@ spec: type: "object" status: properties: + internalObservedSecretResourceVersion: + description: "The observed secret resource version. Used for internal purposes only." + type: "string" local: description: "Indicates whether this object represents a local or a remote cluster." type: "boolean" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vlogs.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vlogs.yaml index 4dbb90431..915d1f5e0 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vlogs.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vlogs.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vlogs.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "system" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VLogs" @@ -28,10 +18,13 @@ spec: jsonPath: ".status.status" name: "Status" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1beta1" schema: openAPIV3Schema: - description: "VLogs is the Schema for the vlogs API" + description: "VLogs is fast, cost-effective and scalable logs database.\nVLogs is the Schema for the vlogs API" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -221,8 +214,22 @@ spec: logNewStreams: description: "LogNewStreams Whether to log creation of new streams; this can be useful for debugging of high cardinality issues with log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields" type: "boolean" + managedMetadata: + description: "ManagedMetadata defines metadata that will be added to the all objects\ncreated by operator for the given CustomResource" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels Map of string keys and values that can be used to organize and categorize\n(scope and select) objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + type: "object" + type: "object" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -290,6 +297,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -485,7 +495,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -605,25 +615,77 @@ spec: description: "VLogsStatus defines the observed state of VLogs" properties: availableReplicas: - description: "AvailableReplicas Total number of available pods (ready for at least minReadySeconds) targeted by this VLogs." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" reason: - description: "Reason defines a reason in case of update failure" + description: "Reason defines human readable error reason" type: "string" replicas: - description: "ReplicaCount Total number of non-terminated pods targeted by this VLogs." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" - status: - description: "UpdateStatus defines a status of vlogs instance rollout" - type: "string" unavailableReplicas: - description: "UnavailableReplicas Total number of unavailable pods targeted by this VLogs." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" + updateStatus: + description: "UpdateStatus defines a status for update rollout" + type: "string" updatedReplicas: - description: "UpdatedReplicas Total number of non-terminated pods targeted by this VLogs." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmagents.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmagents.yaml index 3c9a81b8c..99ae119bb 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmagents.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmagents.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmagents.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMAgent" @@ -36,6 +26,9 @@ spec: jsonPath: ".status.updateStatus" name: "Status" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1beta1" schema: openAPIV3Schema: @@ -393,7 +386,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -458,7 +451,7 @@ spec: status: type: "string" type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" + description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" type: "string" required: - "status" @@ -469,10 +462,10 @@ spec: - "type" x-kubernetes-list-type: "map" currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." type: "string" modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." properties: status: description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." @@ -513,6 +506,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -765,6 +761,9 @@ spec: license: description: "License allows to configure license key to be used for enterprise features.\nUsing license key is supported starting from VictoriaMetrics v1.94.0.\nSee [here](https://docs.victoriametrics.com/enterprise)" properties: + forceOffline: + description: "Enforce offline verification of the license key." + type: "boolean" key: description: "Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise).\nTo request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial)" type: "string" @@ -785,6 +784,9 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + reloadInterval: + description: "Interval to be used for checking for license key changes. Note that this is only applicable when using KeyRef." + type: "string" type: "object" livenessProbe: description: "LivenessProbe that will be added CRD pod" @@ -805,11 +807,25 @@ spec: - "FATAL" - "PANIC" type: "string" + managedMetadata: + description: "ManagedMetadata defines metadata that will be added to the all objects\ncreated by operator for the given CustomResource" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels Map of string keys and values that can be used to organize and categorize\n(scope and select) objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + type: "object" + type: "object" maxScrapeInterval: description: "MaxScrapeInterval allows limiting maximum scrape interval for VMServiceScrape, VMPodScrape and other scrapes\nIf interval is higher than defined limit, `maxScrapeInterval` will be used." type: "string" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" minScrapeInterval: @@ -1843,6 +1859,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2349,7 +2368,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -2414,7 +2433,7 @@ spec: status: type: "string" type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" + description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" type: "string" required: - "status" @@ -2425,10 +2444,10 @@ spec: - "type" x-kubernetes-list-type: "map" currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." type: "string" modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." properties: status: description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." @@ -2529,7 +2548,7 @@ spec: type: "object" type: "array" staticScrapeSelector: - description: "StaticScrapeSelector defines PodScrapes to be selected for target discovery.\nWorks in combination with NamespaceSelector.\nIf both nil - match everything.\nNamespaceSelector nil - only objects at VMAgent namespace.\nSelector nil - only objects at NamespaceSelector namespaces." + description: "StaticScrapeSelector defines VMStaticScrape to be selected for target discovery.\nWorks in combination with NamespaceSelector.\nIf both nil - match everything.\nNamespaceSelector nil - only objects at VMAgent namespace.\nSelector nil - only objects at NamespaceSelector namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2861,11 +2880,64 @@ spec: description: "VMAgentStatus defines the observed state of VMAgent" properties: availableReplicas: - description: "AvailableReplicas Total number of available pods (ready for at least minReadySeconds)\ntargeted by this VMAlert cluster." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" reason: - description: "Reason defines fail reason for update process, effective only for statefulMode" + description: "Reason defines human readable error reason" type: "string" replicas: description: "ReplicaCount Total number of pods targeted by this VMAgent" @@ -2879,14 +2951,14 @@ spec: format: "int32" type: "integer" unavailableReplicas: - description: "UnavailableReplicas Total number of unavailable pods targeted by this VMAgent cluster." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" updateStatus: - description: "UpdateStatus defines a status for update rollout, effective only for statefulMode" + description: "UpdateStatus defines a status for update rollout" type: "string" updatedReplicas: - description: "UpdatedReplicas Total number of non-terminated pods targeted by this VMAgent\ncluster that have the desired version spec." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagerconfigs.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagerconfigs.yaml index da85c063d..c6d358d5c 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagerconfigs.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagerconfigs.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmalertmanagerconfigs.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMAlertmanagerConfig" @@ -27,13 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastErrorParentAlertmanagerName" - name: "VMAlertmanager Error" - type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -1708,6 +1695,9 @@ spec: message: description: "Message is templated message" type: "string" + message_thread_id: + description: "MessageThreadID defines ID of the message thread where to send the messages." + type: "integer" parse_mode: description: "ParseMode for telegram message,\nsupported values are MarkdownV2, Markdown, Markdown and empty string for plain text." type: "string" @@ -2852,17 +2842,66 @@ spec: status: description: "VMAlertmanagerConfigStatus defines the observed state of VMAlertmanagerConfig" properties: + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" lastErrorParentAlertmanagerName: type: "string" - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" - type: "string" - lastSyncErrorTimestamp: - description: "LastSyncErrorTimestamp defines time when error occured" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" format: "int64" type: "integer" - status: - description: "Status defines CRD processing status" + reason: + description: "Reason defines human readable error reason" + type: "string" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagers.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagers.yaml index 375d2e6bf..af0fe78a1 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagers.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalertmanagers.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmalertmanagers.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMAlertmanager" @@ -26,10 +16,6 @@ spec: scope: "Namespaced" versions: - additionalPrinterColumns: - - description: "The version of VMAlertmanager" - jsonPath: ".spec.image.tag" - name: "Version" - type: "string" - description: "The desired replicas number of Alertmanagers" jsonPath: ".spec.replicaCount" name: "ReplicaCount" @@ -185,7 +171,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -250,7 +236,7 @@ spec: status: type: "string" type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" + description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" type: "string" required: - "status" @@ -261,10 +247,10 @@ spec: - "type" x-kubernetes-list-type: "map" currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." type: "string" modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." properties: status: description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." @@ -347,6 +333,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -761,8 +750,22 @@ spec: - "WARN" - "ERROR" type: "string" + managedMetadata: + description: "ManagedMetadata defines metadata that will be added to the all objects\ncreated by operator for the given CustomResource" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels Map of string keys and values that can be used to organize and categorize\n(scope and select) objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + type: "object" + type: "object" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -851,6 +854,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1102,7 +1108,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1167,7 +1173,7 @@ spec: status: type: "string" type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" + description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" type: "string" required: - "status" @@ -1178,10 +1184,10 @@ spec: - "type" x-kubernetes-list-type: "map" currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." type: "string" modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." properties: status: description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." @@ -1426,11 +1432,64 @@ spec: status: description: "Most recent observed status of the VMAlertmanager cluster.\nOperator API itself. More info:\nhttps://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" reason: - description: "Reason has non empty reason for update failure" + description: "Reason defines human readable error reason" type: "string" updateStatus: - description: "Status defines a status of object update" + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" required: diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml index 306d5da7b..0965ac3aa 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmalerts.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmalerts.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMAlert" @@ -28,6 +18,13 @@ spec: jsonPath: ".status.updateStatus" name: "Status" type: "string" + - description: "The desired replicas number of Alertmanagers" + jsonPath: ".spec.replicaCount" + name: "ReplicaCount" + type: "integer" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1beta1" schema: openAPIV3Schema: @@ -72,6 +69,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -339,6 +339,9 @@ spec: license: description: "License allows to configure license key to be used for enterprise features.\nUsing license key is supported starting from VictoriaMetrics v1.94.0.\nSee [here](https://docs.victoriametrics.com/enterprise)" properties: + forceOffline: + description: "Enforce offline verification of the license key." + type: "boolean" key: description: "Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise).\nTo request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial)" type: "string" @@ -359,6 +362,9 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + reloadInterval: + description: "Interval to be used for checking for license key changes. Note that this is only applicable when using KeyRef." + type: "string" type: "object" livenessProbe: description: "LivenessProbe that will be added CRD pod" @@ -379,8 +385,22 @@ spec: - "FATAL" - "PANIC" type: "string" + managedMetadata: + description: "ManagedMetadata defines metadata that will be added to the all objects\ncreated by operator for the given CustomResource" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels Map of string keys and values that can be used to organize and categorize\n(scope and select) objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + type: "object" + type: "object" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -943,6 +963,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1221,25 +1244,78 @@ spec: description: "VMAlertStatus defines the observed state of VMAlert" properties: availableReplicas: - description: "AvailableReplicas Total number of available pods (ready for at least minReadySeconds)\ntargeted by this VMAlert cluster." + description: "Deprecated" format: "int32" type: "integer" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" reason: - description: "Reason defines fail reason for update process, effective only for statefulMode" + description: "Reason defines human readable error reason" type: "string" replicas: - description: "ReplicaCount Total number of non-terminated pods targeted by this VMAlert\ncluster (their labels match the selector)." + description: "Deprecated" format: "int32" type: "integer" unavailableReplicas: - description: "UnavailableReplicas Total number of unavailable pods targeted by this VMAlert cluster." + description: "Deprecated" format: "int32" type: "integer" updateStatus: - description: "UpdateStatus defines a status for update rollout, effective only for statefulMode" + description: "UpdateStatus defines a status for update rollout" type: "string" updatedReplicas: - description: "UpdatedReplicas Total number of non-terminated pods targeted by this VMAlert\ncluster that have the desired version spec." + description: "Deprecated" format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmauths.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmauths.yaml index e80844bd1..76ede0a86 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmauths.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmauths.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmauths.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "system" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMAuth" @@ -28,6 +18,13 @@ spec: jsonPath: ".status.updateStatus" name: "Status" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + - description: "The desired replicas number of Alertmanagers" + jsonPath: ".spec.replicaCount" + name: "ReplicaCount" + type: "integer" name: "v1beta1" schema: openAPIV3Schema: @@ -72,6 +69,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -110,17 +110,9 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true type: "array" - default_url: - description: "DefaultURLs backend url for non-matching paths filter\nusually used for default backend with error message" - items: - type: "string" - type: "array" disableSelfServiceScrape: description: "DisableSelfServiceScrape controls creation of VMServiceScrape by operator\nfor the application.\nHas priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable" type: "boolean" - discover_backend_ips: - description: "DiscoverBackendIPs instructs discovering URLPrefix backend IPs via DNS." - type: "boolean" dnsConfig: description: "Specifies the DNS parameters of a pod.\nParameters specified here will be merged to the generated DNS\nconfiguration based on DNSPolicy." items: @@ -155,9 +147,6 @@ spec: dnsPolicy: description: "DNSPolicy sets DNS policy for the pod" type: "string" - drop_src_path_prefix_parts: - description: "DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.\nSee [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details." - type: "integer" externalConfig: description: "ExternalConfig defines a source of external VMAuth configuration.\nIf it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders" properties: @@ -203,11 +192,6 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true type: "array" - headers: - description: "Headers represent additional http headers, that vmauth uses\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.68.0 version of vmauth" - items: - type: "string" - type: "array" hostAliases: description: "HostAliases provides mapping for ip and hostname,\nthat would be propagated to pod,\ncannot be used with HostNetwork." items: @@ -336,6 +320,7 @@ spec: format: "int32" type: "integer" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -402,21 +387,12 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true type: "array" - ip_filters: - description: "IPFilters defines per target src ip filters\nsupported only with enterprise version of [vmauth](https://docs.victoriametrics.com/vmauth/#ip-filters)" - properties: - allow_list: - items: - type: "string" - type: "array" - deny_list: - items: - type: "string" - type: "array" - type: "object" license: description: "License allows to configure license key to be used for enterprise features.\nUsing license key is supported starting from VictoriaMetrics v1.94.0.\nSee [here](https://docs.victoriametrics.com/enterprise)" properties: + forceOffline: + description: "Enforce offline verification of the license key." + type: "boolean" key: description: "Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise).\nTo request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial)" type: "string" @@ -437,17 +413,14 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + reloadInterval: + description: "Interval to be used for checking for license key changes. Note that this is only applicable when using KeyRef." + type: "string" type: "object" livenessProbe: description: "LivenessProbe that will be added CRD pod" type: "object" x-kubernetes-preserve-unknown-fields: true - load_balancing_policy: - description: "LoadBalancingPolicy defines load balancing policy to use for backend urls.\nSupported policies: least_loaded, first_available.\nSee [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default \"least_loaded\")" - enum: - - "least_loaded" - - "first_available" - type: "string" logFormat: description: "LogFormat for VMAuth to be configured with." enum: @@ -463,11 +436,22 @@ spec: - "FATAL" - "PANIC" type: "string" - max_concurrent_requests: - description: "MaxConcurrentRequests defines max concurrent requests per user\n300 is default value for vmauth" - type: "integer" + managedMetadata: + description: "ManagedMetadata defines metadata that will be added to the all objects\ncreated by operator for the given CustomResource" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels Map of string keys and values that can be used to organize and categorize\n(scope and select) objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + type: "object" + type: "object" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -553,6 +537,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -579,16 +566,6 @@ spec: description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" - response_headers: - description: "ResponseHeaders represent additional http headers, that vmauth adds for request response\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.93.0 version of vmauth" - items: - type: "string" - type: "array" - retry_status_codes: - description: "RetryStatusCodes defines http status codes in numeric format for request retries\ne.g. [429,503]" - items: - type: "integer" - type: "array" revisionHistoryLimitCount: description: "The number of old ReplicaSets to retain to allow rollback in deployment or\nmaximum number of revisions that will be maintained in the Deployment revision history.\nHas no effect at StatefulSets\nDefaults to 10." format: "int32" @@ -658,118 +635,6 @@ spec: description: "TerminationGracePeriodSeconds period for container graceful termination" format: "int64" type: "integer" - tlsConfig: - description: "TLSConfig specifies TLSConfig configuration parameters." - properties: - ca: - description: "Stuct containing the CA cert to use for the targets." - properties: - configMap: - description: "ConfigMap containing data to use for the targets." - properties: - key: - description: "The key to select." - type: "string" - name: - default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - secret: - description: "Secret containing data to use for the targets." - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - caFile: - description: "Path to the CA cert in the container to use for the targets." - type: "string" - cert: - description: "Struct containing the client cert file for the targets." - properties: - configMap: - description: "ConfigMap containing data to use for the targets." - properties: - key: - description: "The key to select." - type: "string" - name: - default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - secret: - description: "Secret containing data to use for the targets." - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - certFile: - description: "Path to the client cert file in the container for the targets." - type: "string" - insecureSkipVerify: - description: "Disable target certificate validation." - type: "boolean" - keyFile: - description: "Path to the client key file in the container for the targets." - type: "string" - keySecret: - description: "Secret containing the client key file for the targets." - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - serverName: - description: "Used to verify the hostname for the targets." - type: "string" - type: "object" tolerations: description: "Tolerations If specified, the pod's tolerations." items: @@ -805,63 +670,238 @@ spec: x-kubernetes-preserve-unknown-fields: true type: "array" unauthorizedAccessConfig: - description: "UnauthorizedAccessConfig configures access for un authorized users" - items: - properties: - discover_backend_ips: - description: "DiscoverBackendIPs instructs discovering URLPrefix backend IPs via DNS." - type: "boolean" - drop_src_path_prefix_parts: - description: "DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.\nSee [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details." - type: "integer" - headers: - description: "RequestHeaders represent additional http headers, that vmauth uses\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.68.0 version of vmauth" - items: - type: "string" - type: "array" - load_balancing_policy: - description: "LoadBalancingPolicy defines load balancing policy to use for backend urls.\nSupported policies: least_loaded, first_available.\nSee [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default \"least_loaded\")" - enum: - - "least_loaded" - - "first_available" + description: "UnauthorizedAccessConfig configures access for un authorized users\n\nDeprecated, use unauthorizedUserAccessSpec instead\nwill be removed at v1.0 release" + x-kubernetes-preserve-unknown-fields: true + unauthorizedUserAccessSpec: + description: "UnauthorizedUserAccessSpec defines unauthorized_user config section of vmauth config" + properties: + default_url: + description: "DefaultURLs backend url for non-matching paths filter\nusually used for default backend with error message" + items: type: "string" - response_headers: - description: "ResponseHeaders represent additional http headers, that vmauth adds for request response\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.93.0 version of vmauth" - items: - type: "string" - type: "array" - retry_status_codes: - description: "RetryStatusCodes defines http status codes in numeric format for request retries\nCan be defined per target or at VMUser.spec level\ne.g. [429,503]" - items: - type: "integer" - type: "array" - src_headers: - description: "SrcHeaders is an optional list of headers, which must match request headers." - items: - type: "string" - type: "array" - src_hosts: - description: "SrcHosts is an optional list of regular expressions, which must match the request hostname." - items: + type: "array" + discover_backend_ips: + description: "DiscoverBackendIPs instructs discovering URLPrefix backend IPs via DNS." + type: "boolean" + drop_src_path_prefix_parts: + description: "DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.\nSee [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details." + type: "integer" + dump_request_on_errors: + description: "DumpRequestOnErrors instructs vmauth to return detailed request params to the client\nif routing rules don't allow to forward request to the backends.\nUseful for debugging `src_hosts` and `src_headers` based routing rules\n\navailable since v1.107.0 vmauth version" + type: "boolean" + headers: + description: "Headers represent additional http headers, that vmauth uses\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.68.0 version of vmauth" + items: + type: "string" + type: "array" + ip_filters: + description: "IPFilters defines per target src ip filters\nsupported only with enterprise version of [vmauth](https://docs.victoriametrics.com/vmauth/#ip-filters)" + properties: + allow_list: + items: + type: "string" + type: "array" + deny_list: + items: + type: "string" + type: "array" + type: "object" + load_balancing_policy: + description: "LoadBalancingPolicy defines load balancing policy to use for backend urls.\nSupported policies: least_loaded, first_available.\nSee [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default \"least_loaded\")" + enum: + - "least_loaded" + - "first_available" + type: "string" + max_concurrent_requests: + description: "MaxConcurrentRequests defines max concurrent requests per user\n300 is default value for vmauth" + type: "integer" + metric_labels: + additionalProperties: + type: "string" + description: "MetricLabels - additional labels for metrics exported by vmauth for given user." + type: "object" + response_headers: + description: "ResponseHeaders represent additional http headers, that vmauth adds for request response\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.93.0 version of vmauth" + items: + type: "string" + type: "array" + retry_status_codes: + description: "RetryStatusCodes defines http status codes in numeric format for request retries\ne.g. [429,503]" + items: + type: "integer" + type: "array" + tlsConfig: + description: "TLSConfig defines tls configuration for the backend connection" + properties: + ca: + description: "Stuct containing the CA cert to use for the targets." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + caFile: + description: "Path to the CA cert in the container to use for the targets." type: "string" - type: "array" - src_paths: - description: "SrcPaths is an optional list of regular expressions, which must match the request path." - items: + cert: + description: "Struct containing the client cert file for the targets." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + certFile: + description: "Path to the client cert file in the container for the targets." type: "string" - type: "array" - src_query_args: - description: "SrcQueryArgs is an optional list of query args, which must match request URL query args." - items: + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keyFile: + description: "Path to the client key file in the container for the targets." type: "string" - type: "array" - url_prefix: - description: "UrlPrefix contains backend url prefixes for the proxied request url." - items: + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + serverName: + description: "Used to verify the hostname for the targets." type: "string" - type: "array" - type: "object" - type: "array" + type: "object" + url_map: + items: + description: "UnauthorizedAccessConfigURLMap defines element of url_map routing configuration\nFor UnauthorizedAccessConfig and VMAuthUnauthorizedUserAccessSpec.URLMap" + properties: + discover_backend_ips: + description: "DiscoverBackendIPs instructs discovering URLPrefix backend IPs via DNS." + type: "boolean" + drop_src_path_prefix_parts: + description: "DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.\nSee [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details." + type: "integer" + headers: + description: "RequestHeaders represent additional http headers, that vmauth uses\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.68.0 version of vmauth" + items: + type: "string" + type: "array" + load_balancing_policy: + description: "LoadBalancingPolicy defines load balancing policy to use for backend urls.\nSupported policies: least_loaded, first_available.\nSee [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default \"least_loaded\")" + enum: + - "least_loaded" + - "first_available" + type: "string" + response_headers: + description: "ResponseHeaders represent additional http headers, that vmauth adds for request response\nin form of [\"header_key: header_value\"]\nmultiple values for header key:\n[\"header_key: value1,value2\"]\nit's available since 1.93.0 version of vmauth" + items: + type: "string" + type: "array" + retry_status_codes: + description: "RetryStatusCodes defines http status codes in numeric format for request retries\nCan be defined per target or at VMUser.spec level\ne.g. [429,503]" + items: + type: "integer" + type: "array" + src_headers: + description: "SrcHeaders is an optional list of headers, which must match request headers." + items: + type: "string" + type: "array" + src_hosts: + description: "SrcHosts is an optional list of regular expressions, which must match the request hostname." + items: + type: "string" + type: "array" + src_paths: + description: "SrcPaths is an optional list of regular expressions, which must match the request path." + items: + type: "string" + type: "array" + src_query_args: + description: "SrcQueryArgs is an optional list of query args, which must match request URL query args." + items: + type: "string" + type: "array" + url_prefix: + description: "UrlPrefix contains backend url prefixes for the proxied request url.\nURLPrefix defines prefix prefix for destination" + x-kubernetes-preserve-unknown-fields: true + type: "object" + type: "array" + url_prefix: + description: "URLPrefix defines prefix prefix for destination" + x-kubernetes-preserve-unknown-fields: true + type: "object" useDefaultResources: description: "UseDefaultResources controls resource settings\nBy default, operator sets built-in resource requirements" type: "boolean" @@ -978,14 +1018,68 @@ spec: x-kubernetes-preserve-unknown-fields: true type: "array" type: "object" + x-kubernetes-preserve-unknown-fields: true status: description: "VMAuthStatus defines the observed state of VMAuth" properties: + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" reason: - description: "Reason defines fail reason for update process, effective only for statefulMode" + description: "Reason defines human readable error reason" type: "string" updateStatus: - description: "UpdateStatus defines a status for update rollout, effective only for statefulMode" + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmclusters.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmclusters.yaml index 9ec5aa599..635deb020 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmclusters.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmclusters.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmclusters.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMCluster" @@ -40,7 +30,7 @@ spec: name: "Age" type: "date" - description: "Current status of cluster" - jsonPath: ".status.clusterStatus" + jsonPath: ".status.updateStatus" name: "Status" type: "string" name: "v1beta1" @@ -80,6 +70,9 @@ spec: license: description: "License allows to configure license key to be used for enterprise features.\nUsing license key is supported starting from VictoriaMetrics v1.94.0.\nSee [here](https://docs.victoriametrics.com/enterprise)" properties: + forceOffline: + description: "Enforce offline verification of the license key." + type: "boolean" key: description: "Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise).\nTo request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial)" type: "string" @@ -100,6 +93,23 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + reloadInterval: + description: "Interval to be used for checking for license key changes. Note that this is only applicable when using KeyRef." + type: "string" + type: "object" + managedMetadata: + description: "ManagedMetadata defines metadata that will be added to the all objects\ncreated by operator for the given CustomResource" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels Map of string keys and values that can be used to organize and categorize\n(scope and select) objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + type: "object" type: "object" paused: description: "Paused If set to true all actions on the underlying managed objects are not\ngoing to be performed, except for delete actions." @@ -325,7 +335,7 @@ spec: - "PANIC" type: "string" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -411,6 +421,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -604,6 +617,7 @@ spec: type: "array" type: "object" vmselect: + description: "VMSelect defines configuration section for vmselect components of the victoria-metrics cluster" properties: affinity: description: "Affinity If specified, the pod's scheduling constraints." @@ -731,7 +745,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -796,7 +810,7 @@ spec: status: type: "string" type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" + description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" type: "string" required: - "status" @@ -807,10 +821,10 @@ spec: - "type" x-kubernetes-list-type: "map" currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." type: "string" modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." properties: status: description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." @@ -999,7 +1013,7 @@ spec: - "PANIC" type: "string" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -1110,6 +1124,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1348,7 +1365,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1413,7 +1430,7 @@ spec: status: type: "string" type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" + description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" type: "string" required: - "status" @@ -1424,10 +1441,10 @@ spec: - "type" x-kubernetes-list-type: "map" currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." type: "string" modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." properties: status: description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." @@ -1654,7 +1671,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1719,7 +1736,7 @@ spec: status: type: "string" type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" + description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" type: "string" required: - "status" @@ -1730,10 +1747,10 @@ spec: - "type" x-kubernetes-list-type: "map" currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." type: "string" modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is a beta field and requires enabling VolumeAttributesClass feature (off by default)." properties: status: description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." @@ -1927,7 +1944,7 @@ spec: type: "integer" type: "array" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -2013,6 +2030,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2353,6 +2373,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2482,16 +2505,73 @@ spec: description: "VMClusterStatus defines the observed state of VMCluster" properties: clusterStatus: - description: "UpdateStatus defines status for application" + description: "LegacyStatus is deprecated and will be removed at v0.52.0 version" type: "string" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" lastSync: description: "Deprecated." type: "string" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" reason: + description: "Reason defines human readable error reason" type: "string" updateFailCount: description: "Deprecated." type: "integer" + updateStatus: + description: "UpdateStatus defines a status for update rollout" + type: "string" required: - "updateFailCount" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmnodescrapes.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmnodescrapes.yaml index 9843e2867..e29b569e1 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmnodescrapes.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmnodescrapes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmnodescrapes.operator.victoriametrics.com" spec: group: "operator.victoriametrics.com" @@ -17,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -350,6 +350,8 @@ spec: enum: - "http" - "https" + - "HTTPS" + - "HTTP" type: "string" scrapeTimeout: description: "Timeout after which the scrape is ended" @@ -714,11 +716,64 @@ spec: status: description: "ScrapeObjectStatus defines the observed state of ScrapeObjects" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines update status of resource" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmpodscrapes.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmpodscrapes.yaml index 919aa49e8..375034a91 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmpodscrapes.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmpodscrapes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmpodscrapes.operator.victoriametrics.com" spec: group: "operator.victoriametrics.com" @@ -17,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -384,6 +384,8 @@ spec: enum: - "http" - "https" + - "HTTPS" + - "HTTP" type: "string" scrapeTimeout: description: "Timeout after which the scrape is ended" @@ -766,11 +768,64 @@ spec: status: description: "ScrapeObjectStatus defines the observed state of ScrapeObjects" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines update status of resource" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmprobes.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmprobes.yaml index 6246a3f9f..b2022bf63 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmprobes.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmprobes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmprobes.operator.victoriametrics.com" spec: group: "operator.victoriametrics.com" @@ -17,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -300,6 +300,8 @@ spec: enum: - "http" - "https" + - "HTTPS" + - "HTTP" type: "string" scrapeTimeout: description: "Timeout after which the scrape is ended" @@ -815,11 +817,64 @@ spec: status: description: "ScrapeObjectStatus defines the observed state of ScrapeObjects" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines update status of resource" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" required: diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmrules.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmrules.yaml index bdc25ea67..ffb12ae92 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmrules.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmrules.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmrules.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMRule" @@ -27,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -144,7 +134,7 @@ spec: description: "Tenant id for group, can be used only with enterprise version of vmalert.\nSee more details [here](https://docs.victoriametrics.com/vmalert#multitenancy)." type: "string" type: - description: "Type defines datasource type for enterprise version of vmalert\npossible values - prometheus,graphite" + description: "Type defines datasource type for enterprise version of vmalert\npossible values - prometheus,graphite,vlogs" type: "string" required: - "name" @@ -157,11 +147,64 @@ spec: status: description: "VMRuleStatus defines the observed state of VMRule" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines CRD processing status" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" required: diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmscrapeconfigs.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmscrapeconfigs.yaml index e1857fd56..7dc978572 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmscrapeconfigs.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmscrapeconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmscrapeconfigs.operator.victoriametrics.com" spec: group: "operator.victoriametrics.com" @@ -17,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -258,6 +258,9 @@ spec: datacenter: description: "Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter." type: "string" + filter: + description: "Filter defines filter for /v1/catalog/services requests\nSee https://developer.hashicorp.com/consul/api-docs/features/filtering" + type: "string" followRedirects: description: "Configure whether HTTP requests follow HTTP 3xx redirects.\nIf unset, use its default value." type: "boolean" @@ -1228,8 +1231,7 @@ spec: type: "string" zone: description: "The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs." - minLength: 1 - type: "string" + x-kubernetes-preserve-unknown-fields: true required: - "project" - "zone" @@ -2525,6 +2527,8 @@ spec: enum: - "http" - "https" + - "HTTPS" + - "HTTP" type: "string" scrapeTimeout: description: "Timeout after which the scrape is ended" @@ -2869,11 +2873,64 @@ spec: status: description: "ScrapeObjectStatus defines the observed state of ScrapeObjects" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines update status of resource" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmservicescrapes.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmservicescrapes.yaml index 54b18944f..6c662fadb 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmservicescrapes.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmservicescrapes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmservicescrapes.operator.victoriametrics.com" spec: group: "operator.victoriametrics.com" @@ -17,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -373,6 +373,8 @@ spec: enum: - "http" - "https" + - "HTTPS" + - "HTTP" type: "string" scrapeTimeout: description: "Timeout after which the scrape is ended" @@ -775,11 +777,64 @@ spec: status: description: "ScrapeObjectStatus defines the observed state of ScrapeObjects" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines update status of resource" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" required: diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmsingles.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmsingles.yaml index e5ba38059..017d416ef 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmsingles.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmsingles.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmsingles.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMSingle" @@ -25,9 +15,12 @@ spec: versions: - additionalPrinterColumns: - description: "Current status of single node update process" - jsonPath: ".status.singleStatus" + jsonPath: ".status.updateStatus" name: "Status" type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" name: "v1beta1" schema: openAPIV3Schema: @@ -212,6 +205,9 @@ spec: license: description: "License allows to configure license key to be used for enterprise features.\nUsing license key is supported starting from VictoriaMetrics v1.94.0.\nSee [here](https://docs.victoriametrics.com/enterprise)" properties: + forceOffline: + description: "Enforce offline verification of the license key." + type: "boolean" key: description: "Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise).\nTo request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial)" type: "string" @@ -232,6 +228,9 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + reloadInterval: + description: "Interval to be used for checking for license key changes. Note that this is only applicable when using KeyRef." + type: "string" type: "object" livenessProbe: description: "LivenessProbe that will be added CRD pod" @@ -252,8 +251,22 @@ spec: - "FATAL" - "PANIC" type: "string" + managedMetadata: + description: "ManagedMetadata defines metadata that will be added to the all objects\ncreated by operator for the given CustomResource" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels Map of string keys and values that can be used to organize and categorize\n(scope and select) objects.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + type: "object" + type: "object" minReadySeconds: - description: "MinReadySeconds defines a minim number os seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" + description: "MinReadySeconds defines a minimum number of seconds to wait before starting update next pod\nif previous in healthy state\nHas no effect for VLogs and VMSingle" format: "int32" type: "integer" nodeSelector: @@ -321,6 +334,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -413,7 +429,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true storage: - description: "Storage is the definition of how storage will be used by the VMSingle\nby default it`s empty dir" + description: "Storage is the definition of how storage will be used by the VMSingle\nby default it`s empty dir\nthis option is ignored if storageDataPath is set" properties: accessModes: description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" @@ -516,7 +532,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -526,7 +542,7 @@ spec: type: "string" type: "object" storageDataPath: - description: "StorageDataPath disables spec.storage option and overrides arg for victoria-metrics binary --storageDataPath,\nits users responsibility to mount proper device into given path." + description: "StorageDataPath disables spec.storage option and overrides arg for victoria-metrics binary --storageDataPath,\nits users responsibility to mount proper device into given path.\nIt requires to provide spec.volumes and spec.volumeMounts with at least 1 value" type: "string" storageMetadata: description: "StorageMeta defines annotations and labels attached to PVC for given vmsingle CR" @@ -966,6 +982,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1088,25 +1107,81 @@ spec: description: "VMSingleStatus defines the observed state of VMSingle" properties: availableReplicas: - description: "AvailableReplicas Total number of available pods (ready for at least minReadySeconds) targeted by this VMSingle." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" reason: - description: "Reason defines a reason in case of update failure" + description: "Reason defines human readable error reason" type: "string" replicas: - description: "ReplicaCount Total number of non-terminated pods targeted by this VMSingle." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" singleStatus: - description: "UpdateStatus defines a status of single node rollout" + description: "LegacyStatus is deprecated and will be removed at v0.52.0 version" type: "string" unavailableReplicas: - description: "UnavailableReplicas Total number of unavailable pods targeted by this VMSingle." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" + updateStatus: + description: "UpdateStatus defines a status for update rollout" + type: "string" updatedReplicas: - description: "UpdatedReplicas Total number of non-terminated pods targeted by this VMSingle." + description: "deprecated and will be removed at v0.52.0" format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmstaticscrapes.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmstaticscrapes.yaml index 5de16c245..23d9a2887 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmstaticscrapes.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmstaticscrapes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmstaticscrapes.operator.victoriametrics.com" spec: group: "operator.victoriametrics.com" @@ -17,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -365,6 +365,8 @@ spec: enum: - "http" - "https" + - "HTTPS" + - "HTTP" type: "string" scrapeTimeout: description: "Timeout after which the scrape is ended" @@ -703,11 +705,64 @@ spec: status: description: "ScrapeObjectStatus defines the observed state of ScrapeObjects" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines update status of resource" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" type: "object" diff --git a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmusers.yaml b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmusers.yaml index e63bffb6a..2281dcf30 100644 --- a/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmusers.yaml +++ b/crd-catalog/VictoriaMetrics/operator/operator.victoriametrics.com/v1beta1/vmusers.yaml @@ -2,19 +2,9 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vmusers.operator.victoriametrics.com" spec: - conversion: - strategy: "Webhook" - webhook: - clientConfig: - service: - name: "webhook-service" - namespace: "vm" - path: "/convert" - conversionReviewVersions: - - "v1" group: "operator.victoriametrics.com" names: kind: "VMUser" @@ -27,10 +17,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" - - jsonPath: ".status.status" + - jsonPath: ".status.updateStatus" name: "Status" type: "string" - - jsonPath: ".status.lastSyncError" + - jsonPath: ".status.reason" name: "Sync Error" type: "string" name: "v1beta1" @@ -66,6 +56,9 @@ spec: drop_src_path_prefix_parts: description: "DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend.\nSee [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details." type: "integer" + dump_request_on_errors: + description: "DumpRequestOnErrors instructs vmauth to return detailed request params to the client\nif routing rules don't allow to forward request to the backends.\nUseful for debugging `src_hosts` and `src_headers` based routing rules\n\navailable since v1.107.0 vmauth version" + type: "boolean" generatePassword: description: "GeneratePassword instructs operator to generate password for user\nif spec.password if empty." type: "boolean" @@ -147,6 +140,7 @@ spec: - "VMAgent" - "VMAlert" - "VMSingle" + - "VLogs" - "VMAlertManager" - "VMAlertmanager" - "VMCluster/vmselect" @@ -269,7 +263,7 @@ spec: type: "object" type: "array" tlsConfig: - description: "TLSConfig specifies TLSConfig configuration parameters." + description: "TLSConfig defines tls configuration for the backend connection" properties: ca: description: "Stuct containing the CA cert to use for the targets." @@ -406,11 +400,64 @@ spec: status: description: "VMUserStatus defines the observed state of VMUser" properties: - lastSyncError: - description: "LastSyncError contains error message for unsuccessful config generation\nfor given user" + conditions: + description: "Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"" + items: + description: "Condition defines status condition of the resource" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another." + format: "date-time" + type: "string" + lastUpdateTime: + description: "LastUpdateTime is the last time of given type update.\nThis value is used for status TTL update and removal" + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase." + maxLength: 316 + type: "string" + required: + - "lastTransitionTime" + - "lastUpdateTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + observedGeneration: + description: "ObservedGeneration defines current generation picked by operator for the\nreconcile" + format: "int64" + type: "integer" + reason: + description: "Reason defines human readable error reason" type: "string" - status: - description: "Status defines update status of resource" + updateStatus: + description: "UpdateStatus defines a status for update rollout" type: "string" type: "object" type: "object" diff --git a/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml b/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml index 8a641be5f..dd0e9a2cc 100644 --- a/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml +++ b/crd-catalog/aerospike/aerospike-kubernetes-operator/asdb.aerospike.com/v1/aerospikeclusters.yaml @@ -2,8 +2,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - aerospike-kubernetes-operator/version: "3.4.0" - controller-gen.kubebuilder.io/version: "v0.14.0" + aerospike-kubernetes-operator/version: "4.0.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "aerospikeclusters.asdb.aerospike.com" spec: group: "asdb.aerospike.com" @@ -242,6 +242,7 @@ spec: items: properties: id: + description: "ID is the unique identifier for the operation. It is used by the operator to track the operation." maxLength: 20 minLength: 1 type: "string" @@ -252,6 +253,7 @@ spec: - "PodRestart" type: "string" podList: + description: "PodList is the list of pods on which the operation is to be performed." items: type: "string" type: "array" @@ -315,13 +317,16 @@ spec: description: "Define resources requests and limits for Aerospike Server Container.\nPlease contact aerospike for proper sizing exercise\nOnly Memory and Cpu resources can be given\nResources.Limits should be more than Resources.Requests." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -354,6 +359,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -363,18 +380,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -413,7 +432,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -452,13 +471,16 @@ spec: description: "Define resources requests and limits for Aerospike init Container.\nOnly Memory and Cpu resources can be given\nResources.Limits should be more than Resources.Requests." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -491,6 +513,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -500,18 +534,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -550,7 +586,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -603,11 +639,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -624,11 +662,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -640,6 +680,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -664,11 +705,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -685,14 +728,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -728,11 +774,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -741,13 +789,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -771,11 +819,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -788,6 +838,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -803,6 +854,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -827,11 +879,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -840,13 +894,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -870,11 +924,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -887,6 +943,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -894,6 +951,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -925,11 +983,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -938,13 +998,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -968,11 +1028,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -985,6 +1047,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1000,6 +1063,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1024,11 +1088,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1037,13 +1103,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1067,11 +1133,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1084,6 +1152,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1091,6 +1160,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" dnsConfig: @@ -1101,6 +1171,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: @@ -1113,11 +1184,13 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" dnsPolicy: description: "DnsPolicy same as https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy.\nIf hostNetwork is true and policy is not specified, it defaults to ClusterFirstWithHostNet" @@ -1134,7 +1207,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1149,11 +1223,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -1175,7 +1251,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1224,7 +1301,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1238,6 +1316,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1247,7 +1328,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1261,7 +1343,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1270,6 +1353,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -1290,6 +1374,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1313,6 +1398,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1365,6 +1451,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1388,6 +1475,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1441,6 +1529,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1454,7 +1543,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1481,6 +1571,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1577,6 +1668,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1590,7 +1682,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1617,6 +1710,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1689,13 +1783,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1731,6 +1828,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1740,18 +1849,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1790,7 +1901,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1823,6 +1934,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1836,7 +1948,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1863,6 +1976,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1945,6 +2059,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1954,7 +2071,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1962,6 +2079,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1973,6 +2093,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1995,7 +2118,7 @@ spec: type: "object" type: "object" multiPodPerHost: - description: "If set true then multiple pods can be created per Kubernetes Node.\nThis will create a NodePort service for each Pod if aerospikeNetworkPolicy defined\nhas one of the network types: 'hostInternal', 'hostExternal', 'configuredIP'\nNodePort, as the name implies, opens a specific port on all the Kubernetes Nodes ,\nand any traffic that is sent to this port is forwarded to the service.\nHere service picks a random port in range (30000-32767), so these port should be open.\n\n\nIf set false then only single pod can be created per Kubernetes Node.\nThis will create Pods using hostPort setting.\nThe container port will be exposed to the external network at :,\nwhere the hostIP is the IP address of the Kubernetes Node where the container is running and\nthe hostPort is the port requested by the user." + description: "If set true then multiple pods can be created per Kubernetes Node.\nThis will create a NodePort service for each Pod if aerospikeNetworkPolicy defined\nhas one of the network types: 'hostInternal', 'hostExternal', 'configuredIP'\nNodePort, as the name implies, opens a specific port on all the Kubernetes Nodes ,\nand any traffic that is sent to this port is forwarded to the service.\nHere service picks a random port in range (30000-32767), so these port should be open.\n\nIf set false then only single pod can be created per Kubernetes Node.\nThis will create Pods using hostPort setting.\nThe container port will be exposed to the external network at :,\nwhere the hostIP is the IP address of the Kubernetes Node where the container is running and\nthe hostPort is the port requested by the user." type: "boolean" nodeSelector: additionalProperties: @@ -2005,8 +2128,20 @@ spec: securityContext: description: "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -2046,17 +2181,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -2073,6 +2212,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2100,11 +2240,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -2126,7 +2268,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2175,7 +2318,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2189,6 +2333,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -2198,7 +2345,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2212,7 +2360,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2221,6 +2370,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -2241,6 +2391,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2264,6 +2415,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2316,6 +2468,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2339,6 +2492,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2392,6 +2546,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2405,7 +2560,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2432,6 +2588,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2528,6 +2685,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2541,7 +2699,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2568,6 +2727,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2640,13 +2800,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2682,6 +2845,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2691,18 +2866,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2741,7 +2918,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2774,6 +2951,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2787,7 +2965,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2814,6 +2993,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2896,6 +3076,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -2905,7 +3088,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2913,6 +3096,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2924,6 +3110,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -3015,11 +3204,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3036,11 +3227,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -3052,6 +3245,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -3076,11 +3270,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3097,14 +3293,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -3140,11 +3339,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3153,13 +3354,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3183,11 +3384,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3200,6 +3403,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3215,6 +3419,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -3239,11 +3444,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3252,13 +3459,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3282,11 +3489,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3299,6 +3508,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3306,6 +3516,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -3337,11 +3548,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3350,13 +3563,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3380,11 +3593,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3397,6 +3612,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3412,6 +3628,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -3436,11 +3653,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3449,13 +3668,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3479,11 +3698,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3496,6 +3717,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -3503,6 +3725,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -3782,8 +4005,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3844,11 +4069,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3875,7 +4102,7 @@ spec: - "volumeMode" type: "object" secret: - description: "Adapts a Secret into a volume.\n\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." + description: "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." properties: defaultMode: description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." @@ -3901,6 +4128,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -3964,11 +4192,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -3985,11 +4215,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -4001,6 +4233,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -4025,11 +4258,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -4046,14 +4281,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -4089,11 +4327,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4102,13 +4342,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4132,11 +4372,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4149,6 +4391,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -4164,6 +4407,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -4188,11 +4432,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4201,13 +4447,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4231,11 +4477,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4248,6 +4496,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -4255,6 +4504,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -4286,11 +4536,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4299,13 +4551,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4329,11 +4581,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4346,6 +4600,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -4361,6 +4616,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -4385,11 +4641,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4398,13 +4656,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4428,11 +4686,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4445,6 +4705,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -4452,6 +4713,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -4737,8 +4999,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4799,11 +5063,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4830,7 +5096,7 @@ spec: - "volumeMode" type: "object" secret: - description: "Adapts a Secret into a volume.\n\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." + description: "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." properties: defaultMode: description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." @@ -4856,6 +5122,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -5195,8 +5462,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -5257,11 +5526,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5288,7 +5559,7 @@ spec: - "volumeMode" type: "object" secret: - description: "Adapts a Secret into a volume.\n\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." + description: "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." properties: defaultMode: description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." @@ -5314,6 +5585,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -5552,13 +5824,14 @@ spec: description: "MaxUnavailable is the percentage/number of pods that can be allowed to go down or unavailable before application\ndisruption. This value is used to create PodDisruptionBudget. Defaults to 1." x-kubernetes-int-or-string: true multiPodPerHost: - description: "If set true then multiple pods can be created per Kubernetes Node.\nThis will create a NodePort service for each Pod.\nNodePort, as the name implies, opens a specific port on all the Kubernetes Nodes ,\nand any traffic that is sent to this port is forwarded to the service.\nHere service picks a random port in range (30000-32767), so these port should be open.\n\n\nIf set false then only single pod can be created per Kubernetes Node.\nThis will create Pods using hostPort setting.\nThe container port will be exposed to the external network at :,\nwhere the hostIP is the IP address of the Kubernetes Node where the container is running and\nthe hostPort is the port requested by the user.\nDeprecated: MultiPodPerHost is now part of podSpec" + description: "If set true then multiple pods can be created per Kubernetes Node.\nThis will create a NodePort service for each Pod.\nNodePort, as the name implies, opens a specific port on all the Kubernetes Nodes ,\nand any traffic that is sent to this port is forwarded to the service.\nHere service picks a random port in range (30000-32767), so these port should be open.\n\nIf set false then only single pod can be created per Kubernetes Node.\nThis will create Pods using hostPort setting.\nThe container port will be exposed to the external network at :,\nwhere the hostIP is the IP address of the Kubernetes Node where the container is running and\nthe hostPort is the port requested by the user.\nDeprecated: MultiPodPerHost is now part of podSpec" type: "boolean" operations: description: "Operations is a list of on-demand operation to be performed on the Aerospike cluster." items: properties: id: + description: "ID is the unique identifier for the operation. It is used by the operator to track the operation." maxLength: 20 minLength: 1 type: "string" @@ -5569,6 +5842,7 @@ spec: - "PodRestart" type: "string" podList: + description: "PodList is the list of pods on which the operation is to be performed." items: type: "string" type: "array" @@ -5635,13 +5909,16 @@ spec: description: "Define resources requests and limits for Aerospike Server Container.\nPlease contact aerospike for proper sizing exercise\nOnly Memory and Cpu resources can be given\nResources.Limits should be more than Resources.Requests." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -5674,6 +5951,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5683,18 +5972,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -5733,7 +6024,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -5772,13 +6063,16 @@ spec: description: "Define resources requests and limits for Aerospike init Container.\nOnly Memory and Cpu resources can be given\nResources.Limits should be more than Resources.Requests." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -5811,6 +6105,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5820,18 +6126,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -5870,7 +6178,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -5923,11 +6231,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -5944,11 +6254,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -5960,6 +6272,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -5984,11 +6297,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -6005,14 +6320,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -6048,11 +6366,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6061,13 +6381,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6091,11 +6411,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6108,6 +6430,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -6123,6 +6446,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -6147,11 +6471,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6160,13 +6486,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6190,11 +6516,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6207,6 +6535,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -6214,6 +6543,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -6245,11 +6575,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6258,13 +6590,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6288,11 +6620,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6305,6 +6639,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -6320,6 +6655,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -6344,11 +6680,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6357,13 +6695,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6387,11 +6725,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6404,6 +6744,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -6411,6 +6752,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" dnsConfig: @@ -6421,6 +6763,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: @@ -6433,11 +6776,13 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" dnsPolicy: description: "DnsPolicy same as https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy.\nIf hostNetwork is true and policy is not specified, it defaults to ClusterFirstWithHostNet" @@ -6454,7 +6799,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6469,11 +6815,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -6495,7 +6843,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -6544,7 +6893,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -6558,6 +6908,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -6567,7 +6920,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -6581,7 +6935,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -6590,6 +6945,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -6610,6 +6966,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -6633,6 +6990,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -6685,6 +7043,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -6708,6 +7067,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -6761,6 +7121,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -6774,7 +7135,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -6801,6 +7163,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -6897,6 +7260,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -6910,7 +7274,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -6937,6 +7302,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7009,13 +7375,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -7051,6 +7420,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -7060,18 +7441,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -7110,7 +7493,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -7143,6 +7526,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -7156,7 +7540,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -7183,6 +7568,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7265,6 +7651,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -7274,7 +7663,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -7282,6 +7671,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -7293,6 +7685,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -7315,7 +7710,7 @@ spec: type: "object" type: "object" multiPodPerHost: - description: "If set true then multiple pods can be created per Kubernetes Node.\nThis will create a NodePort service for each Pod if aerospikeNetworkPolicy defined\nhas one of the network types: 'hostInternal', 'hostExternal', 'configuredIP'\nNodePort, as the name implies, opens a specific port on all the Kubernetes Nodes ,\nand any traffic that is sent to this port is forwarded to the service.\nHere service picks a random port in range (30000-32767), so these port should be open.\n\n\nIf set false then only single pod can be created per Kubernetes Node.\nThis will create Pods using hostPort setting.\nThe container port will be exposed to the external network at :,\nwhere the hostIP is the IP address of the Kubernetes Node where the container is running and\nthe hostPort is the port requested by the user." + description: "If set true then multiple pods can be created per Kubernetes Node.\nThis will create a NodePort service for each Pod if aerospikeNetworkPolicy defined\nhas one of the network types: 'hostInternal', 'hostExternal', 'configuredIP'\nNodePort, as the name implies, opens a specific port on all the Kubernetes Nodes ,\nand any traffic that is sent to this port is forwarded to the service.\nHere service picks a random port in range (30000-32767), so these port should be open.\n\nIf set false then only single pod can be created per Kubernetes Node.\nThis will create Pods using hostPort setting.\nThe container port will be exposed to the external network at :,\nwhere the hostIP is the IP address of the Kubernetes Node where the container is running and\nthe hostPort is the port requested by the user." type: "boolean" nodeSelector: additionalProperties: @@ -7325,8 +7720,20 @@ spec: securityContext: description: "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -7366,17 +7773,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -7393,6 +7804,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -7420,11 +7832,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -7446,7 +7860,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -7495,7 +7910,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -7509,6 +7925,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -7518,7 +7937,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -7532,7 +7952,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -7541,6 +7962,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -7561,6 +7983,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -7584,6 +8007,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7636,6 +8060,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -7659,6 +8084,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7712,6 +8138,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -7725,7 +8152,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -7752,6 +8180,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7848,6 +8277,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -7861,7 +8291,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -7888,6 +8319,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -7960,13 +8392,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -8002,6 +8437,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -8011,18 +8458,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -8061,7 +8510,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -8094,6 +8543,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -8107,7 +8557,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -8134,6 +8585,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -8216,6 +8668,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -8225,7 +8680,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -8233,6 +8688,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -8244,6 +8702,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -8437,11 +8898,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -8458,11 +8921,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -8474,6 +8939,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -8498,11 +8964,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -8519,14 +8987,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -8562,11 +9033,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8575,13 +9048,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8605,11 +9078,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8622,6 +9097,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -8637,6 +9113,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -8661,11 +9138,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8674,13 +9153,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8704,11 +9183,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8721,6 +9202,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -8728,6 +9210,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -8759,11 +9242,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8772,13 +9257,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8802,11 +9287,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8819,6 +9306,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -8834,6 +9322,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -8858,11 +9347,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8871,13 +9362,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8901,11 +9392,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8918,6 +9411,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -8925,6 +9419,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -9204,8 +9699,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -9266,11 +9763,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9297,7 +9796,7 @@ spec: - "volumeMode" type: "object" secret: - description: "Adapts a Secret into a volume.\n\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." + description: "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." properties: defaultMode: description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." @@ -9323,6 +9822,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -9386,11 +9886,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -9407,11 +9909,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -9423,6 +9927,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -9447,11 +9952,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -9468,14 +9975,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -9511,11 +10021,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9524,13 +10036,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9554,11 +10066,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9571,6 +10085,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -9586,6 +10101,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -9610,11 +10126,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9623,13 +10141,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9653,11 +10171,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9670,6 +10190,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -9677,6 +10198,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -9708,11 +10230,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9721,13 +10245,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9751,11 +10275,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9768,6 +10294,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -9783,6 +10310,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -9807,11 +10335,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9820,13 +10350,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9850,11 +10380,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -9867,6 +10399,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -9874,6 +10407,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -10159,8 +10693,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -10221,11 +10757,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -10252,7 +10790,7 @@ spec: - "volumeMode" type: "object" secret: - description: "Adapts a Secret into a volume.\n\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." + description: "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." properties: defaultMode: description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." @@ -10278,6 +10816,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -10327,13 +10866,16 @@ spec: description: "Define resources requests and limits for Aerospike Server Container.\nPlease contact aerospike for proper sizing exercise\nOnly Memory and Cpu resources can be given\nDeprecated: Resources field is now part of containerSpec" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -10402,6 +10944,9 @@ spec: type: "integer" type: "object" type: "object" + selector: + description: "Selector specifies the label selector for the Aerospike pods." + type: "string" size: description: "Aerospike cluster size" format: "int32" @@ -10654,8 +11199,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -10716,11 +11263,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -10747,7 +11296,7 @@ spec: - "volumeMode" type: "object" secret: - description: "Adapts a Secret into a volume.\n\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." + description: "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume\nas files using the keys in the Data field as the file names.\nSecret volumes support ownership management and SELinux relabeling." properties: defaultMode: description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." @@ -10773,6 +11322,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -10815,4 +11365,8 @@ spec: served: true storage: true subresources: + scale: + labelSelectorPath: ".status.selector" + specReplicasPath: ".spec.size" + statusReplicasPath: ".status.size" status: {} diff --git a/crd-catalog/alexandrevilain/temporal-operator/temporal.io/v1beta1/temporalclusters.yaml b/crd-catalog/alexandrevilain/temporal-operator/temporal.io/v1beta1/temporalclusters.yaml index 4fb132e10..2d6eca913 100644 --- a/crd-catalog/alexandrevilain/temporal-operator/temporal.io/v1beta1/temporalclusters.yaml +++ b/crd-catalog/alexandrevilain/temporal-operator/temporal.io/v1beta1/temporalclusters.yaml @@ -54,6 +54,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: @@ -503,6 +505,9 @@ spec: description: "Enabled defines if the operator should enable mTLS for network between cluster nodes." type: "boolean" type: "object" + permissiveMetrics: + description: "PermissiveMetrics allows insecure HTTP requests to the metrics endpoint.\nThis is handy if the metrics collector does not support mTLS.\nUseless if mTLS provider is not istio" + type: "boolean" provider: default: "cert-manager" description: "Provider defines the tool used to manage mTLS certificates." @@ -1284,6 +1289,17 @@ spec: type: "string" type: "array" type: "object" + nativeHistogramBucketLimit: + description: "If there are more than this many buckets in a native histogram,\nbuckets will be merged to stay within the limit.\nIt requires Prometheus >= v2.45.0." + format: "int64" + type: "integer" + nativeHistogramMinBucketFactor: + anyOf: + - type: "integer" + - type: "string" + description: "If the growth factor of one bucket to the next is smaller than this,\nbuckets will be merged to increase the factor sufficiently.\nIt requires Prometheus >= v2.50.0." + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true podTargetLabels: description: "`podTargetLabels` defines the labels which are transferred from the\nassociated Kubernetes `Pod` object onto the ingested metrics." items: @@ -1297,6 +1313,9 @@ spec: description: "The scrape class to apply." minLength: 1 type: "string" + scrapeClassicHistograms: + description: "Whether to scrape a classic histogram that is also exposed as a native histogram.\nIt requires Prometheus >= v2.45.0." + type: "boolean" scrapeProtocols: description: "`scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0." items: @@ -2308,6 +2327,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: @@ -2423,6 +2444,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: @@ -2542,6 +2565,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: @@ -2657,6 +2682,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: @@ -2754,6 +2781,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: @@ -2819,6 +2848,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: @@ -2961,6 +2992,8 @@ spec: deployment: description: "Override configuration for the temporal service Deployment." properties: + jsonPatch: + x-kubernetes-preserve-unknown-fields: true metadata: description: "ObjectMetaOverride provides the ability to override an object metadata.\nIt's a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta." properties: diff --git a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml index 8ff097121..aa1a179de 100644 --- a/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml +++ b/crd-catalog/ansible/awx-operator/awx.ansible.com/v1beta1/awxs.yaml @@ -550,6 +550,9 @@ spec: hostname: description: "(Deprecated) The hostname of the instance" type: "string" + idle_deployment: + description: "Scale down deployments to put AWX into an idle state" + type: "boolean" image: description: "Registry path to the application container to use" type: "string" @@ -734,6 +737,9 @@ spec: metrics_utility_ship_target: description: "Metrics-Utility Ship Target" type: "string" + nginx_client_max_body_size: + description: "Sets the maximum allowed size of the client request body in megabytes (defaults to 5M)" + type: "integer" nginx_listen_queue_size: description: "Set the socket listen queue size for nginx (defaults to same as uwsgi)" type: "integer" @@ -912,7 +918,6 @@ spec: - "_No_" type: "string" public_base_url: - default: "" description: "Public base URL" type: "string" receptor_log_level: @@ -2031,6 +2036,7 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-preserve-unknown-fields: true image: description: "URL of the image used for the deployed instance" type: "string" @@ -2053,6 +2059,7 @@ spec: description: "Version of the deployed instance" type: "string" type: "object" + x-kubernetes-preserve-unknown-fields: true type: "object" served: true storage: true diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml index 9cca00731..0e90e9f50 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml @@ -118,7 +118,7 @@ spec: description: "Task represents the abstract task. Only one of the task should be configured to represent the specific task chosen." properties: buildah: - description: "a BuildahTask, for Buildah strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead" + description: "a BuildahTask, for Buildah strategy\nDeprecated: use jib or a custom publishing strategy instead" properties: baseImage: description: "base image layer" @@ -287,7 +287,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -342,7 +343,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -358,7 +360,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -451,7 +454,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -467,7 +471,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -487,7 +492,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -503,7 +509,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -849,7 +856,7 @@ spec: type: "object" type: "object" kaniko: - description: "a KanikoTask, for Kaniko strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead" + description: "a KanikoTask, for Kaniko strategy\nDeprecated: use jib or a custom publishing strategy instead" properties: baseImage: description: "base image layer" @@ -1025,7 +1032,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1080,7 +1088,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1096,7 +1105,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1189,7 +1199,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1205,7 +1216,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1225,7 +1237,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1241,7 +1254,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1427,7 +1441,7 @@ spec: type: "array" type: "object" s2i: - description: "a S2iTask, for S2I strategy" + description: "a S2iTask, for S2I strategy\nDeprecated: use jib or a custom publishing strategy instead" properties: baseImage: description: "base image layer" @@ -1515,7 +1529,7 @@ spec: type: "string" type: "object" spectrum: - description: "a SpectrumTask, for Spectrum strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead" + description: "a SpectrumTask, for Spectrum strategy\nDeprecated: use jib or a custom publishing strategy instead" properties: baseImage: description: "base image layer" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml index 202157368..f801e9f6f 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml @@ -81,7 +81,7 @@ spec: type: "object" type: "array" dependencies: - description: "a list of Camel dependecies used by this kit" + description: "a list of Camel dependencies used by this kit" items: type: "string" type: "array" @@ -273,8 +273,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" quarkus: diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml index 4a5b79213..fb01ecb01 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml @@ -135,7 +135,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -190,7 +191,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -206,7 +208,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -232,7 +235,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -248,7 +252,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -268,7 +273,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -284,7 +290,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -535,8 +542,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" container: @@ -591,6 +604,7 @@ spec: type: "string" port: description: "To configure a different port exposed by the container (default `8080`)." + format: "int32" type: "integer" portName: description: "To configure a different port name for the port exposed by the container. It defaults to `http` only when the `expose` parameter is true." @@ -616,6 +630,7 @@ spec: type: "string" servicePort: description: "To configure under which service port the container port is to be exposed (default `80`)." + format: "int32" type: "integer" servicePortName: description: "To configure under which service port name the container port is to be exposed (default `http`)." @@ -775,7 +790,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: no longer in use." enum: - "disabled" - "disk" @@ -908,7 +923,7 @@ spec: description: "The Ingress class name as defined by the Ingress spec\nSee https://kubernetes.io/docs/concepts/services-networking/ingress/" type: "string" path: - description: "To configure the path exposed by the ingress (default `/`)." + description: "To configure the path exposed by the ingress (default `/`).\nDeprecated: In favor of `paths` - left for backward compatibility." type: "string" pathType: description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." @@ -917,6 +932,11 @@ spec: - "Prefix" - "ImplementationSpecific" type: "string" + paths: + description: "To configure the paths exposed by the ingress (default `['/']`)." + items: + type: "string" + type: "array" tlsHosts: description: "To configure tls hosts" items: @@ -980,6 +1000,7 @@ spec: type: "string" port: description: "The Jolokia endpoint port (default `8778`)." + format: "int32" type: "integer" protocol: description: "The protocol to use, either `http` or `https` (default `https` for OpenShift)" @@ -1201,14 +1222,33 @@ spec: type: "string" type: "object" master: - description: "Deprecated: for backward compatibility." + description: "The configuration of Master trait" properties: + auto: + description: "Enables automatic configuration of the trait." + type: "boolean" configuration: - description: "TraitConfiguration parameters configuration" + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true - required: - - "configuration" + enabled: + description: "Can be used to enable or disable a trait. All traits share this common property." + type: "boolean" + includeDelegateDependencies: + description: "When this flag is active, the operator analyzes the source code to add dependencies required by delegate endpoints.\nE.g. when using `master:lockname:timer`, then `camel:timer` is automatically added to the set of dependencies.\nIt's enabled by default." + type: "boolean" + labelKey: + description: "Label that will be used to identify all pods contending the lock. Defaults to \"camel.apache.org/integration\"." + type: "string" + labelValue: + description: "Label value that will be used to identify all pods contending the lock. Defaults to the integration name." + type: "string" + resourceName: + description: "Name of the configmap that will be used to store the lock. Defaults to \"-lock\".\nName of the configmap/lease resource that will be used to store the lock. Defaults to \"-lock\"." + type: "string" + resourceType: + description: "Type of Kubernetes resource to use for locking (\"ConfigMap\" or \"Lease\"). Defaults to \"Lease\"." + type: "string" type: "object" mount: description: "The configuration of Mount trait" @@ -1694,7 +1734,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1749,7 +1790,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1765,7 +1807,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1791,7 +1834,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1807,7 +1851,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1827,7 +1872,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1843,7 +1889,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2136,8 +2183,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" container: @@ -2192,6 +2245,7 @@ spec: type: "string" port: description: "To configure a different port exposed by the container (default `8080`)." + format: "int32" type: "integer" portName: description: "To configure a different port name for the port exposed by the container. It defaults to `http` only when the `expose` parameter is true." @@ -2217,6 +2271,7 @@ spec: type: "string" servicePort: description: "To configure under which service port the container port is to be exposed (default `80`)." + format: "int32" type: "integer" servicePortName: description: "To configure under which service port name the container port is to be exposed (default `http`)." @@ -2376,7 +2431,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: no longer in use." enum: - "disabled" - "disk" @@ -2509,7 +2564,7 @@ spec: description: "The Ingress class name as defined by the Ingress spec\nSee https://kubernetes.io/docs/concepts/services-networking/ingress/" type: "string" path: - description: "To configure the path exposed by the ingress (default `/`)." + description: "To configure the path exposed by the ingress (default `/`).\nDeprecated: In favor of `paths` - left for backward compatibility." type: "string" pathType: description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." @@ -2518,6 +2573,11 @@ spec: - "Prefix" - "ImplementationSpecific" type: "string" + paths: + description: "To configure the paths exposed by the ingress (default `['/']`)." + items: + type: "string" + type: "array" tlsHosts: description: "To configure tls hosts" items: @@ -2581,6 +2641,7 @@ spec: type: "string" port: description: "The Jolokia endpoint port (default `8778`)." + format: "int32" type: "integer" protocol: description: "The protocol to use, either `http` or `https` (default `https` for OpenShift)" @@ -2802,14 +2863,33 @@ spec: type: "string" type: "object" master: - description: "Deprecated: for backward compatibility." + description: "The configuration of Master trait" properties: + auto: + description: "Enables automatic configuration of the trait." + type: "boolean" configuration: - description: "TraitConfiguration parameters configuration" + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true - required: - - "configuration" + enabled: + description: "Can be used to enable or disable a trait. All traits share this common property." + type: "boolean" + includeDelegateDependencies: + description: "When this flag is active, the operator analyzes the source code to add dependencies required by delegate endpoints.\nE.g. when using `master:lockname:timer`, then `camel:timer` is automatically added to the set of dependencies.\nIt's enabled by default." + type: "boolean" + labelKey: + description: "Label that will be used to identify all pods contending the lock. Defaults to \"camel.apache.org/integration\"." + type: "string" + labelValue: + description: "Label value that will be used to identify all pods contending the lock. Defaults to the integration name." + type: "string" + resourceName: + description: "Name of the configmap that will be used to store the lock. Defaults to \"-lock\".\nName of the configmap/lease resource that will be used to store the lock. Defaults to \"-lock\"." + type: "string" + resourceType: + description: "Type of Kubernetes resource to use for locking (\"ConfigMap\" or \"Lease\"). Defaults to \"Lease\"." + type: "string" type: "object" mount: description: "The configuration of Mount trait" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml index e1ec5ed29..f718be2e7 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml @@ -61,7 +61,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -116,7 +117,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -132,7 +134,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -158,7 +161,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -174,7 +178,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -194,7 +199,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -210,7 +216,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -429,8 +436,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" container: @@ -485,6 +498,7 @@ spec: type: "string" port: description: "To configure a different port exposed by the container (default `8080`)." + format: "int32" type: "integer" portName: description: "To configure a different port name for the port exposed by the container. It defaults to `http` only when the `expose` parameter is true." @@ -510,6 +524,7 @@ spec: type: "string" servicePort: description: "To configure under which service port the container port is to be exposed (default `80`)." + format: "int32" type: "integer" servicePortName: description: "To configure under which service port name the container port is to be exposed (default `http`)." @@ -669,7 +684,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: no longer in use." enum: - "disabled" - "disk" @@ -802,7 +817,7 @@ spec: description: "The Ingress class name as defined by the Ingress spec\nSee https://kubernetes.io/docs/concepts/services-networking/ingress/" type: "string" path: - description: "To configure the path exposed by the ingress (default `/`)." + description: "To configure the path exposed by the ingress (default `/`).\nDeprecated: In favor of `paths` - left for backward compatibility." type: "string" pathType: description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." @@ -811,6 +826,11 @@ spec: - "Prefix" - "ImplementationSpecific" type: "string" + paths: + description: "To configure the paths exposed by the ingress (default `['/']`)." + items: + type: "string" + type: "array" tlsHosts: description: "To configure tls hosts" items: @@ -874,6 +894,7 @@ spec: type: "string" port: description: "The Jolokia endpoint port (default `8778`)." + format: "int32" type: "integer" protocol: description: "The protocol to use, either `http` or `https` (default `https` for OpenShift)" @@ -1095,14 +1116,33 @@ spec: type: "string" type: "object" master: - description: "Deprecated: for backward compatibility." + description: "The configuration of Master trait" properties: + auto: + description: "Enables automatic configuration of the trait." + type: "boolean" configuration: - description: "TraitConfiguration parameters configuration" + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true - required: - - "configuration" + enabled: + description: "Can be used to enable or disable a trait. All traits share this common property." + type: "boolean" + includeDelegateDependencies: + description: "When this flag is active, the operator analyzes the source code to add dependencies required by delegate endpoints.\nE.g. when using `master:lockname:timer`, then `camel:timer` is automatically added to the set of dependencies.\nIt's enabled by default." + type: "boolean" + labelKey: + description: "Label that will be used to identify all pods contending the lock. Defaults to \"camel.apache.org/integration\"." + type: "string" + labelValue: + description: "Label value that will be used to identify all pods contending the lock. Defaults to the integration name." + type: "string" + resourceName: + description: "Name of the configmap that will be used to store the lock. Defaults to \"-lock\".\nName of the configmap/lease resource that will be used to store the lock. Defaults to \"-lock\"." + type: "string" + resourceType: + description: "Type of Kubernetes resource to use for locking (\"ConfigMap\" or \"Lease\"). Defaults to \"Lease\"." + type: "string" type: "object" mount: description: "The configuration of Mount trait" @@ -1530,7 +1570,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1585,7 +1626,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1601,7 +1643,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1627,7 +1670,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1643,7 +1687,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1663,7 +1708,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1679,7 +1725,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1935,8 +1982,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" container: @@ -1991,6 +2044,7 @@ spec: type: "string" port: description: "To configure a different port exposed by the container (default `8080`)." + format: "int32" type: "integer" portName: description: "To configure a different port name for the port exposed by the container. It defaults to `http` only when the `expose` parameter is true." @@ -2016,6 +2070,7 @@ spec: type: "string" servicePort: description: "To configure under which service port the container port is to be exposed (default `80`)." + format: "int32" type: "integer" servicePortName: description: "To configure under which service port name the container port is to be exposed (default `http`)." @@ -2175,7 +2230,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: no longer in use." enum: - "disabled" - "disk" @@ -2308,7 +2363,7 @@ spec: description: "The Ingress class name as defined by the Ingress spec\nSee https://kubernetes.io/docs/concepts/services-networking/ingress/" type: "string" path: - description: "To configure the path exposed by the ingress (default `/`)." + description: "To configure the path exposed by the ingress (default `/`).\nDeprecated: In favor of `paths` - left for backward compatibility." type: "string" pathType: description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." @@ -2317,6 +2372,11 @@ spec: - "Prefix" - "ImplementationSpecific" type: "string" + paths: + description: "To configure the paths exposed by the ingress (default `['/']`)." + items: + type: "string" + type: "array" tlsHosts: description: "To configure tls hosts" items: @@ -2380,6 +2440,7 @@ spec: type: "string" port: description: "The Jolokia endpoint port (default `8778`)." + format: "int32" type: "integer" protocol: description: "The protocol to use, either `http` or `https` (default `https` for OpenShift)" @@ -2601,14 +2662,33 @@ spec: type: "string" type: "object" master: - description: "Deprecated: for backward compatibility." + description: "The configuration of Master trait" properties: + auto: + description: "Enables automatic configuration of the trait." + type: "boolean" configuration: - description: "TraitConfiguration parameters configuration" + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true - required: - - "configuration" + enabled: + description: "Can be used to enable or disable a trait. All traits share this common property." + type: "boolean" + includeDelegateDependencies: + description: "When this flag is active, the operator analyzes the source code to add dependencies required by delegate endpoints.\nE.g. when using `master:lockname:timer`, then `camel:timer` is automatically added to the set of dependencies.\nIt's enabled by default." + type: "boolean" + labelKey: + description: "Label that will be used to identify all pods contending the lock. Defaults to \"camel.apache.org/integration\"." + type: "string" + labelValue: + description: "Label value that will be used to identify all pods contending the lock. Defaults to the integration name." + type: "string" + resourceName: + description: "Name of the configmap that will be used to store the lock. Defaults to \"-lock\".\nName of the configmap/lease resource that will be used to store the lock. Defaults to \"-lock\"." + type: "string" + resourceType: + description: "Type of Kubernetes resource to use for locking (\"ConfigMap\" or \"Lease\"). Defaults to \"Lease\"." + type: "string" type: "object" mount: description: "The configuration of Mount trait" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml index 8c7f57cc9..ade55b79e 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml @@ -209,11 +209,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -235,7 +237,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -284,7 +287,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -298,6 +302,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -307,7 +314,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -321,7 +329,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -330,6 +339,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -350,6 +360,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -373,6 +384,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -425,6 +437,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -448,6 +461,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -501,6 +515,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -541,6 +556,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -637,6 +653,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -677,6 +694,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -791,6 +809,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -800,12 +830,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -883,6 +915,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -923,6 +956,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1005,6 +1039,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1014,7 +1051,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1022,6 +1059,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1033,6 +1073,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1053,11 +1096,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -1079,7 +1124,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1128,7 +1174,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1142,6 +1189,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1151,7 +1201,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1165,7 +1216,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1174,6 +1226,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" @@ -1194,6 +1247,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1217,6 +1271,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1269,6 +1324,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1292,6 +1348,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1345,6 +1402,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1385,6 +1443,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1481,6 +1540,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1521,6 +1581,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1635,6 +1696,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1644,12 +1717,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1727,6 +1802,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1767,6 +1843,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1852,6 +1929,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." items: @@ -1861,7 +1941,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1869,6 +1949,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1880,6 +1963,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1897,11 +1983,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -1923,7 +2011,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1972,7 +2061,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1986,6 +2076,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1995,7 +2088,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2009,7 +2103,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2018,6 +2113,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -2038,6 +2134,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2061,6 +2158,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2113,6 +2211,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2136,6 +2235,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2189,6 +2289,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2229,6 +2330,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2325,6 +2427,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2365,6 +2468,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2479,6 +2583,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2488,12 +2604,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2571,6 +2689,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2611,6 +2730,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2693,6 +2813,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -2702,7 +2825,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2710,6 +2833,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2721,6 +2847,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -2739,6 +2868,18 @@ spec: securityContext: description: "PodSecurityContext" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -2791,6 +2932,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -2807,6 +2949,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2852,11 +2995,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2875,7 +3020,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -2969,6 +3114,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -2982,7 +3128,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3005,7 +3152,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3042,8 +3190,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3063,7 +3213,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3091,7 +3242,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3134,6 +3285,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -3166,6 +3318,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3243,11 +3396,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3259,7 +3414,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -3290,11 +3445,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -3317,7 +3474,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3426,6 +3584,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -3433,7 +3592,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3537,11 +3697,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3587,8 +3749,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3604,7 +3768,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3647,6 +3811,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -3671,8 +3836,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -3697,6 +3864,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -3740,6 +3908,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -3750,7 +3919,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3780,7 +3950,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3831,6 +4002,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -3851,7 +4023,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4053,8 +4226,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" container: @@ -4109,6 +4288,7 @@ spec: type: "string" port: description: "To configure a different port exposed by the container (default `8080`)." + format: "int32" type: "integer" portName: description: "To configure a different port name for the port exposed by the container. It defaults to `http` only when the `expose` parameter is true." @@ -4134,6 +4314,7 @@ spec: type: "string" servicePort: description: "To configure under which service port the container port is to be exposed (default `80`)." + format: "int32" type: "integer" servicePortName: description: "To configure under which service port name the container port is to be exposed (default `http`)." @@ -4293,7 +4474,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: no longer in use." enum: - "disabled" - "disk" @@ -4426,7 +4607,7 @@ spec: description: "The Ingress class name as defined by the Ingress spec\nSee https://kubernetes.io/docs/concepts/services-networking/ingress/" type: "string" path: - description: "To configure the path exposed by the ingress (default `/`)." + description: "To configure the path exposed by the ingress (default `/`).\nDeprecated: In favor of `paths` - left for backward compatibility." type: "string" pathType: description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." @@ -4435,6 +4616,11 @@ spec: - "Prefix" - "ImplementationSpecific" type: "string" + paths: + description: "To configure the paths exposed by the ingress (default `['/']`)." + items: + type: "string" + type: "array" tlsHosts: description: "To configure tls hosts" items: @@ -4498,6 +4684,7 @@ spec: type: "string" port: description: "The Jolokia endpoint port (default `8778`)." + format: "int32" type: "integer" protocol: description: "The protocol to use, either `http` or `https` (default `https` for OpenShift)" @@ -4719,14 +4906,33 @@ spec: type: "string" type: "object" master: - description: "Deprecated: for backward compatibility." + description: "The configuration of Master trait" properties: + auto: + description: "Enables automatic configuration of the trait." + type: "boolean" configuration: - description: "TraitConfiguration parameters configuration" + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true - required: - - "configuration" + enabled: + description: "Can be used to enable or disable a trait. All traits share this common property." + type: "boolean" + includeDelegateDependencies: + description: "When this flag is active, the operator analyzes the source code to add dependencies required by delegate endpoints.\nE.g. when using `master:lockname:timer`, then `camel:timer` is automatically added to the set of dependencies.\nIt's enabled by default." + type: "boolean" + labelKey: + description: "Label that will be used to identify all pods contending the lock. Defaults to \"camel.apache.org/integration\"." + type: "string" + labelValue: + description: "Label value that will be used to identify all pods contending the lock. Defaults to the integration name." + type: "string" + resourceName: + description: "Name of the configmap that will be used to store the lock. Defaults to \"-lock\".\nName of the configmap/lease resource that will be used to store the lock. Defaults to \"-lock\"." + type: "string" + resourceType: + description: "Type of Kubernetes resource to use for locking (\"ConfigMap\" or \"Lease\"). Defaults to \"Lease\"." + type: "string" type: "object" mount: description: "The configuration of Mount trait" @@ -5535,8 +5741,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" container: @@ -5591,6 +5803,7 @@ spec: type: "string" port: description: "To configure a different port exposed by the container (default `8080`)." + format: "int32" type: "integer" portName: description: "To configure a different port name for the port exposed by the container. It defaults to `http` only when the `expose` parameter is true." @@ -5616,6 +5829,7 @@ spec: type: "string" servicePort: description: "To configure under which service port the container port is to be exposed (default `80`)." + format: "int32" type: "integer" servicePortName: description: "To configure under which service port name the container port is to be exposed (default `http`)." @@ -5775,7 +5989,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: no longer in use." enum: - "disabled" - "disk" @@ -5908,7 +6122,7 @@ spec: description: "The Ingress class name as defined by the Ingress spec\nSee https://kubernetes.io/docs/concepts/services-networking/ingress/" type: "string" path: - description: "To configure the path exposed by the ingress (default `/`)." + description: "To configure the path exposed by the ingress (default `/`).\nDeprecated: In favor of `paths` - left for backward compatibility." type: "string" pathType: description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." @@ -5917,6 +6131,11 @@ spec: - "Prefix" - "ImplementationSpecific" type: "string" + paths: + description: "To configure the paths exposed by the ingress (default `['/']`)." + items: + type: "string" + type: "array" tlsHosts: description: "To configure tls hosts" items: @@ -5980,6 +6199,7 @@ spec: type: "string" port: description: "The Jolokia endpoint port (default `8778`)." + format: "int32" type: "integer" protocol: description: "The protocol to use, either `http` or `https` (default `https` for OpenShift)" @@ -6201,14 +6421,33 @@ spec: type: "string" type: "object" master: - description: "Deprecated: for backward compatibility." + description: "The configuration of Master trait" properties: + auto: + description: "Enables automatic configuration of the trait." + type: "boolean" configuration: - description: "TraitConfiguration parameters configuration" + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true - required: - - "configuration" + enabled: + description: "Can be used to enable or disable a trait. All traits share this common property." + type: "boolean" + includeDelegateDependencies: + description: "When this flag is active, the operator analyzes the source code to add dependencies required by delegate endpoints.\nE.g. when using `master:lockname:timer`, then `camel:timer` is automatically added to the set of dependencies.\nIt's enabled by default." + type: "boolean" + labelKey: + description: "Label that will be used to identify all pods contending the lock. Defaults to \"camel.apache.org/integration\"." + type: "string" + labelValue: + description: "Label value that will be used to identify all pods contending the lock. Defaults to the integration name." + type: "string" + resourceName: + description: "Name of the configmap that will be used to store the lock. Defaults to \"-lock\".\nName of the configmap/lease resource that will be used to store the lock. Defaults to \"-lock\"." + type: "string" + resourceType: + description: "Type of Kubernetes resource to use for locking (\"ConfigMap\" or \"Lease\"). Defaults to \"Lease\"." + type: "string" type: "object" mount: description: "The configuration of Mount trait" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml index ebf7f4c4b..c4d12963e 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml @@ -196,11 +196,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -222,7 +224,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -271,7 +274,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -285,6 +289,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -294,7 +301,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -308,7 +316,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -317,6 +326,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -337,6 +347,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -360,6 +371,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -412,6 +424,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -435,6 +448,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -488,6 +502,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -528,6 +543,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -624,6 +640,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -664,6 +681,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -778,6 +796,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -787,12 +817,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -870,6 +902,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -910,6 +943,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -992,6 +1026,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1001,7 +1038,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1009,6 +1046,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1020,6 +1060,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1040,11 +1083,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -1066,7 +1111,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1115,7 +1161,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1129,6 +1176,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1138,7 +1188,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1152,7 +1203,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1161,6 +1213,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" @@ -1181,6 +1234,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1204,6 +1258,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1256,6 +1311,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1279,6 +1335,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1332,6 +1389,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1372,6 +1430,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1468,6 +1527,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1508,6 +1568,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1622,6 +1683,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1631,12 +1704,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1714,6 +1789,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1754,6 +1830,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1839,6 +1916,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." items: @@ -1848,7 +1928,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1856,6 +1936,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1867,6 +1950,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1884,11 +1970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -1910,7 +1998,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1959,7 +2048,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1973,6 +2063,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1982,7 +2075,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1996,7 +2090,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2005,6 +2100,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -2025,6 +2121,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2048,6 +2145,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2100,6 +2198,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2123,6 +2222,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2176,6 +2276,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2216,6 +2317,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2312,6 +2414,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2352,6 +2455,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2466,6 +2570,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2475,12 +2591,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2558,6 +2676,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2598,6 +2717,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2680,6 +2800,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -2689,7 +2812,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2697,6 +2820,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2708,6 +2834,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -2726,6 +2855,18 @@ spec: securityContext: description: "PodSecurityContext" properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -2778,6 +2919,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -2794,6 +2936,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2839,11 +2982,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2862,7 +3007,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -2956,6 +3101,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -2969,7 +3115,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2992,7 +3139,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3029,8 +3177,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3050,7 +3200,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3078,7 +3229,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3121,6 +3272,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -3153,6 +3305,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -3230,11 +3383,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3246,7 +3401,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -3277,11 +3432,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -3304,7 +3461,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3413,6 +3571,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -3420,7 +3579,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3524,11 +3684,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3574,8 +3736,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3591,7 +3755,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3634,6 +3798,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -3658,8 +3823,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -3684,6 +3851,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -3727,6 +3895,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -3737,7 +3906,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3767,7 +3937,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3818,6 +3989,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -3838,7 +4010,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4040,8 +4213,14 @@ spec: items: type: "string" type: "array" + runtimeProvider: + description: "The runtime provider to use for the integration. (Default, Camel K Runtime)." + enum: + - "quarkus" + - "plain-quarkus" + type: "string" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." + description: "The runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster (Default, the one provided by the operator version)." type: "string" type: "object" container: @@ -4096,6 +4275,7 @@ spec: type: "string" port: description: "To configure a different port exposed by the container (default `8080`)." + format: "int32" type: "integer" portName: description: "To configure a different port name for the port exposed by the container. It defaults to `http` only when the `expose` parameter is true." @@ -4121,6 +4301,7 @@ spec: type: "string" servicePort: description: "To configure under which service port the container port is to be exposed (default `80`)." + format: "int32" type: "integer" servicePortName: description: "To configure under which service port name the container port is to be exposed (default `http`)." @@ -4280,7 +4461,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: no longer in use." enum: - "disabled" - "disk" @@ -4413,7 +4594,7 @@ spec: description: "The Ingress class name as defined by the Ingress spec\nSee https://kubernetes.io/docs/concepts/services-networking/ingress/" type: "string" path: - description: "To configure the path exposed by the ingress (default `/`)." + description: "To configure the path exposed by the ingress (default `/`).\nDeprecated: In favor of `paths` - left for backward compatibility." type: "string" pathType: description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." @@ -4422,6 +4603,11 @@ spec: - "Prefix" - "ImplementationSpecific" type: "string" + paths: + description: "To configure the paths exposed by the ingress (default `['/']`)." + items: + type: "string" + type: "array" tlsHosts: description: "To configure tls hosts" items: @@ -4485,6 +4671,7 @@ spec: type: "string" port: description: "The Jolokia endpoint port (default `8778`)." + format: "int32" type: "integer" protocol: description: "The protocol to use, either `http` or `https` (default `https` for OpenShift)" @@ -4706,14 +4893,33 @@ spec: type: "string" type: "object" master: - description: "Deprecated: for backward compatibility." + description: "The configuration of Master trait" properties: + auto: + description: "Enables automatic configuration of the trait." + type: "boolean" configuration: - description: "TraitConfiguration parameters configuration" + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true - required: - - "configuration" + enabled: + description: "Can be used to enable or disable a trait. All traits share this common property." + type: "boolean" + includeDelegateDependencies: + description: "When this flag is active, the operator analyzes the source code to add dependencies required by delegate endpoints.\nE.g. when using `master:lockname:timer`, then `camel:timer` is automatically added to the set of dependencies.\nIt's enabled by default." + type: "boolean" + labelKey: + description: "Label that will be used to identify all pods contending the lock. Defaults to \"camel.apache.org/integration\"." + type: "string" + labelValue: + description: "Label value that will be used to identify all pods contending the lock. Defaults to the integration name." + type: "string" + resourceName: + description: "Name of the configmap that will be used to store the lock. Defaults to \"-lock\".\nName of the configmap/lease resource that will be used to store the lock. Defaults to \"-lock\"." + type: "string" + resourceType: + description: "Type of Kubernetes resource to use for locking (\"ConfigMap\" or \"Lease\"). Defaults to \"Lease\"." + type: "string" type: "object" mount: description: "The configuration of Mount trait" diff --git a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml index 24659b9ae..e26c15d34 100644 --- a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml +++ b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml @@ -43,6 +43,7 @@ spec: - "v1_18" - "v1_19" - "v1_20" + - "v2_0" type: "string" image: type: "string" @@ -82,6 +83,8 @@ spec: items: type: "string" type: "array" + autoscalerResetNonce: + type: "integer" checkpointTriggerNonce: type: "integer" entryClass: @@ -10374,6 +10377,8 @@ spec: lifecycleState: enum: - "CREATED" + - "DELETED" + - "DELETING" - "DEPLOYED" - "FAILED" - "ROLLED_BACK" diff --git a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml index ef48cc643..bcd032a92 100644 --- a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml +++ b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml @@ -43,6 +43,8 @@ spec: items: type: "string" type: "array" + autoscalerResetNonce: + type: "integer" checkpointTriggerNonce: type: "integer" entryClass: @@ -216,6 +218,8 @@ spec: lifecycleState: enum: - "CREATED" + - "DELETED" + - "DELETING" - "DEPLOYED" - "FAILED" - "ROLLED_BACK" diff --git a/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/brokers.yaml b/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/brokers.yaml index c119da220..c90fcbf85 100644 --- a/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/brokers.yaml +++ b/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/brokers.yaml @@ -706,6 +706,11 @@ spec: type: "string" description: "NodeSelector is a selector which must be true for the pod to fit on a node" type: "object" + podAnnotations: + additionalProperties: + type: "string" + description: "Pod Annotations" + type: "object" priorityClassName: description: "PriorityClassName indicates the pod's priority" type: "string" diff --git a/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/nameservices.yaml b/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/nameservices.yaml index 1e792adc5..4780234e2 100644 --- a/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/nameservices.yaml +++ b/crd-catalog/apache/rocketmq-operator/rocketmq.apache.org/v1alpha1/nameservices.yaml @@ -697,6 +697,11 @@ spec: type: "string" description: "NodeSelector is a selector which must be true for the pod to fit on a node" type: "object" + podAnnotations: + additionalProperties: + type: "string" + description: "Pod Annotations" + type: "object" priorityClassName: description: "PriorityClassName indicates the pod's priority" type: "string" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/clusters.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/clusters.yaml index f58115c08..bd219fee3 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/clusters.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/clusters.yaml @@ -53,6 +53,9 @@ spec: backup: description: "Specifies the backup configuration of the Cluster." properties: + continuousMethod: + description: "Specifies the backup method to use, if not set, use the first continuous method." + type: "string" cronExpression: description: "The cron expression for the schedule. The timezone is in UTC. See https://en.wikipedia.org/wiki/Cron." type: "string" @@ -60,6 +63,13 @@ spec: default: false description: "Specifies whether automated backup is enabled for the Cluster." type: "boolean" + incrementalBackupEnabled: + default: false + description: "Specifies whether to enable incremental backup." + type: "boolean" + incrementalCronExpression: + description: "The cron expression for the incremental backup schedule. The timezone is in UTC. See https://en.wikipedia.org/wiki/Cron." + type: "string" method: description: "Specifies the backup method to use, as defined in backupPolicy." type: "string" @@ -109,7 +119,7 @@ spec: configs: description: "Specifies the configuration content of a config template." items: - description: "ClusterComponentConfig represents a config with its source bound." + description: "ClusterComponentConfig represents a configuration for a component." properties: configMap: description: "ConfigMap source for the config." @@ -146,9 +156,159 @@ spec: type: "boolean" type: "object" x-kubernetes-map-type: "atomic" + externalManaged: + description: "ExternalManaged indicates whether the configuration is managed by an external system.\nWhen set to true, the controller will use the user-provided template and reconfigure action,\nignoring the default template and update behavior." + type: "boolean" name: description: "The name of the config." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" + reconfigure: + description: "The custom reconfigure action to reload the service configuration whenever changes to this config are detected.\n\n\nThe container executing this action has access to following variables:\n\n\n- KB_CONFIG_FILES_CREATED: file1,file2...\n- KB_CONFIG_FILES_REMOVED: file1,file2...\n- KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2...\n\n\nNote: This field is immutable once it has been set." + properties: + exec: + description: "Defines the command to run.\n\n\nThis field cannot be updated." + properties: + args: + description: "Args represents the arguments that are passed to the `command` for execution." + items: + type: "string" + type: "array" + command: + description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." + items: + type: "string" + type: "array" + container: + description: "Specifies the name of the container within the same pod whose resources will be shared with the action.\nThis allows the action to utilize the specified container's resources without executing within it.\n\n\nThe name must match one of the containers defined in `componentDefinition.spec.runtime`.\n\n\nThe resources that can be shared are included:\n\n\n- volume mounts\n\n\nThis field cannot be updated." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nAll actions with same image will share the same container.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nIf not specified, the Action will be executed in the pod where the Action is triggered, such as the pod\nto be removed or added; or a random pod if the Action is triggered at the component level, such as\npost-provision or pre-terminate of the component.\n\n\nThis field cannot be updated." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + preCondition: + description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." + type: "string" + retryPolicy: + description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." + properties: + maxRetries: + default: 0 + description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." + type: "integer" + retryInterval: + default: 0 + description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." + format: "int64" + type: "integer" + type: "object" + timeoutSeconds: + default: 0 + description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." + format: "int32" + type: "integer" + type: "object" + variables: + additionalProperties: + type: "string" + description: "Variables are key-value pairs for dynamic configuration values that can be provided by the user." + type: "object" type: "object" type: "array" disableExporter: @@ -238,6 +398,32 @@ spec: - "name" type: "object" type: "array" + instanceUpdateStrategy: + description: "Provides fine-grained control over the spec update process of all instances." + properties: + rollingUpdate: + description: "Specifies how the rolling update should be applied." + properties: + maxUnavailable: + anyOf: + - type: "integer" + - type: "string" + description: "The maximum number of instances that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. The field applies to all instances. That means if there is any unavailable pod,\nit will be counted towards MaxUnavailable." + x-kubernetes-int-or-string: true + replicas: + anyOf: + - type: "integer" + - type: "string" + description: "Indicates the number of instances that should be updated during a rolling update.\nThe remaining instances will remain untouched. This is helpful in defining how many instances\nshould participate in the update process.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up.\nThe default value is ComponentSpec.Replicas (i.e., update all instances)." + x-kubernetes-int-or-string: true + type: "object" + type: + description: "Indicates the type of the update strategy.\nDefault is RollingUpdate." + enum: + - "RollingUpdate" + - "OnDelete" + type: "string" + type: "object" instances: description: "Allows for the customization of configuration values for each instance within a Component.\nAn instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps).\nWhile instances typically share a common configuration as defined in the ClusterComponentSpec,\nthey can require unique settings in various scenarios:\n\n\nFor example:\n- A database Component might require different resource allocations for primary and secondary instances,\n with primaries needing more resources.\n- During a rolling upgrade, a Component may first update the image for one or a few instances,\n and then update the remaining instances after verifying that the updated instances are functioning correctly.\n\n\nInstanceTemplate allows for specifying these unique configurations per instance.\nEach instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal),\nstarting with an ordinal of 0.\nIt is crucial to maintain unique names for each InstanceTemplate to avoid conflicts.\n\n\nThe sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component.\nAny remaining replicas will be generated using the default template and will follow the default naming rules." items: @@ -332,9 +518,6 @@ spec: - "name" type: "object" type: "array" - image: - description: "Specifies an override for the first container's image in the Pod." - type: "string" labels: additionalProperties: type: "string" @@ -345,6 +528,30 @@ spec: maxLength: 54 pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" + ordinals: + description: "Specifies the desired Ordinals of this InstanceTemplate.\nThe Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate.\n\n\nFor example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]},\nthen the instance names generated under this InstanceTemplate would be\n$(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and\n$(cluster.name)-$(component.name)-$(template.name)-7" + properties: + discrete: + items: + format: "int32" + type: "integer" + type: "array" + ranges: + items: + description: "Range represents a range with a start and an end value.\nIt is used to define a continuous segment." + properties: + end: + format: "int32" + type: "integer" + start: + format: "int32" + type: "integer" + required: + - "end" + - "start" + type: "object" + type: "array" + type: "object" replicas: default: 1 description: "Specifies the number of instances (Pods) to create from this InstanceTemplate.\nThis field allows setting how many replicated instances of the Component,\nwith the specific overrides in the InstanceTemplate, are created.\nThe default value is 1. A value of 0 disables instance creation." @@ -1015,1459 +1222,379 @@ spec: type: "object" type: "array" type: "object" - volumeClaimTemplates: - description: "Defines VolumeClaimTemplates to override.\nAdd new or override existing volume claim templates." - items: - properties: - name: - description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." - type: "string" - spec: - description: "Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume\nwith the mount name specified in the `name` field.\n\n\nWhen a Pod is created for this ClusterComponent, a new PVC will be created based on the specification\ndefined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field." - properties: - accessModes: - description: "Contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1." - items: - type: "string" - type: "array" - x-kubernetes-preserve-unknown-fields: true - resources: - description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." - properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - x-kubernetes-preserve-unknown-fields: true - storageClassName: - description: "The name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1." - type: "string" - volumeMode: - description: "Defines what type of volume is required by the claim, either Block or Filesystem." - type: "string" - type: "object" - required: - - "name" - type: "object" - type: "array" - volumeMounts: - description: "Defines VolumeMounts to override.\nAdd new or override existing volume mounts of the first container in the Pod." - items: - description: "VolumeMount describes a mounting of a Volume within a container." + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + issuer: + description: "Specifies the configuration for the TLS certificates issuer.\nIt allows defining the issuer name and the reference to the secret containing the TLS certificates and key.\nThe secret should contain the CA certificate, TLS certificate, and private key in the specified keys.\nRequired when TLS is enabled." + properties: + name: + allOf: + - enum: + - "KubeBlocks" + - "UserProvided" + - enum: + - "KubeBlocks" + - "UserProvided" + default: "KubeBlocks" + description: "The issuer for TLS certificates.\nIt only allows two enum values: `KubeBlocks` and `UserProvided`.\n\n\n- `KubeBlocks` indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used.\n- `UserProvided` means that the user is responsible for providing their own CA, Cert, and Key.\n In this case, the user-provided CA certificate, server certificate, and private key will be used\n for TLS communication." + type: "string" + secretRef: + description: "SecretRef is the reference to the secret that contains user-provided certificates.\nIt is required when the issuer is set to `UserProvided`." + properties: + ca: + description: "Key of CA cert in Secret" + type: "string" + cert: + description: "Key of Cert in Secret" + type: "string" + key: + description: "Key of TLS private key in Secret" + type: "string" + name: + description: "Name of the Secret that contains user-provided certificates." + type: "string" + namespace: + description: "The namespace where the secret is located.\nIf not provided, the secret is assumed to be in the same namespace as the Cluster object." + type: "string" + required: + - "ca" + - "cert" + - "key" + - "name" + type: "object" + required: + - "name" + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies Labels to override or add for underlying Pods, PVCs, Account & TLS Secrets, Services Owned by Component." + type: "object" + name: + description: "Specifies the Component's name.\nIt's part of the Service DNS name and must comply with the IANA service naming rule.\nThe name is optional when ClusterComponentSpec is used as a template (e.g., in `clusterSharding`),\nbut required otherwise." + maxLength: 22 + pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + offlineInstances: + description: "Specifies the names of instances to be transitioned to offline status.\n\n\nMarking an instance as offline results in the following:\n\n\n1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential\n future reuse or data recovery, but it is no longer actively used.\n2. The ordinal number assigned to this instance is preserved, ensuring it remains unique\n and avoiding conflicts with new instances.\n\n\nSetting instances to offline allows for a controlled scale-in process, preserving their data and maintaining\nordinal consistency within the Cluster." + items: + type: "string" + type: "array" + parallelPodManagementConcurrency: + anyOf: + - type: "integer" + - type: "string" + description: "Controls the concurrency of pods during initial scale up, when replacing pods on nodes,\nor when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`.\nThe default Concurrency is 100%." + x-kubernetes-int-or-string: true + podUpdatePolicy: + description: "PodUpdatePolicy indicates how pods should be updated\n\n\n- `StrictInPlace` indicates that only allows in-place upgrades.\nAny attempt to modify other fields will be rejected.\n- `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod.\nIf that fails, it will fall back to the ReCreate, where pod will be recreated.\nDefault value is \"PreferInPlace\"" + enum: + - "StrictInPlace" + - "PreferInPlace" + type: "string" + replicas: + default: 1 + description: "Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing." + format: "int32" + minimum: 0.0 + type: "integer" + resources: + description: "Specifies the resources required by the Component.\nIt allows defining the CPU, memory requirements and limits for the Component's containers." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + x-kubernetes-preserve-unknown-fields: true + schedulingPolicy: + description: "Specifies the scheduling policy for the Component." + properties: + affinity: + description: "Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity." + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." properties: - mountPath: - description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." - type: "string" - mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." - type: "string" - name: - description: "This must match the Name of a Volume." - type: "string" - readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." - type: "boolean" - subPath: - description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." - type: "string" - subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." - type: "string" - required: - - "mountPath" - - "name" - type: "object" - type: "array" - volumes: - description: "Defines Volumes to override.\nAdd new or override existing volumes." - items: - description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." - properties: - awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." - format: "int32" - type: "integer" - readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "boolean" - volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "string" - required: - - "volumeID" - type: "object" - azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." - properties: - cachingMode: - description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." - type: "string" - diskName: - description: "diskName is the Name of the data disk in the blob storage" - type: "string" - diskURI: - description: "diskURI is the URI of data disk in the blob storage" - type: "string" - fsType: - description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - kind: - description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - required: - - "diskName" - - "diskURI" - type: "object" - azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." - properties: - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretName: - description: "secretName is the name of secret that contains Azure Storage Account Name and Key" - type: "string" - shareName: - description: "shareName is the azure share Name" - type: "string" - required: - - "secretName" - - "shareName" - type: "object" - cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" - properties: - monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - items: - type: "string" - type: "array" - path: - description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" - type: "string" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "boolean" - secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - required: - - "monitors" - type: "object" - cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "boolean" - secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeID: - description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - required: - - "volumeID" - type: "object" - configMap: - description: "configMap represents a configMap that should populate this volume" - properties: - defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." - properties: - driver: - description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." - type: "string" - fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." - type: "string" - nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - readOnly: - description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." - type: "boolean" - volumeAttributes: - additionalProperties: - type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." - type: "object" - required: - - "driver" - type: "object" - downwardAPI: - description: "downwardAPI represents downward API about the pod that should populate this volume" - properties: - defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "Items is a list of downward API volume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - properties: - medium: - description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - type: "string" - sizeLimit: - anyOf: - - type: "integer" - - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - type: "object" - ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." - properties: - metadata: - description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." - properties: - annotations: - additionalProperties: - type: "string" - type: "object" - finalizers: - items: - type: "string" - type: "array" - labels: - additionalProperties: - type: "string" - type: "object" - name: - type: "string" - namespace: - type: "string" - type: "object" - spec: - description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." - properties: - accessModes: - description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" - items: - type: "string" - type: "array" - dataSource: - description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" + key: + description: "The label key that the selector applies to." type: "string" - name: - description: "Name is the name of resource being referenced" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" required: - - "kind" - - "name" + - "key" + - "operator" type: "object" - x-kubernetes-map-type: "atomic" - dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" + key: + description: "The label key that the selector applies to." type: "string" - namespace: - description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" required: - - "kind" - - "name" + - "key" + - "operator" type: "object" - resources: - description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" type: "object" - selector: - description: "selector is a label query over volumes to consider for binding." + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" + type: "array" + required: + - "key" + - "operator" type: "object" - x-kubernetes-map-type: "atomic" - storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" - type: "string" - volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." - type: "string" - volumeMode: - description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." - type: "string" - volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." - type: "string" - type: "object" - required: - - "spec" - type: "object" - type: "object" - fc: - description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - lun: - description: "lun is Optional: FC target lun number" - format: "int32" - type: "integer" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - targetWWNs: - description: "targetWWNs is Optional: FC target worldwide names (WWNs)" - items: - type: "string" - type: "array" - wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." - items: - type: "string" - type: "array" - type: "object" - flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." - properties: - driver: - description: "driver is the name of the driver to use for this volume." - type: "string" - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." - type: "string" - options: - additionalProperties: - type: "string" - description: "options is Optional: this field holds extra command options if any." - type: "object" - readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "driver" - type: "object" - flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" - properties: - datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" - type: "string" - datasetUUID: - description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" - type: "string" - type: "object" - gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - properties: - fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - format: "int32" - type: "integer" - pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "boolean" - required: - - "pdName" - type: "object" - gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." - properties: - directory: - description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." - type: "string" - repository: - description: "repository is the URL" - type: "string" - revision: - description: "revision is the commit hash for the specified revision." - type: "string" - required: - - "repository" - type: "object" - glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" - properties: - endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - path: - description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "boolean" - required: - - "endpoints" - - "path" - type: "object" - hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." - properties: - path: - description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - type: - description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - required: - - "path" - type: "object" - iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" - properties: - chapAuthDiscovery: - description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" - type: "boolean" - chapAuthSession: - description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" - type: "boolean" - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." - type: "string" - iqn: - description: "iqn is the target iSCSI Qualified Name." - type: "string" - iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." - type: "string" - lun: - description: "lun represents iSCSI Target Lun number." - format: "int32" - type: "integer" - portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - items: - type: "string" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" type: "array" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." - type: "boolean" - secretRef: - description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - type: "string" - required: - - "iqn" - - "lun" - - "targetPortal" - type: "object" - name: - description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - properties: - path: - description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "boolean" - server: - description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - required: - - "path" - - "server" - type: "object" - persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - properties: - claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - type: "string" - readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." - type: "boolean" - required: - - "claimName" - type: "object" - photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - pdID: - description: "pdID is the ID that identifies Photon Controller persistent disk" - type: "string" - required: - - "pdID" - type: "object" - portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - volumeID: - description: "volumeID uniquely identifies a Portworx volume" - type: "string" required: - - "volumeID" + - "nodeSelectorTerms" type: "object" - projected: - description: "projected items for all in one resources secrets, configmaps, and downward API" - properties: - defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - sources: - description: "sources is the list of volume projections" - items: - description: "Projection that may be projected along with other supported volume types" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." properties: - clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." - properties: - labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." - type: "string" - optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." - type: "boolean" - path: - description: "Relative path from the volume root to write the bundle." - type: "string" - signerName: - description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." - type: "string" - required: - - "path" - type: "object" - configMap: - description: "configMap information about the configMap data to project" + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "Maps a string key to a path within a volume." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: - description: "key is the key to project." + description: "key is the label key that the selector applies to." type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" required: - "key" - - "path" + - "operator" type: "object" type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" type: "object" x-kubernetes-map-type: "atomic" - downwardAPI: - description: "downwardAPI information about the downwardAPI data to project" - properties: - items: - description: "Items is a list of DownwardAPIVolume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - secret: - description: "secret information about the secret data to project" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "Maps a string key to a path within a volume." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: - description: "key is the key to project." + description: "key is the label key that the selector applies to." type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" required: - "key" - - "path" + - "operator" type: "object" type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional field specify whether the Secret or its key must be defined" - type: "boolean" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" type: "object" x-kubernetes-map-type: "atomic" - serviceAccountToken: - description: "serviceAccountToken is information about the serviceAccountToken data to project" - properties: - audience: - description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." - type: "string" - expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." - format: "int64" - type: "integer" - path: - description: "path is the path relative to the mount point of the file to project the\ntoken into." - type: "string" - required: - - "path" - type: "object" - type: "object" - type: "array" - type: "object" - quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" - properties: - group: - description: "group to map volume access to\nDefault is no group" - type: "string" - readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." - type: "boolean" - registry: - description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" - type: "string" - tenant: - description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" - type: "string" - user: - description: "user to map volume access to\nDefaults to serivceaccount user" - type: "string" - volume: - description: "volume is a string that references an already created Quobyte volume by name." - type: "string" - required: - - "registry" - - "volume" - type: "object" - rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - image: - description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - keyring: - description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - monitors: - description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - items: - type: "string" - type: "array" - pool: - description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "boolean" - secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - required: - - "image" - - "monitors" - type: "object" - scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." - type: "string" - gateway: - description: "gateway is the host address of the ScaleIO API Gateway." - type: "string" - protectionDomain: - description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - sslEnabled: - description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" - type: "boolean" - storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." - type: "string" - storagePool: - description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." - type: "string" - system: - description: "system is the name of the storage system as configured in ScaleIO." - type: "string" - volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." - type: "string" - required: - - "gateway" - - "secretRef" - - "system" - type: "object" - secret: - description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - properties: - defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - - "key" - - "path" + - "topologyKey" type: "object" - type: "array" - optional: - description: "optional field specify whether the Secret or its keys must be defined" - type: "boolean" - secretName: - description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - type: "string" - type: "object" - storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." - type: "string" - volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." - type: "string" - type: "object" - vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - storagePolicyID: - description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." - type: "string" - storagePolicyName: - description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." - type: "string" - volumePath: - description: "volumePath is the path that identifies vSphere volume vmdk" - type: "string" - required: - - "volumePath" - type: "object" - required: - - "name" - type: "object" - type: "array" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - issuer: - description: "Specifies the configuration for the TLS certificates issuer.\nIt allows defining the issuer name and the reference to the secret containing the TLS certificates and key.\nThe secret should contain the CA certificate, TLS certificate, and private key in the specified keys.\nRequired when TLS is enabled." - properties: - name: - allOf: - - enum: - - "KubeBlocks" - - "UserProvided" - - enum: - - "KubeBlocks" - - "UserProvided" - default: "KubeBlocks" - description: "The issuer for TLS certificates.\nIt only allows two enum values: `KubeBlocks` and `UserProvided`.\n\n\n- `KubeBlocks` indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used.\n- `UserProvided` means that the user is responsible for providing their own CA, Cert, and Key.\n In this case, the user-provided CA certificate, server certificate, and private key will be used\n for TLS communication." - type: "string" - secretRef: - description: "SecretRef is the reference to the secret that contains user-provided certificates.\nIt is required when the issuer is set to `UserProvided`." - properties: - ca: - description: "Key of CA cert in Secret" - type: "string" - cert: - description: "Key of Cert in Secret" - type: "string" - key: - description: "Key of TLS private key in Secret" - type: "string" - name: - description: "Name of the Secret that contains user-provided certificates." - type: "string" - required: - - "ca" - - "cert" - - "key" - - "name" - type: "object" - required: - - "name" - type: "object" - labels: - additionalProperties: - type: "string" - description: "Specifies Labels to override or add for underlying Pods, PVCs, Account & TLS Secrets, Services Owned by Component." - type: "object" - name: - description: "Specifies the Component's name.\nIt's part of the Service DNS name and must comply with the IANA service naming rule.\nThe name is optional when ClusterComponentSpec is used as a template (e.g., in `clusterSharding`),\nbut required otherwise." - maxLength: 22 - pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - offlineInstances: - description: "Specifies the names of instances to be transitioned to offline status.\n\n\nMarking an instance as offline results in the following:\n\n\n1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential\n future reuse or data recovery, but it is no longer actively used.\n2. The ordinal number assigned to this instance is preserved, ensuring it remains unique\n and avoiding conflicts with new instances.\n\n\nSetting instances to offline allows for a controlled scale-in process, preserving their data and maintaining\nordinal consistency within the Cluster.\nNote that offline instances and their associated resources, such as PVCs, are not automatically deleted.\nThe administrator must manually manage the cleanup and removal of these resources when they are no longer needed." - items: - type: "string" - type: "array" - parallelPodManagementConcurrency: - anyOf: - - type: "integer" - - type: "string" - description: "Controls the concurrency of pods during initial scale up, when replacing pods on nodes,\nor when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`.\nThe default Concurrency is 100%." - x-kubernetes-int-or-string: true - podUpdatePolicy: - description: "PodUpdatePolicy indicates how pods should be updated\n\n\n- `StrictInPlace` indicates that only allows in-place upgrades.\nAny attempt to modify other fields will be rejected.\n- `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod.\nIf that fails, it will fall back to the ReCreate, where pod will be recreated.\nDefault value is \"PreferInPlace\"" - enum: - - "StrictInPlace" - - "PreferInPlace" - type: "string" - replicas: - default: 1 - description: "Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing." - format: "int32" - minimum: 0.0 - type: "integer" - resources: - description: "Specifies the resources required by the Component.\nIt allows defining the CPU, memory requirements and limits for the Component's containers." - properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - x-kubernetes-preserve-unknown-fields: true - schedulingPolicy: - description: "Specifies the scheduling policy for the Component." - properties: - affinity: - description: "Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity." - properties: - nodeAffinity: - description: "Describes node affinity scheduling rules for the pod." - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: - preference: - description: "A node selector term, associated with the corresponding weight." + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: - description: "A list of node selector requirements by node's labels." + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: - description: "The label key that the selector applies to." + description: "key is the label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchFields: - description: "A list of node selector requirements by node's fields." - items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." - properties: - key: - description: "The label key that the selector applies to." - type: "string" - operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." - type: "string" - values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - type: "object" - x-kubernetes-map-type: "atomic" - weight: - description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." - format: "int32" - type: "integer" - required: - - "preference" - - "weight" - type: "object" - type: "array" - requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." - properties: - nodeSelectorTerms: - description: "Required. A list of node selector terms. The terms are ORed." - items: - description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." - properties: - matchExpressions: - description: "A list of node selector requirements by node's labels." - items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." - properties: - key: - description: "The label key that the selector applies to." - type: "string" - operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." - type: "string" - values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchFields: - description: "A list of node selector requirements by node's fields." - items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." - properties: - key: - description: "The label key that the selector applies to." - type: "string" - operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." - type: "string" - values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - type: "object" - x-kubernetes-map-type: "atomic" - type: "array" - required: - - "nodeSelectorTerms" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - podAffinity: - description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." - items: - description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" - properties: - podAffinityTerm: - description: "Required. A pod affinity term, associated with the corresponding weight." - properties: - labelSelector: - description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - namespaceSelector: - description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." - items: - type: "string" - type: "array" - topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." - type: "string" - required: - - "topologyKey" - type: "object" - weight: - description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." - format: "int32" - type: "integer" - required: - - "podAffinityTerm" - - "weight" - type: "object" - type: "array" - requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." - items: - description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" - properties: - labelSelector: - description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2842,7 +1969,7 @@ spec: type: "array" type: "object" serviceAccountName: - description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nDefaults:\nTo perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions.\nThe service account will be bound to a default role named \"kubeblocks-cluster-pod-role\" which is installed together with KubeBlocks.\nIf not specified, KubeBlocks automatically assigns a default ServiceAccount named \"kb-{cluster.name}\"\n\n\nFuture Changes:\nFuture versions might change the default ServiceAccount creation strategy to one per Component,\npotentially revising the naming to \"kb-{cluster.name}-{component.name}\".\n\n\nUsers can override the automatic ServiceAccount assignment by explicitly setting the name of\nan existed ServiceAccount in this field." + description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nIf not specified, KubeBlocks automatically creates a default ServiceAccount named\n\"kb-{componentdefinition.name}\", bound to a role with rules defined in ComponentDefinition's\n`policyRules` field. If needed (currently this means if any lifecycleAction is enabled),\nit will also be bound to a default role named\n\"kubeblocks-cluster-pod-role\", which is installed together with KubeBlocks.\nIf multiple components use the same ComponentDefinition, they will share one ServiceAccount.\n\n\nIf the field is not empty, the specified ServiceAccount will be used, and KubeBlocks will not\ncreate a ServiceAccount. But KubeBlocks does create RoleBindings for the specified ServiceAccount." type: "string" serviceRefs: description: "Defines a list of ServiceRef for a Component, enabling access to both external services and\nServices provided by other Clusters.\n\n\nTypes of services:\n\n\n- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator;\n Require a ServiceDescriptor for connection details.\n- Services provided by a Cluster: Managed by the same KubeBlocks operator;\n identified using Cluster, Component and Service names.\n\n\nServiceRefs with identical `serviceRef.name` in the same Cluster are considered the same.\n\n\nExample:\n```yaml\nserviceRefs:\n - name: \"redis-sentinel\"\n serviceDescriptor:\n name: \"external-redis-sentinel\"\n - name: \"postgres-cluster\"\n clusterServiceSelector:\n cluster: \"my-postgres-cluster\"\n service:\n component: \"postgresql\"\n```\nThe example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster." @@ -2917,7 +2044,7 @@ spec: maxLength: 32 type: "string" services: - description: "Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients." + description: "Overrides services defined in referenced ComponentDefinition." items: properties: annotations: @@ -2930,6 +2057,7 @@ spec: maxLength: 25 type: "string" podService: + default: false description: "Indicates whether to generate individual Services for each Pod.\nIf set to true, a separate Service will be created for each Pod in the Cluster." type: "boolean" serviceType: @@ -2952,6 +2080,10 @@ spec: description: "Overrides system accounts defined in referenced ComponentDefinition." items: properties: + disabled: + default: false + description: "Specifies whether the system account is disabled." + type: "boolean" name: description: "The name of the system account." type: "string" @@ -2992,7 +2124,7 @@ spec: type: "string" type: "object" secretRef: - description: "Refers to the secret from which data will be copied to create the new account.\n\n\nThis field is immutable once set." + description: "Refers to the secret from which data will be copied to create the new account.\n\n\nFor user-specified passwords, the maximum length is limited to 64 bytes.\n\n\nThis field is immutable once set." properties: name: description: "The unique identifier of the secret." @@ -3000,6 +2132,10 @@ spec: namespace: description: "The namespace where the secret is located." type: "string" + password: + default: "password" + description: "The key in the secret data that contains the password." + type: "string" required: - "name" - "namespace" @@ -3015,6 +2151,16 @@ spec: description: "Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for the Component." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" @@ -3053,6 +2199,9 @@ spec: storageClassName: description: "The name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1." type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\n\n\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass" + type: "string" volumeMode: description: "Defines what type of volume is required by the claim, either Block or Filesystem." type: "string" @@ -4895,7 +4044,7 @@ spec: configs: description: "Specifies the configuration content of a config template." items: - description: "ClusterComponentConfig represents a config with its source bound." + description: "ClusterComponentConfig represents a configuration for a component." properties: configMap: description: "ConfigMap source for the config." @@ -4932,32 +4081,182 @@ spec: type: "boolean" type: "object" x-kubernetes-map-type: "atomic" + externalManaged: + description: "ExternalManaged indicates whether the configuration is managed by an external system.\nWhen set to true, the controller will use the user-provided template and reconfigure action,\nignoring the default template and update behavior." + type: "boolean" name: description: "The name of the config." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" - type: "object" - type: "array" - disableExporter: - description: "Determines whether metrics exporter information is annotated on the Component's headless Service.\n\n\nIf set to true, the following annotations will not be patched into the Service:\n\n\n- \"monitor.kubeblocks.io/path\"\n- \"monitor.kubeblocks.io/port\"\n- \"monitor.kubeblocks.io/scheme\"\n\n\nThese annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter." - type: "boolean" - env: - description: "List of environment variables to add.\nThese environment variables will be placed after the environment variables declared in the Pod." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." + reconfigure: + description: "The custom reconfigure action to reload the service configuration whenever changes to this config are detected.\n\n\nThe container executing this action has access to following variables:\n\n\n- KB_CONFIG_FILES_CREATED: file1,file2...\n- KB_CONFIG_FILES_REMOVED: file1,file2...\n- KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2...\n\n\nNote: This field is immutable once it has been set." properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." + exec: + description: "Defines the command to run.\n\n\nThis field cannot be updated." properties: - key: + args: + description: "Args represents the arguments that are passed to the `command` for execution." + items: + type: "string" + type: "array" + command: + description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." + items: + type: "string" + type: "array" + container: + description: "Specifies the name of the container within the same pod whose resources will be shared with the action.\nThis allows the action to utilize the specified container's resources without executing within it.\n\n\nThe name must match one of the containers defined in `componentDefinition.spec.runtime`.\n\n\nThe resources that can be shared are included:\n\n\n- volume mounts\n\n\nThis field cannot be updated." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nAll actions with same image will share the same container.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nIf not specified, the Action will be executed in the pod where the Action is triggered, such as the pod\nto be removed or added; or a random pod if the Action is triggered at the component level, such as\npost-provision or pre-terminate of the component.\n\n\nThis field cannot be updated." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + preCondition: + description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." + type: "string" + retryPolicy: + description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." + properties: + maxRetries: + default: 0 + description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." + type: "integer" + retryInterval: + default: 0 + description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." + format: "int64" + type: "integer" + type: "object" + timeoutSeconds: + default: 0 + description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." + format: "int32" + type: "integer" + type: "object" + variables: + additionalProperties: + type: "string" + description: "Variables are key-value pairs for dynamic configuration values that can be provided by the user." + type: "object" + type: "object" + type: "array" + disableExporter: + description: "Determines whether metrics exporter information is annotated on the Component's headless Service.\n\n\nIf set to true, the following annotations will not be patched into the Service:\n\n\n- \"monitor.kubeblocks.io/path\"\n- \"monitor.kubeblocks.io/port\"\n- \"monitor.kubeblocks.io/scheme\"\n\n\nThese annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter." + type: "boolean" + env: + description: "List of environment variables to add.\nThese environment variables will be placed after the environment variables declared in the Pod." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: description: "The key to select." type: "string" name: @@ -5024,6 +4323,32 @@ spec: - "name" type: "object" type: "array" + instanceUpdateStrategy: + description: "Provides fine-grained control over the spec update process of all instances." + properties: + rollingUpdate: + description: "Specifies how the rolling update should be applied." + properties: + maxUnavailable: + anyOf: + - type: "integer" + - type: "string" + description: "The maximum number of instances that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. The field applies to all instances. That means if there is any unavailable pod,\nit will be counted towards MaxUnavailable." + x-kubernetes-int-or-string: true + replicas: + anyOf: + - type: "integer" + - type: "string" + description: "Indicates the number of instances that should be updated during a rolling update.\nThe remaining instances will remain untouched. This is helpful in defining how many instances\nshould participate in the update process.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up.\nThe default value is ComponentSpec.Replicas (i.e., update all instances)." + x-kubernetes-int-or-string: true + type: "object" + type: + description: "Indicates the type of the update strategy.\nDefault is RollingUpdate." + enum: + - "RollingUpdate" + - "OnDelete" + type: "string" + type: "object" instances: description: "Allows for the customization of configuration values for each instance within a Component.\nAn instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps).\nWhile instances typically share a common configuration as defined in the ClusterComponentSpec,\nthey can require unique settings in various scenarios:\n\n\nFor example:\n- A database Component might require different resource allocations for primary and secondary instances,\n with primaries needing more resources.\n- During a rolling upgrade, a Component may first update the image for one or a few instances,\n and then update the remaining instances after verifying that the updated instances are functioning correctly.\n\n\nInstanceTemplate allows for specifying these unique configurations per instance.\nEach instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal),\nstarting with an ordinal of 0.\nIt is crucial to maintain unique names for each InstanceTemplate to avoid conflicts.\n\n\nThe sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component.\nAny remaining replicas will be generated using the default template and will follow the default naming rules." items: @@ -5118,9 +4443,6 @@ spec: - "name" type: "object" type: "array" - image: - description: "Specifies an override for the first container's image in the Pod." - type: "string" labels: additionalProperties: type: "string" @@ -5131,6 +4453,30 @@ spec: maxLength: 54 pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" + ordinals: + description: "Specifies the desired Ordinals of this InstanceTemplate.\nThe Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate.\n\n\nFor example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]},\nthen the instance names generated under this InstanceTemplate would be\n$(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and\n$(cluster.name)-$(component.name)-$(template.name)-7" + properties: + discrete: + items: + format: "int32" + type: "integer" + type: "array" + ranges: + items: + description: "Range represents a range with a start and an end value.\nIt is used to define a continuous segment." + properties: + end: + format: "int32" + type: "integer" + start: + format: "int32" + type: "integer" + required: + - "end" + - "start" + type: "object" + type: "array" + type: "object" replicas: default: 1 description: "Specifies the number of instances (Pods) to create from this InstanceTemplate.\nThis field allows setting how many replicated instances of the Component,\nwith the specific overrides in the InstanceTemplate, are created.\nThe default value is 1. A value of 0 disables instance creation." @@ -5545,687 +4891,115 @@ spec: description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - namespaceSelector: - description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." - items: - type: "string" - type: "array" - topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." - type: "string" - required: - - "topologyKey" - type: "object" - weight: - description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." - format: "int32" - type: "integer" - required: - - "podAffinityTerm" - - "weight" - type: "object" - type: "array" - requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." - items: - description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" - properties: - labelSelector: - description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - namespaceSelector: - description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." - items: - type: "string" - type: "array" - topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." - type: "string" - required: - - "topologyKey" - type: "object" - type: "array" - type: "object" - type: "object" - nodeName: - description: "NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this Pod onto that node, assuming that it fits resource\nrequirements." - type: "string" - nodeSelector: - additionalProperties: - type: "string" - description: "NodeSelector is a selector which must be true for the Pod to fit on a node.\nSelector which must match a node's labels for the Pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" - type: "object" - x-kubernetes-map-type: "atomic" - schedulerName: - description: "If specified, the Pod will be dispatched by specified scheduler.\nIf not specified, the Pod will be dispatched by default scheduler." - type: "string" - tolerations: - description: "Allows Pods to be scheduled onto nodes with matching taints.\nEach toleration in the array allows the Pod to tolerate node taints based on\nspecified `key`, `value`, `effect`, and `operator`.\n\n\n- The `key`, `value`, and `effect` identify the taint that the toleration matches.\n- The `operator` determines how the toleration matches the taint.\n\n\nPods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes." - items: - description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." - properties: - effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." - type: "string" - key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." - type: "string" - operator: - description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." - type: "string" - tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." - format: "int64" - type: "integer" - value: - description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." - type: "string" - type: "object" - type: "array" - topologySpreadConstraints: - description: "TopologySpreadConstraints describes how a group of Pods ought to spread across topology\ndomains. Scheduler will schedule Pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." - items: - description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." - properties: - labelSelector: - description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." - format: "int32" - type: "integer" - minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." - format: "int32" - type: "integer" - nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." - type: "string" - whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." - type: "string" - required: - - "maxSkew" - - "topologyKey" - - "whenUnsatisfiable" - type: "object" - type: "array" - type: "object" - volumeClaimTemplates: - description: "Defines VolumeClaimTemplates to override.\nAdd new or override existing volume claim templates." - items: - properties: - name: - description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." - type: "string" - spec: - description: "Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume\nwith the mount name specified in the `name` field.\n\n\nWhen a Pod is created for this ClusterComponent, a new PVC will be created based on the specification\ndefined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field." - properties: - accessModes: - description: "Contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1." - items: - type: "string" - type: "array" - x-kubernetes-preserve-unknown-fields: true - resources: - description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." - properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - x-kubernetes-preserve-unknown-fields: true - storageClassName: - description: "The name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1." - type: "string" - volumeMode: - description: "Defines what type of volume is required by the claim, either Block or Filesystem." - type: "string" - type: "object" - required: - - "name" - type: "object" - type: "array" - volumeMounts: - description: "Defines VolumeMounts to override.\nAdd new or override existing volume mounts of the first container in the Pod." - items: - description: "VolumeMount describes a mounting of a Volume within a container." - properties: - mountPath: - description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." - type: "string" - mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." - type: "string" - name: - description: "This must match the Name of a Volume." - type: "string" - readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." - type: "boolean" - subPath: - description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." - type: "string" - subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." - type: "string" - required: - - "mountPath" - - "name" - type: "object" - type: "array" - volumes: - description: "Defines Volumes to override.\nAdd new or override existing volumes." - items: - description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." - properties: - awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." - format: "int32" - type: "integer" - readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "boolean" - volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "string" - required: - - "volumeID" - type: "object" - azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." - properties: - cachingMode: - description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." - type: "string" - diskName: - description: "diskName is the Name of the data disk in the blob storage" - type: "string" - diskURI: - description: "diskURI is the URI of data disk in the blob storage" - type: "string" - fsType: - description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - kind: - description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - required: - - "diskName" - - "diskURI" - type: "object" - azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." - properties: - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretName: - description: "secretName is the name of secret that contains Azure Storage Account Name and Key" - type: "string" - shareName: - description: "shareName is the azure share Name" - type: "string" - required: - - "secretName" - - "shareName" - type: "object" - cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" - properties: - monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - items: - type: "string" - type: "array" - path: - description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" - type: "string" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "boolean" - secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - required: - - "monitors" - type: "object" - cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "boolean" - secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeID: - description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - required: - - "volumeID" - type: "object" - configMap: - description: "configMap represents a configMap that should populate this volume" - properties: - defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." - properties: - driver: - description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." - type: "string" - fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." - type: "string" - nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - readOnly: - description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." - type: "boolean" - volumeAttributes: - additionalProperties: - type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." - type: "object" - required: - - "driver" - type: "object" - downwardAPI: - description: "downwardAPI represents downward API about the pod that should populate this volume" - properties: - defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "Items is a list of downward API volume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - properties: - medium: - description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - type: "string" - sizeLimit: - anyOf: - - type: "integer" - - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - type: "object" - ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." - properties: - metadata: - description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: - annotations: - additionalProperties: - type: "string" + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" type: "object" - finalizers: + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" - labels: - additionalProperties: - type: "string" - type: "object" - name: - type: "string" - namespace: - type: "string" - type: "object" - spec: - description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." - properties: - accessModes: - description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" - dataSource: - description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - required: - - "kind" - - "name" - type: "object" - x-kubernetes-map-type: "atomic" - dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - namespace: - description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - type: "string" - required: - - "kind" - - "name" - type: "object" - resources: - description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" - properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - selector: - description: "selector is a label query over volumes to consider for binding." + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -6255,635 +5029,124 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" - storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" - type: "string" - volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." - type: "string" - volumeMode: - description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." - type: "string" - volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" - type: "object" - required: - - "spec" - type: "object" - type: "object" - fc: - description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - lun: - description: "lun is Optional: FC target lun number" - format: "int32" - type: "integer" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - targetWWNs: - description: "targetWWNs is Optional: FC target worldwide names (WWNs)" - items: - type: "string" - type: "array" - wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." - items: - type: "string" - type: "array" - type: "object" - flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." - properties: - driver: - description: "driver is the name of the driver to use for this volume." - type: "string" - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." - type: "string" - options: - additionalProperties: - type: "string" - description: "options is Optional: this field holds extra command options if any." - type: "object" - readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "driver" - type: "object" - flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" - properties: - datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" - type: "string" - datasetUUID: - description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" - type: "string" - type: "object" - gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - properties: - fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - format: "int32" - type: "integer" - pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "boolean" - required: - - "pdName" - type: "object" - gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." - properties: - directory: - description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." - type: "string" - repository: - description: "repository is the URL" - type: "string" - revision: - description: "revision is the commit hash for the specified revision." - type: "string" - required: - - "repository" - type: "object" - glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" - properties: - endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - path: - description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "boolean" - required: - - "endpoints" - - "path" - type: "object" - hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." - properties: - path: - description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - type: - description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - required: - - "path" - type: "object" - iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" - properties: - chapAuthDiscovery: - description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" - type: "boolean" - chapAuthSession: - description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" - type: "boolean" - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." - type: "string" - iqn: - description: "iqn is the target iSCSI Qualified Name." - type: "string" - iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." - type: "string" - lun: - description: "lun represents iSCSI Target Lun number." - format: "int32" - type: "integer" - portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - items: - type: "string" - type: "array" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." - type: "boolean" - secretRef: - description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - type: "string" - required: - - "iqn" - - "lun" - - "targetPortal" - type: "object" - name: - description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - properties: - path: - description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "boolean" - server: - description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - required: - - "path" - - "server" - type: "object" - persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - properties: - claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - type: "string" - readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." - type: "boolean" - required: - - "claimName" - type: "object" - photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + nodeName: + description: "NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this Pod onto that node, assuming that it fits resource\nrequirements." + type: "string" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the Pod to fit on a node.\nSelector which must match a node's labels for the Pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + x-kubernetes-map-type: "atomic" + schedulerName: + description: "If specified, the Pod will be dispatched by specified scheduler.\nIf not specified, the Pod will be dispatched by default scheduler." + type: "string" + tolerations: + description: "Allows Pods to be scheduled onto nodes with matching taints.\nEach toleration in the array allows the Pod to tolerate node taints based on\nspecified `key`, `value`, `effect`, and `operator`.\n\n\n- The `key`, `value`, and `effect` identify the taint that the toleration matches.\n- The `operator` determines how the toleration matches the taint.\n\n\nPods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" - pdID: - description: "pdID is the ID that identifies Photon Controller persistent disk" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" - required: - - "pdID" - type: "object" - portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - volumeID: - description: "volumeID uniquely identifies a Portworx volume" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" - required: - - "volumeID" type: "object" - projected: - description: "projected items for all in one resources secrets, configmaps, and downward API" + type: "array" + topologySpreadConstraints: + description: "TopologySpreadConstraints describes how a group of Pods ought to spread across topology\ndomains. Scheduler will schedule Pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." + items: + description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: - defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - sources: - description: "sources is the list of volume projections" - items: - description: "Projection that may be projected along with other supported volume types" - properties: - clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + labelSelector: + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: - labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." - type: "string" - optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." - type: "boolean" - path: - description: "Relative path from the volume root to write the bundle." - type: "string" - signerName: - description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + key: + description: "key is the label key that the selector applies to." type: "string" - required: - - "path" - type: "object" - configMap: - description: "configMap information about the configMap data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - downwardAPI: - description: "downwardAPI information about the downwardAPI data to project" - properties: - items: - description: "Items is a list of DownwardAPIVolume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - secret: - description: "secret information about the secret data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" + type: "string" type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional field specify whether the Secret or its key must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - serviceAccountToken: - description: "serviceAccountToken is information about the serviceAccountToken data to project" - properties: - audience: - description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." - type: "string" - expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." - format: "int64" - type: "integer" - path: - description: "path is the path relative to the mount point of the file to project the\ntoken into." - type: "string" required: - - "path" + - "key" + - "operator" type: "object" - type: "object" - type: "array" - type: "object" - quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" - properties: - group: - description: "group to map volume access to\nDefault is no group" - type: "string" - readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." - type: "boolean" - registry: - description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" - type: "string" - tenant: - description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" - type: "string" - user: - description: "user to map volume access to\nDefaults to serivceaccount user" - type: "string" - volume: - description: "volume is a string that references an already created Quobyte volume by name." - type: "string" - required: - - "registry" - - "volume" - type: "object" - rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - image: - description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - keyring: - description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - monitors: - description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" - pool: - description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "boolean" - secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - required: - - "image" - - "monitors" - type: "object" - scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." - type: "string" - gateway: - description: "gateway is the host address of the ScaleIO API Gateway." - type: "string" - protectionDomain: - description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - sslEnabled: - description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" - type: "boolean" - storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." - type: "string" - storagePool: - description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." - type: "string" - system: - description: "system is the name of the storage system as configured in ScaleIO." - type: "string" - volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." - type: "string" - required: - - "gateway" - - "secretRef" - - "system" - type: "object" - secret: - description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - properties: - defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." + x-kubernetes-list-type: "atomic" + maxSkew: + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" - items: - description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - optional: - description: "optional field specify whether the Secret or its keys must be defined" - type: "boolean" - secretName: - description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - type: "string" - type: "object" - storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." - type: "string" - volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." - type: "string" - type: "object" - vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + minDomains: + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + format: "int32" + type: "integer" + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" - storagePolicyID: - description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" - storagePolicyName: - description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." + topologyKey: + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" - volumePath: - description: "volumePath is the path that identifies vSphere volume vmdk" + whenUnsatisfiable: + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - - "volumePath" + - "maxSkew" + - "topologyKey" + - "whenUnsatisfiable" type: "object" - required: - - "name" - type: "object" - type: "array" + type: "array" + type: "object" required: - "name" type: "object" @@ -6920,6 +5183,9 @@ spec: name: description: "Name of the Secret that contains user-provided certificates." type: "string" + namespace: + description: "The namespace where the secret is located.\nIf not provided, the secret is assumed to be in the same namespace as the Cluster object." + type: "string" required: - "ca" - "cert" @@ -6940,7 +5206,7 @@ spec: pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" type: "string" offlineInstances: - description: "Specifies the names of instances to be transitioned to offline status.\n\n\nMarking an instance as offline results in the following:\n\n\n1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential\n future reuse or data recovery, but it is no longer actively used.\n2. The ordinal number assigned to this instance is preserved, ensuring it remains unique\n and avoiding conflicts with new instances.\n\n\nSetting instances to offline allows for a controlled scale-in process, preserving their data and maintaining\nordinal consistency within the Cluster.\nNote that offline instances and their associated resources, such as PVCs, are not automatically deleted.\nThe administrator must manually manage the cleanup and removal of these resources when they are no longer needed." + description: "Specifies the names of instances to be transitioned to offline status.\n\n\nMarking an instance as offline results in the following:\n\n\n1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential\n future reuse or data recovery, but it is no longer actively used.\n2. The ordinal number assigned to this instance is preserved, ensuring it remains unique\n and avoiding conflicts with new instances.\n\n\nSetting instances to offline allows for a controlled scale-in process, preserving their data and maintaining\nordinal consistency within the Cluster." items: type: "string" type: "array" @@ -7628,7 +5894,7 @@ spec: type: "array" type: "object" serviceAccountName: - description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nDefaults:\nTo perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions.\nThe service account will be bound to a default role named \"kubeblocks-cluster-pod-role\" which is installed together with KubeBlocks.\nIf not specified, KubeBlocks automatically assigns a default ServiceAccount named \"kb-{cluster.name}\"\n\n\nFuture Changes:\nFuture versions might change the default ServiceAccount creation strategy to one per Component,\npotentially revising the naming to \"kb-{cluster.name}-{component.name}\".\n\n\nUsers can override the automatic ServiceAccount assignment by explicitly setting the name of\nan existed ServiceAccount in this field." + description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nIf not specified, KubeBlocks automatically creates a default ServiceAccount named\n\"kb-{componentdefinition.name}\", bound to a role with rules defined in ComponentDefinition's\n`policyRules` field. If needed (currently this means if any lifecycleAction is enabled),\nit will also be bound to a default role named\n\"kubeblocks-cluster-pod-role\", which is installed together with KubeBlocks.\nIf multiple components use the same ComponentDefinition, they will share one ServiceAccount.\n\n\nIf the field is not empty, the specified ServiceAccount will be used, and KubeBlocks will not\ncreate a ServiceAccount. But KubeBlocks does create RoleBindings for the specified ServiceAccount." type: "string" serviceRefs: description: "Defines a list of ServiceRef for a Component, enabling access to both external services and\nServices provided by other Clusters.\n\n\nTypes of services:\n\n\n- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator;\n Require a ServiceDescriptor for connection details.\n- Services provided by a Cluster: Managed by the same KubeBlocks operator;\n identified using Cluster, Component and Service names.\n\n\nServiceRefs with identical `serviceRef.name` in the same Cluster are considered the same.\n\n\nExample:\n```yaml\nserviceRefs:\n - name: \"redis-sentinel\"\n serviceDescriptor:\n name: \"external-redis-sentinel\"\n - name: \"postgres-cluster\"\n clusterServiceSelector:\n cluster: \"my-postgres-cluster\"\n service:\n component: \"postgresql\"\n```\nThe example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster." @@ -7703,7 +5969,7 @@ spec: maxLength: 32 type: "string" services: - description: "Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients." + description: "Overrides services defined in referenced ComponentDefinition." items: properties: annotations: @@ -7716,6 +5982,7 @@ spec: maxLength: 25 type: "string" podService: + default: false description: "Indicates whether to generate individual Services for each Pod.\nIf set to true, a separate Service will be created for each Pod in the Cluster." type: "boolean" serviceType: @@ -7738,6 +6005,10 @@ spec: description: "Overrides system accounts defined in referenced ComponentDefinition." items: properties: + disabled: + default: false + description: "Specifies whether the system account is disabled." + type: "boolean" name: description: "The name of the system account." type: "string" @@ -7778,7 +6049,7 @@ spec: type: "string" type: "object" secretRef: - description: "Refers to the secret from which data will be copied to create the new account.\n\n\nThis field is immutable once set." + description: "Refers to the secret from which data will be copied to create the new account.\n\n\nFor user-specified passwords, the maximum length is limited to 64 bytes.\n\n\nThis field is immutable once set." properties: name: description: "The unique identifier of the secret." @@ -7786,6 +6057,10 @@ spec: namespace: description: "The namespace where the secret is located." type: "string" + password: + default: "password" + description: "The key in the secret data that contains the password." + type: "string" required: - "name" - "namespace" @@ -7801,6 +6076,16 @@ spec: description: "Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for the Component." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" @@ -7839,6 +6124,9 @@ spec: storageClassName: description: "The name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1." type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\n\n\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass" + type: "string" volumeMode: description: "Defines what type of volume is required by the claim, either Block or Filesystem." type: "string" @@ -8876,9 +7164,15 @@ spec: description: "Specifies the name of the ClusterTopology to be used when creating the Cluster.\n\n\nThis field defines which set of Components, as outlined in the ClusterDefinition, will be used to\nconstruct the Cluster based on the named topology.\nThe ClusterDefinition may list multiple topologies under `clusterdefinition.spec.topologies[*]`,\neach tailored to different use cases or environments.\n\n\nIf `topology` is not specified, the Cluster will use the default topology defined in the ClusterDefinition.\n\n\nNote: Once set during the Cluster creation, the `topology` field cannot be modified.\nIt establishes the initial composition and structure of the Cluster and is intended for one-time configuration." maxLength: 32 type: "string" + x-kubernetes-validations: + - message: "topology is immutable" + rule: "self == oldSelf" required: - "terminationPolicy" type: "object" + x-kubernetes-validations: + - message: "topology is required once set" + rule: "!has(oldSelf.topology) || has(self.topology)" status: description: "ClusterStatus defines the observed state of the Cluster." properties: @@ -8898,6 +7192,7 @@ spec: - "Deleting" - "Updating" - "Stopping" + - "Starting" - "Running" - "Stopped" - "Failed" @@ -8984,6 +7279,7 @@ spec: - "Deleting" - "Updating" - "Stopping" + - "Starting" - "Running" - "Stopped" - "Failed" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/componentdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/componentdefinitions.yaml index e2bb2712e..bf3f81f26 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/componentdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/componentdefinitions.yaml @@ -1969,59 +1969,10 @@ spec: description: "Specifies the configuration file templates and volume mount parameters used by the Component.\nIt also includes descriptions of the parameters in the ConfigMaps, such as value range limitations.\n\n\nThis field specifies a list of templates that will be rendered into Component containers' configuration files.\nEach template is represented as a ConfigMap and may contain multiple configuration files,\nwith each file being a key in the ConfigMap.\n\n\nThe rendered configuration files will be mounted into the Component's containers\n according to the specified volume mount parameters.\n\n\nThis field is immutable." items: properties: - asEnvFrom: - description: "Specifies the containers to inject the ConfigMap parameters as environment variables.\n\n\nThis is useful when application images accept parameters through environment variables and\ngenerate the final configuration file in the startup script based on these variables.\n\n\nThis field allows users to specify a list of container names, and KubeBlocks will inject the environment\nvariables converted from the ConfigMap into these designated containers. This provides a flexible way to\npass the configuration items from the ConfigMap to the container without modifying the image.\n\n\nDeprecated: `asEnvFrom` has been deprecated since 0.9.0 and will be removed in 0.10.0.\nUse `injectEnvTo` instead." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "set" - asSecret: - description: "Whether to store the final rendered parameters as a secret." - type: "boolean" - constraintRef: - description: "Specifies the name of the referenced configuration constraints object." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" defaultMode: description: "The operator attempts to set default file permissions for scripts (0555) and configurations (0444).\nHowever, certain database engines may require different file permissions.\nYou can specify the desired file permissions here.\n\n\nMust be specified as an octal value between 0000 and 0777 (inclusive),\nor as a decimal value between 0 and 511 (inclusive).\nYAML supports both octal and decimal values for file permissions.\n\n\nPlease note that this setting only affects the permissions of the files themselves.\nDirectories within the specified path are not impacted by this setting.\nIt's important to be aware that this setting might conflict with other options\nthat influence the file mode, such as fsGroup.\nIn such cases, the resulting file mode may have additional bits set.\nRefers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information." format: "int32" type: "integer" - injectEnvTo: - description: "Specifies the containers to inject the ConfigMap parameters as environment variables.\n\n\nThis is useful when application images accept parameters through environment variables and\ngenerate the final configuration file in the startup script based on these variables.\n\n\nThis field allows users to specify a list of container names, and KubeBlocks will inject the environment\nvariables converted from the ConfigMap into these designated containers. This provides a flexible way to\npass the configuration items from the ConfigMap to the container without modifying the image." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "set" - keys: - description: "Specifies the configuration files within the ConfigMap that support dynamic updates.\n\n\nA configuration template (provided in the form of a ConfigMap) may contain templates for multiple\nconfiguration files.\nEach configuration file corresponds to a key in the ConfigMap.\nSome of these configuration files may support dynamic modification and reloading without requiring\na pod restart.\n\n\nIf empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates,\nand ConfigConstraint applies to all keys." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "set" - legacyRenderedConfigSpec: - description: "Specifies the secondary rendered config spec for pod-specific customization.\n\n\nThe template is rendered inside the pod (by the \"config-manager\" sidecar container) and merged with the main\ntemplate's render result to generate the final configuration file.\n\n\nThis field is intended to handle scenarios where different pods within the same Component have\nvarying configurations. It allows for pod-specific customization of the configuration.\n\n\nNote: This field will be deprecated in future versions, and the functionality will be moved to\n`cluster.spec.componentSpecs[*].instances[*]`." - properties: - namespace: - default: "default" - description: "Specifies the namespace of the referenced configuration template ConfigMap object.\nAn empty namespace is equivalent to the \"default\" namespace." - pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - policy: - default: "none" - description: "Defines the strategy for merging externally imported templates into component templates." - enum: - - "patch" - - "replace" - - "none" - type: "string" - templateRef: - description: "Specifies the name of the referenced configuration template ConfigMap object." - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - required: - - "templateRef" - type: "object" name: description: "Specifies the name of the configuration template." maxLength: 63 @@ -2033,17 +1984,6 @@ spec: maxLength: 63 pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" type: "string" - reRenderResourceTypes: - description: "Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes.\n\n\nIn some scenarios, the configuration may need to be updated to reflect the changes in resource allocation\nor cluster topology. Examples:\n\n\n- Redis: adjust maxmemory after v-scale operation.\n- MySQL: increase max connections after v-scale operation.\n- Zookeeper: update zoo.cfg with new node addresses after h-scale operation." - items: - description: "RerenderResourceType defines the resource requirements for a component." - enum: - - "vscale" - - "hscale" - - "tls" - type: "string" - type: "array" - x-kubernetes-list-type: "set" templateRef: description: "Specifies the name of the referenced configuration template ConfigMap object." maxLength: 63 @@ -2061,6 +2001,39 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + configs2: + description: "Specifies the config file templates and volume mount parameters used by the Component.\n\n\nThis field specifies a list of templates that will be rendered into Component containers' config files.\nEach template is represented as a ConfigMap and may contain multiple config files, with each file being a key in the ConfigMap.\n\n\nThis field is immutable." + items: + properties: + defaultMode: + description: "The operator attempts to set default file permissions (0444).\n\n\nMust be specified as an octal value between 0000 and 0777 (inclusive),\nor as a decimal value between 0 and 511 (inclusive).\nYAML supports both octal and decimal values for file permissions.\n\n\nPlease note that this setting only affects the permissions of the files themselves.\nDirectories within the specified path are not impacted by this setting.\nIt's important to be aware that this setting might conflict with other options\nthat influence the file mode, such as fsGroup.\nIn such cases, the resulting file mode may have additional bits set.\nRefers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information." + format: "int32" + type: "integer" + name: + description: "Specifies the name of the template." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" + namespace: + default: "default" + description: "Specifies the namespace of the referenced template ConfigMap object." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + template: + description: "Specifies the name of the referenced template ConfigMap object." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" + volumeName: + description: "Refers to the volume name of PodTemplate. The file produced through the template will be mounted to\nthe corresponding volume. Must be a DNS_LABEL name.\nThe volume name must be defined in podSpec.containers[*].volumeMounts." + maxLength: 63 + pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + type: "array" description: description: "Provides a brief and concise explanation of the Component's purpose, functionality, and any relevant details.\nIt serves as a quick reference for users to understand the Component's role and characteristics." maxLength: 256 @@ -2112,10 +2085,10 @@ spec: description: "Specifies static labels that will be patched to all Kubernetes resources created for the Component.\n\n\nNote: If a label key in the `labels` field conflicts with any system labels or user-specified labels,\nit will be silently ignored to avoid overriding higher-priority labels.\n\n\nThis field is immutable." type: "object" lifecycleActions: - description: "Defines a set of hooks and procedures that customize the behavior of a Component throughout its lifecycle.\nActions are triggered at specific lifecycle stages:\n\n\n - `postProvision`: Defines the hook to be executed after the creation of a Component,\n with `preCondition` specifying when the action should be fired relative to the Component's lifecycle stages:\n `Immediately`, `RuntimeReady`, `ComponentReady`, and `ClusterReady`.\n - `preTerminate`: Defines the hook to be executed before terminating a Component.\n - `roleProbe`: Defines the procedure which is invoked regularly to assess the role of replicas.\n - `switchover`: Defines the procedure for a controlled transition of leadership from the current leader to a new replica.\n This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology,\n such as before planned maintenance or upgrades on the current leader node.\n - `memberJoin`: Defines the procedure to add a new replica to the replication group.\n - `memberLeave`: Defines the method to remove a replica from the replication group.\n - `readOnly`: Defines the procedure to switch a replica into the read-only state.\n - `readWrite`: transition a replica from the read-only state back to the read-write state.\n - `dataDump`: Defines the procedure to export the data from a replica.\n - `dataLoad`: Defines the procedure to import data into a replica.\n - `reconfigure`: Defines the procedure that update a replica with new configuration file.\n - `accountProvision`: Defines the procedure to generate a new database account.\n\n\nThis field is immutable." + description: "Defines a set of hooks and procedures that customize the behavior of a Component throughout its lifecycle.\nActions are triggered at specific lifecycle stages:\n\n\n - `postProvision`: Defines the hook to be executed after the creation of a Component,\n with `preCondition` specifying when the action should be fired relative to the Component's lifecycle stages:\n `Immediately`, `RuntimeReady`, `ComponentReady`, and `ClusterReady`.\n - `preTerminate`: Defines the hook to be executed before terminating a Component.\n - `roleProbe`: Defines the procedure which is invoked regularly to assess the role of replicas.\n - `switchover`: Defines the procedure for a controlled transition of a role to a new replica.\n This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology,\n such as before planned maintenance or upgrades on the current leader node.\n - `memberJoin`: Defines the procedure to add a new replica to the replication group.\n - `memberLeave`: Defines the method to remove a replica from the replication group.\n - `readOnly`: Defines the procedure to switch a replica into the read-only state.\n - `readWrite`: transition a replica from the read-only state back to the read-write state.\n - `dataDump`: Defines the procedure to export the data from a replica.\n - `dataLoad`: Defines the procedure to import data into a replica.\n - `reconfigure`: Defines the procedure that update a replica with new configuration file.\n - `accountProvision`: Defines the procedure to generate a new database account.\n\n\nThis field is immutable." properties: accountProvision: - description: "Defines the procedure to generate a new database account.\n\n\nUse Case:\nThis action is designed to create system accounts that are utilized for replication, monitoring, backup,\nand other administrative tasks.\n\n\nThe container executing this action has access to following variables:\n\n\n- KB_ACCOUNT_NAME: The name of the system account to be created.\n- KB_ACCOUNT_PASSWORD: The password for the system account. // TODO: how to pass the password securely?\n- KB_ACCOUNT_STATEMENT: The statement used to create the system account.\n\n\nNote: This field is immutable once it has been set." + description: "Defines the procedure to generate a new database account.\n\n\nUse Case:\nThis action is designed to create system accounts that are utilized for replication, monitoring, backup,\nand other administrative tasks.\n\n\nThe container executing this action has access to following variables:\n\n\n- KB_ACCOUNT_NAME: The name of the system account to be manipulated.\n- KB_ACCOUNT_PASSWORD: The password for the system account.\n- KB_ACCOUNT_STATEMENT: The statement used to manipulate the system account.\n\n\nNote: This field is immutable once it has been set." properties: exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." @@ -2411,7 +2384,7 @@ spec: type: "integer" type: "object" dataDump: - description: "Defines the procedure for exporting the data from a replica.\n\n\nUse Case:\nThis action is intended for initializing a newly created replica with data. It involves exporting data\nfrom an existing replica and importing it into the new, empty replica. This is essential for synchronizing\nthe state of replicas across the system.\n\n\nApplicability:\nSome database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality.\nIn such cases, this action may not be required.\n\n\nThe output should be a valid data dump streamed to stdout. It must exclude any irrelevant information to ensure\nthat only the necessary data is exported for import into the new replica.\n\n\nNote: This field is immutable once it has been set." + description: "Defines the procedure for exporting the data from a replica.\n\n\nUse Case:\nThis action is intended for initializing a newly created replica with data. It involves exporting data\nfrom an existing replica and importing it into the new, empty replica. This is essential for synchronizing\nthe state of replicas across the system.\n\n\nApplicability:\nSome database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality.\nIn such cases, this action may not be required.\n\n\nThe output should be a valid data dump streamed to stdout. It must exclude any irrelevant information to ensure\nthat only the necessary data is exported for import into the new replica.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_TARGET_POD_NAME: The name of the replica pod into which the data will be loaded.\n\n\nNote: This field is immutable once it has been set." properties: exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." @@ -3827,7 +3800,7 @@ spec: type: "integer" type: "object" switchover: - description: "Defines the procedure for a controlled transition of leadership from the current leader to a new replica.\nThis approach aims to minimize downtime and maintain availability in systems with a leader-follower topology,\nduring events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations\ninvolving the current leader node.\n\n\nThe container executing this action has access to following variables:\n\n\n- KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod for the new leader candidate, which may not be specified (empty).\n- KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the new leader candidate's pod, which may not be specified (empty).\n\n\nNote: This field is immutable once it has been set." + description: "Defines the procedure for a controlled transition of a role to a new replica.\nThis approach aims to minimize downtime and maintain availability\nduring events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations.\nIn a typical consensus system, this action is used to transfer leader role to another replica.\n\n\nThe container executing this action has access to following variables:\n\n\n- KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod of the new role's candidate, which may not be specified (empty).\n- KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the pod of the new role's candidate, which may not be specified (empty).\n- KB_SWITCHOVER_CURRENT_NAME: The name of the pod of the current role.\n- KB_SWITCHOVER_CURRENT_FQDN: The FQDN of the pod of the current role.\n- KB_SWITCHOVER_ROLE: The role that will be transferred to another replica.\n This variable can be empty if, for example, role probe does not succeed.\n It depends on the addon implementation what to do under such cases.\n\n\nNote: This field is immutable once it has been set." properties: exec: description: "Defines the command to run.\n\n\nThis field cannot be updated." @@ -3997,7 +3970,7 @@ spec: description: "InstanceSet controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down." type: "string" policyRules: - description: "Defines the namespaced policy rules required by the Component.\n\n\nThe `policyRules` field is an array of `rbacv1.PolicyRule` objects that define the policy rules\nneeded by the Component to operate within a namespace.\nThese policy rules determine the permissions and verbs the Component is allowed to perform on\nKubernetes resources within the namespace.\n\n\nThe purpose of this field is to automatically generate the necessary RBAC roles\nfor the Component based on the specified policy rules.\nThis ensures that the Pods in the Component has appropriate permissions to function.\n\n\nNote: This field is currently non-functional and is reserved for future implementation.\n\n\nThis field is immutable." + description: "Defines the namespaced policy rules required by the Component.\n\n\nThe `policyRules` field is an array of `rbacv1.PolicyRule` objects that define the policy rules\nneeded by the Component to operate within a namespace.\nThese policy rules determine the permissions and verbs the Component is allowed to perform on\nKubernetes resources within the namespace.\n\n\nThe purpose of this field is to automatically generate the necessary RBAC roles\nfor the Component based on the specified policy rules.\nThis ensures that the Pods in the Component has appropriate permissions to function.\n\n\nTo prevent privilege escalation, only permissions already owned by KubeBlocks can be added here.\n\n\nThis field is immutable." items: description: "PolicyRule holds information that describes a policy rule, but does not contain information\nabout who the rule applies to or which namespace the rule applies to." properties: @@ -4055,30 +4028,27 @@ spec: - message: "the minimum replicas limit should be no greater than the maximum" rule: "self.minReplicas <= self.maxReplicas" roles: - description: "Enumerate all possible roles assigned to each replica of the Component, influencing its behavior.\n\n\nA replica can have zero to multiple roles.\nKubeBlocks operator determines the roles of each replica by invoking the `lifecycleActions.roleProbe` method.\nThis action returns a list of roles for each replica, and the returned roles must be predefined in the `roles` field.\n\n\nThe roles assigned to a replica can influence various aspects of the Component's behavior, such as:\n\n\n- Service selection: The Component's exposed Services may target replicas based on their roles using `roleSelector`.\n- Update order: The roles can determine the order in which replicas are updated during a Component update.\n For instance, replicas with a \"follower\" role can be updated first, while the replica with the \"leader\"\n role is updated last. This helps minimize the number of leader changes during the update process.\n\n\nThis field is immutable." + description: "Enumerate all possible roles assigned to each replica of the Component, influencing its behavior.\n\n\nA replica can have zero or one role.\nKubeBlocks operator determines the role of each replica by invoking the `lifecycleActions.roleProbe` method.\nThis action returns the role for each replica, and the returned role must be predefined here.\n\n\nThe roles assigned to a replica can influence various aspects of the Component's behavior, such as:\n\n\n- Service selection: The Component's exposed Services may target replicas based on their roles using `roleSelector`.\n- Update order: The roles can determine the order in which replicas are updated during a Component update.\n For instance, replicas with a \"follower\" role can be updated first, while the replica with the \"leader\"\n role is updated last. This helps minimize the number of leader changes during the update process.\n\n\nThis field is immutable." items: - description: "ReplicaRole represents a role that can be assumed by a component instance." + description: "ReplicaRole represents a role that can be assigned to a component instance, defining its behavior and responsibilities." properties: name: - description: "Defines the role's identifier. It is used to set the \"apps.kubeblocks.io/role\" label value\non the corresponding object.\n\n\nThis field is immutable once set." + description: "Name defines the role's unique identifier. This value is used to set the \"apps.kubeblocks.io/role\" label\non the corresponding object to identify its role.\n\n\nFor example, common role names include:\n- \"leader\": The primary/master instance that handles write operations\n- \"follower\": Secondary/replica instances that replicate data from the leader\n- \"learner\": Read-only instances that don't participate in elections\n\n\nThis field is immutable once set." maxLength: 32 pattern: "^.*[^\\s]+.*$" type: "string" - serviceable: - default: false - description: "Indicates whether a replica assigned this role is capable of providing services.\n\n\nThis field is immutable once set." - type: "boolean" - votable: - default: false - description: "Specifies whether a replica with this role has voting rights.\nIn distributed systems, this typically means the replica can participate in consensus decisions,\nconfiguration changes, or other processes that require a quorum.\n\n\nThis field is immutable once set." - type: "boolean" - writable: + participatesInQuorum: default: false - description: "Determines if a replica in this role has the authority to perform write operations.\nA writable replica can modify data, handle update operations.\n\n\nThis field is immutable once set." + description: "ParticipatesInQuorum indicates if pods with this role are counted when determining quorum.\nThis affects update strategies that need to maintain quorum for availability. Roles participate\nin quorum should have higher update priority than roles do not participate in quorum.\nThe default value is false.\n\n\nFor example, in a 5-pod component where:\n- 2 learner pods (participatesInQuorum=false)\n- 2 follower pods (participatesInQuorum=true)\n- 1 leader pod (participatesInQuorum=true)\nThe quorum size would be 3 (based on the 3 participating pods), allowing parallel updates\nof 2 learners and 1 follower while maintaining quorum.\n\n\nThis field is immutable once set." type: "boolean" + updatePriority: + default: 0 + description: "UpdatePriority determines the order in which pods with different roles are updated.\nPods are sorted by this priority (higher numbers = higher priority) and updated accordingly.\nRoles with the highest priority will be updated last.\nThe default priority is 0.\n\n\nFor example:\n- Leader role may have priority 2 (updated last)\n- Follower role may have priority 1 (updated before leader)\n- Learner role may have priority 0 (updated first)\n\n\nThis field is immutable once set." + type: "integer" required: - "name" type: "object" + maxItems: 128 type: "array" runtime: description: "Specifies the PodSpec template used in the Component.\nIt includes the following elements:\n\n\n- Init containers\n- Containers\n - Image\n - Commands\n - Args\n - Envs\n - Mounts\n - Ports\n - Security context\n - Probes\n - Lifecycle\n- Volumes\n\n\nThis field is intended to define static settings that remain consistent across all instantiated Components.\nDynamic settings such as CPU and memory resource limits, as well as scheduling settings (affinity,\ntoleration, priority), may vary among different instantiated Components.\nThey should be specified in the `cluster.spec.componentSpecs` (ClusterComponentSpec).\n\n\nSpecific instances of a Component may override settings defined here, such as using a different container image\nor modifying environment variable values.\nThese instance-specific overrides can be specified in `cluster.spec.componentSpecs[*].instances`.\n\n\nThis field is immutable and cannot be updated once set." @@ -8554,6 +8524,39 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + scripts2: + description: "Specifies groups of scripts, each provided via a ConfigMap, to be mounted as volumes in the container.\nThese scripts can be executed during container startup or via specific actions.\n\n\nThis field is immutable." + items: + properties: + defaultMode: + description: "The operator attempts to set default file permissions (0444).\n\n\nMust be specified as an octal value between 0000 and 0777 (inclusive),\nor as a decimal value between 0 and 511 (inclusive).\nYAML supports both octal and decimal values for file permissions.\n\n\nPlease note that this setting only affects the permissions of the files themselves.\nDirectories within the specified path are not impacted by this setting.\nIt's important to be aware that this setting might conflict with other options\nthat influence the file mode, such as fsGroup.\nIn such cases, the resulting file mode may have additional bits set.\nRefers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information." + format: "int32" + type: "integer" + name: + description: "Specifies the name of the template." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" + namespace: + default: "default" + description: "Specifies the namespace of the referenced template ConfigMap object." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + template: + description: "Specifies the name of the referenced template ConfigMap object." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" + volumeName: + description: "Refers to the volume name of PodTemplate. The file produced through the template will be mounted to\nthe corresponding volume. Must be a DNS_LABEL name.\nThe volume name must be defined in podSpec.containers[*].volumeMounts." + maxLength: 63 + pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" + type: "string" + required: + - "name" + type: "object" + type: "array" serviceKind: description: "Defines the type of well-known service protocol that the Component provides.\nIt specifies the standard or widely recognized protocol used by the Component to offer its Services.\n\n\nThe `serviceKind` field allows users to quickly identify the type of Service provided by the Component\nbased on common protocols or service types. This information helps in understanding the compatibility,\ninteroperability, and usage of the Component within a system.\n\n\nSome examples of well-known service protocols include:\n\n\n- \"MySQL\": Indicates that the Component provides a MySQL database service.\n- \"PostgreSQL\": Indicates that the Component offers a PostgreSQL database service.\n- \"Redis\": Signifies that the Component functions as a Redis key-value store.\n- \"ETCD\": Denotes that the Component serves as an ETCD distributed key-value store.\n\n\nThe `serviceKind` value is case-insensitive, allowing for flexibility in specifying the protocol name.\n\n\nWhen specifying the `serviceKind`, consider the following guidelines:\n\n\n- Use well-established and widely recognized protocol names or service types.\n- Ensure that the `serviceKind` accurately represents the primary service type offered by the Component.\n- If the Component provides multiple services, choose the most prominent or commonly used protocol.\n- Limit the `serviceKind` to a maximum of 32 characters for conciseness and readability.\n\n\nNote: The `serviceKind` field is optional and can be left empty if the Component does not fit into a well-known\nservice category or if the protocol is not widely recognized. It is primarily used to convey information about\nthe Component's service type to users and facilitate discovery and integration.\n\n\nThe `serviceKind` field is immutable and cannot be updated." maxLength: 32 @@ -8792,26 +8795,49 @@ spec: description: "Seed to generate the account's password.\nCannot be updated." type: "string" type: "object" - secretRef: - description: "Refers to the secret from which data will be copied to create the new account.\n\n\nThis field is immutable once set." + statement: + description: "Defines the statements used to create, delete, and update the account.\n\n\nThis field is immutable once set." properties: - name: - description: "The unique identifier of the secret." + create: + description: "The statement to create a new account with the necessary privileges.\n\n\nThis field is immutable once set." type: "string" - namespace: - description: "The namespace where the secret is located." + delete: + description: "The statement to delete a account.\n\n\nThis field is immutable once set." + type: "string" + update: + description: "The statement to update an existing account.\n\n\nThis field is immutable once set." type: "string" - required: - - "name" - - "namespace" type: "object" - statement: - description: "Defines the statement used to create the account with the necessary privileges.\n\n\nThis field is immutable once set." - type: "string" required: - "name" type: "object" type: "array" + tls: + description: "Specifies the TLS configuration for the Component.\n\n\nThis field is immutable." + properties: + caFile: + description: "The CA file of the TLS.\n\n\nThis field is immutable once set." + type: "string" + certFile: + description: "The certificate file of the TLS.\n\n\nThis field is immutable once set." + type: "string" + defaultMode: + description: "The permissions for the mounted path. Defaults to 0600.\n\n\nThis field is immutable once set." + format: "int32" + type: "integer" + keyFile: + description: "The key file of the TLS.\n\n\nThis field is immutable once set." + type: "string" + mountPath: + description: "Specifies the mount path for the TLS secret to be mounted.\nSimilar to the volume, the controller will mount the created volume to the specified path within containers when the TLS is enabled.\n\n\nThis field is immutable once set." + type: "string" + volumeName: + description: "Specifies the volume name for the TLS secret.\nThe controller will create a volume object with the specified name and add it to the pod when the TLS is enabled.\n\n\nThis field is immutable once set." + type: "string" + required: + - "mountPath" + - "volumeName" + type: "object" updateStrategy: default: "Serial" description: "Specifies the concurrency strategy for updating multiple instances of the Component.\nAvailable strategies:\n\n\n- `Serial`: Updates replicas one at a time, ensuring minimal downtime by waiting for each replica to become ready\n before updating the next.\n- `Parallel`: Updates all replicas simultaneously, optimizing for speed but potentially reducing availability\n during the update.\n- `BestEffortParallel`: Updates replicas concurrently with a limit on simultaneous updates to ensure a minimum\n number of operational replicas for maintaining quorum.\n\t For example, in a 5-replica component, updating a maximum of 2 replicas simultaneously keeps\n\t at least 3 operational for quorum.\n\n\nThis field is immutable and defaults to 'Serial'." @@ -8900,6 +8926,9 @@ spec: description: "The format of the value that the operator will use to compose values from multiple components." type: "string" type: "object" + requireAllComponentObjects: + description: "RequireAllComponentObjects controls whether all component objects must exist before resolving.\nIf set to true, resolving will only proceed if all component objects are present." + type: "boolean" strategy: description: "Define the strategy for handling multiple cluster objects." enum: @@ -9015,6 +9044,9 @@ spec: description: "The format of the value that the operator will use to compose values from multiple components." type: "string" type: "object" + requireAllComponentObjects: + description: "RequireAllComponentObjects controls whether all component objects must exist before resolving.\nIf set to true, resolving will only proceed if all component objects are present." + type: "boolean" strategy: description: "Define the strategy for handling multiple cluster objects." enum: @@ -9099,6 +9131,9 @@ spec: description: "The format of the value that the operator will use to compose values from multiple components." type: "string" type: "object" + requireAllComponentObjects: + description: "RequireAllComponentObjects controls whether all component objects must exist before resolving.\nIf set to true, resolving will only proceed if all component objects are present." + type: "boolean" strategy: description: "Define the strategy for handling multiple cluster objects." enum: @@ -9178,6 +9213,9 @@ spec: description: "The format of the value that the operator will use to compose values from multiple components." type: "string" type: "object" + requireAllComponentObjects: + description: "RequireAllComponentObjects controls whether all component objects must exist before resolving.\nIf set to true, resolving will only proceed if all component objects are present." + type: "boolean" strategy: description: "Define the strategy for handling multiple cluster objects." enum: @@ -9265,6 +9303,9 @@ spec: description: "The format of the value that the operator will use to compose values from multiple components." type: "string" type: "object" + requireAllComponentObjects: + description: "RequireAllComponentObjects controls whether all component objects must exist before resolving.\nIf set to true, resolving will only proceed if all component objects are present." + type: "boolean" strategy: description: "Define the strategy for handling multiple cluster objects." enum: @@ -9299,6 +9340,66 @@ spec: - "Optional" type: "string" type: "object" + tlsVarRef: + description: "Selects a defined var of the TLS." + properties: + compDef: + description: "Specifies the exact name, name prefix, or regular expression pattern for matching the name of the ComponentDefinition\ncustom resource (CR) used by the component that the referent object resident in.\n\n\nIf not specified, the component itself will be used." + type: "string" + enabled: + description: "VarOption defines whether a variable is required or optional." + enum: + - "Required" + - "Optional" + type: "string" + multipleClusterObjectOption: + description: "This option defines the behavior when multiple component objects match the specified @CompDef.\nIf not provided, an error will be raised when handling multiple matches." + properties: + combinedOption: + description: "Define the options for handling combined variables.\nValid only when the strategy is set to \"combined\"." + properties: + flattenFormat: + description: "The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value." + properties: + delimiter: + default: "," + description: "Pair delimiter." + type: "string" + keyValueDelimiter: + default: ":" + description: "Key-value delimiter." + type: "string" + required: + - "delimiter" + - "keyValueDelimiter" + type: "object" + newVarSuffix: + description: "If set, the existing variable will be kept, and a new variable will be defined with the specified suffix\nin pattern: $(var.name)_$(suffix).\nThe new variable will be auto-created and placed behind the existing one.\nIf not set, the existing variable will be reused with the value format defined below." + type: "string" + valueFormat: + default: "Flatten" + description: "The format of the value that the operator will use to compose values from multiple components." + type: "string" + type: "object" + requireAllComponentObjects: + description: "RequireAllComponentObjects controls whether all component objects must exist before resolving.\nIf set to true, resolving will only proceed if all component objects are present." + type: "boolean" + strategy: + description: "Define the strategy for handling multiple cluster objects." + enum: + - "individual" + - "combined" + type: "string" + required: + - "strategy" + type: "object" + name: + description: "Name of the referent object." + type: "string" + optional: + description: "Specify whether the object must be defined." + type: "boolean" + type: "object" type: "object" required: - "name" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/components.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/components.yaml index 14feaab45..2844fc990 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/components.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1/components.yaml @@ -63,7 +63,7 @@ spec: configs: description: "Specifies the configuration content of a config template." items: - description: "ClusterComponentConfig represents a config with its source bound." + description: "ClusterComponentConfig represents a configuration for a component." properties: configMap: description: "ConfigMap source for the config." @@ -100,9 +100,159 @@ spec: type: "boolean" type: "object" x-kubernetes-map-type: "atomic" + externalManaged: + description: "ExternalManaged indicates whether the configuration is managed by an external system.\nWhen set to true, the controller will use the user-provided template and reconfigure action,\nignoring the default template and update behavior." + type: "boolean" name: description: "The name of the config." + maxLength: 63 + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" + reconfigure: + description: "The custom reconfigure action to reload the service configuration whenever changes to this config are detected.\n\n\nThe container executing this action has access to following variables:\n\n\n- KB_CONFIG_FILES_CREATED: file1,file2...\n- KB_CONFIG_FILES_REMOVED: file1,file2...\n- KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2...\n\n\nNote: This field is immutable once it has been set." + properties: + exec: + description: "Defines the command to run.\n\n\nThis field cannot be updated." + properties: + args: + description: "Args represents the arguments that are passed to the `command` for execution." + items: + type: "string" + type: "array" + command: + description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." + items: + type: "string" + type: "array" + container: + description: "Specifies the name of the container within the same pod whose resources will be shared with the action.\nThis allows the action to utilize the specified container's resources without executing within it.\n\n\nThe name must match one of the containers defined in `componentDefinition.spec.runtime`.\n\n\nThe resources that can be shared are included:\n\n\n- volume mounts\n\n\nThis field cannot be updated." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nAll actions with same image will share the same container.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nIf not specified, the Action will be executed in the pod where the Action is triggered, such as the pod\nto be removed or added; or a random pod if the Action is triggered at the component level, such as\npost-provision or pre-terminate of the component.\n\n\nThis field cannot be updated." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + preCondition: + description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." + type: "string" + retryPolicy: + description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." + properties: + maxRetries: + default: 0 + description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." + type: "integer" + retryInterval: + default: 0 + description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." + format: "int64" + type: "integer" + type: "object" + timeoutSeconds: + default: 0 + description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." + format: "int32" + type: "integer" + type: "object" + variables: + additionalProperties: + type: "string" + description: "Variables are key-value pairs for dynamic configuration values that can be provided by the user." + type: "object" type: "object" type: "array" disableExporter: @@ -192,6 +342,32 @@ spec: - "name" type: "object" type: "array" + instanceUpdateStrategy: + description: "Provides fine-grained control over the spec update process of all instances." + properties: + rollingUpdate: + description: "Specifies how the rolling update should be applied." + properties: + maxUnavailable: + anyOf: + - type: "integer" + - type: "string" + description: "The maximum number of instances that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. The field applies to all instances. That means if there is any unavailable pod,\nit will be counted towards MaxUnavailable." + x-kubernetes-int-or-string: true + replicas: + anyOf: + - type: "integer" + - type: "string" + description: "Indicates the number of instances that should be updated during a rolling update.\nThe remaining instances will remain untouched. This is helpful in defining how many instances\nshould participate in the update process.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up.\nThe default value is ComponentSpec.Replicas (i.e., update all instances)." + x-kubernetes-int-or-string: true + type: "object" + type: + description: "Indicates the type of the update strategy.\nDefault is RollingUpdate." + enum: + - "RollingUpdate" + - "OnDelete" + type: "string" + type: "object" instances: description: "Allows for the customization of configuration values for each instance within a Component.\nAn Instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps).\nWhile instances typically share a common configuration as defined in the ClusterComponentSpec,\nthey can require unique settings in various scenarios:\n\n\nFor example:\n- A database Component might require different resource allocations for primary and secondary instances,\n with primaries needing more resources.\n- During a rolling upgrade, a Component may first update the image for one or a few instances,\n and then update the remaining instances after verifying that the updated instances are functioning correctly.\n\n\nInstanceTemplate allows for specifying these unique configurations per instance.\nEach instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal),\nstarting with an ordinal of 0.\nIt is crucial to maintain unique names for each InstanceTemplate to avoid conflicts.\n\n\nThe sum of replicas across all InstanceTemplates should not exceed the total number of Replicas specified for the Component.\nAny remaining replicas will be generated using the default template and will follow the default naming rules." items: @@ -286,9 +462,6 @@ spec: - "name" type: "object" type: "array" - image: - description: "Specifies an override for the first container's image in the Pod." - type: "string" labels: additionalProperties: type: "string" @@ -299,6 +472,30 @@ spec: maxLength: 54 pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" + ordinals: + description: "Specifies the desired Ordinals of this InstanceTemplate.\nThe Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate.\n\n\nFor example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]},\nthen the instance names generated under this InstanceTemplate would be\n$(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and\n$(cluster.name)-$(component.name)-$(template.name)-7" + properties: + discrete: + items: + format: "int32" + type: "integer" + type: "array" + ranges: + items: + description: "Range represents a range with a start and an end value.\nIt is used to define a continuous segment." + properties: + end: + format: "int32" + type: "integer" + start: + format: "int32" + type: "integer" + required: + - "end" + - "start" + type: "object" + type: "array" + type: "object" replicas: default: 1 description: "Specifies the number of instances (Pods) to create from this InstanceTemplate.\nThis field allows setting how many replicated instances of the Component,\nwith the specific overrides in the InstanceTemplate, are created.\nThe default value is 1. A value of 0 disables instance creation." @@ -862,1196 +1059,113 @@ spec: required: - "topologyKey" type: "object" - type: "array" - type: "object" - type: "object" - nodeName: - description: "NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this Pod onto that node, assuming that it fits resource\nrequirements." - type: "string" - nodeSelector: - additionalProperties: - type: "string" - description: "NodeSelector is a selector which must be true for the Pod to fit on a node.\nSelector which must match a node's labels for the Pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" - type: "object" - x-kubernetes-map-type: "atomic" - schedulerName: - description: "If specified, the Pod will be dispatched by specified scheduler.\nIf not specified, the Pod will be dispatched by default scheduler." - type: "string" - tolerations: - description: "Allows Pods to be scheduled onto nodes with matching taints.\nEach toleration in the array allows the Pod to tolerate node taints based on\nspecified `key`, `value`, `effect`, and `operator`.\n\n\n- The `key`, `value`, and `effect` identify the taint that the toleration matches.\n- The `operator` determines how the toleration matches the taint.\n\n\nPods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes." - items: - description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." - properties: - effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." - type: "string" - key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." - type: "string" - operator: - description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." - type: "string" - tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." - format: "int64" - type: "integer" - value: - description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." - type: "string" - type: "object" - type: "array" - topologySpreadConstraints: - description: "TopologySpreadConstraints describes how a group of Pods ought to spread across topology\ndomains. Scheduler will schedule Pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." - items: - description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." - properties: - labelSelector: - description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." - format: "int32" - type: "integer" - minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." - format: "int32" - type: "integer" - nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." - type: "string" - whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." - type: "string" - required: - - "maxSkew" - - "topologyKey" - - "whenUnsatisfiable" - type: "object" - type: "array" - type: "object" - volumeClaimTemplates: - description: "Defines VolumeClaimTemplates to override.\nAdd new or override existing volume claim templates." - items: - properties: - name: - description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." - type: "string" - spec: - description: "Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume\nwith the mount name specified in the `name` field.\n\n\nWhen a Pod is created for this ClusterComponent, a new PVC will be created based on the specification\ndefined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field." - properties: - accessModes: - description: "Contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1." - items: - type: "string" - type: "array" - x-kubernetes-preserve-unknown-fields: true - resources: - description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." - properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - x-kubernetes-preserve-unknown-fields: true - storageClassName: - description: "The name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1." - type: "string" - volumeMode: - description: "Defines what type of volume is required by the claim, either Block or Filesystem." - type: "string" - type: "object" - required: - - "name" - type: "object" - type: "array" - volumeMounts: - description: "Defines VolumeMounts to override.\nAdd new or override existing volume mounts of the first container in the Pod." - items: - description: "VolumeMount describes a mounting of a Volume within a container." - properties: - mountPath: - description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." - type: "string" - mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." - type: "string" - name: - description: "This must match the Name of a Volume." - type: "string" - readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." - type: "boolean" - subPath: - description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." - type: "string" - subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." - type: "string" - required: - - "mountPath" - - "name" - type: "object" - type: "array" - volumes: - description: "Defines Volumes to override.\nAdd new or override existing volumes." - items: - description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." - properties: - awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." - format: "int32" - type: "integer" - readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "boolean" - volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "string" - required: - - "volumeID" - type: "object" - azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." - properties: - cachingMode: - description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." - type: "string" - diskName: - description: "diskName is the Name of the data disk in the blob storage" - type: "string" - diskURI: - description: "diskURI is the URI of data disk in the blob storage" - type: "string" - fsType: - description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - kind: - description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - required: - - "diskName" - - "diskURI" - type: "object" - azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." - properties: - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretName: - description: "secretName is the name of secret that contains Azure Storage Account Name and Key" - type: "string" - shareName: - description: "shareName is the azure share Name" - type: "string" - required: - - "secretName" - - "shareName" - type: "object" - cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" - properties: - monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - items: - type: "string" - type: "array" - path: - description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" - type: "string" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "boolean" - secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - required: - - "monitors" - type: "object" - cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "boolean" - secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeID: - description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - required: - - "volumeID" - type: "object" - configMap: - description: "configMap represents a configMap that should populate this volume" - properties: - defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." - properties: - driver: - description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." - type: "string" - fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." - type: "string" - nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - readOnly: - description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." - type: "boolean" - volumeAttributes: - additionalProperties: - type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." - type: "object" - required: - - "driver" - type: "object" - downwardAPI: - description: "downwardAPI represents downward API about the pod that should populate this volume" - properties: - defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "Items is a list of downward API volume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - properties: - medium: - description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - type: "string" - sizeLimit: - anyOf: - - type: "integer" - - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - type: "object" - ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." - properties: - metadata: - description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." - properties: - annotations: - additionalProperties: - type: "string" - type: "object" - finalizers: - items: - type: "string" - type: "array" - labels: - additionalProperties: - type: "string" - type: "object" - name: - type: "string" - namespace: - type: "string" - type: "object" - spec: - description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." - properties: - accessModes: - description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" - items: - type: "string" - type: "array" - dataSource: - description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - required: - - "kind" - - "name" - type: "object" - x-kubernetes-map-type: "atomic" - dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - namespace: - description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - type: "string" - required: - - "kind" - - "name" - type: "object" - resources: - description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" - properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - selector: - description: "selector is a label query over volumes to consider for binding." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" - type: "string" - volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." - type: "string" - volumeMode: - description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." - type: "string" - volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." - type: "string" - type: "object" - required: - - "spec" - type: "object" - type: "object" - fc: - description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - lun: - description: "lun is Optional: FC target lun number" - format: "int32" - type: "integer" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - targetWWNs: - description: "targetWWNs is Optional: FC target worldwide names (WWNs)" - items: - type: "string" - type: "array" - wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." - items: - type: "string" - type: "array" - type: "object" - flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." - properties: - driver: - description: "driver is the name of the driver to use for this volume." - type: "string" - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." - type: "string" - options: - additionalProperties: - type: "string" - description: "options is Optional: this field holds extra command options if any." - type: "object" - readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "driver" - type: "object" - flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" - properties: - datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" - type: "string" - datasetUUID: - description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" - type: "string" - type: "object" - gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - properties: - fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - format: "int32" - type: "integer" - pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "boolean" - required: - - "pdName" - type: "object" - gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." - properties: - directory: - description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." - type: "string" - repository: - description: "repository is the URL" - type: "string" - revision: - description: "revision is the commit hash for the specified revision." - type: "string" - required: - - "repository" - type: "object" - glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" - properties: - endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - path: - description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "boolean" - required: - - "endpoints" - - "path" - type: "object" - hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." - properties: - path: - description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - type: - description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - required: - - "path" - type: "object" - iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" - properties: - chapAuthDiscovery: - description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" - type: "boolean" - chapAuthSession: - description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" - type: "boolean" - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." - type: "string" - iqn: - description: "iqn is the target iSCSI Qualified Name." - type: "string" - iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." - type: "string" - lun: - description: "lun represents iSCSI Target Lun number." - format: "int32" - type: "integer" - portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - items: - type: "string" - type: "array" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." - type: "boolean" - secretRef: - description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - type: "string" - required: - - "iqn" - - "lun" - - "targetPortal" - type: "object" - name: - description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "array" + type: "object" + type: "object" + nodeName: + description: "NodeName is a request to schedule this Pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this Pod onto that node, assuming that it fits resource\nrequirements." + type: "string" + nodeSelector: + additionalProperties: type: "string" - nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - properties: - path: - description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "boolean" - server: - description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - required: - - "path" - - "server" - type: "object" - persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - properties: - claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - type: "string" - readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." - type: "boolean" - required: - - "claimName" - type: "object" - photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "NodeSelector is a selector which must be true for the Pod to fit on a node.\nSelector which must match a node's labels for the Pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + x-kubernetes-map-type: "atomic" + schedulerName: + description: "If specified, the Pod will be dispatched by specified scheduler.\nIf not specified, the Pod will be dispatched by default scheduler." + type: "string" + tolerations: + description: "Allows Pods to be scheduled onto nodes with matching taints.\nEach toleration in the array allows the Pod to tolerate node taints based on\nspecified `key`, `value`, `effect`, and `operator`.\n\n\n- The `key`, `value`, and `effect` identify the taint that the toleration matches.\n- The `operator` determines how the toleration matches the taint.\n\n\nPods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" - pdID: - description: "pdID is the ID that identifies Photon Controller persistent disk" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" - required: - - "pdID" - type: "object" - portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - volumeID: - description: "volumeID uniquely identifies a Portworx volume" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" - required: - - "volumeID" type: "object" - projected: - description: "projected items for all in one resources secrets, configmaps, and downward API" + type: "array" + topologySpreadConstraints: + description: "TopologySpreadConstraints describes how a group of Pods ought to spread across topology\ndomains. Scheduler will schedule Pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." + items: + description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: - defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - sources: - description: "sources is the list of volume projections" - items: - description: "Projection that may be projected along with other supported volume types" - properties: - clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + labelSelector: + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: - labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." - type: "string" - optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." - type: "boolean" - path: - description: "Relative path from the volume root to write the bundle." - type: "string" - signerName: - description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + key: + description: "key is the label key that the selector applies to." type: "string" - required: - - "path" - type: "object" - configMap: - description: "configMap information about the configMap data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - downwardAPI: - description: "downwardAPI information about the downwardAPI data to project" - properties: - items: - description: "Items is a list of DownwardAPIVolume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - secret: - description: "secret information about the secret data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" + type: "string" type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional field specify whether the Secret or its key must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - serviceAccountToken: - description: "serviceAccountToken is information about the serviceAccountToken data to project" - properties: - audience: - description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." - type: "string" - expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." - format: "int64" - type: "integer" - path: - description: "path is the path relative to the mount point of the file to project the\ntoken into." - type: "string" required: - - "path" + - "key" + - "operator" type: "object" - type: "object" - type: "array" - type: "object" - quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" - properties: - group: - description: "group to map volume access to\nDefault is no group" - type: "string" - readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." - type: "boolean" - registry: - description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" - type: "string" - tenant: - description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" - type: "string" - user: - description: "user to map volume access to\nDefaults to serivceaccount user" - type: "string" - volume: - description: "volume is a string that references an already created Quobyte volume by name." - type: "string" - required: - - "registry" - - "volume" - type: "object" - rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - image: - description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - keyring: - description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - monitors: - description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" - pool: - description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "boolean" - secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - required: - - "image" - - "monitors" - type: "object" - scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." - type: "string" - gateway: - description: "gateway is the host address of the ScaleIO API Gateway." - type: "string" - protectionDomain: - description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - sslEnabled: - description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" - type: "boolean" - storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." - type: "string" - storagePool: - description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." - type: "string" - system: - description: "system is the name of the storage system as configured in ScaleIO." - type: "string" - volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." - type: "string" - required: - - "gateway" - - "secretRef" - - "system" - type: "object" - secret: - description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - properties: - defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." + x-kubernetes-list-type: "atomic" + maxSkew: + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" - items: - description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - optional: - description: "optional field specify whether the Secret or its keys must be defined" - type: "boolean" - secretName: - description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - type: "string" - type: "object" - storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." - type: "string" - volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." - type: "string" - type: "object" - vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + minDomains: + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + format: "int32" + type: "integer" + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" - storagePolicyID: - description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" - storagePolicyName: - description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." + topologyKey: + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" - volumePath: - description: "volumePath is the path that identifies vSphere volume vmdk" + whenUnsatisfiable: + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - - "volumePath" + - "maxSkew" + - "topologyKey" + - "whenUnsatisfiable" type: "object" - required: - - "name" - type: "object" - type: "array" + type: "array" + type: "object" required: - "name" type: "object" @@ -2750,7 +1864,7 @@ spec: type: "array" type: "object" serviceAccountName: - description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nDefaults:\nIf not specified, KubeBlocks automatically assigns a default ServiceAccount named \"kb-{cluster.name}\",\nbound to a default role defined during KubeBlocks installation.\n\n\nFuture Changes:\nFuture versions might change the default ServiceAccount creation strategy to one per Component,\npotentially revising the naming to \"kb-{cluster.name}-{component.name}\".\n\n\nUsers can override the automatic ServiceAccount assignment by explicitly setting the name of\nan existed ServiceAccount in this field." + description: "Specifies the name of the ServiceAccount required by the running Component.\nThis ServiceAccount is used to grant necessary permissions for the Component's Pods to interact\nwith other Kubernetes resources, such as modifying Pod labels or sending events.\n\n\nIf not specified, KubeBlocks automatically creates a default ServiceAccount named\n\"kb-{componentdefinition.name}\", bound to a role with rules defined in ComponentDefinition's\n`policyRules` field. If needed (currently this means if any lifecycleAction is enabled),\nit will also be bound to a default role named\n\"kubeblocks-cluster-pod-role\", which is installed together with KubeBlocks.\nIf multiple components use the same ComponentDefinition, they will share one ServiceAccount.\n\n\nIf the field is not empty, the specified ServiceAccount will be used, and KubeBlocks will not\ncreate a ServiceAccount. But KubeBlocks does create RoleBindings for the specified ServiceAccount." type: "string" serviceRefs: description: "Defines a list of ServiceRef for a Component, enabling access to both external services and\nServices provided by other Clusters.\n\n\nTypes of services:\n\n\n- External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator;\n Require a ServiceDescriptor for connection details.\n- Services provided by a Cluster: Managed by the same KubeBlocks operator;\n identified using Cluster, Component and Service names.\n\n\nServiceRefs with identical `serviceRef.name` in the same Cluster are considered the same.\n\n\nExample:\n```yaml\nserviceRefs:\n - name: \"redis-sentinel\"\n serviceDescriptor:\n name: \"external-redis-sentinel\"\n - name: \"postgres-cluster\"\n clusterServiceSelector:\n cluster: \"my-postgres-cluster\"\n service:\n component: \"postgresql\"\n```\nThe example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster." @@ -2825,7 +1939,7 @@ spec: maxLength: 32 type: "string" services: - description: "Overrides Services defined in referenced ComponentDefinition and exposes endpoints that can be accessed by clients." + description: "Overrides Services defined in referenced ComponentDefinition." items: description: "ComponentService defines a service that would be exposed as an inter-component service within a Cluster.\nA Service defined in the ComponentService is expected to be accessed by other Components within the same Cluster.\n\n\nWhen a Component needs to use a ComponentService provided by another Component within the same Cluster,\nit can declare a variable in the `componentDefinition.spec.vars` section and bind it to the specific exposed address\nof the ComponentService using the `serviceVarRef` field." properties: @@ -2976,6 +2090,25 @@ spec: - "name" type: "object" type: "array" + sidecars: + description: "Specifies the sidecars to be injected into the Component." + items: + properties: + name: + description: "Name specifies the unique name of the sidecar.\n\n\nThe name will be used as the name of the sidecar container in the Pod." + type: "string" + owner: + description: "Specifies the exact component definition that the sidecar belongs to.\n\n\nA sidecar will be updated when the owner component definition is updated only." + type: "string" + sidecarDef: + description: "Specifies the sidecar definition CR to be used to create the sidecar." + type: "string" + required: + - "name" + - "owner" + - "sidecarDef" + type: "object" + type: "array" stop: description: "Stop the Component.\nIf set, all the computing resources will be released." type: "boolean" @@ -2983,6 +2116,10 @@ spec: description: "Overrides system accounts defined in referenced ComponentDefinition." items: properties: + disabled: + default: false + description: "Specifies whether the system account is disabled." + type: "boolean" name: description: "The name of the system account." type: "string" @@ -3023,7 +2160,7 @@ spec: type: "string" type: "object" secretRef: - description: "Refers to the secret from which data will be copied to create the new account.\n\n\nThis field is immutable once set." + description: "Refers to the secret from which data will be copied to create the new account.\n\n\nFor user-specified passwords, the maximum length is limited to 64 bytes.\n\n\nThis field is immutable once set." properties: name: description: "The unique identifier of the secret." @@ -3031,6 +2168,10 @@ spec: namespace: description: "The namespace where the secret is located." type: "string" + password: + default: "password" + description: "The key in the secret data that contains the password." + type: "string" required: - "name" - "namespace" @@ -3039,6 +2180,14 @@ spec: - "name" type: "object" type: "array" + terminationPolicy: + default: "Delete" + description: "Specifies the behavior when a Component is deleted." + enum: + - "DoNotTerminate" + - "Delete" + - "WipeOut" + type: "string" tlsConfig: description: "Specifies the TLS configuration for the Component, including:\n\n\n- A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) for secure communication.\n- An optional field that specifies the configuration for the TLS certificates issuer when TLS is enabled.\n It allows defining the issuer name and the reference to the secret containing the TLS certificates and key.\n\t The secret should contain the CA certificate, TLS certificate, and private key in the specified keys." properties: @@ -3075,6 +2224,9 @@ spec: name: description: "Name of the Secret that contains user-provided certificates." type: "string" + namespace: + description: "The namespace where the secret is located.\nIf not provided, the secret is assumed to be in the same namespace as the Cluster object." + type: "string" required: - "ca" - "cert" @@ -3089,6 +2241,16 @@ spec: description: "Specifies a list of PersistentVolumeClaim templates that define the storage requirements for the Component.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for the Component." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" @@ -3127,6 +2289,9 @@ spec: storageClassName: description: "The name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1." type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\n\n\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass" + type: "string" volumeMode: description: "Defines what type of volume is required by the claim, either Block or Filesystem." type: "string" @@ -4201,12 +3366,13 @@ spec: format: "int64" type: "integer" phase: - description: "Indicates the current phase of the Component, with each phase indicating specific conditions:\n\n\n- Creating: The initial phase for new Components, transitioning from 'empty'(\"\").\n- Running: All Pods are up-to-date and in a Running state.\n- Updating: The Component is currently being updated, with no failed Pods present.\n- Failed: A significant number of Pods have failed.\n- Stopping: All Pods are being terminated, with current replica count at zero.\n- Stopped: All associated Pods have been successfully deleted.\n- Deleting: The Component is being deleted." + description: "Indicates the current phase of the Component, with each phase indicating specific conditions:\n\n\n- Creating: The initial phase for new Components, transitioning from 'empty'(\"\").\n- Running: All Pods are up-to-date and in a Running state.\n- Updating: The Component is currently being updated, with no failed Pods present.\n- Failed: A significant number of Pods have failed.\n- Stopping: All Pods are being terminated, with current replica count at zero.\n- Stopped: All associated Pods have been successfully deleted.\n- Starting: Pods are being started.\n- Deleting: The Component is being deleted." enum: - "Creating" - "Deleting" - "Updating" - "Stopping" + - "Starting" - "Running" - "Stopped" - "Failed" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml index 4eeb7bfb1..e46fabb0c 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml @@ -5298,6 +5298,9 @@ spec: roleProbe: description: "Defines the method used to probe a role." properties: + builtinHandlerName: + description: "Specifies the builtin handler name to use to probe the role of the main container.\nAvailable handlers include: mysql, postgres, mongodb, redis, etcd, kafka.\nUse CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement." + type: "string" customHandler: description: "Defines a custom method for role probing.\nActions defined here are executed in series.\nUpon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles.\nThe latest [BusyBox](https://busybox.net/) image will be used if Image is not configured.\nEnvironment variables can be used in Command:\n- v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix\n- KB_ITS_USERNAME: username part of the credential\n- KB_ITS_PASSWORD: password part of the credential" items: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml index 3284f00cf..0d78891ab 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml @@ -100,6 +100,13 @@ spec: default: false description: "Specifies whether automated backup is enabled for the Cluster." type: "boolean" + incrementalBackupEnabled: + default: false + description: "Specifies whether to enable incremental backup." + type: "boolean" + incrementalCronExpression: + description: "The cron expression for the incremental backup schedule. The timezone is in UTC. See https://en.wikipedia.org/wiki/Cron." + type: "string" method: description: "Specifies the backup method to use, as defined in backupPolicy." type: "string" @@ -1132,6 +1139,16 @@ spec: description: "Defines VolumeClaimTemplates to override.\nAdd new or override existing volume claim templates." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" @@ -3035,6 +3052,7 @@ spec: maxLength: 25 type: "string" podService: + default: false description: "Indicates whether to generate individual Services for each Pod.\nIf set to true, a separate Service will be created for each Pod in the Cluster." type: "boolean" serviceType: @@ -3209,7 +3227,6 @@ spec: mountPoint: description: "MountPoint is the filesystem path where the volume will be mounted." maxLength: 256 - pattern: "^/[a-z]([a-z0-9\\-]*[a-z0-9])?$" type: "string" name: description: "Name is the name of the referenced ConfigMap or Secret object. It must conform to DNS label standards." @@ -3242,7 +3259,6 @@ spec: mountPoint: description: "MountPoint is the filesystem path where the volume will be mounted." maxLength: 256 - pattern: "^/[a-z]([a-z0-9\\-]*[a-z0-9])?$" type: "string" name: description: "Name is the name of the referenced ConfigMap or Secret object. It must conform to DNS label standards." @@ -3300,6 +3316,16 @@ spec: description: "Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for the Component." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" @@ -6191,6 +6217,16 @@ spec: description: "Defines VolumeClaimTemplates to override.\nAdd new or override existing volume claim templates." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" @@ -8094,6 +8130,7 @@ spec: maxLength: 25 type: "string" podService: + default: false description: "Indicates whether to generate individual Services for each Pod.\nIf set to true, a separate Service will be created for each Pod in the Cluster." type: "boolean" serviceType: @@ -8268,7 +8305,6 @@ spec: mountPoint: description: "MountPoint is the filesystem path where the volume will be mounted." maxLength: 256 - pattern: "^/[a-z]([a-z0-9\\-]*[a-z0-9])?$" type: "string" name: description: "Name is the name of the referenced ConfigMap or Secret object. It must conform to DNS label standards." @@ -8301,7 +8337,6 @@ spec: mountPoint: description: "MountPoint is the filesystem path where the volume will be mounted." maxLength: 256 - pattern: "^/[a-z]([a-z0-9\\-]*[a-z0-9])?$" type: "string" name: description: "Name is the name of the referenced ConfigMap or Secret object. It must conform to DNS label standards." @@ -8359,6 +8394,16 @@ spec: description: "Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for the Component." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml index 28a7db755..b6d94fd24 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml @@ -208,7 +208,7 @@ spec: description: "Defines the procedure to generate a new database account.\n\n\nUse Case:\nThis action is designed to create system accounts that are utilized for replication, monitoring, backup,\nand other administrative tasks.\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -395,7 +395,7 @@ spec: description: "Defines the procedure for exporting the data from a replica.\n\n\nUse Case:\nThis action is intended for initializing a newly created replica with data. It involves exporting data\nfrom an existing replica and importing it into the new, empty replica. This is essential for synchronizing\nthe state of replicas across the system.\n\n\nApplicability:\nSome database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality.\nIn such cases, this action may not be required.\n\n\nThe output should be a valid data dump streamed to stdout. It must exclude any irrelevant information to ensure\nthat only the necessary data is exported for import into the new replica.\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -582,7 +582,7 @@ spec: description: "Defines the procedure for importing data into a replica.\n\n\nUse Case:\nThis action is intended for initializing a newly created replica with data. It involves exporting data\nfrom an existing replica and importing it into the new, empty replica. This is essential for synchronizing\nthe state of replicas across the system.\n\n\nSome database engines or associated sidecar applications (e.g., Patroni) may already provide this functionality.\nIn such cases, this action may not be required.\n\n\nData should be received through stdin. If any error occurs during the process,\nthe action must be able to guarantee idempotence to allow for retries from the beginning.\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -769,7 +769,7 @@ spec: description: "Defines the procedure to add a new replica to the replication group.\n\n\nThis action is initiated after a replica pod becomes ready.\n\n\nThe role of the replica (e.g., primary, secondary) will be determined and assigned as part of the action command\nimplementation, or automatically by the database kernel or a sidecar utility like Patroni that implements\na consensus algorithm.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n- KB_PRIMARY_POD_FQDN: The FQDN of the primary Pod within the replication group.\n- KB_MEMBER_ADDRESSES: A comma-separated list of Pod addresses for all replicas in the group.\n- KB_NEW_MEMBER_POD_NAME: The pod name of the replica being added to the group.\n- KB_NEW_MEMBER_POD_IP: The IP address of the replica being added to the group.\n\n\nExpected action output:\n- On Failure: An error message detailing the reason for any failure encountered\n during the addition of the new member.\n\n\nFor example, to add a new OBServer to an OceanBase Cluster in 'zone1', the following command may be used:\n\n\n```yaml\ncommand:\n- bash\n- -c\n- |\n ADDRESS=$(KB_MEMBER_ADDRESSES%%,*)\n HOST=$(echo $ADDRESS | cut -d ':' -f 1)\n PORT=$(echo $ADDRESS | cut -d ':' -f 2)\n CLIENT=\"mysql -u $KB_SERVICE_USER -p$KB_SERVICE_PASSWORD -P $PORT -h $HOST -e\"\n $CLIENT \"ALTER SYSTEM ADD SERVER '$KB_NEW_MEMBER_POD_IP:$KB_SERVICE_PORT' ZONE 'zone1'\"\n```\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -956,7 +956,7 @@ spec: description: "Defines the procedure to remove a replica from the replication group.\n\n\nThis action is initiated before remove a replica from the group.\nThe operator will wait for MemberLeave to complete successfully before releasing the replica and cleaning up\nrelated Kubernetes resources.\n\n\nThe process typically includes updating configurations and informing other group members about the removal.\nData migration is generally not part of this action and should be handled separately if needed.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n- KB_PRIMARY_POD_FQDN: The FQDN of the primary Pod within the replication group.\n- KB_MEMBER_ADDRESSES: A comma-separated list of Pod addresses for all replicas in the group.\n- KB_LEAVE_MEMBER_POD_NAME: The pod name of the replica being removed from the group.\n- KB_LEAVE_MEMBER_POD_IP: The IP address of the replica being removed from the group.\n\n\nExpected action output:\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nFor example, to remove an OBServer from an OceanBase Cluster in 'zone1', the following command can be executed:\n\n\n```yaml\ncommand:\n- bash\n- -c\n- |\n ADDRESS=$(KB_MEMBER_ADDRESSES%%,*)\n HOST=$(echo $ADDRESS | cut -d ':' -f 1)\n PORT=$(echo $ADDRESS | cut -d ':' -f 2)\n CLIENT=\"mysql -u $KB_SERVICE_USER -p$KB_SERVICE_PASSWORD -P $PORT -h $HOST -e\"\n $CLIENT \"ALTER SYSTEM DELETE SERVER '$KB_LEAVE_MEMBER_POD_IP:$KB_SERVICE_PORT' ZONE 'zone1'\"\n```\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -1143,7 +1143,7 @@ spec: description: "Specifies the hook to be executed after a component's creation.\n\n\nBy setting `postProvision.customHandler.preCondition`, you can determine the specific lifecycle stage\nat which the action should trigger: `Immediately`, `RuntimeReady`, `ComponentReady`, and `ClusterReady`.\nwith `ComponentReady` being the default.\n\n\nThe PostProvision Action is intended to run only once.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_CLUSTER_POD_IP_LIST: Comma-separated list of the cluster's pod IP addresses (e.g., \"podIp1,podIp2\").\n- KB_CLUSTER_POD_NAME_LIST: Comma-separated list of the cluster's pod names (e.g., \"pod1,pod2\").\n- KB_CLUSTER_POD_HOST_NAME_LIST: Comma-separated list of host names, each corresponding to a pod in\n KB_CLUSTER_POD_NAME_LIST (e.g., \"hostName1,hostName2\").\n- KB_CLUSTER_POD_HOST_IP_LIST: Comma-separated list of host IP addresses, each corresponding to a pod in\n KB_CLUSTER_POD_NAME_LIST (e.g., \"hostIp1,hostIp2\").\n\n\n- KB_CLUSTER_COMPONENT_POD_NAME_LIST: Comma-separated list of all pod names within the component\n (e.g., \"pod1,pod2\").\n- KB_CLUSTER_COMPONENT_POD_IP_LIST: Comma-separated list of pod IP addresses,\n matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., \"podIp1,podIp2\").\n- KB_CLUSTER_COMPONENT_POD_HOST_NAME_LIST: Comma-separated list of host names for each pod,\n matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., \"hostName1,hostName2\").\n- KB_CLUSTER_COMPONENT_POD_HOST_IP_LIST: Comma-separated list of host IP addresses for each pod,\n matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., \"hostIp1,hostIp2\").\n\n\n- KB_CLUSTER_COMPONENT_LIST: Comma-separated list of all cluster components (e.g., \"comp1,comp2\").\n- KB_CLUSTER_COMPONENT_DELETING_LIST: Comma-separated list of components that are currently being deleted\n (e.g., \"comp1,comp2\").\n- KB_CLUSTER_COMPONENT_UNDELETED_LIST: Comma-separated list of components that are not being deleted\n (e.g., \"comp1,comp2\").\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -1330,7 +1330,7 @@ spec: description: "Specifies the hook to be executed prior to terminating a component.\n\n\nThe PreTerminate Action is intended to run only once.\n\n\nThis action is executed immediately when a scale-down operation for the Component is initiated.\nThe actual termination and cleanup of the Component and its associated resources will not proceed\nuntil the PreTerminate action has completed successfully.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_CLUSTER_POD_IP_LIST: Comma-separated list of the cluster's pod IP addresses (e.g., \"podIp1,podIp2\").\n- KB_CLUSTER_POD_NAME_LIST: Comma-separated list of the cluster's pod names (e.g., \"pod1,pod2\").\n- KB_CLUSTER_POD_HOST_NAME_LIST: Comma-separated list of host names, each corresponding to a pod in\n KB_CLUSTER_POD_NAME_LIST (e.g., \"hostName1,hostName2\").\n- KB_CLUSTER_POD_HOST_IP_LIST: Comma-separated list of host IP addresses, each corresponding to a pod in\n KB_CLUSTER_POD_NAME_LIST (e.g., \"hostIp1,hostIp2\").\n\n\n- KB_CLUSTER_COMPONENT_POD_NAME_LIST: Comma-separated list of all pod names within the component\n (e.g., \"pod1,pod2\").\n- KB_CLUSTER_COMPONENT_POD_IP_LIST: Comma-separated list of pod IP addresses,\n matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., \"podIp1,podIp2\").\n- KB_CLUSTER_COMPONENT_POD_HOST_NAME_LIST: Comma-separated list of host names for each pod,\n matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., \"hostName1,hostName2\").\n- KB_CLUSTER_COMPONENT_POD_HOST_IP_LIST: Comma-separated list of host IP addresses for each pod,\n matching the order of pods in KB_CLUSTER_COMPONENT_POD_NAME_LIST (e.g., \"hostIp1,hostIp2\").\n\n\n- KB_CLUSTER_COMPONENT_LIST: Comma-separated list of all cluster components (e.g., \"comp1,comp2\").\n- KB_CLUSTER_COMPONENT_DELETING_LIST: Comma-separated list of components that are currently being deleted\n (e.g., \"comp1,comp2\").\n- KB_CLUSTER_COMPONENT_UNDELETED_LIST: Comma-separated list of components that are not being deleted\n (e.g., \"comp1,comp2\").\n\n\n- KB_CLUSTER_COMPONENT_IS_SCALING_IN: Indicates whether the component is currently scaling in.\n If this variable is present and set to \"true\", it denotes that the component is undergoing a scale-in operation.\n During scale-in, data rebalancing is necessary to maintain cluster integrity.\n Contrast this with a cluster deletion scenario where data rebalancing is not required as the entire cluster\n is being cleaned up.\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -1517,7 +1517,7 @@ spec: description: "Defines the procedure to switch a replica into the read-only state.\n\n\nUse Case:\nThis action is invoked when the database's volume capacity nears its upper limit and space is about to be exhausted.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_POD_FQDN: The FQDN of the replica pod whose role is being checked.\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n\n\nExpected action output:\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -1704,7 +1704,7 @@ spec: description: "Defines the procedure to transition a replica from the read-only state back to the read-write state.\n\n\nUse Case:\nThis action is used to bring back a replica that was previously in a read-only state,\nwhich restricted write operations, to its normal operational state where it can handle\nboth read and write operations.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_POD_FQDN: The FQDN of the replica pod whose role is being checked.\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n\n\nExpected action output:\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -1891,7 +1891,7 @@ spec: description: "Defines the procedure that update a replica with new configuration.\n\n\nNote: This field is immutable once it has been set.\n\n\nThis Action is reserved for future versions." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." @@ -2078,7 +2078,7 @@ spec: description: "Defines the procedure which is invoked regularly to assess the role of replicas.\n\n\nThis action is periodically triggered by Lorry at the specified interval to determine the role of each replica.\nUpon successful execution, the action's output designates the role of the replica,\nwhich should match one of the predefined role names within `componentDefinition.spec.roles`.\nThe output is then compared with the previous successful execution result.\nIf a role change is detected, an event is generated to inform the controller,\nwhich initiates an update of the replica's role.\n\n\nDefining a RoleProbe Action for a Component is required if roles are defined for the Component.\nIt ensures replicas are correctly labeled with their respective roles.\nWithout this, services that rely on roleSelectors might improperly direct traffic to wrong replicas.\n\n\nThe container executing this action has access to following environment variables:\n\n\n- KB_POD_FQDN: The FQDN of the Pod whose role is being assessed.\n- KB_SERVICE_PORT: The port used by the database service.\n- KB_SERVICE_USER: The username with the necessary permissions to interact with the database service.\n- KB_SERVICE_PASSWORD: The corresponding password for KB_SERVICE_USER to authenticate with the database service.\n\n\nExpected output of this action:\n- On Success: The determined role of the replica, which must align with one of the roles specified\n in the component definition.\n- On Failure: An error message, if applicable, indicating why the action failed.\n\n\nNote: This field is immutable once it has been set." properties: builtinHandler: - description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." + description: "Specifies the name of the predefined action handler to be invoked for lifecycle actions.\n\n\nLorry, as a sidecar agent co-located with the database container in the same Pod,\nincludes a suite of built-in action implementations that are tailored to different database engines.\nThese are known as \"builtin\" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`,\n`postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`.\n\n\nIf the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler\nto execute the specified lifecycle actions.\n\n\nThe `builtinHandler` field is of type `BuiltinActionHandlerType`,\nwhich represents the name of the built-in handler.\nThe `builtinHandler` specified within the same `ComponentLifecycleActions` should be consistent across all\nactions.\nThis means that if you specify a built-in handler for one action, you should use the same handler\nfor all other actions throughout the entire `ComponentLifecycleActions` collection.\n\n\nIf you need to define lifecycle actions for database engines not covered by the existing built-in support,\nor when the pre-existing built-in handlers do not meet your specific needs,\nyou can use the `customHandler` field to define your own action implementation.\n\n\nDeprecation Notice:\n\n\n- In the future, the `builtinHandler` field will be deprecated in favor of using the `customHandler` field\n for configuring all lifecycle actions.\n- Instead of using a name to indicate the built-in action implementations in Lorry,\n the recommended approach will be to explicitly invoke the desired action implementation through\n a gRPC interface exposed by the sidecar agent.\n- Developers will have the flexibility to either use the built-in action implementations provided by Lorry\n or develop their own sidecar agent to implement custom actions and expose them via gRPC interfaces.\n- This change will allow for greater customization and extensibility of lifecycle actions,\n as developers can create their own \"builtin\" implementations tailored to their specific requirements." type: "string" customHandler: description: "Specifies a user-defined hook or procedure that is called to perform the specific lifecycle action.\nIt offers a flexible and expandable approach for customizing the behavior of a Component by leveraging\ntailored actions.\n\n\nAn Action can be implemented as either an ExecAction or an HTTPAction, with future versions planning\nto support GRPCAction,\nthereby accommodating unique logic for different database systems within the Action's framework.\n\n\nIn future iterations, all built-in handlers are expected to transition to GRPCAction.\nThis change means that Lorry or other sidecar agents will expose the implementation of actions\nthrough a GRPC interface for external invocation.\nThen the controller will interact with these actions via GRPCAction calls." diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml index 30333e781..950b78d67 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml @@ -1022,6 +1022,16 @@ spec: description: "Defines VolumeClaimTemplates to override.\nAdd new or override existing volume claim templates." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" @@ -3150,6 +3160,16 @@ spec: description: "Specifies a list of PersistentVolumeClaim templates that define the storage requirements for the Component.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for the Component." items: properties: + annotations: + additionalProperties: + type: "string" + description: "Specifies the annotations for the PVC of the volume." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Specifies the labels for the PVC of the volume." + type: "object" name: description: "Refers to the name of a volumeMount defined in either:\n\n\n- `componentDefinition.spec.runtime.containers[*].volumeMounts`\n- `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated)\n\n\nThe value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array." type: "string" diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/actionsets.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/actionsets.yaml index a2ca34ef2..284024061 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/actionsets.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/actionsets.yaml @@ -217,6 +217,11 @@ spec: - "command" - "image" type: "object" + withParameters: + description: "Specifies the parameters used by the backup action" + items: + type: "string" + type: "array" type: "object" backupType: allOf: @@ -225,13 +230,15 @@ spec: - "Incremental" - "Differential" - "Continuous" + - "Selective" - enum: - "Full" - "Incremental" - "Differential" - "Continuous" + - "Selective" default: "Full" - description: "Specifies the backup type. Supported values include:\n\n\n- `Full` for a full backup.\n- `Incremental` back up data that have changed since the last backup (either full or incremental).\n- `Differential` back up data that has changed since the last full backup.\n- `Continuous` back up transaction logs continuously, such as MySQL binlog, PostgreSQL WAL, etc.\n\n\nContinuous backup is essential for implementing Point-in-Time Recovery (PITR)." + description: "Specifies the backup type. Supported values include:\n\n\n- `Full` for a full backup.\n- `Incremental` back up data that have changed since the last backup (either full or incremental).\n- `Differential` back up data that has changed since the last full backup.\n- `Continuous` back up transaction logs continuously, such as MySQL binlog, PostgreSQL WAL, etc.\n- `Selective` back up data more precisely, use custom parameters, such as specific databases or tables.\n\n\nContinuous backup is essential for implementing Point-in-Time Recovery (PITR)." type: "string" env: description: "Specifies a list of environment variables to be set in the container." @@ -351,6 +358,14 @@ spec: type: "object" type: "array" x-kubernetes-preserve-unknown-fields: true + parametersSchema: + description: "Specifies the schema of parameters in backups and restores before their usage." + properties: + openAPIV3Schema: + description: "Defines the schema for parameters using the OpenAPI v3.\nThe supported property types include:\n- string\n- number\n- integer\n- array: Note that only items of string type are supported." + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "object" restore: description: "Specifies the restore action." properties: @@ -442,6 +457,11 @@ spec: - "command" - "image" type: "object" + withParameters: + description: "Specifies the parameters used by the restore action" + items: + type: "string" + type: "array" type: "object" required: - "backupType" diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml index c13dde93e..2e2e4603b 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml @@ -60,6 +60,10 @@ spec: actionSetName: description: "Refers to the ActionSet object that defines the backup actions.\nFor volume snapshot backup, the actionSet is not required, the controller\nwill use the CSI volume snapshotter to create the snapshot." type: "string" + compatibleMethod: + description: "The name of the compatible full backup method, used by incremental backups." + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" env: description: "Specifies the environment variables for the backup workload." items: diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml index dfc341de5..2b58103d5 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml @@ -88,6 +88,28 @@ spec: default: "Delete" description: "Determines whether the backup contents stored in the backup repository\nshould be deleted when the backup custom resource(CR) is deleted.\nSupported values are `Retain` and `Delete`.\n\n\n- `Retain` means that the backup content and its physical snapshot on backup repository are kept.\n- `Delete` means that the backup content and its physical snapshot on backup repository are deleted.\n\n\nTODO: for the retain policy, we should support in the future for only deleting\n the backup CR but retaining the backup contents in backup repository.\n The current implementation only prevent accidental deletion of backup data." type: "string" + parameters: + description: "Specifies a list of name-value pairs representing parameters and their corresponding values.\nParameters match the schema specified in the `actionset.spec.parametersSchema`" + items: + properties: + name: + description: "Represents the name of the parameter." + type: "string" + value: + description: "Represents the parameter values." + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 128 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + x-kubernetes-validations: + - message: "forbidden to update spec.parameters" + rule: "self == oldSelf" parentBackupName: description: "Determines the parent backup name for incremental or differential backup." type: "string" @@ -101,6 +123,9 @@ spec: - "backupMethod" - "backupPolicyName" type: "object" + x-kubernetes-validations: + - message: "forbidden to update spec.parameters" + rule: "has(oldSelf.parameters) == has(self.parameters)" status: description: "BackupStatus defines the observed state of Backup." properties: @@ -209,6 +234,10 @@ spec: actionSetName: description: "Refers to the ActionSet object that defines the backup actions.\nFor volume snapshot backup, the actionSet is not required, the controller\nwill use the CSI volume snapshotter to create the snapshot." type: "string" + compatibleMethod: + description: "The name of the compatible full backup method, used by incremental backups." + pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" + type: "string" env: description: "Specifies the environment variables for the backup workload." items: @@ -703,6 +732,9 @@ spec: backupRepoName: description: "The name of the backup repository." type: "string" + baseBackupName: + description: "Records the base full backup name for incremental backup or differential backup.\nWhen the base backup is deleted, the backup will also be deleted." + type: "string" completionTimestamp: description: "Records the time when the backup operation was completed.\nThis timestamp is recorded even if the backup operation fails.\nThe server's time is used for this timestamp." format: "date-time" @@ -761,6 +793,9 @@ spec: kopiaRepoPath: description: "Records the path of the Kopia repository." type: "string" + parentBackupName: + description: "Records the parent backup name for incremental or differential backup.\nWhen the parent backup is deleted, the backup will also be deleted." + type: "string" path: description: "The directory within the backup repository where the backup data is stored.\nThis is an absolute path within the backup repository." type: "string" diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backupschedules.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backupschedules.yaml index bb27ac41d..34dc99649 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backupschedules.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backupschedules.yaml @@ -59,6 +59,28 @@ spec: enabled: description: "Specifies whether the backup schedule is enabled or not." type: "boolean" + name: + description: "Specifies the name of the schedule. Names cannot be duplicated.\nIf the name is empty, it will be considered the same as the value of the backupMethod below." + type: "string" + parameters: + description: "Specifies a list of name-value pairs representing parameters and their corresponding values.\nParameters match the schema specified in the `actionset.spec.parametersSchema`" + items: + properties: + name: + description: "Represents the name of the parameter." + type: "string" + value: + description: "Represents the parameter values." + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 128 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" retentionPeriod: default: "7d" description: "Determines the duration for which the backup should be kept.\nKubeBlocks will remove all backups that are older than the RetentionPeriod.\nFor example, RetentionPeriod of `30d` will keep only the backups of last 30 days.\nSample duration format:\n\n\n- years: \t2y\n- months: \t6mo\n- days: \t\t30d\n- hours: \t12h\n- minutes: \t30m\n\n\nYou can also combine the above durations. For example: 30d12h30m" diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml index 19b12745b..7c87a2523 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml @@ -201,6 +201,28 @@ spec: type: "object" type: "array" x-kubernetes-preserve-unknown-fields: true + parameters: + description: "Specifies a list of name-value pairs representing parameters and their corresponding values.\nParameters match the schema specified in the `actionset.spec.parametersSchema`" + items: + properties: + name: + description: "Represents the name of the parameter." + type: "string" + value: + description: "Represents the parameter values." + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 128 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + x-kubernetes-validations: + - message: "forbidden to update spec.parameters" + rule: "self == oldSelf" prepareDataConfig: description: "Configuration for the action of \"prepareData\" phase, including the persistent volume claims\nthat need to be restored and scheduling strategy of temporary recovery pod." properties: @@ -1493,6 +1515,9 @@ spec: required: - "backup" type: "object" + x-kubernetes-validations: + - message: "forbidden to update spec.parameters" + rule: "has(oldSelf.parameters) == has(self.parameters)" status: description: "RestoreStatus defines the observed state of Restore" properties: diff --git a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1/instancesets.yaml b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1/instancesets.yaml index e3b067ddd..dc124263f 100644 --- a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1/instancesets.yaml +++ b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1/instancesets.yaml @@ -51,165 +51,6 @@ spec: spec: description: "Defines the desired state of the state machine. It includes the configuration details for the state machine." properties: - credential: - description: "Credential used to connect to DB engine" - properties: - password: - description: "Represents the user's password for the credential.\nThe corresponding environment variable will be KB_ITS_PASSWORD." - properties: - value: - description: "Specifies the value of the environment variable. This field is optional and defaults to an empty string.\nThe value can include variable references in the format $(VAR_NAME) which will be expanded using previously defined environment variables in the container and any service environment variables.\n\n\nIf a variable cannot be resolved, the reference in the input string will remain unchanged.\nDouble $$ can be used to escape the $(VAR_NAME) syntax, resulting in a single $ and producing the string literal \"$(VAR_NAME)\".\nEscaped references will not be expanded, regardless of whether the variable exists or not." - type: "string" - valueFrom: - description: "Defines the source for the environment variable's value. This field is optional and cannot be used if the 'Value' field is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - username: - description: "Defines the user's name for the credential.\nThe corresponding environment variable will be KB_ITS_USERNAME." - properties: - value: - description: "Specifies the value of the environment variable. This field is optional and defaults to an empty string.\nThe value can include variable references in the format $(VAR_NAME) which will be expanded using previously defined environment variables in the container and any service environment variables.\n\n\nIf a variable cannot be resolved, the reference in the input string will remain unchanged.\nDouble $$ can be used to escape the $(VAR_NAME) syntax, resulting in a single $ and producing the string literal \"$(VAR_NAME)\".\nEscaped references will not be expanded, regardless of whether the variable exists or not." - type: "string" - valueFrom: - description: "Defines the source for the environment variable's value. This field is optional and cannot be used if the 'Value' field is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - required: - - "password" - - "username" - type: "object" defaultTemplateOrdinals: description: "Specifies the desired Ordinals of the default template.\nThe Ordinals used to specify the ordinal of the instance (pod) names to be generated under the default template.\n\n\nFor example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]},\nthen the instance names generated under the default template would be\n$(cluster.name)-$(component.name)-0、$(cluster.name)-$(component.name)-1 and $(cluster.name)-$(component.name)-7" properties: @@ -234,10 +75,36 @@ spec: type: "object" type: "array" type: "object" + instanceUpdateStrategy: + description: "Provides fine-grained control over the spec update process of all instances." + properties: + rollingUpdate: + description: "Specifies how the rolling update should be applied." + properties: + maxUnavailable: + anyOf: + - type: "integer" + - type: "string" + description: "The maximum number of instances that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. The field applies to all instances. That means if there is any unavailable pod,\nit will be counted towards MaxUnavailable." + x-kubernetes-int-or-string: true + replicas: + anyOf: + - type: "integer" + - type: "string" + description: "Indicates the number of instances that should be updated during a rolling update.\nThe remaining instances will remain untouched. This is helpful in defining how many instances\nshould participate in the update process.\nValue can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%).\nAbsolute number is calculated from percentage by rounding up.\nThe default value is ComponentSpec.Replicas (i.e., update all instances)." + x-kubernetes-int-or-string: true + type: "object" + type: + description: "Indicates the type of the update strategy.\nDefault is RollingUpdate." + enum: + - "RollingUpdate" + - "OnDelete" + type: "string" + type: "object" instances: description: "Overrides values in default Template.\n\n\nInstance is the fundamental unit managed by KubeBlocks.\nIt represents a Pod with additional objects such as PVCs, Services, ConfigMaps, etc.\nAn InstanceSet manages instances with a total count of Replicas,\nand by default, all these instances are generated from the same template.\nThe InstanceTemplate provides a way to override values in the default template,\nallowing the InstanceSet to manage instances from different templates.\n\n\nThe naming convention for instances (pods) based on the InstanceSet Name, InstanceTemplate Name, and ordinal.\nThe constructed instance name follows the pattern: $(instance_set.name)-$(template.name)-$(ordinal).\nBy default, the ordinal starts from 0 for each InstanceTemplate.\nIt is important to ensure that the Name of each InstanceTemplate is unique.\n\n\nThe sum of replicas across all InstanceTemplates should not exceed the total number of Replicas specified for the InstanceSet.\nAny remaining replicas will be generated using the default template and will follow the default naming rules." items: - description: "InstanceTemplate allows customization of individual replica configurations within a Component,\nwithout altering the base component template defined in ClusterComponentSpec.\nIt enables the application of distinct settings to specific instances (replicas),\nproviding flexibility while maintaining a common configuration baseline." + description: "InstanceTemplate allows customization of individual replica configurations in a Component." properties: annotations: additionalProperties: @@ -328,16 +195,13 @@ spec: - "name" type: "object" type: "array" - image: - description: "Specifies an override for the first container's image in the pod." - type: "string" labels: additionalProperties: type: "string" description: "Specifies a map of key-value pairs that will be merged into the Pod's existing labels.\nValues for existing keys will be overwritten, and new keys will be added." type: "object" name: - description: "Name specifies the unique name of the instance Pod created using this InstanceTemplate.\nThis name is constructed by concatenating the component's name, the template's name, and the instance's ordinal\nusing the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0.\nThe specified name overrides any default naming conventions or patterns." + description: "Name specifies the unique name of the instance Pod created using this InstanceTemplate.\nThis name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal\nusing the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0.\nThe specified name overrides any default naming conventions or patterns." maxLength: 54 pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" type: "string" @@ -367,7 +231,7 @@ spec: type: "object" replicas: default: 1 - description: "Specifies the number of instances (Pods) to create from this InstanceTemplate.\nThis field allows setting how many replicated instances of the component,\nwith the specific overrides in the InstanceTemplate, are created.\nThe default value is 1. A value of 0 disables instance creation." + description: "Specifies the number of instances (Pods) to create from this InstanceTemplate.\nThis field allows setting how many replicated instances of the Component,\nwith the specific overrides in the InstanceTemplate, are created.\nThe default value is 1. A value of 0 disables instance creation." format: "int32" minimum: 0.0 type: "integer" @@ -937,1361 +801,104 @@ spec: nodeSelector: additionalProperties: type: "string" - description: "NodeSelector is a selector which must be true for the Pod to fit on a node.\nSelector which must match a node's labels for the Pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" - type: "object" - x-kubernetes-map-type: "atomic" - schedulerName: - description: "If specified, the Pod will be dispatched by specified scheduler.\nIf not specified, the Pod will be dispatched by default scheduler." - type: "string" - tolerations: - description: "Allows Pods to be scheduled onto nodes with matching taints.\nEach toleration in the array allows the Pod to tolerate node taints based on\nspecified `key`, `value`, `effect`, and `operator`.\n\n\n- The `key`, `value`, and `effect` identify the taint that the toleration matches.\n- The `operator` determines how the toleration matches the taint.\n\n\nPods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes." - items: - description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." - properties: - effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." - type: "string" - key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." - type: "string" - operator: - description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." - type: "string" - tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." - format: "int64" - type: "integer" - value: - description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." - type: "string" - type: "object" - type: "array" - topologySpreadConstraints: - description: "TopologySpreadConstraints describes how a group of Pods ought to spread across topology\ndomains. Scheduler will schedule Pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." - items: - description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." - properties: - labelSelector: - description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." - format: "int32" - type: "integer" - minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." - format: "int32" - type: "integer" - nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." - type: "string" - whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." - type: "string" - required: - - "maxSkew" - - "topologyKey" - - "whenUnsatisfiable" - type: "object" - type: "array" - type: "object" - volumeClaimTemplates: - description: "Defines VolumeClaimTemplates to override.\nAdd new or override existing volume claim templates." - items: - description: "PersistentVolumeClaim is a user's request for and claim to a persistent volume" - properties: - apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" - type: "string" - kind: - description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" - type: "string" - metadata: - description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" - properties: - annotations: - additionalProperties: - type: "string" - type: "object" - finalizers: - items: - type: "string" - type: "array" - labels: - additionalProperties: - type: "string" - type: "object" - name: - type: "string" - namespace: - type: "string" - type: "object" - spec: - description: "spec defines the desired characteristics of a volume requested by a pod author.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - properties: - accessModes: - description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" - items: - type: "string" - type: "array" - dataSource: - description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - required: - - "kind" - - "name" - type: "object" - x-kubernetes-map-type: "atomic" - dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - namespace: - description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - type: "string" - required: - - "kind" - - "name" - type: "object" - resources: - description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" - properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - selector: - description: "selector is a label query over volumes to consider for binding." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" - type: "string" - volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." - type: "string" - volumeMode: - description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." - type: "string" - volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." - type: "string" - type: "object" - status: - description: "status represents the current information/status of a persistent volume claim.\nRead-only.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - properties: - accessModes: - description: "accessModes contains the actual access modes the volume backing the PVC has.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" - items: - type: "string" - type: "array" - allocatedResourceStatuses: - additionalProperties: - description: "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource\nthat it does not recognizes, then it should ignore that update and let other controllers\nhandle it." - type: "string" - description: "allocatedResourceStatuses stores status of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." - type: "object" - x-kubernetes-map-type: "granular" - allocatedResources: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered\nreserved and hence may not be used.\n\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\n\n\nA controller that receives PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid\nresources associated with PVC.\n\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." - type: "object" - capacity: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "capacity represents the actual resources of the underlying volume." - type: "object" - conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." - items: - description: "PersistentVolumeClaimCondition contains details about state of pvc" - properties: - lastProbeTime: - description: "lastProbeTime is the time we probed the condition." - format: "date-time" - type: "string" - lastTransitionTime: - description: "lastTransitionTime is the time the condition transitioned from one status to another." - format: "date-time" - type: "string" - message: - description: "message is the human-readable message indicating details about last transition." - type: "string" - reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." - type: "string" - status: - type: "string" - type: - description: "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type" - type: "string" - required: - - "status" - - "type" - type: "object" - type: "array" - currentVolumeAttributesClassName: - description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." - type: "string" - modifyVolumeStatus: - description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." - properties: - status: - description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." - type: "string" - targetVolumeAttributesClassName: - description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled" - type: "string" - required: - - "status" - type: "object" - phase: - description: "phase represents the current phase of PersistentVolumeClaim." - type: "string" - type: "object" - type: "object" - type: "array" - volumeMounts: - description: "Defines VolumeMounts to override.\nAdd new or override existing volume mounts of the first container in the pod." - items: - description: "VolumeMount describes a mounting of a Volume within a container." - properties: - mountPath: - description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." - type: "string" - mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." - type: "string" - name: - description: "This must match the Name of a Volume." - type: "string" - readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." - type: "boolean" - subPath: - description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." - type: "string" - subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." - type: "string" - required: - - "mountPath" - - "name" - type: "object" - type: "array" - volumes: - description: "Defines Volumes to override.\nAdd new or override existing volumes." - items: - description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." - properties: - awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." - format: "int32" - type: "integer" - readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "boolean" - volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "string" - required: - - "volumeID" - type: "object" - azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." - properties: - cachingMode: - description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." - type: "string" - diskName: - description: "diskName is the Name of the data disk in the blob storage" - type: "string" - diskURI: - description: "diskURI is the URI of data disk in the blob storage" - type: "string" - fsType: - description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - kind: - description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - required: - - "diskName" - - "diskURI" - type: "object" - azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." - properties: - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretName: - description: "secretName is the name of secret that contains Azure Storage Account Name and Key" - type: "string" - shareName: - description: "shareName is the azure share Name" - type: "string" - required: - - "secretName" - - "shareName" - type: "object" - cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" - properties: - monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - items: - type: "string" - type: "array" - path: - description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" - type: "string" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "boolean" - secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - required: - - "monitors" - type: "object" - cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "boolean" - secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeID: - description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - required: - - "volumeID" - type: "object" - configMap: - description: "configMap represents a configMap that should populate this volume" - properties: - defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." - properties: - driver: - description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." - type: "string" - fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." - type: "string" - nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - readOnly: - description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." - type: "boolean" - volumeAttributes: - additionalProperties: - type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." - type: "object" - required: - - "driver" - type: "object" - downwardAPI: - description: "downwardAPI represents downward API about the pod that should populate this volume" - properties: - defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "Items is a list of downward API volume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - properties: - medium: - description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - type: "string" - sizeLimit: - anyOf: - - type: "integer" - - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - type: "object" - ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." - properties: - metadata: - description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." - properties: - annotations: - additionalProperties: - type: "string" - type: "object" - finalizers: - items: - type: "string" - type: "array" - labels: - additionalProperties: - type: "string" - type: "object" - name: - type: "string" - namespace: - type: "string" - type: "object" - spec: - description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." - properties: - accessModes: - description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" - items: - type: "string" - type: "array" - dataSource: - description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - required: - - "kind" - - "name" - type: "object" - x-kubernetes-map-type: "atomic" - dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - namespace: - description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - type: "string" - required: - - "kind" - - "name" - type: "object" - resources: - description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" - properties: - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - selector: - description: "selector is a label query over volumes to consider for binding." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" - type: "string" - volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." - type: "string" - volumeMode: - description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." - type: "string" - volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." - type: "string" - type: "object" - required: - - "spec" - type: "object" - type: "object" - fc: - description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - lun: - description: "lun is Optional: FC target lun number" - format: "int32" - type: "integer" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - targetWWNs: - description: "targetWWNs is Optional: FC target worldwide names (WWNs)" - items: - type: "string" - type: "array" - wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." - items: - type: "string" - type: "array" - type: "object" - flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." - properties: - driver: - description: "driver is the name of the driver to use for this volume." - type: "string" - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." - type: "string" - options: - additionalProperties: - type: "string" - description: "options is Optional: this field holds extra command options if any." - type: "object" - readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "driver" - type: "object" - flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" - properties: - datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" - type: "string" - datasetUUID: - description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" - type: "string" - type: "object" - gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - properties: - fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - format: "int32" - type: "integer" - pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "boolean" - required: - - "pdName" - type: "object" - gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." - properties: - directory: - description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." - type: "string" - repository: - description: "repository is the URL" - type: "string" - revision: - description: "revision is the commit hash for the specified revision." - type: "string" - required: - - "repository" - type: "object" - glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" - properties: - endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - path: - description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "boolean" - required: - - "endpoints" - - "path" - type: "object" - hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." - properties: - path: - description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - type: - description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - required: - - "path" - type: "object" - iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" - properties: - chapAuthDiscovery: - description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" - type: "boolean" - chapAuthSession: - description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" - type: "boolean" - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." - type: "string" - iqn: - description: "iqn is the target iSCSI Qualified Name." - type: "string" - iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." - type: "string" - lun: - description: "lun represents iSCSI Target Lun number." - format: "int32" - type: "integer" - portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - items: - type: "string" - type: "array" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." - type: "boolean" - secretRef: - description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - type: "string" - required: - - "iqn" - - "lun" - - "targetPortal" - type: "object" - name: - description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - properties: - path: - description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "boolean" - server: - description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - required: - - "path" - - "server" - type: "object" - persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - properties: - claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - type: "string" - readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." - type: "boolean" - required: - - "claimName" - type: "object" - photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - pdID: - description: "pdID is the ID that identifies Photon Controller persistent disk" - type: "string" - required: - - "pdID" - type: "object" - portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - volumeID: - description: "volumeID uniquely identifies a Portworx volume" - type: "string" - required: - - "volumeID" - type: "object" - projected: - description: "projected items for all in one resources secrets, configmaps, and downward API" - properties: - defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - sources: - description: "sources is the list of volume projections" - items: - description: "Projection that may be projected along with other supported volume types" - properties: - clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." - properties: - labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." - type: "string" - optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." - type: "boolean" - path: - description: "Relative path from the volume root to write the bundle." - type: "string" - signerName: - description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." - type: "string" - required: - - "path" - type: "object" - configMap: - description: "configMap information about the configMap data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - downwardAPI: - description: "downwardAPI information about the downwardAPI data to project" - properties: - items: - description: "Items is a list of DownwardAPIVolume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - secret: - description: "secret information about the secret data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional field specify whether the Secret or its key must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - serviceAccountToken: - description: "serviceAccountToken is information about the serviceAccountToken data to project" - properties: - audience: - description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." - type: "string" - expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." - format: "int64" - type: "integer" - path: - description: "path is the path relative to the mount point of the file to project the\ntoken into." - type: "string" - required: - - "path" - type: "object" - type: "object" - type: "array" - type: "object" - quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" - properties: - group: - description: "group to map volume access to\nDefault is no group" - type: "string" - readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." - type: "boolean" - registry: - description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" - type: "string" - tenant: - description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" - type: "string" - user: - description: "user to map volume access to\nDefaults to serivceaccount user" - type: "string" - volume: - description: "volume is a string that references an already created Quobyte volume by name." - type: "string" - required: - - "registry" - - "volume" - type: "object" - rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - image: - description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - keyring: - description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - monitors: - description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - items: - type: "string" - type: "array" - pool: - description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "boolean" - secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - required: - - "image" - - "monitors" - type: "object" - scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "NodeSelector is a selector which must be true for the Pod to fit on a node.\nSelector which must match a node's labels for the Pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + x-kubernetes-map-type: "atomic" + schedulerName: + description: "If specified, the Pod will be dispatched by specified scheduler.\nIf not specified, the Pod will be dispatched by default scheduler." + type: "string" + tolerations: + description: "Allows Pods to be scheduled onto nodes with matching taints.\nEach toleration in the array allows the Pod to tolerate node taints based on\nspecified `key`, `value`, `effect`, and `operator`.\n\n\n- The `key`, `value`, and `effect` identify the taint that the toleration matches.\n- The `operator` determines how the toleration matches the taint.\n\n\nPods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." - type: "string" - gateway: - description: "gateway is the host address of the ScaleIO API Gateway." - type: "string" - protectionDomain: - description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - sslEnabled: - description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" - type: "boolean" - storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." - type: "string" - storagePool: - description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" - system: - description: "system is the name of the storage system as configured in ScaleIO." + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" - volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" - required: - - "gateway" - - "secretRef" - - "system" - type: "object" - secret: - description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - properties: - defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" type: "integer" - items: - description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - optional: - description: "optional field specify whether the Secret or its keys must be defined" - type: "boolean" - secretName: - description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" - storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + type: "array" + topologySpreadConstraints: + description: "TopologySpreadConstraints describes how a group of Pods ought to spread across topology\ndomains. Scheduler will schedule Pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." + items: + description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." + labelSelector: + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" type: "object" x-kubernetes-map-type: "atomic" - volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." - type: "string" - volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." - type: "string" - type: "object" - vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + maxSkew: + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." + format: "int32" + type: "integer" + minDomains: + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + format: "int32" + type: "integer" + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" - storagePolicyID: - description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" - storagePolicyName: - description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." + topologyKey: + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" - volumePath: - description: "volumePath is the path that identifies vSphere volume vmdk" + whenUnsatisfiable: + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - - "volumePath" + - "maxSkew" + - "topologyKey" + - "whenUnsatisfiable" type: "object" - required: - - "name" - type: "object" - type: "array" + type: "array" + type: "object" required: - "name" type: "object" @@ -2300,11 +907,11 @@ spec: - "name" x-kubernetes-list-type: "map" memberUpdateStrategy: - description: "Members(Pods) update strategy.\n\n\n- serial: update Members one by one that guarantee minimum component unavailable time.\n- bestEffortParallel: update Members in parallel that guarantee minimum component un-writable time.\n- parallel: force parallel" + description: "Members(Pods) update strategy.\n\n\n- serial: update Members one by one that guarantee minimum component unavailable time.\n- parallel: force parallel\n- bestEffortParallel: update Members in parallel that guarantee minimum component un-writable time." enum: - "Serial" - - "BestEffortParallel" - "Parallel" + - "BestEffortParallel" type: "string" membershipReconfiguration: description: "Provides actions to do membership dynamic reconfiguration." @@ -2385,6 +992,146 @@ spec: required: - "command" type: "object" + switchover: + description: "Defines the procedure for a controlled transition of a role to a new replica." + properties: + exec: + description: "Defines the command to run.\n\n\nThis field cannot be updated." + properties: + args: + description: "Args represents the arguments that are passed to the `command` for execution." + items: + type: "string" + type: "array" + command: + description: "Specifies the command to be executed inside the container.\nThe working directory for this command is the container's root directory('/').\nCommands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported.\nIf the shell is required, it must be explicitly invoked in the command.\n\n\nA successful execution is indicated by an exit status of 0; any non-zero status signifies a failure." + items: + type: "string" + type: "array" + container: + description: "Specifies the name of the container within the same pod whose resources will be shared with the action.\nThis allows the action to utilize the specified container's resources without executing within it.\n\n\nThe name must match one of the containers defined in `componentDefinition.spec.runtime`.\n\n\nThe resources that can be shared are included:\n\n\n- volume mounts\n\n\nThis field cannot be updated." + type: "string" + env: + description: "Represents a list of environment variables that will be injected into the container.\nThese variables enable the container to adapt its behavior based on the environment it's running in.\n\n\nThis field cannot be updated." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + image: + description: "Specifies the container image to be used for running the Action.\n\n\nWhen specified, a dedicated container will be created using this image to execute the Action.\nAll actions with same image will share the same container.\n\n\nThis field cannot be updated." + type: "string" + matchingKey: + description: "Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution.\nThe impact of this field depends on the `targetPodSelector` value:\n\n\n- When `targetPodSelector` is set to `Any` or `All`, this field will be ignored.\n- When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey`\n will be selected for the Action.\n\n\nThis field cannot be updated." + type: "string" + targetPodSelector: + description: "Defines the criteria used to select the target Pod(s) for executing the Action.\nThis is useful when there is no default target replica identified.\nIt allows for precise control over which Pod(s) the Action should run in.\n\n\nIf not specified, the Action will be executed in the pod where the Action is triggered, such as the pod\nto be removed or added; or a random pod if the Action is triggered at the component level, such as\npost-provision or pre-terminate of the component.\n\n\nThis field cannot be updated." + enum: + - "Any" + - "All" + - "Role" + - "Ordinal" + type: "string" + type: "object" + preCondition: + description: "Specifies the state that the cluster must reach before the Action is executed.\nCurrently, this is only applicable to the `postProvision` action.\n\n\nThe conditions are as follows:\n\n\n- `Immediately`: Executed right after the Component object is created.\n The readiness of the Component and its resources is not guaranteed at this stage.\n- `RuntimeReady`: The Action is triggered after the Component object has been created and all associated\n runtime resources (e.g. Pods) are in a ready state.\n- `ComponentReady`: The Action is triggered after the Component itself is in a ready state.\n This process does not affect the readiness state of the Component or the Cluster.\n- `ClusterReady`: The Action is executed after the Cluster is in a ready state.\n This execution does not alter the Component or the Cluster's state of readiness.\n\n\nThis field cannot be updated." + type: "string" + retryPolicy: + description: "Defines the strategy to be taken when retrying the Action after a failure.\n\n\nIt specifies the conditions under which the Action should be retried and the limits to apply,\nsuch as the maximum number of retries and backoff strategy.\n\n\nThis field cannot be updated." + properties: + maxRetries: + default: 0 + description: "Defines the maximum number of retry attempts that should be made for a given Action.\nThis value is set to 0 by default, indicating that no retries will be made." + type: "integer" + retryInterval: + default: 0 + description: "Indicates the duration of time to wait between each retry attempt.\nThis value is set to 0 by default, indicating that there will be no delay between retry attempts." + format: "int64" + type: "integer" + type: "object" + timeoutSeconds: + default: 0 + description: "Specifies the maximum duration in seconds that the Action is allowed to run.\n\n\nIf the Action does not complete within this time frame, it will be terminated.\n\n\nThis field cannot be updated." + format: "int32" + type: "integer" + type: "object" switchoverAction: description: "Specifies the environment variables that can be used in all following Actions:\n- KB_ITS_USERNAME: Represents the username part of the credential\n- KB_ITS_PASSWORD: Represents the password part of the credential\n- KB_ITS_LEADER_HOST: Represents the leader host\n- KB_ITS_TARGET_HOST: Represents the target host\n- KB_ITS_SERVICE_PORT: Represents the service port\n\n\nDefines the action to perform a switchover.\nIf the Image is not configured, the latest [BusyBox](https://busybox.net/) image will be used." properties: @@ -2437,94 +1184,25 @@ spec: format: "int32" minimum: 0.0 type: "integer" - roleProbe: - description: "Provides method to probe role." - properties: - customHandler: - description: "Defines a custom method for role probing.\nActions defined here are executed in series.\nUpon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles.\nThe latest [BusyBox](https://busybox.net/) image will be used if Image is not configured.\nEnvironment variables can be used in Command:\n- v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix\n- KB_ITS_USERNAME: username part of the credential\n- KB_ITS_PASSWORD: password part of the credential" - items: - properties: - args: - description: "Additional parameters used to perform specific statements. This field is optional." - items: - type: "string" - type: "array" - command: - description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required." - items: - type: "string" - type: "array" - image: - description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information." - type: "string" - required: - - "command" - type: "object" - type: "array" - failureThreshold: - default: 3 - description: "Specifies the minimum number of consecutive failures for the probe to be considered failed after having succeeded." - format: "int32" - minimum: 1.0 - type: "integer" - initialDelaySeconds: - default: 0 - description: "Specifies the number of seconds to wait after the container has started before initiating role probing." - format: "int32" - minimum: 0.0 - type: "integer" - periodSeconds: - default: 2 - description: "Specifies the frequency (in seconds) of probe execution." - format: "int32" - minimum: 1.0 - type: "integer" - roleUpdateMechanism: - default: "ReadinessProbeEventUpdate" - description: "Specifies the method for updating the pod role label." - enum: - - "ReadinessProbeEventUpdate" - - "DirectAPIServerEventUpdate" - type: "string" - successThreshold: - default: 1 - description: "Specifies the minimum number of consecutive successes for the probe to be considered successful after having failed." - format: "int32" - minimum: 1.0 - type: "integer" - timeoutSeconds: - default: 1 - description: "Specifies the number of seconds after which the probe times out." - format: "int32" - minimum: 1.0 - type: "integer" - type: "object" roles: - description: "A list of roles defined in the system." + description: "A list of roles defined in the system. Instanceset obtains role through pods' role label `kubeblocks.io/role`." items: + description: "ReplicaRole represents a role that can be assigned to a component instance, defining its behavior and responsibilities." properties: - accessMode: - default: "ReadWrite" - description: "Specifies the service capabilities of this member." - enum: - - "None" - - "Readonly" - - "ReadWrite" + name: + description: "Name defines the role's unique identifier. This value is used to set the \"apps.kubeblocks.io/role\" label\non the corresponding object to identify its role.\n\n\nFor example, common role names include:\n- \"leader\": The primary/master instance that handles write operations\n- \"follower\": Secondary/replica instances that replicate data from the leader\n- \"learner\": Read-only instances that don't participate in elections\n\n\nThis field is immutable once set." + maxLength: 32 + pattern: "^.*[^\\s]+.*$" type: "string" - canVote: - default: true - description: "Indicates if this member has voting rights." - type: "boolean" - isLeader: + participatesInQuorum: default: false - description: "Determines if this member is the leader." + description: "ParticipatesInQuorum indicates if pods with this role are counted when determining quorum.\nThis affects update strategies that need to maintain quorum for availability. Roles participate\nin quorum should have higher update priority than roles do not participate in quorum.\nThe default value is false.\n\n\nFor example, in a 5-pod component where:\n- 2 learner pods (participatesInQuorum=false)\n- 2 follower pods (participatesInQuorum=true)\n- 1 leader pod (participatesInQuorum=true)\nThe quorum size would be 3 (based on the 3 participating pods), allowing parallel updates\nof 2 learners and 1 follower while maintaining quorum.\n\n\nThis field is immutable once set." type: "boolean" - name: - default: "leader" - description: "Defines the role name of the replica." - type: "string" + updatePriority: + default: 0 + description: "UpdatePriority determines the order in which pods with different roles are updated.\nPods are sorted by this priority (higher numbers = higher priority) and updated accordingly.\nRoles with the highest priority will be updated last.\nThe default priority is 0.\n\n\nFor example:\n- Leader role may have priority 2 (updated last)\n- Follower role may have priority 1 (updated before leader)\n- Learner role may have priority 0 (updated first)\n\n\nThis field is immutable once set." + type: "integer" required: - - "accessMode" - "name" type: "object" type: "array" @@ -7020,26 +5698,10 @@ spec: - "containers" type: "object" type: "object" - updateStrategy: - description: "Indicates the StatefulSetUpdateStrategy that will be\nemployed to update Pods in the InstanceSet when a revision is made to\nTemplate.\nUpdateStrategy.Type will be set to appsv1.OnDeleteStatefulSetStrategyType if MemberUpdateStrategy is not nil\n\n\nNote: This field will be removed in future version." - properties: - rollingUpdate: - description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." - properties: - maxUnavailable: - anyOf: - - type: "integer" - - type: "string" - description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." - x-kubernetes-int-or-string: true - partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." - format: "int32" - type: "integer" - type: "object" - type: - description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." - type: "string" + templateVars: + additionalProperties: + type: "string" + description: "Provides variables which are used to call Actions." type: "object" volumeClaimTemplates: description: "Specifies a list of PersistentVolumeClaim templates that define the storage requirements for each replica.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for replicas upon their creation.\nThe final name of each PVC is generated by appending the pod's identifier to the name specified in volumeClaimTemplates[*].name." @@ -7350,28 +6012,20 @@ spec: role: description: "Defines the role of the replica in the cluster." properties: - accessMode: - default: "ReadWrite" - description: "Specifies the service capabilities of this member." - enum: - - "None" - - "Readonly" - - "ReadWrite" + name: + description: "Name defines the role's unique identifier. This value is used to set the \"apps.kubeblocks.io/role\" label\non the corresponding object to identify its role.\n\n\nFor example, common role names include:\n- \"leader\": The primary/master instance that handles write operations\n- \"follower\": Secondary/replica instances that replicate data from the leader\n- \"learner\": Read-only instances that don't participate in elections\n\n\nThis field is immutable once set." + maxLength: 32 + pattern: "^.*[^\\s]+.*$" type: "string" - canVote: - default: true - description: "Indicates if this member has voting rights." - type: "boolean" - isLeader: + participatesInQuorum: default: false - description: "Determines if this member is the leader." + description: "ParticipatesInQuorum indicates if pods with this role are counted when determining quorum.\nThis affects update strategies that need to maintain quorum for availability. Roles participate\nin quorum should have higher update priority than roles do not participate in quorum.\nThe default value is false.\n\n\nFor example, in a 5-pod component where:\n- 2 learner pods (participatesInQuorum=false)\n- 2 follower pods (participatesInQuorum=true)\n- 1 leader pod (participatesInQuorum=true)\nThe quorum size would be 3 (based on the 3 participating pods), allowing parallel updates\nof 2 learners and 1 follower while maintaining quorum.\n\n\nThis field is immutable once set." type: "boolean" - name: - default: "leader" - description: "Defines the role name of the replica." - type: "string" + updatePriority: + default: 0 + description: "UpdatePriority determines the order in which pods with different roles are updated.\nPods are sorted by this priority (higher numbers = higher priority) and updated accordingly.\nRoles with the highest priority will be updated last.\nThe default priority is 0.\n\n\nFor example:\n- Leader role may have priority 2 (updated last)\n- Follower role may have priority 1 (updated before leader)\n- Learner role may have priority 0 (updated first)\n\n\nThis field is immutable once set." + type: "integer" required: - - "accessMode" - "name" type: "object" required: @@ -7390,9 +6044,6 @@ spec: description: "readyReplicas is the number of instances created for this InstanceSet with a Ready Condition." format: "int32" type: "integer" - readyWithoutPrimary: - description: "Indicates whether it is required for the InstanceSet to have at least one primary instance ready." - type: "boolean" replicas: description: "replicas is the number of instances created by the InstanceSet controller." format: "int32" diff --git a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml index 6cdd3faa5..ad6d79aa6 100644 --- a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml +++ b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml @@ -2440,6 +2440,9 @@ spec: roleProbe: description: "Provides method to probe role." properties: + builtinHandlerName: + description: "Specifies the builtin handler name to use to probe the role of the main container.\nAvailable handlers include: mysql, postgres, mongodb, redis, etcd, kafka.\nUse CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement." + type: "string" customHandler: description: "Defines a custom method for role probing.\nActions defined here are executed in series.\nUpon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles.\nThe latest [BusyBox](https://busybox.net/) image will be used if Image is not configured.\nEnvironment variables can be used in Command:\n- v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix\n- KB_ITS_USERNAME: username part of the credential\n- KB_ITS_PASSWORD: password part of the credential" items: @@ -7265,25 +7268,25 @@ spec: type: "object" type: "object" updateStrategy: - description: "Indicates the StatefulSetUpdateStrategy that will be\nemployed to update Pods in the InstanceSet when a revision is made to\nTemplate.\nUpdateStrategy.Type will be set to appsv1.OnDeleteStatefulSetStrategyType if MemberUpdateStrategy is not nil\n\n\nNote: This field will be removed in future version." + description: "Indicates the StatefulSetUpdateStrategy that will be\nemployed to update Pods in the InstanceSet when a revision is made to\nTemplate.\n\n\nNote: This field will be removed in future version." properties: - rollingUpdate: - description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." - properties: - maxUnavailable: - anyOf: - - type: "integer" - - type: "string" - description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." - x-kubernetes-int-or-string: true - partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." - format: "int32" - type: "integer" - type: "object" - type: - description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." + maxUnavailable: + anyOf: + - type: "integer" + - type: "string" + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. The field applies to all pods. That means if there is any unavailable pod,\nit will be counted towards MaxUnavailable." + x-kubernetes-int-or-string: true + memberUpdateStrategy: + description: "Members(Pods) update strategy.\n\n\n- serial: update Members one by one that guarantee minimum component unavailable time.\n- bestEffortParallel: update Members in parallel that guarantee minimum component un-writable time.\n- parallel: force parallel" + enum: + - "Serial" + - "BestEffortParallel" + - "Parallel" type: "string" + partition: + description: "Partition indicates the number of pods that should be updated during a rolling update.\nThe remaining pods will remain untouched. This is helpful in defining how many pods\nshould participate in the update process. The update process will follow the order\nof pod names in descending lexicographical (dictionary) order. The default value is\nReplicas (i.e., update all pods)." + format: "int32" + type: "integer" type: "object" volumeClaimTemplates: description: "Specifies a list of PersistentVolumeClaim templates that define the storage requirements for each replica.\nEach template specifies the desired characteristics of a persistent volume, such as storage class,\nsize, and access modes.\nThese templates are used to dynamically provision persistent volumes for replicas upon their creation.\nThe final name of each PVC is generated by appending the pod's identifier to the name specified in volumeClaimTemplates[*].name." diff --git a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml index 3d840f1fb..26ab586cf 100644 --- a/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml +++ b/crd-catalog/application-stacks/runtime-component-operator/rc.app.stacks/v1/runtimecomponents.yaml @@ -4872,6 +4872,10 @@ spec: type: description: "Defines the type of status condition." type: "string" + unchangedConditionCount: + description: "The count of the number of reconciles the condition status type has not changed." + format: "int32" + type: "integer" type: "object" type: "array" x-kubernetes-list-type: "atomic" @@ -4897,6 +4901,10 @@ spec: description: "The generation identifier of this RuntimeComponent instance completely reconciled by the Operator." format: "int64" type: "integer" + reconcileInterval: + description: "The reconciliation interval in seconds." + format: "int32" + type: "integer" references: additionalProperties: type: "string" diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applications.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applications.yaml index 8f8d579b6..2b3535ecc 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applications.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applications.yaml @@ -96,6 +96,10 @@ spec: sync: description: "Sync contains parameters for the operation" properties: + autoHealAttemptsCount: + description: "SelfHealAttemptsCount contains the number of auto-heal attempts" + format: "int64" + type: "integer" dryRun: description: "DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync" type: "boolean" @@ -196,6 +200,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -212,6 +221,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -256,6 +271,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -286,6 +306,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -474,6 +497,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -490,6 +518,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -534,6 +568,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -564,6 +603,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -842,6 +884,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -858,6 +905,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -902,6 +955,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -932,6 +990,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -1120,6 +1181,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -1136,6 +1202,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -1180,6 +1252,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -1210,6 +1287,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -1528,6 +1608,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -1544,6 +1629,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -1588,6 +1679,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -1618,6 +1714,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -1806,6 +1905,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -1822,6 +1926,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -1866,6 +1976,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -1896,6 +2011,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -2090,6 +2208,10 @@ spec: sync: description: "Sync contains parameters for the operation" properties: + autoHealAttemptsCount: + description: "SelfHealAttemptsCount contains the number of auto-heal attempts" + format: "int64" + type: "integer" dryRun: description: "DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync" type: "boolean" @@ -2190,6 +2312,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -2206,6 +2333,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -2250,6 +2383,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -2280,6 +2418,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -2468,6 +2609,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -2484,6 +2630,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -2528,6 +2680,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -2558,6 +2715,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -2847,6 +3007,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -2863,6 +3028,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -2907,6 +3078,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -2937,6 +3113,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -3125,6 +3304,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -3141,6 +3325,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -3185,6 +3375,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -3215,6 +3410,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -3526,6 +3724,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -3542,6 +3745,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -3586,6 +3795,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -3616,6 +3830,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" @@ -3804,6 +4021,11 @@ spec: helm: description: "Helm holds helm specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" fileParameters: description: "FileParameters are file parameters to the helm template" items: @@ -3820,6 +4042,12 @@ spec: ignoreMissingValueFiles: description: "IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values" type: "boolean" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" + namespace: + description: "Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace." + type: "string" parameters: description: "Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation" items: @@ -3864,6 +4092,11 @@ spec: kustomize: description: "Kustomize holds kustomize specific options" properties: + apiVersions: + description: "APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default,\nArgo CD uses the API versions of the target cluster. The format is [group/]version/kind." + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -3894,6 +4127,9 @@ spec: description: "KustomizeImage represents a Kustomize image definition in the format [old_image_name=]:" type: "string" type: "array" + kubeVersion: + description: "KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD\nuses the Kubernetes version of the target cluster." + type: "string" labelWithoutSelector: description: "LabelWithoutSelector specifies whether to apply common labels to resource selectors or not" type: "boolean" diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml index d28e5e45d..4ffd5b10d 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/applicationsets.yaml @@ -51,11 +51,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -193,6 +195,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -204,6 +210,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -235,6 +245,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -257,6 +271,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -409,6 +425,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -420,6 +440,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -451,6 +475,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -473,6 +501,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -648,11 +678,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -785,6 +817,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -796,6 +832,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -827,6 +867,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -849,6 +893,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -1001,6 +1047,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -1012,6 +1062,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -1043,6 +1097,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -1065,6 +1123,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -1380,6 +1440,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -1391,6 +1455,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -1422,6 +1490,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -1444,6 +1516,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -1596,6 +1670,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -1607,6 +1685,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -1638,6 +1720,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -1660,6 +1746,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -1955,6 +2043,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -1966,6 +2058,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -1997,6 +2093,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -2019,6 +2119,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -2171,6 +2273,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -2182,6 +2288,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -2213,6 +2323,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -2235,6 +2349,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -2411,11 +2527,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2553,6 +2671,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -2564,6 +2686,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -2595,6 +2721,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -2617,6 +2747,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -2769,6 +2901,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -2780,6 +2916,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -2811,6 +2951,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -2833,6 +2977,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -3008,11 +3154,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3145,6 +3293,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -3156,6 +3308,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -3187,6 +3343,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -3209,6 +3369,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -3361,6 +3523,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -3372,6 +3538,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -3403,6 +3573,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -3425,6 +3599,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -3740,6 +3916,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -3751,6 +3931,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -3782,6 +3966,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -3804,6 +3992,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -3956,6 +4146,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -3967,6 +4161,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -3998,6 +4196,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -4020,6 +4222,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -4315,6 +4519,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -4326,6 +4534,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -4357,6 +4569,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -4379,6 +4595,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -4531,6 +4749,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -4542,6 +4764,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -4573,6 +4799,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -4595,6 +4825,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -4898,6 +5130,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -4909,6 +5145,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -4940,6 +5180,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -4962,6 +5206,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -5114,6 +5360,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -5125,6 +5375,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -5156,6 +5410,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -5178,6 +5436,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -5436,6 +5696,33 @@ spec: - "passwordRef" - "username" type: "object" + bearerToken: + properties: + tokenRef: + properties: + key: + type: "string" + secretName: + type: "string" + required: + - "key" + - "secretName" + type: "object" + required: + - "tokenRef" + type: "object" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" + insecure: + type: "boolean" project: type: "string" repo: @@ -5511,6 +5798,16 @@ spec: properties: api: type: "string" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" insecure: type: "boolean" labels: @@ -5663,6 +5960,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -5674,6 +5975,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -5705,6 +6010,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -5727,6 +6036,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -5879,6 +6190,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -5890,6 +6205,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -5921,6 +6240,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -5943,6 +6266,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -6191,6 +6516,33 @@ spec: - "passwordRef" - "username" type: "object" + bearerToken: + properties: + tokenRef: + properties: + key: + type: "string" + secretName: + type: "string" + required: + - "key" + - "secretName" + type: "object" + required: + - "tokenRef" + type: "object" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" + insecure: + type: "boolean" project: type: "string" required: @@ -6271,7 +6623,17 @@ spec: type: "boolean" api: type: "string" - group: + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" + group: type: "string" includeSharedProjects: type: "boolean" @@ -6423,6 +6785,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -6434,6 +6800,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -6465,6 +6835,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -6487,6 +6861,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -6639,6 +7015,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -6650,6 +7030,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -6681,6 +7065,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -6703,6 +7091,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -6874,11 +7264,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -7013,6 +7405,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -7024,6 +7420,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -7055,6 +7455,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -7077,6 +7481,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -7229,6 +7635,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -7240,6 +7650,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -7271,6 +7685,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -7293,6 +7711,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -7471,11 +7891,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -7613,6 +8035,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -7624,6 +8050,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -7655,6 +8085,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -7677,6 +8111,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -7829,6 +8265,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -7840,6 +8280,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -7871,6 +8315,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -7893,6 +8341,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -8068,11 +8518,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -8205,6 +8657,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -8216,6 +8672,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -8247,6 +8707,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -8269,6 +8733,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -8421,6 +8887,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -8432,6 +8902,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -8463,6 +8937,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -8485,6 +8963,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -8800,6 +9280,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -8811,6 +9295,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -8842,6 +9330,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -8864,6 +9356,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -9016,6 +9510,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -9027,6 +9525,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -9058,6 +9560,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -9080,6 +9586,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -9375,6 +9883,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -9386,6 +9898,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -9417,6 +9933,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -9439,6 +9959,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -9591,6 +10113,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -9602,6 +10128,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -9633,6 +10163,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -9655,6 +10189,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -9958,6 +10494,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -9969,6 +10509,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -10000,6 +10544,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -10022,6 +10570,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -10174,6 +10724,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -10185,6 +10739,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -10216,6 +10774,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -10238,6 +10800,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -10496,6 +11060,33 @@ spec: - "passwordRef" - "username" type: "object" + bearerToken: + properties: + tokenRef: + properties: + key: + type: "string" + secretName: + type: "string" + required: + - "key" + - "secretName" + type: "object" + required: + - "tokenRef" + type: "object" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" + insecure: + type: "boolean" project: type: "string" repo: @@ -10571,6 +11162,16 @@ spec: properties: api: type: "string" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" insecure: type: "boolean" labels: @@ -10723,6 +11324,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -10734,6 +11339,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -10765,6 +11374,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -10787,6 +11400,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -10939,6 +11554,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -10950,6 +11569,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -10981,6 +11604,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -11003,6 +11630,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -11251,6 +11880,33 @@ spec: - "passwordRef" - "username" type: "object" + bearerToken: + properties: + tokenRef: + properties: + key: + type: "string" + secretName: + type: "string" + required: + - "key" + - "secretName" + type: "object" + required: + - "tokenRef" + type: "object" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" + insecure: + type: "boolean" project: type: "string" required: @@ -11331,6 +11987,16 @@ spec: type: "boolean" api: type: "string" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" group: type: "string" includeSharedProjects: @@ -11483,6 +12149,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -11494,6 +12164,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -11525,6 +12199,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -11547,6 +12225,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -11699,6 +12379,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -11710,6 +12394,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -11741,6 +12429,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -11763,6 +12455,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -11934,11 +12628,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -12077,6 +12773,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -12088,6 +12788,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -12119,6 +12823,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -12141,6 +12849,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -12293,6 +13003,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -12304,6 +13018,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -12335,6 +13053,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -12357,6 +13079,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -12659,6 +13383,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -12670,6 +13398,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -12701,6 +13433,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -12723,6 +13459,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -12875,6 +13613,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -12886,6 +13628,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -12917,6 +13663,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -12939,6 +13689,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -13197,6 +13949,33 @@ spec: - "passwordRef" - "username" type: "object" + bearerToken: + properties: + tokenRef: + properties: + key: + type: "string" + secretName: + type: "string" + required: + - "key" + - "secretName" + type: "object" + required: + - "tokenRef" + type: "object" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" + insecure: + type: "boolean" project: type: "string" repo: @@ -13272,6 +14051,16 @@ spec: properties: api: type: "string" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" insecure: type: "boolean" labels: @@ -13424,6 +14213,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -13435,6 +14228,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -13466,6 +14263,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -13488,6 +14289,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -13640,6 +14443,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -13651,6 +14458,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -13682,6 +14493,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -13704,6 +14519,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -13952,6 +14769,33 @@ spec: - "passwordRef" - "username" type: "object" + bearerToken: + properties: + tokenRef: + properties: + key: + type: "string" + secretName: + type: "string" + required: + - "key" + - "secretName" + type: "object" + required: + - "tokenRef" + type: "object" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" + insecure: + type: "boolean" project: type: "string" required: @@ -14032,6 +14876,16 @@ spec: type: "boolean" api: type: "string" + caRef: + properties: + configMapName: + type: "string" + key: + type: "string" + required: + - "configMapName" + - "key" + type: "object" group: type: "string" includeSharedProjects: @@ -14184,6 +15038,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -14195,6 +15053,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -14226,6 +15088,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -14248,6 +15114,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -14400,6 +15268,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -14411,6 +15283,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -14442,6 +15318,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -14464,6 +15344,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -14635,11 +15517,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -14849,6 +15733,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -14860,6 +15748,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -14891,6 +15783,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -14913,6 +15809,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: @@ -15065,6 +15963,10 @@ spec: type: "object" helm: properties: + apiVersions: + items: + type: "string" + type: "array" fileParameters: items: properties: @@ -15076,6 +15978,10 @@ spec: type: "array" ignoreMissingValueFiles: type: "boolean" + kubeVersion: + type: "string" + namespace: + type: "string" parameters: items: properties: @@ -15107,6 +16013,10 @@ spec: type: "object" kustomize: properties: + apiVersions: + items: + type: "string" + type: "array" commonAnnotations: additionalProperties: type: "string" @@ -15129,6 +16039,8 @@ spec: items: type: "string" type: "array" + kubeVersion: + type: "string" labelWithoutSelector: type: "boolean" namePrefix: diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/appprojects.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/appprojects.yaml index 28e52e69b..1c538c867 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/appprojects.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/appprojects.yaml @@ -64,6 +64,25 @@ spec: description: description: "Description contains optional project description" type: "string" + destinationServiceAccounts: + description: "DestinationServiceAccounts holds information about the service accounts to be impersonated for the application sync operation for each destination." + items: + description: "ApplicationDestinationServiceAccount holds information about the service account to be impersonated for the application sync operation." + properties: + defaultServiceAccount: + description: "DefaultServiceAccount to be used for impersonation during the sync operation" + type: "string" + namespace: + description: "Namespace specifies the target namespace for the application's resources." + type: "string" + server: + description: "Server specifies the URL of the target cluster's Kubernetes control plane API." + type: "string" + required: + - "defaultServiceAccount" + - "server" + type: "object" + type: "array" destinations: description: "Destinations contains list of destinations available for deployment" items: diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml index 98f4d1162..6c565428d 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1alpha1/argocds.yaml @@ -806,6 +806,9 @@ spec: description: "Keys describes a custom set of SSH Known Hosts that you would like to\nhave included in your ArgoCD server." type: "string" type: "object" + installationID: + description: "InstallationID uniquely identifies an Argo CD instance in multi-instance clusters." + type: "string" kustomizeBuildOptions: description: "KustomizeBuildOptions is used to specify build options/parameters to use with `kustomize build`." type: "string" @@ -2178,7 +2181,7 @@ spec: description: "ServiceAccount defines the ServiceAccount user that you would like the Repo server to use" type: "string" sidecarContainers: - description: "SidecarContainers defines the list of sidecar containers for the repo server deployment" + description: "SidecarContainers defines the list of sidecar containers for the repo\nserver deployment. If the image field is omitted from a SidecarContainer,\nthe image for the repo server will be used." items: description: "A single application container that you want to run within a pod." properties: @@ -4630,6 +4633,50 @@ spec: applicationSetController: description: "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle.\nThere are four possible ApplicationSetController values:\nPending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state.\nFailed: At least one of the Argo CD applicationSet controller component Pods had a failure.\nUnknown: The state of the Argo CD applicationSet controller component could not be obtained." type: "string" + conditions: + description: "Conditions is an array of the ArgoCD's status conditions" + items: + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" host: description: "Host is the hostname of the Ingress." type: "string" diff --git a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml index cde934bf0..0d56767d7 100644 --- a/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml +++ b/crd-catalog/argoproj-labs/argocd-operator/argoproj.io/v1beta1/argocds.yaml @@ -2294,6 +2294,9 @@ spec: description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + respectRBAC: + description: "RespectRBAC restricts controller from discovering/syncing specific resources, Defaults is empty if not configured. Valid options are strict and normal." + type: "string" sharding: description: "Sharding contains the options for the Application Controller sharding configuration." properties: @@ -4390,6 +4393,9 @@ spec: description: "Keys describes a custom set of SSH Known Hosts that you would like to\nhave included in your ArgoCD server." type: "string" type: "object" + installationID: + description: "InstallationID uniquely identifies an Argo CD instance in multi-instance clusters." + type: "string" kustomizeBuildOptions: description: "KustomizeBuildOptions is used to specify build options/parameters to use with `kustomize build`." type: "string" @@ -5784,7 +5790,7 @@ spec: description: "ServiceAccount defines the ServiceAccount user that you would like the Repo server to use" type: "string" sidecarContainers: - description: "SidecarContainers defines the list of sidecar containers for the repo server deployment" + description: "SidecarContainers defines the list of sidecar containers for the repo\nserver deployment. If the image field is omitted from a SidecarContainer,\nthe image for the repo server will be used." items: description: "A single application container that you want to run within a pod." properties: @@ -10905,6 +10911,50 @@ spec: applicationSetController: description: "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle.\nThere are four possible ApplicationSetController values:\nPending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created.\nRunning: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state.\nFailed: At least one of the Argo CD applicationSet controller component Pods had a failure.\nUnknown: The state of the Argo CD applicationSet controller component could not be obtained." type: "string" + conditions: + description: "Conditions is an array of the ArgoCD's status conditions" + items: + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" host: description: "Host is the hostname of the Ingress." type: "string" diff --git a/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml b/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml index 310a35beb..59ba51271 100644 --- a/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml +++ b/crd-catalog/authzed/spicedb-operator/authzed.com/v1alpha1/spicedbclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "spicedbclusters.authzed.com" spec: group: "authzed.com" @@ -120,7 +120,7 @@ spec: conditions: description: "Conditions for the current state of the Stack." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -149,7 +149,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorities.yaml b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorities.yaml index bb9c29524..ddfcd9263 100644 --- a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorities.yaml +++ b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorities.yaml @@ -191,14 +191,20 @@ spec: type: "string" type: "object" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" keyStorageSecurityStandard: description: "Specifies a cryptographic key management compliance standard used for handling\nCA keys.\n\nDefault: FIPS_140_2_LEVEL_3_OR_HIGHER\n\nSome Amazon Web Services Regions do not support the default. When creating\na CA in these Regions, you must provide FIPS_140_2_LEVEL_2_OR_HIGHER as the\nargument for KeyStorageSecurityStandard. Failure to do this results in an\nInvalidArgsException with the message, \"A certificate authority cannot be\ncreated in this region with the specified security standard.\"\n\nFor information about security standard support in various Regions, see Storage\nand security compliance of Amazon Web Services Private CA private keys (https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys)." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" revocationConfiguration: - description: "Contains information to enable Online Certificate Status Protocol (OCSP)\nsupport, to enable a certificate revocation list (CRL), to enable both, or\nto enable neither. The default is for both certificate validation mechanisms\nto be disabled.\n\nThe following requirements apply to revocation configurations.\n\n * A configuration disabling CRLs or OCSP must contain only the Enabled=False\n parameter, and will fail if other parameters such as CustomCname or ExpirationInDays\n are included.\n\n * In a CRL configuration, the S3BucketName parameter must conform to Amazon\n S3 bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n\n * A configuration containing a custom Canonical Name (CNAME) parameter\n for CRLs or OCSP must conform to RFC2396 (https://www.ietf.org/rfc/rfc2396.txt)\n restrictions on the use of special characters in a CNAME.\n\n * In a CRL or OCSP configuration, the value of a CNAME parameter must\n not include a protocol prefix such as \"http://\" or \"https://\".\n\nFor more information, see the OcspConfiguration (https://docs.aws.amazon.com/privateca/latest/APIReference/API_OcspConfiguration.html)\nand CrlConfiguration (https://docs.aws.amazon.com/privateca/latest/APIReference/API_CrlConfiguration.html)\ntypes." + description: "Contains information to enable support for Online Certificate Status Protocol\n(OCSP), certificate revocation list (CRL), both protocols, or neither. By\ndefault, both certificate validation mechanisms are disabled.\n\nThe following requirements apply to revocation configurations.\n\n * A configuration disabling CRLs or OCSP must contain only the Enabled=False\n parameter, and will fail if other parameters such as CustomCname or ExpirationInDays\n are included.\n\n * In a CRL configuration, the S3BucketName parameter must conform to Amazon\n S3 bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).\n\n * A configuration containing a custom Canonical Name (CNAME) parameter\n for CRLs or OCSP must conform to RFC2396 (https://www.ietf.org/rfc/rfc2396.txt)\n restrictions on the use of special characters in a CNAME.\n\n * In a CRL or OCSP configuration, the value of a CNAME parameter must\n not include a protocol prefix such as \"http://\" or \"https://\".\n\nFor more information, see the OcspConfiguration (https://docs.aws.amazon.com/privateca/latest/APIReference/API_OcspConfiguration.html)\nand CrlConfiguration (https://docs.aws.amazon.com/privateca/latest/APIReference/API_CrlConfiguration.html)\ntypes." properties: crlConfiguration: - description: "Contains configuration information for a certificate revocation list (CRL).\nYour private certificate authority (CA) creates base CRLs. Delta CRLs are\nnot supported. You can enable CRLs for your new or an existing private CA\nby setting the Enabled parameter to true. Your private CA writes CRLs to\nan S3 bucket that you specify in the S3BucketName parameter. You can hide\nthe name of your bucket by specifying a value for the CustomCname parameter.\nYour private CA copies the CNAME or the S3 bucket name to the CRL Distribution\nPoints extension of each certificate it issues. Your S3 bucket policy must\ngive write permission to Amazon Web Services Private CA.\n\nAmazon Web Services Private CA assets that are stored in Amazon S3 can be\nprotected with encryption. For more information, see Encrypting Your CRLs\n(https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#crl-encryption).\n\nYour private CA uses the value in the ExpirationInDays parameter to calculate\nthe nextUpdate field in the CRL. The CRL is refreshed prior to a certificate's\nexpiration date or when a certificate is revoked. When a certificate is revoked,\nit appears in the CRL until the certificate expires, and then in one additional\nCRL after expiration, and it always appears in the audit report.\n\nA CRL is typically updated approximately 30 minutes after a certificate is\nrevoked. If for any reason a CRL update fails, Amazon Web Services Private\nCA makes further attempts every 15 minutes.\n\nCRLs contain the following fields:\n\n * Version: The current version number defined in RFC 5280 is V2. The integer\n value is 0x1.\n\n * Signature Algorithm: The name of the algorithm used to sign the CRL.\n\n * Issuer: The X.500 distinguished name of your private CA that issued\n the CRL.\n\n * Last Update: The issue date and time of this CRL.\n\n * Next Update: The day and time by which the next CRL will be issued.\n\n * Revoked Certificates: List of revoked certificates. Each list item contains\n the following information. Serial Number: The serial number, in hexadecimal\n format, of the revoked certificate. Revocation Date: Date and time the\n certificate was revoked. CRL Entry Extensions: Optional extensions for\n the CRL entry. X509v3 CRL Reason Code: Reason the certificate was revoked.\n\n * CRL Extensions: Optional extensions for the CRL. X509v3 Authority Key\n Identifier: Identifies the public key associated with the private key\n used to sign the certificate. X509v3 CRL Number:: Decimal sequence number\n for the CRL.\n\n * Signature Algorithm: Algorithm used by your private CA to sign the CRL.\n\n * Signature Value: Signature computed over the CRL.\n\nCertificate revocation lists created by Amazon Web Services Private CA are\nDER-encoded. You can use the following OpenSSL command to list a CRL.\n\nopenssl crl -inform DER -text -in crl_path -noout\n\nFor more information, see Planning a certificate revocation list (CRL) (https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html)\nin the Amazon Web Services Private Certificate Authority User Guide" + description: "Contains configuration information for a certificate revocation list (CRL).\nYour private certificate authority (CA) creates base CRLs. Delta CRLs are\nnot supported. You can enable CRLs for your new or an existing private CA\nby setting the Enabled parameter to true. Your private CA writes CRLs to\nan S3 bucket that you specify in the S3BucketName parameter. You can hide\nthe name of your bucket by specifying a value for the CustomCname parameter.\nYour private CA by default copies the CNAME or the S3 bucket name to the\nCRL Distribution Points extension of each certificate it issues. If you want\nto configure this default behavior to be something different, you can set\nthe CrlDistributionPointExtensionConfiguration parameter. Your S3 bucket\npolicy must give write permission to Amazon Web Services Private CA.\n\nAmazon Web Services Private CA assets that are stored in Amazon S3 can be\nprotected with encryption. For more information, see Encrypting Your CRLs\n(https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#crl-encryption).\n\nYour private CA uses the value in the ExpirationInDays parameter to calculate\nthe nextUpdate field in the CRL. The CRL is refreshed prior to a certificate's\nexpiration date or when a certificate is revoked. When a certificate is revoked,\nit appears in the CRL until the certificate expires, and then in one additional\nCRL after expiration, and it always appears in the audit report.\n\nA CRL is typically updated approximately 30 minutes after a certificate is\nrevoked. If for any reason a CRL update fails, Amazon Web Services Private\nCA makes further attempts every 15 minutes.\n\nCRLs contain the following fields:\n\n * Version: The current version number defined in RFC 5280 is V2. The integer\n value is 0x1.\n\n * Signature Algorithm: The name of the algorithm used to sign the CRL.\n\n * Issuer: The X.500 distinguished name of your private CA that issued\n the CRL.\n\n * Last Update: The issue date and time of this CRL.\n\n * Next Update: The day and time by which the next CRL will be issued.\n\n * Revoked Certificates: List of revoked certificates. Each list item contains\n the following information. Serial Number: The serial number, in hexadecimal\n format, of the revoked certificate. Revocation Date: Date and time the\n certificate was revoked. CRL Entry Extensions: Optional extensions for\n the CRL entry. X509v3 CRL Reason Code: Reason the certificate was revoked.\n\n * CRL Extensions: Optional extensions for the CRL. X509v3 Authority Key\n Identifier: Identifies the public key associated with the private key\n used to sign the certificate. X509v3 CRL Number:: Decimal sequence number\n for the CRL.\n\n * Signature Algorithm: Algorithm used by your private CA to sign the CRL.\n\n * Signature Value: Signature computed over the CRL.\n\nCertificate revocation lists created by Amazon Web Services Private CA are\nDER-encoded. You can use the following OpenSSL command to list a CRL.\n\nopenssl crl -inform DER -text -in crl_path -noout\n\nFor more information, see Planning a certificate revocation list (CRL) (https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html)\nin the Amazon Web Services Private Certificate Authority User Guide" properties: customCNAME: type: "string" @@ -235,9 +241,15 @@ spec: type: description: "The type of the certificate authority." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" usageMode: description: "Specifies whether the CA issues general-purpose certificates that typically\nrequire a revocation mechanism, or short-lived certificates that may optionally\nomit revocation because they expire quickly. Short-lived certificate validity\nis limited to seven days.\n\nThe default value is GENERAL_PURPOSE." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" required: - "certificateAuthorityConfiguration" - "type" @@ -265,7 +277,7 @@ spec: description: "The base64 PEM-encoded certificate signing request (CSR) for your private\nCA certificate." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml index 15cfcd393..735a8ba8d 100644 --- a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml +++ b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml @@ -45,9 +45,15 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" certificateAuthorityARN: description: "The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority\n(https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html).\nThis must be of the form:\n\narn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" certificateAuthorityRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -76,6 +82,9 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" completeCertificateChainOutput: description: "SecretKeyReference combines a k8s corev1.SecretReference with a\nspecific key within the referred-to Secret" properties: @@ -92,6 +101,9 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" status: type: "string" required: @@ -117,7 +129,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml index 0d2f83706..8e843e252 100644 --- a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml +++ b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml @@ -219,9 +219,15 @@ spec: type: "string" type: "object" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" certificateAuthorityARN: description: "The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority\n(https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html).\nThis must be of the form:\n\narn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" certificateAuthorityRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -250,8 +256,14 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" certificateSigningRequest: type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" certificateSigningRequestRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -267,9 +279,15 @@ spec: signingAlgorithm: description: "The name of the algorithm that will be used to sign the certificate to be\nissued.\n\nThis parameter should not be confused with the SigningAlgorithm parameter\nused to sign a CSR in the CreateCertificateAuthority action.\n\nThe specified signing algorithm family (RSA or ECDSA) must match the algorithm\nfamily of the CA's secret key." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" templateARN: description: "Specifies a custom configuration template to use when issuing a certificate.\nIf this parameter is not provided, Amazon Web Services Private CA defaults\nto the EndEntityCertificate/V1 template. For CA certificates, you should\nchoose the shortest path length that meets your needs. The path length is\nindicated by the PathLenN portion of the ARN, where N is the CA depth (https://docs.aws.amazon.com/privateca/latest/userguide/PcaTerms.html#terms-cadepth).\n\nNote: The CA depth configured on a subordinate CA certificate must not exceed\nthe limit set by its parents in the CA hierarchy.\n\nFor a list of TemplateArn values supported by Amazon Web Services Private\nCA, see Understanding Certificate Templates (https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html)." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" validity: description: "Information describing the end of the validity period of the certificate.\nThis parameter sets the “Not After” date for the certificate.\n\nCertificate validity is the period of time during which a certificate is\nvalid. Validity can be expressed as an explicit date and time when the certificate\nexpires, or as a span of time after issuance, stated in days, months, or\nyears. For more information, see Validity (https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5)\nin RFC 5280.\n\nThis value is unaffected when ValidityNotBefore is also specified. For example,\nif Validity is set to 20 days in the future, the certificate will expire\n20 days from issuance time regardless of the ValidityNotBefore value.\n\nThe end of the validity period configured on a certificate must not exceed\nthe limit set on its parents in the CA hierarchy." properties: @@ -279,6 +297,9 @@ spec: format: "int64" type: "integer" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" validityNotBefore: description: "Information describing the start of the validity period of the certificate.\nThis parameter sets the “Not Before\" date for the certificate.\n\nBy default, when issuing a certificate, Amazon Web Services Private CA sets\nthe \"Not Before\" date to the issuance time minus 60 minutes. This compensates\nfor clock inconsistencies across computer systems. The ValidityNotBefore\nparameter can be used to customize the “Not Before” value.\n\nUnlike the Validity parameter, the ValidityNotBefore parameter is optional.\n\nThe ValidityNotBefore value is expressed as an explicit date and time, using\nthe Validity type value ABSOLUTE. For more information, see Validity (https://docs.aws.amazon.com/privateca/latest/APIReference/API_Validity.html)\nin this API reference and Validity (https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5)\nin RFC 5280." properties: @@ -288,6 +309,9 @@ spec: format: "int64" type: "integer" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" required: - "signingAlgorithm" - "validity" @@ -312,7 +336,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/apis.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/apis.yaml index ff4daf82d..e87df40d8 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/apis.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/apis.yaml @@ -30,13 +30,16 @@ spec: description: "ApiSpec defines the desired state of Api.\n\nRepresents an API." properties: apiKeySelectionExpression: + description: "An API key selection expression. Supported only for WebSocket APIs. See API\nKey Selection Expressions (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions)." type: "string" basepath: + description: "Specifies how to interpret the base path of the API during import. Valid\nvalues are ignore, prepend, and split. The default value is ignore. To learn\nmore, see Set the OpenAPI basePath Property (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api-basePath.html).\nSupported only for HTTP APIs." type: "string" body: + description: "The OpenAPI definition. Supported only for HTTP APIs." type: "string" corsConfiguration: - description: "Represents a CORS configuration. Supported only for HTTP APIs. See Configuring\nCORS (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html)\nfor more information." + description: "A CORS configuration. Supported only for HTTP APIs. See Configuring CORS\n(https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html)\nfor more information." properties: allowCredentials: type: "boolean" @@ -66,30 +69,42 @@ spec: type: "integer" type: "object" credentialsARN: + description: "This property is part of quick create. It specifies the credentials required\nfor the integration, if any. For a Lambda integration, three options are\navailable. To specify an IAM Role for API Gateway to assume, use the role's\nAmazon Resource Name (ARN). To require that the caller's identity be passed\nthrough from the request, specify arn:aws:iam::*:user/*. To use resource-based\npermissions on supported AWS services, specify null. Currently, this property\nis not used for HTTP integrations. Supported only for HTTP APIs." type: "string" description: + description: "The description of the API." type: "string" disableExecuteAPIEndpoint: + description: "Specifies whether clients can invoke your API by using the default execute-api\nendpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com\nendpoint. To require that clients use a custom domain name to invoke your\nAPI, disable the default endpoint." type: "boolean" disableSchemaValidation: + description: "Avoid validating models when creating a deployment. Supported only for WebSocket\nAPIs." type: "boolean" failOnWarnings: + description: "Specifies whether to rollback the API creation when a warning is encountered.\nBy default, API creation continues if a warning is encountered." type: "boolean" name: + description: "The name of the API." type: "string" protocolType: + description: "The API protocol." type: "string" routeKey: + description: "This property is part of quick create. If you don't specify a routeKey, a\ndefault route of $default is created. The $default route acts as a catch-all\nfor any request made to your API, for a particular stage. The $default route\nkey can't be modified. You can add routes after creating the API, and you\ncan update the route keys of additional routes. Supported only for HTTP APIs." type: "string" routeSelectionExpression: + description: "The route selection expression for the API. For HTTP APIs, the routeSelectionExpression\nmust be ${request.method} ${request.path}. If not provided, this will be\nthe default for HTTP APIs. This property is required for WebSocket APIs." type: "string" tags: additionalProperties: type: "string" + description: "The collection of tags. Each tag element is associated with a given resource." type: "object" target: + description: "This property is part of quick create. Quick create produces an API with\nan integration, a default catch-all route, and a default stage which is configured\nto automatically deploy changes. For HTTP integrations, specify a fully qualified\nURL. For Lambda integrations, specify a function ARN. The type of the integration\nwill be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs." type: "string" version: + description: "A version identifier for the API." type: "string" type: "object" status: @@ -112,13 +127,16 @@ spec: - "region" type: "object" apiEndpoint: + description: "The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com.\nThe stage name is typically appended to this URI to form a complete path\nto a deployed API stage." type: "string" apiGatewayManaged: + description: "Specifies whether an API is managed by API Gateway. You can't update or delete\na managed API by using API Gateway. A managed API can be deleted only through\nthe tooling or service that created it." type: "boolean" apiID: + description: "The API ID." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -144,13 +162,16 @@ spec: type: "object" type: "array" createdDate: + description: "The timestamp when the API was created." format: "date-time" type: "string" importInfo: + description: "The validation information during API import. This may include particular\nproperties of your OpenAPI definition which are ignored during import. Supported\nonly for HTTP APIs." items: type: "string" type: "array" warnings: + description: "The warning messages reported when failonwarnings is turned on during API\nimport." items: type: "string" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml index 03570862d..e7a4aecf4 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml @@ -30,6 +30,7 @@ spec: description: "AuthorizerSpec defines the desired state of Authorizer.\n\nRepresents an authorizer." properties: apiID: + description: "The API identifier." type: "string" apiRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -44,23 +45,31 @@ spec: type: "object" type: "object" authorizerCredentialsARN: + description: "Specifies the required credentials as an IAM role for API Gateway to invoke\nthe authorizer. To specify an IAM role for API Gateway to assume, use the\nrole's Amazon Resource Name (ARN). To use resource-based permissions on the\nLambda function, don't specify this parameter. Supported only for REQUEST\nauthorizers." type: "string" authorizerPayloadFormatVersion: + description: "Specifies the format of the payload sent to an HTTP API Lambda authorizer.\nRequired for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0.\nTo learn more, see Working with AWS Lambda authorizers for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html)." type: "string" authorizerResultTTLInSeconds: + description: "The time to live (TTL) for cached authorizer results, in seconds. If it equals\n0, authorization caching is disabled. If it is greater than 0, API Gateway\ncaches authorizer responses. The maximum value is 3600, or 1 hour. Supported\nonly for HTTP API Lambda authorizers." format: "int64" type: "integer" authorizerType: + description: "The authorizer type. Specify REQUEST for a Lambda function using incoming\nrequest parameters. Specify JWT to use JSON Web Tokens (supported only for\nHTTP APIs)." type: "string" authorizerURI: + description: "The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers,\nthis must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations.\nIn general, the URI has this form: arn:aws:apigateway:{region}:lambda:path/{service_api}\n, where {region} is the same as the region hosting the Lambda function, path\nindicates that the remaining substring in the URI should be treated as the\npath to the resource, including the initial /. For Lambda functions, this\nis usually of the form /2015-03-31/functions/[FunctionARN]/invocations. Supported\nonly for REQUEST authorizers." type: "string" enableSimpleResponses: + description: "Specifies whether a Lambda authorizer returns a response in a simple format.\nBy default, a Lambda authorizer must return an IAM policy. If enabled, the\nLambda authorizer can return a boolean value instead of an IAM policy. Supported\nonly for HTTP APIs. To learn more, see Working with AWS Lambda authorizers\nfor HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html)" type: "boolean" identitySource: + description: "The identity source for which authorization is requested.\n\nFor a REQUEST authorizer, this is optional. The value is a set of one or\nmore mapping expressions of the specified request parameters. The identity\nsource can be headers, query string parameters, stage variables, and context\nparameters. For example, if an Auth header and a Name query string parameter\nare defined as identity sources, this value is route.request.header.Auth,\nroute.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection\nexpressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name.\nThese parameters are used to perform runtime validation for Lambda-based\nauthorizers by verifying all of the identity-related request parameters are\npresent in the request, not null, and non-empty. Only when this is true does\nthe authorizer invoke the authorizer Lambda function. Otherwise, it returns\na 401 Unauthorized response without calling the Lambda function. For HTTP\nAPIs, identity sources are also used as the cache key when caching is enabled.\nTo learn more, see Working with AWS Lambda authorizers for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html).\n\nFor JWT, a single entry that specifies where to extract the JSON Web Token\n(JWT) from inbound requests. Currently only header-based and query parameter-based\nselections are supported, for example $request.header.Authorization." items: type: "string" type: "array" identityValidationExpression: + description: "This parameter is not used." type: "string" jwtConfiguration: description: "Represents the configuration of a JWT authorizer. Required for the JWT authorizer\ntype. Supported only for HTTP APIs." @@ -74,6 +83,7 @@ spec: type: "string" type: "object" name: + description: "The name of the authorizer." type: "string" required: - "authorizerType" @@ -100,9 +110,10 @@ spec: - "region" type: "object" authorizerID: + description: "The authorizer identifier." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml index 19c6039dc..e1b776ca4 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml @@ -30,6 +30,7 @@ spec: description: "DeploymentSpec defines the desired state of Deployment.\n\nAn immutable representation of an API that can be called by users. A Deployment\nmust be associated with a Stage for it to be callable over the internet." properties: apiID: + description: "The API identifier." type: "string" apiRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -44,8 +45,10 @@ spec: type: "object" type: "object" description: + description: "The description for the deployment resource." type: "string" stageName: + description: "The name of the Stage resource for the Deployment resource to create." type: "string" type: "object" status: @@ -68,9 +71,10 @@ spec: - "region" type: "object" autoDeployed: + description: "Specifies whether a deployment was automatically released." type: "boolean" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -96,13 +100,17 @@ spec: type: "object" type: "array" createdDate: + description: "The date and time when the Deployment resource was created." format: "date-time" type: "string" deploymentID: + description: "The identifier for the deployment." type: "string" deploymentStatus: + description: "The status of the deployment: PENDING, FAILED, or SUCCEEDED." type: "string" deploymentStatusMessage: + description: "May contain additional feedback on the status of an API deployment." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml index 2618992f8..8cbbc4f6b 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml @@ -30,6 +30,7 @@ spec: description: "IntegrationSpec defines the desired state of Integration.\n\nRepresents an integration." properties: apiID: + description: "The API identifier." type: "string" apiRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -44,6 +45,7 @@ spec: type: "object" type: "object" connectionID: + description: "The ID of the VPC link for a private integration. Supported only for HTTP\nAPIs." type: "string" connectionRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -58,42 +60,57 @@ spec: type: "object" type: "object" connectionType: + description: "The type of the network connection to the integration endpoint. Specify INTERNET\nfor connections through the public routable internet or VPC_LINK for private\nconnections between API Gateway and resources in a VPC. The default value\nis INTERNET." type: "string" contentHandlingStrategy: + description: "Supported only for WebSocket APIs. Specifies how to handle response payload\ncontent type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT,\nwith the following behaviors:\n\nCONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string\nto the corresponding binary blob.\n\nCONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded\nstring.\n\nIf this property is not defined, the response payload will be passed through\nfrom the integration response to the route response or method response without\nmodification." type: "string" credentialsARN: + description: "Specifies the credentials required for the integration, if any. For AWS integrations,\nthree options are available. To specify an IAM Role for API Gateway to assume,\nuse the role's Amazon Resource Name (ARN). To require that the caller's identity\nbe passed through from the request, specify the string arn:aws:iam::*:user/*.\nTo use resource-based permissions on supported AWS services, specify null." type: "string" description: + description: "The description of the integration." type: "string" integrationMethod: + description: "Specifies the integration's HTTP method type." type: "string" integrationSubtype: + description: "Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service\naction to invoke. To learn more, see Integration subtype reference (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html)." type: "string" integrationType: + description: "The integration type of an integration. One of the following:\n\nAWS: for integrating the route or method request with an AWS service action,\nincluding the Lambda function-invoking action. With the Lambda function-invoking\naction, this is referred to as the Lambda custom integration. With any other\nAWS service action, this is known as AWS integration. Supported only for\nWebSocket APIs.\n\nAWS_PROXY: for integrating the route or method request with a Lambda function\nor other AWS service action. This integration is also referred to as a Lambda\nproxy integration.\n\nHTTP: for integrating the route or method request with an HTTP endpoint.\nThis integration is also referred to as the HTTP custom integration. Supported\nonly for WebSocket APIs.\n\nHTTP_PROXY: for integrating the route or method request with an HTTP endpoint,\nwith the client request passed through as-is. This is also referred to as\nHTTP proxy integration. For HTTP API private integrations, use an HTTP_PROXY\nintegration.\n\nMOCK: for integrating the route or method request with API Gateway as a \"loopback\"\nendpoint without invoking any backend. Supported only for WebSocket APIs." type: "string" integrationURI: + description: "For a Lambda integration, specify the URI of a Lambda function.\n\nFor an HTTP integration, specify a fully-qualified URL.\n\nFor an HTTP API private integration, specify the ARN of an Application Load\nBalancer listener, Network Load Balancer listener, or AWS Cloud Map service.\nIf you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances\nto identify resources. You can use query parameters to target specific resources.\nTo learn more, see DiscoverInstances (https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html).\nFor private integrations, all resources must be owned by the same AWS account." type: "string" passthroughBehavior: + description: "Specifies the pass-through behavior for incoming requests based on the Content-Type\nheader in the request, and the available mapping templates specified as the\nrequestTemplates property on the Integration resource. There are three valid\nvalues: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket\nAPIs.\n\nWHEN_NO_MATCH passes the request body for unmapped content types through\nto the integration backend without transformation.\n\nNEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type\nresponse.\n\nWHEN_NO_TEMPLATES allows pass-through when the integration has no content\ntypes mapped to templates. However, if there is at least one content type\ndefined, unmapped content types will be rejected with the same HTTP 415 Unsupported\nMedia Type response." type: "string" payloadFormatVersion: + description: "Specifies the format of the payload sent to an integration. Required for\nHTTP APIs." type: "string" requestParameters: additionalProperties: type: "string" + description: "For WebSocket APIs, a key-value map specifying request parameters that are\npassed from the method request to the backend. The key is an integration\nrequest parameter name and the associated value is a method request parameter\nvalue or static value that must be enclosed within single quotes and pre-encoded\nas required by the backend. The method request parameter value must match\nthe pattern of method.request.{location}.{name} , where {location} is querystring,\npath, or header; and {name} must be a valid and unique method request parameter\nname.\n\nFor HTTP API integrations with a specified integrationSubtype, request parameters\nare a key-value map specifying parameters that are passed to AWS_PROXY integrations.\nYou can provide static values, or map request data, stage variables, or context\nvariables that are evaluated at runtime. To learn more, see Working with\nAWS service integrations for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html).\n\nFor HTTP API integrations without a specified integrationSubtype request\nparameters are a key-value map specifying how to transform HTTP requests\nbefore sending them to the backend. The key should follow the pattern :.\nwhere action can be append, overwrite or remove. For values, you can provide\nstatic values, or map request data, stage variables, or context variables\nthat are evaluated at runtime. To learn more, see Transforming API requests\nand responses (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html)." type: "object" requestTemplates: additionalProperties: type: "string" + description: "Represents a map of Velocity templates that are applied on the request payload\nbased on the value of the Content-Type header sent by the client. The content\ntype value is the key in this map, and the template (as a String) is the\nvalue. Supported only for WebSocket APIs." type: "object" responseParameters: additionalProperties: additionalProperties: type: "string" type: "object" + description: "Supported only for HTTP APIs. You use response parameters to transform the\nHTTP response from a backend integration before returning the response to\nclients. Specify a key-value map from a selection key to response parameters.\nThe selection key must be a valid HTTP status code within the range of 200-599.\nResponse parameters are a key-value map. The key must match pattern :
.\nor overwrite.statuscode. The action can be append, overwrite or remove. The\nvalue can be a static value, or map to response data, stage variables, or\ncontext variables that are evaluated at runtime. To learn more, see Transforming\nAPI requests and responses (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html)." type: "object" templateSelectionExpression: + description: "The template selection expression for the integration." type: "string" timeoutInMillis: + description: "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and\nbetween 50 and 30,000 milliseconds for HTTP APIs. The default timeout is\n29 seconds for WebSocket APIs and 30 seconds for HTTP APIs." format: "int64" type: "integer" tlsConfig: @@ -126,9 +143,10 @@ spec: - "region" type: "object" apiGatewayManaged: + description: "Specifies whether an integration is managed by API Gateway. If you created\nan API using using quick create, the resulting integration is managed by\nAPI Gateway. You can update a managed integration, but you can't delete it." type: "boolean" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -154,8 +172,10 @@ spec: type: "object" type: "array" integrationID: + description: "Represents the identifier of an integration." type: "string" integrationResponseSelectionExpression: + description: "The integration response selection expression for the integration. Supported\nonly for WebSocket APIs. See Integration Response Selection Expressions (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-integration-response-selection-expressions)." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml index 45a0f23bc..a3ea452ff 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml @@ -30,8 +30,10 @@ spec: description: "RouteSpec defines the desired state of Route.\n\nRepresents a route." properties: apiID: + description: "The API identifier." type: "string" apiKeyRequired: + description: "Specifies whether an API key is required for the route. Supported only for\nWebSocket APIs." type: "boolean" apiRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -46,12 +48,15 @@ spec: type: "object" type: "object" authorizationScopes: + description: "The authorization scopes supported by this route." items: type: "string" type: "array" authorizationType: + description: "The authorization type for the route. For WebSocket APIs, valid values are\nNONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for\nusing a Lambda authorizer For HTTP APIs, valid values are NONE for open access,\nJWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and\nCUSTOM for using a Lambda authorizer." type: "string" authorizerID: + description: "The identifier of the Authorizer resource to be associated with this route.\nThe authorizer identifier is generated by API Gateway when you created the\nauthorizer." type: "string" authorizerRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -66,12 +71,15 @@ spec: type: "object" type: "object" modelSelectionExpression: + description: "The model selection expression for the route. Supported only for WebSocket\nAPIs." type: "string" operationName: + description: "The operation name for the route." type: "string" requestModels: additionalProperties: type: "string" + description: "The request models for the route. Supported only for WebSocket APIs." type: "object" requestParameters: additionalProperties: @@ -80,12 +88,16 @@ spec: required: type: "boolean" type: "object" + description: "The request parameters for the route. Supported only for WebSocket APIs." type: "object" routeKey: + description: "The route key for the route." type: "string" routeResponseSelectionExpression: + description: "The route response selection expression for the route. Supported only for\nWebSocket APIs." type: "string" target: + description: "The target for the route." type: "string" targetRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -122,9 +134,10 @@ spec: - "region" type: "object" apiGatewayManaged: + description: "Specifies whether a route is managed by API Gateway. If you created an API\nusing quick create, the $default route is managed by API Gateway. You can't\nmodify the $default route key." type: "boolean" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -150,6 +163,7 @@ spec: type: "object" type: "array" routeID: + description: "The route ID." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml index 0c615a957..0750bd1f6 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml @@ -30,7 +30,7 @@ spec: description: "StageSpec defines the desired state of Stage.\n\nRepresents an API stage." properties: accessLogSettings: - description: "Settings for logging access in a stage." + description: "Settings for logging access in this stage." properties: destinationARN: description: "Represents an Amazon Resource Name (ARN)." @@ -40,6 +40,7 @@ spec: type: "string" type: "object" apiID: + description: "The API identifier." type: "string" apiRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -54,11 +55,13 @@ spec: type: "object" type: "object" autoDeploy: + description: "Specifies whether updates to an API automatically trigger a new deployment.\nThe default value is false." type: "boolean" clientCertificateID: + description: "The identifier of a client certificate for a Stage. Supported only for WebSocket\nAPIs." type: "string" defaultRouteSettings: - description: "Represents a collection of route settings." + description: "The default route settings for the stage." properties: dataTraceEnabled: type: "boolean" @@ -74,6 +77,7 @@ spec: type: "number" type: "object" deploymentID: + description: "The deployment identifier of the API stage." type: "string" deploymentRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -88,6 +92,7 @@ spec: type: "object" type: "object" description: + description: "The description for the API stage." type: "string" routeSettings: additionalProperties: @@ -106,16 +111,20 @@ spec: throttlingRateLimit: type: "number" type: "object" + description: "Route settings for the stage, by routeKey." type: "object" stageName: + description: "The name of the stage." type: "string" stageVariables: additionalProperties: type: "string" + description: "A map that defines the stage variables for a Stage. Variable names can have\nalphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+." type: "object" tags: additionalProperties: type: "string" + description: "The collection of tags. Each tag element is associated with a given resource." type: "object" required: - "stageName" @@ -140,9 +149,10 @@ spec: - "region" type: "object" apiGatewayManaged: + description: "Specifies whether a stage is managed by API Gateway. If you created an API\nusing quick create, the $default stage is managed by API Gateway. You can't\nmodify the $default stage." type: "boolean" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -168,11 +178,14 @@ spec: type: "object" type: "array" createdDate: + description: "The timestamp when the stage was created." format: "date-time" type: "string" lastDeploymentStatusMessage: + description: "Describes the status of the last deployment of a stage. Supported only for\nstages with autoDeploy enabled." type: "string" lastUpdatedDate: + description: "The timestamp when the stage was last updated." format: "date-time" type: "string" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/vpclinks.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/vpclinks.yaml index 8262d7694..4661e00ac 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/vpclinks.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/vpclinks.yaml @@ -30,18 +30,22 @@ spec: description: "VpcLinkSpec defines the desired state of VpcLink.\n\nRepresents a VPC link." properties: name: + description: "The name of the VPC link." type: "string" securityGroupIDs: + description: "A list of security group IDs for the VPC link." items: type: "string" type: "array" subnetIDs: + description: "A list of subnet IDs to include in the VPC link." items: type: "string" type: "array" tags: additionalProperties: type: "string" + description: "A list of tags." type: "object" required: - "name" @@ -67,7 +71,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -93,15 +97,20 @@ spec: type: "object" type: "array" createdDate: + description: "The timestamp when the VPC link was created." format: "date-time" type: "string" vpcLinkID: + description: "The ID of the VPC link." type: "string" vpcLinkStatus: + description: "The status of the VPC link." type: "string" vpcLinkStatusMessage: + description: "A message summarizing the cause of the status of the VPC link." type: "string" vpcLinkVersion: + description: "The version of the VPC link." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalabletargets.yaml b/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalabletargets.yaml index dd3cab5a3..4e88df941 100644 --- a/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalabletargets.yaml +++ b/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalabletargets.yaml @@ -30,27 +30,27 @@ spec: description: "ScalableTargetSpec defines the desired state of ScalableTarget.\n\nRepresents a scalable target." properties: maxCapacity: - description: "The maximum value that you plan to scale out to. When a scaling policy is\nin effect, Application Auto Scaling can scale out (expand) as needed to the\nmaximum capacity limit in response to changing demand. This property is required\nwhen registering a new scalable target.\n\nAlthough you can specify a large maximum capacity, note that service quotas\nmay impose lower limits. Each service has its own default quotas for the\nmaximum capacity of the resource. If you want to specify a higher limit,\nyou can request an increase. For more information, consult the documentation\nfor that service. For information about the default quotas for each service,\nsee Service Endpoints and Quotas (https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html)\nin the Amazon Web Services General Reference." + description: "The maximum value that you plan to scale out to. When a scaling policy is\nin effect, Application Auto Scaling can scale out (expand) as needed to the\nmaximum capacity limit in response to changing demand. This property is required\nwhen registering a new scalable target.\n\nAlthough you can specify a large maximum capacity, note that service quotas\nmight impose lower limits. Each service has its own default quotas for the\nmaximum capacity of the resource. If you want to specify a higher limit,\nyou can request an increase. For more information, consult the documentation\nfor that service. For information about the default quotas for each service,\nsee Service endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html)\nin the Amazon Web Services General Reference." format: "int64" type: "integer" minCapacity: - description: "The minimum value that you plan to scale in to. When a scaling policy is\nin effect, Application Auto Scaling can scale in (contract) as needed to\nthe minimum capacity limit in response to changing demand. This property\nis required when registering a new scalable target.\n\nFor certain resources, the minimum value allowed is 0. This includes Lambda\nprovisioned concurrency, Spot Fleet, ECS services, Aurora DB clusters, EMR\nclusters, and custom resources. For all other resources, the minimum value\nallowed is 1." + description: "The minimum value that you plan to scale in to. When a scaling policy is\nin effect, Application Auto Scaling can scale in (contract) as needed to\nthe minimum capacity limit in response to changing demand. This property\nis required when registering a new scalable target.\n\nFor the following resources, the minimum value allowed is 0.\n\n * AppStream 2.0 fleets\n\n * Aurora DB clusters\n\n * ECS services\n\n * EMR clusters\n\n * Lambda provisioned concurrency\n\n * SageMaker endpoint variants\n\n * SageMaker inference components\n\n * SageMaker serverless endpoint provisioned concurrency\n\n * Spot Fleets\n\n * custom resources\n\nIt's strongly recommended that you specify a value greater than 0. A value\ngreater than 0 means that data points are continuously reported to CloudWatch\nthat scaling policies can use to scale on a metric like average CPU utilization.\n\nFor all other resources, the minimum allowed value depends on the type of\nresource that you are using. If you provide a value that is lower than what\na resource can accept, an error occurs. In which case, the error message\nwill provide the minimum value that the resource can accept." format: "int64" type: "integer" resourceID: - description: "The identifier of the resource that is associated with the scalable target.\nThis string consists of the resource type and unique identifier.\n\n * ECS service - The resource type is service and the unique identifier\n is the cluster name and service name. Example: service/default/sample-webapp.\n\n * Spot Fleet - The resource type is spot-fleet-request and the unique\n identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.\n\n * EMR cluster - The resource type is instancegroup and the unique identifier\n is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.\n\n * AppStream 2.0 fleet - The resource type is fleet and the unique identifier\n is the fleet name. Example: fleet/sample-fleet.\n\n * DynamoDB table - The resource type is table and the unique identifier\n is the table name. Example: table/my-table.\n\n * DynamoDB global secondary index - The resource type is index and the\n unique identifier is the index name. Example: table/my-table/index/my-table-index.\n\n * Aurora DB cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:my-db-cluster.\n\n * SageMaker endpoint variant - The resource type is variant and the unique\n identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.\n\n * Custom resources are not supported with a resource type. This parameter\n must specify the OutputValue from the CloudFormation template stack used\n to access the resources. The unique identifier is defined by the service\n provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource).\n\n * Amazon Comprehend document classification endpoint - The resource type\n and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.\n\n * Amazon Comprehend entity recognizer endpoint - The resource type and\n unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.\n\n * Lambda provisioned concurrency - The resource type is function and the\n unique identifier is the function name with a function version or alias\n name suffix that is not $LATEST. Example: function:my-function:prod or\n function:my-function:1.\n\n * Amazon Keyspaces table - The resource type is table and the unique identifier\n is the table name. Example: keyspace/mykeyspace/table/mytable.\n\n * Amazon MSK cluster - The resource type and unique identifier are specified\n using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.\n\n * Amazon ElastiCache replication group - The resource type is replication-group\n and the unique identifier is the replication group name. Example: replication-group/mycluster.\n\n * Neptune cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:mycluster." + description: "The identifier of the resource that is associated with the scalable target.\nThis string consists of the resource type and unique identifier.\n\n * ECS service - The resource type is service and the unique identifier\n is the cluster name and service name. Example: service/my-cluster/my-service.\n\n * Spot Fleet - The resource type is spot-fleet-request and the unique\n identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.\n\n * EMR cluster - The resource type is instancegroup and the unique identifier\n is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.\n\n * AppStream 2.0 fleet - The resource type is fleet and the unique identifier\n is the fleet name. Example: fleet/sample-fleet.\n\n * DynamoDB table - The resource type is table and the unique identifier\n is the table name. Example: table/my-table.\n\n * DynamoDB global secondary index - The resource type is index and the\n unique identifier is the index name. Example: table/my-table/index/my-table-index.\n\n * Aurora DB cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:my-db-cluster.\n\n * SageMaker endpoint variant - The resource type is variant and the unique\n identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.\n\n * Custom resources are not supported with a resource type. This parameter\n must specify the OutputValue from the CloudFormation template stack used\n to access the resources. The unique identifier is defined by the service\n provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource).\n\n * Amazon Comprehend document classification endpoint - The resource type\n and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.\n\n * Amazon Comprehend entity recognizer endpoint - The resource type and\n unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.\n\n * Lambda provisioned concurrency - The resource type is function and the\n unique identifier is the function name with a function version or alias\n name suffix that is not $LATEST. Example: function:my-function:prod or\n function:my-function:1.\n\n * Amazon Keyspaces table - The resource type is table and the unique identifier\n is the table name. Example: keyspace/mykeyspace/table/mytable.\n\n * Amazon MSK cluster - The resource type and unique identifier are specified\n using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.\n\n * Amazon ElastiCache replication group - The resource type is replication-group\n and the unique identifier is the replication group name. Example: replication-group/mycluster.\n\n * Neptune cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:mycluster.\n\n * SageMaker serverless endpoint - The resource type is variant and the\n unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.\n\n * SageMaker inference component - The resource type is inference-component\n and the unique identifier is the resource ID. Example: inference-component/my-inference-component.\n\n * Pool of WorkSpaces - The resource type is workspacespool and the unique\n identifier is the pool ID. Example: workspacespool/wspool-123456." type: "string" roleARN: - description: "This parameter is required for services that do not support service-linked\nroles (such as Amazon EMR), and it must specify the ARN of an IAM role that\nallows Application Auto Scaling to modify the scalable target on your behalf.\n\nIf the service supports service-linked roles, Application Auto Scaling uses\na service-linked role, which it creates if it does not yet exist. For more\ninformation, see Application Auto Scaling IAM roles (https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles)." + description: "This parameter is required for services that do not support service-linked\nroles (such as Amazon EMR), and it must specify the ARN of an IAM role that\nallows Application Auto Scaling to modify the scalable target on your behalf.\n\nIf the service supports service-linked roles, Application Auto Scaling uses\na service-linked role, which it creates if it does not yet exist. For more\ninformation, see How Application Auto Scaling works with IAM (https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html)." type: "string" scalableDimension: - description: "The scalable dimension associated with the scalable target. This string consists\nof the service namespace, resource type, and scaling property.\n\n * ecs:service:DesiredCount - The desired task count of an ECS service.\n\n * elasticmapreduce:instancegroup:InstanceCount - The instance count of\n an EMR Instance Group.\n\n * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot\n Fleet.\n\n * appstream:fleet:DesiredCapacity - The desired capacity of an AppStream\n 2.0 fleet.\n\n * dynamodb:table:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB table.\n\n * dynamodb:table:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB table.\n\n * dynamodb:index:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB global secondary index.\n\n * dynamodb:index:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB global secondary index.\n\n * rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora\n DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible\n edition.\n\n * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances\n for an SageMaker model endpoint variant.\n\n * custom-resource:ResourceType:Property - The scalable dimension for a\n custom resource provided by your own application or service.\n\n * comprehend:document-classifier-endpoint:DesiredInferenceUnits - The\n number of inference units for an Amazon Comprehend document classification\n endpoint.\n\n * comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number\n of inference units for an Amazon Comprehend entity recognizer endpoint.\n\n * lambda:function:ProvisionedConcurrency - The provisioned concurrency\n for a Lambda function.\n\n * cassandra:table:ReadCapacityUnits - The provisioned read capacity for\n an Amazon Keyspaces table.\n\n * cassandra:table:WriteCapacityUnits - The provisioned write capacity\n for an Amazon Keyspaces table.\n\n * kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB)\n for brokers in an Amazon MSK cluster.\n\n * elasticache:replication-group:NodeGroups - The number of node groups\n for an Amazon ElastiCache replication group.\n\n * elasticache:replication-group:Replicas - The number of replicas per\n node group for an Amazon ElastiCache replication group.\n\n * neptune:cluster:ReadReplicaCount - The count of read replicas in an\n Amazon Neptune DB cluster." + description: "The scalable dimension associated with the scalable target. This string consists\nof the service namespace, resource type, and scaling property.\n\n * ecs:service:DesiredCount - The task count of an ECS service.\n\n * elasticmapreduce:instancegroup:InstanceCount - The instance count of\n an EMR Instance Group.\n\n * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot\n Fleet.\n\n * appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.\n\n * dynamodb:table:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB table.\n\n * dynamodb:table:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB table.\n\n * dynamodb:index:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB global secondary index.\n\n * dynamodb:index:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB global secondary index.\n\n * rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora\n DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible\n edition.\n\n * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances\n for a SageMaker model endpoint variant.\n\n * custom-resource:ResourceType:Property - The scalable dimension for a\n custom resource provided by your own application or service.\n\n * comprehend:document-classifier-endpoint:DesiredInferenceUnits - The\n number of inference units for an Amazon Comprehend document classification\n endpoint.\n\n * comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number\n of inference units for an Amazon Comprehend entity recognizer endpoint.\n\n * lambda:function:ProvisionedConcurrency - The provisioned concurrency\n for a Lambda function.\n\n * cassandra:table:ReadCapacityUnits - The provisioned read capacity for\n an Amazon Keyspaces table.\n\n * cassandra:table:WriteCapacityUnits - The provisioned write capacity\n for an Amazon Keyspaces table.\n\n * kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB)\n for brokers in an Amazon MSK cluster.\n\n * elasticache:replication-group:NodeGroups - The number of node groups\n for an Amazon ElastiCache replication group.\n\n * elasticache:replication-group:Replicas - The number of replicas per\n node group for an Amazon ElastiCache replication group.\n\n * neptune:cluster:ReadReplicaCount - The count of read replicas in an\n Amazon Neptune DB cluster.\n\n * sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency\n for a SageMaker serverless endpoint.\n\n * sagemaker:inference-component:DesiredCopyCount - The number of copies\n across an endpoint for a SageMaker inference component.\n\n * workspaces:workspacespool:DesiredUserSessions - The number of user sessions\n for the WorkSpaces in the pool." type: "string" serviceNamespace: description: "The namespace of the Amazon Web Services service that provides the resource.\nFor a resource provided by your own application or service, use custom-resource\ninstead." type: "string" suspendedState: - description: "An embedded object that contains attributes and attribute values that are\nused to suspend and resume automatic scaling. Setting the value of an attribute\nto true suspends the specified scaling activities. Setting it to false (default)\nresumes the specified scaling activities.\n\nSuspension Outcomes\n\n * For DynamicScalingInSuspended, while a suspension is in effect, all\n scale-in activities that are triggered by a scaling policy are suspended.\n\n * For DynamicScalingOutSuspended, while a suspension is in effect, all\n scale-out activities that are triggered by a scaling policy are suspended.\n\n * For ScheduledScalingSuspended, while a suspension is in effect, all\n scaling activities that involve scheduled actions are suspended.\n\nFor more information, see Suspending and resuming scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html)\nin the Application Auto Scaling User Guide." + description: "An embedded object that contains attributes and attribute values that are\nused to suspend and resume automatic scaling. Setting the value of an attribute\nto true suspends the specified scaling activities. Setting it to false (default)\nresumes the specified scaling activities.\n\nSuspension Outcomes\n\n * For DynamicScalingInSuspended, while a suspension is in effect, all\n scale-in activities that are triggered by a scaling policy are suspended.\n\n * For DynamicScalingOutSuspended, while a suspension is in effect, all\n scale-out activities that are triggered by a scaling policy are suspended.\n\n * For ScheduledScalingSuspended, while a suspension is in effect, all\n scaling activities that involve scheduled actions are suspended.\n\nFor more information, see Suspend and resume scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html)\nin the Application Auto Scaling User Guide." properties: dynamicScalingInSuspended: type: "boolean" @@ -84,7 +84,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalingpolicies.yaml b/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalingpolicies.yaml index 19341eeef..de7d23530 100644 --- a/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalingpolicies.yaml +++ b/crd-catalog/aws-controllers-k8s/applicationautoscaling-controller/applicationautoscaling.services.k8s.aws/v1alpha1/scalingpolicies.yaml @@ -27,19 +27,19 @@ spec: metadata: type: "object" spec: - description: "ScalingPolicySpec defines the desired state of ScalingPolicy.\n\nRepresents a scaling policy to use with Application Auto Scaling.\n\nFor more information about configuring scaling policies for a specific service,\nsee Getting started with Application Auto Scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/getting-started.html)\nin the Application Auto Scaling User Guide." + description: "ScalingPolicySpec defines the desired state of ScalingPolicy.\n\nRepresents a scaling policy to use with Application Auto Scaling.\n\nFor more information about configuring scaling policies for a specific service,\nsee Amazon Web Services services that you can use with Application Auto Scaling\n(https://docs.aws.amazon.com/autoscaling/application/userguide/integrated-services-list.html)\nin the Application Auto Scaling User Guide." properties: policyName: - description: "The name of the scaling policy." + description: "The name of the scaling policy.\n\nYou cannot change the name of a scaling policy, but you can delete the original\nscaling policy and create a new scaling policy with the same settings and\na different name." type: "string" policyType: - description: "The policy type. This parameter is required if you are creating a scaling\npolicy.\n\nThe following policy types are supported:\n\nTargetTrackingScaling—Not supported for Amazon EMR\n\nStepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon\nKeyspaces, Amazon MSK, Amazon ElastiCache, or Neptune.\n\nFor more information, see Target tracking scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html)\nand Step scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html)\nin the Application Auto Scaling User Guide." + description: "The scaling policy type. This parameter is required if you are creating a\nscaling policy.\n\nThe following policy types are supported:\n\nTargetTrackingScaling—Not supported for Amazon EMR.\n\nStepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon\nKeyspaces, Amazon MSK, Amazon ElastiCache, or Neptune.\n\nFor more information, see Target tracking scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html)\nand Step scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html)\nin the Application Auto Scaling User Guide." type: "string" resourceID: - description: "The identifier of the resource associated with the scaling policy. This string\nconsists of the resource type and unique identifier.\n\n * ECS service - The resource type is service and the unique identifier\n is the cluster name and service name. Example: service/default/sample-webapp.\n\n * Spot Fleet - The resource type is spot-fleet-request and the unique\n identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.\n\n * EMR cluster - The resource type is instancegroup and the unique identifier\n is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.\n\n * AppStream 2.0 fleet - The resource type is fleet and the unique identifier\n is the fleet name. Example: fleet/sample-fleet.\n\n * DynamoDB table - The resource type is table and the unique identifier\n is the table name. Example: table/my-table.\n\n * DynamoDB global secondary index - The resource type is index and the\n unique identifier is the index name. Example: table/my-table/index/my-table-index.\n\n * Aurora DB cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:my-db-cluster.\n\n * SageMaker endpoint variant - The resource type is variant and the unique\n identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.\n\n * Custom resources are not supported with a resource type. This parameter\n must specify the OutputValue from the CloudFormation template stack used\n to access the resources. The unique identifier is defined by the service\n provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource).\n\n * Amazon Comprehend document classification endpoint - The resource type\n and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.\n\n * Amazon Comprehend entity recognizer endpoint - The resource type and\n unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.\n\n * Lambda provisioned concurrency - The resource type is function and the\n unique identifier is the function name with a function version or alias\n name suffix that is not $LATEST. Example: function:my-function:prod or\n function:my-function:1.\n\n * Amazon Keyspaces table - The resource type is table and the unique identifier\n is the table name. Example: keyspace/mykeyspace/table/mytable.\n\n * Amazon MSK cluster - The resource type and unique identifier are specified\n using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.\n\n * Amazon ElastiCache replication group - The resource type is replication-group\n and the unique identifier is the replication group name. Example: replication-group/mycluster.\n\n * Neptune cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:mycluster." + description: "The identifier of the resource associated with the scaling policy. This string\nconsists of the resource type and unique identifier.\n\n * ECS service - The resource type is service and the unique identifier\n is the cluster name and service name. Example: service/my-cluster/my-service.\n\n * Spot Fleet - The resource type is spot-fleet-request and the unique\n identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.\n\n * EMR cluster - The resource type is instancegroup and the unique identifier\n is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.\n\n * AppStream 2.0 fleet - The resource type is fleet and the unique identifier\n is the fleet name. Example: fleet/sample-fleet.\n\n * DynamoDB table - The resource type is table and the unique identifier\n is the table name. Example: table/my-table.\n\n * DynamoDB global secondary index - The resource type is index and the\n unique identifier is the index name. Example: table/my-table/index/my-table-index.\n\n * Aurora DB cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:my-db-cluster.\n\n * SageMaker endpoint variant - The resource type is variant and the unique\n identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.\n\n * Custom resources are not supported with a resource type. This parameter\n must specify the OutputValue from the CloudFormation template stack used\n to access the resources. The unique identifier is defined by the service\n provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource).\n\n * Amazon Comprehend document classification endpoint - The resource type\n and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.\n\n * Amazon Comprehend entity recognizer endpoint - The resource type and\n unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.\n\n * Lambda provisioned concurrency - The resource type is function and the\n unique identifier is the function name with a function version or alias\n name suffix that is not $LATEST. Example: function:my-function:prod or\n function:my-function:1.\n\n * Amazon Keyspaces table - The resource type is table and the unique identifier\n is the table name. Example: keyspace/mykeyspace/table/mytable.\n\n * Amazon MSK cluster - The resource type and unique identifier are specified\n using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.\n\n * Amazon ElastiCache replication group - The resource type is replication-group\n and the unique identifier is the replication group name. Example: replication-group/mycluster.\n\n * Neptune cluster - The resource type is cluster and the unique identifier\n is the cluster name. Example: cluster:mycluster.\n\n * SageMaker serverless endpoint - The resource type is variant and the\n unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.\n\n * SageMaker inference component - The resource type is inference-component\n and the unique identifier is the resource ID. Example: inference-component/my-inference-component.\n\n * Pool of WorkSpaces - The resource type is workspacespool and the unique\n identifier is the pool ID. Example: workspacespool/wspool-123456." type: "string" scalableDimension: - description: "The scalable dimension. This string consists of the service namespace, resource\ntype, and scaling property.\n\n * ecs:service:DesiredCount - The desired task count of an ECS service.\n\n * elasticmapreduce:instancegroup:InstanceCount - The instance count of\n an EMR Instance Group.\n\n * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot\n Fleet.\n\n * appstream:fleet:DesiredCapacity - The desired capacity of an AppStream\n 2.0 fleet.\n\n * dynamodb:table:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB table.\n\n * dynamodb:table:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB table.\n\n * dynamodb:index:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB global secondary index.\n\n * dynamodb:index:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB global secondary index.\n\n * rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora\n DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible\n edition.\n\n * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances\n for an SageMaker model endpoint variant.\n\n * custom-resource:ResourceType:Property - The scalable dimension for a\n custom resource provided by your own application or service.\n\n * comprehend:document-classifier-endpoint:DesiredInferenceUnits - The\n number of inference units for an Amazon Comprehend document classification\n endpoint.\n\n * comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number\n of inference units for an Amazon Comprehend entity recognizer endpoint.\n\n * lambda:function:ProvisionedConcurrency - The provisioned concurrency\n for a Lambda function.\n\n * cassandra:table:ReadCapacityUnits - The provisioned read capacity for\n an Amazon Keyspaces table.\n\n * cassandra:table:WriteCapacityUnits - The provisioned write capacity\n for an Amazon Keyspaces table.\n\n * kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB)\n for brokers in an Amazon MSK cluster.\n\n * elasticache:replication-group:NodeGroups - The number of node groups\n for an Amazon ElastiCache replication group.\n\n * elasticache:replication-group:Replicas - The number of replicas per\n node group for an Amazon ElastiCache replication group.\n\n * neptune:cluster:ReadReplicaCount - The count of read replicas in an\n Amazon Neptune DB cluster." + description: "The scalable dimension. This string consists of the service namespace, resource\ntype, and scaling property.\n\n * ecs:service:DesiredCount - The task count of an ECS service.\n\n * elasticmapreduce:instancegroup:InstanceCount - The instance count of\n an EMR Instance Group.\n\n * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot\n Fleet.\n\n * appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.\n\n * dynamodb:table:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB table.\n\n * dynamodb:table:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB table.\n\n * dynamodb:index:ReadCapacityUnits - The provisioned read capacity for\n a DynamoDB global secondary index.\n\n * dynamodb:index:WriteCapacityUnits - The provisioned write capacity for\n a DynamoDB global secondary index.\n\n * rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora\n DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible\n edition.\n\n * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances\n for a SageMaker model endpoint variant.\n\n * custom-resource:ResourceType:Property - The scalable dimension for a\n custom resource provided by your own application or service.\n\n * comprehend:document-classifier-endpoint:DesiredInferenceUnits - The\n number of inference units for an Amazon Comprehend document classification\n endpoint.\n\n * comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number\n of inference units for an Amazon Comprehend entity recognizer endpoint.\n\n * lambda:function:ProvisionedConcurrency - The provisioned concurrency\n for a Lambda function.\n\n * cassandra:table:ReadCapacityUnits - The provisioned read capacity for\n an Amazon Keyspaces table.\n\n * cassandra:table:WriteCapacityUnits - The provisioned write capacity\n for an Amazon Keyspaces table.\n\n * kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB)\n for brokers in an Amazon MSK cluster.\n\n * elasticache:replication-group:NodeGroups - The number of node groups\n for an Amazon ElastiCache replication group.\n\n * elasticache:replication-group:Replicas - The number of replicas per\n node group for an Amazon ElastiCache replication group.\n\n * neptune:cluster:ReadReplicaCount - The count of read replicas in an\n Amazon Neptune DB cluster.\n\n * sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency\n for a SageMaker serverless endpoint.\n\n * sagemaker:inference-component:DesiredCopyCount - The number of copies\n across an endpoint for a SageMaker inference component.\n\n * workspaces:workspacespool:DesiredUserSessions - The number of user sessions\n for the WorkSpaces in the pool." type: "string" serviceNamespace: description: "The namespace of the Amazon Web Services service that provides the resource.\nFor a resource provided by your own application or service, use custom-resource\ninstead." @@ -59,7 +59,7 @@ spec: type: "integer" stepAdjustments: items: - description: "Represents a step adjustment for a StepScalingPolicyConfiguration (https://docs.aws.amazon.com/autoscaling/application/APIReference/API_StepScalingPolicyConfiguration.html).\nDescribes an adjustment based on the difference between the value of the\naggregated CloudWatch metric and the breach threshold that you've defined\nfor the alarm.\n\nFor the following examples, suppose that you have an alarm with a breach\nthreshold of 50:\n\n * To trigger the adjustment when the metric is greater than or equal to\n 50 and less than 60, specify a lower bound of 0 and an upper bound of\n 10.\n\n * To trigger the adjustment when the metric is greater than 40 and less\n than or equal to 50, specify a lower bound of -10 and an upper bound of\n 0.\n\nThere are a few rules for the step adjustments for your step policy:\n\n * The ranges of your step adjustments can't overlap or have a gap.\n\n * At most one step adjustment can have a null lower bound. If one step\n adjustment has a negative lower bound, then there must be a step adjustment\n with a null lower bound.\n\n * At most one step adjustment can have a null upper bound. If one step\n adjustment has a positive upper bound, then there must be a step adjustment\n with a null upper bound.\n\n * The upper and lower bound can't be null in the same step adjustment." + description: "Represents a step adjustment for a StepScalingPolicyConfiguration (https://docs.aws.amazon.com/autoscaling/application/APIReference/API_StepScalingPolicyConfiguration.html).\nDescribes an adjustment based on the difference between the value of the\naggregated CloudWatch metric and the breach threshold that you've defined\nfor the alarm.\n\nFor the following examples, suppose that you have an alarm with a breach\nthreshold of 50:\n\n * To initiate the adjustment when the metric is greater than or equal\n to 50 and less than 60, specify a lower bound of 0 and an upper bound\n of 10.\n\n * To initiate the adjustment when the metric is greater than 40 and less\n than or equal to 50, specify a lower bound of -10 and an upper bound of\n 0.\n\nThere are a few rules for the step adjustments for your step policy:\n\n * The ranges of your step adjustments can't overlap or have a gap.\n\n * At most one step adjustment can have a null lower bound. If one step\n adjustment has a negative lower bound, then there must be a step adjustment\n with a null lower bound.\n\n * At most one step adjustment can have a null upper bound. If one step\n adjustment has a positive upper bound, then there must be a step adjustment\n with a null upper bound.\n\n * The upper and lower bound can't be null in the same step adjustment." properties: metricIntervalLowerBound: type: "number" @@ -75,7 +75,7 @@ spec: description: "A target tracking scaling policy. Includes support for predefined or customized\nmetrics.\n\nThis parameter is required if you are creating a policy and the policy type\nis TargetTrackingScaling." properties: customizedMetricSpecification: - description: "Represents a CloudWatch metric of your choosing for a target tracking scaling\npolicy to use with Application Auto Scaling.\n\nFor information about the available metrics for a service, see Amazon Web\nServices Services That Publish CloudWatch Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)\nin the Amazon CloudWatch User Guide.\n\nTo create your customized metric specification:\n\n * Add values for each required parameter from CloudWatch. You can use\n an existing metric, or a new metric that you create. To use your own metric,\n you must first publish the metric to CloudWatch. For more information,\n see Publish Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html)\n in the Amazon CloudWatch User Guide.\n\n * Choose a metric that changes proportionally with capacity. The value\n of the metric should increase or decrease in inverse proportion to the\n number of capacity units. That is, the value of the metric should decrease\n when capacity increases, and increase when capacity decreases.\n\nFor more information about CloudWatch, see Amazon CloudWatch Concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html)." + description: "Represents a CloudWatch metric of your choosing for a target tracking scaling\npolicy to use with Application Auto Scaling.\n\nFor information about the available metrics for a service, see Amazon Web\nServices services that publish CloudWatch metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)\nin the Amazon CloudWatch User Guide.\n\nTo create your customized metric specification:\n\n * Add values for each required parameter from CloudWatch. You can use\n an existing metric, or a new metric that you create. To use your own metric,\n you must first publish the metric to CloudWatch. For more information,\n see Publish custom metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html)\n in the Amazon CloudWatch User Guide.\n\n * Choose a metric that changes proportionally with capacity. The value\n of the metric should increase or decrease in inverse proportion to the\n number of capacity units. That is, the value of the metric should decrease\n when capacity increases, and increase when capacity decreases.\n\nFor more information about the CloudWatch terminology below, see Amazon CloudWatch\nconcepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html)\nin the Amazon CloudWatch User Guide." properties: dimensions: items: @@ -99,7 +99,7 @@ spec: disableScaleIn: type: "boolean" predefinedMetricSpecification: - description: "Represents a predefined metric for a target tracking scaling policy to use\nwith Application Auto Scaling.\n\nOnly the Amazon Web Services that you're using send metrics to Amazon CloudWatch.\nTo determine whether a desired metric already exists by looking up its namespace\nand dimension using the CloudWatch metrics dashboard in the console, follow\nthe procedure in Building dashboards with CloudWatch (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html)\nin the Application Auto Scaling User Guide." + description: "Represents a predefined metric for a target tracking scaling policy to use\nwith Application Auto Scaling.\n\nFor more information, Predefined metrics for target tracking scaling policies\n(https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html#predefined-metrics)\nin the Application Auto Scaling User Guide." properties: predefinedMetricType: type: "string" @@ -152,7 +152,7 @@ spec: type: "object" type: "array" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/cachepolicies.yaml b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/cachepolicies.yaml index 60781d4b5..4b39d1846 100644 --- a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/cachepolicies.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/cachepolicies.yaml @@ -119,7 +119,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml index f7cb4b1d7..a80d952fb 100644 --- a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml @@ -45,7 +45,7 @@ spec: properties: items: items: - description: "A complex type that describes how CloudFront processes requests.\n\nYou must create at least as many cache behaviors (including the default cache\nbehavior) as you have origins if you want CloudFront to serve objects from\nall of the origins. Each cache behavior specifies the one origin from which\nyou want CloudFront to get objects. If you have two origins and only the\ndefault cache behavior, the default cache behavior will cause CloudFront\nto get objects from one of the origins, but the other origin is never used.\n\nFor the current quota (formerly known as limit) on the number of cache behaviors\nthat you can add to a distribution, see Quotas (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html)\nin the Amazon CloudFront Developer Guide.\n\nIf you don't want to specify any cache behaviors, include only an empty CacheBehaviors\nelement. Don't include an empty CacheBehavior element because this is invalid.\n\nTo delete all cache behaviors in an existing distribution, update the distribution\nconfiguration and include only an empty CacheBehaviors element.\n\nTo add, change, or remove one or more cache behaviors, update the distribution\nconfiguration and specify all of the cache behaviors that you want to include\nin the updated distribution.\n\nFor more information about cache behaviors, see Cache Behavior Settings (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior)\nin the Amazon CloudFront Developer Guide." + description: "A complex type that describes how CloudFront processes requests.\n\nYou must create at least as many cache behaviors (including the default cache\nbehavior) as you have origins if you want CloudFront to serve objects from\nall of the origins. Each cache behavior specifies the one origin from which\nyou want CloudFront to get objects. If you have two origins and only the\ndefault cache behavior, the default cache behavior will cause CloudFront\nto get objects from one of the origins, but the other origin is never used.\n\nFor the current quota (formerly known as limit) on the number of cache behaviors\nthat you can add to a distribution, see Quotas (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html)\nin the Amazon CloudFront Developer Guide.\n\nIf you don't want to specify any cache behaviors, include only an empty CacheBehaviors\nelement. Don't specify an empty individual CacheBehavior element, because\nthis is invalid. For more information, see CacheBehaviors (https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CacheBehaviors.html).\n\nTo delete all cache behaviors in an existing distribution, update the distribution\nconfiguration and include only an empty CacheBehaviors element.\n\nTo add, change, or remove one or more cache behaviors, update the distribution\nconfiguration and specify all of the cache behaviors that you want to include\nin the updated distribution.\n\nFor more information about cache behaviors, see Cache Behavior Settings (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior)\nin the Amazon CloudFront Developer Guide." properties: allowedMethods: description: "A complex type that controls which HTTP methods CloudFront processes and\nforwards to your Amazon S3 bucket or your custom origin. There are three\nchoices:\n\n * CloudFront forwards only GET and HEAD requests.\n\n * CloudFront forwards only GET, HEAD, and OPTIONS requests.\n\n * CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE\n requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon\nS3 bucket or to your custom origin so users can't perform operations that\nyou don't want them to. For example, you might not want users to have permissions\nto delete objects from your origin." @@ -109,7 +109,7 @@ spec: type: "object" type: "object" functionAssociations: - description: "A list of CloudFront functions that are associated with a cache behavior\nin a CloudFront distribution. CloudFront functions must be published to the\nLIVE stage to associate them with a cache behavior." + description: "A list of CloudFront functions that are associated with a cache behavior\nin a CloudFront distribution. Your functions must be published to the LIVE\nstage to associate them with a cache behavior." properties: items: items: @@ -270,7 +270,7 @@ spec: type: "object" type: "object" functionAssociations: - description: "A list of CloudFront functions that are associated with a cache behavior\nin a CloudFront distribution. CloudFront functions must be published to the\nLIVE stage to associate them with a cache behavior." + description: "A list of CloudFront functions that are associated with a cache behavior\nin a CloudFront distribution. Your functions must be published to the LIVE\nstage to associate them with a cache behavior." properties: items: items: @@ -347,7 +347,7 @@ spec: isIPV6Enabled: type: "boolean" logging: - description: "A complex type that controls whether access logs are written for the distribution." + description: "A complex type that specifies whether access logs are written for the distribution.\n\nIf you already enabled standard logging (legacy) and you want to enable standard\nlogging (v2) to send your access logs to Amazon S3, we recommend that you\nspecify a different Amazon S3 bucket or use a separate path in the same bucket\n(for example, use a log prefix or partitioning). This helps you keep track\nof which log files are associated with which logging subscription and prevents\nlog files from overwriting each other. For more information, see Standard\nlogging (access logs) (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html)\nin the Amazon CloudFront Developer Guide." properties: bucket: type: "string" @@ -364,7 +364,7 @@ spec: items: description: "List of origin groups for a distribution." items: - description: "An origin group includes two origins (a primary origin and a second origin\nto failover to) and a failover criteria that you specify. You create an origin\ngroup to support origin failover in CloudFront. When you create or update\na distribution, you can specifiy the origin group instead of a single origin,\nand CloudFront will failover from the primary origin to the second origin\nunder the failover conditions that you've chosen." + description: "An origin group includes two origins (a primary origin and a secondary origin\nto failover to) and a failover criteria that you specify. You create an origin\ngroup to support origin failover in CloudFront. When you create or update\na distribution, you can specify the origin group instead of a single origin,\nand CloudFront will failover from the primary origin to the secondary origin\nunder the failover conditions that you've chosen.\n\nOptionally, you can choose selection criteria for your origin group to specify\nhow your origins are selected when your distribution routes viewer requests." properties: failoverCriteria: description: "A complex data type that includes information about the failover criteria\nfor an origin group, including the status codes for which CloudFront will\nfailover from the primary origin to the second origin." @@ -403,7 +403,7 @@ spec: properties: items: items: - description: "An origin.\n\nAn origin is the location where content is stored, and from which CloudFront\ngets content to serve to viewers. To specify an origin:\n\n * Use S3OriginConfig to specify an Amazon S3 bucket that is not configured\n with static website hosting.\n\n * Use CustomOriginConfig to specify all other kinds of origins, including:\n An Amazon S3 bucket that is configured with static website hosting An\n Elastic Load Balancing load balancer An AWS Elemental MediaPackage endpoint\n An AWS Elemental MediaStore container Any other HTTP server, running on\n an Amazon EC2 instance or any other kind of host\n\nFor the current maximum number of origins that you can specify per distribution,\nsee General Quotas on Web Distributions (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html#limits-web-distributions)\nin the Amazon CloudFront Developer Guide (quotas were formerly referred to\nas limits)." + description: "An origin.\n\nAn origin is the location where content is stored, and from which CloudFront\ngets content to serve to viewers. To specify an origin:\n\n * Use S3OriginConfig to specify an Amazon S3 bucket that is not configured\n with static website hosting.\n\n * Use CustomOriginConfig to specify all other kinds of origins, including:\n An Amazon S3 bucket that is configured with static website hosting An\n Elastic Load Balancing load balancer An Elemental MediaPackage endpoint\n An Elemental MediaStore container Any other HTTP server, running on an\n Amazon EC2 instance or any other kind of host\n\nFor the current maximum number of origins that you can specify per distribution,\nsee General Quotas on Web Distributions (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html#limits-web-distributions)\nin the Amazon CloudFront Developer Guide (quotas were formerly referred to\nas limits)." properties: connectionAttempts: format: "int64" @@ -527,6 +527,18 @@ spec: webACLID: type: "string" type: "object" + tags: + description: "A complex type that contains Tag elements." + items: + description: "A complex type that contains Tag key and Tag value." + properties: + key: + description: "A string that contains Tag key.\n\nThe string length should be between 1 and 128 characters. Valid characters\ninclude a-z, A-Z, 0-9, space, and the special characters _ - . : / = + @." + type: "string" + value: + type: "string" + type: "object" + type: "array" required: - "distributionConfig" type: "object" @@ -613,7 +625,7 @@ spec: callerReference: type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/functions.yaml b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/functions.yaml index df28a961e..fef7831f2 100644 --- a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/functions.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/functions.yaml @@ -69,7 +69,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/originrequestpolicies.yaml b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/originrequestpolicies.yaml index 3b2486aa7..456470b7d 100644 --- a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/originrequestpolicies.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/originrequestpolicies.yaml @@ -102,7 +102,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/responseheaderspolicies.yaml b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/responseheaderspolicies.yaml index 2a3374401..6d923ea37 100644 --- a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/responseheaderspolicies.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/responseheaderspolicies.yaml @@ -198,7 +198,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/eventdatastores.yaml b/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/eventdatastores.yaml index 4f3c53819..e6ead36a0 100644 --- a/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/eventdatastores.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/eventdatastores.yaml @@ -27,12 +27,12 @@ spec: metadata: type: "object" spec: - description: "EventDataStoreSpec defines the desired state of EventDataStore.\n\nA storage lake of event data against which you can run complex SQL-based\nqueries. An event data store can include events that you have logged on your\naccount from the last 90 to 2555 days (about three months to up to seven\nyears). To select events for an event data store, use advanced event selectors\n(https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced)." + description: "EventDataStoreSpec defines the desired state of EventDataStore.\n\nA storage lake of event data against which you can run complex SQL-based\nqueries. An event data store can include events that you have logged on your\naccount. To select events for an event data store, use advanced event selectors\n(https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-concepts.html#adv-event-selectors)." properties: advancedEventSelectors: - description: "The advanced event selectors to use to select the events for the data store.\nFor more information about how to use advanced event selectors, see Log events\nby using advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced)\nin the CloudTrail User Guide." + description: "The advanced event selectors to use to select the events for the data store.\nYou can configure up to five advanced event selectors for each event data\nstore.\n\nFor more information about how to use advanced event selectors to log CloudTrail\nevents, see Log events by using advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced)\nin the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include\nConfig configuration items in your event data store, see Create an event\ndata store for Config configuration items (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config)\nin the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include\nevents outside of Amazon Web Services events in your event data store, see\nCreate an integration to log events from outside Amazon Web Services (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration)\nin the CloudTrail User Guide." items: - description: "Advanced event selectors let you create fine-grained selectors for the following\nCloudTrail event record fields. They help you control costs by logging only\nthose events that are important to you. For more information about advanced\nevent selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)\nin the CloudTrail User Guide.\n\n * readOnly\n\n * eventSource\n\n * eventName\n\n * eventCategory\n\n * resources.type\n\n * resources.ARN\n\nYou cannot apply both event selectors and advanced event selectors to a trail." + description: "Advanced event selectors let you create fine-grained selectors for CloudTrail\nmanagement, data, and network activity events. They help you control costs\nby logging only those events that are important to you. For more information\nabout configuring advanced event selectors, see the Logging data events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html),\nLogging network activity events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html),\nand Logging management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html)\ntopics in the CloudTrail User Guide.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.\n\nSupported CloudTrail event record fields for management events\n\n * eventCategory (required)\n\n * eventSource\n\n * readOnly\n\nThe following additional fields are available for event data stores:\n\n * eventName\n\n * eventType\n\n * sessionCredentialFromConsole\n\n * userIdentity.arn\n\nSupported CloudTrail event record fields for data events\n\n * eventCategory (required)\n\n * resources.type (required)\n\n * readOnly\n\n * eventName\n\n * resources.ARN\n\nThe following additional fields are available for event data stores:\n\n * eventSource\n\n * eventType\n\n * sessionCredentialFromConsole\n\n * userIdentity.arn\n\nSupported CloudTrail event record fields for network activity events\n\nNetwork activity events is in preview release for CloudTrail and is subject\nto change.\n\n * eventCategory (required)\n\n * eventSource (required)\n\n * eventName\n\n * errorCode - The only valid value for errorCode is VpceAccessDenied.\n\n * vpcEndpointId\n\nFor event data stores for CloudTrail Insights events, Config configuration\nitems, Audit Manager evidence, or events outside of Amazon Web Services,\nthe only supported field is eventCategory." properties: fieldSelectors: items: @@ -71,7 +71,7 @@ spec: type: "object" type: "array" multiRegionEnabled: - description: "Specifies whether the event data store includes events from all regions,\nor only from the region in which the event data store is created." + description: "Specifies whether the event data store includes events from all Regions,\nor only from the Region in which the event data store is created." type: "boolean" name: description: "The name of the event data store." @@ -80,12 +80,12 @@ spec: description: "Specifies whether an event data store collects events logged for an organization\nin Organizations." type: "boolean" retentionPeriod: - description: "The retention period of the event data store, in days. You can set a retention\nperiod of up to 2555 days, the equivalent of seven years." + description: "The retention period of the event data store, in days. If BillingMode is\nset to EXTENDABLE_RETENTION_PRICING, you can set a retention period of up\nto 3653 days, the equivalent of 10 years. If BillingMode is set to FIXED_RETENTION_PRICING,\nyou can set a retention period of up to 2557 days, the equivalent of seven\nyears.\n\nCloudTrail Lake determines whether to retain an event by checking if the\neventTime of the event is within the specified retention period. For example,\nif you set a retention period of 90 days, CloudTrail will remove events when\nthe eventTime is older than 90 days.\n\nIf you plan to copy trail events to this event data store, we recommend that\nyou consider both the age of the events that you want to copy as well as\nhow long you want to keep the copied events in your event data store. For\nexample, if you copy trail events that are 5 years old and specify a retention\nperiod of 7 years, the event data store will retain those events for two\nyears." format: "int64" type: "integer" tags: items: - description: "A custom key-value pair associated with a resource such as a CloudTrail trail." + description: "A custom key-value pair associated with a resource such as a CloudTrail trail,\nevent data store, dashboard, or channel." properties: key: type: "string" @@ -119,7 +119,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/trails.yaml b/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/trails.yaml index 087efd569..72ebd0089 100644 --- a/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/trails.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudtrail-controller/cloudtrail.services.k8s.aws/v1alpha1/trails.yaml @@ -30,10 +30,10 @@ spec: description: "TrailSpec defines the desired state of Trail.\n\nThe settings for a trail." properties: cloudWatchLogsLogGroupARN: - description: "Specifies a log group name using an Amazon Resource Name (ARN), a unique\nidentifier that represents the log group to which CloudTrail logs will be\ndelivered. Not required unless you specify CloudWatchLogsRoleArn." + description: "Specifies a log group name using an Amazon Resource Name (ARN), a unique\nidentifier that represents the log group to which CloudTrail logs will be\ndelivered. You must use a log group that exists in your account.\n\nNot required unless you specify CloudWatchLogsRoleArn." type: "string" cloudWatchLogsRoleARN: - description: "Specifies the role for the CloudWatch Logs endpoint to assume to write to\na user's log group." + description: "Specifies the role for the CloudWatch Logs endpoint to assume to write to\na user's log group. You must use a role that exists in your account." type: "string" enableLogFileValidation: description: "Specifies whether log file integrity validation is enabled. The default is\nfalse.\n\nWhen you disable log file integrity validation, the chain of digest files\nis broken after one hour. CloudTrail does not create digest files for log\nfiles that were delivered during a period in which log file integrity validation\nwas disabled. For example, if you enable log file integrity validation at\nnoon on January 1, disable it at noon on January 2, and re-enable it at noon\non January 10, digest files will not be created for the log files delivered\nfrom noon on January 2 to noon on January 10. The same applies whenever you\nstop CloudTrail logging or delete a trail." @@ -42,29 +42,32 @@ spec: description: "Specifies whether the trail is publishing events from global services such\nas IAM to the log files." type: "boolean" isMultiRegionTrail: - description: "Specifies whether the trail is created in the current region or in all regions.\nThe default is false, which creates a trail only in the region where you\nare signed in. As a best practice, consider creating trails that log events\nin all regions." + description: "Specifies whether the trail is created in the current Region or in all Regions.\nThe default is false, which creates a trail only in the Region where you\nare signed in. As a best practice, consider creating trails that log events\nin all Regions." type: "boolean" isOrganizationTrail: - description: "Specifies whether the trail is created for all accounts in an organization\nin Organizations, or only for the current Amazon Web Services account. The\ndefault is false, and cannot be true unless the call is made on behalf of\nan Amazon Web Services account that is the management account for an organization\nin Organizations." + description: "Specifies whether the trail is created for all accounts in an organization\nin Organizations, or only for the current Amazon Web Services account. The\ndefault is false, and cannot be true unless the call is made on behalf of\nan Amazon Web Services account that is the management account or delegated\nadministrator account for an organization in Organizations." type: "boolean" kmsKeyID: - description: "Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail.\nThe value can be an alias name prefixed by \"alias/\", a fully specified ARN\nto an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports KMS multi-Region keys. For more information about\nmulti-Region keys, see Using multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)\nin the Key Management Service Developer Guide.\n\nExamples:\n\n * alias/MyAliasName\n\n * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n\n * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n\n * 12345678-1234-1234-1234-123456789012" + description: "Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail.\nThe value can be an alias name prefixed by alias/, a fully specified ARN\nto an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports KMS multi-Region keys. For more information about\nmulti-Region keys, see Using multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)\nin the Key Management Service Developer Guide.\n\nExamples:\n\n * alias/MyAliasName\n\n * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n\n * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n\n * 12345678-1234-1234-1234-123456789012" type: "string" name: description: "Specifies the name of the trail. The name must meet the following requirements:\n\n * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores\n (_), or dashes (-)\n\n * Start with a letter or number, and end with a letter or number\n\n * Be between 3 and 128 characters\n\n * Have no adjacent periods, underscores or dashes. Names like my-_namespace\n and my--namespace are not valid.\n\n * Not be in IP address format (for example, 192.168.5.4)" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" s3BucketName: - description: "Specifies the name of the Amazon S3 bucket designated for publishing log\nfiles. See Amazon S3 Bucket Naming Requirements (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html)." + description: "Specifies the name of the Amazon S3 bucket designated for publishing log\nfiles. For information about bucket naming rules, see Bucket naming rules\n(https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html)\nin the Amazon Simple Storage Service User Guide." type: "string" s3KeyPrefix: - description: "Specifies the Amazon S3 key prefix that comes after the name of the bucket\nyou have designated for log file delivery. For more information, see Finding\nYour CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html).\nThe maximum length is 200 characters." + description: "Specifies the Amazon S3 key prefix that comes after the name of the bucket\nyou have designated for log file delivery. For more information, see Finding\nYour CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files).\nThe maximum length is 200 characters." type: "string" snsTopicName: description: "Specifies the name of the Amazon SNS topic defined for notification of log\nfile delivery. The maximum length is 256 characters." type: "string" tags: items: - description: "A custom key-value pair associated with a resource such as a CloudTrail trail." + description: "A custom key-value pair associated with a resource such as a CloudTrail trail,\nevent data store, dashboard, or channel." properties: key: type: "string" @@ -96,7 +99,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudwatch-controller/cloudwatch.services.k8s.aws/v1alpha1/metricalarms.yaml b/crd-catalog/aws-controllers-k8s/cloudwatch-controller/cloudwatch.services.k8s.aws/v1alpha1/metricalarms.yaml index d7cf2a605..02523cca3 100644 --- a/crd-catalog/aws-controllers-k8s/cloudwatch-controller/cloudwatch.services.k8s.aws/v1alpha1/metricalarms.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudwatch-controller/cloudwatch.services.k8s.aws/v1alpha1/metricalarms.yaml @@ -33,7 +33,7 @@ spec: description: "Indicates whether actions should be executed during any changes to the alarm\nstate. The default is TRUE." type: "boolean" alarmActions: - description: "The actions to execute when this alarm transitions to the ALARM state from\nany other state. Each action is specified as an Amazon Resource Name (ARN).\nValid values:\n\nEC2 actions:\n\n * arn:aws:automate:region:ec2:stop\n\n * arn:aws:automate:region:ec2:terminate\n\n * arn:aws:automate:region:ec2:reboot\n\n * arn:aws:automate:region:ec2:recover\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Recover/1.0\n\nAutoscaling action:\n\n * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nSNS notification action:\n\n * arn:aws:sns:region:account-id:sns-topic-name:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nSSM integration actions:\n\n * arn:aws:ssm:region:account-id:opsitem:severity#CATEGORY=category-name\n\n * arn:aws:ssm-incidents::account-id:responseplan/response-plan-name" + description: "The actions to execute when this alarm transitions to the ALARM state from\nany other state. Each action is specified as an Amazon Resource Name (ARN).\nValid values:\n\nEC2 actions:\n\n * arn:aws:automate:region:ec2:stop\n\n * arn:aws:automate:region:ec2:terminate\n\n * arn:aws:automate:region:ec2:reboot\n\n * arn:aws:automate:region:ec2:recover\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Recover/1.0\n\nAutoscaling action:\n\n * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nLambda actions:\n\n * Invoke the latest version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name\n\n * Invoke a specific version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name:version-number\n\n * Invoke a function by using an alias Lambda function: arn:aws:lambda:region:account-id:function:function-name:alias-name\n\nSNS notification action:\n\n * arn:aws:sns:region:account-id:sns-topic-name\n\nSSM integration actions:\n\n * arn:aws:ssm:region:account-id:opsitem:severity#CATEGORY=category-name\n\n * arn:aws:ssm-incidents::account-id:responseplan/response-plan-name" items: type: "string" type: "array" @@ -69,7 +69,7 @@ spec: description: "The extended statistic for the metric specified in MetricName. When you call\nPutMetricAlarm and specify a MetricName, you must specify either Statistic\nor ExtendedStatistic but not both.\n\nIf you specify ExtendedStatistic, the following are valid values:\n\n * p90\n\n * tm90\n\n * tc90\n\n * ts90\n\n * wm90\n\n * IQM\n\n * PR(n:m) where n and m are values of the metric\n\n * TC(X%:X%) where X is between 10 and 90 inclusive.\n\n * TM(X%:X%) where X is between 10 and 90 inclusive.\n\n * TS(X%:X%) where X is between 10 and 90 inclusive.\n\n * WM(X%:X%) where X is between 10 and 90 inclusive.\n\nFor more information about these extended statistics, see CloudWatch statistics\ndefinitions (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html)." type: "string" insufficientDataActions: - description: "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA\nstate from any other state. Each action is specified as an Amazon Resource\nName (ARN). Valid values:\n\nEC2 actions:\n\n * arn:aws:automate:region:ec2:stop\n\n * arn:aws:automate:region:ec2:terminate\n\n * arn:aws:automate:region:ec2:reboot\n\n * arn:aws:automate:region:ec2:recover\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Recover/1.0\n\nAutoscaling action:\n\n * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nSNS notification action:\n\n * arn:aws:sns:region:account-id:sns-topic-name:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nSSM integration actions:\n\n * arn:aws:ssm:region:account-id:opsitem:severity#CATEGORY=category-name\n\n * arn:aws:ssm-incidents::account-id:responseplan/response-plan-name" + description: "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA\nstate from any other state. Each action is specified as an Amazon Resource\nName (ARN). Valid values:\n\nEC2 actions:\n\n * arn:aws:automate:region:ec2:stop\n\n * arn:aws:automate:region:ec2:terminate\n\n * arn:aws:automate:region:ec2:reboot\n\n * arn:aws:automate:region:ec2:recover\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Recover/1.0\n\nAutoscaling action:\n\n * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nLambda actions:\n\n * Invoke the latest version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name\n\n * Invoke a specific version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name:version-number\n\n * Invoke a function by using an alias Lambda function: arn:aws:lambda:region:account-id:function:function-name:alias-name\n\nSNS notification action:\n\n * arn:aws:sns:region:account-id:sns-topic-name\n\nSSM integration actions:\n\n * arn:aws:ssm:region:account-id:opsitem:severity#CATEGORY=category-name\n\n * arn:aws:ssm-incidents::account-id:responseplan/response-plan-name" items: type: "string" type: "array" @@ -132,7 +132,7 @@ spec: description: "The namespace for the metric associated specified in MetricName." type: "string" oKActions: - description: "The actions to execute when this alarm transitions to an OK state from any\nother state. Each action is specified as an Amazon Resource Name (ARN). Valid\nvalues:\n\nEC2 actions:\n\n * arn:aws:automate:region:ec2:stop\n\n * arn:aws:automate:region:ec2:terminate\n\n * arn:aws:automate:region:ec2:reboot\n\n * arn:aws:automate:region:ec2:recover\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Recover/1.0\n\nAutoscaling action:\n\n * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nSNS notification action:\n\n * arn:aws:sns:region:account-id:sns-topic-name:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nSSM integration actions:\n\n * arn:aws:ssm:region:account-id:opsitem:severity#CATEGORY=category-name\n\n * arn:aws:ssm-incidents::account-id:responseplan/response-plan-name" + description: "The actions to execute when this alarm transitions to an OK state from any\nother state. Each action is specified as an Amazon Resource Name (ARN). Valid\nvalues:\n\nEC2 actions:\n\n * arn:aws:automate:region:ec2:stop\n\n * arn:aws:automate:region:ec2:terminate\n\n * arn:aws:automate:region:ec2:reboot\n\n * arn:aws:automate:region:ec2:recover\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Terminate/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Reboot/1.0\n\n * arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Recover/1.0\n\nAutoscaling action:\n\n * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name\n\nLambda actions:\n\n * Invoke the latest version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name\n\n * Invoke a specific version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name:version-number\n\n * Invoke a function by using an alias Lambda function: arn:aws:lambda:region:account-id:function:function-name:alias-name\n\nSNS notification action:\n\n * arn:aws:sns:region:account-id:sns-topic-name\n\nSSM integration actions:\n\n * arn:aws:ssm:region:account-id:opsitem:severity#CATEGORY=category-name\n\n * arn:aws:ssm-incidents::account-id:responseplan/response-plan-name" items: type: "string" type: "array" @@ -144,7 +144,7 @@ spec: description: "The statistic for the metric specified in MetricName, other than percentile.\nFor percentile statistics, use ExtendedStatistic. When you call PutMetricAlarm\nand specify a MetricName, you must specify either Statistic or ExtendedStatistic,\nbut not both." type: "string" tags: - description: "A list of key-value pairs to associate with the alarm. You can associate\nas many as 50 tags with an alarm. To be able to associate tags with the alarm\nwhen you create the alarm, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use\nthem to scope user permissions by granting a user permission to access or\nchange only resources with certain tag values.\n\nIf you are using this operation to update an existing alarm, any tags you\nspecify in this parameter are ignored. To change the tags of an existing\nalarm, use TagResource (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_TagResource.html)\nor UntagResource (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_UntagResource.html)." + description: "A list of key-value pairs to associate with the alarm. You can associate\nas many as 50 tags with an alarm. To be able to associate tags with the alarm\nwhen you create the alarm, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use\nthem to scope user permissions by granting a user permission to access or\nchange only resources with certain tag values.\n\nIf you are using this operation to update an existing alarm, any tags you\nspecify in this parameter are ignored. To change the tags of an existing\nalarm, use TagResource (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_TagResource.html)\nor UntagResource (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_UntagResource.html).\n\nTo use this field to set tags for an alarm when you create it, you must be\nsigned on with both the cloudwatch:PutMetricAlarm and cloudwatch:TagResource\npermissions." items: description: "A key-value pair associated with a CloudWatch resource." properties: @@ -191,7 +191,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml b/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml index 5beb59715..59dca55a0 100644 --- a/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml @@ -94,7 +94,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml index eae23ea92..cd489ef2f 100644 --- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml +++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml @@ -210,7 +210,7 @@ spec: format: "date-time" type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml index 660a2c70d..586f7eb51 100644 --- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml +++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml @@ -39,6 +39,9 @@ spec: availabilityZone: description: "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's Amazon\nWeb Services Region.\n\nExample: us-east-1d" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" caCertificateIdentifier: description: "The CA certificate identifier to use for the DB instance's server certificate.\n\nFor more information, see Updating Your Amazon DocumentDB TLS Certificates\n(https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html)\nand Encrypting Data in Transit (https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html)\nin the Amazon DocumentDB Developer Guide." type: "string" @@ -132,7 +135,7 @@ spec: type: "string" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml index 3f830af5b..ae587fe99 100644 --- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml +++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml @@ -89,7 +89,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/backups.yaml b/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/backups.yaml index 1585aeebd..045e552df 100644 --- a/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/backups.yaml +++ b/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/backups.yaml @@ -56,7 +56,7 @@ spec: description: "Specified name for the backup." type: "string" tableName: - description: "The name of the table." + description: "The name of the table. You can also provide the Amazon Resource Name (ARN)\nof the table in this parameter." type: "string" required: - "backupName" @@ -100,7 +100,7 @@ spec: description: "BackupType:\n\n * USER - You create and manage these using the on-demand backup feature.\n\n * SYSTEM - If you delete a table with point-in-time recovery enabled,\n a SYSTEM backup is automatically created and is retained for 35 days (at\n no additional cost). System backups allow you to restore the deleted table\n to the state it was in just before the point of deletion.\n\n * AWS_BACKUP - On-demand backup created by you from Backup service." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/globaltables.yaml b/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/globaltables.yaml index 7a3c6ab4f..3c3598b2f 100644 --- a/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/globaltables.yaml +++ b/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/globaltables.yaml @@ -65,7 +65,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/tables.yaml b/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/tables.yaml index c4b64c8d8..9c2fee07b 100644 --- a/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/tables.yaml +++ b/crd-catalog/aws-controllers-k8s/dynamodb-controller/dynamodb.services.k8s.aws/v1alpha1/tables.yaml @@ -49,7 +49,7 @@ spec: attributeDefinitions: description: "An array of attributes that describe the key schema for the table and indexes." items: - description: "Represents an attribute for describing the key schema for the table and indexes." + description: "Represents an attribute for describing the schema for the table and indexes." properties: attributeName: type: "string" @@ -58,7 +58,7 @@ spec: type: "object" type: "array" billingMode: - description: "Controls how you are charged for read and write throughput and how you manage\ncapacity. This setting can be changed later.\n\n * PROVISIONED - We recommend using PROVISIONED for predictable workloads.\n PROVISIONED sets the billing mode to Provisioned Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual).\n\n * PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST for unpredictable\n workloads. PAY_PER_REQUEST sets the billing mode to On-Demand Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand)." + description: "Controls how you are charged for read and write throughput and how you manage\ncapacity. This setting can be changed later.\n\n * PROVISIONED - We recommend using PROVISIONED for predictable workloads.\n PROVISIONED sets the billing mode to Provisioned capacity mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html).\n\n * PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST for unpredictable\n workloads. PAY_PER_REQUEST sets the billing mode to On-demand capacity\n mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html)." type: "string" continuousBackups: description: "Represents the settings used to enable point in time recovery." @@ -119,6 +119,9 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" localSecondaryIndexes: description: "One or more local secondary indexes (the maximum is 5) to be created on the\ntable. Each index is scoped to a given partition key value. There is a 10\nGB size limit per partition key value; otherwise, the size of a local secondary\nindex is unconstrained.\n\nEach local secondary index in the array includes the following:\n\n * IndexName - The name of the local secondary index. Must be unique only\n for this table.\n\n * KeySchema - Specifies the key schema for the local secondary index.\n The key schema must begin with the same partition key as the table.\n\n * Projection - Specifies attributes that are copied (projected) from the\n table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of: ProjectionType - One of the following: KEYS_ONLY\n - Only the index and primary keys are projected into the index. INCLUDE\n - Only the specified table attributes are projected into the index. The\n list of projected attributes is in NonKeyAttributes. ALL - All of the\n table attributes are projected into the index. NonKeyAttributes - A list\n of one or more non-key attribute names that are projected into the secondary\n index. The total count of attributes provided in NonKeyAttributes, summed\n across all of the secondary indexes, must not exceed 100. If you project\n the same attribute into two different indexes, this counts as two distinct\n attributes when determining the total." items: @@ -148,6 +151,9 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" provisionedThroughput: description: "Represents the provisioned throughput settings for a specified table or index.\nThe settings can be modified using the UpdateTable operation.\n\nIf you set BillingMode as PROVISIONED, you must specify this property. If\nyou set BillingMode as PAY_PER_REQUEST, you cannot specify this property.\n\nFor current minimum and maximum provisioned throughput values, see Service,\nAccount, and Table Quotas (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html)\nin the Amazon DynamoDB Developer Guide." properties: @@ -165,6 +171,18 @@ spec: type: "boolean" kmsMasterKeyID: type: "string" + kmsMasterKeyRef: + description: "Reference field for KMSMasterKeyID" + properties: + from: + description: "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)" + properties: + name: + type: "string" + namespace: + type: "string" + type: "object" + type: "object" sseType: type: "string" type: "object" @@ -180,7 +198,7 @@ spec: description: "The table class of the new table. Valid values are STANDARD and STANDARD_INFREQUENT_ACCESS." type: "string" tableName: - description: "The name of the table to create." + description: "The name of the table to create. You can also provide the Amazon Resource\nName (ARN) of the table in this parameter." type: "string" tags: description: "A list of key-value pairs to label the table. For more information, see Tagging\nfor DynamoDB (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html)." @@ -237,7 +255,7 @@ spec: type: "string" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml index a7955b147..61393298b 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml @@ -31,11 +31,12 @@ spec: metadata: type: "object" spec: - description: "DhcpOptionsSpec defines the desired state of DhcpOptions.\n\nDescribes a set of DHCP options." + description: "DhcpOptionsSpec defines the desired state of DhcpOptions.\n\nThe set of DHCP options." properties: dhcpConfigurations: description: "A DHCP configuration option." items: + description: "Describes a DHCP configuration option." properties: key: type: "string" @@ -97,7 +98,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/elasticipaddresses.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/elasticipaddresses.yaml index 1ec0e6f82..33ac5fa64 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/elasticipaddresses.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/elasticipaddresses.yaml @@ -37,13 +37,13 @@ spec: description: "ElasticIPAddressSpec defines the desired state of ElasticIPAddress." properties: address: - description: "[EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address\npool." + description: "The Elastic IP address to recover or an IPv4 address from an address pool." type: "string" customerOwnedIPv4Pool: description: "The ID of a customer-owned address pool. Use this parameter to let Amazon\nEC2 select an address from the address pool. Alternatively, specify a specific\naddress from the address pool." type: "string" networkBorderGroup: - description: "A unique set of Availability Zones, Local Zones, or Wavelength Zones from\nwhich Amazon Web Services advertises IP addresses. Use this parameter to\nlimit the IP address to this location. IP addresses cannot move between network\nborder groups.\n\nUse DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html)\nto view the network border groups.\n\nYou cannot use a network border group with EC2 Classic. If you attempt this\noperation on EC2 Classic, you receive an InvalidParameterCombination error." + description: "A unique set of Availability Zones, Local Zones, or Wavelength Zones from\nwhich Amazon Web Services advertises IP addresses. Use this parameter to\nlimit the IP address to this location. IP addresses cannot move between network\nborder groups." type: "string" publicIPv4Pool: description: "The ID of an address pool that you own. Use this parameter to let Amazon\nEC2 select an address from the address pool. To specify a specific address\nfrom the address pool, use the Address parameter instead." @@ -80,13 +80,13 @@ spec: - "region" type: "object" allocationID: - description: "[EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation\nof the Elastic IP address for use with instances in a VPC." + description: "The ID that represents the allocation of the Elastic IP address." type: "string" carrierIP: - description: "The carrier IP address. This option is only available for network interfaces\nwhich reside in a subnet in a Wavelength Zone (for example an EC2 instance)." + description: "The carrier IP address. This option is only available for network interfaces\nthat reside in a subnet in a Wavelength Zone." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/instances.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/instances.yaml index a226eee7a..1e334212a 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/instances.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/instances.yaml @@ -72,7 +72,7 @@ spec: type: "object" type: "array" capacityReservationSpecification: - description: "Information about the Capacity Reservation targeting option. If you do not\nspecify this parameter, the instance's Capacity Reservation preference defaults\nto open, which enables it to run in any open Capacity Reservation that has\nmatching attributes (instance type, platform, Availability Zone)." + description: "Information about the Capacity Reservation targeting option. If you do not\nspecify this parameter, the instance's Capacity Reservation preference defaults\nto open, which enables it to run in any open Capacity Reservation that has\nmatching attributes (instance type, platform, Availability Zone, and tenancy)." properties: capacityReservationPreference: type: "string" @@ -111,18 +111,18 @@ spec: description: "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization\nprovides dedicated throughput to Amazon EBS and an optimized configuration\nstack to provide optimal Amazon EBS I/O performance. This optimization isn't\navailable with all instance types. Additional usage charges apply when using\nan EBS-optimized instance.\n\nDefault: false" type: "boolean" elasticGPUSpecification: - description: "An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource\nthat you can attach to your Windows instance to accelerate the graphics performance\nof your applications. For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html)\nin the Amazon EC2 User Guide." + description: "An elastic GPU to associate with the instance.\n\nAmazon Elastic Graphics reached end of life on January 8, 2024." items: - description: "A specification for an Elastic Graphics accelerator." + description: "Amazon Elastic Graphics reached end of life on January 8, 2024.\n\nA specification for an Elastic Graphics accelerator." properties: type_: type: "string" type: "object" type: "array" elasticInferenceAccelerators: - description: "An elastic inference accelerator to associate with the instance. Elastic\ninference accelerators are a resource you can attach to your Amazon EC2 instances\nto accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request." + description: "An elastic inference accelerator to associate with the instance.\n\nAmazon Elastic Inference is no longer available." items: - description: "Describes an elastic inference accelerator." + description: "Amazon Elastic Inference is no longer available.\n\nDescribes an elastic inference accelerator." properties: count: format: "int64" @@ -138,7 +138,7 @@ spec: type: "boolean" type: "object" hibernationOptions: - description: "Indicates whether an instance is enabled for hibernation. For more information,\nsee Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html)\nin the Amazon EC2 User Guide.\n\nYou can't enable hibernation and Amazon Web Services Nitro Enclaves on the\nsame instance." + description: "Indicates whether an instance is enabled for hibernation. This parameter\nis valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html).\nFor more information, see Hibernate your Amazon EC2 instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html)\nin the Amazon EC2 User Guide.\n\nYou can't enable hibernation and Amazon Web Services Nitro Enclaves on the\nsame instance." properties: configured: type: "boolean" @@ -180,14 +180,14 @@ spec: type: "object" type: "object" instanceType: - description: "The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)\nin the Amazon EC2 User Guide.\n\nDefault: m1.small" + description: "The instance type. For more information, see Amazon EC2 instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)\nin the Amazon EC2 User Guide." type: "string" ipv6AddressCount: - description: "[EC2-VPC] The number of IPv6 addresses to associate with the primary network\ninterface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.\nYou cannot specify this option and the option to assign specific IPv6 addresses\nin the same request. You can specify this option if you've specified a minimum\nnumber of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same\nrequest." + description: "The number of IPv6 addresses to associate with the primary network interface.\nAmazon EC2 chooses the IPv6 addresses from the range of your subnet. You\ncannot specify this option and the option to assign specific IPv6 addresses\nin the same request. You can specify this option if you've specified a minimum\nnumber of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same\nrequest." format: "int64" type: "integer" ipv6Addresses: - description: "[EC2-VPC] The IPv6 addresses from the range of the subnet to associate with\nthe primary network interface. You cannot specify this option and the option\nto assign a number of IPv6 addresses in the same request. You cannot specify\nthis option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same\nrequest." + description: "The IPv6 addresses from the range of the subnet to associate with the primary\nnetwork interface. You cannot specify this option and the option to assign\na number of IPv6 addresses in the same request. You cannot specify this option\nif you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same\nrequest." items: description: "Describes an IPv6 address." properties: @@ -202,7 +202,7 @@ spec: description: "The name of the key pair. You can create a key pair using CreateKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html)\nor ImportKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html).\n\nIf you do not specify a key pair, you can't connect to the instance unless\nyou choose an AMI that is configured to allow users another way to log in." type: "string" launchTemplate: - description: "The launch template to use to launch the instances. Any parameters that you\nspecify in RunInstances override the same parameters in the launch template.\nYou can specify either the name or ID of a launch template, but not both." + description: "The launch template. Any additional parameters that you specify for the new\ninstance overwrite the corresponding parameters included in the launch template." properties: launchTemplateID: type: "string" @@ -227,7 +227,7 @@ spec: type: "string" type: "object" maxCount: - description: "The maximum number of instances to launch. If you specify more instances\nthan Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches\nthe largest possible number of instances above MinCount.\n\nConstraints: Between 1 and the maximum number you're allowed for the specified\ninstance type. For more information about the default limits, and how to\nrequest an increase, see How many instances can I run in Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2)\nin the Amazon EC2 FAQ." + description: "The maximum number of instances to launch. If you specify a value that is\nmore capacity than Amazon EC2 can launch in the target Availability Zone,\nAmazon EC2 launches the largest possible number of instances above the specified\nminimum count.\n\nConstraints: Between 1 and the quota for the specified instance type for\nyour account for this Region. For more information, see Amazon EC2 instance\ntype quotas (https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-instance-quotas.html)." format: "int64" type: "integer" metadataOptions: @@ -246,7 +246,7 @@ spec: type: "string" type: "object" minCount: - description: "The minimum number of instances to launch. If you specify a minimum that\nis more instances than Amazon EC2 can launch in the target Availability Zone,\nAmazon EC2 launches no instances.\n\nConstraints: Between 1 and the maximum number you're allowed for the specified\ninstance type. For more information about the default limits, and how to\nrequest an increase, see How many instances can I run in Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2)\nin the Amazon EC2 General FAQ." + description: "The minimum number of instances to launch. If you specify a value that is\nmore capacity than Amazon EC2 can provide in the target Availability Zone,\nAmazon EC2 does not launch any instances.\n\nConstraints: Between 1 and the quota for the specified instance type for\nyour account for this Region. For more information, see Amazon EC2 instance\ntype quotas (https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-instance-quotas.html)." format: "int64" type: "integer" monitoring: @@ -256,7 +256,7 @@ spec: type: "boolean" type: "object" networkInterfaces: - description: "The network interfaces to associate with the instance. If you specify a network\ninterface, you must specify any security groups and subnets as part of the\nnetwork interface." + description: "The network interfaces to associate with the instance." items: description: "Describes a network interface." properties: @@ -352,7 +352,7 @@ spec: type: "string" type: "object" privateDNSNameOptions: - description: "The options for the instance hostname. The default values are inherited from\nthe subnet." + description: "The options for the instance hostname. The default values are inherited from\nthe subnet. Applies only if creating a network interface, not attaching an\nexisting one." properties: enableResourceNameDNSAAAARecord: type: "boolean" @@ -362,23 +362,23 @@ spec: type: "string" type: "object" privateIPAddress: - description: "[EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4\naddress range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify\nthis option if you've specified the option to designate a private IP address\nas the primary IP address in a network interface specification. You cannot\nspecify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same\nrequest." + description: "The primary IPv4 address. You must specify a value from the IPv4 address\nrange of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify\nthis option if you've specified the option to designate a private IP address\nas the primary IP address in a network interface specification. You cannot\nspecify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same\nrequest." type: "string" ramDiskID: description: "The ID of the RAM disk to select. Some kernels require additional drivers\nat launch. Check the kernel requirements for information about whether you\nneed to specify a RAM disk. To find kernel requirements, go to the Amazon\nWeb Services Resource Center and search for the kernel ID.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more\ninformation, see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html)\nin the Amazon EC2 User Guide." type: "string" securityGroupIDs: - description: "The IDs of the security groups. You can create a security group using CreateSecurityGroup\n(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html).\n\nIf you specify a network interface, you must specify any security groups\nas part of the network interface." + description: "The IDs of the security groups. You can create a security group using CreateSecurityGroup\n(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html).\n\nIf you specify a network interface, you must specify any security groups\nas part of the network interface instead of using this parameter." items: type: "string" type: "array" securityGroups: - description: "[EC2-Classic, default VPC] The names of the security groups. For a nondefault\nVPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups\nas part of the network interface.\n\nDefault: Amazon EC2 uses the default security group." + description: "[Default VPC] The names of the security groups.\n\nIf you specify a network interface, you must specify any security groups\nas part of the network interface instead of using this parameter.\n\nDefault: Amazon EC2 uses the default security group." items: type: "string" type: "array" subnetID: - description: "[EC2-VPC] The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part\nof the network interface." + description: "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part\nof the network interface instead of using this parameter." type: "string" tags: description: "The tags. The value parameter is required, but if you don't want the tag\nto have a value, specify the parameter with no value, and we set the value\nto an empty string." @@ -392,7 +392,7 @@ spec: type: "object" type: "array" userData: - description: "The user data script to make available to the instance. For more information,\nsee Run commands on your Linux instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html)\nand Run commands on your Windows instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-user-data.html).\nIf you are using a command line tool, base64-encoding is performed for you,\nand you can load the text from a file. Otherwise, you must provide base64-encoded\ntext. User data is limited to 16 KB." + description: "The user data to make available to the instance. User data must be base64-encoded.\nDepending on the tool or SDK that you're using, the base64-encoding might\nbe performed for you. For more information, see Work with instance user data\n(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-add-user-data.html)." type: "string" type: "object" status: @@ -422,13 +422,13 @@ spec: description: "The architecture of the image." type: "string" bootMode: - description: "The boot mode of the instance. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html)\nin the Amazon EC2 User Guide." + description: "The boot mode that was specified by the AMI. If the value is uefi-preferred,\nthe AMI supports both UEFI and Legacy BIOS. The currentInstanceBootMode parameter\nis the boot mode that is used to boot the instance at launch or start.\n\nThe operating system contained in the AMI must be configured to support the\nspecified boot mode.\n\nFor more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html)\nin the Amazon EC2 User Guide." type: "string" capacityReservationID: description: "The ID of the Capacity Reservation." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -454,9 +454,9 @@ spec: type: "object" type: "array" elasticGPUAssociations: - description: "The Elastic GPU associated with the instance." + description: "Deprecated.\n\nAmazon Elastic Graphics reached end of life on January 8, 2024." items: - description: "Describes the association between an instance and an Elastic Graphics accelerator." + description: "Amazon Elastic Graphics reached end of life on January 8, 2024.\n\nDescribes the association between an instance and an Elastic Graphics accelerator." properties: elasticGPUAssociationID: type: "string" @@ -469,9 +469,9 @@ spec: type: "object" type: "array" elasticInferenceAcceleratorAssociations: - description: "The elastic inference accelerator associated with the instance." + description: "Deprecated\n\nAmazon Elastic Inference is no longer available." items: - description: "Describes the association between an instance and an elastic inference accelerator." + description: "Amazon Elastic Inference is no longer available.\n\nDescribes the association between an instance and an elastic inference accelerator." properties: elasticInferenceAcceleratorARN: type: "string" @@ -500,7 +500,7 @@ spec: description: "The IPv6 address assigned to the instance." type: "string" launchTime: - description: "The time the instance was launched." + description: "The time that the instance was last launched. To determine the time that\ninstance was first launched, see the attachment time for the primary network\ninterface." format: "date-time" type: "string" licenses: @@ -516,13 +516,13 @@ spec: description: "The Amazon Resource Name (ARN) of the Outpost." type: "string" platform: - description: "The value is Windows for Windows instances; otherwise blank." + description: "The platform. This value is windows for Windows instances; otherwise, it\nis empty." type: "string" platformDetails: description: "The platform details value for the instance. For more information, see AMI\nbilling information fields (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html)\nin the Amazon EC2 User Guide." type: "string" privateDNSName: - description: "(IPv4 only) The private DNS hostname name assigned to the instance. This\nDNS hostname can only be used inside the Amazon EC2 network. This name is\nnot available until the instance enters the running state.\n\n[EC2-VPC] The Amazon-provided DNS server resolves Amazon-provided private\nDNS hostnames if you've enabled DNS resolution and DNS hostnames in your\nVPC. If you are not using the Amazon-provided DNS server in your VPC, your\ncustom domain name servers must resolve the hostname as appropriate." + description: "[IPv4 only] The private DNS hostname name assigned to the instance. This\nDNS hostname can only be used inside the Amazon EC2 network. This name is\nnot available until the instance enters the running state.\n\nThe Amazon-provided DNS server resolves Amazon-provided private DNS hostnames\nif you've enabled DNS resolution and DNS hostnames in your VPC. If you are\nnot using the Amazon-provided DNS server in your VPC, your custom domain\nname servers must resolve the hostname as appropriate." type: "string" productCodes: description: "The product codes attached to this instance, if applicable." @@ -536,7 +536,7 @@ spec: type: "object" type: "array" publicDNSName: - description: "(IPv4 only) The public DNS name assigned to the instance. This name is not\navailable until the instance enters the running state. For EC2-VPC, this\nname is only available if you've enabled DNS hostnames for your VPC." + description: "[IPv4 only] The public DNS name assigned to the instance. This name is not\navailable until the instance enters the running state. This name is only\navailable if you've enabled DNS hostnames for your VPC." type: "string" publicIPAddress: description: "The public IPv4 address, or the Carrier IP address assigned to the instance,\nif applicable.\n\nA Carrier IP address only applies to an instance launched in a subnet associated\nwith a Wavelength Zone." @@ -590,7 +590,7 @@ spec: description: "The virtualization type of the instance." type: "string" vpcID: - description: "[EC2-VPC] The ID of the VPC in which the instance is running." + description: "The ID of the VPC in which the instance is running." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml index 5e737bd2c..05d98ca0e 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml @@ -109,7 +109,7 @@ spec: type: "object" type: "array" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml index a2c45398b..f0e3aee4f 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml @@ -55,7 +55,7 @@ spec: description: "Indicates whether the NAT gateway supports public or private connectivity.\nThe default is public connectivity." type: "string" subnetID: - description: "The subnet in which to create the NAT gateway." + description: "The ID of the subnet in which to create the NAT gateway." type: "string" subnetRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -101,7 +101,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -159,7 +159,7 @@ spec: description: "The ID of the NAT gateway." type: "string" provisionedBandwidth: - description: "Reserved. If you need to sustain traffic greater than the documented limits\n(https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html),\ncontact us through the Support Center (https://console.aws.amazon.com/support/home?)." + description: "Reserved. If you need to sustain traffic greater than the documented limits\n(https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-gateways),\ncontact Amazon Web Services Support." properties: provisionTime: format: "date-time" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml index 49a9ee3bd..94685386a 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml @@ -173,7 +173,7 @@ spec: - "region" type: "object" associations: - description: "The associations between the route table and one or more subnets or a gateway." + description: "The associations between the route table and your subnets or gateways." items: description: "Describes an association between a route table and a subnet or gateway." properties: @@ -198,7 +198,7 @@ spec: type: "object" type: "array" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml index 3cf64dd8d..ba1b2bfd1 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml @@ -34,11 +34,11 @@ spec: description: "SecurityGroupSpec defines the desired state of SecurityGroup.\n\nDescribes a security group." properties: description: - description: "A description for the security group. This is informational only.\n\nConstraints: Up to 255 characters in length\n\nConstraints for EC2-Classic: ASCII characters\n\nConstraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*" + description: "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*" type: "string" egressRules: items: - description: "Describes a set of permissions for a security group rule." + description: "Describes the permissions for a security group rule." properties: fromPort: format: "int64" @@ -47,7 +47,7 @@ spec: type: "string" ipRanges: items: - description: "Describes an IPv4 range." + description: "Describes an IPv4 address range." properties: cidrIP: type: "string" @@ -57,7 +57,7 @@ spec: type: "array" ipv6Ranges: items: - description: "[EC2-VPC only] Describes an IPv6 range." + description: "Describes an IPv6 address range." properties: cidrIPv6: type: "string" @@ -80,7 +80,7 @@ spec: type: "integer" userIDGroupPairs: items: - description: "Describes a security group and Amazon Web Services account ID pair.\n\nWe are retiring EC2-Classic on August 15, 2022. We recommend that you migrate\nfrom EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic\nto a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)\nin the Amazon Elastic Compute Cloud User Guide." + description: "Describes a security group and Amazon Web Services account ID pair." properties: description: type: "string" @@ -126,7 +126,7 @@ spec: type: "array" ingressRules: items: - description: "Describes a set of permissions for a security group rule." + description: "Describes the permissions for a security group rule." properties: fromPort: format: "int64" @@ -135,7 +135,7 @@ spec: type: "string" ipRanges: items: - description: "Describes an IPv4 range." + description: "Describes an IPv4 address range." properties: cidrIP: type: "string" @@ -145,7 +145,7 @@ spec: type: "array" ipv6Ranges: items: - description: "[EC2-VPC only] Describes an IPv6 range." + description: "Describes an IPv6 address range." properties: cidrIPv6: type: "string" @@ -168,7 +168,7 @@ spec: type: "integer" userIDGroupPairs: items: - description: "Describes a security group and Amazon Web Services account ID pair.\n\nWe are retiring EC2-Classic on August 15, 2022. We recommend that you migrate\nfrom EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic\nto a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)\nin the Amazon Elastic Compute Cloud User Guide." + description: "Describes a security group and Amazon Web Services account ID pair." properties: description: type: "string" @@ -213,7 +213,7 @@ spec: type: "object" type: "array" name: - description: "The name of the security group.\n\nConstraints: Up to 255 characters in length. Cannot start with sg-.\n\nConstraints for EC2-Classic: ASCII characters\n\nConstraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*" + description: "The name of the security group.\n\nConstraints: Up to 255 characters in length. Cannot start with sg-.\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*" type: "string" tags: description: "The tags. The value parameter is required, but if you don't want the tag\nto have a value, specify the parameter with no value, and we set the value\nto an empty string." @@ -227,7 +227,7 @@ spec: type: "object" type: "array" vpcID: - description: "[EC2-VPC] The ID of the VPC. Required for EC2-VPC." + description: "The ID of the VPC. Required for a nondefault VPC." type: "string" vpcRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -265,7 +265,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml index 5ae89bfeb..318a95826 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml @@ -39,7 +39,7 @@ spec: assignIPv6AddressOnCreation: type: "boolean" availabilityZone: - description: "The Availability Zone or Local Zone for the subnet.\n\nDefault: Amazon Web Services selects one for you. If you create more than\none subnet in your VPC, we do not necessarily select a different zone for\neach subnet.\n\nTo create a subnet in a Local Zone, set this value to the Local Zone ID,\nfor example us-west-2-lax-1a. For information about the Regions that support\nLocal Zones, see Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions)\nin the Amazon Elastic Compute Cloud User Guide.\n\nTo create a subnet in an Outpost, set this value to the Availability Zone\nfor the Outpost and specify the Outpost ARN." + description: "The Availability Zone or Local Zone for the subnet.\n\nDefault: Amazon Web Services selects one for you. If you create more than\none subnet in your VPC, we do not necessarily select a different zone for\neach subnet.\n\nTo create a subnet in a Local Zone, set this value to the Local Zone ID,\nfor example us-west-2-lax-1a. For information about the Regions that support\nLocal Zones, see Available Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/available-local-zones.html).\n\nTo create a subnet in an Outpost, set this value to the Availability Zone\nfor the Outpost and specify the Outpost ARN." type: "string" availabilityZoneID: description: "The AZ ID or the Local Zone ID of the subnet." @@ -58,7 +58,7 @@ spec: hostnameType: type: "string" ipv6CIDRBlock: - description: "The IPv6 network range for the subnet, in CIDR notation. The subnet size\nmust use a /64 prefix length.\n\nThis parameter is required for an IPv6 only subnet." + description: "The IPv6 network range for the subnet, in CIDR notation. This parameter is\nrequired for an IPv6 only subnet." type: "string" ipv6Native: description: "Indicates whether to create an IPv6 only subnet." @@ -137,7 +137,7 @@ spec: format: "int64" type: "integer" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/transitgateways.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/transitgateways.yaml index 5b0b0349f..f0dd86080 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/transitgateways.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/transitgateways.yaml @@ -94,7 +94,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml index 618ed94a7..71a82365f 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml @@ -52,7 +52,7 @@ spec: description: "(Interface endpoint) Indicates whether to associate a private hosted zone\nwith the specified VPC. The private hosted zone contains a record set for\nthe default public DNS name for the service for the Region (for example,\nkinesis.us-east-1.amazonaws.com), which resolves to the private IP addresses\nof the endpoint network interfaces in the VPC. This enables you to make requests\nto the default public DNS name for the service instead of the public DNS\nnames that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to\ntrue: enableDnsHostnames and enableDnsSupport. Use ModifyVpcAttribute to\nset the VPC attributes.\n\nDefault: true" type: "boolean" routeTableIDs: - description: "(Gateway endpoint) One or more route table IDs." + description: "(Gateway endpoint) The route table IDs." items: type: "string" type: "array" @@ -71,7 +71,7 @@ spec: type: "object" type: "array" securityGroupIDs: - description: "(Interface endpoint) The ID of one or more security groups to associate with\nthe endpoint network interface." + description: "(Interface endpoint) The IDs of the security groups to associate with the\nendpoint network interfaces. If this parameter is not specified, we use the\ndefault security group for the VPC." items: type: "string" type: "array" @@ -90,10 +90,10 @@ spec: type: "object" type: "array" serviceName: - description: "The service name. To get a list of available services, use the DescribeVpcEndpointServices\nrequest, or get the name from the service provider." + description: "The name of the endpoint service." type: "string" subnetIDs: - description: "(Interface and Gateway Load Balancer endpoints) The ID of one or more subnets\nin which to create an endpoint network interface. For a Gateway Load Balancer\nendpoint, you can specify one subnet only." + description: "(Interface and Gateway Load Balancer endpoints) The IDs of the subnets in\nwhich to create endpoint network interfaces. For a Gateway Load Balancer\nendpoint, you can specify only one subnet." items: type: "string" type: "array" @@ -126,7 +126,7 @@ spec: description: "The type of endpoint.\n\nDefault: Gateway" type: "string" vpcID: - description: "The ID of the VPC in which the endpoint will be used." + description: "The ID of the VPC." type: "string" vpcRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -140,8 +140,6 @@ spec: type: "string" type: "object" type: "object" - required: - - "serviceName" type: "object" status: description: "VPCEndpointStatus defines the observed state of VPCEndpoint" @@ -163,7 +161,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -223,7 +221,7 @@ spec: type: "string" type: "object" networkInterfaceIDs: - description: "(Interface endpoint) One or more network interfaces for the endpoint." + description: "(Interface endpoint) The network interfaces for the endpoint." items: type: "string" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcs.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcs.yaml index 619677a6f..b83b9a0b3 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcs.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcs.yaml @@ -130,7 +130,7 @@ spec: type: "object" type: "array" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/pullthroughcacherules.yaml b/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/pullthroughcacherules.yaml index c18dcbb73..227baef33 100644 --- a/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/pullthroughcacherules.yaml +++ b/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/pullthroughcacherules.yaml @@ -32,12 +32,21 @@ spec: ecrRepositoryPrefix: description: "The repository name prefix to use when caching images from the source registry." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" registryID: description: "The Amazon Web Services account ID associated with the registry to create\nthe pull through cache rule for. If you do not specify a registry, the default\nregistry is assumed." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" upstreamRegistryURL: - description: "The registry URL of the upstream public registry to use as the source for\nthe pull through cache rule." + description: "The registry URL of the upstream public registry to use as the source for\nthe pull through cache rule. The following is the syntax to use for each\nsupported upstream registry.\n\n * Amazon ECR Public (ecr-public) - public.ecr.aws\n\n * Docker Hub (docker-hub) - registry-1.docker.io\n\n * Quay (quay) - quay.io\n\n * Kubernetes (k8s) - registry.k8s.io\n\n * GitHub Container Registry (github-container-registry) - ghcr.io\n\n * Microsoft Azure Container Registry (azure-container-registry) - .azurecr.io" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" required: - "ecrRepositoryPrefix" - "upstreamRegistryURL" @@ -62,7 +71,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/repositories.yaml b/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/repositories.yaml index 2a4b50071..7068382ba 100644 --- a/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/repositories.yaml +++ b/crd-catalog/aws-controllers-k8s/ecr-controller/ecr.services.k8s.aws/v1alpha1/repositories.yaml @@ -60,7 +60,7 @@ spec: description: "The JSON repository policy text to apply to the repository." type: "string" name: - description: "The name to use for the repository. The repository name may be specified\non its own (such as nginx-web-app) or it can be prepended with a namespace\nto group the repository into a category (such as project-a/nginx-web-app)." + description: "The name to use for the repository. The repository name may be specified\non its own (such as nginx-web-app) or it can be prepended with a namespace\nto group the repository into a category (such as project-a/nginx-web-app).\n\nThe repository name must start with a letter and can only contain lowercase\nletters, numbers, hyphens, underscores, and forward slashes." type: "string" policy: description: "The JSON repository policy text to apply to the repository. For more information,\nsee Amazon ECR repository policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html)\nin the Amazon Elastic Container Registry User Guide." @@ -102,7 +102,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml index 26ba56b4d..84f47ad56 100644 --- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml +++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml @@ -57,6 +57,9 @@ spec: fileSystemID: description: "The ID of the EFS file system that the access point provides access to." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" fileSystemRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -84,6 +87,9 @@ spec: format: "int64" type: "integer" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" rootDirectory: description: "Specifies the directory on the EFS file system that the access point exposes\nas the root directory of your file system to NFS clients using the access\npoint. The clients using the access point can only access the root directory\nand below. If the RootDirectory > Path specified does not exist, Amazon EFS\ncreates it and applies the CreationInfo settings when a client connects to\nan access point. When specifying a RootDirectory, you must provide the Path,\nand the CreationInfo.\n\nAmazon EFS creates a root directory only if you have provided the CreationInfo:\nOwnUid, OwnGID, and permissions for the directory. If you do not provide\nthis information, Amazon EFS does not create the root directory. If the root\ndirectory does not exist, attempts to mount using the access point will fail." properties: @@ -102,6 +108,9 @@ spec: path: type: "string" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" tags: description: "Creates tags associated with the access point. Each tag is a key-value pair,\neach key must be unique. For more information, see Tagging Amazon Web Services\nresources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)\nin the Amazon Web Services General Reference Guide." items: @@ -137,7 +146,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml index af3ba9fdf..2d2e21b67 100644 --- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml +++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml @@ -64,7 +64,7 @@ spec: description: "FileSystemSpec defines the desired state of FileSystem." properties: availabilityZoneName: - description: "Used to create a One Zone file system. It specifies the Amazon Web Services\nAvailability Zone in which to create the file system. Use the format us-east-1a\nto specify the Availability Zone. For more information about One Zone file\nsystems, see Using EFS storage classes (https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html)\nin the Amazon EFS User Guide.\n\nOne Zone file systems are not available in all Availability Zones in Amazon\nWeb Services Regions where Amazon EFS is available." + description: "For One Zone file systems, specify the Amazon Web Services Availability Zone\nin which to create the file system. Use the format us-east-1a to specify\nthe Availability Zone. For more information about One Zone file systems,\nsee EFS file system types (https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type)\nin the Amazon EFS User Guide.\n\nOne Zone file systems are not available in all Availability Zones in Amazon\nWeb Services Regions where Amazon EFS is available." type: "string" backup: description: "Specifies whether automatic backups are enabled on the file system that you\nare creating. Set the value to true to enable automatic backups. If you are\ncreating a One Zone file system, automatic backups are enabled by default.\nFor more information, see Automatic backups (https://docs.aws.amazon.com/efs/latest/ug/awsbackup.html#automatic-backups)\nin the Amazon EFS User Guide.\n\nDefault is false. However, if you specify an AvailabilityZoneName, the default\nis true.\n\nBackup is not available in all Amazon Web Services Regions where Amazon EFS\nis available." @@ -99,9 +99,9 @@ spec: type: "object" type: "object" lifecyclePolicies: - description: "An array of LifecyclePolicy objects that define the file system's LifecycleConfiguration\nobject. A LifecycleConfiguration object informs EFS Lifecycle management\nof the following:\n\n * TransitionToIA – When to move files in the file system from primary\n storage (Standard storage class) into the Infrequent Access (IA) storage.\n\n * TransitionToArchive – When to move files in the file system from their\n current storage class (either IA or Standard storage) into the Archive\n storage. File systems cannot transition into Archive storage before transitioning\n into IA storage. Therefore, TransitionToArchive must either not be set\n or must be later than TransitionToIA. The Archive storage class is available\n only for file systems that use the Elastic Throughput mode and the General\n Purpose Performance mode.\n\n * TransitionToPrimaryStorageClass – Whether to move files in the file\n system back to primary storage (Standard storage class) after they are\n accessed in IA or Archive storage.\n\nWhen using the put-lifecycle-configuration CLI command or the PutLifecycleConfiguration\nAPI action, Amazon EFS requires that each LifecyclePolicy object have only\na single transition. This means that in a request body, LifecyclePolicies\nmust be structured as an array of LifecyclePolicy objects, one object for\neach storage transition. See the example requests in the following section\nfor more information." + description: "An array of LifecyclePolicy objects that define the file system's LifecycleConfiguration\nobject. A LifecycleConfiguration object informs lifecycle management of the\nfollowing:\n\n * TransitionToIA – When to move files in the file system from primary\n storage (Standard storage class) into the Infrequent Access (IA) storage.\n\n * TransitionToArchive – When to move files in the file system from their\n current storage class (either IA or Standard storage) into the Archive\n storage. File systems cannot transition into Archive storage before transitioning\n into IA storage. Therefore, TransitionToArchive must either not be set\n or must be later than TransitionToIA. The Archive storage class is available\n only for file systems that use the Elastic throughput mode and the General\n Purpose performance mode.\n\n * TransitionToPrimaryStorageClass – Whether to move files in the file\n system back to primary storage (Standard storage class) after they are\n accessed in IA or Archive storage.\n\nWhen using the put-lifecycle-configuration CLI command or the PutLifecycleConfiguration\nAPI action, Amazon EFS requires that each LifecyclePolicy object have only\na single transition. This means that in a request body, LifecyclePolicies\nmust be structured as an array of LifecyclePolicy objects, one object for\neach storage transition. See the example requests in the following section\nfor more information." items: - description: "Describes a policy used by Lifecycle management that specifies when to transition\nfiles into and out of storage classes. For more information, see Managing\nfile system storage (https://docs.aws.amazon.com/efs/latest/ug/lifecycle-management-efs.html).\n\nWhen using the put-lifecycle-configuration CLI command or the PutLifecycleConfiguration\nAPI action, Amazon EFS requires that each LifecyclePolicy object have only\na single transition. This means that in a request body, LifecyclePolicies\nmust be structured as an array of LifecyclePolicy objects, one object for\neach transition. For more information, see the request examples in PutLifecycleConfiguration." + description: "Describes a policy used by lifecycle management that specifies when to transition\nfiles into and out of storage classes. For more information, see Managing\nfile system storage (https://docs.aws.amazon.com/efs/latest/ug/lifecycle-management-efs.html).\n\nWhen using the put-lifecycle-configuration CLI command or the PutLifecycleConfiguration\nAPI action, Amazon EFS requires that each LifecyclePolicy object have only\na single transition. This means that in a request body, LifecyclePolicies\nmust be structured as an array of LifecyclePolicy objects, one object for\neach transition. For more information, see the request examples in PutLifecycleConfiguration." properties: transitionToArchive: type: "string" @@ -112,10 +112,10 @@ spec: type: "object" type: "array" performanceMode: - description: "The Performance mode of the file system. We recommend generalPurpose performance\nmode for all file systems. File systems using the maxIO performance mode\ncan scale to higher levels of aggregate throughput and operations per second\nwith a tradeoff of slightly higher latencies for most file operations. The\nperformance mode can't be changed after the file system has been created.\nThe maxIO mode is not supported on One Zone file systems.\n\nDue to the higher per-operation latencies with Max I/O, we recommend using\nGeneral Purpose performance mode for all file systems.\n\nDefault is generalPurpose." + description: "The performance mode of the file system. We recommend generalPurpose performance\nmode for all file systems. File systems using the maxIO performance mode\ncan scale to higher levels of aggregate throughput and operations per second\nwith a tradeoff of slightly higher latencies for most file operations. The\nperformance mode can't be changed after the file system has been created.\nThe maxIO mode is not supported on One Zone file systems.\n\nDue to the higher per-operation latencies with Max I/O, we recommend using\nGeneral Purpose performance mode for all file systems.\n\nDefault is generalPurpose." type: "string" policy: - description: "The FileSystemPolicy that you're creating. Accepts a JSON formatted policy\ndefinition. EFS file system policies have a 20,000 character limit. To find\nout more about the elements that make up a file system policy, see EFS Resource-based\nPolicies (https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies)." + description: "The FileSystemPolicy that you're creating. Accepts a JSON formatted policy\ndefinition. EFS file system policies have a 20,000 character limit. To find\nout more about the elements that make up a file system policy, see Resource-based\npolicies within Amazon EFS (https://docs.aws.amazon.com/efs/latest/ug/security_iam_service-with-iam.html#security_iam_service-with-iam-resource-based-policies)." type: "string" provisionedThroughputInMiBps: description: "The throughput, measured in mebibytes per second (MiBps), that you want to\nprovision for a file system that you're creating. Required if ThroughputMode\nis set to provisioned. Valid values are 1-3414 MiBps, with the upper limit\ndepending on Region. To increase this limit, contact Amazon Web Services\nSupport. For more information, see Amazon EFS quotas that you can increase\n(https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the\nAmazon EFS User Guide." @@ -158,7 +158,7 @@ spec: description: "The unique and consistent identifier of the Availability Zone in which the\nfile system is located, and is valid only for One Zone file systems. For\nexample, use1-az1 is an Availability Zone ID for the us-east-1 Amazon Web\nServices Region, and it has the same location in every Amazon Web Services\naccount." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml index 074da3bdf..70a948b06 100644 --- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml +++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml @@ -142,7 +142,7 @@ spec: description: "The name of the Availability Zone in which the mount target is located. Availability\nZones are independently mapped to names for each Amazon Web Services account.\nFor example, the Availability Zone us-east-1a for your Amazon Web Services\naccount might not be the same location as us-east-1a for another Amazon Web\nServices account." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml index 044065ad7..3422740c1 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml @@ -57,7 +57,7 @@ spec: description: "The version of the add-on. The version must match one of the versions returned\nby DescribeAddonVersions (https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html)." type: "string" clientRequestToken: - description: "A unique, case-sensitive identifier that you provide to ensure the idempotency\nof the request." + description: "A unique, case-sensitive identifier that you provide to ensurethe idempotency\nof the request." type: "string" clusterName: description: "The name of your cluster." @@ -137,7 +137,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml index eff0877ca..b50b1e48e 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml @@ -62,8 +62,20 @@ spec: description: "If you set this value to False when creating a cluster, the default networking\nadd-ons will not be installed.\n\nThe default networking addons include vpc-cni, coredns, and kube-proxy.\n\nUse this option when you plan to install third-party alternative add-ons\nor self-manage the default networking add-ons." type: "boolean" clientRequestToken: - description: "A unique, case-sensitive identifier that you provide to ensure the idempotency\nof the request." + description: "A unique, case-sensitive identifier that you provide to ensurethe idempotency\nof the request." type: "string" + computeConfig: + description: "Enable or disable the compute capability of EKS Auto Mode when creating your\nEKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode\nwill create and delete EC2 Managed Instances in your Amazon Web Services\naccount" + properties: + enabled: + type: "boolean" + nodePools: + items: + type: "string" + type: "array" + nodeRoleARN: + type: "string" + type: "object" encryptionConfig: description: "The encryption configuration for the cluster." items: @@ -96,6 +108,12 @@ spec: kubernetesNetworkConfig: description: "The Kubernetes network configuration for the cluster." properties: + elasticLoadBalancing: + description: "Indicates the current configuration of the load balancing capability on your\nEKS Auto Mode cluster. For example, if the capability is enabled or disabled.\nFor more information, see EKS Auto Mode load balancing capability in the\nEKS User Guide." + properties: + enabled: + type: "boolean" + type: "object" ipFamily: type: "string" serviceIPv4CIDR: @@ -118,7 +136,7 @@ spec: type: "array" type: "object" name: - description: "The unique name to give to your cluster." + description: "The unique name to give to your cluster. The name can contain only alphanumeric\ncharacters (case-sensitive),hyphens, and underscores. It must start with\nan alphanumeric character and can't be longer than100 characters. The name\nmust be unique within the Amazon Web Services Region and Amazon Web Services\naccount that you're creating the cluster in." type: "string" outpostConfig: description: "An object representing the configuration of your local Amazon EKS cluster\non an Amazon Web Services Outpost. Before creating a local cluster on an\nOutpost, review Local clusters for Amazon EKS on Amazon Web Services Outposts\n(https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-local-cluster-overview.html)\nin the Amazon EKS User Guide. This object isn't available for creating Amazon\nEKS clusters on the Amazon Web Services cloud." @@ -136,6 +154,30 @@ spec: type: "string" type: "array" type: "object" + remoteNetworkConfig: + description: "The configuration in the cluster for EKS Hybrid Nodes. You can't change or\nupdate this configuration after the cluster is created." + properties: + remoteNodeNetworks: + items: + description: "A network CIDR that can contain hybrid nodes." + properties: + cidrs: + items: + type: "string" + type: "array" + type: "object" + type: "array" + remotePodNetworks: + items: + description: "A network CIDR that can contain pods that run Kubernetes webhooks on hybrid\nnodes." + properties: + cidrs: + items: + type: "string" + type: "array" + type: "object" + type: "array" + type: "object" resourcesVPCConfig: description: "The VPC configuration that's used by the cluster control plane. Amazon EKS\nVPC resources have specific requirements to work properly with Kubernetes.\nFor more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html)\nand Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html)\nin the Amazon EKS User Guide. You must specify at least two subnets. You\ncan specify up to five security groups. However, we recommend that you use\na dedicated security group for your cluster control plane." properties: @@ -201,6 +243,16 @@ spec: type: "string" type: "object" type: "object" + storageConfig: + description: "Enable or disable the block storage capability of EKS Auto Mode when creating\nyour EKS Auto Mode cluster. If the block storage capability is enabled, EKS\nAuto Mode will create and delete EBS volumes in your Amazon Web Services\naccount." + properties: + blockStorage: + description: "Indicates the current configuration of the block storage capability on your\nEKS Auto Mode cluster. For example, if the capability is enabled or disabled.\nIf the block storage capability is enabled, EKS Auto Mode will create and\ndelete EBS volumes in your Amazon Web Services account. For more information,\nsee EKS Auto Mode block storage capability in the EKS User Guide." + properties: + enabled: + type: "boolean" + type: "object" + type: "object" tags: additionalProperties: type: "string" @@ -215,6 +267,12 @@ spec: version: description: "The desired Kubernetes version for your cluster. If you don't specify a value\nhere, the default version available in Amazon EKS is used.\n\nThe default version might not be the latest version available." type: "string" + zonalShiftConfig: + description: "Enable or disable ARC zonal shift for the cluster. If zonal shift is enabled,\nAmazon Web Services configures zonal autoshift for the cluster.\n\nZonal shift is a feature of Amazon Application Recovery Controller (ARC).\nARC zonal shift is designed to be a temporary measure that allows you to\nmove traffic for a resource away from an impaired AZ until the zonal shift\nexpires or you cancel it. You can extend the zonal shift if necessary.\n\nYou can start a zonal shift for an EKS cluster, or you can allow Amazon Web\nServices to do it for you by enabling zonal autoshift. This shift updates\nthe flow of east-to-west network traffic in your cluster to only consider\nnetwork endpoints for Pods running on worker nodes in healthy AZs. Additionally,\nany ALB or NLB handling ingress traffic for applications in your EKS cluster\nwill automatically route traffic to targets in the healthy AZs. For more\ninformation about zonal shift in EKS, see Learn about Amazon Application\nRecovery Controller (ARC) Zonal Shift in Amazon EKS (https://docs.aws.amazon.com/eks/latest/userguide/zone-shift.html)\nin the Amazon EKS User Guide ." + properties: + enabled: + type: "boolean" + type: "object" required: - "name" - "resourcesVPCConfig" @@ -245,7 +303,7 @@ spec: type: "string" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml index bfeae6602..e01e9d0b0 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml @@ -47,7 +47,7 @@ spec: description: "FargateProfileSpec defines the desired state of FargateProfile.\n\nAn object representing an Fargate profile." properties: clientRequestToken: - description: "A unique, case-sensitive identifier that you provide to ensure the idempotency\nof the request." + description: "A unique, case-sensitive identifier that you provide to ensurethe idempotency\nof the request." type: "string" clusterName: description: "The name of your cluster." @@ -142,7 +142,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml index 0db13254b..67f61fb6e 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml @@ -69,7 +69,7 @@ spec: description: "The capacity type for your node group." type: "string" clientRequestToken: - description: "A unique, case-sensitive identifier that you provide to ensure the idempotency\nof the request." + description: "A unique, case-sensitive identifier that you provide to ensurethe idempotency\nof the request." type: "string" clusterName: description: "The name of your cluster." @@ -90,6 +90,9 @@ spec: description: "The root device disk size (in GiB) for your node group instances. The default\ndisk size is 20 GiB for Linux and Bottlerocket. The default disk size is\n50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize,\nor the node group deployment will fail. For more information about using\nlaunch templates with Amazon EKS, see Customizing managed nodes with launch\ntemplates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html)\nin the Amazon EKS User Guide." format: "int64" type: "integer" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" instanceTypes: description: "Specify the instance types for a node group. If you specify a GPU instance\ntype, make sure to also specify an applicable GPU AMI type with the amiType\nparameter. If you specify launchTemplate, then you can specify zero or one\ninstance type in your launch template or you can specify 0-20 instance types\nfor instanceTypes. If however, you specify an instance type in your launch\ntemplate and specify any instanceTypes, the node group deployment will fail.\nIf you don't specify an instance type in a launch template or for instanceTypes,\nthen t3.medium is used, by default. If you specify Spot for capacityType,\nthen we recommend specifying multiple values for instanceTypes. For more\ninformation, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types)\nand Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html)\nin the Amazon EKS User Guide." items: @@ -116,6 +119,9 @@ spec: nodeRole: description: "The Amazon Resource Name (ARN) of the IAM role to associate with your node\ngroup. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web\nServices APIs on your behalf. Nodes receive permissions for these API calls\nthrough an IAM instance profile and associated policies. Before you can launch\nnodes and register them into a cluster, you must create an IAM role for those\nnodes to use when they are launched. For more information, see Amazon EKS\nnode IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)\nin the Amazon EKS User Guide . If you specify launchTemplate, then don't\nspecify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)\nin your launch template, or the node group deployment will fail. For more\ninformation about using launch templates with Amazon EKS, see Customizing\nmanaged nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html)\nin the Amazon EKS User Guide." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" nodeRoleRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -156,6 +162,9 @@ spec: type: "string" type: "array" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" scalingConfig: description: "The scaling configuration details for the Auto Scaling group that is created\nfor your node group." properties: @@ -188,6 +197,9 @@ spec: items: type: "string" type: "array" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" tags: additionalProperties: type: "string" @@ -242,7 +254,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cacheparametergroups.yaml b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cacheparametergroups.yaml index d58cdde65..e52d91cb8 100644 --- a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cacheparametergroups.yaml +++ b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cacheparametergroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "cacheparametergroups.elasticache.services.k8s.aws" spec: group: "elasticache.services.k8s.aws" @@ -27,10 +27,10 @@ spec: metadata: type: "object" spec: - description: "CacheParameterGroupSpec defines the desired state of CacheParameterGroup.\n\n\nRepresents the output of a CreateCacheParameterGroup operation." + description: "CacheParameterGroupSpec defines the desired state of CacheParameterGroup.\n\nRepresents the output of a CreateCacheParameterGroup operation." properties: cacheParameterGroupFamily: - description: "The name of the cache parameter group family that the cache parameter group\ncan be used with.\n\n\nValid values are: memcached1.4 | memcached1.5 | memcached1.6 | redis2.6 |\nredis2.8 | redis3.2 | redis4.0 | redis5.0 | redis6.x" + description: "The name of the cache parameter group family that the cache parameter group\ncan be used with.\n\nValid values are: memcached1.4 | memcached1.5 | memcached1.6 | redis2.6 |\nredis2.8 | redis3.2 | redis4.0 | redis5.0 | redis6.x | redis7" type: "string" cacheParameterGroupName: description: "A user-specified name for the cache parameter group." @@ -72,7 +72,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -85,7 +85,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cachesubnetgroups.yaml b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cachesubnetgroups.yaml index acce58be1..8d99174e3 100644 --- a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cachesubnetgroups.yaml +++ b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/cachesubnetgroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "cachesubnetgroups.elasticache.services.k8s.aws" spec: group: "elasticache.services.k8s.aws" @@ -27,13 +27,13 @@ spec: metadata: type: "object" spec: - description: "CacheSubnetGroupSpec defines the desired state of CacheSubnetGroup.\n\n\nRepresents the output of one of the following operations:\n\n\n * CreateCacheSubnetGroup\n\n\n * ModifyCacheSubnetGroup" + description: "CacheSubnetGroupSpec defines the desired state of CacheSubnetGroup.\n\nRepresents the output of one of the following operations:\n\n * CreateCacheSubnetGroup\n\n * ModifyCacheSubnetGroup" properties: cacheSubnetGroupDescription: description: "A description for the cache subnet group." type: "string" cacheSubnetGroupName: - description: "A name for the cache subnet group. This value is stored as a lowercase string.\n\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\n\nExample: mysubnetgroup" + description: "A name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: mysubnetgroup" type: "string" subnetIDs: description: "A list of VPC subnet IDs for the cache subnet group." @@ -42,13 +42,15 @@ spec: type: "array" subnetRefs: items: - description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t name: my-api" + description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: from: description: "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)" properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -74,7 +76,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -87,7 +89,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/replicationgroups.yaml b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/replicationgroups.yaml index 1f1f5b665..58f4ab764 100644 --- a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/replicationgroups.yaml +++ b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/replicationgroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "replicationgroups.elasticache.services.k8s.aws" spec: group: "elasticache.services.k8s.aws" @@ -27,13 +27,13 @@ spec: metadata: type: "object" spec: - description: "ReplicationGroupSpec defines the desired state of ReplicationGroup.\n\n\nContains all of the attributes of a specific Redis replication group." + description: "ReplicationGroupSpec defines the desired state of ReplicationGroup.\n\nContains all of the attributes of a specific Valkey or Redis OSS replication\ngroup." properties: atRestEncryptionEnabled: - description: "A flag that enables encryption at rest when set to true.\n\n\nYou cannot modify the value of AtRestEncryptionEnabled after the replication\ngroup is created. To enable encryption at rest on a replication group you\nmust set AtRestEncryptionEnabled to true when you create the replication\ngroup.\n\n\nRequired: Only available when creating a replication group in an Amazon VPC\nusing redis version 3.2.6, 4.x or later.\n\n\nDefault: false" + description: "A flag that enables encryption at rest when set to true.\n\nYou cannot modify the value of AtRestEncryptionEnabled after the replication\ngroup is created. To enable encryption at rest on a replication group you\nmust set AtRestEncryptionEnabled to true when you create the replication\ngroup.\n\nRequired: Only available when creating a replication group in an Amazon VPC\nusing Redis OSS version 3.2.6, 4.x or later.\n\nDefault: false" type: "boolean" authToken: - description: "Reserved parameter. The password used to access a password protected server.\n\n\nAuthToken can be specified only on replication groups where TransitEncryptionEnabled\nis true.\n\n\nFor HIPAA compliance, you must specify TransitEncryptionEnabled as true,\nan AuthToken, and a CacheSubnetGroup.\n\n\nPassword constraints:\n\n\n * Must be only printable ASCII characters.\n\n\n * Must be at least 16 characters and no more than 128 characters in length.\n\n\n * The only permitted printable special characters are !, &, #, $, ^, <,\n >, and -. Other printable special characters cannot be used in the AUTH\n token.\n\n\nFor more information, see AUTH password (http://redis.io/commands/AUTH) at\nhttp://redis.io/commands/AUTH." + description: "Reserved parameter. The password used to access a password protected server.\n\nAuthToken can be specified only on replication groups where TransitEncryptionEnabled\nis true.\n\nFor HIPAA compliance, you must specify TransitEncryptionEnabled as true,\nan AuthToken, and a CacheSubnetGroup.\n\nPassword constraints:\n\n * Must be only printable ASCII characters.\n\n * Must be at least 16 characters and no more than 128 characters in length." properties: key: description: "Key is the key within the secret" @@ -49,22 +49,24 @@ spec: type: "object" x-kubernetes-map-type: "atomic" automaticFailoverEnabled: - description: "Specifies whether a read-only replica is automatically promoted to read/write\nprimary if the existing primary fails.\n\n\nAutomaticFailoverEnabled must be enabled for Redis (cluster mode enabled)\nreplication groups.\n\n\nDefault: false" + description: "Specifies whether a read-only replica is automatically promoted to read/write\nprimary if the existing primary fails.\n\nAutomaticFailoverEnabled must be enabled for Valkey or Redis OSS (cluster\nmode enabled) replication groups.\n\nDefault: false" type: "boolean" cacheNodeType: - description: "The compute and memory capacity of the nodes in the node group (shard).\n\n\nThe following node types are supported by ElastiCache. Generally speaking,\nthe current generation types provide more memory and computational power\nat lower cost when compared to their equivalent previous generation counterparts.\n\n\n * General purpose: Current generation: M6g node types (available only\n for Redis engine version 5.0.6 onward and for Memcached engine version\n 1.5.16 onward): cache.m6g.large, cache.m6g.xlarge, cache.m6g.2xlarge,\n cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, cache.m6g.16xlarge\n For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, cache.m5.4xlarge,\n cache.m5.12xlarge, cache.m5.24xlarge M4 node types: cache.m4.large, cache.m4.xlarge,\n cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge T4g node types (available\n only for Redis engine version 5.0.6 onward and Memcached engine version\n 1.5.16 onward): cache.t4g.micro, cache.t4g.small, cache.t4g.medium T3\n node types: cache.t3.micro, cache.t3.small, cache.t3.medium T2 node types:\n cache.t2.micro, cache.t2.small, cache.t2.medium Previous generation: (not\n recommended. Existing clusters are still supported but creation of new\n clusters is not supported for these types.) T1 node types: cache.t1.micro\n M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, cache.m1.xlarge\n M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, cache.m3.2xlarge\n\n\n * Compute optimized: Previous generation: (not recommended. Existing clusters\n are still supported but creation of new clusters is not supported for\n these types.) C1 node types: cache.c1.xlarge\n\n\n * Memory optimized with data tiering: Current generation: R6gd node types\n (available only for Redis engine version 6.2 onward). cache.r6gd.xlarge,\n cache.r6gd.2xlarge, cache.r6gd.4xlarge, cache.r6gd.8xlarge, cache.r6gd.12xlarge,\n cache.r6gd.16xlarge\n\n\n * Memory optimized: Current generation: R6g node types (available only\n for Redis engine version 5.0.6 onward and for Memcached engine version\n 1.5.16 onward). cache.r6g.large, cache.r6g.xlarge, cache.r6g.2xlarge,\n cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, cache.r6g.16xlarge\n For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, cache.r5.4xlarge,\n cache.r5.12xlarge, cache.r5.24xlarge R4 node types: cache.r4.large, cache.r4.xlarge,\n cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, cache.r4.16xlarge\n Previous generation: (not recommended. Existing clusters are still supported\n but creation of new clusters is not supported for these types.) M2 node\n types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge R3 node types:\n cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, cache.r3.8xlarge\n\n\nAdditional node type info\n\n\n * All current generation instance types are created in Amazon VPC by default.\n\n\n * Redis append-only files (AOF) are not supported for T1 or T2 instances.\n\n\n * Redis Multi-AZ with automatic failover is not supported on T1 instances.\n\n\n * Redis configuration variables appendonly and appendfsync are not supported\n on Redis version 2.8.22 and later." + description: "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking,\nthe current generation types provide more memory and computational power\nat lower cost when compared to their equivalent previous generation counterparts.\n\n * General purpose: Current generation: M7g node types: cache.m7g.large,\n cache.m7g.xlarge, cache.m7g.2xlarge, cache.m7g.4xlarge, cache.m7g.8xlarge,\n cache.m7g.12xlarge, cache.m7g.16xlarge For region availability, see Supported\n Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n M6g node types (available only for Redis OSS engine version 5.0.6 onward\n and for Memcached engine version 1.5.16 onward): cache.m6g.large, cache.m6g.xlarge,\n cache.m6g.2xlarge, cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge,\n cache.m6g.16xlarge M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge,\n cache.m5.4xlarge, cache.m5.12xlarge, cache.m5.24xlarge M4 node types:\n cache.m4.large, cache.m4.xlarge, cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge\n T4g node types (available only for Redis OSS engine version 5.0.6 onward\n and Memcached engine version 1.5.16 onward): cache.t4g.micro, cache.t4g.small,\n cache.t4g.medium T3 node types: cache.t3.micro, cache.t3.small, cache.t3.medium\n T2 node types: cache.t2.micro, cache.t2.small, cache.t2.medium Previous\n generation: (not recommended. Existing clusters are still supported but\n creation of new clusters is not supported for these types.) T1 node types:\n cache.t1.micro M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large,\n cache.m1.xlarge M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge,\n cache.m3.2xlarge\n\n * Compute optimized: Previous generation: (not recommended. Existing clusters\n are still supported but creation of new clusters is not supported for\n these types.) C1 node types: cache.c1.xlarge\n\n * Memory optimized: Current generation: R7g node types: cache.r7g.large,\n cache.r7g.xlarge, cache.r7g.2xlarge, cache.r7g.4xlarge, cache.r7g.8xlarge,\n cache.r7g.12xlarge, cache.r7g.16xlarge For region availability, see Supported\n Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n R6g node types (available only for Redis OSS engine version 5.0.6 onward\n and for Memcached engine version 1.5.16 onward): cache.r6g.large, cache.r6g.xlarge,\n cache.r6g.2xlarge, cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge,\n cache.r6g.16xlarge R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge,\n cache.r5.4xlarge, cache.r5.12xlarge, cache.r5.24xlarge R4 node types:\n cache.r4.large, cache.r4.xlarge, cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge,\n cache.r4.16xlarge Previous generation: (not recommended. Existing clusters\n are still supported but creation of new clusters is not supported for\n these types.) M2 node types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge\n R3 node types: cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge,\n cache.r3.8xlarge\n\nAdditional node type info\n\n * All current generation instance types are created in Amazon VPC by default.\n\n * Valkey or Redis OSS append-only files (AOF) are not supported for T1\n or T2 instances.\n\n * Valkey or Redis OSS Multi-AZ with automatic failover is not supported\n on T1 instances.\n\n * The configuration variables appendonly and appendfsync are not supported\n on Valkey, or on Redis OSS version 2.8.22 and later." type: "string" cacheParameterGroupName: - description: "The name of the parameter group to associate with this replication group.\nIf this argument is omitted, the default cache parameter group for the specified\nengine is used.\n\n\nIf you are running Redis version 3.2.4 or later, only one node group (shard),\nand want to use a default parameter group, we recommend that you specify\nthe parameter group by name.\n\n\n * To create a Redis (cluster mode disabled) replication group, use CacheParameterGroupName=default.redis3.2.\n\n\n * To create a Redis (cluster mode enabled) replication group, use CacheParameterGroupName=default.redis3.2.cluster.on." + description: "The name of the parameter group to associate with this replication group.\nIf this argument is omitted, the default cache parameter group for the specified\nengine is used.\n\nIf you are running Valkey or Redis OSS version 3.2.4 or later, only one node\ngroup (shard), and want to use a default parameter group, we recommend that\nyou specify the parameter group by name.\n\n * To create a Valkey or Redis OSS (cluster mode disabled) replication\n group, use CacheParameterGroupName=default.redis3.2.\n\n * To create a Valkey or Redis OSS (cluster mode enabled) replication group,\n use CacheParameterGroupName=default.redis3.2.cluster.on." type: "string" cacheParameterGroupRef: - description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t name: my-api" + description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: from: description: "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)" properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" cacheSecurityGroupNames: @@ -73,29 +75,31 @@ spec: type: "string" type: "array" cacheSubnetGroupName: - description: "The name of the cache subnet group to be used for the replication group.\n\n\nIf you're going to launch your cluster in an Amazon VPC, you need to create\na subnet group before you start creating a cluster. For more information,\nsee Subnets and Subnet Groups (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SubnetGroups.html)." + description: "The name of the cache subnet group to be used for the replication group.\n\nIf you're going to launch your cluster in an Amazon VPC, you need to create\na subnet group before you start creating a cluster. For more information,\nsee Subnets and Subnet Groups (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SubnetGroups.html)." type: "string" cacheSubnetGroupRef: - description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t name: my-api" + description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: from: description: "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)" properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" dataTieringEnabled: - description: "Enables data tiering. Data tiering is only supported for replication groups\nusing the r6gd node type. This parameter must be set to true when using r6gd\nnodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html)." + description: "Enables data tiering. Data tiering is only supported for replication groups\nusing the r6gd node type. This parameter must be set to true when using r6gd\nnodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html)." type: "boolean" description: description: "A user-created description for the replication group." type: "string" engine: - description: "The name of the cache engine to be used for the clusters in this replication\ngroup. Must be Redis." + description: "The name of the cache engine to be used for the clusters in this replication\ngroup. The value must be set to Redis." type: "string" engineVersion: - description: "The version number of the cache engine to be used for the clusters in this\nreplication group. To view the supported cache engine versions, use the DescribeCacheEngineVersions\noperation.\n\n\nImportant: You can upgrade to a newer engine version (see Selecting a Cache\nEngine and Version (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html#VersionManagement))\nin the ElastiCache User Guide, but you cannot downgrade to an earlier engine\nversion. If you want to use an earlier engine version, you must delete the\nexisting cluster or replication group and create it anew with the earlier\nengine version." + description: "The version number of the cache engine to be used for the clusters in this\nreplication group. To view the supported cache engine versions, use the DescribeCacheEngineVersions\noperation.\n\nImportant: You can upgrade to a newer engine version (see Selecting a Cache\nEngine and Version (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement))\nin the ElastiCache User Guide, but you cannot downgrade to an earlier engine\nversion. If you want to use an earlier engine version, you must delete the\nexisting cluster or replication group and create it anew with the earlier\nengine version." type: "string" kmsKeyID: description: "The ID of the KMS key used to encrypt the disk in the cluster." @@ -132,10 +136,10 @@ spec: type: "object" type: "array" multiAZEnabled: - description: "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance.\nFor more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html)." + description: "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance.\nFor more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html)." type: "boolean" nodeGroupConfiguration: - description: "A list of node group (shard) configuration options. Each node group (shard)\nconfiguration has the following members: PrimaryAvailabilityZone, ReplicaAvailabilityZones,\nReplicaCount, and Slots.\n\n\nIf you're creating a Redis (cluster mode disabled) or a Redis (cluster mode\nenabled) replication group, you can use this parameter to individually configure\neach node group (shard), or you can omit this parameter. However, it is required\nwhen seeding a Redis (cluster mode enabled) cluster from a S3 rdb file. You\nmust configure each node group (shard) using this parameter because you must\nspecify the slots for each node group." + description: "A list of node group (shard) configuration options. Each node group (shard)\nconfiguration has the following members: PrimaryAvailabilityZone, ReplicaAvailabilityZones,\nReplicaCount, and Slots.\n\nIf you're creating a Valkey or Redis OSS (cluster mode disabled) or a Valkey\nor Redis OSS (cluster mode enabled) replication group, you can use this parameter\nto individually configure each node group (shard), or you can omit this parameter.\nHowever, it is required when seeding a Valkey or Redis OSS (cluster mode\nenabled) cluster from a S3 rdb file. You must configure each node group (shard)\nusing this parameter because you must specify the slots for each node group." items: description: "Node group (shard) configuration options. Each node group (shard) configuration\nhas the following: Slots, PrimaryAvailabilityZone, ReplicaAvailabilityZones,\nReplicaCount." properties: @@ -161,10 +165,10 @@ spec: type: "object" type: "array" notificationTopicARN: - description: "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service\n(SNS) topic to which notifications are sent.\n\n\nThe Amazon SNS topic owner must be the same as the cluster owner." + description: "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service\n(SNS) topic to which notifications are sent.\n\nThe Amazon SNS topic owner must be the same as the cluster owner." type: "string" numNodeGroups: - description: "An optional parameter that specifies the number of node groups (shards) for\nthis Redis (cluster mode enabled) replication group. For Redis (cluster mode\ndisabled) either omit this parameter or set it to 1.\n\n\nDefault: 1" + description: "An optional parameter that specifies the number of node groups (shards) for\nthis Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey\nor Redis OSS (cluster mode disabled) either omit this parameter or set it\nto 1.\n\nDefault: 1" format: "int64" type: "integer" port: @@ -172,42 +176,44 @@ spec: format: "int64" type: "integer" preferredCacheClusterAZs: - description: "A list of EC2 Availability Zones in which the replication group's clusters\nare created. The order of the Availability Zones in the list is the order\nin which clusters are allocated. The primary cluster is created in the first\nAZ in the list.\n\n\nThis parameter is not used if there is more than one node group (shard).\nYou should use NodeGroupConfiguration instead.\n\n\nIf you are creating your replication group in an Amazon VPC (recommended),\nyou can only locate clusters in Availability Zones associated with the subnets\nin the selected subnet group.\n\n\nThe number of Availability Zones listed must equal the value of NumCacheClusters.\n\n\nDefault: system chosen Availability Zones." + description: "A list of EC2 Availability Zones in which the replication group's clusters\nare created. The order of the Availability Zones in the list is the order\nin which clusters are allocated. The primary cluster is created in the first\nAZ in the list.\n\nThis parameter is not used if there is more than one node group (shard).\nYou should use NodeGroupConfiguration instead.\n\nIf you are creating your replication group in an Amazon VPC (recommended),\nyou can only locate clusters in Availability Zones associated with the subnets\nin the selected subnet group.\n\nThe number of Availability Zones listed must equal the value of NumCacheClusters.\n\nDefault: system chosen Availability Zones." items: type: "string" type: "array" preferredMaintenanceWindow: - description: "Specifies the weekly time range during which maintenance on the cluster is\nperformed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi\n(24H Clock UTC). The minimum maintenance window is a 60 minute period. Valid\nvalues for ddd are:\n\n\nSpecifies the weekly time range during which maintenance on the cluster is\nperformed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi\n(24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n\nValid values for ddd are:\n\n\n * sun\n\n\n * mon\n\n\n * tue\n\n\n * wed\n\n\n * thu\n\n\n * fri\n\n\n * sat\n\n\nExample: sun:23:00-mon:01:30" + description: "Specifies the weekly time range during which maintenance on the cluster is\nperformed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi\n(24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for ddd are:\n\n * sun\n\n * mon\n\n * tue\n\n * wed\n\n * thu\n\n * fri\n\n * sat\n\nExample: sun:23:00-mon:01:30" type: "string" primaryClusterID: - description: "The identifier of the cluster that serves as the primary for this replication\ngroup. This cluster must already exist and have a status of available.\n\n\nThis parameter is not required if NumCacheClusters, NumNodeGroups, or ReplicasPerNodeGroup\nis specified." + description: "The identifier of the cluster that serves as the primary for this replication\ngroup. This cluster must already exist and have a status of available.\n\nThis parameter is not required if NumCacheClusters, NumNodeGroups, or ReplicasPerNodeGroup\nis specified." type: "string" replicasPerNodeGroup: description: "An optional parameter that specifies the number of replica nodes in each\nnode group (shard). Valid values are 0 to 5." format: "int64" type: "integer" replicationGroupID: - description: "The replication group identifier. This parameter is stored as a lowercase\nstring.\n\n\nConstraints:\n\n\n * A name must contain from 1 to 40 alphanumeric characters or hyphens.\n\n\n * The first character must be a letter.\n\n\n * A name cannot end with a hyphen or contain two consecutive hyphens." + description: "The replication group identifier. This parameter is stored as a lowercase\nstring.\n\nConstraints:\n\n * A name must contain from 1 to 40 alphanumeric characters or hyphens.\n\n * The first character must be a letter.\n\n * A name cannot end with a hyphen or contain two consecutive hyphens." type: "string" securityGroupIDs: - description: "One or more Amazon VPC security groups associated with this replication group.\n\n\nUse this parameter only when you are creating a replication group in an Amazon\nVirtual Private Cloud (Amazon VPC)." + description: "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon\nVirtual Private Cloud (Amazon VPC)." items: type: "string" type: "array" securityGroupRefs: items: - description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t name: my-api" + description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: from: description: "AWSResourceReference provides all the values necessary to reference another\nk8s resource for finding the identifier(Id/ARN/Name)" properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" snapshotARNs: - description: "A list of Amazon Resource Names (ARN) that uniquely identify the Redis RDB\nsnapshot files stored in Amazon S3. The snapshot files are used to populate\nthe new replication group. The Amazon S3 object name in the ARN cannot contain\nany commas. The new replication group will have the number of node groups\n(console: shards) specified by the parameter NumNodeGroups or the number\nof node groups configured by NodeGroupConfiguration regardless of the number\nof ARNs specified here.\n\n\nExample of an Amazon S3 ARN: arn:aws:s3:::my_bucket/snapshot1.rdb" + description: "A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or\nRedis OSS RDB snapshot files stored in Amazon S3. The snapshot files are\nused to populate the new replication group. The Amazon S3 object name in\nthe ARN cannot contain any commas. The new replication group will have the\nnumber of node groups (console: shards) specified by the parameter NumNodeGroups\nor the number of node groups configured by NodeGroupConfiguration regardless\nof the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: arn:aws:s3:::my_bucket/snapshot1.rdb" items: type: "string" type: "array" @@ -215,11 +221,11 @@ spec: description: "The name of a snapshot from which to restore data into the new replication\ngroup. The snapshot status changes to restoring while the new replication\ngroup is being created." type: "string" snapshotRetentionLimit: - description: "The number of days for which ElastiCache retains automatic snapshots before\ndeleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot\nthat was taken today is retained for 5 days before being deleted.\n\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster)." + description: "The number of days for which ElastiCache retains automatic snapshots before\ndeleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot\nthat was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster)." format: "int64" type: "integer" snapshotWindow: - description: "The daily time range (in UTC) during which ElastiCache begins taking a daily\nsnapshot of your node group (shard).\n\n\nExample: 05:00-09:00\n\n\nIf you do not specify this parameter, ElastiCache automatically chooses an\nappropriate time range." + description: "The daily time range (in UTC) during which ElastiCache begins taking a daily\nsnapshot of your node group (shard).\n\nExample: 05:00-09:00\n\nIf you do not specify this parameter, ElastiCache automatically chooses an\nappropriate time range." type: "string" tags: description: "A list of tags to be added to this resource. Tags are comma-separated key,value\npairs (e.g. Key=myKey, Value=myKeyValue. You can include multiple tags as\nshown following: Key=myKey, Value=myKeyValue Key=mySecondKey, Value=mySecondKeyValue.\nTags on replication groups will be replicated to all nodes." @@ -233,7 +239,7 @@ spec: type: "object" type: "array" transitEncryptionEnabled: - description: "A flag that enables in-transit encryption when set to true.\n\n\nYou cannot modify the value of TransitEncryptionEnabled after the cluster\nis created. To enable in-transit encryption on a cluster you must set TransitEncryptionEnabled\nto true when you create a cluster.\n\n\nThis parameter is valid only if the Engine parameter is redis, the EngineVersion\nparameter is 3.2.6, 4.x or later, and the cluster is being created in an\nAmazon VPC.\n\n\nIf you enable in-transit encryption, you must also specify a value for CacheSubnetGroup.\n\n\nRequired: Only available when creating a replication group in an Amazon VPC\nusing redis version 3.2.6, 4.x or later.\n\n\nDefault: false\n\n\nFor HIPAA compliance, you must specify TransitEncryptionEnabled as true,\nan AuthToken, and a CacheSubnetGroup." + description: "A flag that enables in-transit encryption when set to true.\n\nThis parameter is valid only if the Engine parameter is redis, the EngineVersion\nparameter is 3.2.6, 4.x or later, and the cluster is being created in an\nAmazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for CacheSubnetGroup.\n\nRequired: Only available when creating a replication group in an Amazon VPC\nusing Redis OSS version 3.2.6, 4.x or later.\n\nDefault: false\n\nFor HIPAA compliance, you must specify TransitEncryptionEnabled as true,\nan AuthToken, and a CacheSubnetGroup." type: "boolean" userGroupIDs: description: "The user group to associate with the replication group." @@ -251,7 +257,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -264,33 +270,33 @@ spec: - "region" type: "object" allowedScaleDownModifications: - description: "A string list, each element of which specifies a cache node type which you\ncan use to scale your cluster or replication group. When scaling down a Redis\ncluster or replication group using ModifyCacheCluster or ModifyReplicationGroup,\nuse a value from this list for the CacheNodeType parameter." + description: "A string list, each element of which specifies a cache node type which you\ncan use to scale your cluster or replication group. When scaling down a Valkey\nor Redis OSS cluster or replication group using ModifyCacheCluster or ModifyReplicationGroup,\nuse a value from this list for the CacheNodeType parameter." items: type: "string" type: "array" allowedScaleUpModifications: - description: "A string list, each element of which specifies a cache node type which you\ncan use to scale your cluster or replication group.\n\n\nWhen scaling up a Redis cluster or replication group using ModifyCacheCluster\nor ModifyReplicationGroup, use a value from this list for the CacheNodeType\nparameter." + description: "A string list, each element of which specifies a cache node type which you\ncan use to scale your cluster or replication group.\n\nWhen scaling up a Valkey or Redis OSS cluster or replication group using\nModifyCacheCluster or ModifyReplicationGroup, use a value from this list\nfor the CacheNodeType parameter." items: type: "string" type: "array" authTokenEnabled: - description: "A flag that enables using an AuthToken (password) when issuing Redis commands.\n\n\nDefault: false" + description: "A flag that enables using an AuthToken (password) when issuing Valkey or\nRedis OSS commands.\n\nDefault: false" type: "boolean" authTokenLastModifiedDate: description: "The date the auth token was last modified" format: "date-time" type: "string" autoMinorVersionUpgrade: - description: "If you are running Redis engine version 6.0 or later, set this parameter\nto yes if you want to opt-in to the next auto minor version upgrade campaign.\nThis parameter is disabled for previous versions." + description: "If you are running Valkey 7.2 and above, or Redis OSS engine version 6.0\nand above, set this parameter to yes if you want to opt-in to the next auto\nminor version upgrade campaign. This parameter is disabled for previous versions." type: "boolean" automaticFailover: - description: "Indicates the status of automatic failover for this Redis replication group." + description: "Indicates the status of automatic failover for this Valkey or Redis OSS replication\ngroup." type: "string" clusterEnabled: - description: "A flag indicating whether or not this replication group is cluster enabled;\ni.e., whether its data can be partitioned across multiple shards (API/CLI:\nnode groups).\n\n\nValid values: true | false" + description: "A flag indicating whether or not this replication group is cluster enabled;\ni.e., whether its data can be partitioned across multiple shards (API/CLI:\nnode groups).\n\nValid values: true | false" type: "boolean" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -325,7 +331,7 @@ spec: type: "integer" type: "object" dataTiering: - description: "Enables data tiering. Data tiering is only supported for replication groups\nusing the r6gd node type. This parameter must be set to true when using r6gd\nnodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html)." + description: "Enables data tiering. Data tiering is only supported for replication groups\nusing the r6gd node type. This parameter must be set to true when using r6gd\nnodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html)." type: "string" events: description: "A list of events. Each element in the list contains detailed information\nabout one event." @@ -395,10 +401,10 @@ spec: type: "string" type: "array" multiAZ: - description: "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance.\nFor more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html)" + description: "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance.\nFor more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html)" type: "string" nodeGroups: - description: "A list of node groups in this replication group. For Redis (cluster mode\ndisabled) replication groups, this is a single-element list. For Redis (cluster\nmode enabled) replication groups, the list contains an entry for each node\ngroup (shard)." + description: "A list of node groups in this replication group. For Valkey or Redis OSS\n(cluster mode disabled) replication groups, this is a single-element list.\nFor Valkey or Redis OSS (cluster mode enabled) replication groups, the list\ncontains an entry for each node group (shard)." items: description: "Represents a collection of cache nodes in a replication group. One node in\nthe node group is the read/write primary node. All the other nodes are read-only\nReplica nodes." properties: @@ -419,7 +425,7 @@ spec: preferredOutpostARN: type: "string" readEndpoint: - description: "Represents the information required for client programs to connect to a cache\nnode." + description: "Represents the information required for client programs to connect to a cache\nnode. This value is read-only." properties: address: type: "string" @@ -430,7 +436,7 @@ spec: type: "object" type: "array" primaryEndpoint: - description: "Represents the information required for client programs to connect to a cache\nnode." + description: "Represents the information required for client programs to connect to a cache\nnode. This value is read-only." properties: address: type: "string" @@ -439,7 +445,7 @@ spec: type: "integer" type: "object" readerEndpoint: - description: "Represents the information required for client programs to connect to a cache\nnode." + description: "Represents the information required for client programs to connect to a cache\nnode. This value is read-only." properties: address: type: "string" diff --git a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/snapshots.yaml b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/snapshots.yaml index 13cc02b32..76ed86e44 100644 --- a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/snapshots.yaml +++ b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/snapshots.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "snapshots.elasticache.services.k8s.aws" spec: group: "elasticache.services.k8s.aws" @@ -27,7 +27,7 @@ spec: metadata: type: "object" spec: - description: "SnapshotSpec defines the desired state of Snapshot.\n\n\nRepresents a copy of an entire Redis cluster as of the time when the snapshot\nwas taken." + description: "SnapshotSpec defines the desired state of Snapshot.\n\nRepresents a copy of an entire Valkey or Redis OSS cluster as of the time\nwhen the snapshot was taken." properties: cacheClusterID: description: "The identifier of an existing cluster. The snapshot is created from this\ncluster." @@ -65,7 +65,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -78,17 +78,17 @@ spec: - "region" type: "object" autoMinorVersionUpgrade: - description: "If you are running Redis engine version 6.0 or later, set this parameter\nto yes if you want to opt-in to the next auto minor version upgrade campaign.\nThis parameter is disabled for previous versions." + description: "If you are running Valkey 7.2 and above or Redis OSS engine version 6.0 and\nabove, set this parameter to yes if you want to opt-in to the next auto minor\nversion upgrade campaign. This parameter is disabled for previous versions." type: "boolean" automaticFailover: - description: "Indicates the status of automatic failover for the source Redis replication\ngroup." + description: "Indicates the status of automatic failover for the source Valkey or Redis\nOSS replication group." type: "string" cacheClusterCreateTime: description: "The date and time when the source cluster was created." format: "date-time" type: "string" cacheNodeType: - description: "The name of the compute and memory capacity node type for the source cluster.\n\n\nThe following node types are supported by ElastiCache. Generally speaking,\nthe current generation types provide more memory and computational power\nat lower cost when compared to their equivalent previous generation counterparts.\n\n\n * General purpose: Current generation: M6g node types (available only\n for Redis engine version 5.0.6 onward and for Memcached engine version\n 1.5.16 onward). cache.m6g.large, cache.m6g.xlarge, cache.m6g.2xlarge,\n cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, cache.m6g.16xlarge\n For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, cache.m5.4xlarge,\n cache.m5.12xlarge, cache.m5.24xlarge M4 node types: cache.m4.large, cache.m4.xlarge,\n cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge T4g node types (available\n only for Redis engine version 5.0.6 onward and Memcached engine version\n 1.5.16 onward): cache.t4g.micro, cache.t4g.small, cache.t4g.medium T3\n node types: cache.t3.micro, cache.t3.small, cache.t3.medium T2 node types:\n cache.t2.micro, cache.t2.small, cache.t2.medium Previous generation: (not\n recommended. Existing clusters are still supported but creation of new\n clusters is not supported for these types.) T1 node types: cache.t1.micro\n M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, cache.m1.xlarge\n M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, cache.m3.2xlarge\n\n\n * Compute optimized: Previous generation: (not recommended. Existing clusters\n are still supported but creation of new clusters is not supported for\n these types.) C1 node types: cache.c1.xlarge\n\n\n * Memory optimized with data tiering: Current generation: R6gd node types\n (available only for Redis engine version 6.2 onward). cache.r6gd.xlarge,\n cache.r6gd.2xlarge, cache.r6gd.4xlarge, cache.r6gd.8xlarge, cache.r6gd.12xlarge,\n cache.r6gd.16xlarge\n\n\n * Memory optimized: Current generation: R6g node types (available only\n for Redis engine version 5.0.6 onward and for Memcached engine version\n 1.5.16 onward). cache.r6g.large, cache.r6g.xlarge, cache.r6g.2xlarge,\n cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, cache.r6g.16xlarge\n For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, cache.r5.4xlarge,\n cache.r5.12xlarge, cache.r5.24xlarge R4 node types: cache.r4.large, cache.r4.xlarge,\n cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, cache.r4.16xlarge\n Previous generation: (not recommended. Existing clusters are still supported\n but creation of new clusters is not supported for these types.) M2 node\n types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge R3 node types:\n cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, cache.r3.8xlarge\n\n\nAdditional node type info\n\n\n * All current generation instance types are created in Amazon VPC by default.\n\n\n * Redis append-only files (AOF) are not supported for T1 or T2 instances.\n\n\n * Redis Multi-AZ with automatic failover is not supported on T1 instances.\n\n\n * Redis configuration variables appendonly and appendfsync are not supported\n on Redis version 2.8.22 and later." + description: "The name of the compute and memory capacity node type for the source cluster.\n\nThe following node types are supported by ElastiCache. Generally speaking,\nthe current generation types provide more memory and computational power\nat lower cost when compared to their equivalent previous generation counterparts.\n\n * General purpose: Current generation: M7g node types: cache.m7g.large,\n cache.m7g.xlarge, cache.m7g.2xlarge, cache.m7g.4xlarge, cache.m7g.8xlarge,\n cache.m7g.12xlarge, cache.m7g.16xlarge For region availability, see Supported\n Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n M6g node types (available only for Redis OSS engine version 5.0.6 onward\n and for Memcached engine version 1.5.16 onward): cache.m6g.large, cache.m6g.xlarge,\n cache.m6g.2xlarge, cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge,\n cache.m6g.16xlarge M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge,\n cache.m5.4xlarge, cache.m5.12xlarge, cache.m5.24xlarge M4 node types:\n cache.m4.large, cache.m4.xlarge, cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge\n T4g node types (available only for Redis OSS engine version 5.0.6 onward\n and Memcached engine version 1.5.16 onward): cache.t4g.micro, cache.t4g.small,\n cache.t4g.medium T3 node types: cache.t3.micro, cache.t3.small, cache.t3.medium\n T2 node types: cache.t2.micro, cache.t2.small, cache.t2.medium Previous\n generation: (not recommended. Existing clusters are still supported but\n creation of new clusters is not supported for these types.) T1 node types:\n cache.t1.micro M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large,\n cache.m1.xlarge M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge,\n cache.m3.2xlarge\n\n * Compute optimized: Previous generation: (not recommended. Existing clusters\n are still supported but creation of new clusters is not supported for\n these types.) C1 node types: cache.c1.xlarge\n\n * Memory optimized: Current generation: R7g node types: cache.r7g.large,\n cache.r7g.xlarge, cache.r7g.2xlarge, cache.r7g.4xlarge, cache.r7g.8xlarge,\n cache.r7g.12xlarge, cache.r7g.16xlarge For region availability, see Supported\n Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n R6g node types (available only for Redis OSS engine version 5.0.6 onward\n and for Memcached engine version 1.5.16 onward): cache.r6g.large, cache.r6g.xlarge,\n cache.r6g.2xlarge, cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge,\n cache.r6g.16xlarge R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge,\n cache.r5.4xlarge, cache.r5.12xlarge, cache.r5.24xlarge R4 node types:\n cache.r4.large, cache.r4.xlarge, cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge,\n cache.r4.16xlarge Previous generation: (not recommended. Existing clusters\n are still supported but creation of new clusters is not supported for\n these types.) M2 node types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge\n R3 node types: cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge,\n cache.r3.8xlarge\n\nAdditional node type info\n\n * All current generation instance types are created in Amazon VPC by default.\n\n * Valkey or Redis OSS append-only files (AOF) are not supported for T1\n or T2 instances.\n\n * Valkey or Redis OSS Multi-AZ with automatic failover is not supported\n on T1 instances.\n\n * The configuration variables appendonly and appendfsync are not supported\n on Valkey, or on Redis OSS version 2.8.22 and later." type: "string" cacheParameterGroupName: description: "The cache parameter group that is associated with the source cluster." @@ -97,7 +97,7 @@ spec: description: "The name of the cache subnet group associated with the source cluster." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -123,7 +123,7 @@ spec: type: "object" type: "array" dataTiering: - description: "Enables data tiering. Data tiering is only supported for replication groups\nusing the r6gd node type. This parameter must be set to true when using r6gd\nnodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html)." + description: "Enables data tiering. Data tiering is only supported for replication groups\nusing the r6gd node type. This parameter must be set to true when using r6gd\nnodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html)." type: "string" engine: description: "The name of the cache engine (memcached or redis) used by the source cluster." @@ -176,7 +176,7 @@ spec: type: "object" type: "array" numCacheNodes: - description: "The number of cache nodes in the source cluster.\n\n\nFor clusters running Redis, this value must be 1. For clusters running Memcached,\nthis value must be between 1 and 40." + description: "The number of cache nodes in the source cluster.\n\nFor clusters running Valkey or Redis OSS, this value must be 1. For clusters\nrunning Memcached, this value must be between 1 and 40." format: "int64" type: "integer" numNodeGroups: @@ -191,7 +191,7 @@ spec: description: "The name of the Availability Zone in which the source cluster is located." type: "string" preferredMaintenanceWindow: - description: "Specifies the weekly time range during which maintenance on the cluster is\nperformed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi\n(24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n\nValid values for ddd are:\n\n\n * sun\n\n\n * mon\n\n\n * tue\n\n\n * wed\n\n\n * thu\n\n\n * fri\n\n\n * sat\n\n\nExample: sun:23:00-mon:01:30" + description: "Specifies the weekly time range during which maintenance on the cluster is\nperformed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi\n(24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for ddd are:\n\n * sun\n\n * mon\n\n * tue\n\n * wed\n\n * thu\n\n * fri\n\n * sat\n\nExample: sun:23:00-mon:01:30" type: "string" preferredOutpostARN: description: "The ARN (Amazon Resource Name) of the preferred outpost." @@ -200,7 +200,7 @@ spec: description: "A description of the source replication group." type: "string" snapshotRetentionLimit: - description: "For an automatic snapshot, the number of days for which ElastiCache retains\nthe snapshot before deleting it.\n\n\nFor manual snapshots, this field reflects the SnapshotRetentionLimit for\nthe source cluster when the snapshot was created. This field is otherwise\nignored: Manual snapshots do not expire, and can only be deleted using the\nDeleteSnapshot operation.\n\n\nImportant If the value of SnapshotRetentionLimit is set to zero (0), backups\nare turned off." + description: "For an automatic snapshot, the number of days for which ElastiCache retains\nthe snapshot before deleting it.\n\nFor manual snapshots, this field reflects the SnapshotRetentionLimit for\nthe source cluster when the snapshot was created. This field is otherwise\nignored: Manual snapshots do not expire, and can only be deleted using the\nDeleteSnapshot operation.\n\nImportant If the value of SnapshotRetentionLimit is set to zero (0), backups\nare turned off." format: "int64" type: "integer" snapshotSource: diff --git a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/usergroups.yaml b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/usergroups.yaml index 1706f04dd..969a17a2d 100644 --- a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/usergroups.yaml +++ b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/usergroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "usergroups.elasticache.services.k8s.aws" spec: group: "elasticache.services.k8s.aws" @@ -29,10 +29,10 @@ spec: spec: properties: engine: - description: "The current supported value is Redis." + description: "The current supported value is Redis user." type: "string" tags: - description: "A list of tags to be added to this resource. A tag is a key-value pair. A\ntag key must be accompanied by a tag value, although null is accepted." + description: "A list of tags to be added to this resource. A tag is a key-value pair. A\ntag key must be accompanied by a tag value, although null is accepted. Available\nfor Valkey and Redis OSS only." items: description: "A tag that can be added to an ElastiCache cluster or replication group. Tags\nare composed of a Key/Value pair. You can use tags to categorize and track\nall your ElastiCache resources, with the exception of global replication\ngroup. When you add or remove tags on replication groups, those actions will\nbe replicated to all nodes in the replication group. A tag with a null Value\nis permitted." properties: @@ -61,7 +61,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -74,7 +74,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -100,7 +100,7 @@ spec: type: "object" type: "array" minimumEngineVersion: - description: "The minimum engine version required, which is Redis 6.0" + description: "The minimum engine version required, which is Redis OSS 6.0" type: "string" pendingChanges: description: "A list of updates being applied to the user group." diff --git a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/users.yaml b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/users.yaml index fb29db6e2..450b6cb6e 100644 --- a/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/users.yaml +++ b/crd-catalog/aws-controllers-k8s/elasticache-controller/elasticache.services.k8s.aws/v1alpha1/users.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "users.elasticache.services.k8s.aws" spec: group: "elasticache.services.k8s.aws" @@ -86,7 +86,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -108,7 +108,7 @@ spec: type: "string" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -140,7 +140,7 @@ spec: description: "Access permissions string used for this user." type: "string" minimumEngineVersion: - description: "The minimum engine version required, which is Redis 6.0" + description: "The minimum engine version required, which is Redis OSS 6.0" type: "string" status: description: "Indicates the user status. Can be \"active\", \"modifying\" or \"deleting\"." diff --git a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml index 8a1f9f60c..b425162a1 100644 --- a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml +++ b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml @@ -38,9 +38,15 @@ spec: properties: configurationOverrides: type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" executionRoleARN: description: "The execution role ARN for the job run." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" jobDriver: description: "The job driver for the job run." properties: @@ -57,12 +63,21 @@ spec: type: "string" type: "object" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" name: description: "The name of the job run." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" releaseLabel: description: "The Amazon EMR release version to use for the job run." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" tags: additionalProperties: type: "string" @@ -71,6 +86,9 @@ spec: virtualClusterID: description: "The virtual cluster ID for which the job run request is submitted." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" virtualClusterRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -83,10 +101,6 @@ spec: type: "string" type: "object" type: "object" - required: - - "executionRoleARN" - - "jobDriver" - - "releaseLabel" type: "object" status: description: "JobRunStatus defines the observed state of JobRun" @@ -108,7 +122,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/virtualclusters.yaml b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/virtualclusters.yaml index 788596941..ef492721e 100644 --- a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/virtualclusters.yaml +++ b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/virtualclusters.yaml @@ -27,7 +27,7 @@ spec: metadata: type: "object" spec: - description: "VirtualClusterSpec defines the desired state of VirtualCluster.\n\nThis entity describes a virtual cluster. A virtual cluster is a Kubernetes\nnamespace that Amazon EMR is registered with. Amazon EMR uses virtual clusters\nto run jobs and host endpoints. Multiple virtual clusters can be backed by\nthe same physical cluster. However, each virtual cluster maps to one namespace\non an EKS cluster. Virtual clusters do not create any active resources that\ncontribute to your bill or that require lifecycle management outside the\nservice." + description: "VirtualClusterSpec defines the desired state of VirtualCluster.\n\nThis entity describes a virtual cluster. A virtual cluster is a Kubernetes\nnamespace that Amazon EMR is registered with. Amazon EMR uses virtual clusters\nto run jobs and host endpoints. Multiple virtual clusters can be backed by\nthe same physical cluster. However, each virtual cluster maps to one namespace\non an Amazon EKS cluster. Virtual clusters do not create any active resources\nthat contribute to your bill or that require lifecycle management outside\nthe service." properties: containerProvider: description: "The container provider of the virtual cluster." @@ -38,7 +38,7 @@ spec: description: "The information about the container used for a job run or a managed endpoint." properties: eksInfo: - description: "The information about the EKS cluster." + description: "The information about the Amazon EKS cluster." properties: namespace: type: "string" @@ -79,7 +79,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/groups.yaml b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/groups.yaml index 53e487c1f..bba8a897e 100644 --- a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/groups.yaml +++ b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/groups.yaml @@ -80,7 +80,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/instanceprofiles.yaml b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/instanceprofiles.yaml index 59caa5685..65522ef7b 100644 --- a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/instanceprofiles.yaml +++ b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/instanceprofiles.yaml @@ -35,6 +35,9 @@ spec: path: description: "The path to the instance profile. For more information about paths, see IAM\nIdentifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)\nin the IAM User Guide.\n\nThis parameter is optional. If it is not included, it defaults to a slash\n(/).\n\nThis parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))\na string of characters consisting of either a forward slash (/) by itself\nor a string that must begin and end with forward slashes. In addition, it\ncan contain any ASCII character from the ! (\\u0021) through the DEL character\n(\\u007F), including most punctuation characters, digits, and upper and lowercased\nletters." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" role: type: "string" roleRef: @@ -83,7 +86,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/openidconnectproviders.yaml b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/openidconnectproviders.yaml index 5511ad076..16543cb1f 100644 --- a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/openidconnectproviders.yaml +++ b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/openidconnectproviders.yaml @@ -46,15 +46,17 @@ spec: type: "object" type: "array" thumbprints: - description: "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity\nprovider's server certificates. Typically this list includes only one entry.\nHowever, IAM lets you have up to five thumbprints for an OIDC provider. This\nlets you maintain multiple thumbprints if the identity provider is rotating\ncertificates.\n\nThe server certificate thumbprint is the hex-encoded SHA-1 hash value of\nthe X.509 certificate used by the domain where the OpenID Connect provider\nmakes its keys available. It is always a 40-character string.\n\nYou must provide at least one thumbprint when creating an IAM OIDC provider.\nFor example, assume that the OIDC provider is server.example.com and the\nprovider stores its keys at https://keys.server.example.com/openid-connect.\nIn that case, the thumbprint string would be the hex-encoded SHA-1 hash value\nof the certificate used by https://keys.server.example.com.\n\nFor more information about obtaining the OIDC provider thumbprint, see Obtaining\nthe thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)\nin the IAM user Guide." + description: "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity\nprovider's server certificates. Typically this list includes only one entry.\nHowever, IAM lets you have up to five thumbprints for an OIDC provider. This\nlets you maintain multiple thumbprints if the identity provider is rotating\ncertificates.\n\nThis parameter is optional. If it is not included, IAM will retrieve and\nuse the top intermediate certificate authority (CA) thumbprint of the OpenID\nConnect identity provider server certificate.\n\nThe server certificate thumbprint is the hex-encoded SHA-1 hash value of\nthe X.509 certificate used by the domain where the OpenID Connect provider\nmakes its keys available. It is always a 40-character string.\n\nFor example, assume that the OIDC provider is server.example.com and the\nprovider stores its keys at https://keys.server.example.com/openid-connect.\nIn that case, the thumbprint string would be the hex-encoded SHA-1 hash value\nof the certificate used by https://keys.server.example.com.\n\nFor more information about obtaining the OIDC provider thumbprint, see Obtaining\nthe thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)\nin the IAM user Guide." items: type: "string" type: "array" url: description: "The URL of the identity provider. The URL must begin with https:// and should\ncorrespond to the iss claim in the provider's OpenID Connect ID tokens. Per\nthe OIDC standard, path components are allowed but query parameters are not.\nTypically the URL consists of only a hostname, like https://server.example.org\nor https://example.com. The URL should not contain a port number.\n\nYou cannot register the same provider multiple times in a single Amazon Web\nServices account. If you try to submit a URL that has already been used for\nan OpenID Connect provider in the Amazon Web Services account, you will get\nan error." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" required: - - "thumbprints" - "url" type: "object" status: @@ -77,7 +79,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/policies.yaml b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/policies.yaml index e9a8b25db..8f8b51771 100644 --- a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/policies.yaml +++ b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/policies.yaml @@ -80,7 +80,7 @@ spec: format: "int64" type: "integer" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/roles.yaml b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/roles.yaml index 55d2c8a42..2caadcfe3 100644 --- a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/roles.yaml +++ b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/roles.yaml @@ -117,7 +117,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/users.yaml b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/users.yaml index 0390d69d8..3ccab23e6 100644 --- a/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/users.yaml +++ b/crd-catalog/aws-controllers-k8s/iam-controller/iam.services.k8s.aws/v1alpha1/users.yaml @@ -106,7 +106,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml index dbb2da531..c0ab17e4d 100644 --- a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml +++ b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml @@ -27,7 +27,7 @@ spec: metadata: type: "object" spec: - description: "ClusterSpec defines the desired state of Cluster.\n\nReturns information about a cluster of either the provisioned or the serverless\ntype." + description: "ClusterSpec defines the desired state of Cluster.\n\nReturns information about a cluster." properties: associatedSCRAMSecretRefs: items: @@ -48,10 +48,10 @@ spec: type: "string" type: "array" brokerNodeGroupInfo: - description: "Information about the brokers." + description: "Information about the broker nodes in the cluster." properties: brokerAZDistribution: - description: "The distribution of broker nodes across Availability Zones. By default, broker\nnodes are distributed among the Availability Zones of your Region. Currently,\nthe only supported value is DEFAULT. You can either specify this value explicitly\nor leave it out." + description: "The distribution of broker nodes across Availability Zones. This is an optional\nparameter. If you don't specify it, Amazon MSK gives it the value DEFAULT.\nYou can also explicitly set this parameter to the value DEFAULT. No other\nvalues are currently allowed.\n\nAmazon MSK distributes the broker nodes evenly across the Availability Zones\nthat correspond to the subnets you provide when you create the cluster." type: "string" clientSubnets: items: @@ -61,7 +61,7 @@ spec: description: "Information about the broker access configuration." properties: publicAccess: - description: "Broker public access control." + description: "Public access control for brokers." properties: type: type: "string" @@ -98,13 +98,16 @@ spec: description: "Includes all client authentication related information." properties: sasl: + description: "Details for client authentication using SASL." properties: iam: + description: "Details for IAM access control." properties: enabled: type: "boolean" type: "object" scram: + description: "Details for SASL/SCRAM client authentication." properties: enabled: type: "boolean" @@ -121,14 +124,13 @@ spec: type: "boolean" type: "object" unauthenticated: - description: "Contains information about unauthenticated traffic to the cluster." properties: enabled: type: "boolean" type: "object" type: "object" configurationInfo: - description: "Represents the configuration that you want MSK to use for the cluster." + description: "Represents the configuration that you want MSK to use for the brokers in\na cluster." properties: arn: type: "string" @@ -162,13 +164,10 @@ spec: description: "The version of Apache Kafka." type: "string" loggingInfo: - description: "LoggingInfo details." properties: brokerLogs: - description: "The broker logs configuration for this MSK cluster." properties: cloudWatchLogs: - description: "Details of the CloudWatch Logs destination for broker logs." properties: enabled: type: "boolean" @@ -176,7 +175,6 @@ spec: type: "string" type: "object" firehose: - description: "Firehose details for BrokerLogs." properties: deliveryStream: type: "string" @@ -184,7 +182,6 @@ spec: type: "boolean" type: "object" s3: - description: "The details of the Amazon S3 destination for broker logs." properties: bucket: type: "string" @@ -199,7 +196,7 @@ spec: description: "The name of the cluster." type: "string" numberOfBrokerNodes: - description: "The number of Apache Kafka broker nodes in the Amazon MSK cluster." + description: "The number of broker nodes in the cluster." format: "int64" type: "integer" openMonitoring: @@ -209,13 +206,13 @@ spec: description: "Prometheus settings." properties: jmxExporter: - description: "Indicates whether you want to enable or disable the JMX Exporter." + description: "Indicates whether you want to turn on or turn off the JMX Exporter." properties: enabledInBroker: type: "boolean" type: "object" nodeExporter: - description: "Indicates whether you want to enable or disable the Node Exporter." + description: "Indicates whether you want to turn on or turn off the Node Exporter." properties: enabledInBroker: type: "boolean" @@ -276,7 +273,7 @@ spec: bootstrapBrokerStringVPCConnectivityTLS: type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/keyspaces.yaml b/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/keyspaces.yaml index 004c2e31e..22e190b4a 100644 --- a/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/keyspaces.yaml +++ b/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/keyspaces.yaml @@ -42,6 +42,9 @@ spec: replicationStrategy: type: "string" type: "object" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" tags: description: "A list of key-value pair tags to be attached to the keyspace.\n\nFor more information, see Adding tags and labels to Amazon Keyspaces resources\n(https://docs.aws.amazon.com/keyspaces/latest/devguide/tagging-keyspaces.html)\nin the Amazon Keyspaces Developer Guide." items: @@ -76,7 +79,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/tables.yaml b/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/tables.yaml index 506080bfe..991fd9c1c 100644 --- a/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/tables.yaml +++ b/crd-catalog/aws-controllers-k8s/keyspaces-controller/keyspaces.services.k8s.aws/v1alpha1/tables.yaml @@ -159,7 +159,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/kinesis-controller/kinesis.services.k8s.aws/v1alpha1/streams.yaml b/crd-catalog/aws-controllers-k8s/kinesis-controller/kinesis.services.k8s.aws/v1alpha1/streams.yaml index 4a31425d1..b6e5626f8 100644 --- a/crd-catalog/aws-controllers-k8s/kinesis-controller/kinesis.services.k8s.aws/v1alpha1/streams.yaml +++ b/crd-catalog/aws-controllers-k8s/kinesis-controller/kinesis.services.k8s.aws/v1alpha1/streams.yaml @@ -65,7 +65,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml index 10bf19250..33cc3ac1b 100644 --- a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml +++ b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml @@ -30,7 +30,7 @@ spec: description: "AliasSpec defines the desired state of Alias." properties: name: - description: "Specifies the alias name. This value must begin with alias/ followed by a\nname, such as alias/ExampleAlias.\n\nThe AliasName value must be string of 1-256 characters. It can contain only\nalphanumeric characters, forward slashes (/), underscores (_), and dashes\n(-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is\nreserved for Amazon Web Services managed keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)." + description: "Specifies the alias name. This value must begin with alias/ followed by a\nname, such as alias/ExampleAlias.\n\nDo not include confidential or sensitive information in this field. This\nfield may be displayed in plaintext in CloudTrail logs and other output.\n\nThe AliasName value must be string of 1-256 characters. It can contain only\nalphanumeric characters, forward slashes (/), underscores (_), and dashes\n(-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is\nreserved for Amazon Web Services managed keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)." type: "string" targetKeyID: description: "Associates the alias with the specified customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk).\nThe KMS key must be in the same Amazon Web Services Region.\n\nA valid key ID is required. If you supply a null or empty string value, this\noperation returns an error.\n\nFor help finding the key ID and ARN, see Finding the Key ID and ARN (https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn)\nin the Key Management Service Developer Guide .\n\nSpecify the key ID or key ARN of the KMS key.\n\nFor example:\n\n * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n\n * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n\nTo get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey." @@ -70,7 +70,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml index 78f54804c..167822c28 100644 --- a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml +++ b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml @@ -30,7 +30,7 @@ spec: description: "GrantSpec defines the desired state of Grant." properties: constraints: - description: "Specifies a grant constraint.\n\nKMS supports the EncryptionContextEquals and EncryptionContextSubset grant\nconstraints. Each constraint value can include up to 8 encryption context\npairs. The encryption context value in each constraint cannot exceed 384\ncharacters. For information about grant constraints, see Using grant constraints\n(https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints)\nin the Key Management Service Developer Guide. For more information about\nencryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context)\nin the Key Management Service Developer Guide .\n\nThe encryption context grant constraints allow the permissions in the grant\nonly when the encryption context in the request matches (EncryptionContextEquals)\nor includes (EncryptionContextSubset) the encryption context specified in\nthis structure.\n\nThe encryption context grant constraints are supported only on grant operations\n(https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations)\nthat include an EncryptionContext parameter, such as cryptographic operations\non symmetric encryption KMS keys. Grants with grant constraints can include\nthe DescribeKey and RetireGrant operations, but the constraint doesn't apply\nto these operations. If a grant with a grant constraint includes the CreateGrant\noperation, the constraint requires that any grants created with the CreateGrant\npermission have an equally strict or stricter encryption context constraint.\n\nYou cannot use an encryption context grant constraint for cryptographic operations\nwith asymmetric KMS keys or HMAC KMS keys. These keys don't support an encryption\ncontext." + description: "Specifies a grant constraint.\n\nDo not include confidential or sensitive information in this field. This\nfield may be displayed in plaintext in CloudTrail logs and other output.\n\nKMS supports the EncryptionContextEquals and EncryptionContextSubset grant\nconstraints, which allow the permissions in the grant only when the encryption\ncontext in the request matches (EncryptionContextEquals) or includes (EncryptionContextSubset)\nthe encryption context specified in the constraint.\n\nThe encryption context grant constraints are supported only on grant operations\n(https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations)\nthat include an EncryptionContext parameter, such as cryptographic operations\non symmetric encryption KMS keys. Grants with grant constraints can include\nthe DescribeKey and RetireGrant operations, but the constraint doesn't apply\nto these operations. If a grant with a grant constraint includes the CreateGrant\noperation, the constraint requires that any grants created with the CreateGrant\npermission have an equally strict or stricter encryption context constraint.\n\nYou cannot use an encryption context grant constraint for cryptographic operations\nwith asymmetric KMS keys or HMAC KMS keys. Operations with these keys don't\nsupport an encryption context.\n\nEach constraint value can include up to 8 encryption context pairs. The encryption\ncontext value in each constraint cannot exceed 384 characters. For information\nabout grant constraints, see Using grant constraints (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints)\nin the Key Management Service Developer Guide. For more information about\nencryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context)\nin the Key Management Service Developer Guide ." properties: encryptionContextEquals: additionalProperties: @@ -47,10 +47,10 @@ spec: type: "string" type: "array" granteePrincipal: - description: "The identity that gets the permissions specified in the grant.\n\nTo specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)\nof an Amazon Web Services principal. Valid Amazon Web Services principals\ninclude Amazon Web Services accounts (root), IAM users, IAM roles, federated\nusers, and assumed role users. For examples of the ARN syntax to use for\nspecifying a principal, see Amazon Web Services Identity and Access Management\n(IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam)\nin the Example ARNs section of the Amazon Web Services General Reference." + description: "The identity that gets the permissions specified in the grant.\n\nTo specify the grantee principal, use the Amazon Resource Name (ARN) of an\nAmazon Web Services principal. Valid principals include Amazon Web Services\naccounts, IAM users, IAM roles, federated users, and assumed role users.\nFor help with the ARN syntax for a principal, see IAM ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns)\nin the Identity and Access Management User Guide ." type: "string" keyID: - description: "Identifies the KMS key for the grant. The grant gives principals permission\nto use this KMS key.\n\nSpecify the key ID or key ARN of the KMS key. To specify a KMS key in a different\nAmazon Web Services account, you must use the key ARN.\n\nFor example:\n\n * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n\n * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n\nTo get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey." + description: "Identifies the KMS key for the grant. The grant gives principals permission\nto use this KMS key.\n\nSpecify the key ID or key ARN of the KMS key. To specify a KMS key in adifferent\nAmazon Web Services account, you must use the key ARN.\n\nFor example:\n\n * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n\n * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n\nTo get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey." type: "string" keyRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -65,7 +65,7 @@ spec: type: "object" type: "object" name: - description: "A friendly name for the grant. Use this value to prevent the unintended creation\nof duplicate grants when retrying this request.\n\nWhen this value is absent, all CreateGrant requests result in a new grant\nwith a unique GrantId even if all the supplied parameters are identical.\nThis can result in unintended duplicates when you retry the CreateGrant request.\n\nWhen this value is present, you can retry a CreateGrant request with identical\nparameters; if the grant already exists, the original GrantId is returned\nwithout creating a new grant. Note that the returned grant token is unique\nwith every CreateGrant request, even when a duplicate GrantId is returned.\nAll grant tokens for the same grant ID can be used interchangeably." + description: "A friendly name for the grant. Use this value to prevent the unintended creation\nof duplicate grants when retrying this request.\n\nDo not include confidential or sensitive information in this field. This\nfield may be displayed in plaintext in CloudTrail logs and other output.\n\nWhen this value is absent, all CreateGrant requests result in a new grant\nwith a unique GrantId even if all the supplied parameters are identical.\nThis can result in unintended duplicates when you retry the CreateGrant request.\n\nWhen this value is present, you can retry a CreateGrant request with identical\nparameters; if the grant already exists, the original GrantId is returned\nwithout creating a new grant. Note that the returned grant token is unique\nwith every CreateGrant request, even when a duplicate GrantId is returned.\nAll grant tokens for the same grant ID can be used interchangeably." type: "string" operations: description: "A list of operations that the grant permits.\n\nThis list must include only operations that are permitted in a grant. Also,\nthe operation must be supported on the KMS key. For example, you cannot create\na grant for a symmetric encryption KMS key that allows the Sign operation,\nor a grant for an asymmetric KMS key that allows the GenerateDataKey operation.\nIf you try, KMS returns a ValidationError exception. For details, see Grant\noperations (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations)\nin the Key Management Service Developer Guide." @@ -73,7 +73,7 @@ spec: type: "string" type: "array" retiringPrincipal: - description: "The principal that has permission to use the RetireGrant operation to retire\nthe grant.\n\nTo specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)\nof an Amazon Web Services principal. Valid Amazon Web Services principals\ninclude Amazon Web Services accounts (root), IAM users, federated users,\nand assumed role users. For examples of the ARN syntax to use for specifying\na principal, see Amazon Web Services Identity and Access Management (IAM)\n(https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam)\nin the Example ARNs section of the Amazon Web Services General Reference.\n\nThe grant determines the retiring principal. Other principals might have\npermission to retire the grant or revoke the grant. For details, see RevokeGrant\nand Retiring and revoking grants (https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete)\nin the Key Management Service Developer Guide." + description: "The principal that has permission to use the RetireGrant operation to retire\nthe grant.\n\nTo specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)\nof an Amazon Web Services principal. Valid principals include Amazon Web\nServices accounts, IAM users, IAM roles, federated users, and assumed role\nusers. For help with the ARN syntax for a principal, see IAM ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns)\nin the Identity and Access Management User Guide .\n\nThe grant determines the retiring principal. Other principals might have\npermission to retire the grant or revoke the grant. For details, see RevokeGrant\nand Retiring and revoking grants (https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete)\nin the Key Management Service Developer Guide." type: "string" required: - "granteePrincipal" @@ -99,7 +99,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/keys.yaml b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/keys.yaml index f2db5ed6d..4c755aaad 100644 --- a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/keys.yaml +++ b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/keys.yaml @@ -30,35 +30,53 @@ spec: description: "KeySpec defines the desired state of Key." properties: bypassPolicyLockoutSafetyCheck: - description: "A flag to indicate whether to bypass the key policy lockout safety check.\n\nSetting this value to true increases the risk that the KMS key becomes unmanageable.\nDo not set this value to true indiscriminately.\n\nFor more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)\nsection in the Key Management Service Developer Guide .\n\nUse this parameter only when you include a policy in the request and you\nintend to prevent the principal that is making the request from making a\nsubsequent PutKeyPolicy request on the KMS key.\n\nThe default value is false." + description: "Skips (\"bypasses\") the key policy lockout safety check. The default value\nis false.\n\nSetting this value to true increases the risk that the KMS key becomes unmanageable.\nDo not set this value to true indiscriminately.\n\nFor more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key)\nin the Key Management Service Developer Guide.\n\nUse this parameter only when you intend to prevent the principal that is\nmaking the request from making a subsequent PutKeyPolicy (https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html)\nrequest on the KMS key." type: "boolean" customKeyStoreID: - description: "Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)\nand the key material in its associated CloudHSM cluster. To create a KMS\nkey in a custom key store, you must also specify the Origin parameter with\na value of AWS_CLOUDHSM. The CloudHSM cluster that is associated with the\ncustom key store must have at least two active HSMs, each in a different\nAvailability Zone in the Region.\n\nThis parameter is valid only for symmetric encryption KMS keys in a single\nRegion. You cannot create any other type of KMS key in a custom key store.\n\nTo find the ID of a custom key store, use the DescribeCustomKeyStores operation.\n\nThe response includes the custom key store ID and the ID of the CloudHSM\ncluster.\n\nThis operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)\nfeature in KMS, which combines the convenience and extensive integration\nof KMS with the isolation and control of a single-tenant key store." + description: "Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).\nThe ConnectionState of the custom key store must be CONNECTED. To find the\nCustomKeyStoreID and ConnectionState use the DescribeCustomKeyStores operation.\n\nThis parameter is valid only for symmetric encryption KMS keys in a single\nRegion. You cannot create any other type of KMS key in a custom key store.\n\nWhen you create a KMS key in an CloudHSM key store, KMS generates a non-exportable\n256-bit symmetric key in its associated CloudHSM cluster and associates it\nwith the KMS key. When you create a KMS key in an external key store, you\nmust use the XksKeyId parameter to specify an external key that serves as\nkey material for the KMS key." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" description: - description: "A description of the KMS key.\n\nUse a description that helps you decide whether the KMS key is appropriate\nfor a task. The default value is an empty string (no description).\n\nTo set or change the description after the key is created, use UpdateKeyDescription." + description: "A description of the KMS key. Use a description that helps you decide whether\nthe KMS key is appropriate for a task. The default value is an empty string\n(no description).\n\nDo not include confidential or sensitive information in this field. This\nfield may be displayed in plaintext in CloudTrail logs and other output.\n\nTo set or change the description after the key is created, use UpdateKeyDescription." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" enableKeyRotation: type: "boolean" keySpec: - description: "Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT,\ncreates a KMS key with a 256-bit AES-GCM key that is used for encryption\nand decryption, except in China Regions, where it creates a 128-bit symmetric\nkey that uses SM4 encryption. For help choosing a key spec for your KMS key,\nsee Choosing a KMS key type (https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose)\nin the Key Management Service Developer Guide .\n\nThe KeySpec determines whether the KMS key contains a symmetric key or an\nasymmetric key pair. It also determines the cryptographic algorithms that\nthe KMS key supports. You can't change the KeySpec after the KMS key is created.\nTo further restrict the algorithms that can be used with the KMS key, use\na condition key in its key policy or IAM policy. For more information, see\nkms:EncryptionAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm),\nkms:MacAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm)\nor kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm)\nin the Key Management Service Developer Guide .\n\nAmazon Web Services services that are integrated with KMS (http://aws.amazon.com/kms/features/#AWS_Service_Integration)\nuse symmetric encryption KMS keys to protect your data. These services do\nnot support asymmetric KMS keys or HMAC KMS keys.\n\nKMS supports the following key specs for KMS keys:\n\n * Symmetric encryption key (default) SYMMETRIC_DEFAULT\n\n * HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512\n\n * Asymmetric RSA key pairs RSA_2048 RSA_3072 RSA_4096\n\n * Asymmetric NIST-recommended elliptic curve key pairs ECC_NIST_P256 (secp256r1)\n ECC_NIST_P384 (secp384r1) ECC_NIST_P521 (secp521r1)\n\n * Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1),\n commonly used for cryptocurrencies.\n\n * SM2 key pairs (China Regions only) SM2" + description: "Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT,\ncreates a KMS key with a 256-bit AES-GCM key that is used for encryption\nand decryption, except in China Regions, where it creates a 128-bit symmetric\nkey that uses SM4 encryption. For help choosing a key spec for your KMS key,\nsee Choosing a KMS key type (https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose)\nin the Key Management Service Developer Guide .\n\nThe KeySpec determines whether the KMS key contains a symmetric key or an\nasymmetric key pair. It also determines the algorithms that the KMS key supports.\nYou can't change the KeySpec after the KMS key is created. To further restrict\nthe algorithms that can be used with the KMS key, use a condition key in\nits key policy or IAM policy. For more information, see kms:EncryptionAlgorithm\n(https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm),\nkms:MacAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm)\nor kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm)\nin the Key Management Service Developer Guide .\n\nAmazon Web Services services that are integrated with KMS (http://aws.amazon.com/kms/features/#AWS_Service_Integration)\nuse symmetric encryption KMS keys to protect your data. These services do\nnot support asymmetric KMS keys or HMAC KMS keys.\n\nKMS supports the following key specs for KMS keys:\n\n * Symmetric encryption key (default) SYMMETRIC_DEFAULT\n\n * HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512\n\n * Asymmetric RSA key pairs (encryption and decryption -or- signing and\n verification) RSA_2048 RSA_3072 RSA_4096\n\n * Asymmetric NIST-recommended elliptic curve key pairs (signing and verification\n -or- deriving shared secrets) ECC_NIST_P256 (secp256r1) ECC_NIST_P384\n (secp384r1) ECC_NIST_P521 (secp521r1)\n\n * Other asymmetric elliptic curve key pairs (signing and verification)\n ECC_SECG_P256K1 (secp256k1), commonly used for cryptocurrencies.\n\n * SM2 key pairs (encryption and decryption -or- signing and verification\n -or- deriving shared secrets) SM2 (China Regions only)" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" keyUsage: - description: "Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)\nfor which you can use the KMS key. The default value is ENCRYPT_DECRYPT.\nThis parameter is optional when you are creating a symmetric encryption KMS\nkey; otherwise, it is required. You can't change the KeyUsage value after\nthe KMS key is created.\n\nSelect only one valid value.\n\n * For symmetric encryption KMS keys, omit the parameter or specify ENCRYPT_DECRYPT.\n\n * For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC.\n\n * For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT\n or SIGN_VERIFY.\n\n * For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY.\n\n * For asymmetric KMS keys with SM2 key material (China Regions only),\n specify ENCRYPT_DECRYPT or SIGN_VERIFY." + description: "Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)\nfor which you can use the KMS key. The default value is ENCRYPT_DECRYPT.\nThis parameter is optional when you are creating a symmetric encryption KMS\nkey; otherwise, it is required. You can't change the KeyUsage value after\nthe KMS key is created.\n\nSelect only one valid value.\n\n * For symmetric encryption KMS keys, omit the parameter or specify ENCRYPT_DECRYPT.\n\n * For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC.\n\n * For asymmetric KMS keys with RSA key pairs, specify ENCRYPT_DECRYPT\n or SIGN_VERIFY.\n\n * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,\n specify SIGN_VERIFY or KEY_AGREEMENT.\n\n * For asymmetric KMS keys with ECC_SECG_P256K1 key pairs specify SIGN_VERIFY.\n\n * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify\n ENCRYPT_DECRYPT, SIGN_VERIFY, or KEY_AGREEMENT." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" multiRegion: - description: "Creates a multi-Region primary key that you can replicate into other Amazon\nWeb Services Regions. You cannot change this value after you create the KMS\nkey.\n\nFor a multi-Region key, set this parameter to True. For a single-Region KMS\nkey, omit this parameter or set it to False. The default value is False.\n\nThis operation supports multi-Region keys, an KMS feature that lets you create\nmultiple interoperable KMS keys in different Amazon Web Services Regions.\nBecause these KMS keys have the same key ID, key material, and other metadata,\nyou can use them interchangeably to encrypt data in one Amazon Web Services\nRegion and decrypt it in a different Amazon Web Services Region without re-encrypting\nthe data or making a cross-Region call. For more information about multi-Region\nkeys, see Multi-Region keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)\nin the Key Management Service Developer Guide.\n\nThis value creates a primary key, not a replica. To create a replica key,\nuse the ReplicateKey operation.\n\nYou can create a multi-Region version of a symmetric encryption KMS key,\nan HMAC KMS key, an asymmetric KMS key, or a KMS key with imported key material.\nHowever, you cannot create a multi-Region key in a custom key store." + description: "Creates a multi-Region primary key that you can replicate into other Amazon\nWeb Services Regions. You cannot change this value after you create the KMS\nkey.\n\nFor a multi-Region key, set this parameter to True. For a single-Region KMS\nkey, omit this parameter or set it to False. The default value is False.\n\nThis operation supports multi-Region keys, an KMS feature that lets you create\nmultiple interoperable KMS keys in different Amazon Web Services Regions.\nBecause these KMS keys have the same key ID, key material, and other metadata,\nyou can use them interchangeably to encrypt data in one Amazon Web Services\nRegion and decrypt it in a different Amazon Web Services Region without re-encrypting\nthe data or making a cross-Region call. For more information about multi-Region\nkeys, see Multi-Region keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)\nin the Key Management Service Developer Guide.\n\nThis value creates a primary key, not a replica. To create a replica key,\nuse the ReplicateKey operation.\n\nYou can create a symmetric or asymmetric multi-Region key, and you can create\na multi-Region key with imported key material. However, you cannot create\na multi-Region key in a custom key store." type: "boolean" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" origin: - description: "The source of the key material for the KMS key. You cannot change the origin\nafter you create the KMS key. The default is AWS_KMS, which means that KMS\ncreates the key material.\n\nTo create a KMS key with no key material (for imported key material), set\nthe value to EXTERNAL. For more information about importing key material\ninto KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)\nin the Key Management Service Developer Guide. This value is valid only for\nsymmetric encryption KMS keys.\n\nTo create a KMS key in an KMS custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)\nand create its key material in the associated CloudHSM cluster, set this\nvalue to AWS_CLOUDHSM. You must also use the CustomKeyStoreId parameter to\nidentify the custom key store. This value is valid only for symmetric encryption\nKMS keys." + description: "The source of the key material for the KMS key. You cannot change the origin\nafter you create the KMS key. The default is AWS_KMS, which means that KMS\ncreates the key material.\n\nTo create a KMS key with no key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html)\n(for imported key material), set this value to EXTERNAL. For more information\nabout importing key material into KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)\nin the Key Management Service Developer Guide. The EXTERNAL origin value\nis valid only for symmetric KMS keys.\n\nTo create a KMS key in an CloudHSM key store (https://docs.aws.amazon.com/kms/latest/developerguide/create-cmk-keystore.html)\nand create its key material in the associated CloudHSM cluster, set this\nvalue to AWS_CLOUDHSM. You must also use the CustomKeyStoreId parameter to\nidentify the CloudHSM key store. The KeySpec value must be SYMMETRIC_DEFAULT.\n\nTo create a KMS key in an external key store (https://docs.aws.amazon.com/kms/latest/developerguide/create-xks-keys.html),\nset this value to EXTERNAL_KEY_STORE. You must also use the CustomKeyStoreId\nparameter to identify the external key store and the XksKeyId parameter to\nidentify the associated external key. The KeySpec value must be SYMMETRIC_DEFAULT." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" policy: - description: "The key policy to attach to the KMS key. If you do not specify a key policy,\nKMS attaches a default key policy to the KMS key. For more information, see\nDefault key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)\nin the Key Management Service Developer Guide.\n\nIf you provide a key policy, it must meet the following criteria:\n\n * If you don't set BypassPolicyLockoutSafetyCheck to True, the key policy\n must allow the principal that is making the CreateKey request to make\n a subsequent PutKeyPolicy request on the KMS key. This reduces the risk\n that the KMS key becomes unmanageable. For more information, refer to\n the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)\n section of the Key Management Service Developer Guide .\n\n * Each statement in the key policy must contain one or more principals.\n The principals in the key policy must exist and be visible to KMS. When\n you create a new Amazon Web Services principal (for example, an IAM user\n or role), you might need to enforce a delay before including the new principal\n in a key policy because the new principal might not be immediately visible\n to KMS. For more information, see Changes that I make are not always immediately\n visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)\n in the Amazon Web Services Identity and Access Management User Guide.\n\nA key policy document can include only the following characters:\n\n * Printable ASCII characters from the space character (\\u0020) through\n the end of the ASCII character range.\n\n * Printable characters in the Basic Latin and Latin-1 Supplement character\n set (through \\u00FF).\n\n * The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special\n characters\n\nFor information about key policies, see Key policies in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)\nin the Key Management Service Developer Guide. For help writing and formatting\na JSON policy document, see the IAM JSON Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)\nin the Identity and Access Management User Guide ." + description: "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n * The key policy must allow the calling principal to make a subsequent\n PutKeyPolicy request on the KMS key. This reduces the risk that the KMS\n key becomes unmanageable. For more information, see Default key policy\n (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key)\n in the Key Management Service Developer Guide. (To omit this condition,\n set BypassPolicyLockoutSafetyCheck to true.)\n\n * Each statement in the key policy must contain one or more principals.\n The principals in the key policy must exist and be visible to KMS. When\n you create a new Amazon Web Services principal, you might need to enforce\n a delay before including the new principal in a key policy because the\n new principal might not be immediately visible to KMS. For more information,\n see Changes that I make are not always immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)\n in the Amazon Web Services Identity and Access Management User Guide.\n\nIf you do not provide a key policy, KMS attaches a default key policy to\nthe KMS key. For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)\nin the Key Management Service Developer Guide.\n\nThe key policy size quota is 32 kilobytes (32768 bytes).\n\nFor help writing and formatting a JSON policy document, see the IAM JSON\nPolicy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)\nin the Identity and Access Management User Guide ." type: "string" tags: - description: "Assigns one or more tags to the KMS key. Use this parameter to tag the KMS\nkey when it is created. To tag an existing KMS key, use the TagResource operation.\n\nTagging or untagging a KMS key can allow or deny permission to the KMS key.\nFor details, see ABAC in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html)\nin the Key Management Service Developer Guide.\n\nTo use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)\npermission in an IAM policy.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the\ntag value are required, but the tag value can be an empty (null) string.\nYou cannot have more than one tag on a KMS key with the same tag key. If\nyou specify an existing tag key with a different tag value, KMS replaces\nthe current tag value with the specified one.\n\nWhen you add tags to an Amazon Web Services resource, Amazon Web Services\ngenerates a cost allocation report with usage and costs aggregated by tags.\nTags can also be used to control access to a KMS key. For details, see Tagging\nKeys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html)." + description: "Assigns one or more tags to the KMS key. Use this parameter to tag the KMS\nkey when it is created. To tag an existing KMS key, use the TagResource operation.\n\nDo not include confidential or sensitive information in this field. This\nfield may be displayed in plaintext in CloudTrail logs and other output.\n\nTagging or untagging a KMS key can allow or deny permission to the KMS key.\nFor details, see ABAC for KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html)\nin the Key Management Service Developer Guide.\n\nTo use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)\npermission in an IAM policy.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the\ntag value are required, but the tag value can be an empty (null) string.\nYou cannot have more than one tag on a KMS key with the same tag key. If\nyou specify an existing tag key with a different tag value, KMS replaces\nthe current tag value with the specified one.\n\nWhen you add tags to an Amazon Web Services resource, Amazon Web Services\ngenerates a cost allocation report with usage and costs aggregated by tags.\nTags can also be used to control access to a KMS key. For details, see Tagging\nKeys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html)." items: - description: "A key-value pair. A tag consists of a tag key and a tag value. Tag keys and\ntag values are both required, but tag values can be empty (null) strings.\n\nFor information about the rules that apply to tag keys and tag values, see\nUser-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html)\nin the Amazon Web Services Billing and Cost Management User Guide." + description: "A key-value pair. A tag consists of a tag key and a tag value. Tag keys and\ntag values are both required, but tag values can be empty (null) strings.\n\nDo not include confidential or sensitive information in this field. This\nfield may be displayed in plaintext in CloudTrail logs and other output.\n\nFor information about the rules that apply to tag keys and tag values, see\nUser-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html)\nin the Amazon Web Services Billing and Cost Management User Guide." properties: tagKey: type: "string" @@ -90,10 +108,10 @@ spec: description: "The twelve-digit account ID of the Amazon Web Services account that owns\nthe KMS key." type: "string" cloudHsmClusterID: - description: "The cluster ID of the CloudHSM cluster that contains the key material for\nthe KMS key. When you create a KMS key in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),\nKMS creates the key material for the KMS key in the associated CloudHSM cluster.\nThis value is present only when the KMS key is created in a custom key store." + description: "The cluster ID of the CloudHSM cluster that contains the key material for\nthe KMS key. When you create a KMS key in an CloudHSM custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),\nKMS creates the key material for the KMS key in the associated CloudHSM cluster.\nThis field is present only when the KMS key is created in an CloudHSM key\nstore." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/aliases.yaml b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/aliases.yaml index d6d4c81e7..8fc8ab2d0 100644 --- a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/aliases.yaml +++ b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/aliases.yaml @@ -44,7 +44,7 @@ spec: type: "string" type: "object" onSuccess: - description: "A destination for events that were processed successfully." + description: "A destination for events that were processed successfully.\n\nTo retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations),\nyou can configure an Amazon SNS topic, Amazon SQS queue, Lambda function,\nor Amazon EventBridge event bus as the destination." properties: destination: type: "string" @@ -62,7 +62,7 @@ spec: type: "string" type: "object" functionName: - description: "The name of the Lambda function.\n\nName formats\n\n * Function name - MyFunction.\n\n * Function ARN - arn:aws:lambda:us-west-2:123456789012:function:MyFunction.\n\n * Partial ARN - 123456789012:function:MyFunction.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." + description: "The name or ARN of the Lambda function.\n\nName formats\n\n * Function name - MyFunction.\n\n * Function ARN - arn:aws:lambda:us-west-2:123456789012:function:MyFunction.\n\n * Partial ARN - 123456789012:function:MyFunction.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." type: "string" functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -125,7 +125,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/codesigningconfigs.yaml b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/codesigningconfigs.yaml index 76e8685de..702d8b6df 100644 --- a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/codesigningconfigs.yaml +++ b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/codesigningconfigs.yaml @@ -72,7 +72,7 @@ spec: description: "Unique identifer for the Code signing configuration." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/eventsourcemappings.yaml b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/eventsourcemappings.yaml index d59821cd5..36be5d2a6 100644 --- a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/eventsourcemappings.yaml +++ b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/eventsourcemappings.yaml @@ -36,14 +36,14 @@ spec: type: "string" type: "object" batchSize: - description: "The maximum number of records in each batch that Lambda pulls from your stream\nor queue and sends to your function. Lambda passes all of the records in\nthe batch to the function in a single call, up to the payload limit for synchronous\ninvocation (6 MB).\n\n * Amazon Kinesis – Default 100. Max 10,000.\n\n * Amazon DynamoDB Streams – Default 100. Max 10,000.\n\n * Amazon Simple Queue Service – Default 10. For standard queues the\n max is 10,000. For FIFO queues the max is 10.\n\n * Amazon Managed Streaming for Apache Kafka – Default 100. Max 10,000.\n\n * Self-managed Apache Kafka – Default 100. Max 10,000.\n\n * Amazon MQ (ActiveMQ and RabbitMQ) – Default 100. Max 10,000." + description: "The maximum number of records in each batch that Lambda pulls from your stream\nor queue and sends to your function. Lambda passes all of the records in\nthe batch to the function in a single call, up to the payload limit for synchronous\ninvocation (6 MB).\n\n * Amazon Kinesis – Default 100. Max 10,000.\n\n * Amazon DynamoDB Streams – Default 100. Max 10,000.\n\n * Amazon Simple Queue Service – Default 10. For standard queues the\n max is 10,000. For FIFO queues the max is 10.\n\n * Amazon Managed Streaming for Apache Kafka – Default 100. Max 10,000.\n\n * Self-managed Apache Kafka – Default 100. Max 10,000.\n\n * Amazon MQ (ActiveMQ and RabbitMQ) – Default 100. Max 10,000.\n\n * DocumentDB – Default 100. Max 10,000." format: "int64" type: "integer" bisectBatchOnFunctionError: - description: "(Streams only) If the function returns an error, split the batch in two and\nretry." + description: "(Kinesis and DynamoDB Streams only) If the function returns an error, split\nthe batch in two and retry." type: "boolean" destinationConfig: - description: "(Streams only) An Amazon SQS queue or Amazon SNS topic destination for discarded\nrecords." + description: "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Kafka only) A configuration\nobject that specifies the destination of an event after Lambda processes\nit." properties: onFailure: description: "A destination for events that failed processing." @@ -52,7 +52,7 @@ spec: type: "string" type: "object" onSuccess: - description: "A destination for events that were processed successfully." + description: "A destination for events that were processed successfully.\n\nTo retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations),\nyou can configure an Amazon SNS topic, Amazon SQS queue, Lambda function,\nor Amazon EventBridge event bus as the destination." properties: destination: type: "string" @@ -62,7 +62,7 @@ spec: description: "When true, the event source mapping is active. When false, Lambda pauses\npolling and invocation.\n\nDefault: True" type: "boolean" eventSourceARN: - description: "The Amazon Resource Name (ARN) of the event source.\n\n * Amazon Kinesis – The ARN of the data stream or a stream consumer.\n\n * Amazon DynamoDB Streams – The ARN of the stream.\n\n * Amazon Simple Queue Service – The ARN of the queue.\n\n * Amazon Managed Streaming for Apache Kafka – The ARN of the cluster.\n\n * Amazon MQ – The ARN of the broker." + description: "The Amazon Resource Name (ARN) of the event source.\n\n * Amazon Kinesis – The ARN of the data stream or a stream consumer.\n\n * Amazon DynamoDB Streams – The ARN of the stream.\n\n * Amazon Simple Queue Service – The ARN of the queue.\n\n * Amazon Managed Streaming for Apache Kafka – The ARN of the cluster\n or the ARN of the VPC connection (for cross-account event source mappings\n (https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n\n * Amazon MQ – The ARN of the broker.\n\n * Amazon DocumentDB – The ARN of the DocumentDB change stream." type: "string" eventSourceRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -89,7 +89,7 @@ spec: type: "array" type: "object" functionName: - description: "The name of the Lambda function.\n\nName formats\n\n * Function name – MyFunction.\n\n * Function ARN – arn:aws:lambda:us-west-2:123456789012:function:MyFunction.\n\n * Version or Alias ARN – arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD.\n\n * Partial ARN – 123456789012:function:MyFunction.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it's limited to 64 characters in length." + description: "The name or ARN of the Lambda function.\n\nName formats\n\n * Function name – MyFunction.\n\n * Function ARN – arn:aws:lambda:us-west-2:123456789012:function:MyFunction.\n\n * Version or Alias ARN – arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD.\n\n * Partial ARN – 123456789012:function:MyFunction.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it's limited to 64 characters in length." type: "string" functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -104,24 +104,24 @@ spec: type: "object" type: "object" functionResponseTypes: - description: "(Streams and Amazon SQS) A list of current response type enums applied to\nthe event source mapping." + description: "(Kinesis, DynamoDB Streams, and Amazon SQS) A list of current response type\nenums applied to the event source mapping." items: type: "string" type: "array" maximumBatchingWindowInSeconds: - description: "The maximum amount of time, in seconds, that Lambda spends gathering records\nbefore invoking the function. You can configure MaximumBatchingWindowInSeconds\nto any value from 0 seconds to 300 seconds in increments of seconds.\n\nFor streams and Amazon SQS event sources, the default batching window is\n0 seconds. For Amazon MSK, Self-managed Apache Kafka, and Amazon MQ event\nsources, the default batching window is 500 ms. Note that because you can\nonly change MaximumBatchingWindowInSeconds in increments of seconds, you\ncannot revert back to the 500 ms default batching window after you have changed\nit. To restore the default batching window, you must create a new event source\nmapping.\n\nRelated setting: For streams and Amazon SQS event sources, when you set BatchSize\nto a value greater than 10, you must set MaximumBatchingWindowInSeconds to\nat least 1." + description: "The maximum amount of time, in seconds, that Lambda spends gathering records\nbefore invoking the function. You can configure MaximumBatchingWindowInSeconds\nto any value from 0 seconds to 300 seconds in increments of seconds.\n\nFor Kinesis, DynamoDB, and Amazon SQS event sources, the default batching\nwindow is 0 seconds. For Amazon MSK, Self-managed Apache Kafka, Amazon MQ,\nand DocumentDB event sources, the default batching window is 500 ms. Note\nthat because you can only change MaximumBatchingWindowInSeconds in increments\nof seconds, you cannot revert back to the 500 ms default batching window\nafter you have changed it. To restore the default batching window, you must\ncreate a new event source mapping.\n\nRelated setting: For Kinesis, DynamoDB, and Amazon SQS event sources, when\nyou set BatchSize to a value greater than 10, you must set MaximumBatchingWindowInSeconds\nto at least 1." format: "int64" type: "integer" maximumRecordAgeInSeconds: - description: "(Streams only) Discard records older than the specified age. The default\nvalue is infinite (-1)." + description: "(Kinesis and DynamoDB Streams only) Discard records older than the specified\nage. The default value is infinite (-1)." format: "int64" type: "integer" maximumRetryAttempts: - description: "(Streams only) Discard records after the specified number of retries. The\ndefault value is infinite (-1). When set to infinite (-1), failed records\nare retried until the record expires." + description: "(Kinesis and DynamoDB Streams only) Discard records after the specified number\nof retries. The default value is infinite (-1). When set to infinite (-1),\nfailed records are retried until the record expires." format: "int64" type: "integer" parallelizationFactor: - description: "(Streams only) The number of batches to process from each shard concurrently." + description: "(Kinesis and DynamoDB Streams only) The number of batches to process from\neach shard concurrently." format: "int64" type: "integer" queueRefs: @@ -178,10 +178,10 @@ spec: type: "object" type: "array" startingPosition: - description: "The position in a stream from which to start reading. Required for Amazon\nKinesis, Amazon DynamoDB, and Amazon MSK Streams sources. AT_TIMESTAMP is\nsupported only for Amazon Kinesis streams." + description: "The position in a stream from which to start reading. Required for Amazon\nKinesis and Amazon DynamoDB Stream event sources. AT_TIMESTAMP is supported\nonly for Amazon Kinesis streams, Amazon DocumentDB, Amazon MSK, and self-managed\nApache Kafka." type: "string" startingPositionTimestamp: - description: "With StartingPosition set to AT_TIMESTAMP, the time from which to start reading." + description: "With StartingPosition set to AT_TIMESTAMP, the time from which to start reading.\nStartingPositionTimestamp cannot be in the future." format: "date-time" type: "string" topics: @@ -190,7 +190,7 @@ spec: type: "string" type: "array" tumblingWindowInSeconds: - description: "(Streams only) The duration in seconds of a processing window. The range\nis between 1 second and 900 seconds." + description: "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing\nwindow for DynamoDB and Kinesis Streams event sources. A value of 0 seconds\nindicates no tumbling window." format: "int64" type: "integer" type: "object" @@ -214,7 +214,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functions.yaml b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functions.yaml index b8c9e23ce..cf5395411 100644 --- a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functions.yaml +++ b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functions.yaml @@ -64,7 +64,7 @@ spec: type: "string" type: "object" codeSigningConfigARN: - description: "To enable code signing for this function, specify the ARN of a code-signing\nconfiguration. A code-signing configuration includes a set of signing profiles,\nwhich define the trusted publishers for this function." + description: "To enable code signing for this function, specify the ARN of a code-signing\nconfiguration. A code-signing configurationincludes a set of signing profiles,\nwhich define the trusted publishers for this function." type: "string" deadLetterConfig: description: "A dead-letter queue configuration that specifies the queue or topic where\nLambda sends asynchronous events when they fail processing. For more information,\nsee Dead-letter queues (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq)." @@ -84,7 +84,7 @@ spec: type: "object" type: "object" ephemeralStorage: - description: "The size of the function's /tmp directory in MB. The default value is 512,\nbut can be any whole number between 512 and 10,240 MB." + description: "The size of the function's /tmp directory in MB. The default value is 512,\nbut can be any whole number between 512 and 10,240 MB. For more information,\nsee Configuring ephemeral storage (console) (https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-ephemeral-storage)." properties: size: format: "int64" @@ -114,7 +114,7 @@ spec: type: "string" type: "object" onSuccess: - description: "A destination for events that were processed successfully." + description: "A destination for events that were processed successfully.\n\nTo retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations),\nyou can configure an Amazon SNS topic, Amazon SQS queue, Lambda function,\nor Amazon EventBridge event bus as the destination." properties: destination: type: "string" @@ -135,7 +135,7 @@ spec: description: "The name of the method within your code that Lambda calls to run your function.\nHandler is required if the deployment package is a .zip file archive. The\nformat includes the file name. It can also include namespaces and other qualifiers,\ndepending on the runtime. For more information, see Lambda programming model\n(https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html)." type: "string" imageConfig: - description: "Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/configuration-images.html#configuration-images-settings)\nthat override the values in the container image Dockerfile." + description: "Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms)\nthat override the values in the container image Dockerfile." properties: command: items: @@ -149,7 +149,7 @@ spec: type: "string" type: "object" kmsKeyARN: - description: "The ARN of the Key Management Service (KMS) key that's used to encrypt your\nfunction's environment variables. If it's not provided, Lambda uses a default\nservice key." + description: "The ARN of the Key Management Service (KMS) customer managed key that's used\nto encrypt the following resources:\n\n * The function's environment variables (https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption).\n\n * The function's Lambda SnapStart (https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html)\n snapshots.\n\n * When used with SourceKMSKeyArn, the unzipped version of the .zip deployment\n package that's used for function invocations. For more information, see\n Specifying a customer managed key for Lambda (https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption).\n\n * The optimized version of the container image that's used for function\n invocations. Note that this is not the same key that's used to protect\n your container image in the Amazon Elastic Container Registry (Amazon\n ECR). For more information, see Function lifecycle (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle).\n\nIf you don't provide a customer managed key, Lambda uses an Amazon Web Services\nowned key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk)\nor an Amazon Web Services managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)." type: "string" kmsKeyRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -173,7 +173,7 @@ spec: format: "int64" type: "integer" name: - description: "The name of the Lambda function.\n\nName formats\n\n * Function name – my-function.\n\n * Function ARN – arn:aws:lambda:us-west-2:123456789012:function:my-function.\n\n * Partial ARN – 123456789012:function:my-function.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." + description: "The name or ARN of the Lambda function.\n\nName formats\n\n * Function name – my-function.\n\n * Function ARN – arn:aws:lambda:us-west-2:123456789012:function:my-function.\n\n * Partial ARN – 123456789012:function:my-function.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." type: "string" packageType: description: "The type of deployment package. Set to Image for container image and set\nto Zip for .zip file archive." @@ -201,7 +201,7 @@ spec: type: "object" type: "object" runtime: - description: "The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).\nRuntime is required if the deployment package is a .zip file archive." + description: "The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).\nRuntime is required if the deployment package is a .zip file archive. Specifying\na runtime results in an error if you're deploying a function using a container\nimage.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new\nfunctions and updating existing functions shortly after each runtime is deprecated.\nFor more information, see Runtime use after deprecation (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels).\n\nFor a list of all currently supported runtimes, see Supported runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported)." type: "string" snapStart: description: "The function's SnapStart (https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html)\nsetting." @@ -219,7 +219,7 @@ spec: format: "int64" type: "integer" tracingConfig: - description: "Set Mode to Active to sample and trace a subset of incoming requests with\nX-Ray (https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html)." + description: "Set Mode to Active to sample and trace a subset of incoming requests withX-Ray\n(https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html)." properties: mode: type: "string" @@ -297,7 +297,7 @@ spec: format: "int64" type: "integer" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functionurlconfigs.yaml b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functionurlconfigs.yaml index 8cfb118cb..97e742023 100644 --- a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functionurlconfigs.yaml +++ b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/functionurlconfigs.yaml @@ -30,7 +30,7 @@ spec: description: "FunctionUrlConfigSpec defines the desired state of FunctionUrlConfig.\n\nDetails about a Lambda function URL." properties: authType: - description: "The type of authentication that your function URL uses. Set to AWS_IAM if\nyou want to restrict access to authenticated IAM users only. Set to NONE\nif you want to bypass IAM authentication to create a public endpoint. For\nmore information, see Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)." + description: "The type of authentication that your function URL uses. Set to AWS_IAM if\nyou want to restrict access to authenticated users only. Set to NONE if you\nwant to bypass IAM authentication to create a public endpoint. For more information,\nsee Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)." type: "string" cors: description: "The cross-origin resource sharing (CORS) (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)\nsettings for your function URL." @@ -58,7 +58,7 @@ spec: type: "integer" type: "object" functionName: - description: "The name of the Lambda function.\n\nName formats\n\n * Function name – my-function.\n\n * Function ARN – arn:aws:lambda:us-west-2:123456789012:function:my-function.\n\n * Partial ARN – 123456789012:function:my-function.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." + description: "The name or ARN of the Lambda function.\n\nName formats\n\n * Function name – my-function.\n\n * Function ARN – arn:aws:lambda:us-west-2:123456789012:function:my-function.\n\n * Partial ARN – 123456789012:function:my-function.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." type: "string" functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -98,7 +98,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/layerversions.yaml b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/layerversions.yaml index 220168a54..a3a2baf17 100644 --- a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/layerversions.yaml +++ b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/layerversions.yaml @@ -35,7 +35,7 @@ spec: type: "string" type: "array" compatibleRuntimes: - description: "A list of compatible function runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).\nUsed for filtering with ListLayers and ListLayerVersions." + description: "A list of compatible function runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).\nUsed for filtering with ListLayers and ListLayerVersions.\n\nThe following list includes deprecated runtimes. For more information, see\nRuntime deprecation policy (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy)." items: type: "string" type: "array" @@ -85,7 +85,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/versions.yaml b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/versions.yaml index 697792160..b6c53f9b0 100644 --- a/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/versions.yaml +++ b/crd-catalog/aws-controllers-k8s/lambda-controller/lambda.services.k8s.aws/v1alpha1/versions.yaml @@ -46,7 +46,7 @@ spec: type: "string" type: "object" onSuccess: - description: "A destination for events that were processed successfully." + description: "A destination for events that were processed successfully.\n\nTo retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations),\nyou can configure an Amazon SNS topic, Amazon SQS queue, Lambda function,\nor Amazon EventBridge event bus as the destination." properties: destination: type: "string" @@ -64,7 +64,7 @@ spec: type: "string" type: "object" functionName: - description: "The name of the Lambda function.\n\nName formats\n\n * Function name - MyFunction.\n\n * Function ARN - arn:aws:lambda:us-west-2:123456789012:function:MyFunction.\n\n * Partial ARN - 123456789012:function:MyFunction.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." + description: "The name or ARN of the Lambda function.\n\nName formats\n\n * Function name - MyFunction.\n\n * Function ARN - arn:aws:lambda:us-west-2:123456789012:function:MyFunction.\n\n * Partial ARN - 123456789012:function:MyFunction.\n\nThe length constraint applies only to the full ARN. If you specify only the\nfunction name, it is limited to 64 characters in length." type: "string" functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -121,7 +121,7 @@ spec: format: "int64" type: "integer" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -169,7 +169,7 @@ spec: type: "object" type: "object" ephemeralStorage: - description: "The size of the function’s /tmp directory in MB. The default value is 512,\nbut it can be any whole number between 512 and 10,240 MB." + description: "The size of the function's /tmp directory in MB. The default value is 512,\nbut can be any whole number between 512 and 10,240 MB. For more information,\nsee Configuring ephemeral storage (console) (https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-ephemeral-storage)." properties: size: format: "int64" @@ -219,7 +219,7 @@ spec: type: "object" type: "object" kmsKeyARN: - description: "The KMS key that's used to encrypt the function's environment variables.\nThis key is returned only if you've configured a customer managed key." + description: "The ARN of the Key Management Service (KMS) customer managed key that's used\nto encrypt the following resources:\n\n * The function's environment variables (https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption).\n\n * The function's Lambda SnapStart (https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html)\n snapshots.\n\n * When used with SourceKMSKeyArn, the unzipped version of the .zip deployment\n package that's used for function invocations. For more information, see\n Specifying a customer managed key for Lambda (https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption).\n\n * The optimized version of the container image that's used for function\n invocations. Note that this is not the same key that's used to protect\n your container image in the Amazon Elastic Container Registry (Amazon\n ECR). For more information, see Function lifecycle (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle).\n\nIf you don't provide a customer managed key, Lambda uses an Amazon Web Services\nowned key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk)\nor an Amazon Web Services managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)." type: "string" lastModified: description: "The date and time that the function was last updated, in ISO-8601 format\n(https://www.w3.org/TR/NOTE-datetime) (YYYY-MM-DDThh:mm:ss.sTZD)." @@ -266,7 +266,7 @@ spec: description: "The function's execution role." type: "string" runtime: - description: "The runtime environment for the Lambda function." + description: "The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).\nRuntime is required if the deployment package is a .zip file archive. Specifying\na runtime results in an error if you're deploying a function using a container\nimage.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new\nfunctions and updating existing functions shortly after each runtime is deprecated.\nFor more information, see Runtime use after deprecation (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels).\n\nFor a list of all currently supported runtimes, see Supported runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported)." type: "string" signingJobARN: description: "The ARN of the signing job." @@ -307,6 +307,8 @@ spec: vpcConfig: description: "The function's networking configuration." properties: + ipv6AllowedForDualStack: + type: "boolean" securityGroupIDs: items: type: "string" diff --git a/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml b/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml index 35aea98e5..df77bcfd0 100644 --- a/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml +++ b/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml @@ -30,11 +30,13 @@ spec: description: "BrokerSpec defines the desired state of Broker." properties: authenticationStrategy: + description: "Optional. The authentication strategy used to secure the broker. The default\nis SIMPLE." type: "string" autoMinorVersionUpgrade: + description: "Enables automatic upgrades to new patch versions for brokers as new versions\nare released and supported by Amazon MQ. Automatic upgrades occur during\nthe scheduled maintenance window or after a manual broker reboot. Set to\ntrue by default, if no value is specified.\n\nMust be set to true for ActiveMQ brokers version 5.18 and above and for RabbitMQ\nbrokers version 3.13 and above." type: "boolean" configuration: - description: "A list of information about the configuration.\n\nDoes not apply to RabbitMQ brokers." + description: "A list of information about the configuration." properties: id: type: "string" @@ -43,11 +45,13 @@ spec: type: "integer" type: "object" creatorRequestID: + description: "The unique ID that the requester receives for the created broker. Amazon\nMQ passes your ID with the API action.\n\nWe recommend using a Universally Unique Identifier (UUID) for the creatorRequestId.\nYou may omit the creatorRequestId if your application doesn't require idempotency." type: "string" deploymentMode: + description: "Required. The broker's deployment mode." type: "string" encryptionOptions: - description: "Does not apply to RabbitMQ brokers.\n\nEncryption options for the broker." + description: "Encryption options for the broker." properties: kmsKeyID: type: "string" @@ -55,13 +59,16 @@ spec: type: "boolean" type: "object" engineType: + description: "Required. The type of broker engine. Currently, Amazon MQ supports ACTIVEMQ\nand RABBITMQ." type: "string" engineVersion: + description: "The broker engine version. Defaults to the latest available version for the\nspecified broker engine type. For more information, see the ActiveMQ version\nmanagement (https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/activemq-version-management.html)\nand the RabbitMQ version management (https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/rabbitmq-version-management.html)\nsections in the Amazon MQ Developer Guide." type: "string" hostInstanceType: + description: "Required. The broker's instance type." type: "string" ldapServerMetadata: - description: "Optional. The metadata of the LDAP server used to authenticate and authorize\nconnections to the broker.\n\nDoes not apply to RabbitMQ brokers." + description: "Optional. The metadata of the LDAP server used to authenticate and authorize\nconnections to the broker. Does not apply to RabbitMQ brokers." properties: hosts: items: @@ -89,7 +96,7 @@ spec: type: "boolean" type: "object" logs: - description: "The list of information about logs to be enabled for the specified broker." + description: "Enables Amazon CloudWatch logging for brokers." properties: audit: type: "boolean" @@ -97,7 +104,7 @@ spec: type: "boolean" type: "object" maintenanceWindowStartTime: - description: "The scheduled time period relative to UTC during which Amazon MQ begins to\napply pending updates or patches to the broker." + description: "The parameters that determine the WeeklyStartTime." properties: dayOfWeek: type: "string" @@ -107,8 +114,10 @@ spec: type: "string" type: "object" name: + description: "Required. The broker's name. This value must be unique in your Amazon Web\nServices account, 1-50 characters long, must contain only letters, numbers,\ndashes, and underscores, and must not contain white spaces, brackets, wildcard\ncharacters, or special characters.\n\nDo not add personally identifiable information (PII) or other confidential\nor sensitive information in broker names. Broker names are accessible to\nother Amazon Web Services services, including CloudWatch Logs. Broker names\nare not intended to be used for private or sensitive data." type: "string" publiclyAccessible: + description: "Enables connections from applications outside of the VPC that hosts the broker's\nsubnets. Set to false by default, if no value is provided." type: "boolean" securityGroupRefs: items: @@ -125,12 +134,15 @@ spec: type: "object" type: "array" securityGroups: + description: "The list of rules (1 minimum, 125 maximum) that authorize connections to\nbrokers." items: type: "string" type: "array" storageType: + description: "The broker's storage type." type: "string" subnetIDs: + description: "The list of groups that define which subnets and IP ranges the broker can\nuse from different Availability Zones. If you specify more than one subnet,\nthe subnets must be in different Availability Zones. Amazon MQ will not be\nable to create VPC endpoints for your broker with multiple subnets in the\nsame Availability Zone. A SINGLE_INSTANCE deployment requires one subnet\n(for example, the default subnet). An ACTIVE_STANDBY_MULTI_AZ Amazon MQ for\nActiveMQ deployment requires two subnets. A CLUSTER_MULTI_AZ Amazon MQ for\nRabbitMQ deployment has no subnet requirements when deployed with public\naccessibility. Deployment without public accessibility requires at least\none subnet.\n\nIf you specify subnets in a shared VPC (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html)\nfor a RabbitMQ broker, the associated VPC to which the specified subnets\nbelong must be owned by your Amazon Web Services account. Amazon MQ will\nnot be able to create VPC endpoints in VPCs that are not owned by your Amazon\nWeb Services account." items: type: "string" type: "array" @@ -151,10 +163,12 @@ spec: tags: additionalProperties: type: "string" + description: "Create tags when creating the broker." type: "object" users: + description: "The list of broker users (persons or applications) who can access queues\nand topics. For Amazon MQ for RabbitMQ brokers, one and only one administrative\nuser is accepted and created when a broker is first provisioned. All subsequent\nbroker users are created by making RabbitMQ API calls directly to brokers\nor via the RabbitMQ web console." items: - description: "A user associated with the broker. For RabbitMQ brokers, one and only one\nadministrative user is accepted and created when a broker is first provisioned.\nAll subsequent broker users are created by making RabbitMQ API calls directly\nto brokers or via the RabbitMQ web console." + description: "A user associated with the broker. For Amazon MQ for RabbitMQ brokers, one\nand only one administrative user is accepted and created when a broker is\nfirst provisioned. All subsequent broker users are created by making RabbitMQ\nAPI calls directly to brokers or via the RabbitMQ web console." properties: consoleAccess: type: "boolean" @@ -183,10 +197,8 @@ spec: type: "object" type: "array" required: - - "autoMinorVersionUpgrade" - "deploymentMode" - "engineType" - - "engineVersion" - "hostInstanceType" - "name" - "publiclyAccessible" @@ -212,8 +224,10 @@ spec: - "region" type: "object" brokerID: + description: "The unique ID that Amazon MQ generates for the broker." type: "string" brokerInstances: + description: "A list of information about allocated brokers." items: description: "Returns information about all brokers." properties: @@ -228,9 +242,10 @@ spec: type: "object" type: "array" brokerState: + description: "The broker's status." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewallpolicies.yaml b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewallpolicies.yaml index 585773d95..5901203e1 100644 --- a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewallpolicies.yaml +++ b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewallpolicies.yaml @@ -170,7 +170,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml index 81873b852..437dbc9b5 100644 --- a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml +++ b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml @@ -52,6 +52,24 @@ spec: firewallPolicyChangeProtection: description: "A setting indicating whether the firewall is protected against a change to\nthe firewall policy association. Use this setting to protect against accidentally\nmodifying the firewall policy for a firewall that is in use. When you create\na firewall, the operation initializes this setting to TRUE." type: "boolean" + loggingConfiguration: + description: "Defines how Network Firewall performs logging for a firewall. If you omit\nthis setting, Network Firewall disables logging for the firewall." + properties: + logDestinationConfigs: + items: + description: "Defines where Network Firewall sends logs for the firewall for one log type.\nThis is used in LoggingConfiguration. You can send each type of log to an\nAmazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.\n\nNetwork Firewall generates logs for stateful rule groups. You can save alert,\nflow, and TLS log types." + properties: + logDestination: + additionalProperties: + type: "string" + type: "object" + logDestinationType: + type: "string" + logType: + type: "string" + type: "object" + type: "array" + type: "object" subnetChangeProtection: description: "A setting indicating whether the firewall is protected against changes to\nthe subnet associations. Use this setting to protect against accidentally\nmodifying the subnet associations for a firewall that is in use. When you\ncreate a firewall, the operation initializes this setting to TRUE." type: "boolean" @@ -106,7 +124,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/rulegroups.yaml b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/rulegroups.yaml index 7ea20794a..f8dfab679 100644 --- a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/rulegroups.yaml +++ b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/rulegroups.yaml @@ -264,7 +264,7 @@ spec: description: "The descriptive name of the rule group. You can't change the name of a rule\ngroup after you create it." type: "string" rules: - description: "A string containing stateful rule group rules specifications in Suricata\nflat format, with one rule per line. Use this to import your existing Suricata\ncompatible rule groups.\n\nYou must provide either this rules setting or a populated RuleGroup setting,\nbut not both.\n\nYou can provide your rule group specification in Suricata flat format through\nthis setting when you create or update your rule group. The call response\nreturns a RuleGroup object that Network Firewall has populated from your\nstring." + description: "A string containing stateful rule group rules specifications in Suricata\nflat format, with one ruleper line. Use this to import your existing Suricata\ncompatible rule groups.\n\nYou must provide either this rules setting or a populated RuleGroup setting,\nbut not both.\n\nYou can provide your rule group specification in Suricata flat format through\nthis setting when you create or update your rule group. The callresponse\nreturns a RuleGroup object that Network Firewall has populated from your\nstring." type: "string" sourceMetadata: description: "A complex type that contains metadata about the rule group that your own\nrule group is copied from. You can use the metadata to keep track of updates\nmade to the originating rule group." @@ -286,7 +286,7 @@ spec: type: "object" type: "array" type_: - description: "Indicates whether the rule group is stateless or stateful. If the rule group\nis stateless, it contains stateless rules. If it is stateful, it contains\nstateful rules." + description: "Indicates whether the rule group is stateless or stateful. If the rule group\nis stateless, it containsstateless rules. If it is stateful, it contains\nstateful rules." type: "string" required: - "capacity" @@ -313,7 +313,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml b/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml index 802158a14..77623b1bb 100644 --- a/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml +++ b/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml @@ -362,7 +362,7 @@ spec: type: "string" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/organizations-controller/organizations.services.k8s.aws/v1alpha1/organizationalunits.yaml b/crd-catalog/aws-controllers-k8s/organizations-controller/organizations.services.k8s.aws/v1alpha1/organizationalunits.yaml index 130324e49..92efabe6a 100644 --- a/crd-catalog/aws-controllers-k8s/organizations-controller/organizations.services.k8s.aws/v1alpha1/organizationalunits.yaml +++ b/crd-catalog/aws-controllers-k8s/organizations-controller/organizations.services.k8s.aws/v1alpha1/organizationalunits.yaml @@ -36,7 +36,7 @@ spec: description: "The unique identifier (ID) of the parent root or OU that you want to create\nthe new OU in.\n\nThe regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string\nrequires one of the following:\n\n * Root - A string that begins with \"r-\" followed by from 4 to 32 lowercase\n letters or digits.\n\n * Organizational unit (OU) - A string that begins with \"ou-\" followed\n by from 4 to 32 lowercase letters or digits (the ID of the root that the\n OU is in). This string is followed by a second \"-\" dash and from 8 to\n 32 additional lowercase letters or digits." type: "string" tags: - description: "A list of tags that you want to attach to the newly created OU. For each\ntag in the list, you must specify both a tag key and a value. You can set\nthe value to an empty string, but you can't set it to null. For more information\nabout tagging, see Tagging Organizations resources (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html)\nin the Organizations User Guide.\n\nIf any one of the tags is invalid or if you exceed the allowed number of\ntags for an OU, then the entire request fails and the OU is not created." + description: "A list of tags that you want to attach to the newly created OU. For each\ntag in the list, you must specify both a tag key and a value. You can set\nthe value to an empty string, but you can't set it to null. For more information\nabout tagging, see Tagging Organizations resources (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html)\nin the Organizations User Guide.\n\nIf any one of the tags is not valid or if you exceed the allowed number of\ntags for an OU, then the entire request fails and the OU is not created." items: description: "A custom key-value pair associated with a resource within your organization.\n\nYou can attach tags to any of the following organization resources.\n\n * Amazon Web Services account\n\n * Organizational unit (OU)\n\n * Organization root\n\n * Policy" properties: @@ -70,7 +70,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -96,7 +96,7 @@ spec: type: "object" type: "array" id: - description: "The unique identifier (ID) associated with this OU.\n\nThe regex pattern (http://wikipedia.org/wiki/regex) for an organizational\nunit ID string requires \"ou-\" followed by from 4 to 32 lowercase letters\nor digits (the ID of the root that contains the OU). This string is followed\nby a second \"-\" dash and from 8 to 32 additional lowercase letters or digits." + description: "The unique identifier (ID) associated with this OU. The ID is unique to the\norganization only.\n\nThe regex pattern (http://wikipedia.org/wiki/regex) for an organizational\nunit ID string requires \"ou-\" followed by from 4 to 32 lowercase letters\nor digits (the ID of the root that contains the OU). This string is followed\nby a second \"-\" dash and from 8 to 32 additional lowercase letters or digits." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/pipes-controller/pipes.services.k8s.aws/v1alpha1/pipes.yaml b/crd-catalog/aws-controllers-k8s/pipes-controller/pipes.services.k8s.aws/v1alpha1/pipes.yaml index 739fb5d35..9558f7a48 100644 --- a/crd-catalog/aws-controllers-k8s/pipes-controller/pipes.services.k8s.aws/v1alpha1/pipes.yaml +++ b/crd-catalog/aws-controllers-k8s/pipes-controller/pipes.services.k8s.aws/v1alpha1/pipes.yaml @@ -143,7 +143,7 @@ spec: type: "string" type: "object" filterCriteria: - description: "The collection of event patterns used to filter events. For more information,\nsee Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html)\nin the Amazon EventBridge User Guide." + description: "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a FilterCriteria object with an empty array of\nFilter objects.\n\nFor more information, see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html)\nin the Amazon EventBridge User Guide." properties: filters: items: @@ -234,7 +234,7 @@ spec: type: "string" type: "object" selfManagedKafkaParameters: - description: "The parameters for using a self-managed Apache Kafka stream as a source." + description: "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA self managed cluster refers to any Apache Kafka cluster not hosted by Amazon\nWeb Services. This includes both clusters you manage yourself, as well as\nthose hosted by a third-party provider, such as Confluent Cloud (https://www.confluent.io/),\nCloudKarafka (https://www.cloudkarafka.com/), or Redpanda (https://redpanda.com/).\nFor more information, see Apache Kafka streams as a source (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html)\nin the Amazon EventBridge User Guide." properties: additionalBootstrapServers: items: @@ -306,7 +306,7 @@ spec: description: "The ARN of the target resource." type: "string" targetParameters: - description: "The parameters required to set up a target for your pipe." + description: "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic\npath parameters, see Target parameters (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html)\nin the Amazon EventBridge User Guide." properties: batchJobParameters: description: "The parameters for using an Batch job as a target." @@ -582,7 +582,7 @@ spec: inputTemplate: type: "string" kinesisStreamParameters: - description: "The parameters for using a Kinesis stream as a source." + description: "The parameters for using a Kinesis stream as a target." properties: partitionKey: type: "string" @@ -594,7 +594,7 @@ spec: type: "string" type: "object" redshiftDataParameters: - description: "These are custom parameters to be used when the target is a Amazon Redshift\ncluster to invoke the Amazon Redshift Data API ExecuteStatement." + description: "These are custom parameters to be used when the target is a Amazon Redshift\ncluster to invoke the Amazon Redshift Data API BatchExecuteStatement." properties: database: description: "// Redshift Database" @@ -611,7 +611,7 @@ spec: type: "string" type: "array" statementName: - description: "// A name for Redshift DataAPI statement which can be used as filter of //\nListStatement." + description: "// A name for Redshift DataAPI statement which can be used as filter of//\nListStatement." type: "string" withEvent: type: "boolean" @@ -631,7 +631,7 @@ spec: type: "array" type: "object" sqsQueueParameters: - description: "The parameters for using a Amazon SQS stream as a source." + description: "The parameters for using a Amazon SQS stream as a target." properties: messageDeduplicationID: type: "string" @@ -671,7 +671,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml index 65ed6f44b..46c7f0034 100644 --- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml +++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml @@ -36,8 +36,11 @@ spec: configuration: type: "string" workspaceID: - description: "The ID of the workspace in which to create the alert manager definition." + description: "The ID of the workspace to add the alert manager definition to." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" workspaceRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -73,7 +76,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -99,10 +102,10 @@ spec: type: "object" type: "array" statusCode: - description: "Status code of this definition." + description: "The current status of the alert manager." type: "string" statusReason: - description: "The reason for failure if any." + description: "If there is a failure, the reason for the failure." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml index f3062205a..92ab3b46f 100644 --- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml +++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml @@ -37,11 +37,14 @@ spec: description: "LoggingConfigurationSpec defines the desired state of LoggingConfiguration." properties: logGroupARN: - description: "The ARN of the CW log group to which the vended log data will be published." + description: "The ARN of the CloudWatch log group to which the vended log data will be\npublished. This log group must exist prior to calling this operation." type: "string" workspaceID: - description: "The ID of the workspace to vend logs to." + description: "The ID of the workspace to create the logging configuration for." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" workspaceRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -77,7 +80,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -103,10 +106,10 @@ spec: type: "object" type: "array" statusCode: - description: "Status code of the logging configuration." + description: "The current status of the logging configuration." type: "string" statusReason: - description: "The reason for failure if any." + description: "If failed, the reason for the failure." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml index 5f5baacef..8d6cc5628 100644 --- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml +++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml @@ -38,16 +38,22 @@ spec: configuration: type: "string" name: - description: "The rule groups namespace name." + description: "The name for the new rule groups namespace." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" tags: additionalProperties: type: "string" - description: "Optional, user-provided tags for this rule groups namespace." + description: "The list of tag keys and values to associate with the rule groups namespace." type: "object" workspaceID: - description: "The ID of the workspace in which to create the rule group namespace." + description: "The ID of the workspace to add the rule groups namespace." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" workspaceRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -84,7 +90,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -110,7 +116,7 @@ spec: type: "object" type: "array" status: - description: "The status of rule groups namespace." + description: "A structure that returns the current status of the rule groups namespace." properties: statusCode: description: "State of a namespace." diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/workspaces.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/workspaces.yaml index a13d3b0d3..494bf0384 100644 --- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/workspaces.yaml +++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/workspaces.yaml @@ -34,12 +34,12 @@ spec: description: "WorkspaceSpec defines the desired state of Workspace." properties: alias: - description: "An optional user-assigned alias for this workspace. This alias is for user\nreference and does not need to be unique." + description: "An alias that you assign to this workspace to help you identify it. It does\nnot need to be unique.\n\nBlank spaces at the beginning or end of the alias that you specify will be\ntrimmed from the value used." type: "string" tags: additionalProperties: type: "string" - description: "Optional, user-provided tags for this workspace." + description: "The list of tag keys and values to associate with the workspace." type: "object" type: "object" status: @@ -62,7 +62,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -88,14 +88,14 @@ spec: type: "object" type: "array" status: - description: "The status of the workspace that was just created (usually CREATING)." + description: "The current status of the new workspace. Immediately after you create the\nworkspace, the status is usually CREATING." properties: statusCode: description: "State of a workspace." type: "string" type: "object" workspaceID: - description: "The generated ID of the workspace that was just created." + description: "The unique ID for the new workspace." type: "string" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusterparametergroups.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusterparametergroups.yaml index c5c33b3bd..81a7d68ef 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusterparametergroups.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusterparametergroups.yaml @@ -33,7 +33,7 @@ spec: description: "The description for the DB cluster parameter group." type: "string" family: - description: "The DB cluster parameter group family name. A DB cluster parameter group\ncan be associated with one and only one DB cluster parameter group family,\nand can be applied only to a DB cluster running a database engine and engine\nversion compatible with that DB cluster parameter group family.\n\nAurora MySQL\n\nExample: aurora5.6, aurora-mysql5.7, aurora-mysql8.0\n\nAurora PostgreSQL\n\nExample: aurora-postgresql9.6\n\nRDS for MySQL\n\nExample: mysql8.0\n\nRDS for PostgreSQL\n\nExample: postgres12\n\nTo list all of the available parameter group families for a DB engine, use\nthe following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine \n\nFor example, to list all of the available parameter group families for the\nAurora PostgreSQL DB engine, use the following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine aurora-postgresql\n\nThe output contains duplicates.\n\nThe following are the valid DB engine values:\n\n * aurora (for MySQL 5.6-compatible Aurora)\n\n * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)\n\n * aurora-postgresql\n\n * mysql\n\n * postgres" + description: "The DB cluster parameter group family name. A DB cluster parameter group\ncan be associated with one and only one DB cluster parameter group family,\nand can be applied only to a DB cluster running a database engine and engine\nversion compatible with that DB cluster parameter group family.\n\nAurora MySQL\n\nExample: aurora-mysql5.7, aurora-mysql8.0\n\nAurora PostgreSQL\n\nExample: aurora-postgresql14\n\nRDS for MySQL\n\nExample: mysql8.0\n\nRDS for PostgreSQL\n\nExample: postgres13\n\nTo list all of the available parameter group families for a DB engine, use\nthe following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine\n\nFor example, to list all of the available parameter group families for the\nAurora PostgreSQL DB engine, use the following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine aurora-postgresql\n\nThe output contains duplicates.\n\nThe following are the valid DB engine values:\n\n * aurora-mysql\n\n * aurora-postgresql\n\n * mysql\n\n * postgres" type: "string" name: description: "The name of the DB cluster parameter group.\n\nConstraints:\n\n * Must not match the name of an existing DB cluster parameter group.\n\nThis value is stored as a lowercase string." @@ -76,7 +76,7 @@ spec: tags: description: "Tags to assign to the DB cluster parameter group." items: - description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide." + description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html)\nin the Amazon Aurora User Guide." properties: key: type: "string" @@ -109,7 +109,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml index ac49e9a42..7d9a70d4d 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml @@ -30,42 +30,42 @@ spec: description: "DBClusterSpec defines the desired state of DBCluster.\n\nContains the details of an Amazon Aurora DB cluster or Multi-AZ DB cluster.\n\nFor an Amazon Aurora DB cluster, this data type is used as a response element\nin the operations CreateDBCluster, DeleteDBCluster, DescribeDBClusters, FailoverDBCluster,\nModifyDBCluster, PromoteReadReplicaDBCluster, RestoreDBClusterFromS3, RestoreDBClusterFromSnapshot,\nRestoreDBClusterToPointInTime, StartDBCluster, and StopDBCluster.\n\nFor a Multi-AZ DB cluster, this data type is used as a response element in\nthe operations CreateDBCluster, DeleteDBCluster, DescribeDBClusters, FailoverDBCluster,\nModifyDBCluster, RebootDBCluster, RestoreDBClusterFromSnapshot, and RestoreDBClusterToPointInTime.\n\nFor more information on Amazon Aurora DB clusters, see What is Amazon Aurora?\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html)\nin the Amazon Aurora User Guide.\n\nFor more information on Multi-AZ DB clusters, see Multi-AZ deployments with\ntwo readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html)\nin the Amazon RDS User Guide." properties: allocatedStorage: - description: "The amount of storage in gibibytes (GiB) to allocate to each DB instance\nin the Multi-AZ DB cluster.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for: Multi-AZ DB clusters only" + description: "The amount of storage in gibibytes (GiB) to allocate to each DB instance\nin the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster." format: "int64" type: "integer" autoMinorVersionUpgrade: - description: "A value that indicates whether minor engine upgrades are applied automatically\nto the DB cluster during the maintenance window. By default, minor engine\nupgrades are applied automatically.\n\nValid for: Multi-AZ DB clusters only" + description: "Specifies whether minor engine upgrades are applied automatically to the\nDB cluster during the maintenance window. By default, minor engine upgrades\nare applied automatically.\n\nValid for Cluster Type: Multi-AZ DB clusters only" type: "boolean" availabilityZones: - description: "A list of Availability Zones (AZs) where DB instances in the DB cluster can\nbe created.\n\nFor information on Amazon Web Services Regions and Availability Zones, see\nChoosing the Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html)\nin the Amazon Aurora User Guide.\n\nValid for: Aurora DB clusters only" + description: "A list of Availability Zones (AZs) where you specifically want to create\nDB instances in the DB cluster.\n\nFor information on AZs, see Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html#Concepts.RegionsAndAvailabilityZones.AvailabilityZones)\nin the Amazon Aurora User Guide.\n\nValid for Cluster Type: Aurora DB clusters only\n\nConstraints:\n\n * Can't specify more than three AZs." items: type: "string" type: "array" backtrackWindow: - description: "The target backtrack window, in seconds. To disable backtracking, set this\nvalue to 0.\n\nDefault: 0\n\nConstraints:\n\n * If specified, this value must be set to a number from 0 to 259,200 (72\n hours).\n\nValid for: Aurora MySQL DB clusters only" + description: "The target backtrack window, in seconds. To disable backtracking, set this\nvalue to 0.\n\nValid for Cluster Type: Aurora MySQL DB clusters only\n\nDefault: 0\n\nConstraints:\n\n * If specified, this value must be set to a number from 0 to 259,200 (72\n hours)." format: "int64" type: "integer" backupRetentionPeriod: - description: "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n * Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The number of days for which automated backups are retained.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nDefault: 1\n\nConstraints:\n\n * Must be a value from 1 to 35." format: "int64" type: "integer" characterSetName: - description: "A value that indicates that the DB cluster should be associated with the\nspecified CharacterSet.\n\nValid for: Aurora DB clusters only" + description: "The name of the character set (CharacterSet) to associate the DB cluster\nwith.\n\nValid for Cluster Type: Aurora DB clusters only" type: "string" copyTagsToSnapshot: - description: "A value that indicates whether to copy all tags from the DB cluster to snapshots\nof the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "Specifies whether to copy all tags from the DB cluster to snapshots of the\nDB cluster. The default is not to copy them.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "boolean" databaseName: - description: "The name for your database of up to 64 alphanumeric characters. If you do\nnot provide a name, Amazon RDS doesn't create a database in the DB cluster\nyou are creating.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The name for your database of up to 64 alphanumeric characters. A database\nnamed postgres is always created. If this parameter is specified, an additional\ndatabase with this name is created.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "string" dbClusterIdentifier: - description: "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n * Must contain from 1 to 63 letters, numbers, or hyphens.\n\n * First character must be a letter.\n\n * Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: my-cluster1\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The identifier for this DB cluster. This parameter is stored as a lowercase\nstring.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n * Must contain from 1 to 63 (for Aurora DB clusters) or 1 to 52 (for Multi-AZ\n DB clusters) letters, numbers, or hyphens.\n\n * First character must be a letter.\n\n * Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: my-cluster1" type: "string" dbClusterInstanceClass: - description: "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster,\nfor example db.m6gd.xlarge. Not all DB instance classes are available in\nall Amazon Web Services Regions, or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine,\nsee DB instance class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)\nin the Amazon RDS User Guide.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for: Multi-AZ DB clusters only" + description: "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster,\nfor example db.m6gd.xlarge. Not all DB instance classes are available in\nall Amazon Web Services Regions, or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine,\nsee DB instance class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)\nin the Amazon RDS User Guide.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only" type: "string" dbClusterParameterGroupName: - description: "The name of the DB cluster parameter group to associate with this DB cluster.\nIf you do not specify a value, then the default DB cluster parameter group\nfor the specified DB engine and version is used.\n\nConstraints:\n\n * If supplied, must match the name of an existing DB cluster parameter\n group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The name of the DB cluster parameter group to associate with this DB cluster.\nIf you don't specify a value, then the default DB cluster parameter group\nfor the specified DB engine and version is used.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n * If supplied, must match the name of an existing DB cluster parameter\n group." type: "string" dbClusterParameterGroupRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -80,7 +80,7 @@ spec: type: "object" type: "object" dbSubnetGroupName: - description: "A DB subnet group to associate with this DB cluster.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nConstraints: Must match the name of an existing DBSubnetGroup. Must not be\ndefault.\n\nExample: mydbsubnetgroup\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "A DB subnet group to associate with this DB cluster.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n * Must match the name of an existing DB subnet group.\n\nExample: mydbsubnetgroup" type: "string" dbSubnetGroupRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -98,52 +98,52 @@ spec: description: "Reserved for future use." type: "string" deletionProtection: - description: "A value that indicates whether the DB cluster has deletion protection enabled.\nThe database can't be deleted when deletion protection is enabled. By default,\ndeletion protection isn't enabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "Specifies whether the DB cluster has deletion protection enabled. The database\ncan't be deleted when deletion protection is enabled. By default, deletion\nprotection isn't enabled.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "boolean" destinationRegion: description: "DestinationRegion is used for presigning the request to a given region." type: "string" domain: - description: "The Active Directory directory ID to create the DB cluster in.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication\nto authenticate users that connect to the DB cluster.\n\nFor more information, see Kerberos authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html)\nin the Amazon Aurora User Guide.\n\nValid for: Aurora DB clusters only" + description: "The Active Directory directory ID to create the DB cluster in.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication\nto authenticate users that connect to the DB cluster.\n\nFor more information, see Kerberos authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html)\nin the Amazon Aurora User Guide.\n\nValid for Cluster Type: Aurora DB clusters only" type: "string" domainIAMRoleName: - description: "Specify the name of the IAM role to be used when making API calls to the\nDirectory Service.\n\nValid for: Aurora DB clusters only" + description: "The name of the IAM role to use when making API calls to the Directory Service.\n\nValid for Cluster Type: Aurora DB clusters only" type: "string" enableCloudwatchLogsExports: - description: "The list of log types that need to be enabled for exporting to CloudWatch\nLogs. The values in the list depend on the DB engine being used.\n\nRDS for MySQL\n\nPossible values are error, general, and slowquery.\n\nRDS for PostgreSQL\n\nPossible values are postgresql and upgrade.\n\nAurora MySQL\n\nPossible values are audit, error, general, and slowquery.\n\nAurora PostgreSQL\n\nPossible value is postgresql.\n\nFor more information about exporting CloudWatch Logs for Amazon RDS, see\nPublishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)\nin the Amazon RDS User Guide.\n\nFor more information about exporting CloudWatch Logs for Amazon Aurora, see\nPublishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)\nin the Amazon Aurora User Guide.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The list of log types that need to be enabled for exporting to CloudWatch\nLogs.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nThe following values are valid for each DB engine:\n\n * Aurora MySQL - audit | error | general | slowquery\n\n * Aurora PostgreSQL - postgresql\n\n * RDS for MySQL - error | general | slowquery\n\n * RDS for PostgreSQL - postgresql | upgrade\n\nFor more information about exporting CloudWatch Logs for Amazon RDS, see\nPublishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)\nin the Amazon RDS User Guide.\n\nFor more information about exporting CloudWatch Logs for Amazon Aurora, see\nPublishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)\nin the Amazon Aurora User Guide." items: type: "string" type: "array" enableGlobalWriteForwarding: - description: "A value that indicates whether to enable this DB cluster to forward write\noperations to the primary cluster of an Aurora global database (GlobalCluster).\nBy default, write operations are not allowed on Aurora DB clusters that are\nsecondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an\nAurora global database. With this parameter enabled, a secondary cluster\ncan forward writes to the current primary cluster and the resulting changes\nare replicated back to this cluster. For the primary DB cluster of an Aurora\nglobal database, this value is used immediately if the primary is demoted\nby the FailoverGlobalCluster API operation, but it does nothing until then.\n\nValid for: Aurora DB clusters only" + description: "Specifies whether to enable this DB cluster to forward write operations to\nthe primary cluster of a global cluster (Aurora global database). By default,\nwrite operations are not allowed on Aurora DB clusters that are secondary\nclusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an\nAurora global database. With this parameter enabled, a secondary cluster\ncan forward writes to the current primary cluster, and the resulting changes\nare replicated back to this cluster. For the primary DB cluster of an Aurora\nglobal database, this value is used immediately if the primary is demoted\nby a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only" type: "boolean" enableHTTPEndpoint: - description: "A value that indicates whether to enable the HTTP endpoint for an Aurora\nServerless v1 DB cluster. By default, the HTTP endpoint is disabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API\nfor running SQL queries on the Aurora Serverless v1 DB cluster. You can also\nquery your database from inside the RDS console with the query editor.\n\nFor more information, see Using the Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html)\nin the Amazon Aurora User Guide.\n\nValid for: Aurora DB clusters only" + description: "Specifies whether to enable the HTTP endpoint for the DB cluster. By default,\nthe HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API\n(RDS Data API) for running SQL queries on the DB cluster. You can also query\nyour database from inside the RDS console with the RDS query editor.\n\nRDS Data API is supported with the following DB clusters:\n\n * Aurora PostgreSQL Serverless v2 and provisioned\n\n * Aurora PostgreSQL and Aurora MySQL Serverless v1\n\nFor more information, see Using RDS Data API (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html)\nin the Amazon Aurora User Guide.\n\nValid for Cluster Type: Aurora DB clusters only" type: "boolean" enableIAMDatabaseAuthentication: - description: "A value that indicates whether to enable mapping of Amazon Web Services Identity\nand Access Management (IAM) accounts to database accounts. By default, mapping\nisn't enabled.\n\nFor more information, see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html)\nin the Amazon Aurora User Guide.\n\nValid for: Aurora DB clusters only" + description: "Specifies whether to enable mapping of Amazon Web Services Identity and Access\nManagement (IAM) accounts to database accounts. By default, mapping isn't\nenabled.\n\nFor more information, see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html)\nin the Amazon Aurora User Guide or IAM database authentication for MariaDB,\nMySQL, and PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html)\nin the Amazon RDS User Guide.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "boolean" enablePerformanceInsights: - description: "A value that indicates whether to turn on Performance Insights for the DB\ncluster.\n\nFor more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html)\nin the Amazon RDS User Guide.\n\nValid for: Multi-AZ DB clusters only" + description: "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html)\nin the Amazon RDS User Guide.\n\nValid for Cluster Type: Multi-AZ DB clusters only" type: "boolean" engine: - description: "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n * aurora-mysql\n\n * aurora-postgresql\n\n * mysql\n\n * postgres\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The database engine to use for this DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n * aurora-mysql\n\n * aurora-postgresql\n\n * mysql\n\n * postgres\n\n * neptune - For information about using Amazon Neptune, see the Amazon\n Neptune User Guide (https://docs.aws.amazon.com/neptune/latest/userguide/intro.html)." type: "string" engineMode: - description: "The DB engine mode of the DB cluster, either provisioned or serverless.\n\nThe serverless engine mode only applies for Aurora Serverless v1 DB clusters.\n\nLimitations and requirements apply to some DB engine modes. For more information,\nsee the following sections in the Amazon Aurora User Guide:\n\n * Limitations of Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n\n * Requirements for Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\n * Limitations of parallel query (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations)\n\n * Limitations of Aurora global databases (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations)\n\nValid for: Aurora DB clusters only" + description: "The DB engine mode of the DB cluster, either provisioned or serverless.\n\nThe serverless engine mode only applies for Aurora Serverless v1 DB clusters.\nAurora Serverless v2 DB clusters use the provisioned engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters,\nsee the following sections in the Amazon Aurora User Guide:\n\n * Limitations of Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n\n * Requirements for Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only" type: "string" engineVersion: - description: "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible)\nand version 3 (MySQL 8.0-compatible), use the following command:\n\naws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"\n\nYou can supply either 5.7 or 8.0 to use the default engine version for Aurora\nMySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the\nfollowing command:\n\naws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"\n\nTo list all of the available engine versions for RDS for MySQL, use the following\ncommand:\n\naws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"\n\nTo list all of the available engine versions for RDS for PostgreSQL, use\nthe following command:\n\naws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"\n\nAurora MySQL\n\nFor information, see Database engine updates for Amazon Aurora MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html)\nin the Amazon Aurora User Guide.\n\nAurora PostgreSQL\n\nFor information, see Amazon Aurora PostgreSQL releases and engine versions\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html)\nin the Amazon Aurora User Guide.\n\nMySQL\n\nFor information, see Amazon RDS for MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt)\nin the Amazon RDS User Guide.\n\nPostgreSQL\n\nFor information, see Amazon RDS for PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts)\nin the Amazon RDS User Guide.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible)\nand version 3 (MySQL 8.0-compatible), use the following command:\n\naws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"\n\nYou can supply either 5.7 or 8.0 to use the default engine version for Aurora\nMySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the\nfollowing command:\n\naws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"\n\nTo list all of the available engine versions for RDS for MySQL, use the following\ncommand:\n\naws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"\n\nTo list all of the available engine versions for RDS for PostgreSQL, use\nthe following command:\n\naws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"\n\nFor information about a specific engine, see the following topics:\n\n * Aurora MySQL - see Database engine updates for Amazon Aurora MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html)\n in the Amazon Aurora User Guide.\n\n * Aurora PostgreSQL - see Amazon Aurora PostgreSQL releases and engine\n versions (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html)\n in the Amazon Aurora User Guide.\n\n * RDS for MySQL - see Amazon RDS for MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt)\n in the Amazon RDS User Guide.\n\n * RDS for PostgreSQL - see Amazon RDS for PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts)\n in the Amazon RDS User Guide.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "string" globalClusterIdentifier: - description: "The global cluster ID of an Aurora cluster that becomes the primary cluster\nin the new global database cluster.\n\nValid for: Aurora DB clusters only" + description: "The global cluster ID of an Aurora cluster that becomes the primary cluster\nin the new global database cluster.\n\nValid for Cluster Type: Aurora DB clusters only" type: "string" iops: - description: "The amount of Provisioned IOPS (input/output operations per second) to be\ninitially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see Provisioned IOPS storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS)\nin the Amazon RDS User Guide.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nConstraints: Must be a multiple between .5 and 50 of the storage amount for\nthe DB cluster.\n\nValid for: Multi-AZ DB clusters only" + description: "The amount of Provisioned IOPS (input/output operations per second) to be\ninitially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see Provisioned IOPS storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS)\nin the Amazon RDS User Guide.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n * Must be a multiple between .5 and 50 of the storage amount for the DB\n cluster." format: "int64" type: "integer" kmsKeyID: - description: "The Amazon Web Services KMS key identifier for an encrypted DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key. To use a KMS key in a different Amazon\nWeb Services account, specify the key ARN or alias ARN.\n\nWhen a KMS key isn't specified in KmsKeyId:\n\n * If ReplicationSourceIdentifier identifies an encrypted source, then\n Amazon RDS will use the KMS key used to encrypt the source. Otherwise,\n Amazon RDS will use your default KMS key.\n\n * If the StorageEncrypted parameter is enabled and ReplicationSourceIdentifier\n isn't specified, then Amazon RDS will use your default KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon\nWeb Services account has a different default KMS key for each Amazon Web\nServices Region.\n\nIf you create a read replica of an encrypted DB cluster in another Amazon\nWeb Services Region, you must set KmsKeyId to a KMS key identifier that is\nvalid in the destination Amazon Web Services Region. This KMS key is used\nto encrypt the read replica in that Amazon Web Services Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The Amazon Web Services KMS key identifier for an encrypted DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key. To use a KMS key in a different Amazon\nWeb Services account, specify the key ARN or alias ARN.\n\nWhen a KMS key isn't specified in KmsKeyId:\n\n * If ReplicationSourceIdentifier identifies an encrypted source, then\n Amazon RDS uses the KMS key used to encrypt the source. Otherwise, Amazon\n RDS uses your default KMS key.\n\n * If the StorageEncrypted parameter is enabled and ReplicationSourceIdentifier\n isn't specified, then Amazon RDS uses your default KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon\nWeb Services account has a different default KMS key for each Amazon Web\nServices Region.\n\nIf you create a read replica of an encrypted DB cluster in another Amazon\nWeb Services Region, make sure to set KmsKeyId to a KMS key identifier that\nis valid in the destination Amazon Web Services Region. This KMS key is used\nto encrypt the read replica in that Amazon Web Services Region.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "string" kmsKeyRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -158,10 +158,10 @@ spec: type: "object" type: "object" manageMasterUserPassword: - description: "A value that indicates whether to manage the master user password with Amazon\nWeb Services Secrets Manager.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide and Password management with Amazon Web Services\nSecrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html)\nin the Amazon Aurora User Guide.\n\nConstraints:\n\n * Can't manage the master user password with Amazon Web Services Secrets\n Manager if MasterUserPassword is specified.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "Specifies whether to manage the master user password with Amazon Web Services\nSecrets Manager.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide and Password management with Amazon Web Services\nSecrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html)\nin the Amazon Aurora User Guide.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n * Can't manage the master user password with Amazon Web Services Secrets\n Manager if MasterUserPassword is specified." type: "boolean" masterUserPassword: - description: "The password for the master database user. This password can contain any\nprintable ASCII character except \"/\", \"\"\", or \"@\".\n\nConstraints:\n\n * Must contain from 8 to 41 characters.\n\n * Can't be specified if ManageMasterUserPassword is turned on.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The password for the master database user.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n * Must contain from 8 to 41 characters.\n\n * Can contain any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n * Can't be specified if ManageMasterUserPassword is turned on." properties: key: description: "Key is the key within the secret" @@ -177,7 +177,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" masterUserSecretKMSKeyID: - description: "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically\ngenerated and managed in Amazon Web Services Secrets Manager.\n\nThis setting is valid only if the master user password is managed by RDS\nin Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key. To use a KMS key in a different Amazon\nWeb Services account, specify the key ARN or alias ARN.\n\nIf you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager\nKMS key is used to encrypt the secret. If the secret is in a different Amazon\nWeb Services account, then you can't use the aws/secretsmanager KMS key to\nencrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon\nWeb Services account has a different default KMS key for each Amazon Web\nServices Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The Amazon Web Services KMS key identifier to encrypt a secret that is automatically\ngenerated and managed in Amazon Web Services Secrets Manager.\n\nThis setting is valid only if the master user password is managed by RDS\nin Amazon Web Services Secrets Manager for the DB cluster.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key. To use a KMS key in a different Amazon\nWeb Services account, specify the key ARN or alias ARN.\n\nIf you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager\nKMS key is used to encrypt the secret. If the secret is in a different Amazon\nWeb Services account, then you can't use the aws/secretsmanager KMS key to\nencrypt the secret, and you must use a customer managed KMS key.\n\nThere is a default KMS key for your Amazon Web Services account. Your Amazon\nWeb Services account has a different default KMS key for each Amazon Web\nServices Region.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "string" masterUserSecretKMSKeyRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -192,56 +192,56 @@ spec: type: "object" type: "object" masterUsername: - description: "The name of the master user for the DB cluster.\n\nConstraints:\n\n * Must be 1 to 16 letters or numbers.\n\n * First character must be a letter.\n\n * Can't be a reserved word for the chosen database engine.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The name of the master user for the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n * Must be 1 to 16 letters or numbers.\n\n * First character must be a letter.\n\n * Can't be a reserved word for the chosen database engine." type: "string" monitoringInterval: - description: "The interval, in seconds, between points when Enhanced Monitoring metrics\nare collected for the DB cluster. To turn off collecting Enhanced Monitoring\nmetrics, specify 0. The default is 0.\n\nIf MonitoringRoleArn is specified, also set MonitoringInterval to a value\nother than 0.\n\nValid Values: 0, 1, 5, 10, 15, 30, 60\n\nValid for: Multi-AZ DB clusters only" + description: "The interval, in seconds, between points when Enhanced Monitoring metrics\nare collected for the DB cluster. To turn off collecting Enhanced Monitoring\nmetrics, specify 0.\n\nIf MonitoringRoleArn is specified, also set MonitoringInterval to a value\nother than 0.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nValid Values: 0 | 1 | 5 | 10 | 15 | 30 | 60\n\nDefault: 0" format: "int64" type: "integer" monitoringRoleARN: - description: "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send\nEnhanced Monitoring metrics to Amazon CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess.\nFor information on creating a monitoring role, see Setting up and enabling\nEnhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling)\nin the Amazon RDS User Guide.\n\nIf MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn\nvalue.\n\nValid for: Multi-AZ DB clusters only" + description: "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send\nEnhanced Monitoring metrics to Amazon CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess.\nFor information on creating a monitoring role, see Setting up and enabling\nEnhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling)\nin the Amazon RDS User Guide.\n\nIf MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn\nvalue.\n\nValid for Cluster Type: Multi-AZ DB clusters only" type: "string" networkType: - description: "The network type of the DB cluster.\n\nValid values:\n\n * IPV4\n\n * DUAL\n\nThe network type is determined by the DBSubnetGroup specified for the DB\ncluster. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and\nthe IPv6 protocols (DUAL).\n\nFor more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html)\nin the Amazon Aurora User Guide.\n\nValid for: Aurora DB clusters only" + description: "The network type of the DB cluster.\n\nThe network type is determined by the DBSubnetGroup specified for the DB\ncluster. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and\nthe IPv6 protocols (DUAL).\n\nFor more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html)\nin the Amazon Aurora User Guide.\n\nValid for Cluster Type: Aurora DB clusters only\n\nValid Values: IPV4 | DUAL" type: "string" optionGroupName: - description: "A value that indicates that the DB cluster should be associated with the\nspecified option group.\n\nDB clusters are associated with a default option group that can't be modified." + description: "The option group to associate the DB cluster with.\n\nDB clusters are associated with a default option group that can't be modified." type: "string" performanceInsightsKMSKeyID: - description: "The Amazon Web Services KMS key identifier for encryption of Performance\nInsights data.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key.\n\nIf you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon\nRDS uses your default KMS key. There is a default KMS key for your Amazon\nWeb Services account. Your Amazon Web Services account has a different default\nKMS key for each Amazon Web Services Region.\n\nValid for: Multi-AZ DB clusters only" + description: "The Amazon Web Services KMS key identifier for encryption of Performance\nInsights data.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key.\n\nIf you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon\nRDS uses your default KMS key. There is a default KMS key for your Amazon\nWeb Services account. Your Amazon Web Services account has a different default\nKMS key for each Amazon Web Services Region.\n\nValid for Cluster Type: Multi-AZ DB clusters only" type: "string" performanceInsightsRetentionPeriod: - description: "The number of days to retain Performance Insights data. The default is 7\ndays. The following values are valid:\n\n * 7\n\n * month * 31, where month is a number of months from 1-23\n\n * 731\n\nFor example, the following values are valid:\n\n * 93 (3 months * 31)\n\n * 341 (11 months * 31)\n\n * 589 (19 months * 31)\n\n * 731\n\nIf you specify a retention period such as 94, which isn't a valid value,\nRDS issues an error.\n\nValid for: Multi-AZ DB clusters only" + description: "The number of days to retain Performance Insights data.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nValid Values:\n\n * 7\n\n * month * 31, where month is a number of months from 1-23. Examples: 93\n (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)\n\n * 731\n\nDefault: 7 days\n\nIf you specify a retention period that isn't valid, such as 94, Amazon RDS\nissues an error." format: "int64" type: "integer" port: - description: "The port number on which the instances in the DB cluster accept connections.\n\nRDS for MySQL and Aurora MySQL\n\nDefault: 3306\n\nValid values: 1150-65535\n\nRDS for PostgreSQL and Aurora PostgreSQL\n\nDefault: 5432\n\nValid values: 1150-65535\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The port number on which the instances in the DB cluster accept connections.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values: 1150-65535\n\nDefault:\n\n * RDS for MySQL and Aurora MySQL - 3306\n\n * RDS for PostgreSQL and Aurora PostgreSQL - 5432" format: "int64" type: "integer" preSignedURL: - description: "When you are replicating a DB cluster from one Amazon Web Services GovCloud\n(US) Region to another, an URL that contains a Signature Version 4 signed\nrequest for the CreateDBCluster operation to be called in the source Amazon\nWeb Services Region where the DB cluster is replicated from. Specify PreSignedUrl\nonly when you are performing cross-Region replication from an encrypted DB\ncluster.\n\nThe presigned URL must be a valid request for the CreateDBCluster API operation\nthat can run in the source Amazon Web Services Region that contains the encrypted\nDB cluster to copy.\n\nThe presigned URL request must contain the following parameter values:\n\n * KmsKeyId - The KMS key identifier for the KMS key to use to encrypt\n the copy of the DB cluster in the destination Amazon Web Services Region.\n This should refer to the same KMS key for both the CreateDBCluster operation\n that is called in the destination Amazon Web Services Region, and the\n operation contained in the presigned URL.\n\n * DestinationRegion - The name of the Amazon Web Services Region that\n Aurora read replica will be created in.\n\n * ReplicationSourceIdentifier - The DB cluster identifier for the encrypted\n DB cluster to be copied. This identifier must be in the Amazon Resource\n Name (ARN) format for the source Amazon Web Services Region. For example,\n if you are copying an encrypted DB cluster from the us-west-2 Amazon Web\n Services Region, then your ReplicationSourceIdentifier would look like\n Example: arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1.\n\nTo learn how to generate a Signature Version 4 signed request, see Authenticating\nRequests: Using Query Parameters (Amazon Web Services Signature Version 4)\n(https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html)\nand Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).\n\nIf you are using an Amazon Web Services SDK tool or the CLI, you can specify\nSourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl\nmanually. Specifying SourceRegion autogenerates a presigned URL that is a\nvalid request for the operation that can run in the source Amazon Web Services\nRegion.\n\nValid for: Aurora DB clusters only" + description: "When you are replicating a DB cluster from one Amazon Web Services GovCloud\n(US) Region to another, an URL that contains a Signature Version 4 signed\nrequest for the CreateDBCluster operation to be called in the source Amazon\nWeb Services Region where the DB cluster is replicated from. Specify PreSignedUrl\nonly when you are performing cross-Region replication from an encrypted DB\ncluster.\n\nThe presigned URL must be a valid request for the CreateDBCluster API operation\nthat can run in the source Amazon Web Services Region that contains the encrypted\nDB cluster to copy.\n\nThe presigned URL request must contain the following parameter values:\n\n * KmsKeyId - The KMS key identifier for the KMS key to use to encrypt\n the copy of the DB cluster in the destination Amazon Web Services Region.\n This should refer to the same KMS key for both the CreateDBCluster operation\n that is called in the destination Amazon Web Services Region, and the\n operation contained in the presigned URL.\n\n * DestinationRegion - The name of the Amazon Web Services Region that\n Aurora read replica will be created in.\n\n * ReplicationSourceIdentifier - The DB cluster identifier for the encrypted\n DB cluster to be copied. This identifier must be in the Amazon Resource\n Name (ARN) format for the source Amazon Web Services Region. For example,\n if you are copying an encrypted DB cluster from the us-west-2 Amazon Web\n Services Region, then your ReplicationSourceIdentifier would look like\n Example: arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1.\n\nTo learn how to generate a Signature Version 4 signed request, see Authenticating\nRequests: Using Query Parameters (Amazon Web Services Signature Version 4)\n(https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html)\nand Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).\n\nIf you are using an Amazon Web Services SDK tool or the CLI, you can specify\nSourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl\nmanually. Specifying SourceRegion autogenerates a presigned URL that is a\nvalid request for the operation that can run in the source Amazon Web Services\nRegion.\n\nValid for Cluster Type: Aurora DB clusters only" type: "string" preferredBackupWindow: - description: "The daily time range during which automated backups are created if automated\nbackups are enabled using the BackupRetentionPeriod parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block\nof time for each Amazon Web Services Region. To view the time blocks available,\nsee Backup window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow)\nin the Amazon Aurora User Guide.\n\nConstraints:\n\n * Must be in the format hh24:mi-hh24:mi.\n\n * Must be in Universal Coordinated Time (UTC).\n\n * Must not conflict with the preferred maintenance window.\n\n * Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The daily time range during which automated backups are created if automated\nbackups are enabled using the BackupRetentionPeriod parameter.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nThe default is a 30-minute window selected at random from an 8-hour block\nof time for each Amazon Web Services Region. To view the time blocks available,\nsee Backup window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow)\nin the Amazon Aurora User Guide.\n\nConstraints:\n\n * Must be in the format hh24:mi-hh24:mi.\n\n * Must be in Universal Coordinated Time (UTC).\n\n * Must not conflict with the preferred maintenance window.\n\n * Must be at least 30 minutes." type: "string" preferredMaintenanceWindow: - description: "The weekly time range during which system maintenance can occur, in Universal\nCoordinated Time (UTC).\n\nFormat: ddd:hh24:mi-ddd:hh24:mi\n\nThe default is a 30-minute window selected at random from an 8-hour block\nof time for each Amazon Web Services Region, occurring on a random day of\nthe week. To see the time blocks available, see Adjusting the Preferred DB\nCluster Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora)\nin the Amazon Aurora User Guide.\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The weekly time range during which system maintenance can occur.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nThe default is a 30-minute window selected at random from an 8-hour block\nof time for each Amazon Web Services Region, occurring on a random day of\nthe week. To see the time blocks available, see Adjusting the Preferred DB\nCluster Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora)\nin the Amazon Aurora User Guide.\n\nConstraints:\n\n * Must be in the format ddd:hh24:mi-ddd:hh24:mi.\n\n * Days must be one of Mon | Tue | Wed | Thu | Fri | Sat | Sun.\n\n * Must be in Universal Coordinated Time (UTC).\n\n * Must be at least 30 minutes." type: "string" publiclyAccessible: - description: "A value that indicates whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible, its Domain Name System (DNS)\nendpoint resolves to the private IP address from within the DB cluster's\nvirtual private cloud (VPC). It resolves to the public IP address from outside\nof the DB cluster's VPC. Access to the DB cluster is ultimately controlled\nby the security group it uses. That public access isn't permitted if the\nsecurity group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster\nwith a DNS name that resolves to a private IP address.\n\nDefault: The default behavior varies depending on whether DBSubnetGroupName\nis specified.\n\nIf DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the default VPC in the target Region doesn’t have an internet gateway\n attached to it, the DB cluster is private.\n\n * If the default VPC in the target Region has an internet gateway attached\n to it, the DB cluster is public.\n\nIf DBSubnetGroupName is specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the subnets are part of a VPC that doesn’t have an internet gateway\n attached to it, the DB cluster is private.\n\n * If the subnets are part of a VPC that has an internet gateway attached\n to it, the DB cluster is public.\n\nValid for: Multi-AZ DB clusters only" + description: "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible and you connect from outside of\nthe DB cluster's virtual private cloud (VPC), its Domain Name System (DNS)\nendpoint resolves to the public IP address. When you connect from within\nthe same VPC as the DB cluster, the endpoint resolves to the private IP address.\nAccess to the DB cluster is ultimately controlled by the security group it\nuses. That public access isn't permitted if the security group assigned to\nthe DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster\nwith a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether DBSubnetGroupName\nis specified.\n\nIf DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the default VPC in the target Region doesn’t have an internet gateway\n attached to it, the DB cluster is private.\n\n * If the default VPC in the target Region has an internet gateway attached\n to it, the DB cluster is public.\n\nIf DBSubnetGroupName is specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the subnets are part of a VPC that doesn’t have an internet gateway\n attached to it, the DB cluster is private.\n\n * If the subnets are part of a VPC that has an internet gateway attached\n to it, the DB cluster is public." type: "boolean" replicationSourceIdentifier: - description: "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if\nthis DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if\nthis DB cluster is created as a read replica.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "string" restoreToTime: description: "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n * Must be before the latest restorable time for the DB instance\n\n * Must be specified if UseLatestRestorableTime parameter isn't provided\n\n * Can't be specified if the UseLatestRestorableTime parameter is enabled\n\n * Can't be specified if the RestoreType parameter is copy-on-write\n\nExample: 2015-03-07T23:45:00Z\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" format: "date-time" type: "string" restoreType: - description: "The type of restore to be performed. You can specify one of the following\nvalues:\n\n * full-copy - The new DB cluster is restored as a full copy of the source\n DB cluster.\n\n * copy-on-write - The new DB cluster is restored as a clone of the source\n DB cluster.\n\nConstraints: You can't specify copy-on-write if the engine version of the\nsource DB cluster is earlier than 1.11.\n\nIf you don't specify a RestoreType value, then the new DB cluster is restored\nas a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "The type of restore to be performed. You can specify one of the following\nvalues:\n\n * full-copy - The new DB cluster is restored as a full copy of the source\n DB cluster.\n\n * copy-on-write - The new DB cluster is restored as a clone of the source\n DB cluster.\n\nIf you don't specify a RestoreType value, then the new DB cluster is restored\nas a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" type: "string" scalingConfiguration: - description: "For DB clusters in serverless DB engine mode, the scaling properties of the\nDB cluster.\n\nValid for: Aurora DB clusters only" + description: "For DB clusters in serverless DB engine mode, the scaling properties of the\nDB cluster.\n\nValid for Cluster Type: Aurora DB clusters only" properties: autoPause: type: "boolean" @@ -267,6 +267,9 @@ spec: type: "number" minCapacity: type: "number" + secondsUntilAutoPause: + format: "int64" + type: "integer" type: "object" snapshotIdentifier: description: "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify\na DB cluster snapshot. However, you can use only the ARN to specify a DB\nsnapshot.\n\nConstraints:\n\n * Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" @@ -278,15 +281,15 @@ spec: description: "SourceRegion is the source region where the resource exists. This is not\nsent over the wire and is only used for presigning. This value should always\nhave the same region as the source ARN." type: "string" storageEncrypted: - description: "A value that indicates whether the DB cluster is encrypted.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "Specifies whether the DB cluster is encrypted.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" type: "boolean" storageType: - description: "Specifies the storage type to be associated with the DB cluster.\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid values: io1\n\nWhen specified, a value for the Iops parameter is required.\n\nDefault: io1\n\nValid for: Multi-AZ DB clusters only" + description: "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see Storage configurations\nfor Amazon Aurora DB clusters (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type).\nFor information on storage types for Multi-AZ DB clusters, see Settings for\ncreating Multi-AZ DB clusters (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings).\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the Iops parameter\nis required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n * Aurora DB clusters - aurora | aurora-iopt1\n\n * Multi-AZ DB clusters - io1 | io2 | gp3\n\nDefault:\n\n * Aurora DB clusters - aurora\n\n * Multi-AZ DB clusters - io1\n\nWhen you create an Aurora DB cluster with the storage type set to aurora-iopt1,\nthe storage type is returned in the response. The storage type isn't returned\nwhen you set it to aurora." type: "string" tags: - description: "Tags to assign to the DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "Tags to assign to the DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" items: - description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide." + description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html)\nin the Amazon Aurora User Guide." properties: key: type: "string" @@ -295,10 +298,10 @@ spec: type: "object" type: "array" useLatestRestorableTime: - description: "A value that indicates whether to restore the DB cluster to the latest restorable\nbackup time. By default, the DB cluster isn't restored to the latest restorable\nbackup time.\n\nConstraints: Can't be specified if RestoreToTime parameter is provided.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "Specifies whether to restore the DB cluster to the latest restorable backup\ntime. By default, the DB cluster isn't restored to the latest restorable\nbackup time.\n\nConstraints: Can't be specified if RestoreToTime parameter is provided.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" type: "boolean" vpcSecurityGroupIDs: - description: "A list of EC2 VPC security groups to associate with this DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters" + description: "A list of EC2 VPC security groups to associate with this DB cluster.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" items: type: "string" type: "array" @@ -352,7 +355,7 @@ spec: description: "The status of the database activity stream." type: "string" associatedRoles: - description: "Provides a list of the Amazon Web Services Identity and Access Management\n(IAM) roles that are associated with the DB cluster. IAM roles that are associated\nwith a DB cluster grant permission for the DB cluster to access other Amazon\nWeb Services on your behalf." + description: "A list of the Amazon Web Services Identity and Access Management (IAM) roles\nthat are associated with the DB cluster. IAM roles that are associated with\na DB cluster grant permission for the DB cluster to access other Amazon Web\nServices on your behalf." items: description: "Describes an Amazon Web Services Identity and Access Management (IAM) role\nthat is associated with a DB cluster." properties: @@ -377,14 +380,14 @@ spec: format: "int64" type: "integer" cloneGroupID: - description: "Identifies the clone group to which the DB cluster is associated." + description: "The ID of the clone group with which the DB cluster is associated." type: "string" clusterCreateTime: - description: "Specifies the time when the DB cluster was created, in Universal Coordinated\nTime (UTC)." + description: "The time when the DB cluster was created, in Universal Coordinated Time (UTC)." format: "date-time" type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -410,15 +413,15 @@ spec: type: "object" type: "array" crossAccountClone: - description: "Specifies whether the DB cluster is a clone of a DB cluster owned by a different\nAmazon Web Services account." + description: "Indicates whether the DB cluster is a clone of a DB cluster owned by a different\nAmazon Web Services account." type: "boolean" customEndpoints: - description: "Identifies all custom endpoints associated with the cluster." + description: "The custom endpoints associated with the DB cluster." items: type: "string" type: "array" dbClusterMembers: - description: "Provides the list of instances that make up the DB cluster." + description: "The list of DB instances that make up the DB cluster." items: description: "Contains information about an instance that is part of a DB cluster." properties: @@ -434,7 +437,7 @@ spec: type: "object" type: "array" dbClusterOptionGroupMemberships: - description: "Provides the list of option group memberships for this DB cluster." + description: "The list of option group memberships for this DB cluster." items: description: "Contains status information for a DB cluster option group." properties: @@ -445,13 +448,13 @@ spec: type: "object" type: "array" dbClusterParameterGroup: - description: "Specifies the name of the DB cluster parameter group for the DB cluster." + description: "The name of the DB cluster parameter group for the DB cluster." type: "string" dbClusterResourceID: description: "The Amazon Web Services Region-unique, immutable identifier for the DB cluster.\nThis identifier is found in Amazon Web Services CloudTrail log entries whenever\nthe KMS key for the DB cluster is accessed." type: "string" dbSubnetGroup: - description: "Specifies information on the subnet group associated with the DB cluster,\nincluding the name, description, and subnets in the subnet group." + description: "Information about the subnet group associated with the DB cluster, including\nthe name, description, and subnets in the subnet group." type: "string" domainMemberships: description: "The Active Directory Domain membership records associated with the DB cluster." @@ -482,29 +485,29 @@ spec: type: "string" type: "array" endpoint: - description: "Specifies the connection endpoint for the primary instance of the DB cluster." + description: "The connection endpoint for the primary instance of the DB cluster." type: "string" globalWriteForwardingRequested: - description: "Specifies whether you have requested to enable write forwarding for a secondary\ncluster in an Aurora global database. Because write forwarding takes time\nto enable, check the value of GlobalWriteForwardingStatus to confirm that\nthe request has completed before using the write forwarding feature for this\ncluster." + description: "Indicates whether write forwarding is enabled for a secondary cluster in\nan Aurora global database. Because write forwarding takes time to enable,\ncheck the value of GlobalWriteForwardingStatus to confirm that the request\nhas completed before using the write forwarding feature for this cluster." type: "boolean" globalWriteForwardingStatus: - description: "Specifies whether a secondary cluster in an Aurora global database has write\nforwarding enabled, not enabled, or is in the process of enabling it." + description: "The status of write forwarding for a secondary cluster in an Aurora global\ndatabase." type: "string" hostedZoneID: - description: "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone." + description: "The ID that Amazon Route 53 assigns when you create a hosted zone." type: "string" httpEndpointEnabled: - description: "A value that indicates whether the HTTP endpoint for an Aurora Serverless\nv1 DB cluster is enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API\nfor running SQL queries on the Aurora Serverless v1 DB cluster. You can also\nquery your database from inside the RDS console with the query editor.\n\nFor more information, see Using the Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html)\nin the Amazon Aurora User Guide." + description: "Indicates whether the HTTP endpoint is enabled for an Aurora DB cluster.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API\n(RDS Data API) for running SQL queries on the DB cluster. You can also query\nyour database from inside the RDS console with the RDS query editor.\n\nFor more information, see Using RDS Data API (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html)\nin the Amazon Aurora User Guide." type: "boolean" iamDatabaseAuthenticationEnabled: - description: "A value that indicates whether the mapping of Amazon Web Services Identity\nand Access Management (IAM) accounts to database accounts is enabled." + description: "Indicates whether the mapping of Amazon Web Services Identity and Access\nManagement (IAM) accounts to database accounts is enabled." type: "boolean" latestRestorableTime: - description: "Specifies the latest time to which a database can be restored with point-in-time\nrestore." + description: "The latest time to which a database can be restored with point-in-time restore." format: "date-time" type: "string" masterUserSecret: - description: "Contains the secret managed by RDS in Amazon Web Services Secrets Manager\nfor the master user password.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide and Password management with Amazon Web Services\nSecrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html)\nin the Amazon Aurora User Guide." + description: "The secret managed by RDS in Amazon Web Services Secrets Manager for the\nmaster user password.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide and Password management with Amazon Web Services\nSecrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html)\nin the Amazon Aurora User Guide." properties: kmsKeyID: type: "string" @@ -514,10 +517,10 @@ spec: type: "string" type: "object" multiAZ: - description: "Specifies whether the DB cluster has instances in multiple Availability Zones." + description: "Indicates whether the DB cluster has instances in multiple Availability Zones." type: "boolean" pendingModifiedValues: - description: "A value that specifies that changes to the DB cluster are pending. This element\nis only included when changes are pending. Specific changes are identified\nby subelements." + description: "Information about pending changes to the DB cluster. This information is\nreturned only when there are pending changes. Specific changes are identified\nby subelements." properties: allocatedStorage: format: "int64" @@ -550,10 +553,10 @@ spec: type: "object" type: "object" percentProgress: - description: "Specifies the progress of the operation as a percentage." + description: "The progress of the operation as a percentage." type: "string" performanceInsightsEnabled: - description: "True if Performance Insights is enabled for the DB cluster, and otherwise\nfalse.\n\nThis setting is only for non-Aurora Multi-AZ DB clusters." + description: "Indicates whether Performance Insights is enabled for the DB cluster.\n\nThis setting is only for non-Aurora Multi-AZ DB clusters." type: "boolean" readReplicaIdentifiers: description: "Contains one or more identifiers of the read replicas associated with this\nDB cluster." @@ -564,11 +567,11 @@ spec: description: "The reader endpoint for the DB cluster. The reader endpoint for a DB cluster\nload-balances connections across the Aurora Replicas that are available in\na DB cluster. As clients request new connections to the reader endpoint,\nAurora distributes the connection requests among the Aurora Replicas in the\nDB cluster. This functionality can help balance your read workload across\nmultiple Aurora Replicas in your DB cluster.\n\nIf a failover occurs, and the Aurora Replica that you are connected to is\npromoted to be the primary instance, your connection is dropped. To continue\nsending your read workload to other Aurora Replicas in the cluster, you can\nthen reconnect to the reader endpoint." type: "string" status: - description: "Specifies the current state of this DB cluster." + description: "The current state of this DB cluster." type: "string" tagList: items: - description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide." + description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html)\nin the Amazon Aurora User Guide." properties: key: type: "string" @@ -577,7 +580,7 @@ spec: type: "object" type: "array" vpcSecurityGroups: - description: "Provides a list of VPC security groups that the DB cluster belongs to." + description: "The list of VPC security groups that the DB cluster belongs to." items: description: "This data type is used as a response element for queries on VPC security\ngroup membership." properties: diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml index 505fba123..f35631478 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml @@ -34,51 +34,54 @@ spec: description: "DBInstanceSpec defines the desired state of DBInstance.\n\nContains the details of an Amazon RDS DB instance.\n\nThis data type is used as a response element in the operations CreateDBInstance,\nCreateDBInstanceReadReplica, DeleteDBInstance, DescribeDBInstances, ModifyDBInstance,\nPromoteReadReplica, RebootDBInstance, RestoreDBInstanceFromDBSnapshot, RestoreDBInstanceFromS3,\nRestoreDBInstanceToPointInTime, StartDBInstance, and StopDBInstance." properties: allocatedStorage: - description: "The amount of storage in gibibytes (GiB) to allocate for the DB instance.\n\nType: Integer\n\nAmazon Aurora\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of\ndata in your database increases, though you are only charged for the space\nthat you use in an Aurora cluster volume.\n\nAmazon RDS Custom\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 40\n to 65536 for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server.\n\n * Provisioned IOPS storage (io1): Must be an integer from 40 to 65536\n for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server.\n\nMySQL\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n\n * Magnetic storage (standard): Must be an integer from 5 to 3072.\n\nMariaDB\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n\n * Magnetic storage (standard): Must be an integer from 5 to 3072.\n\nPostgreSQL\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n\n * Magnetic storage (standard): Must be an integer from 5 to 3072.\n\nOracle\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n\n * Magnetic storage (standard): Must be an integer from 10 to 3072.\n\nSQL Server\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Enterprise and Standard editions:\n Must be an integer from 20 to 16384. Web and Express editions: Must be\n an integer from 20 to 16384.\n\n * Provisioned IOPS storage (io1): Enterprise and Standard editions: Must\n be an integer from 100 to 16384. Web and Express editions: Must be an\n integer from 100 to 16384.\n\n * Magnetic storage (standard): Enterprise and Standard editions: Must\n be an integer from 20 to 1024. Web and Express editions: Must be an integer\n from 20 to 1024." + description: "The amount of storage in gibibytes (GiB) to allocate for the DB instance.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Aurora cluster\nvolumes automatically grow as the amount of data in your database increases,\nthough you are only charged for the space that you use in an Aurora cluster\nvolume.\n\nAmazon RDS Custom\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 40\n to 65536 for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server.\n\n * Provisioned IOPS storage (io1, io2): Must be an integer from 40 to 65536\n for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server.\n\nRDS for Db2\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp3): Must be an integer from 20 to 65536.\n\n * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to\n 65536.\n\nRDS for MariaDB\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to\n 65536.\n\n * Magnetic storage (standard): Must be an integer from 5 to 3072.\n\nRDS for MySQL\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to\n 65536.\n\n * Magnetic storage (standard): Must be an integer from 5 to 3072.\n\nRDS for Oracle\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to\n 65536.\n\n * Magnetic storage (standard): Must be an integer from 10 to 3072.\n\nRDS for PostgreSQL\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20\n to 65536.\n\n * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to\n 65536.\n\n * Magnetic storage (standard): Must be an integer from 5 to 3072.\n\nRDS for SQL Server\n\nConstraints to the amount of storage for each storage type are the following:\n\n * General Purpose (SSD) storage (gp2, gp3): Enterprise and Standard editions:\n Must be an integer from 20 to 16384. Web and Express editions: Must be\n an integer from 20 to 16384.\n\n * Provisioned IOPS storage (io1, io2): Enterprise and Standard editions:\n Must be an integer from 100 to 16384. Web and Express editions: Must be\n an integer from 100 to 16384.\n\n * Magnetic storage (standard): Enterprise and Standard editions: Must\n be an integer from 20 to 1024. Web and Express editions: Must be an integer\n from 20 to 1024." format: "int64" type: "integer" autoMinorVersionUpgrade: - description: "A value that indicates whether minor engine upgrades are applied automatically\nto the DB instance during the maintenance window. By default, minor engine\nupgrades are applied automatically.\n\nIf you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade\nto false." + description: "Specifies whether minor engine upgrades are applied automatically to the\nDB instance during the maintenance window. By default, minor engine upgrades\nare applied automatically.\n\nIf you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade\nto false." type: "boolean" availabilityZone: - description: "The Availability Zone (AZ) where the database will be created. For information\non Amazon Web Services Regions and Availability Zones, see Regions and Availability\nZones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).\n\nAmazon Aurora\n\nEach Aurora DB cluster hosts copies of its storage in three separate Availability\nZones. Specify one of these Availability Zones. Aurora automatically chooses\nan appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's Amazon\nWeb Services Region.\n\nExample: us-east-1d\n\nConstraint: The AvailabilityZone parameter can't be specified if the DB instance\nis a Multi-AZ deployment. The specified Availability Zone must be in the\nsame Amazon Web Services Region as the current endpoint." + description: "The Availability Zone (AZ) where the database will be created. For information\non Amazon Web Services Regions and Availability Zones, see Regions and Availability\nZones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in\nthree separate Availability Zones. Specify one of these Availability Zones.\nAurora automatically chooses an appropriate Availability Zone if you don't\nspecify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's Amazon\nWeb Services Region.\n\nConstraints:\n\n * The AvailabilityZone parameter can't be specified if the DB instance\n is a Multi-AZ deployment.\n\n * The specified Availability Zone must be in the same Amazon Web Services\n Region as the current endpoint.\n\nExample: us-east-1d" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" backupRetentionPeriod: - description: "The number of days for which automated backups are retained. Setting this\nparameter to a positive number enables backups. Setting this parameter to\n0 disables automated backups.\n\nAmazon Aurora\n\nNot applicable. The retention period for automated backups is managed by\nthe DB cluster.\n\nDefault: 1\n\nConstraints:\n\n * Must be a value from 0 to 35\n\n * Can't be set to 0 if the DB instance is a source to read replicas\n\n * Can't be set to 0 for an RDS Custom for Oracle DB instance" + description: "The number of days for which automated backups are retained. Setting this\nparameter to a positive number enables backups. Setting this parameter to\n0 disables automated backups.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The retention period\nfor automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n * Must be a value from 0 to 35.\n\n * Can't be set to 0 if the DB instance is a source to read replicas.\n\n * Can't be set to 0 for an RDS Custom for Oracle DB instance." format: "int64" type: "integer" backupTarget: - description: "Specifies where automated backups and manual snapshots are stored.\n\nPossible values are outposts (Amazon Web Services Outposts) and region (Amazon\nWeb Services Region). The default is region.\n\nFor more information, see Working with Amazon RDS on Amazon Web Services\nOutposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)\nin the Amazon RDS User Guide." + description: "The location for storing automated backups and manual snapshots.\n\nValid Values:\n\n * outposts (Amazon Web Services Outposts)\n\n * region (Amazon Web Services Region)\n\nDefault: region\n\nFor more information, see Working with Amazon RDS on Amazon Web Services\nOutposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)\nin the Amazon RDS User Guide." type: "string" caCertificateIdentifier: - description: "Specifies the CA certificate identifier to use for the DB instance’s server\ncertificate.\n\nThis setting doesn't apply to RDS Custom.\n\nFor more information, see Using SSL/TLS to encrypt a connection to a DB instance\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html)\nin the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to\na DB cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html)\nin the Amazon Aurora User Guide." + description: "The CA certificate identifier to use for the DB instance's server certificate.\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nFor more information, see Using SSL/TLS to encrypt a connection to a DB instance\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html)\nin the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to\na DB cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html)\nin the Amazon Aurora User Guide." type: "string" characterSetName: - description: "For supported engines, this value indicates that the DB instance should be\nassociated with the specified CharacterSet.\n\nThis setting doesn't apply to RDS Custom. However, if you need to change\nthe character set, you can change it on the database itself.\n\nAmazon Aurora\n\nNot applicable. The character set is managed by the DB cluster. For more\ninformation, see CreateDBCluster." + description: "For supported engines, the character set (CharacterSet) to associate the\nDB instance with.\n\nThis setting doesn't apply to the following DB instances:\n\n * Amazon Aurora - The character set is managed by the DB cluster. For\n more information, see CreateDBCluster.\n\n * RDS Custom - However, if you need to change the character set, you can\n change it on the database itself." type: "string" copyTagsToSnapshot: - description: "A value that indicates whether to copy tags from the DB instance to snapshots\nof the DB instance. By default, tags are not copied.\n\nAmazon Aurora\n\nNot applicable. Copying tags to snapshots is managed by the DB cluster. Setting\nthis value for an Aurora DB instance has no effect on the DB cluster setting." + description: "Specifies whether to copy tags from the DB instance to snapshots of the DB\ninstance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to\nsnapshots is managed by the DB cluster. Setting this value for an Aurora\nDB instance has no effect on the DB cluster setting." type: "boolean" customIAMInstanceProfile: - description: "The instance profile associated with the underlying Amazon EC2 instance of\nan RDS Custom DB instance. The instance profile must meet the following requirements:\n\n * The profile must exist in your account.\n\n * The profile must have an IAM role that Amazon EC2 has permissions to\n assume.\n\n * The instance profile name and the associated IAM role name must start\n with the prefix AWSRDSCustom.\n\nFor the list of permissions required for the IAM role, see Configure IAM\nand your VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc)\nin the Amazon RDS User Guide.\n\nThis setting is required for RDS Custom." + description: "The instance profile associated with the underlying Amazon EC2 instance of\nan RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n * The profile must exist in your account.\n\n * The profile must have an IAM role that Amazon EC2 has permissions to\n assume.\n\n * The instance profile name and the associated IAM role name must start\n with the prefix AWSRDSCustom.\n\nFor the list of permissions required for the IAM role, see Configure IAM\nand your VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc)\nin the Amazon RDS User Guide." type: "string" dbClusterIdentifier: - description: "The identifier of the DB cluster that the instance will belong to.\n\nThis setting doesn't apply to RDS Custom." + description: "The identifier of the DB cluster that this DB instance will belong to.\n\nThis setting doesn't apply to RDS Custom DB instances." type: "string" dbClusterSnapshotIdentifier: - description: "The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore\nfrom.\n\nFor more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html)\nin the Amazon RDS User Guide.\n\nConstraints:\n\n * Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n\n * Can't be specified when DBSnapshotIdentifier is specified.\n\n * Must be specified when DBSnapshotIdentifier isn't specified.\n\n * If you are restoring from a shared manual Multi-AZ DB cluster snapshot,\n the DBClusterSnapshotIdentifier must be the ARN of the shared snapshot.\n\n * Can't be the identifier of an Aurora DB cluster snapshot.\n\n * Can't be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster\n snapshot." + description: "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html)\nin the Amazon RDS User Guide.\n\nConstraints:\n\n * Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n\n * Can't be specified when DBSnapshotIdentifier is specified.\n\n * Must be specified when DBSnapshotIdentifier isn't specified.\n\n * If you are restoring from a shared manual Multi-AZ DB cluster snapshot,\n the DBClusterSnapshotIdentifier must be the ARN of the shared snapshot.\n\n * Can't be the identifier of an Aurora DB cluster snapshot." type: "string" dbInstanceClass: description: "The compute and memory capacity of the DB instance, for example db.m5.large.\nNot all DB instance classes are available in all Amazon Web Services Regions,\nor for all database engines. For the full list of DB instance classes, and\navailability for your engine, see DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)\nin the Amazon RDS User Guide or Aurora DB instance classes (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html)\nin the Amazon Aurora User Guide." type: "string" dbInstanceIdentifier: - description: "The DB instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n * Must contain from 1 to 63 letters, numbers, or hyphens.\n\n * First character must be a letter.\n\n * Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: mydbinstance" + description: "The identifier for this DB instance. This parameter is stored as a lowercase\nstring.\n\nConstraints:\n\n * Must contain from 1 to 63 letters, numbers, or hyphens.\n\n * First character must be a letter.\n\n * Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: mydbinstance" type: "string" dbName: - description: "The meaning of this parameter differs according to the database engine you\nuse.\n\nMySQL\n\nThe name of the database to create when the DB instance is created. If this\nparameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n * Must contain 1 to 64 letters or numbers.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the specified database engine\n\nMariaDB\n\nThe name of the database to create when the DB instance is created. If this\nparameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n * Must contain 1 to 64 letters or numbers.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the specified database engine\n\nPostgreSQL\n\nThe name of the database to create when the DB instance is created. If this\nparameter isn't specified, a database named postgres is created in the DB\ninstance.\n\nConstraints:\n\n * Must contain 1 to 63 letters, numbers, or underscores.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the specified database engine\n\nOracle\n\nThe Oracle System ID (SID) of the created DB instance. If you specify null,\nthe default value ORCL is used. You can't specify the string NULL, or any\nother reserved word, for DBName.\n\nDefault: ORCL\n\nConstraints:\n\n * Can't be longer than 8 characters\n\nAmazon RDS Custom for Oracle\n\nThe Oracle System ID (SID) of the created RDS Custom DB instance. If you\ndon't specify a value, the default value is ORCL.\n\nDefault: ORCL\n\nConstraints:\n\n * It must contain 1 to 8 alphanumeric characters.\n\n * It must contain a letter.\n\n * It can't be a word reserved by the database engine.\n\nAmazon RDS Custom for SQL Server\n\nNot applicable. Must be null.\n\nSQL Server\n\nNot applicable. Must be null.\n\nAmazon Aurora MySQL\n\nThe name of the database to create when the primary DB instance of the Aurora\nMySQL DB cluster is created. If this parameter isn't specified for an Aurora\nMySQL DB cluster, no database is created in the DB cluster.\n\nConstraints:\n\n * It must contain 1 to 64 alphanumeric characters.\n\n * It can't be a word reserved by the database engine.\n\nAmazon Aurora PostgreSQL\n\nThe name of the database to create when the primary DB instance of the Aurora\nPostgreSQL DB cluster is created. If this parameter isn't specified for an\nAurora PostgreSQL DB cluster, a database named postgres is created in the\nDB cluster.\n\nConstraints:\n\n * It must contain 1 to 63 alphanumeric characters.\n\n * It must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0 to 9).\n\n * It can't be a word reserved by the database engine." + description: "The meaning of this parameter differs according to the database engine you\nuse.\n\nAmazon Aurora MySQL\n\nThe name of the database to create when the primary DB instance of the Aurora\nMySQL DB cluster is created. If this parameter isn't specified for an Aurora\nMySQL DB cluster, no database is created in the DB cluster.\n\nConstraints:\n\n * Must contain 1 to 64 alphanumeric characters.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the database engine.\n\nAmazon Aurora PostgreSQL\n\nThe name of the database to create when the primary DB instance of the Aurora\nPostgreSQL DB cluster is created. A database named postgres is always created.\nIf this parameter is specified, an additional database with this name is\ncreated.\n\nConstraints:\n\n * It must contain 1 to 63 alphanumeric characters.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0 to 9).\n\n * Can't be a word reserved by the database engine.\n\nAmazon RDS Custom for Oracle\n\nThe Oracle System ID (SID) of the created RDS Custom DB instance. If you\ndon't specify a value, the default value is ORCL for non-CDBs and RDSCDB\nfor CDBs.\n\nDefault: ORCL\n\nConstraints:\n\n * Must contain 1 to 8 alphanumeric characters.\n\n * Must contain a letter.\n\n * Can't be a word reserved by the database engine.\n\nAmazon RDS Custom for SQL Server\n\nNot applicable. Must be null.\n\nRDS for Db2\n\nThe name of the database to create when the DB instance is created. If this\nparameter isn't specified, no database is created in the DB instance. In\nsome cases, we recommend that you don't add a database name. For more information,\nsee Additional considerations (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-db-instance-prereqs.html#db2-prereqs-additional-considerations)\nin the Amazon RDS User Guide.\n\nConstraints:\n\n * Must contain 1 to 64 letters or numbers.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the specified database engine.\n\nRDS for MariaDB\n\nThe name of the database to create when the DB instance is created. If this\nparameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n * Must contain 1 to 64 letters or numbers.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the specified database engine.\n\nRDS for MySQL\n\nThe name of the database to create when the DB instance is created. If this\nparameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n * Must contain 1 to 64 letters or numbers.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the specified database engine.\n\nRDS for Oracle\n\nThe Oracle System ID (SID) of the created DB instance. If you don't specify\na value, the default value is ORCL. You can't specify the string null, or\nany other reserved word, for DBName.\n\nDefault: ORCL\n\nConstraints:\n\n * Can't be longer than 8 characters.\n\nRDS for PostgreSQL\n\nThe name of the database to create when the DB instance is created. A database\nnamed postgres is always created. If this parameter is specified, an additional\ndatabase with this name is created.\n\nConstraints:\n\n * Must contain 1 to 63 letters, numbers, or underscores.\n\n * Must begin with a letter. Subsequent characters can be letters, underscores,\n or digits (0-9).\n\n * Can't be a word reserved by the specified database engine.\n\nRDS for SQL Server\n\nNot applicable. Must be null." type: "string" dbParameterGroupName: - description: "The name of the DB parameter group to associate with this DB instance. If\nyou do not specify a value, then the default DB parameter group for the specified\nDB engine and version is used.\n\nThis setting doesn't apply to RDS Custom.\n\nConstraints:\n\n * It must be 1 to 255 letters, numbers, or hyphens.\n\n * The first character must be a letter.\n\n * It can't end with a hyphen or contain two consecutive hyphens." + description: "The name of the DB parameter group to associate with this DB instance. If\nyou don't specify a value, then Amazon RDS uses the default DB parameter\ngroup for the specified DB engine and version.\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nConstraints:\n\n * Must be 1 to 255 letters, numbers, or hyphens.\n\n * The first character must be a letter.\n\n * Can't end with a hyphen or contain two consecutive hyphens." type: "string" dbParameterGroupRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -93,10 +96,10 @@ spec: type: "object" type: "object" dbSnapshotIdentifier: - description: "The identifier for the DB snapshot to restore from.\n\nConstraints:\n\n * Must match the identifier of an existing DBSnapshot.\n\n * Can't be specified when DBClusterSnapshotIdentifier is specified.\n\n * Must be specified when DBClusterSnapshotIdentifier isn't specified.\n\n * If you are restoring from a shared manual DB snapshot, the DBSnapshotIdentifier\n must be the ARN of the shared DB snapshot." + description: "The identifier for the DB snapshot to restore from.\n\nConstraints:\n\n * Must match the identifier of an existing DB snapshot.\n\n * Can't be specified when DBClusterSnapshotIdentifier is specified.\n\n * Must be specified when DBClusterSnapshotIdentifier isn't specified.\n\n * If you are restoring from a shared manual DB snapshot, the DBSnapshotIdentifier\n must be the ARN of the shared DB snapshot." type: "string" dbSubnetGroupName: - description: "A DB subnet group to associate with this DB instance.\n\nConstraints: Must match the name of an existing DBSubnetGroup. Must not be\ndefault.\n\nExample: mydbsubnetgroup" + description: "A DB subnet group to associate with this DB instance.\n\nConstraints:\n\n * Must match the name of an existing DB subnet group.\n\nExample: mydbsubnetgroup" type: "string" dbSubnetGroupRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -111,40 +114,40 @@ spec: type: "object" type: "object" deletionProtection: - description: "A value that indicates whether the DB instance has deletion protection enabled.\nThe database can't be deleted when deletion protection is enabled. By default,\ndeletion protection isn't enabled. For more information, see Deleting a DB\nInstance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html).\n\nAmazon Aurora\n\nNot applicable. You can enable or disable deletion protection for the DB\ncluster. For more information, see CreateDBCluster. DB instances in a DB\ncluster can be deleted even when deletion protection is enabled for the DB\ncluster." + description: "Specifies whether the DB instance has deletion protection enabled. The database\ncan't be deleted when deletion protection is enabled. By default, deletion\nprotection isn't enabled. For more information, see Deleting a DB Instance\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html).\n\nThis setting doesn't apply to Amazon Aurora DB instances. You can enable\nor disable deletion protection for the DB cluster. For more information,\nsee CreateDBCluster. DB instances in a DB cluster can be deleted even when\ndeletion protection is enabled for the DB cluster." type: "boolean" destinationRegion: description: "DestinationRegion is used for presigning the request to a given region." type: "string" domain: - description: "The Active Directory directory ID to create the DB instance in. Currently,\nonly MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can\nbe created in an Active Directory Domain.\n\nFor more information, see Kerberos Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable. The domain is managed by the DB cluster." + description: "The Active Directory directory ID to create the DB instance in. Currently,\nyou can create only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL\nDB instances in an Active Directory Domain.\n\nFor more information, see Kerberos Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to the following DB instances:\n\n * Amazon Aurora (The domain is managed by the DB cluster.)\n\n * RDS Custom" type: "string" domainIAMRoleName: - description: "Specify the name of the IAM role to be used when making API calls to the\nDirectory Service.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable. The domain is managed by the DB cluster." + description: "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n * Amazon Aurora (The domain is managed by the DB cluster.)\n\n * RDS Custom" type: "string" enableCloudwatchLogsExports: - description: "The list of log types that need to be enabled for exporting to CloudWatch\nLogs. The values in the list depend on the DB engine. For more information,\nsee Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)\nin the Amazon RDS User Guide.\n\nAmazon Aurora\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\nRDS Custom\n\nNot applicable.\n\nMariaDB\n\nPossible values are audit, error, general, and slowquery.\n\nMicrosoft SQL Server\n\nPossible values are agent and error.\n\nMySQL\n\nPossible values are audit, error, general, and slowquery.\n\nOracle\n\nPossible values are alert, audit, listener, trace, and oemagent.\n\nPostgreSQL\n\nPossible values are postgresql and upgrade." + description: "The list of log types to enable for exporting to CloudWatch Logs. For more\ninformation, see Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to the following DB instances:\n\n * Amazon Aurora (CloudWatch Logs exports are managed by the DB cluster.)\n\n * RDS Custom\n\nThe following values are valid for each DB engine:\n\n * RDS for Db2 - diag.log | notify.log\n\n * RDS for MariaDB - audit | error | general | slowquery\n\n * RDS for Microsoft SQL Server - agent | error\n\n * RDS for MySQL - audit | error | general | slowquery\n\n * RDS for Oracle - alert | audit | listener | trace | oemagent\n\n * RDS for PostgreSQL - postgresql | upgrade" items: type: "string" type: "array" enableCustomerOwnedIP: - description: "A value that indicates whether to enable a customer-owned IP address (CoIP)\nfor an RDS on Outposts DB instance.\n\nA CoIP provides local or external connectivity to resources in your Outpost\nsubnets through your on-premises network. For some use cases, a CoIP can\nprovide lower latency for connections to the DB instance from outside of\nits virtual private cloud (VPC) on your local network.\n\nFor more information about RDS on Outposts, see Working with Amazon RDS on\nAmazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)\nin the Amazon RDS User Guide.\n\nFor more information about CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing)\nin the Amazon Web Services Outposts User Guide." + description: "Specifies whether to enable a customer-owned IP address (CoIP) for an RDS\non Outposts DB instance.\n\nA CoIP provides local or external connectivity to resources in your Outpost\nsubnets through your on-premises network. For some use cases, a CoIP can\nprovide lower latency for connections to the DB instance from outside of\nits virtual private cloud (VPC) on your local network.\n\nFor more information about RDS on Outposts, see Working with Amazon RDS on\nAmazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)\nin the Amazon RDS User Guide.\n\nFor more information about CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing)\nin the Amazon Web Services Outposts User Guide." type: "boolean" enableIAMDatabaseAuthentication: - description: "A value that indicates whether to enable mapping of Amazon Web Services Identity\nand Access Management (IAM) accounts to database accounts. By default, mapping\nisn't enabled.\n\nFor more information, see IAM Database Authentication for MySQL and PostgreSQL\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable. Mapping Amazon Web Services IAM accounts to database accounts\nis managed by the DB cluster." + description: "Specifies whether to enable mapping of Amazon Web Services Identity and Access\nManagement (IAM) accounts to database accounts. By default, mapping isn't\nenabled.\n\nFor more information, see IAM Database Authentication for MySQL and PostgreSQL\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to the following DB instances:\n\n * Amazon Aurora (Mapping Amazon Web Services IAM accounts to database\n accounts is managed by the DB cluster.)\n\n * RDS Custom" type: "boolean" engine: - description: "The name of the database engine to be used for this instance.\n\nNot every database engine is available for every Amazon Web Services Region.\n\nValid Values:\n\n * aurora (for MySQL 5.6-compatible Aurora)\n\n * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)\n\n * aurora-postgresql\n\n * custom-oracle-ee (for RDS Custom for Oracle instances)\n\n * custom-sqlserver-ee (for RDS Custom for SQL Server instances)\n\n * custom-sqlserver-se (for RDS Custom for SQL Server instances)\n\n * custom-sqlserver-web (for RDS Custom for SQL Server instances)\n\n * mariadb\n\n * mysql\n\n * oracle-ee\n\n * oracle-ee-cdb\n\n * oracle-se2\n\n * oracle-se2-cdb\n\n * postgres\n\n * sqlserver-ee\n\n * sqlserver-se\n\n * sqlserver-ex\n\n * sqlserver-web" + description: "The database engine to use for this DB instance.\n\nNot every database engine is available in every Amazon Web Services Region.\n\nValid Values:\n\n * aurora-mysql (for Aurora MySQL DB instances)\n\n * aurora-postgresql (for Aurora PostgreSQL DB instances)\n\n * custom-oracle-ee (for RDS Custom for Oracle DB instances)\n\n * custom-oracle-ee-cdb (for RDS Custom for Oracle DB instances)\n\n * custom-oracle-se2 (for RDS Custom for Oracle DB instances)\n\n * custom-oracle-se2-cdb (for RDS Custom for Oracle DB instances)\n\n * custom-sqlserver-ee (for RDS Custom for SQL Server DB instances)\n\n * custom-sqlserver-se (for RDS Custom for SQL Server DB instances)\n\n * custom-sqlserver-web (for RDS Custom for SQL Server DB instances)\n\n * custom-sqlserver-dev (for RDS Custom for SQL Server DB instances)\n\n * db2-ae\n\n * db2-se\n\n * mariadb\n\n * mysql\n\n * oracle-ee\n\n * oracle-ee-cdb\n\n * oracle-se2\n\n * oracle-se2-cdb\n\n * postgres\n\n * sqlserver-ee\n\n * sqlserver-se\n\n * sqlserver-ex\n\n * sqlserver-web" type: "string" engineVersion: - description: "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the DescribeDBEngineVersions operation.\n\nThe following are the database engines and links to information about the\nmajor and minor versions that are available with Amazon RDS. Not every database\nengine is available for every Amazon Web Services Region.\n\nAmazon Aurora\n\nNot applicable. The version number of the database engine to be used by the\nDB instance is managed by the DB cluster.\n\nAmazon RDS Custom for Oracle\n\nA custom engine version (CEV) that you have previously created. This setting\nis required for RDS Custom for Oracle. The CEV name has the following format:\n19.customized_string. A valid CEV name is 19.my_cev1. For more information,\nsee Creating an RDS Custom for Oracle DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating.html#custom-creating.create)\nin the Amazon RDS User Guide.\n\nAmazon RDS Custom for SQL Server\n\nSee RDS Custom for SQL Server general requirements (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-reqs-limits-MS.html)\nin the Amazon RDS User Guide.\n\nMariaDB\n\nFor information, see MariaDB on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt)\nin the Amazon RDS User Guide.\n\nMicrosoft SQL Server\n\nFor information, see Microsoft SQL Server Versions on Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport)\nin the Amazon RDS User Guide.\n\nMySQL\n\nFor information, see MySQL on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt)\nin the Amazon RDS User Guide.\n\nOracle\n\nFor information, see Oracle Database Engine Release Notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html)\nin the Amazon RDS User Guide.\n\nPostgreSQL\n\nFor information, see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts)\nin the Amazon RDS User Guide." + description: "The version number of the database engine to use.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The version number\nof the database engine the DB instance uses is managed by the DB cluster.\n\nFor a list of valid engine versions, use the DescribeDBEngineVersions operation.\n\nThe following are the database engines and links to information about the\nmajor and minor versions that are available with Amazon RDS. Not every database\nengine is available for every Amazon Web Services Region.\n\nAmazon RDS Custom for Oracle\n\nA custom engine version (CEV) that you have previously created. This setting\nis required for RDS Custom for Oracle. The CEV name has the following format:\n19.customized_string. A valid CEV name is 19.my_cev1. For more information,\nsee Creating an RDS Custom for Oracle DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating.html#custom-creating.create)\nin the Amazon RDS User Guide.\n\nAmazon RDS Custom for SQL Server\n\nSee RDS Custom for SQL Server general requirements (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-reqs-limits-MS.html)\nin the Amazon RDS User Guide.\n\nRDS for Db2\n\nFor information, see Db2 on Amazon RDS versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt)\nin the Amazon RDS User Guide.\n\nRDS for MariaDB\n\nFor information, see MariaDB on Amazon RDS versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt)\nin the Amazon RDS User Guide.\n\nRDS for Microsoft SQL Server\n\nFor information, see Microsoft SQL Server versions on Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport)\nin the Amazon RDS User Guide.\n\nRDS for MySQL\n\nFor information, see MySQL on Amazon RDS versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt)\nin the Amazon RDS User Guide.\n\nRDS for Oracle\n\nFor information, see Oracle Database Engine release notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html)\nin the Amazon RDS User Guide.\n\nRDS for PostgreSQL\n\nFor information, see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts)\nin the Amazon RDS User Guide." type: "string" iops: - description: "The amount of Provisioned IOPS (input/output operations per second) to be\ninitially allocated for the DB instance. For information about valid IOPS\nvalues, see Amazon RDS DB instance storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html)\nin the Amazon RDS User Guide.\n\nConstraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must\nbe a multiple between .5 and 50 of the storage amount for the DB instance.\nFor SQL Server DB instances, must be a multiple between 1 and 50 of the storage\namount for the DB instance.\n\nAmazon Aurora\n\nNot applicable. Storage is managed by the DB cluster." + description: "The amount of Provisioned IOPS (input/output operations per second) to initially\nallocate for the DB instance. For information about valid IOPS values, see\nAmazon RDS DB instance storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed\nby the DB cluster.\n\nConstraints:\n\n * For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a\n multiple between .5 and 50 of the storage amount for the DB instance.\n\n * For RDS for SQL Server - Must be a multiple between 1 and 50 of the\n storage amount for the DB instance." format: "int64" type: "integer" kmsKeyID: - description: "The Amazon Web Services KMS key identifier for an encrypted DB instance.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key. To use a KMS key in a different Amazon\nWeb Services account, specify the key ARN or alias ARN.\n\nAmazon Aurora\n\nNot applicable. The Amazon Web Services KMS key identifier is managed by\nthe DB cluster. For more information, see CreateDBCluster.\n\nIf StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId\nparameter, then Amazon RDS uses your default KMS key. There is a default\nKMS key for your Amazon Web Services account. Your Amazon Web Services account\nhas a different default KMS key for each Amazon Web Services Region.\n\nAmazon RDS Custom\n\nA KMS key is required for RDS Custom instances. For most RDS engines, if\nyou leave this parameter empty while enabling StorageEncrypted, the engine\nuses the default KMS key. However, RDS Custom doesn't use the default key\nwhen this parameter is empty. You must explicitly specify a key." + description: "The Amazon Web Services KMS key identifier for an encrypted DB instance.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key. To use a KMS key in a different Amazon\nWeb Services account, specify the key ARN or alias ARN.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The Amazon Web\nServices KMS key identifier is managed by the DB cluster. For more information,\nsee CreateDBCluster.\n\nIf StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId\nparameter, then Amazon RDS uses your default KMS key. There is a default\nKMS key for your Amazon Web Services account. Your Amazon Web Services account\nhas a different default KMS key for each Amazon Web Services Region.\n\nFor Amazon RDS Custom, a KMS key is required for DB instances. For most RDS\nengines, if you leave this parameter empty while enabling StorageEncrypted,\nthe engine uses the default KMS key. However, RDS Custom doesn't use the\ndefault key when this parameter is empty. You must explicitly specify a key." type: "string" kmsKeyRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" @@ -159,13 +162,13 @@ spec: type: "object" type: "object" licenseModel: - description: "License model information for this DB instance.\n\nValid values: license-included | bring-your-own-license | general-public-license\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable." + description: "The license model information for this DB instance.\n\nLicense models for RDS for Db2 require additional configuration. The Bring\nYour Own License (BYOL) model requires a custom parameter group and an Amazon\nWeb Services License Manager self-managed license. The Db2 license through\nAmazon Web Services Marketplace model requires an Amazon Web Services Marketplace\nsubscription. For more information, see Amazon RDS for Db2 licensing options\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html)\nin the Amazon RDS User Guide.\n\nThe default for RDS for Db2 is bring-your-own-license.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.\n\nValid Values:\n\n * RDS for Db2 - bring-your-own-license | marketplace-license\n\n * RDS for MariaDB - general-public-license\n\n * RDS for Microsoft SQL Server - license-included\n\n * RDS for MySQL - general-public-license\n\n * RDS for Oracle - bring-your-own-license | license-included\n\n * RDS for PostgreSQL - postgresql-license" type: "string" manageMasterUserPassword: - description: "A value that indicates whether to manage the master user password with Amazon\nWeb Services Secrets Manager.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide.\n\nConstraints:\n\n * Can't manage the master user password with Amazon Web Services Secrets\n Manager if MasterUserPassword is specified." + description: "Specifies whether to manage the master user password with Amazon Web Services\nSecrets Manager.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide.\n\nConstraints:\n\n * Can't manage the master user password with Amazon Web Services Secrets\n Manager if MasterUserPassword is specified." type: "boolean" masterUserPassword: - description: "The password for the master user. The password can include any printable\nASCII character except \"/\", \"\"\", or \"@\".\n\nAmazon Aurora\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\nConstraints: Can't be specified if ManageMasterUserPassword is turned on.\n\nMariaDB\n\nConstraints: Must contain from 8 to 41 characters.\n\nMicrosoft SQL Server\n\nConstraints: Must contain from 8 to 128 characters.\n\nMySQL\n\nConstraints: Must contain from 8 to 41 characters.\n\nOracle\n\nConstraints: Must contain from 8 to 30 characters.\n\nPostgreSQL\n\nConstraints: Must contain from 8 to 128 characters." + description: "The password for the master user.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The password for\nthe master user is managed by the DB cluster.\n\nConstraints:\n\n * Can't be specified if ManageMasterUserPassword is turned on.\n\n * Can include any printable ASCII character except \"/\", \"\"\", or \"@\". For\n RDS for Oracle, can't include the \"&\" (ampersand) or the \"'\" (single quotes)\n character.\n\nLength Constraints:\n\n * RDS for Db2 - Must contain from 8 to 255 characters.\n\n * RDS for MariaDB - Must contain from 8 to 41 characters.\n\n * RDS for Microsoft SQL Server - Must contain from 8 to 128 characters.\n\n * RDS for MySQL - Must contain from 8 to 41 characters.\n\n * RDS for Oracle - Must contain from 8 to 30 characters.\n\n * RDS for PostgreSQL - Must contain from 8 to 128 characters." properties: key: description: "Key is the key within the secret" @@ -196,58 +199,58 @@ spec: type: "object" type: "object" masterUsername: - description: "The name for the master user.\n\nAmazon Aurora\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\nAmazon RDS\n\nConstraints:\n\n * Required.\n\n * Must be 1 to 16 letters, numbers, or underscores.\n\n * First character must be a letter.\n\n * Can't be a reserved word for the chosen database engine." + description: "The name for the master user.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The name for the\nmaster user is managed by the DB cluster.\n\nThis setting is required for RDS DB instances.\n\nConstraints:\n\n * Must be 1 to 16 letters, numbers, or underscores.\n\n * First character must be a letter.\n\n * Can't be a reserved word for the chosen database engine." type: "string" maxAllocatedStorage: - description: "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically\nscale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply\nto it, see Managing capacity automatically with Amazon RDS storage autoscaling\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable. Storage is managed by the DB cluster." + description: "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically\nscale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply\nto it, see Managing capacity automatically with Amazon RDS storage autoscaling\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to the following DB instances:\n\n * Amazon Aurora (Storage is managed by the DB cluster.)\n\n * RDS Custom" format: "int64" type: "integer" monitoringInterval: - description: "The interval, in seconds, between points when Enhanced Monitoring metrics\nare collected for the DB instance. To disable collection of Enhanced Monitoring\nmetrics, specify 0. The default is 0.\n\nIf MonitoringRoleArn is specified, then you must set MonitoringInterval to\na value other than 0.\n\nThis setting doesn't apply to RDS Custom.\n\nValid Values: 0, 1, 5, 10, 15, 30, 60" + description: "The interval, in seconds, between points when Enhanced Monitoring metrics\nare collected for the DB instance. To disable collection of Enhanced Monitoring\nmetrics, specify 0.\n\nIf MonitoringRoleArn is specified, then you must set MonitoringInterval to\na value other than 0.\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values: 0 | 1 | 5 | 10 | 15 | 30 | 60\n\nDefault: 0" format: "int64" type: "integer" monitoringRoleARN: - description: "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics\nto Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess.\nFor information on creating a monitoring role, see Setting Up and Enabling\nEnhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling)\nin the Amazon RDS User Guide.\n\nIf MonitoringInterval is set to a value other than 0, then you must supply\na MonitoringRoleArn value.\n\nThis setting doesn't apply to RDS Custom." + description: "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics\nto Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess.\nFor information on creating a monitoring role, see Setting Up and Enabling\nEnhanced Monitoring (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling)\nin the Amazon RDS User Guide.\n\nIf MonitoringInterval is set to a value other than 0, then you must supply\na MonitoringRoleArn value.\n\nThis setting doesn't apply to RDS Custom DB instances." type: "string" multiAZ: - description: "A value that indicates whether the DB instance is a Multi-AZ deployment.\nYou can't set the AvailabilityZone parameter if the DB instance is a Multi-AZ\ndeployment.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable. DB instance Availability Zones (AZs) are managed by the DB\ncluster." + description: "Specifies whether the DB instance is a Multi-AZ deployment. You can't set\nthe AvailabilityZone parameter if the DB instance is a Multi-AZ deployment.\n\nThis setting doesn't apply to the following DB instances:\n\n * Amazon Aurora (DB instance Availability Zones (AZs) are managed by the\n DB cluster.)\n\n * RDS Custom" type: "boolean" ncharCharacterSetName: - description: "The name of the NCHAR character set for the Oracle DB instance.\n\nThis parameter doesn't apply to RDS Custom." + description: "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances." type: "string" networkType: - description: "The network type of the DB instance.\n\nValid values:\n\n * IPV4\n\n * DUAL\n\nThe network type is determined by the DBSubnetGroup specified for the DB\ninstance. A DBSubnetGroup can support only the IPv4 protocol or the IPv4\nand the IPv6 protocols (DUAL).\n\nFor more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html)\nin the Amazon RDS User Guide." + description: "The network type of the DB instance.\n\nThe network type is determined by the DBSubnetGroup specified for the DB\ninstance. A DBSubnetGroup can support only the IPv4 protocol or the IPv4\nand the IPv6 protocols (DUAL).\n\nFor more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html)\nin the Amazon RDS User Guide.\n\nValid Values: IPV4 | DUAL" type: "string" optionGroupName: - description: "A value that indicates that the DB instance should be associated with the\nspecified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE,\ncan't be removed from an option group. Also, that option group can't be removed\nfrom a DB instance after it is associated with a DB instance.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable." + description: "The option group to associate the DB instance with.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE,\ncan't be removed from an option group. Also, that option group can't be removed\nfrom a DB instance after it is associated with a DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances." type: "string" performanceInsightsEnabled: - description: "A value that indicates whether to enable Performance Insights for the DB\ninstance. For more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to RDS Custom." + description: "Specifies whether to enable Performance Insights for the DB instance. For\nmore information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to RDS Custom DB instances." type: "boolean" performanceInsightsKMSKeyID: - description: "The Amazon Web Services KMS key identifier for encryption of Performance\nInsights data.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key.\n\nIf you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon\nRDS uses your default KMS key. There is a default KMS key for your Amazon\nWeb Services account. Your Amazon Web Services account has a different default\nKMS key for each Amazon Web Services Region.\n\nThis setting doesn't apply to RDS Custom." + description: "The Amazon Web Services KMS key identifier for encryption of Performance\nInsights data.\n\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias\nARN, or alias name for the KMS key.\n\nIf you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon\nRDS uses your default KMS key. There is a default KMS key for your Amazon\nWeb Services account. Your Amazon Web Services account has a different default\nKMS key for each Amazon Web Services Region.\n\nThis setting doesn't apply to RDS Custom DB instances." type: "string" performanceInsightsRetentionPeriod: - description: "The number of days to retain Performance Insights data. The default is 7\ndays. The following values are valid:\n\n * 7\n\n * month * 31, where month is a number of months from 1-23\n\n * 731\n\nFor example, the following values are valid:\n\n * 93 (3 months * 31)\n\n * 341 (11 months * 31)\n\n * 589 (19 months * 31)\n\n * 731\n\nIf you specify a retention period such as 94, which isn't a valid value,\nRDS issues an error.\n\nThis setting doesn't apply to RDS Custom." + description: "The number of days to retain Performance Insights data.\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n * 7\n\n * month * 31, where month is a number of months from 1-23. Examples: 93\n (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)\n\n * 731\n\nDefault: 7 days\n\nIf you specify a retention period that isn't valid, such as 94, Amazon RDS\nreturns an error." format: "int64" type: "integer" port: - description: "The port number on which the database accepts connections.\n\nMySQL\n\nDefault: 3306\n\nValid values: 1150-65535\n\nType: Integer\n\nMariaDB\n\nDefault: 3306\n\nValid values: 1150-65535\n\nType: Integer\n\nPostgreSQL\n\nDefault: 5432\n\nValid values: 1150-65535\n\nType: Integer\n\nOracle\n\nDefault: 1521\n\nValid values: 1150-65535\n\nSQL Server\n\nDefault: 1433\n\nValid values: 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and\n49152-49156.\n\nAmazon Aurora\n\nDefault: 3306\n\nValid values: 1150-65535\n\nType: Integer" + description: "The port number on which the database accepts connections.\n\nThis setting doesn't apply to Aurora DB instances. The port number is managed\nby the cluster.\n\nValid Values: 1150-65535\n\nDefault:\n\n * RDS for Db2 - 50000\n\n * RDS for MariaDB - 3306\n\n * RDS for Microsoft SQL Server - 1433\n\n * RDS for MySQL - 3306\n\n * RDS for Oracle - 1521\n\n * RDS for PostgreSQL - 5432\n\nConstraints:\n\n * For RDS for Microsoft SQL Server, the value can't be 1234, 1434, 3260,\n 3343, 3389, 47001, or 49152-49156." format: "int64" type: "integer" preSignedURL: - description: "When you are creating a read replica from one Amazon Web Services GovCloud\n(US) Region to another or from one China Amazon Web Services Region to another,\nthe URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica\nAPI operation in the source Amazon Web Services Region that contains the\nsource DB instance.\n\nThis setting applies only to Amazon Web Services GovCloud (US) Regions and\nChina Amazon Web Services Regions. It's ignored in other Amazon Web Services\nRegions.\n\nThis setting applies only when replicating from a source DB instance. Source\nDB clusters aren't supported in Amazon Web Services GovCloud (US) Regions\nand China Amazon Web Services Regions.\n\nYou must specify this parameter when you create an encrypted read replica\nfrom another Amazon Web Services Region by using the Amazon RDS API. Don't\nspecify PreSignedUrl when you are creating an encrypted read replica in the\nsame Amazon Web Services Region.\n\nThe presigned URL must be a valid request for the CreateDBInstanceReadReplica\nAPI operation that can run in the source Amazon Web Services Region that\ncontains the encrypted source DB instance. The presigned URL request must\ncontain the following parameter values:\n\n * DestinationRegion - The Amazon Web Services Region that the encrypted\n read replica is created in. This Amazon Web Services Region is the same\n one where the CreateDBInstanceReadReplica operation is called that contains\n this presigned URL. For example, if you create an encrypted DB instance\n in the us-west-1 Amazon Web Services Region, from a source DB instance\n in the us-east-2 Amazon Web Services Region, then you call the CreateDBInstanceReadReplica\n operation in the us-east-1 Amazon Web Services Region and provide a presigned\n URL that contains a call to the CreateDBInstanceReadReplica operation\n in the us-west-2 Amazon Web Services Region. For this example, the DestinationRegion\n in the presigned URL must be set to the us-east-1 Amazon Web Services\n Region.\n\n * KmsKeyId - The KMS key identifier for the key to use to encrypt the\n read replica in the destination Amazon Web Services Region. This is the\n same identifier for both the CreateDBInstanceReadReplica operation that\n is called in the destination Amazon Web Services Region, and the operation\n contained in the presigned URL.\n\n * SourceDBInstanceIdentifier - The DB instance identifier for the encrypted\n DB instance to be replicated. This identifier must be in the Amazon Resource\n Name (ARN) format for the source Amazon Web Services Region. For example,\n if you are creating an encrypted read replica from a DB instance in the\n us-west-2 Amazon Web Services Region, then your SourceDBInstanceIdentifier\n looks like the following example: arn:aws:rds:us-west-2:123456789012:instance:mysql-instance1-20161115.\n\nTo learn how to generate a Signature Version 4 signed request, see Authenticating\nRequests: Using Query Parameters (Amazon Web Services Signature Version 4)\n(https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html)\nand Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).\n\nIf you are using an Amazon Web Services SDK tool or the CLI, you can specify\nSourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl\nmanually. Specifying SourceRegion autogenerates a presigned URL that is a\nvalid request for the operation that can run in the source Amazon Web Services\nRegion.\n\nSourceRegion isn't supported for SQL Server, because Amazon RDS for SQL Server\ndoesn't support cross-Region read replicas.\n\nThis setting doesn't apply to RDS Custom." + description: "When you are creating a read replica from one Amazon Web Services GovCloud\n(US) Region to another or from one China Amazon Web Services Region to another,\nthe URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica\nAPI operation in the source Amazon Web Services Region that contains the\nsource DB instance.\n\nThis setting applies only to Amazon Web Services GovCloud (US) Regions and\nChina Amazon Web Services Regions. It's ignored in other Amazon Web Services\nRegions.\n\nThis setting applies only when replicating from a source DB instance. Source\nDB clusters aren't supported in Amazon Web Services GovCloud (US) Regions\nand China Amazon Web Services Regions.\n\nYou must specify this parameter when you create an encrypted read replica\nfrom another Amazon Web Services Region by using the Amazon RDS API. Don't\nspecify PreSignedUrl when you are creating an encrypted read replica in the\nsame Amazon Web Services Region.\n\nThe presigned URL must be a valid request for the CreateDBInstanceReadReplica\nAPI operation that can run in the source Amazon Web Services Region that\ncontains the encrypted source DB instance. The presigned URL request must\ncontain the following parameter values:\n\n * DestinationRegion - The Amazon Web Services Region that the encrypted\n read replica is created in. This Amazon Web Services Region is the same\n one where the CreateDBInstanceReadReplica operation is called that contains\n this presigned URL. For example, if you create an encrypted DB instance\n in the us-west-1 Amazon Web Services Region, from a source DB instance\n in the us-east-2 Amazon Web Services Region, then you call the CreateDBInstanceReadReplica\n operation in the us-east-1 Amazon Web Services Region and provide a presigned\n URL that contains a call to the CreateDBInstanceReadReplica operation\n in the us-west-2 Amazon Web Services Region. For this example, the DestinationRegion\n in the presigned URL must be set to the us-east-1 Amazon Web Services\n Region.\n\n * KmsKeyId - The KMS key identifier for the key to use to encrypt the\n read replica in the destination Amazon Web Services Region. This is the\n same identifier for both the CreateDBInstanceReadReplica operation that\n is called in the destination Amazon Web Services Region, and the operation\n contained in the presigned URL.\n\n * SourceDBInstanceIdentifier - The DB instance identifier for the encrypted\n DB instance to be replicated. This identifier must be in the Amazon Resource\n Name (ARN) format for the source Amazon Web Services Region. For example,\n if you are creating an encrypted read replica from a DB instance in the\n us-west-2 Amazon Web Services Region, then your SourceDBInstanceIdentifier\n looks like the following example: arn:aws:rds:us-west-2:123456789012:instance:mysql-instance1-20161115.\n\nTo learn how to generate a Signature Version 4 signed request, see Authenticating\nRequests: Using Query Parameters (Amazon Web Services Signature Version 4)\n(https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html)\nand Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).\n\nIf you are using an Amazon Web Services SDK tool or the CLI, you can specify\nSourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl\nmanually. Specifying SourceRegion autogenerates a presigned URL that is a\nvalid request for the operation that can run in the source Amazon Web Services\nRegion.\n\nThis setting doesn't apply to RDS Custom DB instances." type: "string" preferredBackupWindow: - description: "The daily time range during which automated backups are created if automated\nbackups are enabled, using the BackupRetentionPeriod parameter. The default\nis a 30-minute window selected at random from an 8-hour block of time for\neach Amazon Web Services Region. For more information, see Backup window\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow)\nin the Amazon RDS User Guide.\n\nAmazon Aurora\n\nNot applicable. The daily time range for creating automated backups is managed\nby the DB cluster.\n\nConstraints:\n\n * Must be in the format hh24:mi-hh24:mi.\n\n * Must be in Universal Coordinated Time (UTC).\n\n * Must not conflict with the preferred maintenance window.\n\n * Must be at least 30 minutes." + description: "The daily time range during which automated backups are created if automated\nbackups are enabled, using the BackupRetentionPeriod parameter. The default\nis a 30-minute window selected at random from an 8-hour block of time for\neach Amazon Web Services Region. For more information, see Backup window\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow)\nin the Amazon RDS User Guide.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The daily time\nrange for creating automated backups is managed by the DB cluster.\n\nConstraints:\n\n * Must be in the format hh24:mi-hh24:mi.\n\n * Must be in Universal Coordinated Time (UTC).\n\n * Must not conflict with the preferred maintenance window.\n\n * Must be at least 30 minutes." type: "string" preferredMaintenanceWindow: - description: "The time range each week during which system maintenance can occur, in Universal\nCoordinated Time (UTC). For more information, see Amazon RDS Maintenance\nWindow (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance).\n\nFormat: ddd:hh24:mi-ddd:hh24:mi\n\nThe default is a 30-minute window selected at random from an 8-hour block\nof time for each Amazon Web Services Region, occurring on a random day of\nthe week.\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window." + description: "The time range each week during which system maintenance can occur. For more\ninformation, see Amazon RDS Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance)\nin the Amazon RDS User Guide.\n\nThe default is a 30-minute window selected at random from an 8-hour block\nof time for each Amazon Web Services Region, occurring on a random day of\nthe week.\n\nConstraints:\n\n * Must be in the format ddd:hh24:mi-ddd:hh24:mi.\n\n * The day values must be mon | tue | wed | thu | fri | sat | sun.\n\n * Must be in Universal Coordinated Time (UTC).\n\n * Must not conflict with the preferred backup window.\n\n * Must be at least 30 minutes." type: "string" processorFeatures: - description: "The number of CPU cores and the number of threads per core for the DB instance\nclass of the DB instance.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable." + description: "The number of CPU cores and the number of threads per core for the DB instance\nclass of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances." items: - description: "Contains the processor features of a DB instance class.\n\nTo specify the number of CPU cores, use the coreCount feature name for the\nName parameter. To specify the number of threads per core, use the threadsPerCore\nfeature name for the Name parameter.\n\nYou can set the processor features of the DB instance class for a DB instance\nwhen you call one of the following actions:\n\n * CreateDBInstance\n\n * ModifyDBInstance\n\n * RestoreDBInstanceFromDBSnapshot\n\n * RestoreDBInstanceFromS3\n\n * RestoreDBInstanceToPointInTime\n\nYou can view the valid processor values for a particular instance class by\ncalling the DescribeOrderableDBInstanceOptions action and specifying the\ninstance class for the DBInstanceClass parameter.\n\nIn addition, you can use the following actions for DB instance class processor\ninformation:\n\n * DescribeDBInstances\n\n * DescribeDBSnapshots\n\n * DescribeValidDBInstanceModifications\n\nIf you call DescribeDBInstances, ProcessorFeature returns non-null values\nonly if the following conditions are met:\n\n * You are accessing an Oracle DB instance.\n\n * Your Oracle DB instance class supports configuring the number of CPU\n cores and threads per core.\n\n * The current number CPU cores and threads is set to a non-default value.\n\nFor more information, see Configuring the Processor of the DB Instance Class\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor)\nin the Amazon RDS User Guide." + description: "Contains the processor features of a DB instance class.\n\nTo specify the number of CPU cores, use the coreCount feature name for the\nName parameter. To specify the number of threads per core, use the threadsPerCore\nfeature name for the Name parameter.\n\nYou can set the processor features of the DB instance class for a DB instance\nwhen you call one of the following actions:\n\n * CreateDBInstance\n\n * ModifyDBInstance\n\n * RestoreDBInstanceFromDBSnapshot\n\n * RestoreDBInstanceFromS3\n\n * RestoreDBInstanceToPointInTime\n\nYou can view the valid processor values for a particular instance class by\ncalling the DescribeOrderableDBInstanceOptions action and specifying the\ninstance class for the DBInstanceClass parameter.\n\nIn addition, you can use the following actions for DB instance class processor\ninformation:\n\n * DescribeDBInstances\n\n * DescribeDBSnapshots\n\n * DescribeValidDBInstanceModifications\n\nIf you call DescribeDBInstances, ProcessorFeature returns non-null values\nonly if the following conditions are met:\n\n * You are accessing an Oracle DB instance.\n\n * Your Oracle DB instance class supports configuring the number of CPU\n cores and threads per core.\n\n * The current number CPU cores and threads is set to a non-default value.\n\nFor more information, see Configuring the processor for a DB instance class\nin RDS for Oracle (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor)\nin the Amazon RDS User Guide." properties: name: type: "string" @@ -256,35 +259,35 @@ spec: type: "object" type: "array" promotionTier: - description: "A value that specifies the order in which an Aurora Replica is promoted to\nthe primary instance after a failure of the existing primary instance. For\nmore information, see Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance)\nin the Amazon Aurora User Guide.\n\nThis setting doesn't apply to RDS Custom.\n\nDefault: 1\n\nValid Values: 0 - 15" + description: "The order of priority in which an Aurora Replica is promoted to the primary\ninstance after a failure of the existing primary instance. For more information,\nsee Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance)\nin the Amazon Aurora User Guide.\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: 1\n\nValid Values: 0 - 15" format: "int64" type: "integer" publiclyAccessible: - description: "A value that indicates whether the DB instance is publicly accessible.\n\nWhen the DB instance is publicly accessible, its Domain Name System (DNS)\nendpoint resolves to the private IP address from within the DB instance's\nvirtual private cloud (VPC). It resolves to the public IP address from outside\nof the DB instance's VPC. Access to the DB instance is ultimately controlled\nby the security group it uses. That public access is not permitted if the\nsecurity group assigned to the DB instance doesn't permit it.\n\nWhen the DB instance isn't publicly accessible, it is an internal DB instance\nwith a DNS name that resolves to a private IP address.\n\nDefault: The default behavior varies depending on whether DBSubnetGroupName\nis specified.\n\nIf DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the default VPC in the target Region doesn’t have an internet gateway\n attached to it, the DB instance is private.\n\n * If the default VPC in the target Region has an internet gateway attached\n to it, the DB instance is public.\n\nIf DBSubnetGroupName is specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the subnets are part of a VPC that doesn’t have an internet gateway\n attached to it, the DB instance is private.\n\n * If the subnets are part of a VPC that has an internet gateway attached\n to it, the DB instance is public." + description: "Specifies whether the DB instance is publicly accessible.\n\nWhen the DB instance is publicly accessible and you connect from outside\nof the DB instance's virtual private cloud (VPC), its Domain Name System\n(DNS) endpoint resolves to the public IP address. When you connect from within\nthe same VPC as the DB instance, the endpoint resolves to the private IP\naddress. Access to the DB instance is ultimately controlled by the security\ngroup it uses. That public access is not permitted if the security group\nassigned to the DB instance doesn't permit it.\n\nWhen the DB instance isn't publicly accessible, it is an internal DB instance\nwith a DNS name that resolves to a private IP address.\n\nDefault: The default behavior varies depending on whether DBSubnetGroupName\nis specified.\n\nIf DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the default VPC in the target Region doesn’t have an internet gateway\n attached to it, the DB instance is private.\n\n * If the default VPC in the target Region has an internet gateway attached\n to it, the DB instance is public.\n\nIf DBSubnetGroupName is specified, and PubliclyAccessible isn't specified,\nthe following applies:\n\n * If the subnets are part of a VPC that doesn’t have an internet gateway\n attached to it, the DB instance is private.\n\n * If the subnets are part of a VPC that has an internet gateway attached\n to it, the DB instance is public." type: "boolean" replicaMode: description: "The open mode of the replica database: mounted or read-only.\n\nThis parameter is only supported for Oracle DB instances.\n\nMounted DB replicas are included in Oracle Database Enterprise Edition. The\nmain use case for mounted replicas is cross-Region disaster recovery. The\nprimary database doesn't use Active Data Guard to transmit information to\nthe mounted replica. Because it doesn't accept user connections, a mounted\nreplica can't serve a read-only workload.\n\nYou can create a combination of mounted and read-only DB replicas for the\nsame primary DB instance. For more information, see Working with Oracle Read\nReplicas for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html)\nin the Amazon RDS User Guide.\n\nFor RDS Custom, you must specify this parameter and set it to mounted. The\nvalue won't be set by default. After replica creation, you can manage the\nopen mode manually." type: "string" sourceDBInstanceIdentifier: - description: "The identifier of the DB instance that will act as the source for the read\nreplica. Each DB instance can have up to 15 read replicas, with the exception\nof Oracle and SQL Server, which can have up to five.\n\nConstraints:\n\n * Must be the identifier of an existing MySQL, MariaDB, Oracle, PostgreSQL,\n or SQL Server DB instance.\n\n * Can't be specified if the SourceDBClusterIdentifier parameter is also\n specified.\n\n * For the limitations of Oracle read replicas, see Version and licensing\n considerations for RDS for Oracle replicas (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.limitations.html#oracle-read-replicas.limitations.versions-and-licenses)\n in the Amazon RDS User Guide.\n\n * For the limitations of SQL Server read replicas, see Read replica limitations\n with SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.ReadReplicas.html#SQLServer.ReadReplicas.Limitations)\n in the Amazon RDS User Guide.\n\n * The specified DB instance must have automatic backups enabled, that\n is, its backup retention period must be greater than 0.\n\n * If the source DB instance is in the same Amazon Web Services Region\n as the read replica, specify a valid DB instance identifier.\n\n * If the source DB instance is in a different Amazon Web Services Region\n from the read replica, specify a valid DB instance ARN. For more information,\n see Constructing an ARN for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.ARN.html#USER_Tagging.ARN.Constructing)\n in the Amazon RDS User Guide. This doesn't apply to SQL Server or RDS\n Custom, which don't support cross-Region replicas." + description: "The identifier of the DB instance that will act as the source for the read\nreplica. Each DB instance can have up to 15 read replicas, with the exception\nof Oracle and SQL Server, which can have up to five.\n\nConstraints:\n\n * Must be the identifier of an existing Db2, MariaDB, MySQL, Oracle, PostgreSQL,\n or SQL Server DB instance.\n\n * Can't be specified if the SourceDBClusterIdentifier parameter is also\n specified.\n\n * For the limitations of Oracle read replicas, see Version and licensing\n considerations for RDS for Oracle replicas (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.limitations.html#oracle-read-replicas.limitations.versions-and-licenses)\n in the Amazon RDS User Guide.\n\n * For the limitations of SQL Server read replicas, see Read replica limitations\n with SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.ReadReplicas.html#SQLServer.ReadReplicas.Limitations)\n in the Amazon RDS User Guide.\n\n * The specified DB instance must have automatic backups enabled, that\n is, its backup retention period must be greater than 0.\n\n * If the source DB instance is in the same Amazon Web Services Region\n as the read replica, specify a valid DB instance identifier.\n\n * If the source DB instance is in a different Amazon Web Services Region\n from the read replica, specify a valid DB instance ARN. For more information,\n see Constructing an ARN for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.ARN.html#USER_Tagging.ARN.Constructing)\n in the Amazon RDS User Guide. This doesn't apply to SQL Server or RDS\n Custom, which don't support cross-Region replicas." type: "string" sourceRegion: description: "SourceRegion is the source region where the resource exists. This is not\nsent over the wire and is only used for presigning. This value should always\nhave the same region as the source ARN." type: "string" storageEncrypted: - description: "A value that indicates whether the DB instance is encrypted. By default,\nit isn't encrypted.\n\nFor RDS Custom instances, either set this parameter to true or leave it unset.\nIf you set this parameter to false, RDS reports an error.\n\nAmazon Aurora\n\nNot applicable. The encryption for DB instances is managed by the DB cluster." + description: "Specifes whether the DB instance is encrypted. By default, it isn't encrypted.\n\nFor RDS Custom DB instances, either enable this setting or leave it unset.\nOtherwise, Amazon RDS reports an error.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The encryption\nfor DB instances is managed by the DB cluster." type: "boolean" storageThroughput: - description: "Specifies the storage throughput value for the DB instance.\n\nThis setting applies only to the gp3 storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora." + description: "The storage throughput value for the DB instance.\n\nThis setting applies only to the gp3 storage type.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances." format: "int64" type: "integer" storageType: - description: "Specifies the storage type to be associated with the DB instance.\n\nValid values: gp2 | gp3 | io1 | standard\n\nIf you specify io1 or gp3, you must also include a value for the Iops parameter.\n\nDefault: io1 if the Iops parameter is specified, otherwise gp2\n\nAmazon Aurora\n\nNot applicable. Storage is managed by the DB cluster." + description: "The storage type to associate with the DB instance.\n\nIf you specify io1, io2, or gp3, you must also include a value for the Iops\nparameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed\nby the DB cluster.\n\nValid Values: gp2 | gp3 | io1 | io2 | standard\n\nDefault: io1, if the Iops parameter is specified. Otherwise, gp2." type: "string" tags: description: "Tags to assign to the DB instance." items: - description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide." + description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html)\nin the Amazon Aurora User Guide." properties: key: type: "string" @@ -293,19 +296,19 @@ spec: type: "object" type: "array" tdeCredentialARN: - description: "The ARN from the key store with which to associate the instance for TDE encryption.\n\nThis setting doesn't apply to RDS Custom.\n\nAmazon Aurora\n\nNot applicable." + description: "The ARN from the key store with which to associate the instance for TDE encryption.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances." type: "string" tdeCredentialPassword: - description: "The password for the given ARN from the key store in order to access the\ndevice.\n\nThis setting doesn't apply to RDS Custom." + description: "The password for the given ARN from the key store in order to access the\ndevice.\n\nThis setting doesn't apply to RDS Custom DB instances." type: "string" timezone: - description: "The time zone of the DB instance. The time zone parameter is currently supported\nonly by Microsoft SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)." + description: "The time zone of the DB instance. The time zone parameter is currently supported\nonly by RDS for Db2 (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone)\nand RDS for SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)." type: "string" useDefaultProcessorFeatures: - description: "A value that indicates whether the DB instance class of the DB instance uses\nits default processor features.\n\nThis setting doesn't apply to RDS Custom." + description: "Specifies whether the DB instance class of the DB instance uses its default\nprocessor features.\n\nThis setting doesn't apply to RDS Custom." type: "boolean" vpcSecurityGroupIDs: - description: "A list of Amazon EC2 VPC security groups to associate with this DB instance.\n\nAmazon Aurora\n\nNot applicable. The associated list of EC2 VPC security groups is managed\nby the DB cluster.\n\nDefault: The default EC2 VPC security group for the DB subnet group's VPC." + description: "A list of Amazon EC2 VPC security groups to associate with this DB instance.\n\nThis setting doesn't apply to Amazon Aurora DB instances. The associated\nlist of EC2 VPC security groups is managed by the DB cluster.\n\nDefault: The default EC2 VPC security group for the DB subnet group's VPC." items: type: "string" type: "array" @@ -368,7 +371,7 @@ spec: associatedRoles: description: "The Amazon Web Services Identity and Access Management (IAM) roles associated\nwith the DB instance." items: - description: "Describes an Amazon Web Services Identity and Access Management (IAM) role\nthat is associated with a DB instance." + description: "Information about an Amazon Web Services Identity and Access Management (IAM)\nrole that is associated with a DB instance." properties: featureName: type: "string" @@ -398,7 +401,7 @@ spec: type: "string" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -424,7 +427,7 @@ spec: type: "object" type: "array" customerOwnedIPEnabled: - description: "Specifies whether a customer-owned IP address (CoIP) is enabled for an RDS\non Outposts DB instance.\n\nA CoIP provides local or external connectivity to resources in your Outpost\nsubnets through your on-premises network. For some use cases, a CoIP can\nprovide lower latency for connections to the DB instance from outside of\nits virtual private cloud (VPC) on your local network.\n\nFor more information about RDS on Outposts, see Working with Amazon RDS on\nAmazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)\nin the Amazon RDS User Guide.\n\nFor more information about CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing)\nin the Amazon Web Services Outposts User Guide." + description: "Indicates whether a customer-owned IP address (CoIP) is enabled for an RDS\non Outposts DB instance.\n\nA CoIP provides local or external connectivity to resources in your Outpost\nsubnets through your on-premises network. For some use cases, a CoIP can\nprovide lower latency for connections to the DB instance from outside of\nits virtual private cloud (VPC) on your local network.\n\nFor more information about RDS on Outposts, see Working with Amazon RDS on\nAmazon Web Services Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)\nin the Amazon RDS User Guide.\n\nFor more information about CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing)\nin the Amazon Web Services Outposts User Guide." type: "boolean" dbInstanceAutomatedBackupsReplications: description: "The list of replicated automated backups associated with the DB instance." @@ -436,14 +439,14 @@ spec: type: "object" type: "array" dbInstancePort: - description: "Specifies the port that the DB instance listens on. If the DB instance is\npart of a DB cluster, this can be a different port than the DB cluster port." + description: "The port that the DB instance listens on. If the DB instance is part of a\nDB cluster, this can be a different port than the DB cluster port." format: "int64" type: "integer" dbInstanceStatus: - description: "Specifies the current state of this database.\n\nFor information about DB instance statuses, see Viewing DB instance status\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/accessing-monitoring.html#Overview.DBInstance.Status)\nin the Amazon RDS User Guide." + description: "The current state of this database.\n\nFor information about DB instance statuses, see Viewing DB instance status\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/accessing-monitoring.html#Overview.DBInstance.Status)\nin the Amazon RDS User Guide." type: "string" dbParameterGroups: - description: "Provides the list of DB parameter groups applied to this DB instance." + description: "The list of DB parameter groups applied to this DB instance." items: description: "The status of the DB parameter group.\n\nThis data type is used as a response element in the following actions:\n\n * CreateDBInstance\n\n * CreateDBInstanceReadReplica\n\n * DeleteDBInstance\n\n * ModifyDBInstance\n\n * RebootDBInstance\n\n * RestoreDBInstanceFromDBSnapshot" properties: @@ -454,7 +457,7 @@ spec: type: "object" type: "array" dbSubnetGroup: - description: "Specifies information on the subnet group associated with the DB instance,\nincluding the name, description, and subnets in the subnet group." + description: "Information about the subnet group associated with the DB instance, including\nthe name, description, and subnets in the subnet group." properties: dbSubnetGroupARN: type: "string" @@ -494,7 +497,7 @@ spec: type: "string" type: "object" dbSystemID: - description: "The Oracle system ID (Oracle SID) for a container database (CDB). The Oracle\nSID is also the name of the CDB. This setting is valid for RDS Custom only." + description: "The Oracle system ID (Oracle SID) for a container database (CDB). The Oracle\nSID is also the name of the CDB. This setting is only valid for RDS Custom\nDB instances." type: "string" dbiResourceID: description: "The Amazon Web Services Region-unique, immutable identifier for the DB instance.\nThis identifier is found in Amazon Web Services CloudTrail log entries whenever\nthe Amazon Web Services KMS key for the DB instance is accessed." @@ -515,12 +518,12 @@ spec: type: "object" type: "array" enabledCloudwatchLogsExports: - description: "A list of log types that this DB instance is configured to export to CloudWatch\nLogs.\n\nLog types vary by DB engine. For information about the log types for each\nDB engine, see Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html)\nin the Amazon RDS User Guide." + description: "A list of log types that this DB instance is configured to export to CloudWatch\nLogs.\n\nLog types vary by DB engine. For information about the log types for each\nDB engine, see Monitoring Amazon RDS log files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html)\nin the Amazon RDS User Guide." items: type: "string" type: "array" endpoint: - description: "Specifies the connection endpoint.\n\nThe endpoint might not be shown for instances whose status is creating." + description: "The connection endpoint for the DB instance.\n\nThe endpoint might not be shown for instances with the status of creating." properties: address: type: "string" @@ -534,18 +537,18 @@ spec: description: "The Amazon Resource Name (ARN) of the Amazon CloudWatch Logs log stream that\nreceives the Enhanced Monitoring metrics data for the DB instance." type: "string" iamDatabaseAuthenticationEnabled: - description: "True if mapping of Amazon Web Services Identity and Access Management (IAM)\naccounts to database accounts is enabled, and otherwise false.\n\nIAM database authentication can be enabled for the following database engines\n\n * For MySQL 5.6, minor version 5.6.34 or higher\n\n * For MySQL 5.7, minor version 5.7.16 or higher\n\n * Aurora 5.6 or higher. To enable IAM database authentication for Aurora,\n see DBCluster Type." + description: "Indicates whether mapping of Amazon Web Services Identity and Access Management\n(IAM) accounts to database accounts is enabled for the DB instance.\n\nFor a list of engine versions that support IAM database authentication, see\nIAM database authentication (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RDS_Fea_Regions_DB-eng.Feature.IamDatabaseAuthentication.html)\nin the Amazon RDS User Guide and IAM database authentication in Aurora (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.Aurora_Fea_Regions_DB-eng.Feature.IAMdbauth.html)\nin the Amazon Aurora User Guide." type: "boolean" instanceCreateTime: - description: "Provides the date and time the DB instance was created." + description: "The date and time when the DB instance was created." format: "date-time" type: "string" latestRestorableTime: - description: "Specifies the latest time to which a database can be restored with point-in-time\nrestore." + description: "The latest time to which a database in this DB instance can be restored with\npoint-in-time restore." format: "date-time" type: "string" listenerEndpoint: - description: "Specifies the listener connection endpoint for SQL Server Always On." + description: "The listener connection endpoint for SQL Server Always On." properties: address: type: "string" @@ -556,7 +559,7 @@ spec: type: "integer" type: "object" masterUserSecret: - description: "Contains the secret managed by RDS in Amazon Web Services Secrets Manager\nfor the master user password.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide." + description: "The secret managed by RDS in Amazon Web Services Secrets Manager for the\nmaster user password.\n\nFor more information, see Password management with Amazon Web Services Secrets\nManager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html)\nin the Amazon RDS User Guide." properties: kmsKeyID: type: "string" @@ -566,7 +569,7 @@ spec: type: "string" type: "object" optionGroupMemberships: - description: "Provides the list of option group memberships for this DB instance." + description: "The list of option group memberships for this DB instance." items: description: "Provides information on the option groups the DB instance is a member of." properties: @@ -577,7 +580,7 @@ spec: type: "object" type: "array" pendingModifiedValues: - description: "A value that specifies that changes to the DB instance are pending. This\nelement is only included when changes are pending. Specific changes are identified\nby subelements." + description: "Information about pending changes to the DB instance. This information is\nreturned only when there are pending changes. Specific changes are identified\nby subelements." properties: allocatedStorage: format: "int64" @@ -625,7 +628,7 @@ spec: type: "integer" processorFeatures: items: - description: "Contains the processor features of a DB instance class.\n\nTo specify the number of CPU cores, use the coreCount feature name for the\nName parameter. To specify the number of threads per core, use the threadsPerCore\nfeature name for the Name parameter.\n\nYou can set the processor features of the DB instance class for a DB instance\nwhen you call one of the following actions:\n\n * CreateDBInstance\n\n * ModifyDBInstance\n\n * RestoreDBInstanceFromDBSnapshot\n\n * RestoreDBInstanceFromS3\n\n * RestoreDBInstanceToPointInTime\n\nYou can view the valid processor values for a particular instance class by\ncalling the DescribeOrderableDBInstanceOptions action and specifying the\ninstance class for the DBInstanceClass parameter.\n\nIn addition, you can use the following actions for DB instance class processor\ninformation:\n\n * DescribeDBInstances\n\n * DescribeDBSnapshots\n\n * DescribeValidDBInstanceModifications\n\nIf you call DescribeDBInstances, ProcessorFeature returns non-null values\nonly if the following conditions are met:\n\n * You are accessing an Oracle DB instance.\n\n * Your Oracle DB instance class supports configuring the number of CPU\n cores and threads per core.\n\n * The current number CPU cores and threads is set to a non-default value.\n\nFor more information, see Configuring the Processor of the DB Instance Class\n(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor)\nin the Amazon RDS User Guide." + description: "Contains the processor features of a DB instance class.\n\nTo specify the number of CPU cores, use the coreCount feature name for the\nName parameter. To specify the number of threads per core, use the threadsPerCore\nfeature name for the Name parameter.\n\nYou can set the processor features of the DB instance class for a DB instance\nwhen you call one of the following actions:\n\n * CreateDBInstance\n\n * ModifyDBInstance\n\n * RestoreDBInstanceFromDBSnapshot\n\n * RestoreDBInstanceFromS3\n\n * RestoreDBInstanceToPointInTime\n\nYou can view the valid processor values for a particular instance class by\ncalling the DescribeOrderableDBInstanceOptions action and specifying the\ninstance class for the DBInstanceClass parameter.\n\nIn addition, you can use the following actions for DB instance class processor\ninformation:\n\n * DescribeDBInstances\n\n * DescribeDBSnapshots\n\n * DescribeValidDBInstanceModifications\n\nIf you call DescribeDBInstances, ProcessorFeature returns non-null values\nonly if the following conditions are met:\n\n * You are accessing an Oracle DB instance.\n\n * Your Oracle DB instance class supports configuring the number of CPU\n cores and threads per core.\n\n * The current number CPU cores and threads is set to a non-default value.\n\nFor more information, see Configuring the processor for a DB instance class\nin RDS for Oracle (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor)\nin the Amazon RDS User Guide." properties: name: type: "string" @@ -643,20 +646,20 @@ spec: type: "string" type: "object" readReplicaDBClusterIdentifiers: - description: "Contains one or more identifiers of Aurora DB clusters to which the RDS DB\ninstance is replicated as a read replica. For example, when you create an\nAurora read replica of an RDS for MySQL DB instance, the Aurora MySQL DB\ncluster for the Aurora read replica is shown. This output doesn't contain\ninformation about cross-Region Aurora read replicas.\n\nCurrently, each RDS DB instance can have only one Aurora read replica." + description: "The identifiers of Aurora DB clusters to which the RDS DB instance is replicated\nas a read replica. For example, when you create an Aurora read replica of\nan RDS for MySQL DB instance, the Aurora MySQL DB cluster for the Aurora\nread replica is shown. This output doesn't contain information about cross-Region\nAurora read replicas.\n\nCurrently, each RDS DB instance can have only one Aurora read replica." items: type: "string" type: "array" readReplicaDBInstanceIdentifiers: - description: "Contains one or more identifiers of the read replicas associated with this\nDB instance." + description: "The identifiers of the read replicas associated with this DB instance." items: type: "string" type: "array" readReplicaSourceDBClusterIdentifier: - description: "Contains the identifier of the source DB cluster if this DB instance is a\nread replica." + description: "The identifier of the source DB cluster if this DB instance is a read replica." type: "string" readReplicaSourceDBInstanceIdentifier: - description: "Contains the identifier of the source DB instance if this DB instance is\na read replica." + description: "The identifier of the source DB instance if this DB instance is a read replica." type: "string" resumeFullAutomationModeTime: description: "The number of minutes to pause the automation. When the time period ends,\nRDS Custom resumes full automation. The minimum value is 60 (default). The\nmaximum value is 1,440." @@ -666,7 +669,7 @@ spec: description: "If present, specifies the name of the secondary Availability Zone for a DB\ninstance with multi-AZ support." type: "string" statusInfos: - description: "The status of a read replica. If the instance isn't a read replica, this\nis blank." + description: "The status of a read replica. If the DB instance isn't a read replica, the\nvalue is blank." items: description: "Provides a list of status information for a DB instance." properties: @@ -681,7 +684,7 @@ spec: type: "object" type: "array" vpcSecurityGroups: - description: "Provides a list of VPC security group elements that the DB instance belongs\nto." + description: "The list of Amazon EC2 VPC security groups that the DB instance belongs to." items: description: "This data type is used as a response element for queries on VPC security\ngroup membership." properties: diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbparametergroups.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbparametergroups.yaml index 9b353e2bf..58e120d5d 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbparametergroups.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbparametergroups.yaml @@ -33,7 +33,7 @@ spec: description: "The description for the DB parameter group." type: "string" family: - description: "The DB parameter group family name. A DB parameter group can be associated\nwith one and only one DB parameter group family, and can be applied only\nto a DB instance running a database engine and engine version compatible\nwith that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use\nthe following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine \n\nFor example, to list all of the available parameter group families for the\nMySQL DB engine, use the following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine mysql\n\nThe output contains duplicates.\n\nThe following are the valid DB engine values:\n\n * aurora (for MySQL 5.6-compatible Aurora)\n\n * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)\n\n * aurora-postgresql\n\n * mariadb\n\n * mysql\n\n * oracle-ee\n\n * oracle-ee-cdb\n\n * oracle-se2\n\n * oracle-se2-cdb\n\n * postgres\n\n * sqlserver-ee\n\n * sqlserver-se\n\n * sqlserver-ex\n\n * sqlserver-web" + description: "The DB parameter group family name. A DB parameter group can be associated\nwith one and only one DB parameter group family, and can be applied only\nto a DB instance running a database engine and engine version compatible\nwith that DB parameter group family.\n\nTo list all of the available parameter group families for a DB engine, use\nthe following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine\n\nFor example, to list all of the available parameter group families for the\nMySQL DB engine, use the following command:\n\naws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"\n--engine mysql\n\nThe output contains duplicates.\n\nThe following are the valid DB engine values:\n\n * aurora-mysql\n\n * aurora-postgresql\n\n * db2-ae\n\n * db2-se\n\n * mysql\n\n * oracle-ee\n\n * oracle-ee-cdb\n\n * oracle-se2\n\n * oracle-se2-cdb\n\n * postgres\n\n * sqlserver-ee\n\n * sqlserver-se\n\n * sqlserver-ex\n\n * sqlserver-web" type: "string" name: description: "The name of the DB parameter group.\n\nConstraints:\n\n * Must be 1 to 255 letters, numbers, or hyphens.\n\n * First character must be a letter\n\n * Can't end with a hyphen or contain two consecutive hyphens\n\nThis value is stored as a lowercase string." @@ -45,7 +45,7 @@ spec: tags: description: "Tags to assign to the DB parameter group." items: - description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide." + description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html)\nin the Amazon Aurora User Guide." properties: key: type: "string" @@ -78,7 +78,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbproxies.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbproxies.yaml index 217b9d1e7..6ac0d040c 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbproxies.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbproxies.yaml @@ -49,7 +49,7 @@ spec: type: "object" type: "array" debugLogging: - description: "Whether the proxy includes detailed information about SQL statements in its\nlogs. This information helps you to debug issues involving SQL behavior or\nthe performance and scalability of the proxy connections. The debug information\nincludes the text of SQL statements that you submit through the proxy. Thus,\nonly enable this setting when needed for debugging, and only when you have\nsecurity measures in place to safeguard any sensitive information that appears\nin the logs." + description: "Specifies whether the proxy includes detailed information about SQL statements\nin its logs. This information helps you to debug issues involving SQL behavior\nor the performance and scalability of the proxy connections. The debug information\nincludes the text of SQL statements that you submit through the proxy. Thus,\nonly enable this setting when needed for debugging, and only when you have\nsecurity measures in place to safeguard any sensitive information that appears\nin the logs." type: "boolean" engineFamily: description: "The kinds of databases that the proxy can connect to. This value determines\nwhich database network protocol the proxy recognizes when it interprets network\ntraffic to and from the database. For Aurora MySQL, RDS for MariaDB, and\nRDS for MySQL databases, specify MYSQL. For Aurora PostgreSQL and RDS for\nPostgreSQL databases, specify POSTGRESQL. For RDS for Microsoft SQL Server,\nspecify SQLSERVER." @@ -62,7 +62,7 @@ spec: description: "The identifier for the proxy. This name must be unique for all proxies owned\nby your Amazon Web Services account in the specified Amazon Web Services\nRegion. An identifier must begin with a letter and must contain only ASCII\nletters, digits, and hyphens; it can't end with a hyphen or contain two consecutive\nhyphens." type: "string" requireTLS: - description: "A Boolean parameter that specifies whether Transport Layer Security (TLS)\nencryption is required for connections to the proxy. By enabling this setting,\nyou can enforce encrypted TLS connections to the proxy." + description: "Specifies whether Transport Layer Security (TLS) encryption is required for\nconnections to the proxy. By enabling this setting, you can enforce encrypted\nTLS connections to the proxy." type: "boolean" roleARN: description: "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access\nsecrets in Amazon Web Services Secrets Manager." @@ -70,7 +70,7 @@ spec: tags: description: "An optional set of key-value pairs to associate arbitrary data of your choosing\nwith the proxy." items: - description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide." + description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html)\nin the Amazon Aurora User Guide." properties: key: type: "string" @@ -115,7 +115,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml index ef1385c2c..2d5153982 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml @@ -57,7 +57,7 @@ spec: tags: description: "Tags to assign to the DB subnet group." items: - description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide." + description: "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n\nFor more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)\nin the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources\n(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html)\nin the Amazon Aurora User Guide." properties: key: type: "string" @@ -89,7 +89,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/globalclusters.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/globalclusters.yaml index d678b4cfc..b4970ecbd 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/globalclusters.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/globalclusters.yaml @@ -30,25 +30,25 @@ spec: description: "GlobalClusterSpec defines the desired state of GlobalCluster.\n\nA data type representing an Aurora global database." properties: databaseName: - description: "The name for your database of up to 64 alphanumeric characters. If you do\nnot provide a name, Amazon Aurora will not create a database in the global\ndatabase cluster you are creating." + description: "The name for your database of up to 64 alphanumeric characters. If you don't\nspecify a name, Amazon Aurora doesn't create a database in the global database\ncluster.\n\nConstraints:\n\n * Can't be specified if SourceDBClusterIdentifier is specified. In this\n case, Amazon Aurora uses the database name from the source DB cluster." type: "string" deletionProtection: - description: "The deletion protection setting for the new global database. The global database\ncan't be deleted when deletion protection is enabled." + description: "Specifies whether to enable deletion protection for the new global database\ncluster. The global database can't be deleted when deletion protection is\nenabled." type: "boolean" engine: - description: "The name of the database engine to be used for this DB cluster." + description: "The database engine to use for this global database cluster.\n\nValid Values: aurora-mysql | aurora-postgresql\n\nConstraints:\n\n * Can't be specified if SourceDBClusterIdentifier is specified. In this\n case, Amazon Aurora uses the engine of the source DB cluster." type: "string" engineVersion: - description: "The engine version of the Aurora global database." + description: "The engine version to use for this global database cluster.\n\nConstraints:\n\n * Can't be specified if SourceDBClusterIdentifier is specified. In this\n case, Amazon Aurora uses the engine version of the source DB cluster." type: "string" globalClusterIdentifier: - description: "The cluster identifier of the new global database cluster." + description: "The cluster identifier for this global database cluster. This parameter is\nstored as a lowercase string." type: "string" sourceDBClusterIdentifier: - description: "The Amazon Resource Name (ARN) to use as the primary cluster of the global\ndatabase. This parameter is optional." + description: "The Amazon Resource Name (ARN) to use as the primary cluster of the global\ndatabase.\n\nIf you provide a value for this parameter, don't specify values for the following\nsettings because Amazon Aurora uses the values from the specified source\nDB cluster:\n\n * DatabaseName\n\n * Engine\n\n * EngineVersion\n\n * StorageEncrypted" type: "string" storageEncrypted: - description: "The storage encryption setting for the new global database cluster." + description: "Specifies whether to enable storage encryption for the new global database\ncluster.\n\nConstraints:\n\n * Can't be specified if SourceDBClusterIdentifier is specified. In this\n case, Amazon Aurora uses the setting from the source DB cluster." type: "boolean" type: "object" status: @@ -71,7 +71,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -96,8 +96,11 @@ spec: - "type" type: "object" type: "array" + engineLifecycleSupport: + description: "The life cycle type for the global cluster.\n\nFor more information, see CreateGlobalCluster." + type: "string" failoverState: - description: "A data object containing all properties for the current state of an in-process\nor pending failover process for this Aurora global database. This object\nis empty unless the FailoverGlobalCluster API operation has been called on\nthis Aurora global database (GlobalCluster)." + description: "A data object containing all properties for the current state of an in-process\nor pending switchover or failover process for this global cluster (Aurora\nglobal database). This object is empty unless the SwitchoverGlobalCluster\nor FailoverGlobalCluster operation was called on this global cluster." properties: fromDBClusterARN: type: "string" @@ -109,7 +112,7 @@ spec: globalClusterMembers: description: "The list of primary and secondary clusters within the global database cluster." items: - description: "A data structure with information about any primary and secondary clusters\nassociated with an Aurora global database." + description: "A data structure with information about any primary and secondary clusters\nassociated with a global cluster (Aurora global database)." properties: dbClusterARN: type: "string" diff --git a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/hostedzones.yaml b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/hostedzones.yaml index d975f64b7..6a2954cc3 100644 --- a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/hostedzones.yaml +++ b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/hostedzones.yaml @@ -89,7 +89,7 @@ spec: description: "The value that you specified for CallerReference when you created the hosted\nzone." type: "string" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml index 262a6af70..65a55f8a2 100644 --- a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml +++ b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml @@ -131,7 +131,7 @@ spec: description: "Failover resource record sets only: To configure failover, you add the Failover\nelement to two resource record sets. For one resource record set, you specify\nPRIMARY as the value for Failover; for the other resource record set, you\nspecify SECONDARY. In addition, you include the HealthCheckId element and\nspecify the health check that you want Amazon Route 53 to perform for each\nresource record set.\n\nExcept where noted, the following failover behaviors assume that you have\nincluded the HealthCheckId element in both resource record sets:\n\n * When the primary resource record set is healthy, Route 53 responds to\n DNS queries with the applicable value from the primary resource record\n set regardless of the health of the secondary resource record set.\n\n * When the primary resource record set is unhealthy and the secondary\n resource record set is healthy, Route 53 responds to DNS queries with\n the applicable value from the secondary resource record set.\n\n * When the secondary resource record set is unhealthy, Route 53 responds\n to DNS queries with the applicable value from the primary resource record\n set regardless of the health of the primary resource record set.\n\n * If you omit the HealthCheckId element for the secondary resource record\n set, and if the primary resource record set is unhealthy, Route 53 always\n responds to DNS queries with the applicable value from the secondary resource\n record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values\nfor the Name and Type elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the EvaluateTargetHealth\nelement and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following\ntopics in the Amazon Route 53 Developer Guide:\n\n * Route 53 Health Checks and DNS Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n\n * Configuring Failover in a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)" type: "string" geoLocation: - description: "Geolocation resource record sets only: A complex type that lets you control\nhow Amazon Route 53 responds to DNS queries based on the geographic origin\nof the query. For example, if you want all queries from Africa to be routed\nto a web server with an IP address of 192.0.2.111, create a resource record\nset with a Type of A and a ContinentCode of AF.\n\nAlthough creating geolocation and geolocation alias resource record sets\nin a private hosted zone is allowed, it's not supported.\n\nIf you create separate resource record sets for overlapping geographic regions\n(for example, one resource record set for a continent and one for a country\non the same continent), priority goes to the smallest geographic region.\nThis allows you to route most queries for a continent to one resource and\nto route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same\ngeographic location.\n\nThe value * in the CountryCode element matches all geographic locations that\naren't specified in other geolocation resource record sets that have the\nsame values for the Name and Type elements.\n\nGeolocation works by mapping IP addresses to locations. However, some IP\naddresses aren't mapped to geographic locations, so even if you create geolocation\nresource record sets that cover all seven continents, Route 53 will receive\nsome DNS queries from locations that it can't identify. We recommend that\nyou create a resource record set for which the value of CountryCode is *.\nTwo groups of queries are routed to the resource that you specify in this\nrecord: queries that come from locations for which you haven't created geolocation\nresource record sets and queries from IP addresses that aren't mapped to\na location. If you don't create a * resource record set, Route 53 returns\na \"no answer\" response for queries from those locations.\n\nYou can't create non-geolocation resource record sets that have the same\nvalues for the Name and Type elements as geolocation resource record sets." + description: "Geolocation resource record sets only: A complex type that lets you control\nhow Amazon Route 53 responds to DNS queries based on the geographic origin\nof the query. For example, if you want all queries from Africa to be routed\nto a web server with an IP address of 192.0.2.111, create a resource record\nset with a Type of A and a ContinentCode of AF.\n\nIf you create separate resource record sets for overlapping geographic regions\n(for example, one resource record set for a continent and one for a country\non the same continent), priority goes to the smallest geographic region.\nThis allows you to route most queries for a continent to one resource and\nto route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same\ngeographic location.\n\nThe value * in the CountryCode element matches all geographic locations that\naren't specified in other geolocation resource record sets that have the\nsame values for the Name and Type elements.\n\nGeolocation works by mapping IP addresses to locations. However, some IP\naddresses aren't mapped to geographic locations, so even if you create geolocation\nresource record sets that cover all seven continents, Route 53 will receive\nsome DNS queries from locations that it can't identify. We recommend that\nyou create a resource record set for which the value of CountryCode is *.\nTwo groups of queries are routed to the resource that you specify in this\nrecord: queries that come from locations for which you haven't created geolocation\nresource record sets and queries from IP addresses that aren't mapped to\na location. If you don't create a * resource record set, Route 53 returns\na \"no answer\" response for queries from those locations.\n\nYou can't create non-geolocation resource record sets that have the same\nvalues for the Name and Type elements as geolocation resource record sets." properties: continentCode: type: "string" @@ -146,6 +146,9 @@ spec: hostedZoneID: description: "The ID of the hosted zone that contains the resource record sets that you\nwant to change." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" hostedZoneRef: description: "AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference\ntype to provide more user friendly syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t name: my-api" properties: @@ -162,11 +165,17 @@ spec: description: "Multivalue answer resource record sets only: To route traffic approximately\nrandomly to multiple resources, such as web servers, create one multivalue\nanswer record for each resource and specify true for MultiValueAnswer. Note\nthe following:\n\n * If you associate a health check with a multivalue answer resource record\n set, Amazon Route 53 responds to DNS queries with the corresponding IP\n address only when the health check is healthy.\n\n * If you don't associate a health check with a multivalue answer record,\n Route 53 always considers the record to be healthy.\n\n * Route 53 responds to DNS queries with up to eight healthy records; if\n you have eight or fewer healthy records, Route 53 responds to all DNS\n queries with all the healthy records.\n\n * If you have more than eight healthy records, Route 53 responds to different\n DNS resolvers with different combinations of healthy records.\n\n * When all records are unhealthy, Route 53 responds to DNS queries with\n up to eight unhealthy records.\n\n * If a resource becomes unavailable after a resolver caches a response,\n client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records." type: "boolean" name: - description: "For ChangeResourceRecordSets requests, the name of the record that you want\nto create, update, or delete. For ListResourceRecordSets responses, the name\nof a record in the specified hosted zone.\n\nChangeResourceRecordSets Only\n\nEnter a fully qualified domain name, for example, www.example.com. You can\noptionally include a trailing dot. If you omit the trailing dot, Amazon Route\n53 assumes that the domain name that you specify is fully qualified. This\nmeans that Route 53 treats www.example.com (without a trailing dot) and www.example.com.\n(with a trailing dot) as identical.\n\nFor information about how to specify characters other than a-z, 0-9, and\n- (hyphen) and how to specify internationalized domain names, see DNS Domain\nName Format (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html)\nin the Amazon Route 53 Developer Guide.\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a\ndomain name, for example, *.example.com. Note the following:\n\n * The * must replace the entire label. For example, you can't specify\n *prod.example.com or prod*.example.com.\n\n * The * can't replace any of the middle labels, for example, marketing.*.example.com.\n\n * If you include * in any position other than the leftmost label in a\n domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n You can't use the * wildcard for resource records sets that have a type\n of NS.\n\nYou can use the * wildcard as the leftmost label in a domain name, for example,\n*.example.com. You can't use an * for one of the middle labels, for example,\nmarketing.*.example.com. In addition, the * must replace the entire label;\nfor example, you can't specify prod*.example.com." + description: "For ChangeResourceRecordSets requests, the name of the record that you want\nto create, update, or delete. For ListResourceRecordSets responses, the name\nof a record in the specified hosted zone.\n\nChangeResourceRecordSets Only\n\nEnter a fully qualified domain name, for example, www.example.com. You can\noptionally include a trailing dot. If you omit the trailing dot, Amazon Route\n53 assumes that the domain name that you specify is fully qualified. This\nmeans that Route 53 treats www.example.com (without a trailing dot) and www.example.com.\n(with a trailing dot) as identical.\n\nFor information about how to specify characters other than a-z, 0-9, and\n- (hyphen) and how to specify internationalized domain names, see DNS Domain\nName Format (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html)\nin the Amazon Route 53 Developer Guide.\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a\ndomain name, for example, *.example.com. Note the following:\n\n * The * must replace the entire label. For example, you can't specify\n *prod.example.com or prod*.example.com.\n\n * The * can't replace any of the middle labels, for example, marketing.*.example.com.\n\n * If you include * in any position other than the leftmost label in a\n domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n You can't use the * wildcard for resource records sets that have a type\n of NS." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" recordType: - description: "The DNS record type. For information about different record types and how\ndata is encoded for them, see Supported DNS Resource Record Types (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html)\nin the Amazon Route 53 Developer Guide.\n\nValid values for basic resource record sets: A | AAAA | CAA | CNAME | DS\n|MX | NAPTR | NS | PTR | SOA | SPF | SRV | TXT\n\nValues for weighted, latency, geolocation, and failover resource record sets:\nA | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT. When creating\na group of weighted, latency, geolocation, or failover resource record sets,\nspecify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: A | AAAA | MX |\nNAPTR | PTR | SPF | SRV | TXT\n\nSPF records were formerly used to verify the identity of the sender of email\nmessages. However, we no longer recommend that you create resource record\nsets for which the value of Type is SPF. RFC 7208, Sender Policy Framework\n(SPF) for Authorizing Use of Domains in Email, Version 1, has been updated\nto say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to\nsome interoperability issues. Accordingly, its use is no longer appropriate\nfor SPF version 1; implementations are not to use it.\" In RFC 7208, see section\n14.1, The SPF DNS Record Type (http://tools.ietf.org/html/rfc7208#section-14.1).\n\nValues for alias resource record sets:\n\n * Amazon API Gateway custom regional APIs and edge-optimized APIs: A\n\n * CloudFront distributions: A If IPv6 is enabled for the distribution,\n create two resource record sets to route traffic to your distribution,\n one with a value of A and one with a value of AAAA.\n\n * Amazon API Gateway environment that has a regionalized subdomain: A\n\n * ELB load balancers: A | AAAA\n\n * Amazon S3 buckets: A\n\n * Amazon Virtual Private Cloud interface VPC endpoints A\n\n * Another resource record set in this hosted zone: Specify the type of\n the resource record set that you're creating the alias for. All values\n are supported except NS and SOA. If you're creating an alias record that\n has the same name as the hosted zone (known as the zone apex), you can't\n route traffic to a record for which the value of Type is CNAME. This is\n because the alias record must have the same type as the record you're\n routing traffic to, and creating a CNAME record for the zone apex isn't\n supported even for an alias record." + description: "The DNS record type. For information about different record types and how\ndata is encoded for them, see Supported DNS Resource Record Types (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html)\nin the Amazon Route 53 Developer Guide.\n\nValid values for basic resource record sets: A | AAAA | CAA | CNAME | DS\n|MX | NAPTR | NS | PTR | SOA | SPF | SRV | TXT| TLSA| SSHFP| SVCB| HTTPS\n\nValues for weighted, latency, geolocation, and failover resource record sets:\nA | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT| TLSA| SSHFP|\nSVCB| HTTPS. When creating a group of weighted, latency, geolocation, or\nfailover resource record sets, specify the same value for all of the resource\nrecord sets in the group.\n\nValid values for multivalue answer resource record sets: A | AAAA | MX |\nNAPTR | PTR | SPF | SRV | TXT| CAA| TLSA| SSHFP| SVCB| HTTPS\n\nSPF records were formerly used to verify the identity of the sender of email\nmessages. However, we no longer recommend that you create resource record\nsets for which the value of Type is SPF. RFC 7208, Sender Policy Framework\n(SPF) for Authorizing Use of Domains in Email, Version 1, has been updated\nto say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to\nsome interoperability issues. Accordingly, its use is no longer appropriate\nfor SPF version 1; implementations are not to use it.\" In RFC 7208, see section\n14.1, The SPF DNS Record Type (http://tools.ietf.org/html/rfc7208#section-14.1).\n\nValues for alias resource record sets:\n\n * Amazon API Gateway custom regional APIs and edge-optimized APIs: A\n\n * CloudFront distributions: A If IPv6 is enabled for the distribution,\n create two resource record sets to route traffic to your distribution,\n one with a value of A and one with a value of AAAA.\n\n * Amazon API Gateway environment that has a regionalized subdomain: A\n\n * ELB load balancers: A | AAAA\n\n * Amazon S3 buckets: A\n\n * Amazon Virtual Private Cloud interface VPC endpoints A\n\n * Another resource record set in this hosted zone: Specify the type of\n the resource record set that you're creating the alias for. All values\n are supported except NS and SOA. If you're creating an alias record that\n has the same name as the hosted zone (known as the zone apex), you can't\n route traffic to a record for which the value of Type is CNAME. This is\n because the alias record must have the same type as the record you're\n routing traffic to, and creating a CNAME record for the zone apex isn't\n supported even for an alias record." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" region: description: "Latency-based resource record sets only: The Amazon EC2 Region where you\ncreated the resource that this resource record set refers to. The resource\ntypically is an Amazon Web Services resource, such as an EC2 instance or\nan ELB load balancer, and is referred to by an IP address or a DNS domain\nname, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for\nwhich you have created latency resource record sets, Route 53 selects the\nlatency resource record set that has the lowest latency between the end user\nand the associated Amazon EC2 Region. Route 53 then returns the value that\nis associated with the selected resource record set.\n\nNote the following:\n\n * You can only specify one ResourceRecord per latency resource record\n set.\n\n * You can only create one latency resource record set for each Amazon\n EC2 Region.\n\n * You aren't required to create latency resource record sets for all Amazon\n EC2 Regions. Route 53 will choose the region with the best latency from\n among the regions that you create latency resource record sets for.\n\n * You can't create non-latency resource record sets that have the same\n values for the Name and Type elements as latency resource record sets." type: "string" @@ -182,6 +191,9 @@ spec: setIdentifier: description: "Resource record sets that have a routing policy other than simple: An identifier\nthat differentiates among multiple resource record sets that have the same\ncombination of name and type, such as multiple weighted resource record sets\nnamed acme.example.com that have a type of A. In a group of resource record\nsets that have the same name and type, the value of SetIdentifier must be\nunique for each resource record set.\n\nFor information about routing policies, see Choosing a Routing Policy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html)\nin the Amazon Route 53 Developer Guide." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" ttl: description: "The resource record cache time to live (TTL), in seconds. Note the following:\n\n * If you're creating or updating an alias resource record set, omit TTL.\n Amazon Route 53 uses the value of TTL for the alias target.\n\n * If you're associating this resource record set with a health check (if\n you're adding a HealthCheckId element), we recommend that you specify\n a TTL of 60 seconds or less so clients respond quickly to changes in health\n status.\n\n * All of the resource record sets in a group of weighted resource record\n sets must have the same value for TTL.\n\n * If a group of weighted resource record sets includes one or more weighted\n alias resource record sets for which the alias target is an ELB load balancer,\n we recommend that you specify a TTL of 60 seconds for all of the non-alias\n weighted resource record sets that have the same name and type. Values\n other than 60 seconds (the TTL for load balancers) will change the effect\n of the values that you specify for Weight." format: "int64" @@ -213,7 +225,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml index 577a50d87..cc87a613f 100644 --- a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml @@ -37,7 +37,7 @@ spec: description: "Specify the applicable value:\n\n * INBOUND: Resolver forwards DNS queries to the DNS service for a VPC\n from your network\n\n * OUTBOUND: Resolver forwards DNS queries from the DNS service for a VPC\n to your network" type: "string" ipAddresses: - description: "The subnets and IP addresses in your VPC that DNS queries originate from\n(for outbound endpoints) or that you forward DNS queries to (for inbound\nendpoints). The subnet ID uniquely identifies a VPC." + description: "The subnets and IP addresses in your VPC that DNS queries originate from\n(for outbound endpoints) or that you forward DNS queries to (for inbound\nendpoints). The subnet ID uniquely identifies a VPC.\n\nEven though the minimum is 1, Route 53 requires that you create at least\ntwo." items: description: "In a CreateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html)\nrequest, the IP address that DNS queries originate from (for outbound endpoints)\nor that you forward DNS queries to (for inbound endpoints). IpAddressRequest\nalso includes the ID of the subnet that contains the IP address." properties: @@ -65,10 +65,10 @@ spec: description: "A friendly name that lets you easily find a configuration in the Resolver\ndashboard in the Route 53 console." type: "string" resolverEndpointType: - description: "For the endpoint type you can choose either IPv4, IPv6. or dual-stack. A\ndual-stack endpoint means that it will resolve via both IPv4 and IPv6. This\nendpoint type is applied to all IP addresses." + description: "For the endpoint type you can choose either IPv4, IPv6, or dual-stack. A\ndual-stack endpoint means that it will resolve via both IPv4 and IPv6. This\nendpoint type is applied to all IP addresses." type: "string" securityGroupIDs: - description: "The ID of one or more security groups that you want to use to control access\nto this VPC. The security group that you specify must include one or more\ninbound rules (for inbound Resolver endpoints) or outbound rules (for outbound\nResolver endpoints). Inbound and outbound rules must allow TCP and UDP access.\nFor inbound access, open port 53. For outbound access, open the port that\nyou're using for DNS queries on your network." + description: "The ID of one or more security groups that you want to use to control access\nto this VPC. The security group that you specify must include one or more\ninbound rules (for inbound Resolver endpoints) or outbound rules (for outbound\nResolver endpoints). Inbound and outbound rules must allow TCP and UDP access.\nFor inbound access, open port 53. For outbound access, open the port that\nyou're using for DNS queries on your network.\n\nSome security group rules will cause your connection to be tracked. For outbound\nresolver endpoint, it can potentially impact the maximum queries per second\nfrom outbound endpoint to your target name server. For inbound resolver endpoint,\nit can bring down the overall maximum queries per second per IP address to\nas low as 1500. To avoid connection tracking caused by security group, see\nUntracked connections (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#untracked-connectionsl)." items: type: "string" type: "array" @@ -121,7 +121,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: @@ -162,6 +162,28 @@ spec: description: "The number of IP addresses that the Resolver endpoint can use for DNS queries." format: "int64" type: "integer" + ipAddresses: + items: + description: "In the response to a GetResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html)\nrequest, information about the IP addresses that the Resolver endpoint uses\nfor DNS queries." + properties: + creationTime: + type: "string" + ip: + type: "string" + ipID: + type: "string" + ipv6: + type: "string" + modificationTime: + type: "string" + status: + type: "string" + statusMessage: + type: "string" + subnetID: + type: "string" + type: "object" + type: "array" modificationTime: description: "The date and time that the endpoint was last modified, in Unix time format\nand Coordinated Universal Time (UTC)." type: "string" diff --git a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverrules.yaml b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverrules.yaml index a68bde964..4f1ca34fd 100644 --- a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverrules.yaml +++ b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverrules.yaml @@ -75,7 +75,7 @@ spec: type: "object" type: "array" targetIPs: - description: "The IPs that you want Resolver to forward DNS queries to. You can specify\nonly IPv4 addresses. Separate IP addresses with a space.\n\nTargetIps is available only when the value of Rule type is FORWARD." + description: "The IPs that you want Resolver to forward DNS queries to. You can specify\neither Ipv4 or Ipv6 addresses but not both in the same rule. Separate IP\naddresses with a space.\n\nTargetIps is available only when the value of Rule type is FORWARD." items: description: "In a CreateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html)\nrequest, an array of the IPs that you want to forward DNS queries to." properties: @@ -89,7 +89,6 @@ spec: type: "object" type: "array" required: - - "domainName" - "ruleType" type: "object" status: @@ -112,7 +111,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/s3-controller/s3.services.k8s.aws/v1alpha1/buckets.yaml b/crd-catalog/aws-controllers-k8s/s3-controller/s3.services.k8s.aws/v1alpha1/buckets.yaml index 47513d5d1..456c7dd28 100644 --- a/crd-catalog/aws-controllers-k8s/s3-controller/s3.services.k8s.aws/v1alpha1/buckets.yaml +++ b/crd-catalog/aws-controllers-k8s/s3-controller/s3.services.k8s.aws/v1alpha1/buckets.yaml @@ -27,7 +27,7 @@ spec: metadata: type: "object" spec: - description: "BucketSpec defines the desired state of Bucket.\n\nIn terms of implementation, a Bucket is a resource. An Amazon S3 bucket name\nis globally unique, and the namespace is shared by all Amazon Web Services\naccounts." + description: "BucketSpec defines the desired state of Bucket.\n\nIn terms of implementation, a Bucket is a resource." properties: accelerate: description: "Container for setting the transfer acceleration state." @@ -36,7 +36,7 @@ spec: type: "string" type: "object" acl: - description: "The canned ACL to apply to the bucket." + description: "The canned ACL to apply to the bucket.\n\nThis functionality is not supported for directory buckets." type: "string" analytics: items: @@ -144,10 +144,10 @@ spec: properties: rules: items: - description: "Specifies the default server-side encryption configuration." + description: "Specifies the default server-side encryption configuration.\n\n * General purpose buckets - If you're specifying a customer managed KMS\n key, we recommend using a fully qualified KMS key ARN. If you use a KMS\n key alias instead, then KMS resolves the key within the requester’s\n account. This behavior can result in data that's encrypted with a KMS\n key that belongs to the requester, and not the bucket owner.\n\n * Directory buckets - When you specify an KMS customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk)\n for encryption in your directory bucket, only use the key ID or key ARN.\n The key alias format of the KMS key isn't supported." properties: applyServerSideEncryptionByDefault: - description: "Describes the default server-side encryption to apply to new objects in the\nbucket. If a PUT Object request doesn't specify any server-side encryption,\nthis default encryption will be applied. If you don't specify a customer\nmanaged key at configuration, Amazon S3 automatically creates an Amazon Web\nServices KMS key in your Amazon Web Services account the first time that\nyou add an object encrypted with SSE-KMS to a bucket. By default, Amazon\nS3 uses this KMS key for SSE-KMS. For more information, see PUT Bucket encryption\n(https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html)\nin the Amazon S3 API Reference." + description: "Describes the default server-side encryption to apply to new objects in the\nbucket. If a PUT Object request doesn't specify any server-side encryption,\nthis default encryption will be applied. For more information, see PutBucketEncryption\n(https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html).\n\n * General purpose buckets - If you don't specify a customer managed key\n at configuration, Amazon S3 automatically creates an Amazon Web Services\n KMS key (aws/s3) in your Amazon Web Services account the first time that\n you add an object encrypted with SSE-KMS to a bucket. By default, Amazon\n S3 uses this KMS key for SSE-KMS.\n\n * Directory buckets - Your SSE-KMS configuration can only support 1 customer\n managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk)\n per directory bucket for the lifetime of the bucket. The Amazon Web Services\n managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)\n (aws/s3) isn't supported.\n\n * Directory buckets - For directory buckets, there are only two supported\n options for server-side encryption: SSE-S3 and SSE-KMS." properties: kmsMasterKeyID: type: "string" @@ -160,19 +160,19 @@ spec: type: "array" type: "object" grantFullControl: - description: "Allows grantee the read, write, read ACP, and write ACP permissions on the\nbucket." + description: "Allows grantee the read, write, read ACP, and write ACP permissions on the\nbucket.\n\nThis functionality is not supported for directory buckets." type: "string" grantRead: - description: "Allows grantee to list the objects in the bucket." + description: "Allows grantee to list the objects in the bucket.\n\nThis functionality is not supported for directory buckets." type: "string" grantReadACP: - description: "Allows grantee to read the bucket ACL." + description: "Allows grantee to read the bucket ACL.\n\nThis functionality is not supported for directory buckets." type: "string" grantWrite: - description: "Allows grantee to create new objects in the bucket.\n\nFor the bucket and object owners of existing objects, also allows deletions\nand overwrites of those objects." + description: "Allows grantee to create new objects in the bucket.\n\nFor the bucket and object owners of existing objects, also allows deletions\nand overwrites of those objects.\n\nThis functionality is not supported for directory buckets." type: "string" grantWriteACP: - description: "Allows grantee to write the ACL for the applicable bucket." + description: "Allows grantee to write the ACL for the applicable bucket.\n\nThis functionality is not supported for directory buckets." type: "string" intelligentTiering: items: @@ -284,17 +284,17 @@ spec: properties: rules: items: - description: "A lifecycle rule for individual objects in an Amazon S3 bucket." + description: "A lifecycle rule for individual objects in an Amazon S3 bucket.\n\nFor more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html)\nin the Amazon S3 User Guide." properties: abortIncompleteMultipartUpload: - description: "Specifies the days since the initiation of an incomplete multipart upload\nthat Amazon S3 will wait before permanently removing all parts of the upload.\nFor more information, see Aborting Incomplete Multipart Uploads Using a Bucket\nLifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config)\nin the Amazon S3 User Guide." + description: "Specifies the days since the initiation of an incomplete multipart upload\nthat Amazon S3 will wait before permanently removing all parts of the upload.\nFor more information, see Aborting Incomplete Multipart Uploads Using a Bucket\nLifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config)\nin the Amazon S3 User Guide." properties: daysAfterInitiation: format: "int64" type: "integer" type: "object" expiration: - description: "Container for the expiration for the lifecycle of the object." + description: "Container for the expiration for the lifecycle of the object.\n\nFor more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html)\nin the Amazon S3 User Guide." properties: date: format: "date-time" @@ -306,7 +306,7 @@ spec: type: "boolean" type: "object" filter: - description: "The Filter is used to identify objects that a Lifecycle Rule applies to.\nA Filter must have exactly one of Prefix, Tag, or And specified." + description: "The Filter is used to identify objects that a Lifecycle Rule applies to.\nA Filter can have exactly one of Prefix, Tag, ObjectSizeGreaterThan, ObjectSizeLessThan,\nor And specified. If the Filter element is left empty, the Lifecycle Rule\napplies to all objects in the bucket." properties: and: description: "This is used in a Lifecycle Rule Filter to apply a logical AND to two or\nmore predicates. The Lifecycle Rule will apply to any object matching all\nof the predicates configured inside the And operator." @@ -350,7 +350,7 @@ spec: id: type: "string" noncurrentVersionExpiration: - description: "Specifies when noncurrent object versions expire. Upon expiration, Amazon\nS3 permanently deletes the noncurrent object versions. You set this lifecycle\nconfiguration action on a bucket that has versioning enabled (or suspended)\nto request that Amazon S3 delete noncurrent object versions at a specific\nperiod in the object's lifetime." + description: "Specifies when noncurrent object versions expire. Upon expiration, Amazon\nS3 permanently deletes the noncurrent object versions. You set this lifecycle\nconfiguration action on a bucket that has versioning enabled (or suspended)\nto request that Amazon S3 delete noncurrent object versions at a specific\nperiod in the object's lifetime.\n\nThis parameter applies to general purpose buckets only. It is not supported\nfor directory bucket lifecycle configurations." properties: newerNoncurrentVersions: format: "int64" @@ -471,8 +471,11 @@ spec: type: "object" type: "array" name: - description: "The name of the bucket to create." + description: "The name of the bucket to create.\n\nGeneral purpose buckets - For information about bucket naming restrictions,\nsee Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html)\nin the Amazon S3 User Guide.\n\nDirectory buckets - When you use this operation with a directory bucket,\nyou must use path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n. Virtual-hosted-style requests aren't supported. Directory bucket names\nmust be unique in the chosen Zone (Availability Zone or Local Zone). Bucket\nnames must also follow the format bucket-base-name--zone-id--x-s3 (for example,\nDOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming\nrestrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html)\nin the Amazon S3 User Guide" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" notification: description: "A container for specifying the notification configuration of the bucket.\nIf this element is empty, notifications are turned off for the bucket." properties: @@ -485,7 +488,7 @@ spec: type: "string" type: "array" filter: - description: "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)\nin the Amazon S3 User Guide." + description: "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring event notifications using object key name filtering\n(https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html)\nin the Amazon S3 User Guide." properties: key: description: "A container for object key name prefix and suffix filtering rules." @@ -493,7 +496,7 @@ spec: filterRules: description: "A list of containers for the key-value pair that defines the criteria for\nthe filter rule." items: - description: "Specifies the Amazon S3 object key name to filter on and whether to filter\non the suffix or prefix of the key name." + description: "Specifies the Amazon S3 object key name to filter on. An object key name\nis the name assigned to an object in your Amazon S3 bucket. You specify whether\nto filter on the suffix or prefix of the object key name. A prefix is a specific\nstring of characters at the beginning of an object key name, which you can\nuse to organize objects. For example, you can start the key names of related\nobjects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule\nto find objects in a bucket with key names that have the same prefix. A suffix\nis similar to a prefix, but it is at the end of the object key name instead\nof at the beginning." properties: name: type: "string" @@ -519,7 +522,7 @@ spec: type: "string" type: "array" filter: - description: "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)\nin the Amazon S3 User Guide." + description: "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring event notifications using object key name filtering\n(https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html)\nin the Amazon S3 User Guide." properties: key: description: "A container for object key name prefix and suffix filtering rules." @@ -527,7 +530,7 @@ spec: filterRules: description: "A list of containers for the key-value pair that defines the criteria for\nthe filter rule." items: - description: "Specifies the Amazon S3 object key name to filter on and whether to filter\non the suffix or prefix of the key name." + description: "Specifies the Amazon S3 object key name to filter on. An object key name\nis the name assigned to an object in your Amazon S3 bucket. You specify whether\nto filter on the suffix or prefix of the object key name. A prefix is a specific\nstring of characters at the beginning of an object key name, which you can\nuse to organize objects. For example, you can start the key names of related\nobjects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule\nto find objects in a bucket with key names that have the same prefix. A suffix\nis similar to a prefix, but it is at the end of the object key name instead\nof at the beginning." properties: name: type: "string" @@ -553,7 +556,7 @@ spec: type: "string" type: "array" filter: - description: "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)\nin the Amazon S3 User Guide." + description: "Specifies object key name filtering rules. For information about key name\nfiltering, see Configuring event notifications using object key name filtering\n(https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html)\nin the Amazon S3 User Guide." properties: key: description: "A container for object key name prefix and suffix filtering rules." @@ -561,7 +564,7 @@ spec: filterRules: description: "A list of containers for the key-value pair that defines the criteria for\nthe filter rule." items: - description: "Specifies the Amazon S3 object key name to filter on and whether to filter\non the suffix or prefix of the key name." + description: "Specifies the Amazon S3 object key name to filter on. An object key name\nis the name assigned to an object in your Amazon S3 bucket. You specify whether\nto filter on the suffix or prefix of the object key name. A prefix is a specific\nstring of characters at the beginning of an object key name, which you can\nuse to organize objects. For example, you can start the key names of related\nobjects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule\nto find objects in a bucket with key names that have the same prefix. A suffix\nis similar to a prefix, but it is at the end of the object key name instead\nof at the beginning." properties: name: type: "string" @@ -580,7 +583,7 @@ spec: type: "array" type: "object" objectLockEnabledForBucket: - description: "Specifies whether you want S3 Object Lock to be enabled for the new bucket." + description: "Specifies whether you want S3 Object Lock to be enabled for the new bucket.\n\nThis functionality is not supported for directory buckets." type: "boolean" objectOwnership: type: "string" @@ -592,13 +595,13 @@ spec: description: "The container element for an ownership control rule." properties: objectOwnership: - description: "The container element for object ownership for a bucket's ownership controls.\n\nBucketOwnerPreferred - Objects uploaded to the bucket change ownership to\nthe bucket owner if the objects are uploaded with the bucket-owner-full-control\ncanned ACL.\n\nObjectWriter - The uploading account will own the object if the object is\nuploaded with the bucket-owner-full-control canned ACL.\n\nBucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer\naffect permissions. The bucket owner automatically owns and has full control\nover every object in the bucket. The bucket only accepts PUT requests that\ndon't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control\ncanned ACL or an equivalent form of this ACL expressed in the XML format." + description: "The container element for object ownership for a bucket's ownership controls.\n\nBucketOwnerPreferred - Objects uploaded to the bucket change ownership to\nthe bucket owner if the objects are uploaded with the bucket-owner-full-control\ncanned ACL.\n\nObjectWriter - The uploading account will own the object if the object is\nuploaded with the bucket-owner-full-control canned ACL.\n\nBucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer\naffect permissions. The bucket owner automatically owns and has full control\nover every object in the bucket. The bucket only accepts PUT requests that\ndon't specify an ACL or specify bucket owner full control ACLs (such as the\npredefined bucket-owner-full-control canned ACL or a custom ACL in XML format\nthat grants the same permissions).\n\nBy default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled.\nWe recommend keeping ACLs disabled, except in uncommon use cases where you\nmust control access for each object individually. For more information about\nS3 Object Ownership, see Controlling ownership of objects and disabling ACLs\nfor your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)\nin the Amazon S3 User Guide.\n\nThis functionality is not supported for directory buckets. Directory buckets\nuse the bucket owner enforced setting for S3 Object Ownership." type: "string" type: "object" type: "array" type: "object" policy: - description: "The bucket policy as a JSON document." + description: "The bucket policy as a JSON document.\n\nFor directory buckets, the only IAM action supported in the bucket policy\nis s3express:CreateSession." type: "string" publicAccessBlock: description: "The PublicAccessBlock configuration that you want to apply to this Amazon\nS3 bucket. You can enable the configuration options in any combination. For\nmore information about when Amazon S3 considers a bucket or object public,\nsee The Meaning of \"Public\" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status)\nin the Amazon S3 User Guide." @@ -641,7 +644,7 @@ spec: bucket: type: "string" encryptionConfiguration: - description: "Specifies encryption-related information for an Amazon S3 bucket that is\na destination for replicated objects." + description: "Specifies encryption-related information for an Amazon S3 bucket that is\na destination for replicated objects.\n\nIf you're specifying a customer managed KMS key, we recommend using a fully\nqualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves\nthe key within the requester’s account. This behavior can result in data\nthat's encrypted with a KMS key that belongs to the requester, and not the\nbucket owner." properties: replicaKMSKeyID: type: "string" @@ -676,7 +679,7 @@ spec: type: "string" type: "object" existingObjectReplication: - description: "Optional configuration to replicate existing source bucket objects. For more\ninformation, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication)\nin the Amazon S3 User Guide." + description: "Optional configuration to replicate existing source bucket objects.\n\nThis parameter is no longer supported. To replicate existing objects, see\nReplicating existing objects with S3 Batch Replication (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-batch.html)\nin the Amazon S3 User Guide." properties: status: type: "string" @@ -840,7 +843,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/apps.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/apps.yaml index 13d4f2d5b..93671ebef 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/apps.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/apps.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "apps.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -43,7 +43,7 @@ spec: description: "The domain ID." type: "string" resourceSpec: - description: "The instance type and the Amazon Resource Name (ARN) of the SageMaker image\ncreated on the instance.\n\n\nThe value of InstanceType passed as part of the ResourceSpec in the CreateApp\ncall overrides the value passed as part of the ResourceSpec configured for\nthe user profile or the domain. If InstanceType is not specified in any of\nthose three ResourceSpec values for a KernelGateway app, the CreateApp call\nfails with a request validation error." + description: "The instance type and the Amazon Resource Name (ARN) of the SageMaker image\ncreated on the instance.\n\nThe value of InstanceType passed as part of the ResourceSpec in the CreateApp\ncall overrides the value passed as part of the ResourceSpec configured for\nthe user profile or the domain. If InstanceType is not specified in any of\nthose three ResourceSpec values for a KernelGateway app, the CreateApp call\nfails with a request validation error." properties: instanceType: type: "string" @@ -59,7 +59,7 @@ spec: tags: description: "Each tag consists of a key and an optional value. Tag keys must be unique\nper resource." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -82,7 +82,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/dataqualityjobdefinitions.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/dataqualityjobdefinitions.yaml index bf8de2e11..a7625e9b1 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/dataqualityjobdefinitions.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/dataqualityjobdefinitions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "dataqualityjobdefinitions.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -175,7 +175,7 @@ spec: tags: description: "(Optional) An array of key-value pairs. For more information, see Using Cost\nAllocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL)\nin the Amazon Web Services Billing and Cost Management User Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -198,7 +198,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/domains.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/domains.yaml index 75a674de5..c844ccab4 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/domains.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/domains.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "domains.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -37,7 +37,7 @@ spec: description: "DomainSpec defines the desired state of Domain." properties: appNetworkAccessType: - description: "Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly.\n\n\n * PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon\n SageMaker, which allows direct internet access\n\n\n * VpcOnly - All traffic is through the specified VPC and subnets" + description: "Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly.\n\n * PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon\n SageMaker, which allows direct internet access\n\n * VpcOnly - All traffic is through the specified VPC and subnets" type: "string" appSecurityGroupManagement: description: "The entity that creates and manages the required security groups for inter-app\ncommunication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType\nis VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn\nis provided. If setting up the domain for use with RStudio, this value must\nbe set to Service." @@ -46,10 +46,10 @@ spec: description: "The mode of authentication that members use to access the domain." type: "string" defaultUserSettings: - description: "The default settings to use to create a user profile when UserSettings isn't\nspecified in the call to the CreateUserProfile API.\n\n\nSecurityGroups is aggregated when specified in both calls. For all other\nsettings in UserSettings, the values specified in CreateUserProfile take\nprecedence over those specified in CreateDomain." + description: "The default settings to use to create a user profile when UserSettings isn't\nspecified in the call to the CreateUserProfile API.\n\nSecurityGroups is aggregated when specified in both calls. For all other\nsettings in UserSettings, the values specified in CreateUserProfile take\nprecedence over those specified in CreateDomain." properties: codeEditorAppSettings: - description: "The Code Editor application settings.\n\n\nFor more information about Code Editor, see Get started with Code Editor\nin Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html)." + description: "The Code Editor application settings.\n\nFor more information about Code Editor, see Get started with Code Editor\nin Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html)." properties: defaultResourceSpec: description: "Specifies the ARN's of a SageMaker image and SageMaker image version, and\nthe instance type that the version runs on." @@ -213,10 +213,10 @@ spec: type: "string" type: "object" spaceStorageSettings: - description: "The default storage settings for a private space." + description: "The default storage settings for a space." properties: defaultEBSStorageSettings: - description: "A collection of default EBS storage settings that applies to private spaces\ncreated within a domain or user profile." + description: "A collection of default EBS storage settings that apply to spaces created\nwithin a domain or user profile." properties: defaultEBSVolumeSizeInGb: format: "int64" @@ -296,7 +296,7 @@ spec: description: "Use KmsKeyId." type: "string" kmsKeyID: - description: "SageMaker uses Amazon Web Services KMS to encrypt the EFS volume attached\nto the domain with an Amazon Web Services managed key by default. For more\ncontrol, specify a customer managed key." + description: "SageMaker uses Amazon Web Services KMS to encrypt EFS and EBS volumes attached\nto the domain with an Amazon Web Services managed key by default. For more\ncontrol, specify a customer managed key." type: "string" subnetIDs: description: "The VPC subnets that the domain uses for communication." @@ -304,9 +304,9 @@ spec: type: "string" type: "array" tags: - description: "Tags to associated with the Domain. Each tag consists of a key and an optional\nvalue. Tag keys must be unique per resource. Tags are searchable using the\nSearch API.\n\n\nTags that you specify for the Domain are also added to all Apps that the\nDomain launches." + description: "Tags to associated with the Domain. Each tag consists of a key and an optional\nvalue. Tag keys must be unique per resource. Tags are searchable using the\nSearch API.\n\nTags that you specify for the Domain are also added to all Apps that the\nDomain launches." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -331,7 +331,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpointconfigs.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpointconfigs.yaml index d31b1dd80..467d7c1b6 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpointconfigs.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpointconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "endpointconfigs.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -102,10 +102,10 @@ spec: description: "The name of the endpoint configuration. You specify this name in a CreateEndpoint\n(https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpoint.html)\nrequest." type: "string" executionRoleARN: - description: "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume\nto perform actions on your behalf. For more information, see SageMaker Roles\n(https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\n\nTo be able to pass this role to Amazon SageMaker, the caller of this action\nmust have the iam:PassRole permission." + description: "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume\nto perform actions on your behalf. For more information, see SageMaker Roles\n(https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\nTo be able to pass this role to Amazon SageMaker, the caller of this action\nmust have the iam:PassRole permission." type: "string" kmsKeyID: - description: "The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service\nkey that SageMaker uses to encrypt data on the storage volume attached to\nthe ML compute instance that hosts the endpoint.\n\n\nThe KmsKeyId can be any of the following formats:\n\n\n * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n\n\n * Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n\n\n * Alias name: alias/ExampleAlias\n\n\n * Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\n\n\nThe KMS key policy must grant permission to the IAM role that you specify\nin your CreateEndpoint, UpdateEndpoint requests. For more information, refer\nto the Amazon Web Services Key Management Service section Using Key Policies\nin Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)\n\n\nCertain Nitro-based instances include local storage, dependent on the instance\ntype. Local storage volumes are encrypted using a hardware module on the\ninstance. You can't request a KmsKeyId when using an instance type with local\nstorage. If any of the models that you specify in the ProductionVariants\nparameter use nitro-based instances with local storage, do not specify a\nvalue for the KmsKeyId parameter. If you specify a value for KmsKeyId when\nusing any nitro-based instances with local storage, the call to CreateEndpointConfig\nfails.\n\n\nFor a list of instance types that support local instance storage, see Instance\nStore Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes).\n\n\nFor more information about local instance storage encryption, see SSD Instance\nStore Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html)." + description: "The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service\nkey that SageMaker uses to encrypt data on the storage volume attached to\nthe ML compute instance that hosts the endpoint.\n\nThe KmsKeyId can be any of the following formats:\n\n * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n\n * Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n\n * Alias name: alias/ExampleAlias\n\n * Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\n\nThe KMS key policy must grant permission to the IAM role that you specify\nin your CreateEndpoint, UpdateEndpoint requests. For more information, refer\nto the Amazon Web Services Key Management Service section Using Key Policies\nin Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html)\n\nCertain Nitro-based instances include local storage, dependent on the instance\ntype. Local storage volumes are encrypted using a hardware module on the\ninstance. You can't request a KmsKeyId when using an instance type with local\nstorage. If any of the models that you specify in the ProductionVariants\nparameter use nitro-based instances with local storage, do not specify a\nvalue for the KmsKeyId parameter. If you specify a value for KmsKeyId when\nusing any nitro-based instances with local storage, the call to CreateEndpointConfig\nfails.\n\nFor a list of instance types that support local instance storage, see Instance\nStore Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes).\n\nFor more information about local instance storage encryption, see SSD Instance\nStore Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html)." type: "string" productionVariants: description: "An array of ProductionVariant objects, one for each model that you want to\nhost at this endpoint." @@ -180,7 +180,7 @@ spec: tags: description: "An array of key-value pairs. You can use tags to categorize your Amazon Web\nServices resources in different ways, for example, by purpose, owner, or\nenvironment. For more information, see Tagging Amazon Web Services Resources\n(https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -211,7 +211,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpoints.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpoints.yaml index 3da9324c8..092e500ba 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/endpoints.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "endpoints.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -35,7 +35,7 @@ spec: metadata: type: "object" spec: - description: "EndpointSpec defines the desired state of Endpoint.\n\n\nA hosted endpoint for real-time inference." + description: "EndpointSpec defines the desired state of Endpoint.\n\nA hosted endpoint for real-time inference." properties: deploymentConfig: description: "The deployment configuration for an endpoint, which contains the desired\ndeployment strategy and rollback configurations." @@ -65,7 +65,7 @@ spec: description: "Defines the traffic routing strategy during an endpoint deployment to shift\ntraffic from the old fleet to the new fleet." properties: canarySize: - description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." + description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." properties: type_: type: "string" @@ -74,7 +74,7 @@ spec: type: "integer" type: "object" linearStepSize: - description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." + description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." properties: type_: type: "string" @@ -93,7 +93,7 @@ spec: description: "Specifies a rolling deployment strategy for updating a SageMaker endpoint." properties: maximumBatchSize: - description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." + description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." properties: type_: type: "string" @@ -105,7 +105,7 @@ spec: format: "int64" type: "integer" rollbackMaximumBatchSize: - description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." + description: "Specifies the type and size of the endpoint capacity to activate for a blue/green\ndeployment, a rolling deployment, or a rollback strategy. You can specify\nyour batches as either instance count or the overall percentage or your fleet.\n\nFor a rollback strategy, if you don't specify the fields in this object,\nor if you set the Value to 100%, then SageMaker uses a blue/green rollback\nstrategy and rolls all traffic back to the blue fleet." properties: type_: type: "string" @@ -127,7 +127,7 @@ spec: tags: description: "An array of key-value pairs. You can use tags to categorize your Amazon Web\nServices resources in different ways, for example, by purpose, owner, or\nenvironment. For more information, see Tagging Amazon Web Services Resources\n(https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -146,7 +146,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -189,7 +189,7 @@ spec: format: "date-time" type: "string" endpointStatus: - description: "The status of the endpoint.\n\n\n * OutOfService: Endpoint is not available to take incoming requests.\n\n\n * Creating: CreateEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpoint.html)\n is executing.\n\n\n * Updating: UpdateEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpoint.html)\n or UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html)\n is executing.\n\n\n * SystemUpdating: Endpoint is undergoing maintenance and cannot be updated\n or deleted or re-scaled until it has completed. This maintenance operation\n does not change any customer-specified values such as VPC config, KMS\n encryption, model, instance type, or instance count.\n\n\n * RollingBack: Endpoint fails to scale up or down or change its variant\n weight and is in the process of rolling back to its previous configuration.\n Once the rollback completes, endpoint returns to an InService status.\n This transitional status only applies to an endpoint that has autoscaling\n enabled and is undergoing variant weight or capacity changes as part of\n an UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html)\n call or when the UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html)\n operation is called explicitly.\n\n\n * InService: Endpoint is available to process incoming requests.\n\n\n * Deleting: DeleteEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html)\n is executing.\n\n\n * Failed: Endpoint could not be created, updated, or re-scaled. Use the\n FailureReason value returned by DescribeEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpoint.html)\n for information about the failure. DeleteEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html)\n is the only operation that can be performed on a failed endpoint.\n\n\n * UpdateRollbackFailed: Both the rolling deployment and auto-rollback\n failed. Your endpoint is in service with a mix of the old and new endpoint\n configurations. For information about how to remedy this issue and restore\n the endpoint's status to InService, see Rolling Deployments (https://docs.aws.amazon.com/sagemaker/latest/dg/deployment-guardrails-rolling.html)." + description: "The status of the endpoint.\n\n * OutOfService: Endpoint is not available to take incoming requests.\n\n * Creating: CreateEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpoint.html)\n is executing.\n\n * Updating: UpdateEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpoint.html)\n or UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html)\n is executing.\n\n * SystemUpdating: Endpoint is undergoing maintenance and cannot be updated\n or deleted or re-scaled until it has completed. This maintenance operation\n does not change any customer-specified values such as VPC config, KMS\n encryption, model, instance type, or instance count.\n\n * RollingBack: Endpoint fails to scale up or down or change its variant\n weight and is in the process of rolling back to its previous configuration.\n Once the rollback completes, endpoint returns to an InService status.\n This transitional status only applies to an endpoint that has autoscaling\n enabled and is undergoing variant weight or capacity changes as part of\n an UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html)\n call or when the UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html)\n operation is called explicitly.\n\n * InService: Endpoint is available to process incoming requests.\n\n * Deleting: DeleteEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html)\n is executing.\n\n * Failed: Endpoint could not be created, updated, or re-scaled. Use the\n FailureReason value returned by DescribeEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpoint.html)\n for information about the failure. DeleteEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html)\n is the only operation that can be performed on a failed endpoint.\n\n * UpdateRollbackFailed: Both the rolling deployment and auto-rollback\n failed. Your endpoint is in service with a mix of the old and new endpoint\n configurations. For information about how to remedy this issue and restore\n the endpoint's status to InService, see Rolling Deployments (https://docs.aws.amazon.com/sagemaker/latest/dg/deployment-guardrails-rolling.html)." type: "string" failureReason: description: "If the status of the endpoint is Failed, the reason why it failed." @@ -229,7 +229,7 @@ spec: type: "number" deployedImages: items: - description: "Gets the Amazon EC2 Container Registry path of the docker image of the model\nthat is hosted in this ProductionVariant (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ProductionVariant.html).\n\n\nIf you used the registry/repository[:tag] form to specify the image path\nof the primary container when you created the model hosted in this ProductionVariant,\nthe path resolves to a path of the form registry/repository[@digest]. A digest\nis a hash value that identifies a specific version of an image. For information\nabout Amazon ECR paths, see Pulling an Image (https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html)\nin the Amazon ECR User Guide." + description: "Gets the Amazon EC2 Container Registry path of the docker image of the model\nthat is hosted in this ProductionVariant (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ProductionVariant.html).\n\nIf you used the registry/repository[:tag] form to specify the image path\nof the primary container when you created the model hosted in this ProductionVariant,\nthe path resolves to a path of the form registry/repository[@digest]. A digest\nis a hash value that identifies a specific version of an image. For information\nabout Amazon ECR paths, see Pulling an Image (https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html)\nin the Amazon ECR User Guide." properties: resolutionTime: format: "date-time" @@ -324,7 +324,7 @@ spec: type: "number" deployedImages: items: - description: "Gets the Amazon EC2 Container Registry path of the docker image of the model\nthat is hosted in this ProductionVariant (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ProductionVariant.html).\n\n\nIf you used the registry/repository[:tag] form to specify the image path\nof the primary container when you created the model hosted in this ProductionVariant,\nthe path resolves to a path of the form registry/repository[@digest]. A digest\nis a hash value that identifies a specific version of an image. For information\nabout Amazon ECR paths, see Pulling an Image (https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html)\nin the Amazon ECR User Guide." + description: "Gets the Amazon EC2 Container Registry path of the docker image of the model\nthat is hosted in this ProductionVariant (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ProductionVariant.html).\n\nIf you used the registry/repository[:tag] form to specify the image path\nof the primary container when you created the model hosted in this ProductionVariant,\nthe path resolves to a path of the form registry/repository[@digest]. A digest\nis a hash value that identifies a specific version of an image. For information\nabout Amazon ECR paths, see Pulling an Image (https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html)\nin the Amazon ECR User Guide." properties: resolutionTime: format: "date-time" diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/featuregroups.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/featuregroups.yaml index 7cb6d093d..78e2dfc40 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/featuregroups.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/featuregroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "featuregroups.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -35,16 +35,16 @@ spec: metadata: type: "object" spec: - description: "FeatureGroupSpec defines the desired state of FeatureGroup.\n\n\nAmazon SageMaker Feature Store stores features in a collection called Feature\nGroup. A Feature Group can be visualized as a table which has rows, with\na unique identifier for each row where each column in the table is a feature.\nIn principle, a Feature Group is composed of features and values per features." + description: "FeatureGroupSpec defines the desired state of FeatureGroup.\n\nAmazon SageMaker Feature Store stores features in a collection called Feature\nGroup. A Feature Group can be visualized as a table which has rows, with\na unique identifier for each row where each column in the table is a feature.\nIn principle, a Feature Group is composed of features and values per features." properties: description: description: "A free-form description of a FeatureGroup." type: "string" eventTimeFeatureName: - description: "The name of the feature that stores the EventTime of a Record in a FeatureGroup.\n\n\nAn EventTime is a point in time when a new event occurs that corresponds\nto the creation or update of a Record in a FeatureGroup. All Records in the\nFeatureGroup must have a corresponding EventTime.\n\n\nAn EventTime can be a String or Fractional.\n\n\n * Fractional: EventTime feature values must be a Unix timestamp in seconds.\n\n\n * String: EventTime feature values must be an ISO-8601 string in the format.\n The following formats are supported yyyy-MM-dd'T'HH:mm:ssZ and yyyy-MM-dd'T'HH:mm:ss.SSSZ\n where yyyy, MM, and dd represent the year, month, and day respectively\n and HH, mm, ss, and if applicable, SSS represent the hour, month, second\n and milliseconds respsectively. 'T' and Z are constants." + description: "The name of the feature that stores the EventTime of a Record in a FeatureGroup.\n\nAn EventTime is a point in time when a new event occurs that corresponds\nto the creation or update of a Record in a FeatureGroup. All Records in the\nFeatureGroup must have a corresponding EventTime.\n\nAn EventTime can be a String or Fractional.\n\n * Fractional: EventTime feature values must be a Unix timestamp in seconds.\n\n * String: EventTime feature values must be an ISO-8601 string in the format.\n The following formats are supported yyyy-MM-dd'T'HH:mm:ssZ and yyyy-MM-dd'T'HH:mm:ss.SSSZ\n where yyyy, MM, and dd represent the year, month, and day respectively\n and HH, mm, ss, and if applicable, SSS represent the hour, month, second\n and milliseconds respsectively. 'T' and Z are constants." type: "string" featureDefinitions: - description: "A list of Feature names and types. Name and Type is compulsory per Feature.\n\n\nValid feature FeatureTypes are Integral, Fractional and String.\n\n\nFeatureNames cannot be any of the following: is_deleted, write_time, api_invocation_time\n\n\nYou can create up to 2,500 FeatureDefinitions per FeatureGroup." + description: "A list of Feature names and types. Name and Type is compulsory per Feature.\n\nValid feature FeatureTypes are Integral, Fractional and String.\n\nFeatureNames cannot be any of the following: is_deleted, write_time, api_invocation_time\n\nYou can create up to 2,500 FeatureDefinitions per FeatureGroup." items: description: "A list of features. You must include FeatureName and FeatureType. Valid feature\nFeatureTypes are Integral, Fractional and String." properties: @@ -68,10 +68,10 @@ spec: type: "object" type: "array" featureGroupName: - description: "The name of the FeatureGroup. The name must be unique within an Amazon Web\nServices Region in an Amazon Web Services account. The name:\n\n\n * Must start and end with an alphanumeric character.\n\n\n * Can only contain alphanumeric character and hyphens. Spaces are not\n allowed." + description: "The name of the FeatureGroup. The name must be unique within an Amazon Web\nServices Region in an Amazon Web Services account.\n\nThe name:\n\n * Must start with an alphanumeric character.\n\n * Can only include alphanumeric characters, underscores, and hyphens.\n Spaces are not allowed." type: "string" offlineStoreConfig: - description: "Use this to configure an OfflineFeatureStore. This parameter allows you to\nspecify:\n\n\n * The Amazon Simple Storage Service (Amazon S3) location of an OfflineStore.\n\n\n * A configuration for an Amazon Web Services Glue or Amazon Web Services\n Hive data catalog.\n\n\n * An KMS encryption key to encrypt the Amazon S3 location used for OfflineStore.\n If KMS encryption key is not specified, by default we encrypt all data\n at rest using Amazon Web Services KMS key. By defining your bucket-level\n key (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html)\n for SSE, you can reduce Amazon Web Services KMS requests costs by up to\n 99 percent.\n\n\n * Format for the offline store table. Supported formats are Glue (Default)\n and Apache Iceberg (https://iceberg.apache.org/).\n\n\nTo learn more about this parameter, see OfflineStoreConfig (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OfflineStoreConfig.html)." + description: "Use this to configure an OfflineFeatureStore. This parameter allows you to\nspecify:\n\n * The Amazon Simple Storage Service (Amazon S3) location of an OfflineStore.\n\n * A configuration for an Amazon Web Services Glue or Amazon Web Services\n Hive data catalog.\n\n * An KMS encryption key to encrypt the Amazon S3 location used for OfflineStore.\n If KMS encryption key is not specified, by default we encrypt all data\n at rest using Amazon Web Services KMS key. By defining your bucket-level\n key (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html)\n for SSE, you can reduce Amazon Web Services KMS requests costs by up to\n 99 percent.\n\n * Format for the offline store table. Supported formats are Glue (Default)\n and Apache Iceberg (https://iceberg.apache.org/).\n\nTo learn more about this parameter, see OfflineStoreConfig (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OfflineStoreConfig.html)." properties: dataCatalogConfig: description: "The meta data of the Glue table which serves as data catalog for the OfflineStore." @@ -86,7 +86,7 @@ spec: disableGlueTableCreation: type: "boolean" s3StorageConfig: - description: "The Amazon Simple Storage (Amazon S3) location and and security configuration\nfor OfflineStore." + description: "The Amazon Simple Storage (Amazon S3) location and security configuration\nfor OfflineStore." properties: kmsKeyID: type: "string" @@ -97,7 +97,7 @@ spec: type: "object" type: "object" onlineStoreConfig: - description: "You can turn the OnlineStore on or off by specifying True for the EnableOnlineStore\nflag in OnlineStoreConfig.\n\n\nYou can also include an Amazon Web Services KMS key ID (KMSKeyId) for at-rest\nencryption of the OnlineStore.\n\n\nThe default value is False." + description: "You can turn the OnlineStore on or off by specifying True for the EnableOnlineStore\nflag in OnlineStoreConfig.\n\nYou can also include an Amazon Web Services KMS key ID (KMSKeyId) for at-rest\nencryption of the OnlineStore.\n\nThe default value is False." properties: enableOnlineStore: type: "boolean" @@ -120,7 +120,7 @@ spec: type: "object" type: "object" recordIdentifierFeatureName: - description: "The name of the Feature whose value uniquely identifies a Record defined\nin the FeatureStore. Only the latest record per identifier value will be\nstored in the OnlineStore. RecordIdentifierFeatureName must be one of feature\ndefinitions' names.\n\n\nYou use the RecordIdentifierFeatureName to access data in a FeatureStore.\n\n\nThis name:\n\n\n * Must start and end with an alphanumeric character.\n\n\n * Can only contains alphanumeric characters, hyphens, underscores. Spaces\n are not allowed." + description: "The name of the Feature whose value uniquely identifies a Record defined\nin the FeatureStore. Only the latest record per identifier value will be\nstored in the OnlineStore. RecordIdentifierFeatureName must be one of feature\ndefinitions' names.\n\nYou use the RecordIdentifierFeatureName to access data in a FeatureStore.\n\nThis name:\n\n * Must start with an alphanumeric character.\n\n * Can only contains alphanumeric characters, hyphens, underscores. Spaces\n are not allowed." type: "string" roleARN: description: "The Amazon Resource Name (ARN) of the IAM execution role used to persist\ndata into the OfflineStore if an OfflineStoreConfig is provided." @@ -128,7 +128,7 @@ spec: tags: description: "Tags used to identify Features in each FeatureGroup." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -137,7 +137,7 @@ spec: type: "object" type: "array" throughputConfig: - description: "Used to set feature group throughput configuration. There are two modes:\nON_DEMAND and PROVISIONED. With on-demand mode, you are charged for data\nreads and writes that your application performs on your feature group. You\ndo not need to specify read and write throughput because Feature Store accommodates\nyour workloads as they ramp up and down. You can switch a feature group to\non-demand only once in a 24 hour period. With provisioned throughput mode,\nyou specify the read and write capacity per second that you expect your application\nto require, and you are billed based on those limits. Exceeding provisioned\nthroughput will result in your requests being throttled.\n\n\nNote: PROVISIONED throughput mode is supported only for feature groups that\nare offline-only, or use the Standard (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType)\ntier online store." + description: "Used to set feature group throughput configuration. There are two modes:\nON_DEMAND and PROVISIONED. With on-demand mode, you are charged for data\nreads and writes that your application performs on your feature group. You\ndo not need to specify read and write throughput because Feature Store accommodates\nyour workloads as they ramp up and down. You can switch a feature group to\non-demand only once in a 24 hour period. With provisioned throughput mode,\nyou specify the read and write capacity per second that you expect your application\nto require, and you are billed based on those limits. Exceeding provisioned\nthroughput will result in your requests being throttled.\n\nNote: PROVISIONED throughput mode is supported only for feature groups that\nare offline-only, or use the Standard (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType)\ntier online store." properties: provisionedReadCapacityUnits: format: "int64" @@ -161,7 +161,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -200,7 +200,7 @@ spec: type: "object" type: "array" failureReason: - description: "The reason that the FeatureGroup failed to be replicated in the OfflineStore.\nThis is failure can occur because:\n\n\n * The FeatureGroup could not be created in the OfflineStore.\n\n\n * The FeatureGroup could not be deleted from the OfflineStore." + description: "The reason that the FeatureGroup failed to be replicated in the OfflineStore.\nThis is failure can occur because:\n\n * The FeatureGroup could not be created in the OfflineStore.\n\n * The FeatureGroup could not be deleted from the OfflineStore." type: "string" featureGroupStatus: description: "The status of the feature group." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/hyperparametertuningjobs.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/hyperparametertuningjobs.yaml index aa7e34eb7..3da61083e 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/hyperparametertuningjobs.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/hyperparametertuningjobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "hyperparametertuningjobs.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -38,7 +38,7 @@ spec: description: "HyperParameterTuningJobSpec defines the desired state of HyperParameterTuningJob." properties: autotune: - description: "Configures SageMaker Automatic model tuning (AMT) to automatically find optimal\nparameters for the following fields:\n\n\n * ParameterRanges (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-ParameterRanges):\n The names and ranges of parameters that a hyperparameter tuning job can\n optimize.\n\n\n * ResourceLimits (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ResourceLimits.html):\n The maximum resources that can be used for a training job. These resources\n include the maximum number of training jobs, the maximum runtime of a\n tuning job, and the maximum number of training jobs to run at the same\n time.\n\n\n * TrainingJobEarlyStoppingType (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-TrainingJobEarlyStoppingType):\n A flag that specifies whether or not to use early stopping for training\n jobs launched by a hyperparameter tuning job.\n\n\n * RetryStrategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTrainingJobDefinition.html#sagemaker-Type-HyperParameterTrainingJobDefinition-RetryStrategy):\n The number of times to retry a training job.\n\n\n * Strategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html):\n Specifies how hyperparameter tuning chooses the combinations of hyperparameter\n values to use for the training jobs that it launches.\n\n\n * ConvergenceDetected (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ConvergenceDetected.html):\n A flag to indicate that Automatic model tuning (AMT) has detected model\n convergence." + description: "Configures SageMaker Automatic model tuning (AMT) to automatically find optimal\nparameters for the following fields:\n\n * ParameterRanges (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-ParameterRanges):\n The names and ranges of parameters that a hyperparameter tuning job can\n optimize.\n\n * ResourceLimits (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ResourceLimits.html):\n The maximum resources that can be used for a training job. These resources\n include the maximum number of training jobs, the maximum runtime of a\n tuning job, and the maximum number of training jobs to run at the same\n time.\n\n * TrainingJobEarlyStoppingType (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-TrainingJobEarlyStoppingType):\n A flag that specifies whether or not to use early stopping for training\n jobs launched by a hyperparameter tuning job.\n\n * RetryStrategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTrainingJobDefinition.html#sagemaker-Type-HyperParameterTrainingJobDefinition-RetryStrategy):\n The number of times to retry a training job.\n\n * Strategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html):\n Specifies how hyperparameter tuning chooses the combinations of hyperparameter\n values to use for the training jobs that it launches.\n\n * ConvergenceDetected (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ConvergenceDetected.html):\n A flag to indicate that Automatic model tuning (AMT) has detected model\n convergence." properties: mode: type: "string" @@ -55,7 +55,7 @@ spec: type: "string" type: "object" parameterRanges: - description: "Specifies ranges of integer, continuous, and categorical hyperparameters\nthat a hyperparameter tuning job searches. The hyperparameter tuning job\nlaunches training jobs with hyperparameter values within these ranges to\nfind the combination of values that result in the training job with the best\nperformance as measured by the objective metric of the hyperparameter tuning\njob.\n\n\nThe maximum number of items specified for Array Members refers to the maximum\nnumber of hyperparameters for each range and also the maximum for the hyperparameter\ntuning job itself. That is, the sum of the number of hyperparameters for\nall the ranges can't exceed the maximum number specified." + description: "Specifies ranges of integer, continuous, and categorical hyperparameters\nthat a hyperparameter tuning job searches. The hyperparameter tuning job\nlaunches training jobs with hyperparameter values within these ranges to\nfind the combination of values that result in the training job with the best\nperformance as measured by the objective metric of the hyperparameter tuning\njob.\n\nThe maximum number of items specified for Array Members refers to the maximum\nnumber of hyperparameters for each range and also the maximum for the hyperparameter\ntuning job itself. That is, the sum of the number of hyperparameters for\nall the ranges can't exceed the maximum number specified." properties: autoParameters: items: @@ -134,9 +134,9 @@ spec: description: "The name of the tuning job. This name is the prefix for the names of all\ntraining jobs that this tuning job launches. The name must be unique within\nthe same Amazon Web Services account and Amazon Web Services Region. The\nname must have 1 to 32 characters. Valid characters are a-z, A-Z, 0-9, and\n: + = @ _ % - (hyphen). The name is not case sensitive." type: "string" tags: - description: "An array of key-value pairs. You can use tags to categorize your Amazon Web\nServices resources in different ways, for example, by purpose, owner, or\nenvironment. For more information, see Tagging Amazon Web Services Resources\n(https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\n\n\nTags that you specify for the tuning job are also added to all training jobs\nthat the tuning job launches." + description: "An array of key-value pairs. You can use tags to categorize your Amazon Web\nServices resources in different ways, for example, by purpose, owner, or\nenvironment. For more information, see Tagging Amazon Web Services Resources\n(https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\n\nTags that you specify for the tuning job are also added to all training jobs\nthat the tuning job launches." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -165,7 +165,7 @@ spec: trainingImage: type: "string" trainingInputMode: - description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\n\nPipe mode\n\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\n\nFile mode\n\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\n\nFastFile mode\n\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." + description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\nPipe mode\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\nFile mode\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\nFastFile mode\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." type: "string" type: "object" checkpointConfig: @@ -185,7 +185,7 @@ spec: enableNetworkIsolation: type: "boolean" hyperParameterRanges: - description: "Specifies ranges of integer, continuous, and categorical hyperparameters\nthat a hyperparameter tuning job searches. The hyperparameter tuning job\nlaunches training jobs with hyperparameter values within these ranges to\nfind the combination of values that result in the training job with the best\nperformance as measured by the objective metric of the hyperparameter tuning\njob.\n\n\nThe maximum number of items specified for Array Members refers to the maximum\nnumber of hyperparameters for each range and also the maximum for the hyperparameter\ntuning job itself. That is, the sum of the number of hyperparameters for\nall the ranges can't exceed the maximum number specified." + description: "Specifies ranges of integer, continuous, and categorical hyperparameters\nthat a hyperparameter tuning job searches. The hyperparameter tuning job\nlaunches training jobs with hyperparameter values within these ranges to\nfind the combination of values that result in the training job with the best\nperformance as measured by the objective metric of the hyperparameter tuning\njob.\n\nThe maximum number of items specified for Array Members refers to the maximum\nnumber of hyperparameters for each range and also the maximum for the hyperparameter\ntuning job itself. That is, the sum of the number of hyperparameters for\nall the ranges can't exceed the maximum number specified." properties: autoParameters: items: @@ -264,7 +264,7 @@ spec: type: "string" type: "object" s3DataSource: - description: "Describes the S3 data source.\n\n\nYour input bucket must be in the same Amazon Web Services region as your\ntraining job." + description: "Describes the S3 data source.\n\nYour input bucket must be in the same Amazon Web Services region as your\ntraining job." properties: attributeNames: items: @@ -283,12 +283,12 @@ spec: type: "object" type: "object" inputMode: - description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\n\nPipe mode\n\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\n\nFile mode\n\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\n\nFastFile mode\n\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." + description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\nPipe mode\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\nFile mode\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\nFastFile mode\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." type: "string" recordWrapperType: type: "string" shuffleConfig: - description: "A configuration for a shuffle option for input data in a channel. If you\nuse S3Prefix for S3DataType, the results of the S3 key prefix matches are\nshuffled. If you use ManifestFile, the order of the S3 object references\nin the ManifestFile is shuffled. If you use AugmentedManifestFile, the order\nof the JSON lines in the AugmentedManifestFile is shuffled. The shuffling\norder is determined using the Seed value.\n\n\nFor Pipe input mode, when ShuffleConfig is specified shuffling is done at\nthe start of every epoch. With large datasets, this ensures that the order\nof the training data is different for each epoch, and it helps reduce bias\nand possible overfitting. In a multi-node training job when ShuffleConfig\nis combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled\nacross nodes so that the content sent to a particular node on the first epoch\nmight be sent to a different node on the second epoch." + description: "A configuration for a shuffle option for input data in a channel. If you\nuse S3Prefix for S3DataType, the results of the S3 key prefix matches are\nshuffled. If you use ManifestFile, the order of the S3 object references\nin the ManifestFile is shuffled. If you use AugmentedManifestFile, the order\nof the JSON lines in the AugmentedManifestFile is shuffled. The shuffling\norder is determined using the Seed value.\n\nFor Pipe input mode, when ShuffleConfig is specified shuffling is done at\nthe start of every epoch. With large datasets, this ensures that the order\nof the training data is different for each epoch, and it helps reduce bias\nand possible overfitting. In a multi-node training job when ShuffleConfig\nis combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled\nacross nodes so that the content sent to a particular node on the first epoch\nmight be sent to a different node on the second epoch." properties: seed: format: "int64" @@ -351,7 +351,7 @@ spec: type: "string" type: "object" stoppingCondition: - description: "Specifies a limit to how long a model training job or model compilation job\ncan run. It also specifies how long a managed spot training job has to complete.\nWhen the job reaches the time limit, SageMaker ends the training or compilation\njob. Use this API to cap model training costs.\n\n\nTo stop a training job, SageMaker sends the algorithm the SIGTERM signal,\nwhich delays job termination for 120 seconds. Algorithms can use this 120-second\nwindow to save the model artifacts, so the results of training are not lost.\n\n\nThe training algorithms provided by SageMaker automatically save the intermediate\nresults of a model training job when possible. This attempt to save artifacts\nis only a best effort case as model might not be in a state from which it\ncan be saved. For example, if training has just started, the model might\nnot be ready to save. When saved, this intermediate data is a valid model\nartifact. You can use it to create a model with CreateModel.\n\n\nThe Neural Topic Model (NTM) currently does not support saving intermediate\nmodel artifacts. When training NTMs, make sure that the maximum runtime is\nsufficient for the training job to complete." + description: "Specifies a limit to how long a job can run. When the job reaches the time\nlimit, SageMaker ends the job. Use this API to cap costs.\n\nTo stop a training job, SageMaker sends the algorithm the SIGTERM signal,\nwhich delays job termination for 120 seconds. Algorithms can use this 120-second\nwindow to save the model artifacts, so the results of training are not lost.\n\nThe training algorithms provided by SageMaker automatically save the intermediate\nresults of a model training job when possible. This attempt to save artifacts\nis only a best effort case as model might not be in a state from which it\ncan be saved. For example, if training has just started, the model might\nnot be ready to save. When saved, this intermediate data is a valid model\nartifact. You can use it to create a model with CreateModel.\n\nThe Neural Topic Model (NTM) currently does not support saving intermediate\nmodel artifacts. When training NTMs, make sure that the maximum runtime is\nsufficient for the training job to complete." properties: maxPendingTimeInSeconds: description: "Maximum job scheduler pending time in seconds." @@ -408,7 +408,7 @@ spec: trainingImage: type: "string" trainingInputMode: - description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\n\nPipe mode\n\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\n\nFile mode\n\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\n\nFastFile mode\n\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." + description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\nPipe mode\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\nFile mode\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\nFastFile mode\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." type: "string" type: "object" checkpointConfig: @@ -428,7 +428,7 @@ spec: enableNetworkIsolation: type: "boolean" hyperParameterRanges: - description: "Specifies ranges of integer, continuous, and categorical hyperparameters\nthat a hyperparameter tuning job searches. The hyperparameter tuning job\nlaunches training jobs with hyperparameter values within these ranges to\nfind the combination of values that result in the training job with the best\nperformance as measured by the objective metric of the hyperparameter tuning\njob.\n\n\nThe maximum number of items specified for Array Members refers to the maximum\nnumber of hyperparameters for each range and also the maximum for the hyperparameter\ntuning job itself. That is, the sum of the number of hyperparameters for\nall the ranges can't exceed the maximum number specified." + description: "Specifies ranges of integer, continuous, and categorical hyperparameters\nthat a hyperparameter tuning job searches. The hyperparameter tuning job\nlaunches training jobs with hyperparameter values within these ranges to\nfind the combination of values that result in the training job with the best\nperformance as measured by the objective metric of the hyperparameter tuning\njob.\n\nThe maximum number of items specified for Array Members refers to the maximum\nnumber of hyperparameters for each range and also the maximum for the hyperparameter\ntuning job itself. That is, the sum of the number of hyperparameters for\nall the ranges can't exceed the maximum number specified." properties: autoParameters: items: @@ -507,7 +507,7 @@ spec: type: "string" type: "object" s3DataSource: - description: "Describes the S3 data source.\n\n\nYour input bucket must be in the same Amazon Web Services region as your\ntraining job." + description: "Describes the S3 data source.\n\nYour input bucket must be in the same Amazon Web Services region as your\ntraining job." properties: attributeNames: items: @@ -526,12 +526,12 @@ spec: type: "object" type: "object" inputMode: - description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\n\nPipe mode\n\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\n\nFile mode\n\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\n\nFastFile mode\n\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." + description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\nPipe mode\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\nFile mode\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\nFastFile mode\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." type: "string" recordWrapperType: type: "string" shuffleConfig: - description: "A configuration for a shuffle option for input data in a channel. If you\nuse S3Prefix for S3DataType, the results of the S3 key prefix matches are\nshuffled. If you use ManifestFile, the order of the S3 object references\nin the ManifestFile is shuffled. If you use AugmentedManifestFile, the order\nof the JSON lines in the AugmentedManifestFile is shuffled. The shuffling\norder is determined using the Seed value.\n\n\nFor Pipe input mode, when ShuffleConfig is specified shuffling is done at\nthe start of every epoch. With large datasets, this ensures that the order\nof the training data is different for each epoch, and it helps reduce bias\nand possible overfitting. In a multi-node training job when ShuffleConfig\nis combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled\nacross nodes so that the content sent to a particular node on the first epoch\nmight be sent to a different node on the second epoch." + description: "A configuration for a shuffle option for input data in a channel. If you\nuse S3Prefix for S3DataType, the results of the S3 key prefix matches are\nshuffled. If you use ManifestFile, the order of the S3 object references\nin the ManifestFile is shuffled. If you use AugmentedManifestFile, the order\nof the JSON lines in the AugmentedManifestFile is shuffled. The shuffling\norder is determined using the Seed value.\n\nFor Pipe input mode, when ShuffleConfig is specified shuffling is done at\nthe start of every epoch. With large datasets, this ensures that the order\nof the training data is different for each epoch, and it helps reduce bias\nand possible overfitting. In a multi-node training job when ShuffleConfig\nis combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled\nacross nodes so that the content sent to a particular node on the first epoch\nmight be sent to a different node on the second epoch." properties: seed: format: "int64" @@ -594,7 +594,7 @@ spec: type: "string" type: "object" stoppingCondition: - description: "Specifies a limit to how long a model training job or model compilation job\ncan run. It also specifies how long a managed spot training job has to complete.\nWhen the job reaches the time limit, SageMaker ends the training or compilation\njob. Use this API to cap model training costs.\n\n\nTo stop a training job, SageMaker sends the algorithm the SIGTERM signal,\nwhich delays job termination for 120 seconds. Algorithms can use this 120-second\nwindow to save the model artifacts, so the results of training are not lost.\n\n\nThe training algorithms provided by SageMaker automatically save the intermediate\nresults of a model training job when possible. This attempt to save artifacts\nis only a best effort case as model might not be in a state from which it\ncan be saved. For example, if training has just started, the model might\nnot be ready to save. When saved, this intermediate data is a valid model\nartifact. You can use it to create a model with CreateModel.\n\n\nThe Neural Topic Model (NTM) currently does not support saving intermediate\nmodel artifacts. When training NTMs, make sure that the maximum runtime is\nsufficient for the training job to complete." + description: "Specifies a limit to how long a job can run. When the job reaches the time\nlimit, SageMaker ends the job. Use this API to cap costs.\n\nTo stop a training job, SageMaker sends the algorithm the SIGTERM signal,\nwhich delays job termination for 120 seconds. Algorithms can use this 120-second\nwindow to save the model artifacts, so the results of training are not lost.\n\nThe training algorithms provided by SageMaker automatically save the intermediate\nresults of a model training job when possible. This attempt to save artifacts\nis only a best effort case as model might not be in a state from which it\ncan be saved. For example, if training has just started, the model might\nnot be ready to save. When saved, this intermediate data is a valid model\nartifact. You can use it to create a model with CreateModel.\n\nThe Neural Topic Model (NTM) currently does not support saving intermediate\nmodel artifacts. When training NTMs, make sure that the maximum runtime is\nsufficient for the training job to complete." properties: maxPendingTimeInSeconds: description: "Maximum job scheduler pending time in seconds." @@ -630,7 +630,7 @@ spec: type: "object" type: "array" warmStartConfig: - description: "Specifies the configuration for starting the hyperparameter tuning job using\none or more previous tuning jobs as a starting point. The results of previous\ntuning jobs are used to inform which combinations of hyperparameters to search\nover in the new tuning job.\n\n\nAll training jobs launched by the new hyperparameter tuning job are evaluated\nby using the objective metric. If you specify IDENTICAL_DATA_AND_ALGORITHM\nas the WarmStartType value for the warm start configuration, the training\njob that performs the best in the new tuning job is compared to the best\ntraining jobs from the parent tuning jobs. From these, the training job that\nperforms the best as measured by the objective metric is returned as the\noverall best training job.\n\n\nAll training jobs launched by parent hyperparameter tuning jobs and the new\nhyperparameter tuning jobs count against the limit of training jobs for the\ntuning job." + description: "Specifies the configuration for starting the hyperparameter tuning job using\none or more previous tuning jobs as a starting point. The results of previous\ntuning jobs are used to inform which combinations of hyperparameters to search\nover in the new tuning job.\n\nAll training jobs launched by the new hyperparameter tuning job are evaluated\nby using the objective metric. If you specify IDENTICAL_DATA_AND_ALGORITHM\nas the WarmStartType value for the warm start configuration, the training\njob that performs the best in the new tuning job is compared to the best\ntraining jobs from the parent tuning jobs. From these, the training job that\nperforms the best as measured by the objective metric is returned as the\noverall best training job.\n\nAll training jobs launched by parent hyperparameter tuning jobs and the new\nhyperparameter tuning jobs count against the limit of training jobs for the\ntuning job." properties: parentHyperParameterTuningJobs: items: @@ -654,7 +654,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelbiasjobdefinitions.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelbiasjobdefinitions.yaml index 71d1d9f3f..8fc2709ed 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelbiasjobdefinitions.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelbiasjobdefinitions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "modelbiasjobdefinitions.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -165,7 +165,7 @@ spec: tags: description: "(Optional) An array of key-value pairs. For more information, see Using Cost\nAllocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL)\nin the Amazon Web Services Billing and Cost Management User Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -188,7 +188,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelexplainabilityjobdefinitions.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelexplainabilityjobdefinitions.yaml index ce05d03d7..3f948931d 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelexplainabilityjobdefinitions.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelexplainabilityjobdefinitions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "modelexplainabilityjobdefinitions.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -159,7 +159,7 @@ spec: tags: description: "(Optional) An array of key-value pairs. For more information, see Using Cost\nAllocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL)\nin the Amazon Web Services Billing and Cost Management User Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -182,7 +182,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackagegroups.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackagegroups.yaml index c06fd7260..0ab048da5 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackagegroups.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackagegroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "modelpackagegroups.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -31,7 +31,7 @@ spec: metadata: type: "object" spec: - description: "ModelPackageGroupSpec defines the desired state of ModelPackageGroup.\n\n\nA group of versioned models in the model registry." + description: "ModelPackageGroupSpec defines the desired state of ModelPackageGroup.\n\nA group of versioned models in the model registry." properties: modelPackageGroupDescription: description: "A description for the model group." @@ -42,7 +42,7 @@ spec: tags: description: "A list of key value pairs associated with the model group. For more information,\nsee Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)\nin the Amazon Web Services General Reference Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -60,7 +60,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackages.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackages.yaml index 800579e05..2b1b821e0 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackages.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelpackages.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "modelpackages.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -31,7 +31,7 @@ spec: metadata: type: "object" spec: - description: "ModelPackageSpec defines the desired state of ModelPackage.\n\n\nA versioned model that can be deployed for SageMaker inference." + description: "ModelPackageSpec defines the desired state of ModelPackage.\n\nA versioned model that can be deployed for SageMaker inference." properties: additionalInferenceSpecifications: description: "An array of additional Inference Specification objects. Each additional Inference\nSpecification specifies artifacts based on this model package that can be\nused on inference endpoints. Generally used with SageMaker Neo to store the\ncompiled artifacts." @@ -106,7 +106,7 @@ spec: description: "A description for the approval status of the model." type: "string" certifyForMarketplace: - description: "Whether to certify the model package for listing on Amazon Web Services Marketplace.\n\n\nThis parameter is optional for unversioned models, and does not apply to\nversioned models." + description: "Whether to certify the model package for listing on Amazon Web Services Marketplace.\n\nThis parameter is optional for unversioned models, and does not apply to\nversioned models." type: "boolean" clientToken: description: "A unique token that guarantees that the call to this API is idempotent." @@ -230,7 +230,7 @@ spec: type: "object" type: "object" inferenceSpecification: - description: "Specifies details about inference jobs that can be run with models based\non this model package, including the following:\n\n\n * The Amazon ECR paths of containers that contain the inference code and\n model artifacts.\n\n\n * The instance types that the model package supports for transform jobs\n and real-time endpoints used for inference.\n\n\n * The input and output content formats that the model package supports\n for inference." + description: "Specifies details about inference jobs that you can run with models based\non this model package, including the following information:\n\n * The Amazon ECR paths of containers that contain the inference code and\n model artifacts.\n\n * The instance types that the model package supports for transform jobs\n and real-time endpoints used for inference.\n\n * The input and output content formats that the model package supports\n for inference." properties: containers: items: @@ -304,7 +304,7 @@ spec: type: "string" type: "object" modelApprovalStatus: - description: "Whether the model is approved for deployment.\n\n\nThis parameter is optional for versioned models, and does not apply to unversioned\nmodels.\n\n\nFor versioned models, the value of this parameter must be set to Approved\nto deploy the model." + description: "Whether the model is approved for deployment.\n\nThis parameter is optional for versioned models, and does not apply to unversioned\nmodels.\n\nFor versioned models, the value of this parameter must be set to Approved\nto deploy the model." type: "string" modelMetrics: description: "A structure that contains model metrics reports." @@ -410,10 +410,10 @@ spec: description: "A description of the model package." type: "string" modelPackageGroupName: - description: "The name or Amazon Resource Name (ARN) of the model package group that this\nmodel version belongs to.\n\n\nThis parameter is required for versioned models, and does not apply to unversioned\nmodels." + description: "The name or Amazon Resource Name (ARN) of the model package group that this\nmodel version belongs to.\n\nThis parameter is required for versioned models, and does not apply to unversioned\nmodels." type: "string" modelPackageName: - description: "The name of the model package. The name must have 1 to 63 characters. Valid\ncharacters are a-z, A-Z, 0-9, and - (hyphen).\n\n\nThis parameter is required for unversioned models. It is not applicable to\nversioned models." + description: "The name of the model package. The name must have 1 to 63 characters. Valid\ncharacters are a-z, A-Z, 0-9, and - (hyphen).\n\nThis parameter is required for unversioned models. It is not applicable to\nversioned models." type: "string" samplePayloadURL: description: "The Amazon Simple Storage Service (Amazon S3) path where the sample payload\nis stored. This path must point to a single gzip compressed tar archive (.tar.gz\nsuffix). This archive can hold multiple files that are all equally used in\nthe load test. Each file in the archive must satisfy the size constraints\nof the InvokeEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html#API_runtime_InvokeEndpoint_RequestSyntax)\ncall." @@ -436,9 +436,9 @@ spec: type: "array" type: "object" tags: - description: "A list of key value pairs associated with the model. For more information,\nsee Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)\nin the Amazon Web Services General Reference Guide.\n\n\nIf you supply ModelPackageGroupName, your model package belongs to the model\ngroup you specify and uses the tags associated with the model group. In this\ncase, you cannot supply a tag argument." + description: "A list of key value pairs associated with the model. For more information,\nsee Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)\nin the Amazon Web Services General Reference Guide.\n\nIf you supply ModelPackageGroupName, your model package belongs to the model\ngroup you specify and uses the tags associated with the model group. In this\ncase, you cannot supply a tag argument." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -447,14 +447,14 @@ spec: type: "object" type: "array" task: - description: "The machine learning task your model package accomplishes. Common machine\nlearning tasks include object detection and image classification. The following\ntasks are supported by Inference Recommender: \"IMAGE_CLASSIFICATION\" | \"OBJECT_DETECTION\"\n| \"TEXT_GENERATION\" |\"IMAGE_SEGMENTATION\" | \"FILL_MASK\" | \"CLASSIFICATION\"\n| \"REGRESSION\" | \"OTHER\".\n\n\nSpecify \"OTHER\" if none of the tasks listed fit your use case." + description: "The machine learning task your model package accomplishes. Common machine\nlearning tasks include object detection and image classification. The following\ntasks are supported by Inference Recommender: \"IMAGE_CLASSIFICATION\" | \"OBJECT_DETECTION\"\n| \"TEXT_GENERATION\" |\"IMAGE_SEGMENTATION\" | \"FILL_MASK\" | \"CLASSIFICATION\"\n| \"REGRESSION\" | \"OTHER\".\n\nSpecify \"OTHER\" if none of the tasks listed fit your use case." type: "string" validationSpecification: description: "Specifies configurations for one or more transform jobs that SageMaker runs\nto test the model package." properties: validationProfiles: items: - description: "Contains data, such as the inputs and targeted instance types that are used\nin the process of validating the model package.\n\n\nThe data provided in the validation profile is made available to your buyers\non Amazon Web Services Marketplace." + description: "Contains data, such as the inputs and targeted instance types that are used\nin the process of validating the model package.\n\nThe data provided in the validation profile is made available to your buyers\non Amazon Web Services Marketplace." properties: profileName: type: "string" @@ -532,7 +532,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelqualityjobdefinitions.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelqualityjobdefinitions.yaml index 5385f2319..4f6c0c3de 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelqualityjobdefinitions.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/modelqualityjobdefinitions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "modelqualityjobdefinitions.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -177,7 +177,7 @@ spec: tags: description: "(Optional) An array of key-value pairs. For more information, see Using Cost\nAllocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL)\nin the Amazon Web Services Billing and Cost Management User Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -200,7 +200,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/models.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/models.yaml index 9dfc58482..850c602c6 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/models.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/models.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "models.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -27,7 +27,7 @@ spec: metadata: type: "object" spec: - description: "ModelSpec defines the desired state of Model.\n\n\nThe properties of a model as returned by the Search (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html)\nAPI." + description: "ModelSpec defines the desired state of Model.\n\nThe properties of a model as returned by the Search (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html)\nAPI." properties: containers: description: "Specifies the containers in the inference pipeline." @@ -67,7 +67,7 @@ spec: compressionType: type: "string" modelAccessConfig: - description: "The access configuration file to control access to the ML model. You can\nexplicitly accept the model end-user license agreement (EULA) within the\nModelAccessConfig.\n\n\n * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula)\n section for more details on accepting the EULA.\n\n\n * If you are an AutoML user, see the Optional Parameters section of Create\n an AutoML job to fine-tune text generation models using the API for details\n on How to set the EULA acceptance when fine-tuning a model using the AutoML\n API (https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-create-experiment-finetune-llms.html#autopilot-llms-finetuning-api-optional-params)." + description: "The access configuration file to control access to the ML model. You can\nexplicitly accept the model end-user license agreement (EULA) within the\nModelAccessConfig.\n\n * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula)\n section for more details on accepting the EULA.\n\n * If you are an AutoML user, see the Optional Parameters section of Create\n an AutoML job to fine-tune text generation models using the API for details\n on How to set the EULA acceptance when fine-tuning a model using the AutoML\n API (https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-create-experiment-finetune-llms.html#autopilot-llms-finetuning-api-optional-params)." properties: acceptEula: type: "boolean" @@ -94,7 +94,7 @@ spec: description: "Isolates the model container. No inbound or outbound network calls can be\nmade to or from the model container." type: "boolean" executionRoleARN: - description: "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume\nto access model artifacts and docker image for deployment on ML compute instances\nor for batch transform jobs. Deploying on ML compute instances is part of\nmodel hosting. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\n\nTo be able to pass this role to SageMaker, the caller of this API must have\nthe iam:PassRole permission." + description: "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume\nto access model artifacts and docker image for deployment on ML compute instances\nor for batch transform jobs. Deploying on ML compute instances is part of\nmodel hosting. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\nTo be able to pass this role to SageMaker, the caller of this API must have\nthe iam:PassRole permission." type: "string" inferenceExecutionConfig: description: "Specifies details of how containers in a multi-container endpoint are called." @@ -141,7 +141,7 @@ spec: compressionType: type: "string" modelAccessConfig: - description: "The access configuration file to control access to the ML model. You can\nexplicitly accept the model end-user license agreement (EULA) within the\nModelAccessConfig.\n\n\n * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula)\n section for more details on accepting the EULA.\n\n\n * If you are an AutoML user, see the Optional Parameters section of Create\n an AutoML job to fine-tune text generation models using the API for details\n on How to set the EULA acceptance when fine-tuning a model using the AutoML\n API (https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-create-experiment-finetune-llms.html#autopilot-llms-finetuning-api-optional-params)." + description: "The access configuration file to control access to the ML model. You can\nexplicitly accept the model end-user license agreement (EULA) within the\nModelAccessConfig.\n\n * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula)\n section for more details on accepting the EULA.\n\n * If you are an AutoML user, see the Optional Parameters section of Create\n an AutoML job to fine-tune text generation models using the API for details\n on How to set the EULA acceptance when fine-tuning a model using the AutoML\n API (https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-create-experiment-finetune-llms.html#autopilot-llms-finetuning-api-optional-params)." properties: acceptEula: type: "boolean" @@ -166,7 +166,7 @@ spec: tags: description: "An array of key-value pairs. You can use tags to categorize your Amazon Web\nServices resources in different ways, for example, by purpose, owner, or\nenvironment. For more information, see Tagging Amazon Web Services Resources\n(https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -196,7 +196,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/monitoringschedules.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/monitoringschedules.yaml index c75b42c70..3b8b1da3d 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/monitoringschedules.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/monitoringschedules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "monitoringschedules.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -35,7 +35,7 @@ spec: metadata: type: "object" spec: - description: "MonitoringScheduleSpec defines the desired state of MonitoringSchedule.\n\n\nA schedule for a model monitoring job. For information about model monitor,\nsee Amazon SageMaker Model Monitor (https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor.html)." + description: "MonitoringScheduleSpec defines the desired state of MonitoringSchedule.\n\nA schedule for a model monitoring job. For information about model monitor,\nsee Amazon SageMaker Model Monitor (https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor.html)." properties: monitoringScheduleConfig: description: "The configuration object that specifies the monitoring schedule and defines\nthe monitoring job." @@ -206,7 +206,7 @@ spec: tags: description: "(Optional) An array of key-value pairs. For more information, see Using Cost\nAllocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL)\nin the Amazon Web Services Billing and Cost Management User Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -225,7 +225,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstancelifecycleconfigs.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstancelifecycleconfigs.yaml index abca26cf4..f9332142d 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstancelifecycleconfigs.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstancelifecycleconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "notebookinstancelifecycleconfigs.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -42,7 +42,7 @@ spec: onCreate: description: "A shell script that runs only once, when you create a notebook instance.\nThe shell script must be a base64-encoded string." items: - description: "Contains the notebook instance lifecycle configuration script.\n\n\nEach lifecycle configuration script has a limit of 16384 characters.\n\n\nThe value of the $PATH environment variable that is available to both scripts\nis /sbin:bin:/usr/sbin:/usr/bin.\n\n\nView Amazon CloudWatch Logs for notebook instance lifecycle configurations\nin log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook].\n\n\nLifecycle configuration scripts cannot run for longer than 5 minutes. If\na script runs for longer than 5 minutes, it fails and the notebook instance\nis not created or started.\n\n\nFor information about notebook instance lifestyle configurations, see Step\n2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html)." + description: "Contains the notebook instance lifecycle configuration script.\n\nEach lifecycle configuration script has a limit of 16384 characters.\n\nThe value of the $PATH environment variable that is available to both scripts\nis /sbin:bin:/usr/sbin:/usr/bin.\n\nView Amazon CloudWatch Logs for notebook instance lifecycle configurations\nin log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook].\n\nLifecycle configuration scripts cannot run for longer than 5 minutes. If\na script runs for longer than 5 minutes, it fails and the notebook instance\nis not created or started.\n\nFor information about notebook instance lifestyle configurations, see Step\n2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html)." properties: content: type: "string" @@ -51,7 +51,7 @@ spec: onStart: description: "A shell script that runs every time you start a notebook instance, including\nwhen you create the notebook instance. The shell script must be a base64-encoded\nstring." items: - description: "Contains the notebook instance lifecycle configuration script.\n\n\nEach lifecycle configuration script has a limit of 16384 characters.\n\n\nThe value of the $PATH environment variable that is available to both scripts\nis /sbin:bin:/usr/sbin:/usr/bin.\n\n\nView Amazon CloudWatch Logs for notebook instance lifecycle configurations\nin log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook].\n\n\nLifecycle configuration scripts cannot run for longer than 5 minutes. If\na script runs for longer than 5 minutes, it fails and the notebook instance\nis not created or started.\n\n\nFor information about notebook instance lifestyle configurations, see Step\n2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html)." + description: "Contains the notebook instance lifecycle configuration script.\n\nEach lifecycle configuration script has a limit of 16384 characters.\n\nThe value of the $PATH environment variable that is available to both scripts\nis /sbin:bin:/usr/sbin:/usr/bin.\n\nView Amazon CloudWatch Logs for notebook instance lifecycle configurations\nin log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook].\n\nLifecycle configuration scripts cannot run for longer than 5 minutes. If\na script runs for longer than 5 minutes, it fails and the notebook instance\nis not created or started.\n\nFor information about notebook instance lifestyle configurations, see Step\n2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html)." properties: content: type: "string" @@ -67,7 +67,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstances.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstances.yaml index 0b24d62ec..e2d7432dc 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstances.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/notebookinstances.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "notebookinstances.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -38,7 +38,7 @@ spec: description: "NotebookInstanceSpec defines the desired state of NotebookInstance." properties: acceleratorTypes: - description: "A list of Elastic Inference (EI) instance types to associate with this notebook\ninstance. Currently, only one instance type can be associated with a notebook\ninstance. For more information, see Using Elastic Inference in Amazon SageMaker\n(https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html)." + description: "This parameter is no longer supported. Elastic Inference (EI) is no longer\navailable.\n\nThis parameter was used to specify a list of EI instance types to associate\nwith this notebook instance." items: type: "string" type: "array" @@ -51,7 +51,7 @@ spec: description: "A Git repository to associate with the notebook instance as its default code\nrepository. This can be either the name of a Git repository stored as a resource\nin your account, or the URL of a Git repository in Amazon Web Services CodeCommit\n(https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or\nin any other Git repository. When you open a notebook instance, it opens\nin the directory that contains this repository. For more information, see\nAssociating Git Repositories with SageMaker Notebook Instances (https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html)." type: "string" directInternetAccess: - description: "Sets whether SageMaker provides internet access to the notebook instance.\nIf you set this to Disabled this notebook instance is able to access resources\nonly in your VPC, and is not be able to connect to SageMaker training and\nendpoint services unless you configure a NAT Gateway in your VPC.\n\n\nFor more information, see Notebook Instances Are Internet-Enabled by Default\n(https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access).\nYou can set the value of this parameter to Disabled only if you set a value\nfor the SubnetId parameter." + description: "Sets whether SageMaker provides internet access to the notebook instance.\nIf you set this to Disabled this notebook instance is able to access resources\nonly in your VPC, and is not be able to connect to SageMaker training and\nendpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see Notebook Instances Are Internet-Enabled by Default\n(https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access).\nYou can set the value of this parameter to Disabled only if you set a value\nfor the SubnetId parameter." type: "string" instanceType: description: "The type of ML compute instance to launch for the notebook instance." @@ -69,10 +69,10 @@ spec: description: "The platform identifier of the notebook instance runtime environment." type: "string" roleARN: - description: "When you send any requests to Amazon Web Services resources from the notebook\ninstance, SageMaker assumes this role to perform tasks on your behalf. You\nmust grant this role necessary permissions so SageMaker can perform these\ntasks. The policy must allow the SageMaker service principal (sagemaker.amazonaws.com)\npermissions to assume this role. For more information, see SageMaker Roles\n(https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\n\nTo be able to pass this role to SageMaker, the caller of this API must have\nthe iam:PassRole permission." + description: "When you send any requests to Amazon Web Services resources from the notebook\ninstance, SageMaker assumes this role to perform tasks on your behalf. You\nmust grant this role necessary permissions so SageMaker can perform these\ntasks. The policy must allow the SageMaker service principal (sagemaker.amazonaws.com)\npermissions to assume this role. For more information, see SageMaker Roles\n(https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\nTo be able to pass this role to SageMaker, the caller of this API must have\nthe iam:PassRole permission." type: "string" rootAccess: - description: "Whether root access is enabled or disabled for users of the notebook instance.\nThe default value is Enabled.\n\n\nLifecycle configurations need root access to be able to set up a notebook\ninstance. Because of this, lifecycle configurations associated with a notebook\ninstance always run with root access even if you disable root access for\nusers." + description: "Whether root access is enabled or disabled for users of the notebook instance.\nThe default value is Enabled.\n\nLifecycle configurations need root access to be able to set up a notebook\ninstance. Because of this, lifecycle configurations associated with a notebook\ninstance always run with root access even if you disable root access for\nusers." type: "string" securityGroupIDs: description: "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups\nmust be for the same VPC as specified in the subnet." @@ -85,7 +85,7 @@ spec: tags: description: "An array of key-value pairs. You can use tags to categorize your Amazon Web\nServices resources in different ways, for example, by purpose, owner, or\nenvironment. For more information, see Tagging Amazon Web Services Resources\n(https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -109,7 +109,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/processingjobs.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/processingjobs.yaml index d588c8c5d..9165fa321 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/processingjobs.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/processingjobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "processingjobs.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -35,7 +35,7 @@ spec: metadata: type: "object" spec: - description: "ProcessingJobSpec defines the desired state of ProcessingJob.\n\n\nAn Amazon SageMaker processing job that is used to analyze data and evaluate\nmodels. For more information, see Process Data and Evaluate Models (https://docs.aws.amazon.com/sagemaker/latest/dg/processing-job.html)." + description: "ProcessingJobSpec defines the desired state of ProcessingJob.\n\nAn Amazon SageMaker processing job that is used to analyze data and evaluate\nmodels. For more information, see Process Data and Evaluate Models (https://docs.aws.amazon.com/sagemaker/latest/dg/processing-job.html)." properties: appSpecification: description: "Configures the processing job to run a specified Docker container image." @@ -57,7 +57,7 @@ spec: description: "The environment variables to set in the Docker container. Up to 100 key and\nvalues entries in the map are supported." type: "object" experimentConfig: - description: "Associates a SageMaker job as a trial component with an experiment and trial.\nSpecified when you call the following APIs:\n\n\n * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html)\n\n\n * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html)\n\n\n * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html)" + description: "Associates a SageMaker job as a trial component with an experiment and trial.\nSpecified when you call the following APIs:\n\n * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html)\n\n * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html)\n\n * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html)" properties: experimentName: type: "string" @@ -243,7 +243,7 @@ spec: tags: description: "(Optional) An array of key-value pairs. For more information, see Using Cost\nAllocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-whatURL)\nin the Amazon Web Services Billing and Cost Management User Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -264,7 +264,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/trainingjobs.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/trainingjobs.yaml index a4fb0d504..1cd11f67a 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/trainingjobs.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/trainingjobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "trainingjobs.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -38,7 +38,7 @@ spec: metadata: type: "object" spec: - description: "TrainingJobSpec defines the desired state of TrainingJob.\n\n\nContains information about a training job." + description: "TrainingJobSpec defines the desired state of TrainingJob.\n\nContains information about a training job." properties: algorithmSpecification: description: "The registry path of the Docker image that contains the training algorithm\nand algorithm-specific metadata, including the input mode. For more information\nabout algorithms provided by SageMaker, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\nFor information about providing your own algorithms, see Using Your Own Algorithms\nwith Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html)." @@ -60,7 +60,7 @@ spec: trainingImage: type: "string" trainingInputMode: - description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\n\nPipe mode\n\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\n\nFile mode\n\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\n\nFastFile mode\n\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." + description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\nPipe mode\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\nFile mode\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\nFastFile mode\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." type: "string" type: "object" checkpointConfig: @@ -123,7 +123,7 @@ spec: description: "To encrypt all communications between ML compute instances in distributed\ntraining, choose True. Encryption provides greater security for distributed\ntraining, but training might take longer. How long it takes depends on the\namount of communication between compute instances, especially if you use\na deep learning algorithm in distributed training. For more information,\nsee Protect Communications Between ML Compute Instances in a Distributed\nTraining Job (https://docs.aws.amazon.com/sagemaker/latest/dg/train-encrypt.html)." type: "boolean" enableManagedSpotTraining: - description: "To train models using managed spot training, choose True. Managed spot training\nprovides a fully managed and scalable infrastructure for training machine\nlearning models. this option is useful when training jobs can be interrupted\nand when there is flexibility when the training job is run.\n\n\nThe complete and intermediate results of jobs are stored in an Amazon S3\nbucket, and can be used as a starting point to train models incrementally.\nAmazon SageMaker provides metrics and logs in CloudWatch. They can be used\nto see when managed spot training jobs are running, interrupted, resumed,\nor completed." + description: "To train models using managed spot training, choose True. Managed spot training\nprovides a fully managed and scalable infrastructure for training machine\nlearning models. this option is useful when training jobs can be interrupted\nand when there is flexibility when the training job is run.\n\nThe complete and intermediate results of jobs are stored in an Amazon S3\nbucket, and can be used as a starting point to train models incrementally.\nAmazon SageMaker provides metrics and logs in CloudWatch. They can be used\nto see when managed spot training jobs are running, interrupted, resumed,\nor completed." type: "boolean" enableNetworkIsolation: description: "Isolates the training container. No inbound or outbound network calls can\nbe made, except for calls between peers within a training cluster for distributed\ntraining. If you enable network isolation for training jobs that are configured\nto use a VPC, SageMaker downloads and uploads customer data and model artifacts\nthrough the specified VPC, but the training container does not have network\naccess." @@ -134,7 +134,7 @@ spec: description: "The environment variables to set in the Docker container." type: "object" experimentConfig: - description: "Associates a SageMaker job as a trial component with an experiment and trial.\nSpecified when you call the following APIs:\n\n\n * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html)\n\n\n * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html)\n\n\n * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html)" + description: "Associates a SageMaker job as a trial component with an experiment and trial.\nSpecified when you call the following APIs:\n\n * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html)\n\n * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html)\n\n * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html)" properties: experimentName: type: "string" @@ -146,7 +146,7 @@ spec: hyperParameters: additionalProperties: type: "string" - description: "Algorithm-specific parameters that influence the quality of the model. You\nset hyperparameters before you start the learning process. For a list of\nhyperparameters for each training algorithm provided by SageMaker, see Algorithms\n(https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\n\nYou can specify a maximum of 100 hyperparameters. Each hyperparameter is\na key-value pair. Each key and value is limited to 256 characters, as specified\nby the Length Constraint.\n\n\nDo not include any security-sensitive information including account access\nIDs, secrets or tokens in any hyperparameter field. If the use of security-sensitive\ncredentials are detected, SageMaker will reject your training job request\nand return an exception error." + description: "Algorithm-specific parameters that influence the quality of the model. You\nset hyperparameters before you start the learning process. For a list of\nhyperparameters for each training algorithm provided by SageMaker, see Algorithms\n(https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\nYou can specify a maximum of 100 hyperparameters. Each hyperparameter is\na key-value pair. Each key and value is limited to 256 characters, as specified\nby the Length Constraint.\n\nDo not include any security-sensitive information including account access\nIDs, secrets or tokens in any hyperparameter field. If the use of security-sensitive\ncredentials are detected, SageMaker will reject your training job request\nand return an exception error." type: "object" infraCheckConfig: description: "Contains information about the infrastructure health check configuration\nfor the training job." @@ -155,7 +155,7 @@ spec: type: "boolean" type: "object" inputDataConfig: - description: "An array of Channel objects. Each channel is a named input source. InputDataConfig\ndescribes the input data and its location.\n\n\nAlgorithms can accept input data from one or more channels. For example,\nan algorithm might have two channels of input data, training_data and validation_data.\nThe configuration for each channel provides the S3, EFS, or FSx location\nwhere the input data is stored. It also provides information about the stored\ndata: the MIME type, compression method, and whether the data is wrapped\nin RecordIO format.\n\n\nDepending on the input mode that the algorithm supports, SageMaker either\ncopies input data files from an S3 bucket to a local directory in the Docker\ncontainer, or makes it available as input streams. For example, if you specify\nan EFS location, input data files are available as input streams. They do\nnot need to be downloaded.\n\n\nYour input must be in the same Amazon Web Services region as your training\njob." + description: "An array of Channel objects. Each channel is a named input source. InputDataConfig\ndescribes the input data and its location.\n\nAlgorithms can accept input data from one or more channels. For example,\nan algorithm might have two channels of input data, training_data and validation_data.\nThe configuration for each channel provides the S3, EFS, or FSx location\nwhere the input data is stored. It also provides information about the stored\ndata: the MIME type, compression method, and whether the data is wrapped\nin RecordIO format.\n\nDepending on the input mode that the algorithm supports, SageMaker either\ncopies input data files from an S3 bucket to a local directory in the Docker\ncontainer, or makes it available as input streams. For example, if you specify\nan EFS location, input data files are available as input streams. They do\nnot need to be downloaded.\n\nYour input must be in the same Amazon Web Services region as your training\njob." items: description: "A channel is a named input source that training algorithms can consume." properties: @@ -181,7 +181,7 @@ spec: type: "string" type: "object" s3DataSource: - description: "Describes the S3 data source.\n\n\nYour input bucket must be in the same Amazon Web Services region as your\ntraining job." + description: "Describes the S3 data source.\n\nYour input bucket must be in the same Amazon Web Services region as your\ntraining job." properties: attributeNames: items: @@ -200,12 +200,12 @@ spec: type: "object" type: "object" inputMode: - description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\n\nPipe mode\n\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\n\nFile mode\n\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\n\nFastFile mode\n\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." + description: "The training input mode that the algorithm supports. For more information\nabout input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html).\n\nPipe mode\n\nIf an algorithm supports Pipe mode, Amazon SageMaker streams data directly\nfrom Amazon S3 to the container.\n\nFile mode\n\nIf an algorithm supports File mode, SageMaker downloads the training data\nfrom S3 to the provisioned ML storage volume, and mounts the directory to\nthe Docker volume for the training container.\n\nYou must provision the ML storage volume with sufficient capacity to accommodate\nthe data downloaded from S3. In addition to the training data, the ML storage\nvolume also stores the output model. The algorithm container uses the ML\nstorage volume to also store intermediate information, if any.\n\nFor distributed algorithms, training data is distributed uniformly. Your\ntraining duration is predictable if the input data objects sizes are approximately\nthe same. SageMaker does not split the files any further for model training.\nIf the object sizes are skewed, training won't be optimal as the data distribution\nis also skewed when one host in a training cluster is overloaded, thus becoming\na bottleneck in training.\n\nFastFile mode\n\nIf an algorithm supports FastFile mode, SageMaker streams data directly from\nS3 to the container with no code changes, and provides file system access\nto the data. Users can author their training script to interact with these\nfiles as if they were stored on disk.\n\nFastFile mode works best when the data is read sequentially. Augmented manifest\nfiles aren't supported. The startup time is lower when there are fewer files\nin the S3 bucket provided." type: "string" recordWrapperType: type: "string" shuffleConfig: - description: "A configuration for a shuffle option for input data in a channel. If you\nuse S3Prefix for S3DataType, the results of the S3 key prefix matches are\nshuffled. If you use ManifestFile, the order of the S3 object references\nin the ManifestFile is shuffled. If you use AugmentedManifestFile, the order\nof the JSON lines in the AugmentedManifestFile is shuffled. The shuffling\norder is determined using the Seed value.\n\n\nFor Pipe input mode, when ShuffleConfig is specified shuffling is done at\nthe start of every epoch. With large datasets, this ensures that the order\nof the training data is different for each epoch, and it helps reduce bias\nand possible overfitting. In a multi-node training job when ShuffleConfig\nis combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled\nacross nodes so that the content sent to a particular node on the first epoch\nmight be sent to a different node on the second epoch." + description: "A configuration for a shuffle option for input data in a channel. If you\nuse S3Prefix for S3DataType, the results of the S3 key prefix matches are\nshuffled. If you use ManifestFile, the order of the S3 object references\nin the ManifestFile is shuffled. If you use AugmentedManifestFile, the order\nof the JSON lines in the AugmentedManifestFile is shuffled. The shuffling\norder is determined using the Seed value.\n\nFor Pipe input mode, when ShuffleConfig is specified shuffling is done at\nthe start of every epoch. With large datasets, this ensures that the order\nof the training data is different for each epoch, and it helps reduce bias\nand possible overfitting. In a multi-node training job when ShuffleConfig\nis combined with S3DataDistributionType of ShardedByS3Key, the data is shuffled\nacross nodes so that the content sent to a particular node on the first epoch\nmight be sent to a different node on the second epoch." properties: seed: format: "int64" @@ -267,7 +267,7 @@ spec: type: "boolean" type: "object" resourceConfig: - description: "The resources, including the ML compute instances and ML storage volumes,\nto use for model training.\n\n\nML storage volumes store model artifacts and incremental states. Training\nalgorithms might also use ML storage volumes for scratch space. If you want\nSageMaker to use the ML storage volume to store the training data, choose\nFile as the TrainingInputMode in the algorithm specification. For distributed\ntraining algorithms, specify an instance count greater than 1." + description: "The resources, including the ML compute instances and ML storage volumes,\nto use for model training.\n\nML storage volumes store model artifacts and incremental states. Training\nalgorithms might also use ML storage volumes for scratch space. If you want\nSageMaker to use the ML storage volume to store the training data, choose\nFile as the TrainingInputMode in the algorithm specification. For distributed\ntraining algorithms, specify an instance count greater than 1." properties: instanceCount: format: "int64" @@ -305,10 +305,10 @@ spec: type: "integer" type: "object" roleARN: - description: "The Amazon Resource Name (ARN) of an IAM role that SageMaker can assume to\nperform tasks on your behalf.\n\n\nDuring model training, SageMaker needs your permission to read input data\nfrom an S3 bucket, download a Docker image that contains training code, write\nmodel artifacts to an S3 bucket, write logs to Amazon CloudWatch Logs, and\npublish metrics to Amazon CloudWatch. You grant permissions for all of these\ntasks to an IAM role. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\n\nTo be able to pass this role to SageMaker, the caller of this API must have\nthe iam:PassRole permission." + description: "The Amazon Resource Name (ARN) of an IAM role that SageMaker can assume to\nperform tasks on your behalf.\n\nDuring model training, SageMaker needs your permission to read input data\nfrom an S3 bucket, download a Docker image that contains training code, write\nmodel artifacts to an S3 bucket, write logs to Amazon CloudWatch Logs, and\npublish metrics to Amazon CloudWatch. You grant permissions for all of these\ntasks to an IAM role. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html).\n\nTo be able to pass this role to SageMaker, the caller of this API must have\nthe iam:PassRole permission." type: "string" stoppingCondition: - description: "Specifies a limit to how long a model training job can run. It also specifies\nhow long a managed Spot training job has to complete. When the job reaches\nthe time limit, SageMaker ends the training job. Use this API to cap model\ntraining costs.\n\n\nTo stop a job, SageMaker sends the algorithm the SIGTERM signal, which delays\njob termination for 120 seconds. Algorithms can use this 120-second window\nto save the model artifacts, so the results of training are not lost." + description: "Specifies a limit to how long a model training job can run. It also specifies\nhow long a managed Spot training job has to complete. When the job reaches\nthe time limit, SageMaker ends the training job. Use this API to cap model\ntraining costs.\n\nTo stop a job, SageMaker sends the algorithm the SIGTERM signal, which delays\njob termination for 120 seconds. Algorithms can use this 120-second window\nto save the model artifacts, so the results of training are not lost." properties: maxPendingTimeInSeconds: description: "Maximum job scheduler pending time in seconds." @@ -324,7 +324,7 @@ spec: tags: description: "An array of key-value pairs. You can use tags to categorize your Amazon Web\nServices resources in different ways, for example, by purpose, owner, or\nenvironment. For more information, see Tagging Amazon Web Services Resources\n(https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html)." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -370,7 +370,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." @@ -465,10 +465,10 @@ spec: description: "Profiling status of a training job." type: "string" secondaryStatus: - description: "Provides detailed information about the state of the training job. For detailed\ninformation on the secondary status of the training job, see StatusMessage\nunder SecondaryStatusTransition (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SecondaryStatusTransition.html).\n\n\nSageMaker provides primary statuses and secondary statuses that apply to\neach of them:\n\n\nInProgress\n\n\n * Starting - Starting the training job.\n\n\n * Downloading - An optional stage for algorithms that support File training\n input mode. It indicates that data is being downloaded to the ML storage\n volumes.\n\n\n * Training - Training is in progress.\n\n\n * Interrupted - The job stopped because the managed spot training instances\n were interrupted.\n\n\n * Uploading - Training is complete and the model artifacts are being uploaded\n to the S3 location.\n\n\nCompleted\n\n\n * Completed - The training job has completed.\n\n\nFailed\n\n\n * Failed - The training job has failed. The reason for the failure is\n returned in the FailureReason field of DescribeTrainingJobResponse.\n\n\nStopped\n\n\n * MaxRuntimeExceeded - The job stopped because it exceeded the maximum\n allowed runtime.\n\n\n * MaxWaitTimeExceeded - The job stopped because it exceeded the maximum\n allowed wait time.\n\n\n * Stopped - The training job has stopped.\n\n\nStopping\n\n\n * Stopping - Stopping the training job.\n\n\nValid values for SecondaryStatus are subject to change.\n\n\nWe no longer support the following secondary statuses:\n\n\n * LaunchingMLInstances\n\n\n * PreparingTraining\n\n\n * DownloadingTrainingImage" + description: "Provides detailed information about the state of the training job. For detailed\ninformation on the secondary status of the training job, see StatusMessage\nunder SecondaryStatusTransition (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SecondaryStatusTransition.html).\n\nSageMaker provides primary statuses and secondary statuses that apply to\neach of them:\n\nInProgress\n\n * Starting - Starting the training job.\n\n * Downloading - An optional stage for algorithms that support File training\n input mode. It indicates that data is being downloaded to the ML storage\n volumes.\n\n * Training - Training is in progress.\n\n * Interrupted - The job stopped because the managed spot training instances\n were interrupted.\n\n * Uploading - Training is complete and the model artifacts are being uploaded\n to the S3 location.\n\nCompleted\n\n * Completed - The training job has completed.\n\nFailed\n\n * Failed - The training job has failed. The reason for the failure is\n returned in the FailureReason field of DescribeTrainingJobResponse.\n\nStopped\n\n * MaxRuntimeExceeded - The job stopped because it exceeded the maximum\n allowed runtime.\n\n * MaxWaitTimeExceeded - The job stopped because it exceeded the maximum\n allowed wait time.\n\n * Stopped - The training job has stopped.\n\nStopping\n\n * Stopping - Stopping the training job.\n\nValid values for SecondaryStatus are subject to change.\n\nWe no longer support the following secondary statuses:\n\n * LaunchingMLInstances\n\n * PreparingTraining\n\n * DownloadingTrainingImage" type: "string" trainingJobStatus: - description: "The status of the training job.\n\n\nSageMaker provides the following training job statuses:\n\n\n * InProgress - The training is in progress.\n\n\n * Completed - The training job has completed.\n\n\n * Failed - The training job has failed. To see the reason for the failure,\n see the FailureReason field in the response to a DescribeTrainingJobResponse\n call.\n\n\n * Stopping - The training job is stopping.\n\n\n * Stopped - The training job has stopped.\n\n\nFor more detailed information, see SecondaryStatus." + description: "The status of the training job.\n\nSageMaker provides the following training job statuses:\n\n * InProgress - The training is in progress.\n\n * Completed - The training job has completed.\n\n * Failed - The training job has failed. To see the reason for the failure,\n see the FailureReason field in the response to a DescribeTrainingJobResponse\n call.\n\n * Stopping - The training job is stopping.\n\n * Stopped - The training job has stopped.\n\nFor more detailed information, see SecondaryStatus." type: "string" warmPoolStatus: description: "The status of the warm pool associated with the training job." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/transformjobs.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/transformjobs.yaml index 2145801ee..864c4bb5f 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/transformjobs.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/transformjobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "transformjobs.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -35,10 +35,10 @@ spec: metadata: type: "object" spec: - description: "TransformJobSpec defines the desired state of TransformJob.\n\n\nA batch transform job. For information about SageMaker batch transform, see\nUse Batch Transform (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform.html)." + description: "TransformJobSpec defines the desired state of TransformJob.\n\nA batch transform job. For information about SageMaker batch transform, see\nUse Batch Transform (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform.html)." properties: batchStrategy: - description: "Specifies the number of records to include in a mini-batch for an HTTP inference\nrequest. A record is a single unit of input data that inference can be made\non. For example, a single line in a CSV file is a record.\n\n\nTo enable the batch strategy, you must set the SplitType property to Line,\nRecordIO, or TFRecord.\n\n\nTo use only one record when making an HTTP invocation request to a container,\nset BatchStrategy to SingleRecord and SplitType to Line.\n\n\nTo fit as many records in a mini-batch as can fit within the MaxPayloadInMB\nlimit, set BatchStrategy to MultiRecord and SplitType to Line." + description: "Specifies the number of records to include in a mini-batch for an HTTP inference\nrequest. A record is a single unit of input data that inference can be made\non. For example, a single line in a CSV file is a record.\n\nTo enable the batch strategy, you must set the SplitType property to Line,\nRecordIO, or TFRecord.\n\nTo use only one record when making an HTTP invocation request to a container,\nset BatchStrategy to SingleRecord and SplitType to Line.\n\nTo fit as many records in a mini-batch as can fit within the MaxPayloadInMB\nlimit, set BatchStrategy to MultiRecord and SplitType to Line." type: "string" dataProcessing: description: "The data structure used to specify the data to be used for inference in a\nbatch transform job and to associate the data that is relevant to the prediction\nresults in the output. The input filter provided allows you to exclude input\ndata that is not needed for inference in a batch transform job. The output\nfilter provided allows you to include input data relevant to interpreting\nthe predictions in the output from the job. For more information, see Associate\nPrediction Results with their Corresponding Input Records (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform-data-processing.html)." @@ -53,10 +53,10 @@ spec: environment: additionalProperties: type: "string" - description: "The environment variables to set in the Docker container. We support up to\n16 key and values entries in the map." + description: "The environment variables to set in the Docker container. Don't include any\nsensitive data in your environment variables. We support up to 16 key and\nvalues entries in the map." type: "object" experimentConfig: - description: "Associates a SageMaker job as a trial component with an experiment and trial.\nSpecified when you call the following APIs:\n\n\n * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html)\n\n\n * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html)\n\n\n * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html)" + description: "Associates a SageMaker job as a trial component with an experiment and trial.\nSpecified when you call the following APIs:\n\n * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html)\n\n * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html)\n\n * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html)" properties: experimentName: type: "string" @@ -70,7 +70,7 @@ spec: format: "int64" type: "integer" maxPayloadInMB: - description: "The maximum allowed size of the payload, in MB. A payload is the data portion\nof a record (without metadata). The value in MaxPayloadInMB must be greater\nthan, or equal to, the size of a single record. To estimate the size of a\nrecord in MB, divide the size of your dataset by the number of records. To\nensure that the records fit within the maximum payload size, we recommend\nusing a slightly larger value. The default value is 6 MB.\n\n\nThe value of MaxPayloadInMB cannot be greater than 100 MB. If you specify\nthe MaxConcurrentTransforms parameter, the value of (MaxConcurrentTransforms\n* MaxPayloadInMB) also cannot exceed 100 MB.\n\n\nFor cases where the payload might be arbitrarily large and is transmitted\nusing HTTP chunked encoding, set the value to 0. This feature works only\nin supported algorithms. Currently, Amazon SageMaker built-in algorithms\ndo not support HTTP chunked encoding." + description: "The maximum allowed size of the payload, in MB. A payload is the data portion\nof a record (without metadata). The value in MaxPayloadInMB must be greater\nthan, or equal to, the size of a single record. To estimate the size of a\nrecord in MB, divide the size of your dataset by the number of records. To\nensure that the records fit within the maximum payload size, we recommend\nusing a slightly larger value. The default value is 6 MB.\n\nThe value of MaxPayloadInMB cannot be greater than 100 MB. If you specify\nthe MaxConcurrentTransforms parameter, the value of (MaxConcurrentTransforms\n* MaxPayloadInMB) also cannot exceed 100 MB.\n\nFor cases where the payload might be arbitrarily large and is transmitted\nusing HTTP chunked encoding, set the value to 0. This feature works only\nin supported algorithms. Currently, Amazon SageMaker built-in algorithms\ndo not support HTTP chunked encoding." format: "int64" type: "integer" modelClientConfig: @@ -89,7 +89,7 @@ spec: tags: description: "(Optional) An array of key-value pairs. For more information, see Using Cost\nAllocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what)\nin the Amazon Web Services Billing and Cost Management User Guide." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -159,7 +159,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/userprofiles.yaml b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/userprofiles.yaml index 68785f4e0..f18c4496a 100644 --- a/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/userprofiles.yaml +++ b/crd-catalog/aws-controllers-k8s/sagemaker-controller/sagemaker.services.k8s.aws/v1alpha1/userprofiles.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.2" name: "userprofiles.sagemaker.services.k8s.aws" spec: group: "sagemaker.services.k8s.aws" @@ -43,9 +43,9 @@ spec: description: "The username of the associated Amazon Web Services Single Sign-On User for\nthis UserProfile. If the Domain's AuthMode is IAM Identity Center, this field\nis required, and must match a valid username of a user in your directory.\nIf the Domain's AuthMode is not IAM Identity Center, this field cannot be\nspecified." type: "string" tags: - description: "Each tag consists of a key and an optional value. Tag keys must be unique\nper resource.\n\n\nTags that you specify for the User Profile are also added to all Apps that\nthe User Profile launches." + description: "Each tag consists of a key and an optional value. Tag keys must be unique\nper resource.\n\nTags that you specify for the User Profile are also added to all Apps that\nthe User Profile launches." items: - description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." + description: "A tag object that consists of a key and an optional value, used to manage\nmetadata for SageMaker Amazon Web Services resources.\n\nYou can add tags to notebook instances, training jobs, hyperparameter tuning\njobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations,\nand endpoints. For more information on adding tags to SageMaker resources,\nsee AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html).\n\nFor more information on adding metadata to your Amazon Web Services resources\nwith tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html).\nFor advice on best practices for managing Amazon Web Services resources with\ntagging, see Tagging Best Practices: Implement an Effective Amazon Web Services\nResource Tagging Strategy (https://d1.awsstatic.com/whitepapers/aws-tagging-best-practices.pdf)." properties: key: type: "string" @@ -60,7 +60,7 @@ spec: description: "A collection of settings." properties: codeEditorAppSettings: - description: "The Code Editor application settings.\n\n\nFor more information about Code Editor, see Get started with Code Editor\nin Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html)." + description: "The Code Editor application settings.\n\nFor more information about Code Editor, see Get started with Code Editor\nin Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html)." properties: defaultResourceSpec: description: "Specifies the ARN's of a SageMaker image and SageMaker image version, and\nthe instance type that the version runs on." @@ -224,10 +224,10 @@ spec: type: "string" type: "object" spaceStorageSettings: - description: "The default storage settings for a private space." + description: "The default storage settings for a space." properties: defaultEBSStorageSettings: - description: "A collection of default EBS storage settings that applies to private spaces\ncreated within a domain or user profile." + description: "A collection of default EBS storage settings that apply to spaces created\nwithin a domain or user profile." properties: defaultEBSVolumeSizeInGb: format: "int64" @@ -269,7 +269,7 @@ spec: description: "All CRs managed by ACK have a common `Status.ACKResourceMetadata` member\nthat is used to contain resource sync state, account ownership,\nconstructed ARN for the resource" properties: arn: - description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nTODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse\nhttps://github.com/aws/aws-controllers-k8s/issues/270" + description: "ARN is the Amazon Resource Name for the resource. This is a\nglobally-unique identifier and is set only by the ACK service controller\nonce the controller has orchestrated the creation of the resource OR\nwhen it has verified that an \"adopted\" resource (a resource where the\nARN annotation was set by the Kubernetes user on the CR) exists and\nmatches the supplied CR's Spec field values.\nhttps://github.com/aws/aws-controllers-k8s/issues/270" type: "string" ownerAccountID: description: "OwnerAccountID is the AWS Account ID of the account that owns the\nbackend AWS service API resource." diff --git a/crd-catalog/aws-controllers-k8s/secretsmanager-controller/secretsmanager.services.k8s.aws/v1alpha1/secrets.yaml b/crd-catalog/aws-controllers-k8s/secretsmanager-controller/secretsmanager.services.k8s.aws/v1alpha1/secrets.yaml index cf9c1b0ba..4e1641633 100644 --- a/crd-catalog/aws-controllers-k8s/secretsmanager-controller/secretsmanager.services.k8s.aws/v1alpha1/secrets.yaml +++ b/crd-catalog/aws-controllers-k8s/secretsmanager-controller/secretsmanager.services.k8s.aws/v1alpha1/secrets.yaml @@ -41,6 +41,9 @@ spec: name: description: "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters:\n/_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If\nyou do so, you risk confusion and unexpected results when searching for a\nsecret by partial ARN. Secrets Manager automatically adds a hyphen and six\nrandom characters after the secret name at the end of the ARN." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" replicaRegions: description: "A list of Regions and KMS keys to replicate secrets." items: @@ -53,7 +56,7 @@ spec: type: "object" type: "array" secretString: - description: "The text data to encrypt and store in this new version of the secret. We\nrecommend you use a JSON structure of key/value pairs for your secret value.\n\nEither SecretString or SecretBinary must have a value, but not both.\n\nIf you create a secret by using the Secrets Manager console then Secrets\nManager puts the protected secret text in only the SecretString parameter.\nThe Secrets Manager console stores the information as a JSON structure of\nkey/value pairs that a Lambda rotation function can parse." + description: "The text data to encrypt and store in this new version of the secret. We\nrecommend you use a JSON structure of key/value pairs for your secret value.\n\nEither SecretString or SecretBinary must have a value, but not both.\n\nIf you create a secret by using the Secrets Manager console then Secrets\nManager puts the protected secret text in only the SecretString parameter.\nThe Secrets Manager console stores the information as a JSON structure of\nkey/value pairs that a Lambda rotation function can parse.\n\nSensitive: This field contains sensitive information, so the service does\nnot include it in CloudTrail log entries. If you create your own log entries,\nyou must also avoid logging the information in this field." properties: key: description: "Key is the key within the secret" @@ -102,7 +105,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/activities.yaml b/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/activities.yaml index b48363773..64c9e3d82 100644 --- a/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/activities.yaml +++ b/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/activities.yaml @@ -30,12 +30,15 @@ spec: description: "ActivitySpec defines the desired state of Activity." properties: name: - description: "The name of the activity to create. This name must be unique for your AWS\naccount and region for 90 days. For more information, see Limits Related\nto State Machine Executions (https://docs.aws.amazon.com/step-functions/latest/dg/limits.html#service-limits-state-machine-executions)\nin the AWS Step Functions Developer Guide.\n\nA name must not contain:\n\n * white space\n\n * brackets < > { } [ ]\n\n * wildcard characters ? *\n\n * special characters \" # % \\ ^ | ~ ` $ & , ; : /\n\n * control characters (U+0000-001F, U+007F-009F)\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9,\nA-Z, a-z, - and _." + description: "The name of the activity to create. This name must be unique for your Amazon\nWeb Services account and region for 90 days. For more information, see Limits\nRelated to State Machine Executions (https://docs.aws.amazon.com/step-functions/latest/dg/limits.html#service-limits-state-machine-executions)\nin the Step Functions Developer Guide.\n\nA name must not contain:\n\n * white space" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" tags: - description: "The list of tags to add to a resource.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the AWS Billing and Cost Management User Guide, and Controlling Access\nUsing IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." + description: "The list of tags to add to a resource.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the Amazon Web Services Billing and Cost Management User Guide, and Controlling\nAccess Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." items: - description: "Tags are key-value pairs that can be associated with Step Functions state\nmachines and activities.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the AWS Billing and Cost Management User Guide, and Controlling Access\nUsing IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." + description: "Tags are key-value pairs that can be associated with Step Functions state\nmachines and activities.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the Amazon Web Services Billing and Cost Management User Guide, and Controlling\nAccess Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." properties: key: type: "string" @@ -66,7 +69,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/statemachines.yaml b/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/statemachines.yaml index af409e7c1..019fccff2 100644 --- a/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/statemachines.yaml +++ b/crd-catalog/aws-controllers-k8s/sfn-controller/sfn.services.k8s.aws/v1alpha1/statemachines.yaml @@ -33,7 +33,7 @@ spec: description: "The Amazon States Language definition of the state machine. See Amazon States\nLanguage (https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html)." type: "string" loggingConfiguration: - description: "Defines what execution history events are logged and where they are logged.\n\nBy default, the level is set to OFF. For more information see Log Levels\n(https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html)\nin the AWS Step Functions User Guide." + description: "Defines what execution history events are logged and where they are logged.\n\nBy default, the level is set to OFF. For more information see Log Levels\n(https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html)\nin the Step Functions User Guide." properties: destinations: items: @@ -51,15 +51,18 @@ spec: type: "string" type: "object" name: - description: "The name of the state machine.\n\nA name must not contain:\n\n * white space\n\n * brackets < > { } [ ]\n\n * wildcard characters ? *\n\n * special characters \" # % \\ ^ | ~ ` $ & , ; : /\n\n * control characters (U+0000-001F, U+007F-009F)\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9,\nA-Z, a-z, - and _." + description: "The name of the state machine.\n\nA name must not contain:\n\n * white space" type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" roleARN: description: "The Amazon Resource Name (ARN) of the IAM role to use for this state machine." type: "string" tags: - description: "Tags to be added when creating a state machine.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the AWS Billing and Cost Management User Guide, and Controlling Access\nUsing IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." + description: "Tags to be added when creating a state machine.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the Amazon Web Services Billing and Cost Management User Guide, and Controlling\nAccess Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." items: - description: "Tags are key-value pairs that can be associated with Step Functions state\nmachines and activities.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the AWS Billing and Cost Management User Guide, and Controlling Access\nUsing IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." + description: "Tags are key-value pairs that can be associated with Step Functions state\nmachines and activities.\n\nAn array of key-value pairs. For more information, see Using Cost Allocation\nTags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)\nin the Amazon Web Services Billing and Cost Management User Guide, and Controlling\nAccess Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).\n\nTags may only contain Unicode letters, digits, white space, or these symbols:\n_ . : / = + - @." properties: key: type: "string" @@ -68,7 +71,7 @@ spec: type: "object" type: "array" tracingConfiguration: - description: "Selects whether AWS X-Ray tracing is enabled." + description: "Selects whether X-Ray tracing is enabled." properties: enabled: type: "boolean" @@ -101,7 +104,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml index dba42dd64..a8835d059 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml @@ -137,7 +137,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml index 969ed82f1..986fe1429 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml @@ -30,7 +30,6 @@ spec: description: "PlatformEndpointSpec defines the desired state of PlatformEndpoint." properties: customUserData: - description: "Arbitrary user data to associate with the endpoint. Amazon SNS does not use\nthis data. The data must be in UTF-8 format and less than 2KB." type: "string" enabled: type: "string" @@ -38,7 +37,6 @@ spec: description: "PlatformApplicationArn returned from CreatePlatformApplication is used to\ncreate a an endpoint." type: "string" token: - description: "Unique identifier created by the notification service for an app on a device.\nThe specific name for Token will vary, depending on which notification service\nis being used. For example, when using APNS as the notification service,\nyou need the device token. Alternatively, when using GCM (Firebase Cloud\nMessaging) or ADM, the device token equivalent is called the registration\nID." type: "string" required: - "platformApplicationARN" @@ -64,7 +62,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml index a61820f97..b24268bf7 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml @@ -96,7 +96,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml index cb45b658d..4265d3523 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml @@ -71,6 +71,9 @@ spec: name: description: "The name of the topic you want to create.\n\nConstraints: Topic names must be made up of only uppercase and lowercase\nASCII letters, numbers, underscores, and hyphens, and must be between 1 and\n256 characters long.\n\nFor a FIFO (first-in-first-out) topic, the name must end with the .fifo suffix." type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" policy: type: "string" policyRef: @@ -123,7 +126,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml b/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml index 1f46ca352..7bb789d7f 100644 --- a/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml +++ b/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml @@ -96,6 +96,9 @@ spec: type: "object" queueName: type: "string" + x-kubernetes-validations: + - message: "Value is immutable once set" + rule: "self == oldSelf" receiveMessageWaitTimeSeconds: type: "string" redriveAllowPolicy: @@ -134,7 +137,7 @@ spec: - "region" type: "object" conditions: - description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" + description: "All CRs managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" items: description: "Condition is the common struct used by all CRDs managed by ACK service\ncontrollers to indicate terminal states of the CR and its backend AWS\nservice API resource" properties: diff --git a/crd-catalog/aws/amazon-cloudwatch-agent-operator/cloudwatch.aws.amazon.com/v1alpha1/amazoncloudwatchagents.yaml b/crd-catalog/aws/amazon-cloudwatch-agent-operator/cloudwatch.aws.amazon.com/v1alpha1/amazoncloudwatchagents.yaml index cca01fd86..f87e2f6b6 100644 --- a/crd-catalog/aws/amazon-cloudwatch-agent-operator/cloudwatch.aws.amazon.com/v1alpha1/amazoncloudwatchagents.yaml +++ b/crd-catalog/aws/amazon-cloudwatch-agent-operator/cloudwatch.aws.amazon.com/v1alpha1/amazoncloudwatchagents.yaml @@ -3006,6 +3006,30 @@ spec: priorityClassName: description: "If specified, indicates the pod's priority.\nIf not specified, the pod priority will be default or zero if there is no\ndefault." type: "string" + prometheus: + description: "Prometheus is the raw YAML to be used as the collector's prometheus configuration." + properties: + config: + description: "AnyConfig represent parts of the config." + type: "object" + x-kubernetes-preserve-unknown-fields: true + report_extra_scrape_metrics: + type: "boolean" + x-kubernetes-preserve-unknown-fields: true + start_time_metric_regex: + type: "string" + x-kubernetes-preserve-unknown-fields: true + target_allocator: + description: "AnyConfig represent parts of the config." + type: "object" + x-kubernetes-preserve-unknown-fields: true + trim_metric_suffixes: + type: "boolean" + x-kubernetes-preserve-unknown-fields: true + use_start_time_metric: + type: "boolean" + x-kubernetes-preserve-unknown-fields: true + type: "object" replicas: description: "Replicas is the number of pod instances for the underlying OpenTelemetry Collector. Set this if your are not using autoscaling" format: "int32" @@ -3137,6 +3161,878 @@ spec: serviceAccount: description: "ServiceAccount indicates the name of an existing service account to use with this instance. When set,\nthe operator will not automatically create a ServiceAccount for the collector." type: "string" + targetAllocator: + description: "TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not." + properties: + affinity: + description: "If specified, indicates the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + type: "object" + type: "object" + allocationStrategy: + description: "AllocationStrategy determines which strategy the target allocator should use for allocation.\nThe current option is consistent-hashing." + enum: + - "consistent-hashing" + type: "string" + enabled: + description: "Enabled indicates whether to use a target allocation mechanism for Prometheus targets or not." + type: "boolean" + env: + description: "ENV vars to set on the OpenTelemetry TargetAllocator's Pods. These can then in certain cases be\nconsumed in the config file for the TargetAllocator." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + filterStrategy: + description: "FilterStrategy determines how to filter targets before allocating them among the collectors.\nThe only current option is relabel-config (drops targets based on prom relabel_config).\nFiltering is disabled by default." + type: "string" + image: + description: "Image indicates the container image to use for the OpenTelemetry TargetAllocator." + type: "string" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector to schedule OpenTelemetry TargetAllocator pods." + type: "object" + prometheusCR: + description: "PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval.\nAll CR instances which the ServiceAccount has access to will be retrieved. This includes other namespaces." + properties: + enabled: + description: "Enabled indicates whether to use a PrometheusOperator custom resources as targets or not." + type: "boolean" + podMonitorSelector: + additionalProperties: + type: "string" + description: "PodMonitors to be selected for target discovery.\nThis is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a\nPodMonitor's meta labels. The requirements are ANDed." + type: "object" + scrapeInterval: + default: "30s" + description: "Interval between consecutive scrapes. Equivalent to the same setting on the Prometheus CRD.\n\n\nDefault: \"30s\"" + format: "duration" + type: "string" + serviceMonitorSelector: + additionalProperties: + type: "string" + description: "ServiceMonitors to be selected for target discovery.\nThis is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a\nServiceMonitor's meta labels. The requirements are ANDed." + type: "object" + type: "object" + replicas: + description: "Replicas is the number of pod instances for the underlying TargetAllocator. This should only be set to a value\nother than 1 if a strategy that allows for high availability is chosen. Currently, the only allocation strategy\nthat can be run in a high availability mode is consistent-hashing." + format: "int32" + type: "integer" + resources: + description: "Resources to set on the OpenTelemetryTargetAllocator containers." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + securityContext: + description: "SecurityContext configures the container security context for\nthe target-allocator." + properties: + fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" + runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "boolean" + runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." + properties: + level: + description: "Level is SELinux level label that applies to the container." + type: "string" + role: + description: "Role is a SELinux role label that applies to the container." + type: "string" + type: + description: "Type is a SELinux type label that applies to the container." + type: "string" + user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" + type: "object" + supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + items: + format: "int64" + type: "integer" + type: "array" + sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." + items: + description: "Sysctl defines a kernel parameter to be set" + properties: + name: + description: "Name of a property to set" + type: "string" + value: + description: "Value of a property to set" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + windowsOptions: + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." + properties: + gmsaCredentialSpec: + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." + type: "string" + gmsaCredentialSpecName: + description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." + type: "string" + hostProcess: + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." + type: "boolean" + runAsUserName: + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "string" + type: "object" + type: "object" + serviceAccount: + description: "ServiceAccount indicates the name of an existing service account to use with this instance. When set,\nthe operator will not automatically create a ServiceAccount for the TargetAllocator." + type: "string" + tolerations: + description: "Toleration embedded kubernetes pod configuration option,\ncontrols how pods can be scheduled with matching taints" + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + topologySpreadConstraints: + description: "TopologySpreadConstraints embedded kubernetes pod configuration option,\ncontrols how pods are spread across your cluster among failure-domains\nsuch as regions, zones, nodes, and other user-defined topology domains\nhttps://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/" + items: + description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." + properties: + labelSelector: + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + maxSkew: + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." + format: "int32" + type: "integer" + minDomains: + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + format: "int32" + type: "integer" + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + type: "string" + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + type: "string" + topologyKey: + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." + type: "string" + whenUnsatisfiable: + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." + type: "string" + required: + - "maxSkew" + - "topologyKey" + - "whenUnsatisfiable" + type: "object" + type: "array" + type: "object" terminationGracePeriodSeconds: description: "Duration in seconds the pod needs to terminate gracefully upon probe failure." format: "int64" diff --git a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/accesslogpolicies.yaml b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/accesslogpolicies.yaml index d5291aac8..e064e298c 100644 --- a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/accesslogpolicies.yaml +++ b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/accesslogpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "accesslogpolicies.application-networking.k8s.aws" spec: group: "application-networking.k8s.aws" @@ -26,10 +26,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,11 +37,11 @@ spec: description: "AccessLogPolicySpec defines the desired state of AccessLogPolicy." properties: destinationArn: - description: "The Amazon Resource Name (ARN) of the destination that will store access logs. Supported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stream ARNs. \n Changes to this value results in replacement of the VPC Lattice Access Log Subscription." + description: "The Amazon Resource Name (ARN) of the destination that will store access logs.\nSupported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stream ARNs.\n\nChanges to this value results in replacement of the VPC Lattice Access Log Subscription." pattern: "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?" type: "string" targetRef: - description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. \n This field is following the guidelines of Kubernetes Gateway API policy attachment." + description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached.\n\nThis field is following the guidelines of Kubernetes Gateway API policy attachment." properties: group: description: "Group is the group of the target resource." @@ -60,7 +60,7 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy." + description: "Namespace is the namespace of the referent. When unspecified, the local\nnamespace is inferred. Even when policy targets a resource in a different\nnamespace, it MUST only apply to traffic originating from the same\nnamespace as the policy." maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" @@ -96,25 +96,25 @@ spec: reason: "Pending" status: "Unknown" type: "Programmed" - description: "Conditions describe the current conditions of the AccessLogPolicy. \n Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe AccessLogPolicy state. \n Known condition types are: \n * \"Accepted\" * \"Ready\"" + description: "Conditions describe the current conditions of the AccessLogPolicy.\n\nImplementations should prefer to express Policy conditions\nusing the `PolicyConditionType` and `PolicyConditionReason`\nconstants so that operators and tools can converge on a common\nvocabulary to describe AccessLogPolicy state.\n\nKnown condition types are:\n\n* \"Accepted\"\n* \"Ready\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -127,7 +127,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/iamauthpolicies.yaml b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/iamauthpolicies.yaml index 3e8614293..9a99722b6 100644 --- a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/iamauthpolicies.yaml +++ b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/iamauthpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "iamauthpolicies.application-networking.k8s.aws" spec: group: "application-networking.k8s.aws" @@ -26,21 +26,21 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "IAMAuthPolicySpec defines the desired state of IAMAuthPolicy. When the controller handles IAMAuthPolicy creation, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to AWS_IAM and attach this policy. When the controller handles IAMAuthPolicy deletion, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to NONE and detach this policy." + description: "IAMAuthPolicySpec defines the desired state of IAMAuthPolicy.\nWhen the controller handles IAMAuthPolicy creation, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to AWS_IAM and attach this policy.\nWhen the controller handles IAMAuthPolicy deletion, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to NONE and detach this policy." properties: policy: description: "IAM auth policy content. It is a JSON string that uses the same syntax as AWS IAM policies. Please check the VPC Lattice documentation to get [the common elements in an auth policy](https://docs.aws.amazon.com/vpc-lattice/latest/ug/auth-policies.html#auth-policies-common-elements)" type: "string" targetRef: - description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. \n This field is following the guidelines of Kubernetes Gateway API policy attachment." + description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached.\n\nThis field is following the guidelines of Kubernetes Gateway API policy attachment." properties: group: description: "Group is the group of the target resource." @@ -59,7 +59,7 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy." + description: "Namespace is the namespace of the referent. When unspecified, the local\nnamespace is inferred. Even when policy targets a resource in a different\nnamespace, it MUST only apply to traffic originating from the same\nnamespace as the policy." maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" @@ -95,25 +95,25 @@ spec: reason: "Pending" status: "Unknown" type: "Programmed" - description: "Conditions describe the current conditions of the IAMAuthPolicy. \n Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe IAMAuthPolicy state. \n Known condition types are: \n * \"Accepted\" * \"Ready\"" + description: "Conditions describe the current conditions of the IAMAuthPolicy.\n\nImplementations should prefer to express Policy conditions\nusing the `PolicyConditionType` and `PolicyConditionReason`\nconstants so that operators and tools can converge on a common\nvocabulary to describe IAMAuthPolicy state.\n\nKnown condition types are:\n\n* \"Accepted\"\n* \"Ready\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -126,7 +126,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceexports.yaml b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceexports.yaml index 07a2e4878..586cacdd2 100644 --- a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceexports.yaml +++ b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceexports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "serviceexports.application-networking.k8s.aws" spec: group: "application-networking.k8s.aws" @@ -16,22 +16,22 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "ServiceExport declares that the Service with the same name and namespace as this export should be consumable from other clusters." + description: "ServiceExport declares that the Service with the same name and namespace\nas this export should be consumable from other clusters." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" status: - description: "status describes the current state of an exported service. Service configuration comes from the Service that had the same name and namespace as this ServiceExport. Populated by the multi-cluster service implementation's controller." + description: "status describes the current state of an exported service.\nService configuration comes from the Service that had the same\nname and namespace as this ServiceExport.\nPopulated by the multi-cluster service implementation's controller." properties: conditions: items: - description: "ServiceExportCondition contains details for the current condition of this service export. \n Once [KEP-1623](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1623-standardize-conditions) is implemented, this will be replaced by metav1.Condition." + description: "ServiceExportCondition contains details for the current condition of this\nservice export.\n\nOnce [KEP-1623](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1623-standardize-conditions) is\nimplemented, this will be replaced by metav1.Condition." properties: lastTransitionTime: format: "date-time" diff --git a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceimports.yaml b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceimports.yaml index d673fda2c..1813979ca 100644 --- a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceimports.yaml +++ b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/serviceimports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "serviceimports.application-networking.k8s.aws" spec: group: "application-networking.k8s.aws" @@ -19,10 +19,10 @@ spec: description: "ServiceImport describes a service imported from clusters in a ClusterSet." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -40,18 +40,17 @@ spec: description: "ServicePort represents the port on which the service is exposed" properties: appProtocol: - description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and http://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. Field can be enabled with ServiceAppProtocol feature gate." + description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and http://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol.\nField can be enabled with ServiceAppProtocol feature gate." type: "string" name: - description: "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service." + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." type: "string" port: description: "The port that will be exposed by this service." format: "int32" type: "integer" protocol: - default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP." + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" required: - "port" @@ -59,7 +58,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" sessionAffinity: - description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. Ignored when type is Headless More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity.\nEnable client IP based session affinity.\nMust be ClientIP or None.\nDefaults to None.\nIgnored when type is Headless\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" sessionAffinityConfig: description: "sessionAffinityConfig contains session affinity configuration." @@ -68,13 +67,13 @@ spec: description: "clientIP contains the configurations of Client IP based session affinity." properties: timeoutSeconds: - description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours)." + description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time.\nThe value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\".\nDefault value is 10800(for 3 hours)." format: "int32" type: "integer" type: "object" type: "object" type: - description: "type defines the type of this service. Must be ClusterSetIP or Headless." + description: "type defines the type of this service.\nMust be ClusterSetIP or Headless." enum: - "ClusterSetIP" - "Headless" @@ -84,15 +83,15 @@ spec: - "type" type: "object" status: - description: "status contains information about the exported services that form the multi-cluster service referenced by this ServiceImport." + description: "status contains information about the exported services that form\nthe multi-cluster service referenced by this ServiceImport." properties: clusters: - description: "clusters is the list of exporting clusters from which this service was derived." + description: "clusters is the list of exporting clusters from which this service\nwas derived." items: description: "ClusterStatus contains service configuration mapped to a specific source cluster" properties: cluster: - description: "cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS label." + description: "cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS\nlabel." type: "string" required: - "cluster" diff --git a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/targetgrouppolicies.yaml b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/targetgrouppolicies.yaml index 2c0f0eb80..22d445b3f 100644 --- a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/targetgrouppolicies.yaml +++ b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/targetgrouppolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "targetgrouppolicies.application-networking.k8s.aws" spec: group: "application-networking.k8s.aws" @@ -26,10 +26,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: description: "TargetGroupPolicySpec defines the desired state of TargetGroupPolicy." properties: healthCheck: - description: "The health check configuration. \n Changes to this value will update VPC Lattice resource in place." + description: "The health check configuration.\n\nChanges to this value will update VPC Lattice resource in place." properties: enabled: description: "Indicates whether health checking is enabled." @@ -58,7 +58,7 @@ spec: description: "The destination for health checks on the targets." type: "string" port: - description: "The port used when performing health checks on targets. If not specified, health check defaults to the port that a target receives traffic on." + description: "The port used when performing health checks on targets. If not specified, health check defaults to the\nport that a target receives traffic on." format: "int64" maximum: 65535.0 minimum: 1.0 @@ -92,13 +92,13 @@ spec: type: "integer" type: "object" protocol: - description: "The protocol to use for routing traffic to the targets. Supported values are HTTP (default), HTTPS and TCP. \n Changes to this value results in a replacement of VPC Lattice target group." + description: "The protocol to use for routing traffic to the targets. Supported values are HTTP (default), HTTPS and TCP.\n\nChanges to this value results in a replacement of VPC Lattice target group." type: "string" protocolVersion: - description: "The protocol version to use. Supported values are HTTP1 (default) and HTTP2. When a policy Protocol is TCP, you should not set this field. Otherwise, the whole TargetGroupPolicy will not take effect. When a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2. \n Changes to this value results in a replacement of VPC Lattice target group." + description: "The protocol version to use. Supported values are HTTP1 (default) and HTTP2.\nWhen a policy Protocol is TCP, you should not set this field. Otherwise, the whole TargetGroupPolicy will not take effect.\nWhen a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2.\n\nChanges to this value results in a replacement of VPC Lattice target group." type: "string" targetRef: - description: "TargetRef points to the kubernetes Service resource that will have this policy attached. \n This field is following the guidelines of Kubernetes Gateway API policy attachment." + description: "TargetRef points to the kubernetes Service resource that will have this policy attached.\n\nThis field is following the guidelines of Kubernetes Gateway API policy attachment." properties: group: description: "Group is the group of the target resource." @@ -117,7 +117,7 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy." + description: "Namespace is the namespace of the referent. When unspecified, the local\nnamespace is inferred. Even when policy targets a resource in a different\nnamespace, it MUST only apply to traffic originating from the same\nnamespace as the policy." maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" @@ -152,25 +152,25 @@ spec: reason: "Pending" status: "Unknown" type: "Programmed" - description: "Conditions describe the current conditions of the TargetGroup. \n Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe TargetGroup state. \n Known condition types are: \n * \"Accepted\" * \"Ready\"" + description: "Conditions describe the current conditions of the TargetGroup.\n\nImplementations should prefer to express Policy conditions\nusing the `PolicyConditionType` and `PolicyConditionReason`\nconstants so that operators and tools can converge on a common\nvocabulary to describe TargetGroup state.\n\nKnown condition types are:\n\n* \"Accepted\"\n* \"Ready\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -183,7 +183,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/vpcassociationpolicies.yaml b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/vpcassociationpolicies.yaml index 422df358c..9c8f8e4b2 100644 --- a/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/vpcassociationpolicies.yaml +++ b/crd-catalog/aws/aws-application-networking-k8s/application-networking.k8s.aws/v1alpha1/vpcassociationpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "vpcassociationpolicies.application-networking.k8s.aws" spec: group: "application-networking.k8s.aws" @@ -26,10 +26,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,10 +37,10 @@ spec: description: "VpcAssociationPolicySpec defines the desired state of VpcAssociationPolicy." properties: associateWithVpc: - description: "AssociateWithVpc indicates whether the VpcServiceNetworkAssociation should be created for the current VPC of k8s cluster. \n This value will be considered true by default." + description: "AssociateWithVpc indicates whether the VpcServiceNetworkAssociation should be created for the current VPC of k8s cluster.\n\nThis value will be considered true by default." type: "boolean" securityGroupIds: - description: "SecurityGroupIds defines the security groups enforced on the VpcServiceNetworkAssociation. Security groups does not take effect if AssociateWithVpc is set to false. \n For more details, please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html" + description: "SecurityGroupIds defines the security groups enforced on the VpcServiceNetworkAssociation.\nSecurity groups does not take effect if AssociateWithVpc is set to false.\n\nFor more details, please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html" items: maxLength: 32 minLength: 3 @@ -49,7 +49,7 @@ spec: minItems: 1 type: "array" targetRef: - description: "TargetRef points to the kubernetes Gateway resource that will have this policy attached. \n This field is following the guidelines of Kubernetes Gateway API policy attachment." + description: "TargetRef points to the kubernetes Gateway resource that will have this policy attached.\n\nThis field is following the guidelines of Kubernetes Gateway API policy attachment." properties: group: description: "Group is the group of the target resource." @@ -68,7 +68,7 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy." + description: "Namespace is the namespace of the referent. When unspecified, the local\nnamespace is inferred. Even when policy targets a resource in a different\nnamespace, it MUST only apply to traffic originating from the same\nnamespace as the policy." maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" @@ -91,25 +91,25 @@ spec: reason: "Pending" status: "Unknown" type: "Accepted" - description: "Conditions describe the current conditions of the VpcAssociationPolicy. \n Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe VpcAssociationPolicy state. \n Known condition types are: \n * \"Accepted\"" + description: "Conditions describe the current conditions of the VpcAssociationPolicy.\n\nImplementations should prefer to express Policy conditions\nusing the `PolicyConditionType` and `PolicyConditionReason`\nconstants so that operators and tools can converge on a common\nvocabulary to describe VpcAssociationPolicy state.\n\nKnown condition types are:\n\n* \"Accepted\"" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -122,7 +122,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml index 88c475892..2bc773ae2 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "awsdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "AWSDatacenterConfig is the Schema for the AWSDatacenterConfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -45,9 +45,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml index 2eb10def3..a44d03d04 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/awsiamconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "awsiamconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "AWSIamConfig is the Schema for the awsiamconfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,7 +33,7 @@ spec: description: "AWSRegion defines a region in an AWS partition" type: "string" backendMode: - description: "BackendMode defines multiple backends for aws-iam-authenticator server The server searches for mappings in order" + description: "BackendMode defines multiple backends for aws-iam-authenticator server\nThe server searches for mappings in order" items: type: "string" type: "array" @@ -87,9 +87,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml index 6efe46a49..74ce4a158 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml @@ -1352,6 +1352,8 @@ spec: - "components" - "diagnosticCollector" type: "object" + endOfStandardSupport: + type: "string" etcdadmBootstrap: properties: components: @@ -2524,6 +2526,79 @@ spec: - "amd" - "arm" type: "object" + iso: + description: "HookArch defines the Tinkerbell hook architecture-specific artifacts." + properties: + amd: + description: "Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity." + properties: + arch: + description: "Architectures of the asset" + items: + type: "string" + type: "array" + description: + type: "string" + name: + description: "The asset name" + type: "string" + os: + description: "Operating system of the asset" + enum: + - "linux" + - "darwin" + - "windows" + type: "string" + osName: + description: "Name of the OS like ubuntu, bottlerocket" + type: "string" + sha256: + description: "The sha256 of the asset, only applies for 'file' store" + type: "string" + sha512: + description: "The sha512 of the asset, only applies for 'file' store" + type: "string" + uri: + description: "The URI where the asset is located" + type: "string" + type: "object" + arm: + description: "Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity." + properties: + arch: + description: "Architectures of the asset" + items: + type: "string" + type: "array" + description: + type: "string" + name: + description: "The asset name" + type: "string" + os: + description: "Operating system of the asset" + enum: + - "linux" + - "darwin" + - "windows" + type: "string" + osName: + description: "Name of the OS like ubuntu, bottlerocket" + type: "string" + sha256: + description: "The sha256 of the asset, only applies for 'file' store" + type: "string" + sha512: + description: "The sha512 of the asset, only applies for 'file' store" + type: "string" + uri: + description: "The URI where the asset is located" + type: "string" + type: "object" + required: + - "amd" + - "arm" + type: "object" kernel: properties: arch: @@ -2627,6 +2702,7 @@ spec: - "bootkit" - "docker" - "initramfs" + - "iso" - "kernel" - "vmlinuz" type: "object" diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml index f0459ca94..dcac7c740 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "cloudstackdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "CloudStackDatacenterConfig is the Schema for the cloudstackdatacenterconfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,7 +30,7 @@ spec: description: "CloudStackDatacenterConfigSpec defines the desired state of CloudStackDatacenterConfig." properties: account: - description: "Account typically represents a customer of the service provider or a department in a large organization. Multiple users can exist in an account, and all CloudStack resources belong to an account. Accounts have users and users have credentials to operate on resources within that account. If an account name is provided, a domain must also be provided. Deprecated: Please use AvailabilityZones instead" + description: "Account typically represents a customer of the service provider or a department in a large organization. Multiple users can exist in an account, and all CloudStack resources belong to an account. Accounts have users and users have credentials to operate on resources within that account. If an account name is provided, a domain must also be provided.\nDeprecated: Please use AvailabilityZones instead" type: "string" availabilityZones: description: "AvailabilityZones list of different partitions to distribute VMs across - corresponds to a list of CAPI failure domains" @@ -44,7 +44,7 @@ spec: description: "CredentialRef is used to reference a secret in the eksa-system namespace" type: "string" domain: - description: "Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains This field is considered as a fully qualified domain name which is the same as the domain path without \"ROOT/\" prefix. For example, if \"foo\" is specified then a domain with \"ROOT/foo\" domain path is picked. The value \"ROOT\" is a special case that points to \"the\" ROOT domain of the CloudStack. That is, a domain with a path \"ROOT/ROOT\" is not allowed." + description: "Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains\nThis field is considered as a fully qualified domain name which is the same as the domain path without \"ROOT/\" prefix. For example, if \"foo\" is specified then a domain with \"ROOT/foo\" domain path is picked.\nThe value \"ROOT\" is a special case that points to \"the\" ROOT domain of the CloudStack. That is, a domain with a path \"ROOT/ROOT\" is not allowed." type: "string" managementApiEndpoint: description: "CloudStack Management API endpoint's IP. It is added to VM's noproxy list" @@ -61,7 +61,7 @@ spec: name: type: "string" network: - description: "Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name In multiple-zones situation, only 'Shared' network is supported." + description: "Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name\nIn multiple-zones situation, only 'Shared' network is supported." properties: id: description: "Id of a resource in the CloudStack environment. Mutually exclusive with Name" @@ -82,13 +82,13 @@ spec: type: "object" type: "array" domain: - description: "Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains This field is considered as a fully qualified domain name which is the same as the domain path without \"ROOT/\" prefix. For example, if \"foo\" is specified then a domain with \"ROOT/foo\" domain path is picked. The value \"ROOT\" is a special case that points to \"the\" ROOT domain of the CloudStack. That is, a domain with a path \"ROOT/ROOT\" is not allowed. Deprecated: Please use AvailabilityZones instead" + description: "Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains\nThis field is considered as a fully qualified domain name which is the same as the domain path without \"ROOT/\" prefix. For example, if \"foo\" is specified then a domain with \"ROOT/foo\" domain path is picked.\nThe value \"ROOT\" is a special case that points to \"the\" ROOT domain of the CloudStack. That is, a domain with a path \"ROOT/ROOT\" is not allowed.\nDeprecated: Please use AvailabilityZones instead" type: "string" managementApiEndpoint: - description: "CloudStack Management API endpoint's IP. It is added to VM's noproxy list Deprecated: Please use AvailabilityZones instead" + description: "CloudStack Management API endpoint's IP. It is added to VM's noproxy list\nDeprecated: Please use AvailabilityZones instead" type: "string" zones: - description: "Zones is a list of one or more zones that are managed by a single CloudStack management endpoint. Deprecated: Please use AvailabilityZones instead" + description: "Zones is a list of one or more zones that are managed by a single CloudStack management endpoint.\nDeprecated: Please use AvailabilityZones instead" items: description: "CloudStackZone is an organizational construct typically used to represent a single datacenter, and all its physical and virtual resources exist inside that zone. It can either be specified as a UUID or name." properties: @@ -98,7 +98,7 @@ spec: name: type: "string" network: - description: "Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name In multiple-zones situation, only 'Shared' network is supported." + description: "Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name\nIn multiple-zones situation, only 'Shared' network is supported." properties: id: description: "Id of a resource in the CloudStack environment. Mutually exclusive with Name" @@ -116,7 +116,7 @@ spec: description: "CloudStackDatacenterConfigStatus defines the observed state of CloudStackDatacenterConfig." properties: failureMessage: - description: "FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message." + description: "FailureMessage indicates that there is a fatal problem reconciling the\nstate, and will be set to a descriptive error message." type: "string" observedGeneration: description: "ObservedGeneration is the latest generation observed by the controller." @@ -131,9 +131,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml index 05ff95fa3..4e8fe05ab 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/cloudstackmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "cloudstackmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "CloudStackMachineConfig is the Schema for the cloudstackmachineconfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,15 +30,15 @@ spec: description: "CloudStackMachineConfigSpec defines the desired state of CloudStackMachineConfig." properties: affinity: - description: "Defaults to `no`. Can be `pro` or `anti`. If set to `pro` or `anti`, will create an affinity group per machine set of the corresponding type" + description: "Defaults to `no`. Can be `pro` or `anti`. If set to `pro` or `anti`, will create an affinity\ngroup per machine set of the corresponding type" type: "string" affinityGroupIds: - description: "AffinityGroupIds allows users to pass in a list of UUIDs for previously-created Affinity Groups. Any VM’s created with this spec will be added to the affinity group, which will dictate which physical host(s) they can be placed on. Affinity groups can be type “affinity” or “anti-affinity” in CloudStack. If they are type “anti-affinity”, all VM’s in the group must be on separate physical hosts for high availability. If they are type “affinity”, all VM’s in the group must be on the same physical host for improved performance" + description: "AffinityGroupIds allows users to pass in a list of UUIDs for previously-created Affinity\nGroups. Any VM’s created with this spec will be added to the affinity group, which will\ndictate which physical host(s) they can be placed on. Affinity groups can be type “affinity”\nor “anti-affinity” in CloudStack. If they are type “anti-affinity”, all VM’s in the group\nmust be on separate physical hosts for high availability. If they are type “affinity”, all\nVM’s in the group must be on the same physical host for improved performance" items: type: "string" type: "array" computeOffering: - description: "ComputeOffering refers to a compute offering which has been previously registered in CloudStack. It represents a VM’s instance size including number of CPU’s, memory, and CPU speed. It can either be specified as a UUID or name" + description: "ComputeOffering refers to a compute offering which has been previously registered in\nCloudStack. It represents a VM’s instance size including number of CPU’s, memory, and CPU\nspeed. It can either be specified as a UUID or name" properties: id: description: "Id of a resource in the CloudStack environment. Mutually exclusive with Name" @@ -48,7 +48,7 @@ spec: type: "string" type: "object" diskOffering: - description: "DiskOffering refers to a disk offering which has been previously registered in CloudStack. It represents a disk offering with pre-defined size or custom specified disk size. It can either be specified as a UUID or name" + description: "DiskOffering refers to a disk offering which has been previously registered in CloudStack.\nIt represents a disk offering with pre-defined size or custom specified disk size. It can\neither be specified as a UUID or name" properties: customSizeInGB: description: "disk size in GB, > 0 for customized disk offering; = 0 for non-customized disk offering" @@ -84,7 +84,7 @@ spec: description: "Symlinks create soft symbolic links folders. One use case is to use data disk to store logs" type: "object" template: - description: "Template refers to a VM image template which has been previously registered in CloudStack. It can either be specified as a UUID or name. When using a template name it must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27." + description: "Template refers to a VM image template which has been previously registered in CloudStack.\nIt can either be specified as a UUID or name.\nWhen using a template name it must include the Kubernetes version(s). For example,\na template used for Kubernetes 1.27 could be ubuntu-2204-1.27." properties: id: description: "Id of a resource in the CloudStack environment. Mutually exclusive with Name" @@ -96,10 +96,10 @@ spec: userCustomDetails: additionalProperties: type: "string" - description: "UserCustomDetails allows users to pass in non-standard key value inputs, outside those defined [here](https://github.com/shapeblue/cloudstack/blob/main/api/src/main/java/com/cloud/vm/VmDetailConstants.java)" + description: "UserCustomDetails allows users to pass in non-standard key value inputs, outside those\ndefined [here](https://github.com/shapeblue/cloudstack/blob/main/api/src/main/java/com/cloud/vm/VmDetailConstants.java)" type: "object" users: - description: "Users consists of an array of objects containing the username, as well as a list of their public keys. These users will be authorized to ssh into the machines" + description: "Users consists of an array of objects containing the username, as well as a list of their\npublic keys. These users will be authorized to ssh into the machines" items: description: "UserConfiguration defines the configuration of the user to be added to the VM." properties: @@ -122,7 +122,7 @@ spec: description: "CloudStackMachineConfigStatus defines the observed state of CloudStackMachineConfig." properties: failureMessage: - description: "FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message." + description: "FailureMessage indicates that there is a fatal problem reconciling the\nstate, and will be set to a descriptive error message." type: "string" specValid: description: "SpecValid is set to true if cloudstackmachineconfig is validated." @@ -133,9 +133,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml index 43905317c..22a66a442 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/clusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusters.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "Cluster is the Schema for the clusters API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,7 +30,7 @@ spec: description: "ClusterSpec defines the desired state of Cluster." properties: bundlesRef: - description: "BundlesRef contains a reference to the Bundles containing the desired dependencies for the cluster. DEPRECATED: Use EksaVersion instead." + description: "BundlesRef contains a reference to the Bundles containing the desired dependencies for the cluster.\nDEPRECATED: Use EksaVersion instead." properties: apiVersion: description: "APIVersion refers to the Bundles APIVersion" @@ -61,19 +61,19 @@ spec: description: "EgressMasquaradeInterfaces determines which network interfaces are used for masquerading. Accepted values are a valid interface name or interface prefix." type: "string" ipv4NativeRoutingCIDR: - description: "IPv4NativeRoutingCIDR specifies the CIDR to use when RoutingMode is set to direct. When specified, Cilium assumes networking for this CIDR is preconfigured and hands traffic destined for that range to the Linux network stack without applying any SNAT. If this is not set autoDirectNodeRoutes will be set to true" + description: "IPv4NativeRoutingCIDR specifies the CIDR to use when RoutingMode is set to direct.\nWhen specified, Cilium assumes networking for this CIDR is preconfigured and\nhands traffic destined for that range to the Linux network stack without\napplying any SNAT.\nIf this is not set autoDirectNodeRoutes will be set to true" type: "string" ipv6NativeRoutingCIDR: - description: "IPv6NativeRoutingCIDR specifies the IPv6 CIDR to use when RoutingMode is set to direct. When specified, Cilium assumes networking for this CIDR is preconfigured and hands traffic destined for that range to the Linux network stack without applying any SNAT. If this is not set autoDirectNodeRoutes will be set to true" + description: "IPv6NativeRoutingCIDR specifies the IPv6 CIDR to use when RoutingMode is set to direct.\nWhen specified, Cilium assumes networking for this CIDR is preconfigured and\nhands traffic destined for that range to the Linux network stack without\napplying any SNAT.\nIf this is not set autoDirectNodeRoutes will be set to true" type: "string" policyEnforcementMode: description: "PolicyEnforcementMode determines communication allowed between pods. Accepted values are default, always, never." type: "string" routingMode: - description: "RoutingMode indicates the routing tunnel mode to use for Cilium. Accepted values are overlay (geneve tunnel with overlay) or direct (tunneling disabled with direct routing) Defaults to overlay." + description: "RoutingMode indicates the routing tunnel mode to use for Cilium. Accepted values are overlay (geneve tunnel with overlay)\nor direct (tunneling disabled with direct routing)\nDefaults to overlay." type: "string" skipUpgrade: - description: "SkipUpgrade indicicates that Cilium maintenance should be skipped during upgrades. This can be used when operators wish to self manage the Cilium installation." + description: "SkipUpgrade indicicates that Cilium maintenance should be skipped during upgrades. This can\nbe used when operators wish to self manage the Cilium installation." type: "boolean" type: "object" kindnetd: @@ -97,7 +97,7 @@ spec: type: "integer" type: "object" pods: - description: "Comma-separated list of CIDR blocks to use for pod and service subnets. Defaults to 192.168.0.0/16 for pod subnet." + description: "Comma-separated list of CIDR blocks to use for pod and service subnets.\nDefaults to 192.168.0.0/16 for pod subnet." properties: cidrBlocks: items: @@ -120,7 +120,7 @@ spec: description: "APIServerExtraArgs defines the flags to configure for the API server." type: "object" certSans: - description: "CertSANs is a slice of domain names or IPs to be added as Subject Name Alternatives of the Kube API Servers Certificate." + description: "CertSANs is a slice of domain names or IPs to be added as Subject Name Alternatives of the\nKube API Servers Certificate." items: type: "string" type: "array" @@ -170,21 +170,21 @@ spec: type: "string" type: "object" skipLoadBalancerDeployment: - description: "SkipLoadBalancerDeployment skip deploying control plane load balancer. Make sure your infrastructure can handle control plane load balancing when you set this field to true." + description: "SkipLoadBalancerDeployment skip deploying control plane load balancer.\nMake sure your infrastructure can handle control plane load balancing when you set this field to true." type: "boolean" taints: description: "Taints define the set of taints to be applied on control plane nodes" items: - description: "The node this Taint is attached to has the \"effect\" on any pod that does not tolerate the Taint." + description: "The node this Taint is attached to has the \"effect\" on\nany pod that does not tolerate the Taint." properties: effect: - description: "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute." + description: "Required. The effect of the taint on pods\nthat do not tolerate the taint.\nValid effects are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: description: "Required. The taint key to be applied to a node." type: "string" timeAdded: - description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints." + description: "TimeAdded represents the time at which the taint was added.\nIt is only written for NoExecute taints." format: "date-time" type: "string" value: @@ -196,7 +196,7 @@ spec: type: "object" type: "array" upgradeRolloutStrategy: - description: "UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades and related parameters/knobs" + description: "UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades\nand related parameters/knobs" properties: rollingUpdate: description: "ControlPlaneRollingUpdateParams is API for rolling update strategy knobs." @@ -227,13 +227,13 @@ spec: properties: providers: items: - description: "EtcdEncryptionProvider defines the configuration for ETCD encryption providers. Currently only KMS provider is supported." + description: "EtcdEncryptionProvider defines the configuration for ETCD encryption providers.\nCurrently only KMS provider is supported." properties: kms: description: "KMS defines the configuration for KMS Encryption provider." properties: cachesize: - description: "CacheSize defines the maximum number of encrypted objects to be cached in memory. The default value is 1000. You can set this to a negative value to disable caching." + description: "CacheSize defines the maximum number of encrypted objects to be cached in memory. The default value is 1000.\nYou can set this to a negative value to disable caching." format: "int32" type: "integer" name: @@ -295,8 +295,10 @@ spec: type: "array" kubernetesVersion: type: "string" + licenseToken: + type: "string" machineHealthCheck: - description: "MachineHealthCheck allows to configure timeouts for machine health checks. Machine Health Checks are responsible for remediating unhealthy Machines. Configuring these values will decide how long to wait to remediate unhealthy machine or determine health of nodes' machines." + description: "MachineHealthCheck allows to configure timeouts for machine health checks. Machine Health Checks are responsible for remediating unhealthy Machines.\nConfiguring these values will decide how long to wait to remediate unhealthy machine or determine health of nodes' machines." properties: maxUnhealthy: anyOf: @@ -415,10 +417,10 @@ spec: description: "Endpoint defines the registry mirror endpoint to use for pulling images" type: "string" insecureSkipVerify: - description: "InsecureSkipVerify skips the registry certificate verification. Only use this solution for isolated testing or in a tightly controlled, air-gapped environment." + description: "InsecureSkipVerify skips the registry certificate verification.\nOnly use this solution for isolated testing or in a tightly controlled, air-gapped environment." type: "boolean" ociNamespaces: - description: "OCINamespaces defines the mapping from an upstream registry to a local namespace where upstream artifacts are placed into" + description: "OCINamespaces defines the mapping from an upstream registry to a local namespace where upstream\nartifacts are placed into" items: description: "OCINamespace represents an entity in a local reigstry to group related images." properties: @@ -453,6 +455,11 @@ spec: count: description: "Count defines the number of desired worker nodes. Defaults to 1." type: "integer" + failureDomains: + description: "FailureDomains is the optional list of failure domains to distribute worker nodes across the infrastructure." + items: + type: "string" + type: "array" kubeletConfiguration: description: "KubeletConfiguration is a struct that exposes the Kubelet settings for the user to set on worker nodes." type: "object" @@ -495,16 +502,16 @@ spec: taints: description: "Taints define the set of taints to be applied on worker nodes" items: - description: "The node this Taint is attached to has the \"effect\" on any pod that does not tolerate the Taint." + description: "The node this Taint is attached to has the \"effect\" on\nany pod that does not tolerate the Taint." properties: effect: - description: "Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute." + description: "Required. The effect of the taint on pods\nthat do not tolerate the taint.\nValid effects are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: description: "Required. The taint key to be applied to a node." type: "string" timeAdded: - description: "TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints." + description: "TimeAdded represents the time at which the taint was added.\nIt is only written for NoExecute taints." format: "date-time" type: "string" value: @@ -516,7 +523,7 @@ spec: type: "object" type: "array" upgradeRolloutStrategy: - description: "UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades and related parameters/knobs" + description: "UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades\nand related parameters/knobs" properties: rollingUpdate: description: "WorkerNodesRollingUpdateParams is API for rolling update strategy knobs." @@ -540,7 +547,7 @@ spec: description: "ClusterStatus defines the observed state of Cluster." properties: childrenReconciledGeneration: - description: "ChildrenReconciledGeneration represents the sum of the .metadata.generation for all the linked objects for the cluster, observed the last time the cluster was successfully reconciled. NOTE: This field was added for internal use and we do not provide guarantees to its behavior if changed externally. Its meaning and implementation are subject to change in the future." + description: "ChildrenReconciledGeneration represents the sum of the .metadata.generation\nfor all the linked objects for the cluster, observed the last time the\ncluster was successfully reconciled.\nNOTE: This field was added for internal use and we do not provide guarantees\nto its behavior if changed externally. Its meaning and implementation are\nsubject to change in the future." format: "int64" type: "integer" conditions: @@ -548,23 +555,23 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition. This field may be empty." + description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False." + description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: description: "Status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important." + description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" @@ -597,14 +604,14 @@ spec: description: "Descriptive message about a fatal problem while reconciling a cluster" type: "string" failureReason: - description: "Machine readable value about a terminal problem while reconciling the cluster set at the same time as failureMessage" + description: "Machine readable value about a terminal problem while reconciling the cluster\nset at the same time as failureMessage" type: "string" observedGeneration: description: "ObservedGeneration is the latest generation observed by the controller." format: "int64" type: "integer" reconciledGeneration: - description: "ReconciledGeneration represents the .metadata.generation the last time the cluster was successfully reconciled. It is the latest generation observed by the controller. NOTE: This field was added for internal use and we do not provide guarantees to its behavior if changed externally. Its meaning and implementation are subject to change in the future." + description: "ReconciledGeneration represents the .metadata.generation the last time the\ncluster was successfully reconciled. It is the latest generation observed\nby the controller.\nNOTE: This field was added for internal use and we do not provide guarantees\nto its behavior if changed externally. Its meaning and implementation are\nsubject to change in the future." format: "int64" type: "integer" type: "object" @@ -613,9 +620,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml index 0617ac9f8..28e2deb9a 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/controlplaneupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "controlplaneupgrades.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -46,10 +46,10 @@ spec: description: "ControlPlaneUpgrade is the Schema for the controlplaneupgrade API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -63,26 +63,27 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" controlPlaneSpecData: - description: "ControlPlaneSpecData contains base64 encoded KCP spec that's used to update the statuses of CAPI objects once the control plane upgrade is done. This field is needed so that we have a static copy of the control plane spec in case it gets modified after the ControlPlaneUpgrade was created, as ControlPlane is a reference to the object in real time." + description: "ControlPlaneSpecData contains base64 encoded KCP spec that's used to update\nthe statuses of CAPI objects once the control plane upgrade is done.\nThis field is needed so that we have a static copy of the control plane spec\nin case it gets modified after the ControlPlaneUpgrade was created,\nas ControlPlane is a reference to the object in real time." type: "string" etcdVersion: description: "EtcdVersion refers to the version of ETCD to upgrade to." @@ -93,30 +94,31 @@ spec: machinesRequireUpgrade: description: "MachinesRequireUpgrade is a list of references to CAPI machines that need to be upgraded." items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object." properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "controlPlane" @@ -145,9 +147,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml index bf5653dad..5966beb04 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/dockerdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "dockerdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "DockerDatacenterConfig is the Schema for the DockerDatacenterConfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,9 +37,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml index 444d56845..b6f614273 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/fluxconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "fluxconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -16,13 +16,13 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "FluxConfig is the Schema for the fluxconfigs API and defines the configurations of the Flux GitOps Toolkit and Git repository it links to." + description: "FluxConfig is the Schema for the fluxconfigs API and defines the configurations of the Flux GitOps Toolkit and\nGit repository it links to." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -76,9 +76,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml index 98b3bb1d3..20535c571 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/gitopsconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "gitopsconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -18,10 +18,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -67,9 +67,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml index e4712ee95..a8823d4db 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/machinedeploymentupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinedeploymentupgrades.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -46,10 +46,10 @@ spec: description: "MachineDeploymentUpgrade is the Schema for the machinedeploymentupgrades API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -66,54 +66,56 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" machineSpecData: description: "MachineSpecData is a base64 encoded json string value of the machineDeplopyment.Spec.Template.Spec field that's specification of the desired behavior of the machine." type: "string" machinesRequireUpgrade: description: "MachinesRequireUpgrade is a list of references to CAPI machines that need to be upgraded." items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object." properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" type: "array" required: - "kubernetesVersion" @@ -141,9 +143,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml index 7015cc560..6d41687e5 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nodeupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "nodeupgrades.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -38,10 +38,10 @@ spec: description: "NodeUpgrade is the Schema for the nodeupgrades API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -49,10 +49,10 @@ spec: description: "NodeUpgradeSpec defines the desired state of NodeUpgrade." properties: etcdVersion: - description: "EtcdVersion refers to the version of ETCD to upgrade to. This field is optional and only gets used for control plane nodes." + description: "EtcdVersion refers to the version of ETCD to upgrade to.\nThis field is optional and only gets used for control plane nodes." type: "string" firstNodeToBeUpgraded: - description: "FirstNodeToBeUpgraded signifies that the Node is the first node to be upgraded. This flag is only valid for control plane nodes and ignored for worker nodes." + description: "FirstNodeToBeUpgraded signifies that the Node is the first node to be upgraded.\nThis flag is only valid for control plane nodes and ignored for worker nodes." type: "boolean" kubernetesVersion: description: "KubernetesVersion refers to the Kubernetes version to upgrade the node to." @@ -64,24 +64,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "kubernetesVersion" - "machine" @@ -90,31 +91,31 @@ spec: description: "NodeUpgradeStatus defines the observed state of NodeUpgrade." properties: completed: - description: "Completed denotes that the upgrader has completed running all the operations and the node is successfully upgraded." + description: "Completed denotes that the upgrader has completed running all the operations\nand the node is successfully upgraded." type: "boolean" conditions: - description: "Conditions defines current state of the NodeUpgrade, including the state of init containers, that facilitate the upgrade." + description: "Conditions defines current state of the NodeUpgrade,\nincluding the state of init containers, that facilitate the upgrade." items: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition. This field may be empty." + description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False." + description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: description: "Status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important." + description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" @@ -132,9 +133,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml index d5f4258d5..962b2cb5c 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "nutanixdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "NutanixDatacenterConfig is the Schema for the NutanixDatacenterConfigs API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,10 +30,15 @@ spec: description: "NutanixDatacenterConfigSpec defines the desired state of NutanixDatacenterConfig." properties: additionalTrustBundle: - description: "AdditionalTrustBundle is the optional PEM-encoded certificate bundle for users that configured their Prism Central with certificates from non-publicly trusted CAs" + description: "AdditionalTrustBundle is the optional PEM-encoded certificate bundle for\nusers that configured their Prism Central with certificates from non-publicly\ntrusted CAs" type: "string" + ccmExcludeNodeIPs: + description: "CcmExcludeIPs is the optional list of IP addresses that should be excluded from the CCM IP pool for nodes.\nList should be valid IP addresses and IP address ranges." + items: + type: "string" + type: "array" credentialRef: - description: "CredentialRef is the reference to the secret name that contains the credentials for the Nutanix Prism Central. The namespace for the secret is assumed to be a constant i.e. eksa-system." + description: "CredentialRef is the reference to the secret name that contains the credentials\nfor the Nutanix Prism Central. The namespace for the secret is assumed to be a constant i.e. eksa-system." properties: kind: type: "string" @@ -67,7 +72,7 @@ spec: - "type" type: "object" name: - description: "Name is the unique name of the failure domain. Name must be between 1 and 64 characters long. It must consist of only lower case alphanumeric characters and hyphens (-). It must start and end with an alphanumeric character." + description: "Name is the unique name of the failure domain.\nName must be between 1 and 64 characters long.\nIt must consist of only lower case alphanumeric characters and hyphens (-).\nIt must start and end with an alphanumeric character." maxLength: 64 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" @@ -99,11 +104,13 @@ spec: type: "string" type: "array" required: + - "cluster" - "name" + - "subnets" type: "object" type: "array" insecure: - description: "Insecure is the optional flag to skip TLS verification. Nutanix Prism Central installation by default ships with a self-signed certificate that will fail TLS verification because the certificate is not issued by a public CA and does not have the IP SANs with the Prism Central endpoint. To accommodate the scenario where the user has not changed the default Certificate that ships with Prism Central, we allow the user to skip TLS verification. This is not recommended for production use." + description: "Insecure is the optional flag to skip TLS verification. Nutanix Prism\nCentral installation by default ships with a self-signed certificate\nthat will fail TLS verification because the certificate is not issued by\na public CA and does not have the IP SANs with the Prism Central endpoint.\nTo accommodate the scenario where the user has not changed the default\nCertificate that ships with Prism Central, we allow the user to skip TLS\nverification. This is not recommended for production use." type: "boolean" port: description: "Port is the Port of Nutanix Prism Central" @@ -120,9 +127,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml index 01ce14bab..aa1ebfc6e 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/nutanixmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "nutanixmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "NutanixMachineConfig is the Schema for the nutanix machine configs API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,7 +30,7 @@ spec: description: "NutanixMachineConfigSpec defines the desired state of NutanixMachineConfig." properties: additionalCategories: - description: "additionalCategories is a list of optional categories to be added to the VM. Categories must be created in Prism Central before they can be used." + description: "additionalCategories is a list of optional categories to be added to the VM.\nCategories must be created in Prism Central before they can be used." items: description: "NutanixCategoryIdentifier holds the identity of a Nutanix Prism Central category." properties: @@ -40,10 +40,13 @@ spec: value: description: "value is the category value linked to the key in the Prism Central." type: "string" + required: + - "key" + - "value" type: "object" type: "array" cluster: - description: "cluster is to identify the cluster (the Prism Element under management of the Prism Central), in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the prism_central API." + description: "cluster is to identify the cluster (the Prism Element under management\nof the Prism Central), in which the Machine's VM will be created.\nThe cluster identifier (uuid or name) can be obtained from the Prism Central console\nor using the prism_central API." properties: name: description: "name is the resource name in the PC" @@ -83,7 +86,7 @@ spec: type: "object" type: "array" image: - description: "image is to identify the OS image uploaded to the Prism Central (PC) The image identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. It must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27." + description: "image is to identify the OS image uploaded to the Prism Central (PC)\nThe image identifier (uuid or name) can be obtained from the Prism Central console\nor using the Prism Central API.\nIt must include the Kubernetes version(s). For example, a template used for\nKubernetes 1.27 could be ubuntu-2204-1.27." properties: name: description: "name is the resource name in the PC" @@ -104,13 +107,13 @@ spec: anyOf: - type: "integer" - type: "string" - description: "memorySize is the memory size (in Quantity format) of the VM The minimum memorySize is 2Gi bytes" + description: "memorySize is the memory size (in Quantity format) of the VM\nThe minimum memorySize is 2Gi bytes" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true osFamily: type: "string" project: - description: "Project is an optional property that specifies the Prism Central project so that machine resources can be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API." + description: "Project is an optional property that specifies the Prism Central project so that machine resources\ncan be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console\nor using the Prism Central API." properties: name: description: "name is the resource name in the PC" @@ -128,7 +131,7 @@ spec: - "type" type: "object" subnet: - description: "subnet is to identify the cluster's network subnet to use for the Machine's VM The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API." + description: "subnet is to identify the cluster's network subnet to use for the Machine's VM\nThe cluster identifier (uuid or name) can be obtained from the Prism Central console\nor using the Prism Central API." properties: name: description: "name is the resource name in the PC" @@ -149,7 +152,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "systemDiskSize is size (in Quantity format) of the system disk of the VM The minimum systemDiskSize is 20Gi bytes" + description: "systemDiskSize is size (in Quantity format) of the system disk of the VM\nThe minimum systemDiskSize is 20Gi bytes" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true users: @@ -191,7 +194,7 @@ spec: description: "NutanixMachineConfigStatus defines the observed state of NutanixMachineConfig." properties: addresses: - description: "Addresses contains the Nutanix VM associated addresses. Address type is one of Hostname, ExternalIP, InternalIP, ExternalDNS, InternalDNS" + description: "Addresses contains the Nutanix VM associated addresses.\nAddress type is one of Hostname, ExternalIP, InternalIP, ExternalDNS, InternalDNS" items: description: "MachineAddress contains information for the node's address." properties: @@ -212,23 +215,23 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition. This field may be empty." + description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False." + description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: description: "Status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important." + description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" @@ -243,24 +246,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" ready: description: "Ready is true when the provider resource is ready." type: "boolean" @@ -273,9 +277,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml index 3270af0b6..a4aac6930 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/oidcconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "oidcconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "OIDCConfig is the Schema for the oidcconfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -66,9 +66,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml index 76f300cf3..12b1bf3f3 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowdatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "snowdatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "SnowDatacenterConfig is the Schema for the SnowDatacenterConfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,9 +46,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml index 70085d3cf..b57e112e1 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowippools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "snowippools.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "SnowIPPool is the Schema for the SnowIPPools API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -62,9 +62,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml index 0b7f18389..a3c5d1d8f 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/snowmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "snowmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "SnowMachineConfig is the Schema for the SnowMachineConfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -39,7 +39,7 @@ spec: description: "Device name" type: "string" size: - description: "Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater)." + description: "Size specifies size (in Gi) of the storage device.\nMust be greater than the image snapshot size or 8 (whichever is greater)." format: "int64" minimum: 8.0 type: "integer" @@ -61,7 +61,7 @@ spec: description: "HostOSConfiguration provides OS specific configurations for the machine" properties: bottlerocketConfiguration: - description: "BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket." + description: "BottlerocketConfiguration defines the Bottlerocket configuration on the host OS.\nThese settings only take effect when the `osFamily` is bottlerocket." properties: boot: description: "Boot defines the boot settings for bottlerocket." @@ -96,13 +96,13 @@ spec: type: "string" type: "array" clusterDomain: - description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains" + description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers\nto search this domain before the host’s search domains" type: "string" containerLogMaxFiles: - description: "ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container" + description: "ContainerLogMaxFiles specifies the maximum number of container log\nfiles that can be present for a container" type: "integer" containerLogMaxSize: - description: "ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated" + description: "ContainerLogMaxSize is a quantity defining the maximum size of\nthe container log file before it is rotated" type: "string" cpuCFSQuota: description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits" @@ -113,7 +113,7 @@ spec: cpuManagerPolicyOptions: additionalProperties: type: "string" - description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies" + description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to\nfine tune the behaviour of the cpu manager policies" type: "object" cpuManagerReconcilePeriod: description: "CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager." @@ -130,7 +130,7 @@ spec: description: "EvictionHard is a map of signal names to quantities that defines hard eviction thresholds." type: "object" evictionMaxPodGracePeriod: - description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met." + description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use\nwhen terminating pods in response to a soft eviction threshold being met." type: "integer" evictionSoft: additionalProperties: @@ -140,10 +140,10 @@ spec: evictionSoftGracePeriod: additionalProperties: type: "string" - description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal." + description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods\nfor each soft eviction signal." type: "object" imageGCHighThresholdPercent: - description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run." + description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage\ncollection is always run." type: "integer" imageGCLowThresholdPercent: description: "ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run." @@ -157,7 +157,7 @@ spec: kubeReserved: additionalProperties: type: "string" - description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components" + description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources\nreserved for kubernetes system components" type: "object" maxPods: description: "MaxPods defines the maximum number of pods that can run on a node." @@ -179,21 +179,21 @@ spec: description: "RegistryPullQPS is the limit of registry pulls per second." type: "integer" shutdownGracePeriod: - description: "ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown." + description: "ShutdownGracePeriod specifies the total duration that the node should delay\nthe shutdown and total grace period for pod termination during a node shutdown." type: "string" shutdownGracePeriodCriticalPods: - description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown." + description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate\ncritical pods during a node shutdown." type: "string" systemReserved: additionalProperties: type: "string" - description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components." + description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe\nresources reserved for non-kubernetes components." type: "object" topologyManagerPolicy: description: "TopologyManagerPolicy is the name of the topology manager policy to use." type: "string" topologyManagerScope: - description: "TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate." + description: "TopologyManagerScope represents the scope of topology hint generation\nthat topology manager requests and hint providers generate." type: "string" type: "object" type: "object" @@ -244,7 +244,7 @@ spec: minimum: 1.0 type: "integer" ipPoolRef: - description: "IPPool contains a reference to a snow ip pool which provides a range of ip addresses. When specified, an ip address selected from the pool is allocated to this DNI." + description: "IPPool contains a reference to a snow ip pool which provides a range of ip addresses.\nWhen specified, an ip address selected from the pool is allocated to this DNI." properties: kind: type: "string" @@ -268,13 +268,13 @@ spec: nonRootVolumes: description: "NonRootVolumes provides the configuration options for the non root storage volumes." items: - description: "Volume encapsulates the configuration options for the storage device TODO: Trim the fields that do not apply for Snow." + description: "Volume encapsulates the configuration options for the storage device" properties: deviceName: description: "Device name" type: "string" size: - description: "Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater)." + description: "Size specifies size (in Gi) of the storage device.\nMust be greater than the image snapshot size or 8 (whichever is greater)." format: "int64" minimum: 8.0 type: "integer" @@ -289,10 +289,10 @@ spec: type: "object" type: "array" osFamily: - description: "OSFamily is the node instance OS. Valid values: \"bottlerocket\" and \"ubuntu\"." + description: "OSFamily is the node instance OS.\nValid values: \"bottlerocket\" and \"ubuntu\"." type: "string" physicalNetworkConnector: - description: "PhysicalNetworkConnector is the physical network connector type to use for creating direct network interfaces (DNI). Valid values: \"SFP_PLUS\" (default), \"QSFP\" and \"RJ45\"." + description: "PhysicalNetworkConnector is the physical network connector type to use for creating direct network interfaces (DNI).\nValid values: \"SFP_PLUS\" (default), \"QSFP\" and \"RJ45\"." type: "string" sshKeyName: description: "SSHKeyName is the name of the ssh key defined in the aws snow key pairs, to attach to the instance." @@ -304,7 +304,7 @@ spec: description: "SnowMachineConfigStatus defines the observed state of SnowMachineConfig." properties: failureMessage: - description: "FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message." + description: "FailureMessage indicates that there is a fatal problem reconciling the\nstate, and will be set to a descriptive error message." type: "string" specValid: description: "SpecValid is set to true if vspheredatacenterconfig is validated." @@ -315,9 +315,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml index 7373f999e..ad37f6266 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelldatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "tinkerbelldatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "TinkerbellDatacenterConfig is the Schema for the TinkerbellDatacenterConfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -32,14 +32,20 @@ spec: hookImagesURLPath: description: "HookImagesURLPath can be used to override the default Hook images path to pull from a local server." type: "string" + hookIsoURL: + description: "HookIsoURL is the URL of ISO image that will be used to provision the hardware\nduring one time boot process.\nIt can be used to override the default Hook OS ISO image to pull from a local server." + type: "string" + isoBoot: + description: "IsoBoot can be used to indicate that the hardware should boot using an ISO." + type: "boolean" loadBalancerInterface: description: "LoadBalancerInterface can be used to configure a load balancer interface for the Tinkerbell stack." type: "string" osImageURL: - description: "OSImageURL can be used to override the default OS image path to pull from a local server. OSImageURL is a URL to the OS image used during provisioning. To perform modular upgrades the OSImageURL must be specified on the TinkerbellMachineConfig objects. You cannot specify an OSImageURL on the TinkerbellDatacenterConfig and TinkerbellMachineConfigs simultaneously. It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could be http://localhost:8080/ubuntu-2204-1.27.tgz" + description: "OSImageURL can be used to override the default OS image path to pull from a local server.\nOSImageURL is a URL to the OS image used during provisioning. To perform modular upgrades\nthe OSImageURL must be specified on the TinkerbellMachineConfig objects. You cannot specify\nan OSImageURL on the TinkerbellDatacenterConfig and TinkerbellMachineConfigs simultaneously.\nIt must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could\nbe http://localhost:8080/ubuntu-2204-1.27.tgz" type: "string" skipLoadBalancerDeployment: - description: "SkipLoadBalancerDeployment when set to \"true\" can be used to skip deploying a load balancer to expose Tinkerbell stack. Users will need to deploy and configure a load balancer manually after the cluster is created." + description: "SkipLoadBalancerDeployment when set to \"true\" can be used to skip deploying a load balancer to expose Tinkerbell stack.\nUsers will need to deploy and configure a load balancer manually after the cluster is created." type: "boolean" tinkerbellIP: description: "TinkerbellIP is used to configure a VIP for hosting the Tinkerbell services." @@ -48,16 +54,10 @@ spec: - "tinkerbellIP" type: "object" status: - description: "TinkerbellDatacenterConfigStatus defines the observed state of TinkerbellDatacenterConfig \n Important: Run \"make generate\" to regenerate code after modifying this file." + description: "TinkerbellDatacenterConfigStatus defines the observed state of TinkerbellDatacenterConfig\n\nImportant: Run \"make generate\" to regenerate code after modifying this file." type: "object" type: "object" served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml index 4c4c34e43..da9ba57e0 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbellmachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "tinkerbellmachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "TinkerbellMachineConfig is the Schema for the tinkerbellmachineconfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -38,7 +38,7 @@ spec: description: "HostOSConfiguration defines the configuration settings on the host OS." properties: bottlerocketConfiguration: - description: "BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket." + description: "BottlerocketConfiguration defines the Bottlerocket configuration on the host OS.\nThese settings only take effect when the `osFamily` is bottlerocket." properties: boot: description: "Boot defines the boot settings for bottlerocket." @@ -73,13 +73,13 @@ spec: type: "string" type: "array" clusterDomain: - description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains" + description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers\nto search this domain before the host’s search domains" type: "string" containerLogMaxFiles: - description: "ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container" + description: "ContainerLogMaxFiles specifies the maximum number of container log\nfiles that can be present for a container" type: "integer" containerLogMaxSize: - description: "ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated" + description: "ContainerLogMaxSize is a quantity defining the maximum size of\nthe container log file before it is rotated" type: "string" cpuCFSQuota: description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits" @@ -90,7 +90,7 @@ spec: cpuManagerPolicyOptions: additionalProperties: type: "string" - description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies" + description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to\nfine tune the behaviour of the cpu manager policies" type: "object" cpuManagerReconcilePeriod: description: "CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager." @@ -107,7 +107,7 @@ spec: description: "EvictionHard is a map of signal names to quantities that defines hard eviction thresholds." type: "object" evictionMaxPodGracePeriod: - description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met." + description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use\nwhen terminating pods in response to a soft eviction threshold being met." type: "integer" evictionSoft: additionalProperties: @@ -117,10 +117,10 @@ spec: evictionSoftGracePeriod: additionalProperties: type: "string" - description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal." + description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods\nfor each soft eviction signal." type: "object" imageGCHighThresholdPercent: - description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run." + description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage\ncollection is always run." type: "integer" imageGCLowThresholdPercent: description: "ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run." @@ -134,7 +134,7 @@ spec: kubeReserved: additionalProperties: type: "string" - description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components" + description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources\nreserved for kubernetes system components" type: "object" maxPods: description: "MaxPods defines the maximum number of pods that can run on a node." @@ -156,21 +156,21 @@ spec: description: "RegistryPullQPS is the limit of registry pulls per second." type: "integer" shutdownGracePeriod: - description: "ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown." + description: "ShutdownGracePeriod specifies the total duration that the node should delay\nthe shutdown and total grace period for pod termination during a node shutdown." type: "string" shutdownGracePeriodCriticalPods: - description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown." + description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate\ncritical pods during a node shutdown." type: "string" systemReserved: additionalProperties: type: "string" - description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components." + description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe\nresources reserved for non-kubernetes components." type: "object" topologyManagerPolicy: description: "TopologyManagerPolicy is the name of the topology manager policy to use." type: "string" topologyManagerScope: - description: "TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate." + description: "TopologyManagerScope represents the scope of topology hint generation\nthat topology manager requests and hint providers generate." type: "string" type: "object" type: "object" @@ -204,7 +204,7 @@ spec: osFamily: type: "string" osImageURL: - description: "OSImageURL can be used to override the default OS image path to pull from a local server. OSImageURL is a URL to the OS image used during provisioning. It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could be http://localhost:8080/ubuntu-2204-1.27.tgz" + description: "OSImageURL can be used to override the default OS image path to pull from a local server.\nOSImageURL is a URL to the OS image used during provisioning. It must include\nthe Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could\nbe http://localhost:8080/ubuntu-2204-1.27.tgz" type: "string" templateRef: properties: @@ -240,9 +240,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml index f9e67d4c4..c89e0d0d3 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/tinkerbelltemplateconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "tinkerbelltemplateconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "TinkerbellTemplateConfig is the Schema for the TinkerbellTemplateConfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -119,9 +119,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml index 7466288f8..6a21b7ff9 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheredatacenterconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "vspheredatacenterconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "VSphereDatacenterConfig is the Schema for the VSphereDatacenterConfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -31,6 +31,37 @@ spec: properties: datacenter: type: "string" + failureDomains: + items: + description: "FailureDomain defines the list of failure domains to spread the VMs across." + properties: + computeCluster: + description: "ComputeCluster is the name or inventory path of the computecluster in which the VM is created/located" + type: "string" + datastore: + description: "Datastore is the name or inventory path of the datastore in which the VM is created/located" + type: "string" + folder: + description: "Folder is the name or inventory path of the folder in which the the VM is created/located" + type: "string" + name: + description: "Name is used as a unique identifier for each failure domain." + type: "string" + network: + description: "Network is the name or inventory path of the network which will be added to the VM" + type: "string" + resourcePool: + description: "ResourcePool is the name or inventory path of the resource pool in which the VM is created/located" + type: "string" + required: + - "computeCluster" + - "datastore" + - "folder" + - "name" + - "network" + - "resourcePool" + type: "object" + type: "array" insecure: type: "boolean" network: @@ -50,7 +81,7 @@ spec: description: "VSphereDatacenterConfigStatus defines the observed state of VSphereDatacenterConfig." properties: failureMessage: - description: "FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message." + description: "FailureMessage indicates that there is a fatal problem reconciling the\nstate, and will be set to a descriptive error message." type: "string" observedGeneration: description: "ObservedGeneration is the latest generation observed by the controller." @@ -65,9 +96,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml index 3353be83d..4073f5c03 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/vspheremachineconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "vspheremachineconfigs.anywhere.eks.amazonaws.com" spec: group: "anywhere.eks.amazonaws.com" @@ -19,10 +19,10 @@ spec: description: "VSphereMachineConfig is the Schema for the vspheremachineconfigs API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -45,7 +45,7 @@ spec: description: "HostOSConfiguration defines the configuration settings on the host OS." properties: bottlerocketConfiguration: - description: "BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket." + description: "BottlerocketConfiguration defines the Bottlerocket configuration on the host OS.\nThese settings only take effect when the `osFamily` is bottlerocket." properties: boot: description: "Boot defines the boot settings for bottlerocket." @@ -80,13 +80,13 @@ spec: type: "string" type: "array" clusterDomain: - description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains" + description: "ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers\nto search this domain before the host’s search domains" type: "string" containerLogMaxFiles: - description: "ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container" + description: "ContainerLogMaxFiles specifies the maximum number of container log\nfiles that can be present for a container" type: "integer" containerLogMaxSize: - description: "ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated" + description: "ContainerLogMaxSize is a quantity defining the maximum size of\nthe container log file before it is rotated" type: "string" cpuCFSQuota: description: "CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits" @@ -97,7 +97,7 @@ spec: cpuManagerPolicyOptions: additionalProperties: type: "string" - description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies" + description: "CPUManagerPolicyOptions is a set of key=value which allows to set extra options to\nfine tune the behaviour of the cpu manager policies" type: "object" cpuManagerReconcilePeriod: description: "CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager." @@ -114,7 +114,7 @@ spec: description: "EvictionHard is a map of signal names to quantities that defines hard eviction thresholds." type: "object" evictionMaxPodGracePeriod: - description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met." + description: "EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use\nwhen terminating pods in response to a soft eviction threshold being met." type: "integer" evictionSoft: additionalProperties: @@ -124,10 +124,10 @@ spec: evictionSoftGracePeriod: additionalProperties: type: "string" - description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal." + description: "EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods\nfor each soft eviction signal." type: "object" imageGCHighThresholdPercent: - description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run." + description: "ImageGCHighThresholdPercent is the percent of disk usage after which image garbage\ncollection is always run." type: "integer" imageGCLowThresholdPercent: description: "ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run." @@ -141,7 +141,7 @@ spec: kubeReserved: additionalProperties: type: "string" - description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components" + description: "KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources\nreserved for kubernetes system components" type: "object" maxPods: description: "MaxPods defines the maximum number of pods that can run on a node." @@ -163,21 +163,21 @@ spec: description: "RegistryPullQPS is the limit of registry pulls per second." type: "integer" shutdownGracePeriod: - description: "ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown." + description: "ShutdownGracePeriod specifies the total duration that the node should delay\nthe shutdown and total grace period for pod termination during a node shutdown." type: "string" shutdownGracePeriodCriticalPods: - description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown." + description: "ShutdownGracePeriodCriticalPods specifies the duration used to terminate\ncritical pods during a node shutdown." type: "string" systemReserved: additionalProperties: type: "string" - description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components." + description: "SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe\nresources reserved for non-kubernetes components." type: "object" topologyManagerPolicy: description: "TopologyManagerPolicy is the name of the topology manager policy to use." type: "string" topologyManagerScope: - description: "TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate." + description: "TopologyManagerScope represents the scope of topology hint generation\nthat topology manager requests and hint providers generate." type: "string" type: "object" type: "object" @@ -223,7 +223,7 @@ spec: type: "string" type: "array" template: - description: "Template field is the template to use for provisioning the VM. It must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27." + description: "Template field is the template to use for provisioning the VM. It must include the Kubernetes\nversion(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27." type: "string" users: items: @@ -256,9 +256,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml index 2548dde63..0a6a1a962 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "ec2nodeclasses.karpenter.k8s.aws" spec: group: "karpenter.k8s.aws" @@ -84,7 +84,7 @@ spec: tags: additionalProperties: type: "string" - description: "Tags is a map of key/value tags used to select subnets\nSpecifying '*' for a value selects all values for a given tag key." + description: "Tags is a map of key/value tags used to select amis.\nSpecifying '*' for a value selects all values for a given tag key." maxProperties: 20 type: "object" x-kubernetes-validations: @@ -164,6 +164,35 @@ spec: x-kubernetes-validations: - message: "must have only one blockDeviceMappings with rootVolume" rule: "self.filter(x, has(x.rootVolume)?x.rootVolume==true:false).size() <= 1" + capacityReservationSelectorTerms: + description: "CapacityReservationSelectorTerms is a list of capacity reservation selector terms. Each term is ORed together to\ndetermine the set of eligible capacity reservations." + items: + properties: + id: + description: "ID is the capacity reservation id in EC2" + pattern: "^cr-[0-9a-z]+$" + type: "string" + ownerID: + description: "Owner is the owner id for the ami." + pattern: "^[0-9]{12}$" + type: "string" + tags: + additionalProperties: + type: "string" + description: "Tags is a map of key/value tags used to select capacity reservations.\nSpecifying '*' for a value selects all values for a given tag key." + maxProperties: 20 + type: "object" + x-kubernetes-validations: + - message: "empty tag keys or values aren't supported" + rule: "self.all(k, k != '' && self[k] != '')" + type: "object" + maxItems: 30 + type: "array" + x-kubernetes-validations: + - message: "expected at least one, got none, ['tags', 'id']" + rule: "self.all(x, has(x.tags) || has(x.id))" + - message: "'id' is mutually exclusive, cannot be set along with tags in a capacity reservation selector term" + rule: "!self.all(x, has(x.id) && (has(x.tags) || has(x.ownerID)))" context: description: "Context is a Reserved field in EC2 APIs\nhttps://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html" type: "string" @@ -320,7 +349,7 @@ spec: - message: "immutable field changed" rule: "self == oldSelf" securityGroupSelectorTerms: - description: "SecurityGroupSelectorTerms is a list of or security group selector terms. The terms are ORed." + description: "SecurityGroupSelectorTerms is a list of security group selector terms. The terms are ORed." items: description: "SecurityGroupSelectorTerm defines selection logic for a security group used by Karpenter to launch nodes.\nIf multiple fields are used for selection, the requirements are ANDed." properties: @@ -334,7 +363,7 @@ spec: tags: additionalProperties: type: "string" - description: "Tags is a map of key/value tags used to select subnets\nSpecifying '*' for a value selects all values for a given tag key." + description: "Tags is a map of key/value tags used to select security groups.\nSpecifying '*' for a value selects all values for a given tag key." maxProperties: 20 type: "object" x-kubernetes-validations: @@ -348,12 +377,12 @@ spec: rule: "self.size() != 0" - message: "expected at least one, got none, ['tags', 'id', 'name']" rule: "self.all(x, has(x.tags) || has(x.id) || has(x.name))" - - message: "'id' is mutually exclusive, cannot be set with a combination of other fields in securityGroupSelectorTerms" + - message: "'id' is mutually exclusive, cannot be set with a combination of other fields in a security group selector term" rule: "!self.all(x, has(x.id) && (has(x.tags) || has(x.name)))" - - message: "'name' is mutually exclusive, cannot be set with a combination of other fields in securityGroupSelectorTerms" + - message: "'name' is mutually exclusive, cannot be set with a combination of other fields in a security group selector term" rule: "!self.all(x, has(x.name) && (has(x.tags) || has(x.id)))" subnetSelectorTerms: - description: "SubnetSelectorTerms is a list of or subnet selector terms. The terms are ORed." + description: "SubnetSelectorTerms is a list of subnet selector terms. The terms are ORed." items: description: "SubnetSelectorTerm defines selection logic for a subnet used by Karpenter to launch nodes.\nIf multiple fields are used for selection, the requirements are ANDed." properties: @@ -378,7 +407,7 @@ spec: rule: "self.size() != 0" - message: "expected at least one, got none, ['tags', 'id']" rule: "self.all(x, has(x.tags) || has(x.id))" - - message: "'id' is mutually exclusive, cannot be set with a combination of other fields in subnetSelectorTerms" + - message: "'id' is mutually exclusive, cannot be set with a combination of other fields in a subnet selector term" rule: "!self.all(x, has(x.id) && has(x.tags))" tags: additionalProperties: @@ -431,6 +460,9 @@ spec: items: description: "AMI contains resolved AMI selector values utilized for node launch" properties: + deprecated: + description: "Deprecation status of the AMI" + type: "boolean" id: description: "ID of the AMI" type: "string" @@ -464,6 +496,42 @@ spec: - "requirements" type: "object" type: "array" + capacityReservations: + description: "CapacityReservations contains the current capacity reservation values that are available to this NodeClass under the\nCapacityReservation selectors." + items: + properties: + availabilityZone: + description: "The availability zone the capacity reservation is available in." + type: "string" + endTime: + description: "The time at which the capacity reservation expires. Once expired, the reserved capacity is released and Karpenter\nwill no longer be able to launch instances into that reservation." + format: "date-time" + type: "string" + id: + description: "The id for the capacity reservation." + pattern: "^cr-[0-9a-z]+$" + type: "string" + instanceMatchCriteria: + description: "Indicates the type of instance launches the capacity reservation accepts." + enum: + - "open" + - "targeted" + type: "string" + instanceType: + description: "The instance type for the capacity reservation." + type: "string" + ownerID: + description: "The ID of the AWS account that owns the capacity reservation." + pattern: "^[0-9]{12}$" + type: "string" + required: + - "availabilityZone" + - "id" + - "instanceMatchCriteria" + - "instanceType" + - "ownerID" + type: "object" + type: "array" conditions: description: "Conditions contains signals for health and readiness" items: @@ -512,7 +580,7 @@ spec: description: "InstanceProfile contains the resolved instance profile for the role" type: "string" securityGroups: - description: "SecurityGroups contains the current Security Groups values that are available to the\ncluster under the SecurityGroups selectors." + description: "SecurityGroups contains the current security group values that are available to the\ncluster under the SecurityGroups selectors." items: description: "SecurityGroup contains resolved SecurityGroup selector values utilized for node launch" properties: @@ -527,7 +595,7 @@ spec: type: "object" type: "array" subnets: - description: "Subnets contains the current Subnet values that are available to the\ncluster under the subnet selectors." + description: "Subnets contains the current subnet values that are available to the\ncluster under the subnet selectors." items: description: "Subnet contains resolved Subnet selector values utilized for node launch" properties: diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml index f915fce2f..e15c75d4b 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "nodeclaims.karpenter.sh" spec: group: "karpenter.sh" @@ -34,6 +34,10 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" + - jsonPath: ".status.imageID" + name: "ImageID" + priority: 1 + type: "string" - jsonPath: ".status.providerID" name: "ID" priority: 1 @@ -74,12 +78,21 @@ spec: description: "API version of the referent" pattern: "^[^/]*$" type: "string" + x-kubernetes-validations: + - message: "group may not be empty" + rule: "self != ''" kind: description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\"" type: "string" + x-kubernetes-validations: + - message: "kind may not be empty" + rule: "self != ''" name: description: "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names" type: "string" + x-kubernetes-validations: + - message: "name may not be empty" + rule: "self != ''" required: - "group" - "kind" @@ -105,7 +118,7 @@ spec: - message: "label \"kubernetes.io/hostname\" is restricted" rule: "self != \"kubernetes.io/hostname\"" - message: "label domain \"karpenter.k8s.aws\" is restricted" - rule: "self in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")" + rule: "self in [\"karpenter.k8s.aws/capacity-reservation-id\", \"karpenter.k8s.aws/ec2nodeclass\", \"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\", \"karpenter.k8s.aws/instance-cpu-manufacturer\", \"karpenter.k8s.aws/instance-cpu-sustained-clock-speed-mhz\", \"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")" minValues: description: "This field is ALPHA and can be dropped or replaced at any time\nMinValues is the minimum number of unique values required to define the flexibility of the specific requirement." maximum: 50.0 diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml index ad5eed418..a1460e29a 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "nodepools.karpenter.sh" spec: group: "karpenter.sh" @@ -78,9 +78,9 @@ spec: pattern: "^((100|[0-9]{1,2})%|[0-9]+)$" type: "string" reasons: - description: "Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods.\nOtherwise, this will apply to each reason defined.\nallowed reasons are Underutilized, Empty, and Drifted and additional CloudProvider-specific reasons." + description: "Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods.\nOtherwise, this will apply to each reason defined.\nallowed reasons are Underutilized, Empty, and Drifted." items: - description: "DisruptionReason defines valid reasons for disruption budgets.\nCloudProviders will need to append to the list of enums when implementing cloud provider disruption reasons" + description: "DisruptionReason defines valid reasons for disruption budgets." enum: - "Underutilized" - "Empty" @@ -152,7 +152,7 @@ spec: - message: "label \"kubernetes.io/hostname\" is restricted" rule: "self.all(x, x != \"kubernetes.io/hostname\")" - message: "label domain \"karpenter.k8s.aws\" is restricted" - rule: "self.all(x, x in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !x.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\"))" + rule: "self.all(x, x in [\"karpenter.k8s.aws/capacity-reservation-id\", \"karpenter.k8s.aws/ec2nodeclass\", \"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\", \"karpenter.k8s.aws/instance-cpu-manufacturer\", \"karpenter.k8s.aws/instance-cpu-sustained-clock-speed-mhz\", \"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !x.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\"))" type: "object" spec: description: "NodeClaimTemplateSpec describes the desired state of the NodeClaim in the Nodepool\nNodeClaimTemplateSpec is used in the NodePool's NodeClaimTemplate, with the resource requests omitted since\nusers are not able to set resource requests in the NodePool." @@ -169,17 +169,31 @@ spec: description: "API version of the referent" pattern: "^[^/]*$" type: "string" + x-kubernetes-validations: + - message: "group may not be empty" + rule: "self != ''" kind: description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\"" type: "string" + x-kubernetes-validations: + - message: "kind may not be empty" + rule: "self != ''" name: description: "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names" type: "string" + x-kubernetes-validations: + - message: "name may not be empty" + rule: "self != ''" required: - "group" - "kind" - "name" type: "object" + x-kubernetes-validations: + - message: "nodeClassRef.group is immutable" + rule: "self.group == oldSelf.group" + - message: "nodeClassRef.kind is immutable" + rule: "self.kind == oldSelf.kind" requirements: description: "Requirements are layered with GetLabels and applied to every node." items: @@ -202,7 +216,7 @@ spec: - message: "label \"kubernetes.io/hostname\" is restricted" rule: "self != \"kubernetes.io/hostname\"" - message: "label domain \"karpenter.k8s.aws\" is restricted" - rule: "self in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")" + rule: "self in [\"karpenter.k8s.aws/capacity-reservation-id\", \"karpenter.k8s.aws/ec2nodeclass\", \"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\", \"karpenter.k8s.aws/instance-cpu-manufacturer\", \"karpenter.k8s.aws/instance-cpu-sustained-clock-speed-mhz\", \"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")" minValues: description: "This field is ALPHA and can be dropped or replaced at any time\nMinValues is the minimum number of unique values required to define the flexibility of the specific requirement." maximum: 50.0 diff --git a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml index 48d6906da..4d1e4561e 100644 --- a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml +++ b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationdestinations.yaml @@ -731,6 +731,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1518,6 +1521,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2390,6 +2396,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: diff --git a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml index 1687ac12f..da642856e 100644 --- a/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml +++ b/crd-catalog/backube/volsync/volsync.backube/v1alpha1/replicationsources.yaml @@ -728,6 +728,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1503,6 +1506,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2387,6 +2393,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3128,6 +3137,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: diff --git a/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml b/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml index 95aa631e7..2365d6e22 100644 --- a/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml +++ b/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml @@ -181,13 +181,13 @@ spec: description: "Auth: Azure Workload Identity or Azure Managed Service Identity:\nSettings to enable Azure Workload Identity or Azure Managed Service Identity\nIf set, ClientID, ClientSecret and TenantID must not be set." properties: clientID: - description: "client ID of the managed identity, can not be used at the same time as resourceID" + description: "client ID of the managed identity, cannot be used at the same time as resourceID" type: "string" resourceID: - description: "resource ID of the managed identity, can not be used at the same time as clientID\nCannot be used for Azure Managed Service Identity" + description: "resource ID of the managed identity, cannot be used at the same time as clientID\nCannot be used for Azure Managed Service Identity" type: "string" tenantID: - description: "tenant ID of the managed identity, can not be used at the same time as resourceID" + description: "tenant ID of the managed identity, cannot be used at the same time as resourceID" type: "string" type: "object" resourceGroupName: diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml index 5c871b833..206424f36 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/certificates.yaml @@ -124,10 +124,13 @@ spec: description: "Alias specifies the alias of the key in the keystore, required by the JKS format.\nIf not provided, the default alias `certificate` will be used." type: "string" create: - description: "Create enables JKS keystore creation for the Certificate.\nIf true, a file named `keystore.jks` will be created in the target\nSecret resource, encrypted using the password stored in\n`passwordSecretRef`.\nThe keystore file will be updated immediately.\nIf the issuer provided a CA certificate, a file named `truststore.jks`\nwill also be created in the target Secret resource, encrypted using the\npassword stored in `passwordSecretRef`\ncontaining the issuing Certificate Authority" + description: "Create enables JKS keystore creation for the Certificate.\nIf true, a file named `keystore.jks` will be created in the target\nSecret resource, encrypted using the password stored in\n`passwordSecretRef` or `password`.\nThe keystore file will be updated immediately.\nIf the issuer provided a CA certificate, a file named `truststore.jks`\nwill also be created in the target Secret resource, encrypted using the\npassword stored in `passwordSecretRef`\ncontaining the issuing Certificate Authority" type: "boolean" + password: + description: "Password provides a literal password used to encrypt the JKS keystore.\nMutually exclusive with passwordSecretRef.\nOne of password or passwordSecretRef must provide a password with a non-zero length." + type: "string" passwordSecretRef: - description: "PasswordSecretRef is a reference to a key in a Secret resource\ncontaining the password used to encrypt the JKS keystore." + description: "PasswordSecretRef is a reference to a non-empty key in a Secret resource\ncontaining the password used to encrypt the JKS keystore.\nMutually exclusive with password.\nOne of password or passwordSecretRef must provide a password with a non-zero length." properties: key: description: "The key of the entry in the Secret resource's `data` field to be used.\nSome instances of this field may be defaulted, in others it may be\nrequired." @@ -140,16 +143,18 @@ spec: type: "object" required: - "create" - - "passwordSecretRef" type: "object" pkcs12: description: "PKCS12 configures options for storing a PKCS12 keystore in the\n`spec.secretName` Secret resource." properties: create: - description: "Create enables PKCS12 keystore creation for the Certificate.\nIf true, a file named `keystore.p12` will be created in the target\nSecret resource, encrypted using the password stored in\n`passwordSecretRef`.\nThe keystore file will be updated immediately.\nIf the issuer provided a CA certificate, a file named `truststore.p12` will\nalso be created in the target Secret resource, encrypted using the\npassword stored in `passwordSecretRef` containing the issuing Certificate\nAuthority" + description: "Create enables PKCS12 keystore creation for the Certificate.\nIf true, a file named `keystore.p12` will be created in the target\nSecret resource, encrypted using the password stored in\n`passwordSecretRef` or in `password`.\nThe keystore file will be updated immediately.\nIf the issuer provided a CA certificate, a file named `truststore.p12` will\nalso be created in the target Secret resource, encrypted using the\npassword stored in `passwordSecretRef` containing the issuing Certificate\nAuthority" type: "boolean" + password: + description: "Password provides a literal password used to encrypt the PKCS#12 keystore.\nMutually exclusive with passwordSecretRef.\nOne of password or passwordSecretRef must provide a password with a non-zero length." + type: "string" passwordSecretRef: - description: "PasswordSecretRef is a reference to a key in a Secret resource\ncontaining the password used to encrypt the PKCS12 keystore." + description: "PasswordSecretRef is a reference to a non-empty key in a Secret resource\ncontaining the password used to encrypt the PKCS#12 keystore.\nMutually exclusive with password.\nOne of password or passwordSecretRef must provide a password with a non-zero length." properties: key: description: "The key of the entry in the Secret resource's `data` field to be used.\nSome instances of this field may be defaulted, in others it may be\nrequired." @@ -169,7 +174,6 @@ spec: type: "string" required: - "create" - - "passwordSecretRef" type: "object" type: "object" literalSubject: diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml index 062d156ef..6d0b05122 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml @@ -93,7 +93,7 @@ spec: - "keySecretRef" type: "object" preferredChain: - description: "PreferredChain is the chain to use if the ACME server outputs multiple.\nPreferredChain is no guarantee that this one gets delivered by the ACME\nendpoint.\nFor example, for Let's Encrypt's DST crosssign you would use:\n\"DST Root CA X3\" or \"ISRG Root X1\" for the newer Let's Encrypt root CA.\nThis value picks the first certificate bundle in the combined set of\nACME default and alternative chains that has a root-most certificate with\nthis value as its issuer's commonname." + description: "PreferredChain is the chain to use if the ACME server outputs multiple.\nPreferredChain is no guarantee that this one gets delivered by the ACME\nendpoint.\nFor example, for Let's Encrypt's DST cross-sign you would use:\n\"DST Root CA X3\" or \"ISRG Root X1\" for the newer Let's Encrypt root CA.\nThis value picks the first certificate bundle in the combined set of\nACME default and alternative chains that has a root-most certificate with\nthis value as its issuer's commonname." maxLength: 64 type: "string" privateKeySecretRef: @@ -223,13 +223,13 @@ spec: description: "Auth: Azure Workload Identity or Azure Managed Service Identity:\nSettings to enable Azure Workload Identity or Azure Managed Service Identity\nIf set, ClientID, ClientSecret and TenantID must not be set." properties: clientID: - description: "client ID of the managed identity, can not be used at the same time as resourceID" + description: "client ID of the managed identity, cannot be used at the same time as resourceID" type: "string" resourceID: - description: "resource ID of the managed identity, can not be used at the same time as clientID\nCannot be used for Azure Managed Service Identity" + description: "resource ID of the managed identity, cannot be used at the same time as clientID\nCannot be used for Azure Managed Service Identity" type: "string" tenantID: - description: "tenant ID of the managed identity, can not be used at the same time as resourceID" + description: "tenant ID of the managed identity, cannot be used at the same time as resourceID" type: "string" type: "object" resourceGroupName: diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml index c18affb36..a60960b13 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml @@ -94,7 +94,7 @@ spec: - "keySecretRef" type: "object" preferredChain: - description: "PreferredChain is the chain to use if the ACME server outputs multiple.\nPreferredChain is no guarantee that this one gets delivered by the ACME\nendpoint.\nFor example, for Let's Encrypt's DST crosssign you would use:\n\"DST Root CA X3\" or \"ISRG Root X1\" for the newer Let's Encrypt root CA.\nThis value picks the first certificate bundle in the combined set of\nACME default and alternative chains that has a root-most certificate with\nthis value as its issuer's commonname." + description: "PreferredChain is the chain to use if the ACME server outputs multiple.\nPreferredChain is no guarantee that this one gets delivered by the ACME\nendpoint.\nFor example, for Let's Encrypt's DST cross-sign you would use:\n\"DST Root CA X3\" or \"ISRG Root X1\" for the newer Let's Encrypt root CA.\nThis value picks the first certificate bundle in the combined set of\nACME default and alternative chains that has a root-most certificate with\nthis value as its issuer's commonname." maxLength: 64 type: "string" privateKeySecretRef: @@ -224,13 +224,13 @@ spec: description: "Auth: Azure Workload Identity or Azure Managed Service Identity:\nSettings to enable Azure Workload Identity or Azure Managed Service Identity\nIf set, ClientID, ClientSecret and TenantID must not be set." properties: clientID: - description: "client ID of the managed identity, can not be used at the same time as resourceID" + description: "client ID of the managed identity, cannot be used at the same time as resourceID" type: "string" resourceID: - description: "resource ID of the managed identity, can not be used at the same time as clientID\nCannot be used for Azure Managed Service Identity" + description: "resource ID of the managed identity, cannot be used at the same time as clientID\nCannot be used for Azure Managed Service Identity" type: "string" tenantID: - description: "tenant ID of the managed identity, can not be used at the same time as resourceID" + description: "tenant ID of the managed identity, cannot be used at the same time as resourceID" type: "string" type: "object" resourceGroupName: diff --git a/crd-catalog/cert-manager/trust-manager/trust.cert-manager.io/v1alpha1/bundles.yaml b/crd-catalog/cert-manager/trust-manager/trust.cert-manager.io/v1alpha1/bundles.yaml index 4cd7d4dab..682f7a28f 100644 --- a/crd-catalog/cert-manager/trust-manager/trust.cert-manager.io/v1alpha1/bundles.yaml +++ b/crd-catalog/cert-manager/trust-manager/trust.cert-manager.io/v1alpha1/bundles.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "bundles.trust.cert-manager.io" spec: group: "trust.cert-manager.io" @@ -55,13 +55,18 @@ spec: description: "BundleSource is the set of sources whose data will be appended and synced to\nthe BundleTarget in all Namespaces." properties: configMap: - description: "ConfigMap is a reference (by name) to a ConfigMap's `data` key, or to a\nlist of ConfigMap's `data` key using label selector, in the trust Namespace." + description: "ConfigMap is a reference (by name) to a ConfigMap's `data` key(s), or to a\nlist of ConfigMap's `data` key(s) using label selector, in the trust Namespace." properties: + includeAllKeys: + description: "IncludeAllKeys is a flag to include all keys in the object's `data` field to be used. False by default.\nThis field must not be true when `Key` is set." + type: "boolean" key: - description: "Key is the key of the entry in the object's `data` field to be used." + description: "Key of the entry in the object's `data` field to be used." + minLength: 1 type: "string" name: description: "Name is the name of the source object in the trust Namespace.\nThis field must be left empty when `selector` is set" + minLength: 1 type: "string" selector: description: "Selector is the label selector to use to fetch a list of objects. Must not be set\nwhen `Name` is set." @@ -96,20 +101,24 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" - required: - - "key" type: "object" + x-kubernetes-map-type: "atomic" inLine: description: "InLine is a simple string to append as the source data." type: "string" secret: - description: "Secret is a reference (by name) to a Secret's `data` key, or to a\nlist of Secret's `data` key using label selector, in the trust Namespace." + description: "Secret is a reference (by name) to a Secret's `data` key(s), or to a\nlist of Secret's `data` key(s) using label selector, in the trust Namespace." properties: + includeAllKeys: + description: "IncludeAllKeys is a flag to include all keys in the object's `data` field to be used. False by default.\nThis field must not be true when `Key` is set." + type: "boolean" key: - description: "Key is the key of the entry in the object's `data` field to be used." + description: "Key of the entry in the object's `data` field to be used." + minLength: 1 type: "string" name: description: "Name is the name of the source object in the trust Namespace.\nThis field must be left empty when `selector` is set" + minLength: 1 type: "string" selector: description: "Selector is the label selector to use to fetch a list of objects. Must not be set\nwhen `Name` is set." @@ -144,14 +153,17 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" - required: - - "key" type: "object" + x-kubernetes-map-type: "atomic" useDefaultCAs: description: "UseDefaultCAs, when true, requests the default CA bundle to be used as a source.\nDefault CAs are available if trust-manager was installed via Helm\nor was otherwise set up to include a package-injecting init container by using the\n\"--default-package-location\" flag when starting the trust-manager controller.\nIf default CAs were not configured at start-up, any request to use the default\nCAs will fail.\nThe version of the default CA package which is used for a Bundle is stored in the\ndefaultCAPackageVersion field of the Bundle's status field." type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" + maxItems: 100 + minItems: 1 type: "array" + x-kubernetes-list-type: "atomic" target: description: "Target is the target location in all namespaces to sync source data to." properties: @@ -163,6 +175,7 @@ spec: properties: key: description: "Key is the key of the entry in the object's `data` field to be used." + minLength: 1 type: "string" password: default: "changeit" @@ -173,11 +186,13 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" pkcs12: description: "PKCS12 requests a PKCS12-formatted binary trust bundle to be written to the target.\nThe bundle is by default created without a password." properties: key: description: "Key is the key of the entry in the object's `data` field to be used." + minLength: 1 type: "string" password: default: "" @@ -187,12 +202,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" configMap: description: "ConfigMap is the target ConfigMap in Namespaces that all Bundle source\ndata will be synced to." properties: key: description: "Key is the key of the entry in the object's `data` field to be used." + minLength: 1 type: "string" required: - "key" @@ -200,17 +217,42 @@ spec: namespaceSelector: description: "NamespaceSelector will, if set, only sync the target resource in\nNamespaces which match the selector." properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "MatchLabels matches on the set of labels that must be present on a\nNamespace for the Bundle target to be synced there." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" secret: description: "Secret is the target Secret that all Bundle source data will be synced to.\nUsing Secrets as targets is only supported if enabled at trust-manager startup.\nBy default, trust-manager has no permissions for writing to secrets and can only read secrets in the trust namespace." properties: key: description: "Key is the key of the entry in the object's `data` field to be used." + minLength: 1 type: "string" required: - "key" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/awschaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/awschaos.yaml index c67452996..9d42440b2 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/awschaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/awschaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "awschaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "AWSChaos is the Schema for the awschaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -47,7 +47,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -65,7 +65,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/azurechaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/azurechaos.yaml index 2370b32bc..2479e5916 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/azurechaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/azurechaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "azurechaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "AzureChaos is the Schema for the azurechaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,20 +37,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/blockchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/blockchaos.yaml index 6b37481c2..b3d02ea77 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/blockchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/blockchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "blockchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "BlockChaos is the Schema for the blockchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,12 +37,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -61,7 +61,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -78,21 +78,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -104,12 +104,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -119,7 +119,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -127,7 +127,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -136,11 +136,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/dnschaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/dnschaos.yaml index 6646bd5ab..553d60e15 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/dnschaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/dnschaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "dnschaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "DNSChaos is the Schema for the networkchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,13 +37,13 @@ spec: description: "Spec defines the behavior of a pod chaos experiment" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -51,7 +51,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -60,7 +60,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -73,21 +73,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -99,12 +99,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -114,7 +114,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -122,7 +122,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -131,11 +131,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/gcpchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/gcpchaos.yaml index 4ef98d4b9..7096dc9aa 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/gcpchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/gcpchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "gcpchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "GCPChaos is the Schema for the gcpchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,14 +37,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -76,7 +76,7 @@ spec: description: "GCPChaosStatus represents the status of a GCPChaos" properties: attachedDiskStrings: - description: "The attached disk info strings. Needed in disk-loss." + description: "The attached disk info strings.\nNeeded in disk-loss." items: type: "string" type: "array" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/httpchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/httpchaos.yaml index 37010290f..9dd565cc5 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/httpchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/httpchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "httpchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -23,10 +23,10 @@ spec: description: "HTTPChaos is the Schema for the HTTPchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -40,7 +40,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -49,7 +49,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -74,14 +74,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -112,7 +112,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -123,18 +123,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -142,21 +142,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -168,12 +168,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -183,7 +183,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -191,7 +191,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -200,7 +200,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -210,7 +210,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -234,7 +234,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/iochaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/iochaos.yaml index cfc51082b..092d57f5b 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/iochaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/iochaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "iochaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "IOChaos is the Schema for the iochaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -114,22 +114,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -154,7 +154,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -167,7 +167,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -178,21 +178,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -204,12 +204,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -219,7 +219,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -227,7 +227,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -236,11 +236,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/jvmchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/jvmchaos.yaml index abc6343bd..8287386d0 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/jvmchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/jvmchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "jvmchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "JVMChaos is the Schema for the jvmchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -51,7 +51,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -59,16 +59,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -77,7 +77,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -101,6 +101,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -110,21 +113,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -136,12 +139,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -151,7 +154,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -159,7 +162,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -168,17 +171,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/kernelchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/kernelchaos.yaml index ea8c9f204..59e4d3462 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/kernelchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/kernelchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "kernelchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -23,10 +23,10 @@ spec: description: "KernelChaos is the Schema for the kernelchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -34,7 +34,7 @@ spec: description: "Spec defines the behavior of a kernel chaos experiment" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -45,7 +45,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -53,26 +53,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -86,7 +86,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -103,21 +103,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -129,12 +129,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -144,7 +144,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -152,7 +152,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -161,11 +161,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/networkchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/networkchaos.yaml index 98b1d312f..54bd1d14f 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/networkchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/networkchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "networkchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "NetworkChaos is the Schema for the networkchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: description: "Spec defines the behavior of a pod chaos experiment" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -61,12 +61,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -94,8 +94,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -153,7 +155,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -179,21 +181,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -205,12 +207,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -220,7 +222,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -228,7 +230,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -237,14 +239,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -258,21 +260,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -284,12 +286,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -299,7 +301,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -307,7 +309,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -316,11 +318,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -330,7 +332,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachinechaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachinechaos.yaml index 38039ebe4..65e1f1a73 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachinechaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachinechaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "physicalmachinechaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -26,10 +26,10 @@ spec: description: "PhysicalMachineChaos is the Schema for the physical machine chaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -80,14 +80,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -102,34 +102,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -327,13 +327,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -346,10 +346,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -468,7 +468,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -514,7 +514,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -529,13 +529,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -544,7 +544,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -562,7 +562,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -595,7 +595,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -610,7 +610,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -644,7 +644,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -659,19 +659,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -785,21 +785,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -811,12 +811,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -828,7 +828,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -853,7 +853,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -869,7 +869,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachines.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachines.yaml index 3219e7187..4e3606745 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachines.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/physicalmachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "physicalmachines.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -19,10 +19,10 @@ spec: description: "PhysicalMachine is the Schema for the physical machine API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podchaos.yaml index 91da3c80d..9bb51e8a0 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "podchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -19,10 +19,10 @@ spec: description: "PodChaos is the control script`s spec." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,27 +30,27 @@ spec: description: "Spec defines the behavior of a pod chaos experiment" properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -67,21 +67,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -93,12 +93,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -108,7 +108,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -116,7 +116,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -125,11 +125,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podhttpchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podhttpchaos.yaml index 15b82cff8..6e5b4c6d1 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podhttpchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podhttpchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "podhttpchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -19,10 +19,10 @@ spec: description: "PodHttpChaos is the Schema for the podhttpchaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -41,7 +41,7 @@ spec: description: "Abort is a rule to abort a http session." type: "boolean" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" patch: description: "Patch is a rule to patch some contents in target." @@ -60,14 +60,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -88,7 +88,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -99,7 +99,7 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" type: "object" @@ -127,12 +127,12 @@ spec: request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" type: "object" source: @@ -149,7 +149,7 @@ spec: type: "object" type: "array" tls: - description: "TLS is the tls config, will be override if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill be override if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podiochaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podiochaos.yaml index 78f5fef6d..7dfc53bf8 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podiochaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podiochaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "podiochaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -19,10 +19,10 @@ spec: description: "PodIOChaos is the Schema for the podiochaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -165,7 +165,7 @@ spec: description: "TODO: support multiple different container to inject in one pod" type: "string" volumeMountPath: - description: "VolumeMountPath represents the target mount path It must be a root of mount path now. TODO: search the mount parent of any path automatically. TODO: support multiple different volume mount path in one pod" + description: "VolumeMountPath represents the target mount path\nIt must be a root of mount path now.\nTODO: search the mount parent of any path automatically.\nTODO: support multiple different volume mount path in one pod" type: "string" required: - "volumeMountPath" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podnetworkchaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podnetworkchaos.yaml index 2f0049bf1..5116da1fe 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podnetworkchaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/podnetworkchaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "podnetworkchaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -19,10 +19,10 @@ spec: description: "PodNetworkChaos is the Schema for the PodNetworkChaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -35,7 +35,7 @@ spec: description: "RawIPSet represents an ipset on specific pod" properties: cidrAndPorts: - description: "The contents of ipset. Only available when IPSetType is NetPortIPSet." + description: "The contents of ipset.\nOnly available when IPSetType is NetPortIPSet." items: description: "CidrAndPort represents CIDR and port pair" properties: @@ -51,7 +51,7 @@ spec: type: "object" type: "array" cidrs: - description: "The contents of ipset. Only available when IPSetType is NetIPSet." + description: "The contents of ipset.\nOnly available when IPSetType is NetIPSet." items: type: "string" type: "array" @@ -62,7 +62,7 @@ spec: description: "The name of ipset" type: "string" setNames: - description: "The contents of ipset. Only available when IPSetType is SetIPSet." + description: "The contents of ipset.\nOnly available when IPSetType is SetIPSet." items: type: "string" type: "array" @@ -121,12 +121,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -154,8 +154,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/remoteclusters.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/remoteclusters.yaml index ac5deca76..b6df19e66 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/remoteclusters.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/remoteclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "remoteclusters.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -19,10 +19,10 @@ spec: description: "RemoteCluster defines a remote cluster" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/schedules.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/schedules.yaml index 43b9e3e95..8389c0a14 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/schedules.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/schedules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "schedules.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -19,10 +19,10 @@ spec: description: "Schedule is the cronly schedule object" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,7 +33,7 @@ spec: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -43,7 +43,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -61,7 +61,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -72,20 +72,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -112,12 +112,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -136,7 +136,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -153,21 +153,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -179,12 +179,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -194,7 +194,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -202,7 +202,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -211,11 +211,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -235,13 +235,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -249,7 +249,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -258,7 +258,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -271,21 +271,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -297,12 +297,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -312,7 +312,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -320,7 +320,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -329,11 +329,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -344,14 +344,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -392,7 +392,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -401,7 +401,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -426,14 +426,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -464,7 +464,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -475,18 +475,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -494,21 +494,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -520,12 +520,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -535,7 +535,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -543,7 +543,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -552,7 +552,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -562,7 +562,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -586,7 +586,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -597,7 +597,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -674,22 +674,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -714,7 +714,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -727,7 +727,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -738,21 +738,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -764,12 +764,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -779,7 +779,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -787,7 +787,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -796,11 +796,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -815,7 +815,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -829,7 +829,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -837,16 +837,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -855,7 +855,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -879,6 +879,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -888,21 +891,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -914,12 +917,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -929,7 +932,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -937,7 +940,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -946,17 +949,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -967,7 +970,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -978,7 +981,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -986,26 +989,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -1019,7 +1022,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1036,21 +1039,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1062,12 +1065,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1077,7 +1080,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1085,7 +1088,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1094,11 +1097,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -1109,7 +1112,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -1133,12 +1136,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -1166,8 +1169,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -1225,7 +1230,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1251,21 +1256,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1277,12 +1282,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1292,7 +1297,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1300,7 +1305,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1309,14 +1314,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1330,21 +1335,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1356,12 +1361,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1371,7 +1376,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1379,7 +1384,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1388,11 +1393,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -1402,7 +1407,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -1456,14 +1461,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -1478,34 +1483,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -1703,13 +1708,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -1722,10 +1727,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -1844,7 +1849,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1890,7 +1895,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -1905,13 +1910,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -1920,7 +1925,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -1938,7 +1943,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -1971,7 +1976,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -1986,7 +1991,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -2020,7 +2025,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2035,19 +2040,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2161,21 +2166,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2187,12 +2192,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2204,7 +2209,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -2229,7 +2234,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -2245,7 +2250,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -2261,27 +2266,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2298,21 +2303,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2324,12 +2329,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2339,7 +2344,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2347,7 +2352,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2356,11 +2361,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -2379,7 +2384,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2387,7 +2392,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2404,21 +2409,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2430,12 +2435,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2445,7 +2450,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2453,7 +2458,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2462,20 +2467,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -2485,7 +2490,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -2496,7 +2501,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -2506,10 +2511,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -2517,7 +2522,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -2527,12 +2532,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2540,7 +2545,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2557,21 +2562,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2583,12 +2588,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2598,7 +2603,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2606,7 +2611,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2615,14 +2620,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -2639,13 +2644,13 @@ spec: items: properties: abortWithStatusCheck: - description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck." + description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded.\nOnly used when Type is TypeStatusCheck." type: "boolean" awsChaos: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -2655,7 +2660,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -2673,7 +2678,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -2684,20 +2689,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -2724,12 +2729,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2748,7 +2753,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2765,21 +2770,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2791,12 +2796,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2806,7 +2811,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2814,7 +2819,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2823,11 +2828,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -2862,13 +2867,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2876,7 +2881,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2885,7 +2890,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -2898,21 +2903,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2924,12 +2929,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2939,7 +2944,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2947,7 +2952,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2956,11 +2961,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -2971,14 +2976,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -3016,7 +3021,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -3025,7 +3030,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3050,14 +3055,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -3088,7 +3093,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -3099,18 +3104,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -3118,21 +3123,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3144,12 +3149,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3159,7 +3164,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3167,7 +3172,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3176,7 +3181,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -3186,7 +3191,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -3210,7 +3215,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -3221,7 +3226,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -3298,22 +3303,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -3338,7 +3343,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3351,7 +3356,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -3362,21 +3367,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3388,12 +3393,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3403,7 +3408,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3411,7 +3416,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3420,11 +3425,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -3439,7 +3444,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -3453,7 +3458,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -3461,16 +3466,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -3479,7 +3484,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3503,6 +3508,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -3512,21 +3520,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3538,12 +3546,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3553,7 +3561,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3561,7 +3569,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3570,17 +3578,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -3591,7 +3599,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -3602,7 +3610,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -3610,26 +3618,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -3643,7 +3651,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3660,21 +3668,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3686,12 +3694,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3701,7 +3709,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3709,7 +3717,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3718,11 +3726,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -3735,7 +3743,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -3759,12 +3767,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -3792,8 +3800,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -3851,7 +3861,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3877,21 +3887,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3903,12 +3913,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3918,7 +3928,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3926,7 +3936,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3935,14 +3945,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3956,21 +3966,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3982,12 +3992,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3997,7 +4007,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4005,7 +4015,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4014,11 +4024,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -4028,7 +4038,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -4082,14 +4092,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -4104,34 +4114,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -4329,13 +4339,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -4348,10 +4358,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -4470,7 +4480,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4516,7 +4526,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4531,13 +4541,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -4546,7 +4556,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4564,7 +4574,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -4597,7 +4607,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4612,7 +4622,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -4646,7 +4656,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4661,19 +4671,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4787,21 +4797,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4813,12 +4823,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4830,7 +4840,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -4855,7 +4865,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -4871,7 +4881,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -4887,27 +4897,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4924,21 +4934,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4950,12 +4960,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4965,7 +4975,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4973,7 +4983,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4982,11 +4992,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -5000,7 +5010,7 @@ spec: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -5010,7 +5020,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -5028,7 +5038,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -5039,20 +5049,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -5079,12 +5089,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5103,7 +5113,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5120,21 +5130,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5146,12 +5156,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5161,7 +5171,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5169,7 +5179,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5178,11 +5188,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -5201,13 +5211,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5215,7 +5225,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5224,7 +5234,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -5237,21 +5247,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5263,12 +5273,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5278,7 +5288,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5286,7 +5296,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5295,11 +5305,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -5310,14 +5320,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -5358,7 +5368,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -5367,7 +5377,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5392,14 +5402,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -5430,7 +5440,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -5441,18 +5451,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -5460,21 +5470,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5486,12 +5496,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5501,7 +5511,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5509,7 +5519,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5518,7 +5528,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -5528,7 +5538,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -5552,7 +5562,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -5563,7 +5573,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -5640,22 +5650,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -5680,7 +5690,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5693,7 +5703,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -5704,21 +5714,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5730,12 +5740,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5745,7 +5755,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5753,7 +5763,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5762,11 +5772,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -5781,7 +5791,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -5795,7 +5805,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5803,16 +5813,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -5821,7 +5831,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5845,6 +5855,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -5854,21 +5867,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5880,12 +5893,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5895,7 +5908,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5903,7 +5916,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5912,17 +5925,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -5933,7 +5946,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5944,7 +5957,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -5952,26 +5965,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -5985,7 +5998,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6002,21 +6015,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6028,12 +6041,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -6043,7 +6056,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -6051,7 +6064,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -6060,11 +6073,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -6075,7 +6088,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -6099,12 +6112,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -6132,8 +6145,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -6191,7 +6206,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6217,21 +6232,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6243,12 +6258,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -6258,7 +6273,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -6266,7 +6281,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -6275,14 +6290,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6296,21 +6311,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6322,12 +6337,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -6337,7 +6352,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -6345,7 +6360,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -6354,11 +6369,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -6368,7 +6383,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -6422,14 +6437,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -6444,34 +6459,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -6669,13 +6684,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -6688,10 +6703,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -6810,7 +6825,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6856,7 +6871,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -6871,13 +6886,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -6886,7 +6901,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -6904,7 +6919,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -6937,7 +6952,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -6952,7 +6967,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -6986,7 +7001,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -7001,19 +7016,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -7127,21 +7142,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7153,12 +7168,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7170,7 +7185,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -7195,7 +7210,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -7211,7 +7226,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -7227,27 +7242,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7264,21 +7279,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7290,12 +7305,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7305,7 +7320,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7313,7 +7328,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7322,11 +7337,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -7344,7 +7359,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -7352,7 +7367,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7369,21 +7384,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7395,12 +7410,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7410,7 +7425,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7418,7 +7433,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7427,20 +7442,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -7450,7 +7465,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -7461,7 +7476,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -7471,10 +7486,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -7482,7 +7497,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -7492,12 +7507,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -7505,7 +7520,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7522,21 +7537,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7548,12 +7563,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7563,7 +7578,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7571,7 +7586,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7580,14 +7595,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -7604,11 +7619,11 @@ spec: description: "StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck." properties: duration: - description: "Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration defines the duration of the whole status check if the\nnumber of failed execution does not exceed the failure threshold.\nDuration is available to both `Synchronous` and `Continuous` mode.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" failureThreshold: default: 3 - description: "FailureThreshold defines the minimum consecutive failure for the status check to be considered failed." + description: "FailureThreshold defines the minimum consecutive failure\nfor the status check to be considered failed." minimum: 1.0 type: "integer" http: @@ -7619,7 +7634,7 @@ spec: description: "Criteria defines how to determine the result of the status check." properties: statusCode: - description: "StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included)." + description: "StatusCode defines the expected http status code for the request.\nA statusCode string could be a single code (e.g. 200), or\nan inclusive range (e.g. 200-400, both `200` and `400` are included)." type: "string" required: - "statusCode" @@ -7629,7 +7644,7 @@ spec: items: type: "string" type: "array" - description: "A Header represents the key-value pairs in an HTTP header. \n The keys should be in canonical form, as returned by CanonicalHeaderKey." + description: "A Header represents the key-value pairs in an HTTP header.\n\n\nThe keys should be in canonical form, as returned by\n[CanonicalHeaderKey]." type: "object" method: default: "GET" @@ -7645,11 +7660,11 @@ spec: type: "object" intervalSeconds: default: 10 - description: "IntervalSeconds defines how often (in seconds) to perform an execution of status check." + description: "IntervalSeconds defines how often (in seconds) to perform\nan execution of status check." minimum: 1.0 type: "integer" mode: - description: "Mode defines the execution mode of the status check. Support type: Synchronous / Continuous" + description: "Mode defines the execution mode of the status check.\nSupport type: Synchronous / Continuous" enum: - "Synchronous" - "Continuous" @@ -7662,17 +7677,17 @@ spec: type: "integer" successThreshold: default: 1 - description: "SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode." + description: "SuccessThreshold defines the minimum consecutive successes\nfor the status check to be considered successful.\nSuccessThreshold only works for `Synchronous` mode." minimum: 1.0 type: "integer" timeoutSeconds: default: 1 - description: "TimeoutSeconds defines the number of seconds after which an execution of status check times out." + description: "TimeoutSeconds defines the number of seconds after which\nan execution of status check times out." minimum: 1.0 type: "integer" type: default: "HTTP" - description: "Type defines the specific status check type. Support type: HTTP" + description: "Type defines the specific status check type.\nSupport type: HTTP" enum: - "HTTP" type: "string" @@ -7683,7 +7698,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -7691,7 +7706,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7708,21 +7723,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7734,12 +7749,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7749,7 +7764,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7757,7 +7772,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7766,20 +7781,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -7789,7 +7804,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -7800,7 +7815,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -7810,10 +7825,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -7821,7 +7836,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -7834,17 +7849,17 @@ spec: description: "Container is the main container image to run in the pod" properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -7852,7 +7867,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -7864,7 +7879,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -7874,7 +7889,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -7887,7 +7902,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -7913,7 +7928,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -7928,7 +7943,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -7936,7 +7951,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -7950,7 +7965,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -7960,22 +7975,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -7984,7 +7999,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -7992,7 +8007,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -8009,16 +8024,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -8027,20 +8042,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -8049,7 +8064,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -8057,7 +8072,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -8074,16 +8089,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -8092,7 +8107,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -8100,19 +8115,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -8123,7 +8138,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -8132,7 +8147,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -8140,7 +8155,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -8157,24 +8172,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -8187,45 +8202,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -8236,19 +8251,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -8259,7 +8274,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -8268,7 +8283,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -8276,7 +8291,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -8293,24 +8308,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -8323,17 +8338,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -8343,10 +8358,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -8355,15 +8370,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -8379,7 +8394,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -8388,20 +8403,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -8417,27 +8432,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -8453,48 +8468,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -8505,7 +8520,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -8514,7 +8529,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -8522,7 +8537,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -8539,24 +8554,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -8569,34 +8584,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -8615,27 +8630,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -8643,7 +8658,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -8654,20 +8669,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -8685,13 +8700,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -8701,7 +8716,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -8717,7 +8732,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -8725,44 +8740,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -8771,11 +8786,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -8783,11 +8798,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -8795,7 +8810,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -8806,26 +8821,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -8834,7 +8849,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -8856,14 +8871,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -8888,41 +8903,41 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -8936,10 +8951,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -8948,22 +8963,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -8979,7 +8994,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -8988,7 +9003,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -8997,16 +9012,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9018,15 +9033,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -9040,14 +9055,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -9055,19 +9070,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -9075,13 +9090,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9092,36 +9107,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -9133,35 +9148,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -9170,39 +9185,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -9210,32 +9225,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -9244,7 +9259,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -9256,10 +9271,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -9271,7 +9286,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -9283,7 +9298,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -9291,11 +9306,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -9303,7 +9318,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -9332,14 +9347,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -9367,7 +9382,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -9375,11 +9390,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -9387,7 +9402,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -9398,14 +9413,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -9417,19 +9432,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -9439,38 +9454,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -9480,7 +9495,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -9489,13 +9504,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -9503,7 +9518,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -9512,7 +9527,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -9520,14 +9535,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -9535,11 +9550,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -9550,38 +9565,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -9606,12 +9621,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -9619,7 +9634,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -9636,21 +9651,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9662,12 +9677,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -9677,7 +9692,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -9685,7 +9700,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -9694,14 +9709,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -9726,28 +9741,28 @@ spec: properties: active: items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object.\n---\nNew uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.\n 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.\n 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular\n restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\".\n Those cannot be well described when embedded.\n 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.\n 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity\n during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple\n and the version of the actual struct is irrelevant.\n 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type\n will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.\n\n\nInstead of using this type, create a locally provided and used type that is well-focused on your reference.\nFor example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/statuschecks.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/statuschecks.yaml index 0e68688d4..dbb1c0889 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/statuschecks.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/statuschecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "statuschecks.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -18,10 +18,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -29,11 +29,11 @@ spec: description: "Spec defines the behavior of a status check" properties: duration: - description: "Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration defines the duration of the whole status check if the\nnumber of failed execution does not exceed the failure threshold.\nDuration is available to both `Synchronous` and `Continuous` mode.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" failureThreshold: default: 3 - description: "FailureThreshold defines the minimum consecutive failure for the status check to be considered failed." + description: "FailureThreshold defines the minimum consecutive failure\nfor the status check to be considered failed." minimum: 1.0 type: "integer" http: @@ -44,7 +44,7 @@ spec: description: "Criteria defines how to determine the result of the status check." properties: statusCode: - description: "StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included)." + description: "StatusCode defines the expected http status code for the request.\nA statusCode string could be a single code (e.g. 200), or\nan inclusive range (e.g. 200-400, both `200` and `400` are included)." type: "string" required: - "statusCode" @@ -54,7 +54,7 @@ spec: items: type: "string" type: "array" - description: "A Header represents the key-value pairs in an HTTP header. \n The keys should be in canonical form, as returned by CanonicalHeaderKey." + description: "A Header represents the key-value pairs in an HTTP header.\n\n\nThe keys should be in canonical form, as returned by\n[CanonicalHeaderKey]." type: "object" method: default: "GET" @@ -70,11 +70,11 @@ spec: type: "object" intervalSeconds: default: 10 - description: "IntervalSeconds defines how often (in seconds) to perform an execution of status check." + description: "IntervalSeconds defines how often (in seconds) to perform\nan execution of status check." minimum: 1.0 type: "integer" mode: - description: "Mode defines the execution mode of the status check. Support type: Synchronous / Continuous" + description: "Mode defines the execution mode of the status check.\nSupport type: Synchronous / Continuous" enum: - "Synchronous" - "Continuous" @@ -87,17 +87,17 @@ spec: type: "integer" successThreshold: default: 1 - description: "SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode." + description: "SuccessThreshold defines the minimum consecutive successes\nfor the status check to be considered successful.\nSuccessThreshold only works for `Synchronous` mode." minimum: 1.0 type: "integer" timeoutSeconds: default: 1 - description: "TimeoutSeconds defines the number of seconds after which an execution of status check times out." + description: "TimeoutSeconds defines the number of seconds after which\nan execution of status check times out." minimum: 1.0 type: "integer" type: default: "HTTP" - description: "Type defines the specific status check type. Support type: HTTP" + description: "Type defines the specific status check type.\nSupport type: HTTP" enum: - "HTTP" type: "string" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/stresschaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/stresschaos.yaml index 697ed083e..bcc76706b 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/stresschaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/stresschaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "stresschaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -23,10 +23,10 @@ spec: description: "StressChaos is the Schema for the stresschaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -34,7 +34,7 @@ spec: description: "Spec defines the behavior of a time chaos experiment" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -42,7 +42,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -59,21 +59,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -85,12 +85,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -100,7 +100,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -108,7 +108,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -117,20 +117,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -140,7 +140,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -151,7 +151,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -161,10 +161,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -172,7 +172,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/timechaos.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/timechaos.yaml index da2e68981..73f8ee2fd 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/timechaos.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/timechaos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "timechaos.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -23,10 +23,10 @@ spec: description: "TimeChaos is the Schema for the timechaos API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -34,12 +34,12 @@ spec: description: "Spec defines the behavior of a time chaos experiment" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -47,7 +47,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -64,21 +64,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -90,12 +90,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -105,7 +105,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -113,7 +113,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -122,14 +122,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflownodes.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflownodes.yaml index 192bfb61d..aa8f15d40 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflownodes.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflownodes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "workflownodes.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -20,10 +20,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -31,13 +31,13 @@ spec: description: "Spec defines the behavior of a node of workflow" properties: abortWithStatusCheck: - description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck." + description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded.\nOnly used when Type is TypeStatusCheck." type: "boolean" awsChaos: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -47,7 +47,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -65,7 +65,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -76,20 +76,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -116,12 +116,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -140,7 +140,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -157,21 +157,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -183,12 +183,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -198,7 +198,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -206,7 +206,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -215,11 +215,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -253,13 +253,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -267,7 +267,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -276,7 +276,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -289,21 +289,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -315,12 +315,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -330,7 +330,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -338,7 +338,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -347,11 +347,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -362,14 +362,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -407,7 +407,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -416,7 +416,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -441,14 +441,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -479,7 +479,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -490,18 +490,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -509,21 +509,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -535,12 +535,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -550,7 +550,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -558,7 +558,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -567,7 +567,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -577,7 +577,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -601,7 +601,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -612,7 +612,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -689,22 +689,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -729,7 +729,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -742,7 +742,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -753,21 +753,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -779,12 +779,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -794,7 +794,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -802,7 +802,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -811,11 +811,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -830,7 +830,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -844,7 +844,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -852,16 +852,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -870,7 +870,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -894,6 +894,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -903,21 +906,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -929,12 +932,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -944,7 +947,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -952,7 +955,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -961,17 +964,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -982,7 +985,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -993,7 +996,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -1001,26 +1004,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -1034,7 +1037,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1051,21 +1054,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1077,12 +1080,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1092,7 +1095,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1100,7 +1103,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1109,11 +1112,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -1124,7 +1127,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -1148,12 +1151,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -1181,8 +1184,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -1240,7 +1245,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1266,21 +1271,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1292,12 +1297,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1307,7 +1312,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1315,7 +1320,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1324,14 +1329,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1345,21 +1350,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1371,12 +1376,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1386,7 +1391,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1394,7 +1399,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1403,11 +1408,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -1417,7 +1422,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -1471,14 +1476,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -1493,34 +1498,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -1718,13 +1723,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -1737,10 +1742,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -1859,7 +1864,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1905,7 +1910,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -1920,13 +1925,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -1935,7 +1940,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -1953,7 +1958,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -1986,7 +1991,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2001,7 +2006,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -2035,7 +2040,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2050,19 +2055,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2176,21 +2181,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2202,12 +2207,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2219,7 +2224,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -2244,7 +2249,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -2260,7 +2265,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -2276,27 +2281,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2313,21 +2318,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2339,12 +2344,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2354,7 +2359,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2362,7 +2367,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2371,11 +2376,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -2389,7 +2394,7 @@ spec: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -2399,7 +2404,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -2417,7 +2422,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -2428,20 +2433,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -2468,12 +2473,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2492,7 +2497,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2509,21 +2514,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2535,12 +2540,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2550,7 +2555,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2558,7 +2563,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2567,11 +2572,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -2591,13 +2596,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2605,7 +2610,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2614,7 +2619,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -2627,21 +2632,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2653,12 +2658,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2668,7 +2673,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2676,7 +2681,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2685,11 +2690,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -2700,14 +2705,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -2748,7 +2753,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -2757,7 +2762,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2782,14 +2787,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -2820,7 +2825,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -2831,18 +2836,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -2850,21 +2855,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2876,12 +2881,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2891,7 +2896,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2899,7 +2904,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2908,7 +2913,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -2918,7 +2923,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -2942,7 +2947,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -2953,7 +2958,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -3030,22 +3035,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -3070,7 +3075,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3083,7 +3088,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -3094,21 +3099,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3120,12 +3125,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3135,7 +3140,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3143,7 +3148,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3152,11 +3157,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -3171,7 +3176,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -3185,7 +3190,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -3193,16 +3198,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -3211,7 +3216,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3235,6 +3240,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -3244,21 +3252,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3270,12 +3278,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3285,7 +3293,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3293,7 +3301,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3302,17 +3310,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -3323,7 +3331,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -3334,7 +3342,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -3342,26 +3350,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -3375,7 +3383,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3392,21 +3400,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3418,12 +3426,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3433,7 +3441,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3441,7 +3449,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3450,11 +3458,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -3465,7 +3473,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -3489,12 +3497,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -3522,8 +3530,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -3581,7 +3591,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3607,21 +3617,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3633,12 +3643,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3648,7 +3658,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3656,7 +3666,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3665,14 +3675,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3686,21 +3696,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3712,12 +3722,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3727,7 +3737,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3735,7 +3745,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3744,11 +3754,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -3758,7 +3768,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -3812,14 +3822,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -3834,34 +3844,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -4059,13 +4069,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -4078,10 +4088,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -4200,7 +4210,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4246,7 +4256,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4261,13 +4271,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -4276,7 +4286,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4294,7 +4304,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -4327,7 +4337,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4342,7 +4352,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -4376,7 +4386,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4391,19 +4401,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4517,21 +4527,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4543,12 +4553,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4560,7 +4570,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -4585,7 +4595,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -4601,7 +4611,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -4617,27 +4627,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4654,21 +4664,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4680,12 +4690,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4695,7 +4705,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4703,7 +4713,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4712,11 +4722,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -4735,7 +4745,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -4743,7 +4753,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4760,21 +4770,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4786,12 +4796,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4801,7 +4811,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4809,7 +4819,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4818,20 +4828,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -4841,7 +4851,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -4852,7 +4862,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -4862,10 +4872,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -4873,7 +4883,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -4883,12 +4893,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -4896,7 +4906,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4913,21 +4923,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4939,12 +4949,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4954,7 +4964,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4962,7 +4972,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4971,14 +4981,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -4995,13 +5005,13 @@ spec: items: properties: abortWithStatusCheck: - description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck." + description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded.\nOnly used when Type is TypeStatusCheck." type: "boolean" awsChaos: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -5011,7 +5021,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -5029,7 +5039,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -5040,20 +5050,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -5080,12 +5090,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5104,7 +5114,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5121,21 +5131,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5147,12 +5157,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5162,7 +5172,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5170,7 +5180,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5179,11 +5189,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -5218,13 +5228,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5232,7 +5242,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5241,7 +5251,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -5254,21 +5264,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5280,12 +5290,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5295,7 +5305,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5303,7 +5313,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5312,11 +5322,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -5327,14 +5337,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -5372,7 +5382,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -5381,7 +5391,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5406,14 +5416,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -5444,7 +5454,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -5455,18 +5465,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -5474,21 +5484,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5500,12 +5510,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5515,7 +5525,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5523,7 +5533,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5532,7 +5542,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -5542,7 +5552,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -5566,7 +5576,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -5577,7 +5587,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -5654,22 +5664,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -5694,7 +5704,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5707,7 +5717,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -5718,21 +5728,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5744,12 +5754,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5759,7 +5769,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5767,7 +5777,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5776,11 +5786,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -5795,7 +5805,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -5809,7 +5819,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5817,16 +5827,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -5835,7 +5845,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5859,6 +5869,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -5868,21 +5881,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5894,12 +5907,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5909,7 +5922,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5917,7 +5930,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5926,17 +5939,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -5947,7 +5960,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5958,7 +5971,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -5966,26 +5979,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -5999,7 +6012,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6016,21 +6029,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6042,12 +6055,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -6057,7 +6070,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -6065,7 +6078,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -6074,11 +6087,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -6091,7 +6104,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -6115,12 +6128,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -6148,8 +6161,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -6207,7 +6222,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6233,21 +6248,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6259,12 +6274,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -6274,7 +6289,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -6282,7 +6297,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -6291,14 +6306,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6312,21 +6327,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6338,12 +6353,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -6353,7 +6368,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -6361,7 +6376,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -6370,11 +6385,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -6384,7 +6399,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -6438,14 +6453,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -6460,34 +6475,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -6685,13 +6700,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -6704,10 +6719,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -6826,7 +6841,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -6872,7 +6887,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -6887,13 +6902,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -6902,7 +6917,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -6920,7 +6935,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -6953,7 +6968,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -6968,7 +6983,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -7002,7 +7017,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -7017,19 +7032,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -7143,21 +7158,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7169,12 +7184,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7186,7 +7201,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -7211,7 +7226,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -7227,7 +7242,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -7243,27 +7258,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7280,21 +7295,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7306,12 +7321,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7321,7 +7336,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7329,7 +7344,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7338,11 +7353,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -7356,7 +7371,7 @@ spec: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -7366,7 +7381,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -7384,7 +7399,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -7395,20 +7410,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -7435,12 +7450,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -7459,7 +7474,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7476,21 +7491,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7502,12 +7517,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7517,7 +7532,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7525,7 +7540,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7534,11 +7549,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -7557,13 +7572,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -7571,7 +7586,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7580,7 +7595,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -7593,21 +7608,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7619,12 +7634,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7634,7 +7649,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7642,7 +7657,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7651,11 +7666,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -7666,14 +7681,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -7714,7 +7729,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -7723,7 +7738,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7748,14 +7763,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -7786,7 +7801,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -7797,18 +7812,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -7816,21 +7831,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7842,12 +7857,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7857,7 +7872,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7865,7 +7880,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7874,7 +7889,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -7884,7 +7899,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -7908,7 +7923,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -7919,7 +7934,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -7996,22 +8011,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -8036,7 +8051,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -8049,7 +8064,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -8060,21 +8075,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8086,12 +8101,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -8101,7 +8116,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -8109,7 +8124,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -8118,11 +8133,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -8137,7 +8152,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -8151,7 +8166,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -8159,16 +8174,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -8177,7 +8192,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -8201,6 +8216,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -8210,21 +8228,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8236,12 +8254,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -8251,7 +8269,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -8259,7 +8277,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -8268,17 +8286,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -8289,7 +8307,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -8300,7 +8318,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -8308,26 +8326,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -8341,7 +8359,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -8358,21 +8376,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8384,12 +8402,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -8399,7 +8417,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -8407,7 +8425,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -8416,11 +8434,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -8431,7 +8449,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -8455,12 +8473,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -8488,8 +8506,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -8547,7 +8567,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -8573,21 +8593,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8599,12 +8619,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -8614,7 +8634,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -8622,7 +8642,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -8631,14 +8651,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -8652,21 +8672,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -8678,12 +8698,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -8693,7 +8713,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -8701,7 +8721,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -8710,11 +8730,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -8724,7 +8744,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -8778,14 +8798,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -8800,34 +8820,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -9025,13 +9045,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -9044,10 +9064,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -9166,7 +9186,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -9212,7 +9232,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -9227,13 +9247,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -9242,7 +9262,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -9260,7 +9280,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -9293,7 +9313,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -9308,7 +9328,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -9342,7 +9362,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -9357,19 +9377,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -9483,21 +9503,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9509,12 +9529,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -9526,7 +9546,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -9551,7 +9571,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -9567,7 +9587,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -9583,27 +9603,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -9620,21 +9640,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9646,12 +9666,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -9661,7 +9681,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -9669,7 +9689,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -9678,11 +9698,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -9700,7 +9720,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -9708,7 +9728,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -9725,21 +9745,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9751,12 +9771,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -9766,7 +9786,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -9774,7 +9794,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -9783,20 +9803,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -9806,7 +9826,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -9817,7 +9837,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -9827,10 +9847,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -9838,7 +9858,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -9848,12 +9868,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -9861,7 +9881,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -9878,21 +9898,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -9904,12 +9924,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -9919,7 +9939,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -9927,7 +9947,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -9936,14 +9956,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -9960,11 +9980,11 @@ spec: description: "StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck." properties: duration: - description: "Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration defines the duration of the whole status check if the\nnumber of failed execution does not exceed the failure threshold.\nDuration is available to both `Synchronous` and `Continuous` mode.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" failureThreshold: default: 3 - description: "FailureThreshold defines the minimum consecutive failure for the status check to be considered failed." + description: "FailureThreshold defines the minimum consecutive failure\nfor the status check to be considered failed." minimum: 1.0 type: "integer" http: @@ -9975,7 +9995,7 @@ spec: description: "Criteria defines how to determine the result of the status check." properties: statusCode: - description: "StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included)." + description: "StatusCode defines the expected http status code for the request.\nA statusCode string could be a single code (e.g. 200), or\nan inclusive range (e.g. 200-400, both `200` and `400` are included)." type: "string" required: - "statusCode" @@ -9985,7 +10005,7 @@ spec: items: type: "string" type: "array" - description: "A Header represents the key-value pairs in an HTTP header. \n The keys should be in canonical form, as returned by CanonicalHeaderKey." + description: "A Header represents the key-value pairs in an HTTP header.\n\n\nThe keys should be in canonical form, as returned by\n[CanonicalHeaderKey]." type: "object" method: default: "GET" @@ -10001,11 +10021,11 @@ spec: type: "object" intervalSeconds: default: 10 - description: "IntervalSeconds defines how often (in seconds) to perform an execution of status check." + description: "IntervalSeconds defines how often (in seconds) to perform\nan execution of status check." minimum: 1.0 type: "integer" mode: - description: "Mode defines the execution mode of the status check. Support type: Synchronous / Continuous" + description: "Mode defines the execution mode of the status check.\nSupport type: Synchronous / Continuous" enum: - "Synchronous" - "Continuous" @@ -10018,17 +10038,17 @@ spec: type: "integer" successThreshold: default: 1 - description: "SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode." + description: "SuccessThreshold defines the minimum consecutive successes\nfor the status check to be considered successful.\nSuccessThreshold only works for `Synchronous` mode." minimum: 1.0 type: "integer" timeoutSeconds: default: 1 - description: "TimeoutSeconds defines the number of seconds after which an execution of status check times out." + description: "TimeoutSeconds defines the number of seconds after which\nan execution of status check times out." minimum: 1.0 type: "integer" type: default: "HTTP" - description: "Type defines the specific status check type. Support type: HTTP" + description: "Type defines the specific status check type.\nSupport type: HTTP" enum: - "HTTP" type: "string" @@ -10039,7 +10059,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -10047,7 +10067,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -10064,21 +10084,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -10090,12 +10110,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -10105,7 +10125,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -10113,7 +10133,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -10122,20 +10142,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -10145,7 +10165,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -10156,7 +10176,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -10166,10 +10186,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -10177,7 +10197,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -10190,17 +10210,17 @@ spec: description: "Container is the main container image to run in the pod" properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -10208,7 +10228,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -10220,7 +10240,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -10230,7 +10250,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -10243,7 +10263,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -10269,7 +10289,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -10284,7 +10304,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -10292,7 +10312,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -10306,7 +10326,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -10316,22 +10336,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -10340,7 +10360,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -10348,7 +10368,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -10365,16 +10385,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -10383,20 +10403,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -10405,7 +10425,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -10413,7 +10433,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -10430,16 +10450,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -10448,7 +10468,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -10456,19 +10476,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -10479,7 +10499,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -10488,7 +10508,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -10496,7 +10516,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -10513,24 +10533,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -10543,45 +10563,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -10592,19 +10612,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -10615,7 +10635,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -10624,7 +10644,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -10632,7 +10652,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -10649,24 +10669,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -10679,17 +10699,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -10699,10 +10719,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -10711,15 +10731,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -10735,7 +10755,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -10744,20 +10764,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -10773,27 +10793,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -10809,48 +10829,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -10861,7 +10881,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -10870,7 +10890,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -10878,7 +10898,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -10895,24 +10915,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -10925,34 +10945,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -10971,27 +10991,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -10999,7 +11019,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -11010,20 +11030,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -11041,13 +11061,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -11057,7 +11077,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -11073,7 +11093,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -11081,44 +11101,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -11127,11 +11147,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -11139,11 +11159,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -11151,7 +11171,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -11162,26 +11182,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -11190,7 +11210,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -11212,14 +11232,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -11244,41 +11264,41 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -11292,10 +11312,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -11304,22 +11324,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -11335,7 +11355,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -11344,7 +11364,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -11353,16 +11373,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -11374,15 +11394,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -11396,14 +11416,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -11411,19 +11431,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -11431,13 +11451,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11448,36 +11468,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -11489,35 +11509,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -11526,39 +11546,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -11566,32 +11586,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -11600,7 +11620,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -11612,10 +11632,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -11627,7 +11647,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -11639,7 +11659,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -11647,11 +11667,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -11659,7 +11679,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -11688,14 +11708,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -11723,7 +11743,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -11731,11 +11751,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -11743,7 +11763,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -11754,14 +11774,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -11773,19 +11793,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -11795,38 +11815,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -11836,7 +11856,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -11845,13 +11865,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -11859,7 +11879,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -11868,7 +11888,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -11876,14 +11896,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -11891,11 +11911,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -11906,38 +11926,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -11962,12 +11982,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -11975,7 +11995,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -11992,21 +12012,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -12018,12 +12038,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -12033,7 +12053,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -12041,7 +12061,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -12050,14 +12070,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -12084,11 +12104,11 @@ spec: description: "StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck." properties: duration: - description: "Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration defines the duration of the whole status check if the\nnumber of failed execution does not exceed the failure threshold.\nDuration is available to both `Synchronous` and `Continuous` mode.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" failureThreshold: default: 3 - description: "FailureThreshold defines the minimum consecutive failure for the status check to be considered failed." + description: "FailureThreshold defines the minimum consecutive failure\nfor the status check to be considered failed." minimum: 1.0 type: "integer" http: @@ -12099,7 +12119,7 @@ spec: description: "Criteria defines how to determine the result of the status check." properties: statusCode: - description: "StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included)." + description: "StatusCode defines the expected http status code for the request.\nA statusCode string could be a single code (e.g. 200), or\nan inclusive range (e.g. 200-400, both `200` and `400` are included)." type: "string" required: - "statusCode" @@ -12109,7 +12129,7 @@ spec: items: type: "string" type: "array" - description: "A Header represents the key-value pairs in an HTTP header. \n The keys should be in canonical form, as returned by CanonicalHeaderKey." + description: "A Header represents the key-value pairs in an HTTP header.\n\n\nThe keys should be in canonical form, as returned by\n[CanonicalHeaderKey]." type: "object" method: default: "GET" @@ -12125,11 +12145,11 @@ spec: type: "object" intervalSeconds: default: 10 - description: "IntervalSeconds defines how often (in seconds) to perform an execution of status check." + description: "IntervalSeconds defines how often (in seconds) to perform\nan execution of status check." minimum: 1.0 type: "integer" mode: - description: "Mode defines the execution mode of the status check. Support type: Synchronous / Continuous" + description: "Mode defines the execution mode of the status check.\nSupport type: Synchronous / Continuous" enum: - "Synchronous" - "Continuous" @@ -12142,17 +12162,17 @@ spec: type: "integer" successThreshold: default: 1 - description: "SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode." + description: "SuccessThreshold defines the minimum consecutive successes\nfor the status check to be considered successful.\nSuccessThreshold only works for `Synchronous` mode." minimum: 1.0 type: "integer" timeoutSeconds: default: 1 - description: "TimeoutSeconds defines the number of seconds after which an execution of status check times out." + description: "TimeoutSeconds defines the number of seconds after which\nan execution of status check times out." minimum: 1.0 type: "integer" type: default: "HTTP" - description: "Type defines the specific status check type. Support type: HTTP" + description: "Type defines the specific status check type.\nSupport type: HTTP" enum: - "HTTP" type: "string" @@ -12163,7 +12183,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -12171,7 +12191,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -12188,21 +12208,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -12214,12 +12234,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -12229,7 +12249,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -12237,7 +12257,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -12246,20 +12266,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -12269,7 +12289,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -12280,7 +12300,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -12290,10 +12310,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -12301,7 +12321,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -12313,17 +12333,17 @@ spec: description: "Container is the main container image to run in the pod" properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -12331,7 +12351,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -12343,7 +12363,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -12353,7 +12373,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -12366,7 +12386,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -12392,7 +12412,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -12407,7 +12427,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -12415,7 +12435,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -12429,7 +12449,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -12439,22 +12459,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -12463,7 +12483,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -12471,7 +12491,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -12488,16 +12508,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -12506,20 +12526,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -12528,7 +12548,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -12536,7 +12556,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -12553,16 +12573,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -12571,7 +12591,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -12579,19 +12599,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -12602,7 +12622,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -12611,7 +12631,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -12619,7 +12639,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -12636,24 +12656,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -12666,45 +12686,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -12715,19 +12735,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -12738,7 +12758,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -12747,7 +12767,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -12755,7 +12775,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -12772,24 +12792,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -12802,17 +12822,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -12822,10 +12842,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -12834,15 +12854,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -12858,7 +12878,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -12867,20 +12887,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -12896,27 +12916,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -12932,48 +12952,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -12984,7 +13004,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -12993,7 +13013,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -13001,7 +13021,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -13018,24 +13038,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -13048,34 +13068,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -13094,27 +13114,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -13122,7 +13142,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -13133,20 +13153,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -13164,13 +13184,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -13180,7 +13200,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -13196,7 +13216,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -13204,44 +13224,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -13250,11 +13270,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -13262,11 +13282,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -13274,7 +13294,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -13285,26 +13305,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -13313,7 +13333,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -13335,14 +13355,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -13367,41 +13387,41 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -13415,10 +13435,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -13427,22 +13447,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -13458,7 +13478,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -13467,7 +13487,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -13476,16 +13496,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -13497,15 +13517,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -13519,14 +13539,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -13534,19 +13554,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -13554,13 +13574,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -13571,36 +13591,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -13612,35 +13632,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -13649,39 +13669,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -13689,32 +13709,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -13723,7 +13743,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -13735,10 +13755,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -13750,7 +13770,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -13762,7 +13782,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -13770,11 +13790,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -13782,7 +13802,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -13811,14 +13831,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -13846,7 +13866,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -13854,11 +13874,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -13866,7 +13886,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -13877,14 +13897,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -13896,19 +13916,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -13918,38 +13938,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -13959,7 +13979,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -13968,13 +13988,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -13982,7 +14002,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -13991,7 +14011,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -13999,14 +14019,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -14014,11 +14034,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -14029,38 +14049,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -14085,12 +14105,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -14098,7 +14118,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -14115,21 +14135,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -14141,12 +14161,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -14156,7 +14176,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -14164,7 +14184,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -14173,14 +14193,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -14203,10 +14223,10 @@ spec: activeChildren: description: "ActiveChildren means the created children node" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -14215,7 +14235,7 @@ spec: description: "ChaosResource refs to the real chaos CR object." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -14267,10 +14287,10 @@ spec: finishedChildren: description: "Children is necessary for representing the order when replicated child template references by parent template." items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflows.yaml b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflows.yaml index 2f7d90928..b09519b25 100644 --- a/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflows.yaml +++ b/crd-catalog/chaos-mesh/chaos-mesh/chaos-mesh.org/v1alpha1/workflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "workflows.chaos-mesh.org" spec: group: "chaos-mesh.org" @@ -20,10 +20,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -36,13 +36,13 @@ spec: items: properties: abortWithStatusCheck: - description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck." + description: "AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded.\nOnly used when Type is TypeStatusCheck." type: "boolean" awsChaos: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -52,7 +52,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -70,7 +70,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -81,20 +81,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -121,12 +121,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -145,7 +145,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -162,21 +162,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -188,12 +188,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -203,7 +203,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -211,7 +211,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -220,11 +220,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -259,13 +259,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -273,7 +273,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -282,7 +282,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -295,21 +295,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -321,12 +321,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -336,7 +336,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -344,7 +344,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -353,11 +353,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -368,14 +368,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -413,7 +413,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -422,7 +422,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -447,14 +447,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -485,7 +485,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -496,18 +496,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -515,21 +515,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -541,12 +541,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -556,7 +556,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -564,7 +564,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -573,7 +573,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -583,7 +583,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -607,7 +607,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -618,7 +618,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -695,22 +695,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -735,7 +735,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -748,7 +748,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -759,21 +759,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -785,12 +785,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -800,7 +800,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -808,7 +808,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -817,11 +817,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -836,7 +836,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -850,7 +850,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -858,16 +858,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -876,7 +876,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -900,6 +900,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -909,21 +912,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -935,12 +938,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -950,7 +953,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -958,7 +961,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -967,17 +970,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -988,7 +991,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -999,7 +1002,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -1007,26 +1010,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -1040,7 +1043,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1057,21 +1060,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1083,12 +1086,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1098,7 +1101,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1106,7 +1109,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1115,11 +1118,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -1132,7 +1135,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -1156,12 +1159,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -1189,8 +1192,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -1248,7 +1253,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1274,21 +1279,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1300,12 +1305,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1315,7 +1320,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1323,7 +1328,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1332,14 +1337,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1353,21 +1358,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1379,12 +1384,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -1394,7 +1399,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -1402,7 +1407,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -1411,11 +1416,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -1425,7 +1430,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -1479,14 +1484,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -1501,34 +1506,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -1726,13 +1731,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -1745,10 +1750,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -1867,7 +1872,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -1913,7 +1918,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -1928,13 +1933,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -1943,7 +1948,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -1961,7 +1966,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -1994,7 +1999,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2009,7 +2014,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -2043,7 +2048,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2058,19 +2063,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -2184,21 +2189,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2210,12 +2215,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2227,7 +2232,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -2252,7 +2257,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -2268,7 +2273,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -2284,27 +2289,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2321,21 +2326,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2347,12 +2352,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2362,7 +2367,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2370,7 +2375,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2379,11 +2384,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -2397,7 +2402,7 @@ spec: description: "AWSChaosSpec is the content of the specification for an AWSChaos" properties: action: - description: "Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop" + description: "Action defines the specific aws chaos action.\nSupported action: ec2-stop / ec2-restart / detach-volume\nDefault action: ec2-stop" enum: - "ec2-stop" - "ec2-restart" @@ -2407,7 +2412,7 @@ spec: description: "AWSRegion defines the region of aws." type: "string" deviceName: - description: "DeviceName indicates the name of the device. Needed in detach-volume." + description: "DeviceName indicates the name of the device.\nNeeded in detach-volume." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -2425,7 +2430,7 @@ spec: description: "SecretName defines the name of kubernetes secret." type: "string" volumeID: - description: "EbsVolume indicates the ID of the EBS volume. Needed in detach-volume." + description: "EbsVolume indicates the ID of the EBS volume.\nNeeded in detach-volume." type: "string" required: - "action" @@ -2436,20 +2441,20 @@ spec: description: "AzureChaosSpec is the content of the specification for an AzureChaos" properties: action: - description: "Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop" + description: "Action defines the specific azure chaos action.\nSupported action: vm-stop / vm-restart / disk-detach\nDefault action: vm-stop" enum: - "vm-stop" - "vm-restart" - "disk-detach" type: "string" diskName: - description: "DiskName indicates the name of the disk. Needed in disk-detach." + description: "DiskName indicates the name of the disk.\nNeeded in disk-detach." type: "string" duration: description: "Duration represents the duration of the chaos action." type: "string" lun: - description: "LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach." + description: "LUN indicates the Logical Unit Number of the data disk.\nNeeded in disk-detach." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -2476,12 +2481,12 @@ spec: description: "BlockChaosSpec is the content of the specification for a BlockChaos" properties: action: - description: "Action defines the specific block chaos action. Supported action: delay" + description: "Action defines the specific block chaos action.\nSupported action: delay" enum: - "delay" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2500,7 +2505,7 @@ spec: description: "Duration represents the duration of the chaos action." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2517,21 +2522,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2543,12 +2548,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2558,7 +2563,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2566,7 +2571,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2575,11 +2580,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumeName: type: "string" @@ -2598,13 +2603,13 @@ spec: description: "DNSChaosSpec defines the desired state of DNSChaos" properties: action: - description: "Action defines the specific DNS chaos action. Supported action: error, random Default action: error" + description: "Action defines the specific DNS chaos action.\nSupported action: error, random\nDefault action: error" enum: - "error" - "random" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -2612,7 +2617,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2621,7 +2626,7 @@ spec: - "random-max-percent" type: "string" patterns: - description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"], will take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" + description: "Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name.\nNote:\n 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid.\n 2. if the patterns is empty, will take effect on all the domain names.\nFor example:\n\t\tThe value is [\"google.com\", \"github.*\", \"chaos-mes?.org\"],\n\t\twill take effect on \"google.com\", \"github.com\" and \"chaos-mesh.org\"" items: type: "string" type: "array" @@ -2634,21 +2639,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2660,12 +2665,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2675,7 +2680,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2683,7 +2688,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2692,11 +2697,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -2707,14 +2712,14 @@ spec: description: "GCPChaosSpec is the content of the specification for a GCPChaos" properties: action: - description: "Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop" + description: "Action defines the specific gcp chaos action.\nSupported action: node-stop / node-reset / disk-loss\nDefault action: node-stop" enum: - "node-stop" - "node-reset" - "disk-loss" type: "string" deviceNames: - description: "The device name of disks to detach. Needed in disk-loss." + description: "The device name of disks to detach.\nNeeded in disk-loss." items: type: "string" type: "array" @@ -2755,7 +2760,7 @@ spec: format: "int32" type: "integer" delay: - description: "Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay represents the delay of the target request/response.\nA duration string is a possibly unsigned sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: description: "Duration represents the duration of the chaos action." @@ -2764,7 +2769,7 @@ spec: description: "Method is a rule to select target by http method in request." type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -2789,14 +2794,14 @@ spec: - "value" type: "object" headers: - description: "Headers is a rule to append http headers of target. For example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." + description: "Headers is a rule to append http headers of target.\nFor example: `[[\"Set-Cookie\", \"\"], [\"Set-Cookie\", \"\"]]`." items: items: type: "string" type: "array" type: "array" queries: - description: "Queries is a rule to append uri queries of target(Request only). For example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." + description: "Queries is a rule to append uri queries of target(Request only).\nFor example: `[[\"foo\", \"bar\"], [\"foo\", \"unknown\"]]`." items: items: type: "string" @@ -2827,7 +2832,7 @@ spec: headers: additionalProperties: type: "string" - description: "Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs." + description: "Headers is a rule to replace http headers of target.\nThe key-value pairs represent header name and header value pairs." type: "object" method: description: "Method is a rule to replace http method in request." @@ -2838,18 +2843,18 @@ spec: queries: additionalProperties: type: "string" - description: "Queries is a rule to replace uri queries in http request. For example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," + description: "Queries is a rule to replace uri queries in http request.\nFor example, with value `{ \"foo\": \"unknown\" }`, the `/?foo=bar` will be altered to `/?foo=unknown`," type: "object" type: "object" request_headers: additionalProperties: type: "string" - description: "RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs." + description: "RequestHeaders is a rule to select target by http headers in request.\nThe key-value pairs represent header name and header value pairs." type: "object" response_headers: additionalProperties: type: "string" - description: "ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs." + description: "ResponseHeaders is a rule to select target by http headers in response.\nThe key-value pairs represent header name and header value pairs." type: "object" selector: description: "Selector is used to select pods that are used to inject chaos action." @@ -2857,21 +2862,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2883,12 +2888,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -2898,7 +2903,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -2906,7 +2911,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -2915,7 +2920,7 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: @@ -2925,7 +2930,7 @@ spec: - "Response" type: "string" tls: - description: "TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied" + description: "TLS is the tls config,\nwill override PodHttpChaos if there are multiple HTTPChaos experiments are applied" properties: caName: description: "CAName represents the data name of ca file in secret, `ca.crt` for example" @@ -2949,7 +2954,7 @@ spec: - "secretNamespace" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -2960,7 +2965,7 @@ spec: description: "IOChaosSpec defines the desired state of IOChaos" properties: action: - description: "Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake" + description: "Action defines the specific pod chaos action.\nSupported action: latency / fault / attrOverride / mistake" enum: - "latency" - "fault" @@ -3037,22 +3042,22 @@ spec: type: "integer" type: "object" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" delay: - description: "Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Delay defines the value of I/O chaos action delay.\nA delay string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" errno: - description: "Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" + description: "Errno defines the error code that returned by I/O action.\nrefer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html" format: "int32" type: "integer" methods: - description: "Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods." + description: "Methods defines the I/O methods for injecting I/O chaos action.\ndefault: all I/O methods." items: type: "string" type: "array" @@ -3077,7 +3082,7 @@ spec: type: "integer" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3090,7 +3095,7 @@ spec: type: "string" percent: default: 100 - description: "Percent defines the percentage of injection errors and provides a number from 0-100. default: 100." + description: "Percent defines the percentage of injection errors and provides a number from 0-100.\ndefault: 100." type: "integer" remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" @@ -3101,21 +3106,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3127,12 +3132,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3142,7 +3147,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3150,7 +3155,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3159,11 +3164,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" volumePath: description: "VolumePath represents the mount path of injected volume" @@ -3178,7 +3183,7 @@ spec: description: "JVMChaosSpec defines the desired state of JVMChaos" properties: action: - description: "Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData" + description: "Action defines the specific jvm chaos action.\nSupported action: latency;return;exception;stress;gc;ruleData" enum: - "latency" - "return" @@ -3192,7 +3197,7 @@ spec: description: "Java class" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -3200,16 +3205,16 @@ spec: description: "the CPU core number needs to use, only set it when action is stress" type: "integer" database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" duration: description: "Duration represents the duration of the chaos action" type: "string" exception: - description: "the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "the exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "the latency duration for action 'latency', unit ms or the latency duration in action `mysql`" + description: "the latency duration for action 'latency', unit ms\nor the latency duration in action `mysql`" type: "integer" memType: description: "the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap'" @@ -3218,7 +3223,7 @@ spec: description: "the method in Java class" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3242,6 +3247,9 @@ spec: remoteCluster: description: "RemoteCluster represents the remote cluster where the chaos will be deployed" type: "string" + returnValue: + description: "the return value for action 'return'" + type: "string" ruleData: description: "the byteman rule's data for action 'ruleData'" type: "string" @@ -3251,21 +3259,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3277,12 +3285,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3292,7 +3300,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3300,7 +3308,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3309,17 +3317,17 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -3330,7 +3338,7 @@ spec: description: "KernelChaosSpec defines the desired state of KernelChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -3341,7 +3349,7 @@ spec: description: "FailKernRequest defines the request of kernel injection" properties: callchain: - description: "Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc)." + description: "Callchain indicate a special call chain, such as:\n ext4_mount\n -> mount_subtree\n -> ...\n -> should_failslab\nWith an optional set of predicates and an optional set of\nparameters, which used with predicates. You can read call chan\nand predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples\nto learn more.\nIf no special call chain, just keep Callchain empty, which means it will fail at any call chain\nwith slab alloc (eg: kmalloc)." items: description: "Frame defines the function signature and predicate in function's body" properties: @@ -3349,26 +3357,26 @@ spec: description: "Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount`" type: "string" parameters: - description: "Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it." + description: "Parameters is used with predicate, for example, if you want to inject slab error\nin `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special\nname `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name`\notherwise omit it." type: "string" predicate: - description: "Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain." + description: "Predicate will access the arguments of this Frame, example with Parameters's, you can\nset it to `STRNCMP(name->name, \"bananas\", 8)` to make inject only with it, or omit it\nto inject for all d_alloc_parallel call chain." type: "string" type: "object" type: "array" failtype: - description: "FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more" + description: "FailType indicates what to fail, can be set to '0' / '1' / '2'\nIf `0`, indicates slab to fail (should_failslab)\nIf `1`, indicates alloc_page to fail (should_fail_alloc_page)\nIf `2`, indicates bio to fail (should_fail_bio)\nYou can read:\n 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html\n 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt\nto learn more" format: "int32" maximum: 2.0 minimum: 0.0 type: "integer" headers: - description: "Headers indicates the appropriate kernel headers you need. Eg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" + description: "Headers indicates the appropriate kernel headers you need.\nEg: \"linux/mmzone.h\", \"linux/blkdev.h\" and so on" items: type: "string" type: "array" probability: - description: "Probability indicates the fails with probability. If you want 1%, please set this field with 1." + description: "Probability indicates the fails with probability.\nIf you want 1%, please set this field with 1." format: "int32" maximum: 100.0 minimum: 0.0 @@ -3382,7 +3390,7 @@ spec: - "failtype" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3399,21 +3407,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3425,12 +3433,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3440,7 +3448,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3448,7 +3456,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3457,11 +3465,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "failKernRequest" @@ -3472,7 +3480,7 @@ spec: description: "NetworkChaosSpec defines the desired state of NetworkChaos" properties: action: - description: "Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay" + description: "Action defines the specific network chaos action.\nSupported action: partition, netem, delay, loss, duplicate, corrupt\nDefault action: delay" enum: - "netem" - "delay" @@ -3496,12 +3504,12 @@ spec: minimum: 1.0 type: "integer" minburst: - description: "Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets." + description: "Minburst specifies the size of the peakrate bucket. For perfect\naccuracy, should be set to the MTU of the interface. If a\npeakrate is needed, but some burstiness is acceptable, this\nsize can be raised. A 3000 byte minburst allows around 3mbit/s\nof peakrate, given 1000 byte packets." format: "int32" minimum: 0.0 type: "integer" peakrate: - description: "Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required." + description: "Peakrate is the maximum depletion rate of the bucket.\nThe peakrate does not need to be set, it is only necessary\nif perfect millisecond timescale shaping is required." format: "int64" minimum: 0.0 type: "integer" @@ -3529,8 +3537,10 @@ spec: correlation: type: "string" jitter: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" latency: + pattern: "^[0-9]+(\\.[0-9]+)?(ns|us|ms|s|m|h)$" type: "string" reorder: description: "ReorderSpec defines details of packet reorder." @@ -3588,7 +3598,7 @@ spec: - "loss" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3614,21 +3624,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3640,12 +3650,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3655,7 +3665,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3663,7 +3673,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3672,14 +3682,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" target: description: "Target represents network target, this applies on netem and network partition action" properties: mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -3693,21 +3703,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3719,12 +3729,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -3734,7 +3744,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -3742,7 +3752,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -3751,11 +3761,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -3765,7 +3775,7 @@ spec: description: "TargetDevice represents the network device to be affected in target scope." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -3819,14 +3829,14 @@ spec: - "user_defined" type: "string" address: - description: "DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified." + description: "DEPRECATED: Use Selector instead.\nOnly one of Address and Selector could be specified." items: type: "string" type: "array" clock: properties: clock-ids-slice: - description: "the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with \",\"" + description: "the identifier of the particular clock on which to act.\nMore clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime.\nMuti clock ids should be split with \",\"" type: "string" pid: description: "the pid of target program." @@ -3841,34 +3851,34 @@ spec: description: "fill disk by fallocate" type: "boolean" path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-read-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" disk-write-payload: properties: path: - description: "specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing" + description: "specifies the location to fill data in. if path not provided,\npayload will read/write from/into a temp file, temp file will be deleted after writing" type: "string" payload-process-num: description: "specifies the number of process work on writing, default 1, only 1-255 is valid value" type: "integer" size: - description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" + description: "specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000,\nK=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB" type: "string" type: "object" duration: @@ -4066,13 +4076,13 @@ spec: jvm-mysql: properties: database: - description: "the match database default value is \"\", means match all database" + description: "the match database\ndefault value is \"\", means match all database" type: "string" exception: - description: "The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql`" + description: "The exception which needs to throw for action `exception`\nor the exception message needs to throw in action `mysql`" type: "string" latency: - description: "The latency duration for action 'latency' or the latency duration in action `mysql`" + description: "The latency duration for action 'latency'\nor the latency duration in action `mysql`" type: "integer" mysqlConnectorVersion: description: "the version of mysql-connector-java, only support 5.X.X(set to \"5\") and 8.X.X(set to \"8\") now" @@ -4085,10 +4095,10 @@ spec: format: "int32" type: "integer" sqlType: - description: "the match sql type default value is \"\", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'." + description: "the match sql type\ndefault value is \"\", means match all SQL type.\nThe value can be 'select', 'insert', 'update', 'delete', 'replace'." type: "string" table: - description: "the match table default value is \"\", means match all table" + description: "the match table\ndefault value is \"\", means match all table" type: "string" type: "object" jvm-return: @@ -4207,7 +4217,7 @@ spec: type: "string" type: "object" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4253,7 +4263,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4268,13 +4278,13 @@ spec: description: "percentage of packets to corrupt (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-delay: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" correlation: description: "correlation is percentage (10 is 10%)" @@ -4283,7 +4293,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4301,7 +4311,7 @@ spec: description: "delay egress time, time units: ns, us (or µs), ms, s, m, h." type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-dns: @@ -4334,7 +4344,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4349,7 +4359,7 @@ spec: description: "percentage of packets to duplicate (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-flood: @@ -4383,7 +4393,7 @@ spec: description: "the network interface to impact" type: "string" egress-port: - description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4398,19 +4408,19 @@ spec: description: "percentage of packets to loss (10 is 10%)" type: "string" source-port: - description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp" + description: "only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010.\nit can only be used in conjunction with -p tcp or -p udp" type: "string" type: "object" network-partition: properties: accept-tcp-flags: - description: "only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition." + description: "only the packet which match the tcp flag can be accepted, others will be dropped.\nonly set when the IPProtocol is tcp, used for partition." type: "string" device: description: "the network interface to impact" type: "string" direction: - description: "specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." + description: "specifies the partition direction, values can be 'from', 'to'.\n'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server,\n'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'." type: "string" hostname: description: "only impact traffic to these hostnames" @@ -4524,21 +4534,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4550,12 +4560,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4567,7 +4577,7 @@ spec: items: type: "string" type: "array" - description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names." + description: "PhysicalMachines is a map of string keys and a set values that used to select physical machines.\nThe key defines the namespace which physical machine belong,\nand each value is a set of physical machine names." type: "object" type: "object" stress-cpu: @@ -4592,7 +4602,7 @@ spec: type: "string" type: "array" size: - description: "specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." + description: "specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.." type: "string" type: "object" uid: @@ -4608,7 +4618,7 @@ spec: type: "string" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of physical machines to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" vm: properties: @@ -4624,27 +4634,27 @@ spec: description: "PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods." properties: action: - description: "Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill" + description: "Action defines the specific pod chaos action.\nSupported action: pod-kill / pod-failure / container-kill\nDefault action: pod-kill" enum: - "pod-kill" - "pod-failure" - "container-kill" type: "string" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" duration: - description: "Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration represents the duration of the chaos action.\nIt is required when the action is `PodFailureAction`.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" gracePeriod: - description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately." + description: "GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted.\nValue must be non-negative integer. The default value is zero that indicates delete immediately." format: "int64" minimum: 0.0 type: "integer" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4661,21 +4671,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4687,12 +4697,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4702,7 +4712,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4710,7 +4720,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4719,11 +4729,11 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "action" @@ -4741,7 +4751,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -4749,7 +4759,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4766,21 +4776,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4792,12 +4802,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4807,7 +4817,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4815,7 +4825,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4824,20 +4834,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -4847,7 +4857,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -4858,7 +4868,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -4868,10 +4878,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -4879,7 +4889,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -4889,12 +4899,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -4902,7 +4912,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -4919,21 +4929,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4945,12 +4955,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -4960,7 +4970,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -4968,7 +4978,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -4977,14 +4987,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -5001,11 +5011,11 @@ spec: description: "StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck." properties: duration: - description: "Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "Duration defines the duration of the whole status check if the\nnumber of failed execution does not exceed the failure threshold.\nDuration is available to both `Synchronous` and `Continuous` mode.\nA duration string is a possibly signed sequence of\ndecimal numbers, each with optional fraction and a unit suffix,\nsuch as \"300ms\", \"-1.5h\" or \"2h45m\".\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" failureThreshold: default: 3 - description: "FailureThreshold defines the minimum consecutive failure for the status check to be considered failed." + description: "FailureThreshold defines the minimum consecutive failure\nfor the status check to be considered failed." minimum: 1.0 type: "integer" http: @@ -5016,7 +5026,7 @@ spec: description: "Criteria defines how to determine the result of the status check." properties: statusCode: - description: "StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included)." + description: "StatusCode defines the expected http status code for the request.\nA statusCode string could be a single code (e.g. 200), or\nan inclusive range (e.g. 200-400, both `200` and `400` are included)." type: "string" required: - "statusCode" @@ -5026,7 +5036,7 @@ spec: items: type: "string" type: "array" - description: "A Header represents the key-value pairs in an HTTP header. \n The keys should be in canonical form, as returned by CanonicalHeaderKey." + description: "A Header represents the key-value pairs in an HTTP header.\n\n\nThe keys should be in canonical form, as returned by\n[CanonicalHeaderKey]." type: "object" method: default: "GET" @@ -5042,11 +5052,11 @@ spec: type: "object" intervalSeconds: default: 10 - description: "IntervalSeconds defines how often (in seconds) to perform an execution of status check." + description: "IntervalSeconds defines how often (in seconds) to perform\nan execution of status check." minimum: 1.0 type: "integer" mode: - description: "Mode defines the execution mode of the status check. Support type: Synchronous / Continuous" + description: "Mode defines the execution mode of the status check.\nSupport type: Synchronous / Continuous" enum: - "Synchronous" - "Continuous" @@ -5059,17 +5069,17 @@ spec: type: "integer" successThreshold: default: 1 - description: "SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode." + description: "SuccessThreshold defines the minimum consecutive successes\nfor the status check to be considered successful.\nSuccessThreshold only works for `Synchronous` mode." minimum: 1.0 type: "integer" timeoutSeconds: default: 1 - description: "TimeoutSeconds defines the number of seconds after which an execution of status check times out." + description: "TimeoutSeconds defines the number of seconds after which\nan execution of status check times out." minimum: 1.0 type: "integer" type: default: "HTTP" - description: "Type defines the specific status check type. Support type: HTTP" + description: "Type defines the specific status check type.\nSupport type: HTTP" enum: - "HTTP" type: "string" @@ -5080,7 +5090,7 @@ spec: description: "StressChaosSpec defines the desired state of StressChaos" properties: containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -5088,7 +5098,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -5105,21 +5115,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -5131,12 +5141,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -5146,7 +5156,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -5154,7 +5164,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -5163,20 +5173,20 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" stressngStressors: - description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins." + description: "StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental\nfeature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect,\nhowever not all of the supported stressors are well tested. It maybe retired in later releases. You\nshould always use `Stressors` to define the stressors and use this only when you want more stressors\nunsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors`\nwins." type: "string" stressors: - description: "Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified." + description: "Stressors defines plenty of stressors supported to stress system components out.\nYou can use one or more of them to make up various kinds of stresses. At least\none of the stressors should be specified." properties: cpu: description: "CPUStressor stresses CPU out" properties: load: - description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading." + description: "Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100\nis full loading." maximum: 100.0 minimum: 0.0 type: "integer" @@ -5186,7 +5196,7 @@ spec: type: "string" type: "array" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -5197,7 +5207,7 @@ spec: properties: oomScoreAdj: default: 0 - description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option." + description: "OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more\nabout this option." maximum: 1000.0 minimum: -1000.0 type: "integer" @@ -5207,10 +5217,10 @@ spec: type: "string" type: "array" size: - description: "Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB." + description: "Size specifies N bytes consumed per vm worker, default is the total available memory.\nOne can specify the size as % of total available memory or in units of B, KB/KiB,\nMB/MiB, GB/GiB, TB/TiB." type: "string" workers: - description: "Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng" + description: "Workers specifies N workers to apply the stressor.\nMaximum 8192 workers can run by stress-ng" maximum: 8192.0 type: "integer" required: @@ -5218,7 +5228,7 @@ spec: type: "object" type: "object" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" @@ -5231,17 +5241,17 @@ spec: description: "Container is the main container image to run in the pod" properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -5249,7 +5259,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -5261,7 +5271,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -5271,7 +5281,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -5284,7 +5294,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -5310,7 +5320,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5325,7 +5335,7 @@ spec: type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -5333,7 +5343,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -5347,7 +5357,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -5357,22 +5367,22 @@ spec: type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -5381,7 +5391,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5389,7 +5399,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5406,16 +5416,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5424,20 +5434,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -5446,7 +5456,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5454,7 +5464,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5471,16 +5481,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5489,7 +5499,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -5497,19 +5507,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5520,7 +5530,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5529,7 +5539,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5537,7 +5547,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5554,24 +5564,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5584,45 +5594,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -5633,19 +5643,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5656,7 +5666,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5665,7 +5675,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5673,7 +5683,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5690,24 +5700,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5720,17 +5730,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -5740,10 +5750,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -5752,15 +5762,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -5776,7 +5786,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -5785,20 +5795,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -5814,27 +5824,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -5850,48 +5860,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5902,7 +5912,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5911,7 +5921,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5919,7 +5929,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5936,24 +5946,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5966,34 +5976,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -6012,27 +6022,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -6040,7 +6050,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -6051,20 +6061,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -6082,13 +6092,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -6098,7 +6108,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -6114,7 +6124,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -6122,44 +6132,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -6168,11 +6178,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6180,11 +6190,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6192,7 +6202,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6203,26 +6213,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -6231,7 +6241,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -6253,14 +6263,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -6285,41 +6295,41 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6333,10 +6343,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6345,22 +6355,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -6376,7 +6386,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6385,7 +6395,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -6394,16 +6404,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6415,15 +6425,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -6437,14 +6447,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -6452,19 +6462,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -6472,13 +6482,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6489,36 +6499,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -6530,35 +6540,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -6567,39 +6577,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -6607,32 +6617,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -6641,7 +6651,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -6653,10 +6663,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -6668,7 +6678,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -6680,7 +6690,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6688,11 +6698,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6700,7 +6710,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6729,14 +6739,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -6764,7 +6774,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6772,11 +6782,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6784,7 +6794,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -6795,14 +6805,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -6814,19 +6824,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -6836,38 +6846,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -6877,7 +6887,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -6886,13 +6896,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6900,7 +6910,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -6909,7 +6919,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -6917,14 +6927,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6932,11 +6942,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6947,38 +6957,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -7003,12 +7013,12 @@ spec: description: "TimeChaosSpec defines the desired state of TimeChaos" properties: clockIds: - description: "ClockIds defines all affected clock id All available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\", \"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\", \"CLOCK_BOOTTIME_ALARM\"] Default value is [\"CLOCK_REALTIME\"]" + description: "ClockIds defines all affected clock id\nAll available options are [\"CLOCK_REALTIME\",\"CLOCK_MONOTONIC\",\"CLOCK_PROCESS_CPUTIME_ID\",\"CLOCK_THREAD_CPUTIME_ID\",\n\"CLOCK_MONOTONIC_RAW\",\"CLOCK_REALTIME_COARSE\",\"CLOCK_MONOTONIC_COARSE\",\"CLOCK_BOOTTIME\",\"CLOCK_REALTIME_ALARM\",\n\"CLOCK_BOOTTIME_ALARM\"]\nDefault value is [\"CLOCK_REALTIME\"]" items: type: "string" type: "array" containerNames: - description: "ContainerNames indicates list of the name of affected container. If not set, the first container will be injected" + description: "ContainerNames indicates list of the name of affected container.\nIf not set, the first container will be injected" items: type: "string" type: "array" @@ -7016,7 +7026,7 @@ spec: description: "Duration represents the duration of the chaos action" type: "string" mode: - description: "Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent" + description: "Mode defines the mode to run chaos action.\nSupported mode: one / all / fixed / fixed-percent / random-max-percent" enum: - "one" - "all" @@ -7033,21 +7043,21 @@ spec: annotationSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on annotations." + description: "Map of string keys and values that can be used to select objects.\nA selector based on annotations." type: "object" expressionSelectors: - description: "a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions." + description: "a slice of label selector expressions that can be used to select objects.\nA list of selectors based on set-based label expressions." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -7059,12 +7069,12 @@ spec: fieldSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on fields." + description: "Map of string keys and values that can be used to select objects.\nA selector based on fields." type: "object" labelSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select objects. A selector based on labels." + description: "Map of string keys and values that can be used to select objects.\nA selector based on labels." type: "object" namespaces: description: "Namespaces is a set of namespace to which objects belong." @@ -7074,7 +7084,7 @@ spec: nodeSelectors: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes." + description: "Map of string keys and values that can be used to select nodes.\nSelector which must match a node's labels,\nand objects must belong to these selected nodes." type: "object" nodes: description: "Nodes is a set of node name and objects must belong to these nodes." @@ -7082,7 +7092,7 @@ spec: type: "string" type: "array" podPhaseSelectors: - description: "PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown" + description: "PodPhaseSelectors is a set of condition of a pod at the current time.\nsupported value: Pending / Running / Succeeded / Failed / Unknown" items: type: "string" type: "array" @@ -7091,14 +7101,14 @@ spec: items: type: "string" type: "array" - description: "Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names." + description: "Pods is a map of string keys and a set values that used to select pods.\nThe key defines the namespace which pods belong,\nand the each values is a set of pod names." type: "object" type: "object" timeOffset: - description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as \"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." + description: "TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as\n\"300ms\", \"-1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"." type: "string" value: - description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" + description: "Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`.\nIf `FixedMode`, provide an integer of pods to do chaos action.\nIf `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action.\nIF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action" type: "string" required: - "mode" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwideenvoyconfigs.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwideenvoyconfigs.yaml index cb13bde80..480a4cae1 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwideenvoyconfigs.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwideenvoyconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumclusterwideenvoyconfigs.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml index f4fe85468..540ebc7d9 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumclusterwidenetworkpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumclusterwidenetworkpolicies.cilium.io" spec: group: "cilium.io" @@ -36,6 +36,23 @@ spec: metadata: type: "object" spec: + anyOf: + - properties: + ingress: {} + required: + - "ingress" + - properties: + ingressDeny: {} + required: + - "ingressDeny" + - properties: + egress: {} + required: + - "egress" + - properties: + egressDeny: {} + required: + - "egressDeny" description: "Spec is the desired Cilium specific rule specification." oneOf: - properties: @@ -119,6 +136,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -129,6 +150,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -215,10 +277,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -420,10 +484,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -603,9 +669,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -724,6 +790,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -734,6 +804,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -953,9 +1064,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -1107,6 +1218,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -1117,6 +1232,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -1460,10 +1616,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -1625,6 +1783,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -1635,6 +1797,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -1947,6 +2150,23 @@ spec: specs: description: "Specs is a list of desired Cilium specific rule specification." items: + anyOf: + - properties: + ingress: {} + required: + - "ingress" + - properties: + ingressDeny: {} + required: + - "ingressDeny" + - properties: + egress: {} + required: + - "egress" + - properties: + egressDeny: {} + required: + - "egressDeny" description: "Rule is a policy rule which must be applied to all endpoints which match the\nlabels contained in the endpointSelector\n\nEach rule is split into an ingress section which contains all rules\napplicable at ingress, and an egress section applicable at egress. For rule\ntypes such as `L4Rule` and `CIDR` which can be applied at both ingress and\negress, both ingress and egress side have to either specifically allow the\nconnection or one side has to be omitted.\n\nEither ingress, egress, or both can be provided. If both ingress and egress\nare omitted, the rule has no effect." oneOf: - properties: @@ -2030,6 +2250,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -2040,6 +2264,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -2126,10 +2391,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -2331,10 +2598,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -2514,9 +2783,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -2635,6 +2904,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -2645,6 +2918,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -2864,9 +3178,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -3018,6 +3332,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -3028,6 +3346,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -3371,10 +3730,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -3536,6 +3897,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -3546,6 +3911,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumegressgatewaypolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumegressgatewaypolicies.yaml index a4b00868f..59e376b15 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumegressgatewaypolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumegressgatewaypolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumegressgatewaypolicies.cilium.io" spec: group: "cilium.io" @@ -147,6 +147,47 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + nodeSelector: + description: "This is a label selector which selects Pods by Node. This field follows standard label\nselector semantics; if present but empty, it selects all nodes." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" podSelector: description: "This is a label selector which selects Pods. This field follows standard label\nselector semantics; if present but empty, it selects all pods." properties: diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml index 83bd8e1c6..4aa32caf0 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumendpoints.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumendpoints.cilium.io" spec: group: "cilium.io" @@ -182,7 +182,7 @@ spec: description: "EndpointStatusChange Indication of a change of status\n\nswagger:model EndpointStatusChange" properties: code: - description: "Code indicate type of status change\nEnum: [ok failed]" + description: "Code indicate type of status change\nEnum: [\"ok\",\"failed\"]" type: "string" message: description: "Status message" @@ -207,7 +207,7 @@ spec: description: "Layer 4 port number" type: "integer" protocol: - description: "Layer 4 protocol\nEnum: [TCP UDP SCTP ICMP ICMPV6 ANY]" + description: "Layer 4 protocol\nEnum: [\"TCP\",\"UDP\",\"SCTP\",\"ICMP\",\"ICMPV6\",\"ANY\"]" type: "string" type: "object" type: "array" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumenvoyconfigs.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumenvoyconfigs.yaml index e761dc16d..d92b4e2af 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumenvoyconfigs.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumenvoyconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumenvoyconfigs.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumidentities.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumidentities.yaml index ed21b8ec0..272402cf5 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumidentities.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumidentities.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumidentities.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml index e789f7ad4..6334f684d 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumlocalredirectpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumlocalredirectpolicies.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml index 8c42caae3..ded54b44c 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnetworkpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumnetworkpolicies.cilium.io" spec: group: "cilium.io" @@ -40,6 +40,23 @@ spec: metadata: type: "object" spec: + anyOf: + - properties: + ingress: {} + required: + - "ingress" + - properties: + ingressDeny: {} + required: + - "ingressDeny" + - properties: + egress: {} + required: + - "egress" + - properties: + egressDeny: {} + required: + - "egressDeny" description: "Spec is the desired Cilium specific rule specification." oneOf: - properties: @@ -123,6 +140,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -133,6 +154,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -219,10 +281,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -424,10 +488,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -607,9 +673,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -728,6 +794,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -738,6 +808,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -957,9 +1068,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -1111,6 +1222,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -1121,6 +1236,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -1464,10 +1620,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -1629,6 +1787,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -1639,6 +1801,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -1951,6 +2154,23 @@ spec: specs: description: "Specs is a list of desired Cilium specific rule specification." items: + anyOf: + - properties: + ingress: {} + required: + - "ingress" + - properties: + ingressDeny: {} + required: + - "ingressDeny" + - properties: + egress: {} + required: + - "egress" + - properties: + egressDeny: {} + required: + - "egressDeny" description: "Rule is a policy rule which must be applied to all endpoints which match the\nlabels contained in the endpointSelector\n\nEach rule is split into an ingress section which contains all rules\napplicable at ingress, and an egress section applicable at egress. For rule\ntypes such as `L4Rule` and `CIDR` which can be applied at both ingress and\negress, both ingress and egress side have to either specifically allow the\nconnection or one side has to be omitted.\n\nEither ingress, egress, or both can be provided. If both ingress and egress\nare omitted, the rule has no effect." oneOf: - properties: @@ -2034,6 +2254,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -2044,6 +2268,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -2130,10 +2395,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -2335,10 +2602,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -2518,9 +2787,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -2639,6 +2908,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -2649,6 +2922,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -2868,9 +3182,9 @@ spec: x-kubernetes-map-type: "atomic" type: "array" toServices: - description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services without\nselectors.\n\nExample:\nAny endpoint with the label \"app=backend-app\" is allowed to\ninitiate connections to all cidrs backing the \"external-service\" service" + description: "ToServices is a list of services to which the endpoint subject\nto the rule is allowed to initiate connections.\nCurrently Cilium only supports toServices for K8s services." items: - description: "Service wraps around selectors for services" + description: "Service selects policy targets that are bundled as part of a\nlogical load-balanced service.\n\nCurrently only Kubernetes-based Services are supported." properties: k8sService: description: "K8sService selects service by name and namespace pair" @@ -3022,6 +3336,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -3032,6 +3350,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: @@ -3375,10 +3734,12 @@ spec: properties: matchName: description: "MatchName matches literal DNS names. A trailing \".\" is automatically added\nwhen missing." + maxLength: 255 pattern: "^([-a-zA-Z0-9_]+[.]?)+$" type: "string" matchPattern: - description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + description: "MatchPattern allows using wildcards to match DNS names. All wildcards are\ncase insensitive. The wildcards are:\n- \"*\" matches 0 or more DNS valid characters, and may occur anywhere in\nthe pattern. As a special case a \"*\" as the leftmost character, without a\nfollowing \".\" matches all subdomains as well as the name to the right.\nA trailing \".\" is automatically added when missing.\n\nExamples:\n`*.cilium.io` matches subdomains of cilium at that level\n www.cilium.io and blog.cilium.io match, cilium.io and google.com do not\n`*cilium.io` matches cilium.io and all subdomains ends with \"cilium.io\"\n except those containing \".\" separator, subcilium.io and sub-cilium.io match,\n www.cilium.io and blog.cilium.io does not\nsub*.cilium.io matches subdomains of cilium where the subdomain component\nbegins with \"sub\"\n sub.cilium.io and subdomain.cilium.io match, www.cilium.io,\n blog.cilium.io, cilium.io and google.com do not" + maxLength: 255 pattern: "^([-a-zA-Z0-9_*]+[.]?)+$" type: "string" type: "object" @@ -3540,6 +3901,10 @@ spec: cidrGroupRef: {} required: - "cidrGroupRef" + - properties: + cidrGroupSelector: {} + required: + - "cidrGroupSelector" properties: cidr: description: "CIDR is a CIDR prefix / IP Block." @@ -3550,6 +3915,47 @@ spec: maxLength: 253 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" + cidrGroupSelector: + description: "CIDRGroupSelector selects CiliumCIDRGroups by their labels,\nrather than by name." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + enum: + - "In" + - "NotIn" + - "Exists" + - "DoesNotExist" + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + description: "MatchLabelsValue represents the value from the MatchLabels {key,value} pair." + maxLength: 63 + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" except: description: "ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule\nis not allowed to initiate connections to. These CIDR prefixes should be\ncontained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not\nsupported yet.\nThese exceptions are only applied to the Cidr in this CIDRRule, and do not\napply to any other CIDR prefixes in any other CIDRRules." items: diff --git a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnodes.yaml b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnodes.yaml index 929a41a5e..b4b5ddaf2 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnodes.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2/ciliumnodes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumnodes.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumbgppeeringpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumbgppeeringpolicies.yaml index 4a74d1bff..851c2eece 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumbgppeeringpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumbgppeeringpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumbgppeeringpolicies.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumcidrgroups.yaml b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumcidrgroups.yaml index 0d6988a95..68862027c 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumcidrgroups.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumcidrgroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumcidrgroups.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumendpointslices.yaml b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumendpointslices.yaml index 0fc4e302b..51f8dcecb 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumendpointslices.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumendpointslices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumendpointslices.cilium.io" spec: group: "cilium.io" @@ -56,7 +56,7 @@ spec: description: "Layer 4 port number" type: "integer" protocol: - description: "Layer 4 protocol\nEnum: [TCP UDP SCTP ICMP ICMPV6 ANY]" + description: "Layer 4 protocol\nEnum: [\"TCP\",\"UDP\",\"SCTP\",\"ICMP\",\"ICMPV6\",\"ANY\"]" type: "string" type: "object" type: "array" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliuml2announcementpolicies.yaml b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliuml2announcementpolicies.yaml index 6529a048a..b5665798a 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliuml2announcementpolicies.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliuml2announcementpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliuml2announcementpolicies.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumloadbalancerippools.yaml b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumloadbalancerippools.yaml index 909d5d78c..3d40784a1 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumloadbalancerippools.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumloadbalancerippools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumloadbalancerippools.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumpodippools.yaml b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumpodippools.yaml index f80379454..aac9336b6 100644 --- a/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumpodippools.yaml +++ b/crd-catalog/cilium/cilium/cilium.io/v2alpha1/ciliumpodippools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ciliumpodippools.cilium.io" spec: group: "cilium.io" diff --git a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/backups.yaml b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/backups.yaml index ee2f6e927..3237a4ad9 100644 --- a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/backups.yaml +++ b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/backups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "backups.postgresql.cnpg.io" spec: group: "postgresql.cnpg.io" diff --git a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml index c1485bf0a..9ce6e4faf 100644 --- a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml +++ b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/clusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusters.postgresql.cnpg.io" spec: group: "postgresql.cnpg.io" @@ -950,6 +950,9 @@ spec: initdb: description: "Bootstrap the cluster via initdb" properties: + builtinLocale: + description: "Specifies the locale name when the builtin provider is used.\nThis option requires `localeProvider` to be set to `builtin`.\nAvailable from PostgreSQL 17." + type: "string" dataChecksums: description: "Whether the `-k` option should be passed to initdb,\nenabling checksums on data pages (default: `false`)" type: "boolean" @@ -959,6 +962,12 @@ spec: encoding: description: "The value to be passed as option `--encoding` for initdb (default:`UTF8`)" type: "string" + icuLocale: + description: "Specifies the ICU locale when the ICU provider is used.\nThis option requires `localeProvider` to be set to `icu`.\nAvailable from PostgreSQL 15." + type: "string" + icuRules: + description: "Specifies additional collation rules to customize the behavior of the default collation.\nThis option requires `localeProvider` to be set to `icu`.\nAvailable from PostgreSQL 16." + type: "string" import: description: "Bootstraps the new cluster by importing data from an existing PostgreSQL\ninstance using logical backup (`pg_dump` and `pg_restore`)" properties: @@ -967,6 +976,16 @@ spec: items: type: "string" type: "array" + pgDumpExtraOptions: + description: "List of custom options to pass to the `pg_dump` command. IMPORTANT:\nUse these options with caution and at your own risk, as the operator\ndoes not validate their content. Be aware that certain options may\nconflict with the operator's intended functionality or design." + items: + type: "string" + type: "array" + pgRestoreExtraOptions: + description: "List of custom options to pass to the `pg_restore` command. IMPORTANT:\nUse these options with caution and at your own risk, as the operator\ndoes not validate their content. Be aware that certain options may\nconflict with the operator's intended functionality or design." + items: + type: "string" + type: "array" postImportApplicationSQL: description: "List of SQL queries to be executed as a superuser in the application\ndatabase right after is imported - to be used with extreme care\n(by default empty). Only available in microservice type." items: @@ -1000,12 +1019,18 @@ spec: - "source" - "type" type: "object" + locale: + description: "Sets the default collation order and character classification in the new database." + type: "string" localeCType: description: "The value to be passed as option `--lc-ctype` for initdb (default:`C`)" type: "string" localeCollate: description: "The value to be passed as option `--lc-collate` for initdb (default:`C`)" type: "string" + localeProvider: + description: "This option sets the locale provider for databases created in the new cluster.\nAvailable from PostgreSQL 16." + type: "string" options: description: "The list of options that must be passed to initdb when creating the cluster.\nDeprecated: This could lead to inconsistent configurations,\nplease use the explicit provided parameters instead.\nIf defined, explicit values will be ignored." items: @@ -1152,6 +1177,13 @@ spec: minimum: 1.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "builtinLocale is only available when localeProvider is set to `builtin`" + rule: "!has(self.builtinLocale) || self.localeProvider == 'builtin'" + - message: "icuLocale is only available when localeProvider is set to `icu`" + rule: "!has(self.icuLocale) || self.localeProvider == 'icu'" + - message: "icuRules is only available when localeProvider is set to `icu`" + rule: "!has(self.icuRules) || self.localeProvider == 'icu'" pg_basebackup: description: "Bootstrap the cluster taking a physical backup of another compatible\nPostgreSQL instance" properties: @@ -1881,6 +1913,10 @@ spec: default: true description: "Enabled is true if this plugin will be used" type: "boolean" + isWALArchiver: + default: false + description: "Only one plugin can be declared as WALArchiver.\nCannot be active if \".spec.backup.barmanObjectStore\" configuration is present." + type: "boolean" name: description: "Name is the plugin name" type: "string" @@ -2112,16 +2148,11 @@ spec: description: "ManagedService represents a specific service managed by the cluster.\nIt includes the type of service and its associated template specification." properties: selectorType: - allOf: - - enum: - - "rw" - - "r" - - "ro" - - enum: - - "rw" - - "r" - - "ro" description: "SelectorType specifies the type of selectors that the service will have.\nValid values are \"rw\", \"r\", and \"ro\", representing read-write, read, and read-only services." + enum: + - "rw" + - "r" + - "ro" type: "string" serviceTemplate: description: "ServiceTemplate is the template specification for the service." @@ -2261,7 +2292,7 @@ spec: type: "object" type: "object" trafficDistribution: - description: "TrafficDistribution offers a way to express preferences for how traffic is\ndistributed to Service endpoints. Implementations can use this field as a\nhint, but are not required to guarantee strict adherence. If the field is\nnot set, the implementation will apply its default routing strategy. If set\nto \"PreferClose\", implementations should prioritize endpoints that are\ntopologically close (e.g., same zone).\nThis is an alpha field and requires enabling ServiceTrafficDistribution feature." + description: "TrafficDistribution offers a way to express preferences for how traffic is\ndistributed to Service endpoints. Implementations can use this field as a\nhint, but are not required to guarantee strict adherence. If the field is\nnot set, the implementation will apply its default routing strategy. If set\nto \"PreferClose\", implementations should prioritize endpoints that are\ntopologically close (e.g., same zone).\nThis is a beta field and requires enabling ServiceTrafficDistribution feature." type: "string" type: description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid\noptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.\n\"ClusterIP\" allocates a cluster-internal IP address for load-balancing\nto endpoints. Endpoints are determined by the selector or if that is not\nspecified, by manual construction of an Endpoints object or\nEndpointSlice objects. If clusterIP is \"None\", no virtual IP is\nallocated and the endpoints are published as a set of endpoints rather\nthan a virtual IP.\n\"NodePort\" builds on ClusterIP and allocates a port on every node which\nroutes to the same endpoints as the clusterIP.\n\"LoadBalancer\" builds on NodePort and creates an external load-balancer\n(if supported in the current cloud) which routes to the same endpoints\nas the clusterIP.\n\"ExternalName\" aliases this service to the specified externalName.\nSeveral other fields do not apply to ExternalName services.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" @@ -2489,6 +2520,10 @@ spec: default: true description: "Enabled is true if this plugin will be used" type: "boolean" + isWALArchiver: + default: false + description: "Only one plugin can be declared as WALArchiver.\nCannot be active if \".spec.backup.barmanObjectStore\" configuration is present." + type: "boolean" name: description: "Name is the plugin name" type: "string" @@ -2677,6 +2712,94 @@ spec: priorityClassName: description: "Name of the priority class which will be used in every generated Pod, if the PriorityClass\nspecified does not exist, the pod will not be able to schedule. Please refer to\nhttps://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass\nfor more information" type: "string" + probes: + description: "The configuration of the probes to be injected\nin the PostgreSQL Pods." + properties: + liveness: + description: "The liveness probe configuration" + properties: + failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." + format: "int32" + type: "integer" + initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." + format: "int32" + type: "integer" + successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + format: "int32" + type: "integer" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" + timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + type: "object" + readiness: + description: "The readiness probe configuration" + properties: + failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." + format: "int32" + type: "integer" + initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." + format: "int32" + type: "integer" + successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + format: "int32" + type: "integer" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" + timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + type: "object" + startup: + description: "The startup probe configuration" + properties: + failureThreshold: + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." + format: "int32" + type: "integer" + initialDelaySeconds: + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + periodSeconds: + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." + format: "int32" + type: "integer" + successThreshold: + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + format: "int32" + type: "integer" + terminationGracePeriodSeconds: + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + format: "int64" + type: "integer" + timeoutSeconds: + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + format: "int32" + type: "integer" + type: "object" + type: "object" projectedVolumeTemplate: description: "Template to be used to define projected volumes, projected volumes will be mounted\nunder `/projected` base folder" properties: @@ -3796,6 +3919,11 @@ spec: items: type: "string" type: "array" + restoreJobHookCapabilities: + description: "RestoreJobHookCapabilities are the list of capabilities of the\nplugin regarding the RestoreJobHook management" + items: + type: "string" + type: "array" status: description: "Status contain the status reported by the plugin through the SetStatusInCluster interface" type: "string" diff --git a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/poolers.yaml b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/poolers.yaml index bbc9d8fd6..0259b60f3 100644 --- a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/poolers.yaml +++ b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/poolers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "poolers.postgresql.cnpg.io" spec: group: "postgresql.cnpg.io" @@ -373,7 +373,7 @@ spec: type: "object" type: "object" trafficDistribution: - description: "TrafficDistribution offers a way to express preferences for how traffic is\ndistributed to Service endpoints. Implementations can use this field as a\nhint, but are not required to guarantee strict adherence. If the field is\nnot set, the implementation will apply its default routing strategy. If set\nto \"PreferClose\", implementations should prioritize endpoints that are\ntopologically close (e.g., same zone).\nThis is an alpha field and requires enabling ServiceTrafficDistribution feature." + description: "TrafficDistribution offers a way to express preferences for how traffic is\ndistributed to Service endpoints. Implementations can use this field as a\nhint, but are not required to guarantee strict adherence. If the field is\nnot set, the implementation will apply its default routing strategy. If set\nto \"PreferClose\", implementations should prioritize endpoints that are\ntopologically close (e.g., same zone).\nThis is a beta field and requires enabling ServiceTrafficDistribution feature." type: "string" type: description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid\noptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.\n\"ClusterIP\" allocates a cluster-internal IP address for load-balancing\nto endpoints. Endpoints are determined by the selector or if that is not\nspecified, by manual construction of an Endpoints object or\nEndpointSlice objects. If clusterIP is \"None\", no virtual IP is\nallocated and the endpoints are published as a set of endpoints rather\nthan a virtual IP.\n\"NodePort\" builds on ClusterIP and allocates a port on every node which\nroutes to the same endpoints as the clusterIP.\n\"LoadBalancer\" builds on NodePort and creates an external load-balancer\n(if supported in the current cloud) which routes to the same endpoints\nas the clusterIP.\n\"ExternalName\" aliases this service to the specified externalName.\nSeveral other fields do not apply to ExternalName services.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" @@ -1118,7 +1118,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1128,7 +1128,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1166,7 +1166,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1176,7 +1176,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1195,7 +1195,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1205,7 +1205,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1243,7 +1243,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1253,7 +1253,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1273,7 +1273,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1287,7 +1287,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1301,7 +1301,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1351,7 +1351,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1412,7 +1412,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1426,7 +1426,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1440,7 +1440,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1490,7 +1490,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1678,7 +1678,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1692,7 +1692,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1706,7 +1706,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1756,7 +1756,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1872,9 +1872,10 @@ spec: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" @@ -2046,7 +2047,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2056,7 +2057,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2094,7 +2095,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2104,7 +2105,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2123,7 +2124,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2133,7 +2134,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2171,7 +2172,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2181,7 +2182,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2201,7 +2202,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2215,7 +2216,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2229,7 +2230,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2279,7 +2280,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2340,7 +2341,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2354,7 +2355,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2368,7 +2369,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2418,7 +2419,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2606,7 +2607,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2620,7 +2621,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2634,7 +2635,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2684,7 +2685,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2993,7 +2994,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3003,7 +3004,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3041,7 +3042,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -3051,7 +3052,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3070,7 +3071,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3080,7 +3081,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3118,7 +3119,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -3128,7 +3129,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3148,7 +3149,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3162,7 +3163,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3176,7 +3177,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3226,7 +3227,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3287,7 +3288,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3301,7 +3302,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3315,7 +3316,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3365,7 +3366,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3553,7 +3554,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3567,7 +3568,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3581,7 +3582,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3631,7 +3632,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3803,6 +3804,46 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + resources: + description: "Resources is the total amount of CPU and Memory resources required by all\ncontainers in the pod. It supports specifying Requests and Limits for\n\"cpu\" and \"memory\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the\nentire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature\ngate." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" restartPolicy: description: "Restart policy for all containers within the pod.\nOne of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.\nDefault to Always.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy" type: "string" @@ -3860,6 +3901,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -4055,7 +4099,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -4074,7 +4118,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -4101,7 +4145,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -4117,7 +4161,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -4150,7 +4194,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -4211,7 +4255,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -4464,7 +4508,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -4493,7 +4537,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -4503,7 +4547,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4522,7 +4566,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -4537,7 +4581,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -4658,7 +4702,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4670,7 +4714,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4888,7 +4932,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -4913,7 +4957,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -4956,7 +5000,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -5037,7 +5081,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5062,7 +5106,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5096,6 +5140,7 @@ spec: enum: - "rw" - "ro" + - "r" type: "string" required: - "cluster" diff --git a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml index cd7ad2323..56aa3cea5 100644 --- a/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml +++ b/crd-catalog/cloudnative-pg/cloudnative-pg/postgresql.cnpg.io/v1/scheduledbackups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "scheduledbackups.postgresql.cnpg.io" spec: group: "postgresql.cnpg.io" diff --git a/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml b/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml index 59b83a0fe..cb1084f93 100644 --- a/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml +++ b/crd-catalog/confidential-containers/operator/confidentialcontainers.org/v1beta1/ccruntimes.yaml @@ -68,15 +68,6 @@ spec: config: description: "CcInstallConfig is a placeholder struct" properties: - ImagePullSecret: - description: "This specifies the registry secret to pull of the container images" - properties: - name: - default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" cleanupCmd: description: "This specifies the command for cleanup on the nodes" items: @@ -183,6 +174,15 @@ spec: imagePullPolicy: description: "PullPolicy describes a policy for if/when to pull a container image" type: "string" + imagePullSecret: + description: "This specifies the registry secret to pull of the container images" + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" installCmd: description: "This specifies the command for installation of the runtime on the nodes" items: @@ -236,7 +236,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -255,7 +255,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -267,12 +267,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -280,7 +282,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -296,7 +298,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -329,7 +331,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -390,7 +392,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -603,7 +605,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -643,7 +645,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -672,7 +674,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -682,7 +684,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -701,7 +703,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -716,7 +718,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -743,6 +745,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -762,6 +774,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -826,7 +839,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -838,7 +851,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -860,9 +873,9 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." @@ -1056,7 +1069,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -1081,7 +1094,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -1090,6 +1103,7 @@ spec: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -1099,6 +1113,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -1114,6 +1129,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -1121,9 +1137,10 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -1148,6 +1165,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -1200,7 +1218,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1225,7 +1243,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1386,7 +1404,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -1405,7 +1423,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -1417,12 +1435,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -1430,7 +1450,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -1446,7 +1466,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -1479,7 +1499,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -1540,7 +1560,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -1753,7 +1773,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -1793,7 +1813,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -1822,7 +1842,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -1832,7 +1852,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -1851,7 +1871,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -1866,7 +1886,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -1893,6 +1913,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -1912,6 +1942,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -1976,7 +2007,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1988,7 +2019,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2010,9 +2041,9 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." @@ -2206,7 +2237,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -2231,7 +2262,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -2240,6 +2271,7 @@ spec: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -2249,6 +2281,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -2264,6 +2297,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -2271,9 +2305,10 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -2298,6 +2333,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -2350,7 +2386,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2375,7 +2411,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2531,7 +2567,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -2550,7 +2586,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -2562,12 +2598,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -2575,7 +2613,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -2591,7 +2629,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -2624,7 +2662,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -2685,7 +2723,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -2898,7 +2936,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -2938,7 +2976,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -2967,7 +3005,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -2977,7 +3015,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -2996,7 +3034,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -3011,7 +3049,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -3038,6 +3076,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -3057,6 +3105,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -3121,7 +3170,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -3133,7 +3182,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -3155,9 +3204,9 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." @@ -3351,7 +3400,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -3376,7 +3425,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -3385,6 +3434,7 @@ spec: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -3394,6 +3444,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -3409,6 +3460,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -3416,9 +3468,10 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -3443,6 +3496,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -3495,7 +3549,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -3520,7 +3574,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." diff --git a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1beta1/locks.yaml b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1beta1/locks.yaml index e2567734f..1fd6242ea 100644 --- a/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1beta1/locks.yaml +++ b/crd-catalog/crossplane/crossplane/pkg.crossplane.io/v1beta1/locks.yaml @@ -34,26 +34,41 @@ spec: items: description: "LockPackage is a package that is in the lock." properties: + apiVersion: + description: "APIVersion of the package." + type: "string" dependencies: description: "Dependencies are the list of dependencies of this package. The order of\nthe dependencies will dictate the order in which they are resolved." items: description: "A Dependency is a dependency of a package in the lock." properties: + apiVersion: + description: "APIVersion of the package." + type: "string" constraints: description: "Constraints is a valid semver range or a digest, which will be used to select a valid\ndependency version." type: "string" + kind: + description: "Kind of the package (not the kind of the package revision)." + type: "string" package: description: "Package is the OCI image name without a tag or digest." type: "string" type: - description: "Type is the type of package. Can be either Configuration or Provider." + description: "Type is the type of package. Can be either Configuration or Provider.\nDeprecated: Specify an apiVersion and kind instead." + enum: + - "Configuration" + - "Provider" + - "Function" type: "string" required: - "constraints" - "package" - - "type" type: "object" type: "array" + kind: + description: "Kind of the package (not the kind of the package revision)." + type: "string" name: description: "Name corresponds to the name of the package revision for this package." type: "string" @@ -61,7 +76,11 @@ spec: description: "Source is the OCI image name without a tag or digest." type: "string" type: - description: "Type is the type of package. Can be either Configuration or Provider." + description: "Type is the type of package.\nDeprecated: Specify an apiVersion and kind instead." + enum: + - "Configuration" + - "Provider" + - "Function" type: "string" version: description: "Version is the tag or digest of the OCI image." @@ -70,7 +89,6 @@ spec: - "dependencies" - "name" - "source" - - "type" - "version" type: "object" type: "array" diff --git a/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta1/cryostats.yaml b/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta1/cryostats.yaml index 6f4afcf76..e9b59690d 100644 --- a/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta1/cryostats.yaml +++ b/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta1/cryostats.yaml @@ -678,11 +678,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -699,11 +701,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -715,6 +719,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -739,11 +744,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -760,14 +767,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -785,7 +795,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -803,11 +813,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -815,6 +827,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -834,11 +858,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -851,6 +877,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -866,13 +893,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -890,11 +918,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -902,6 +932,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -921,11 +963,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -938,6 +982,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -945,6 +990,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Pod anti-affinity scheduling rules for a Cryostat pod. See: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodAntiAffinity" @@ -958,7 +1004,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -976,11 +1022,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -988,6 +1036,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1007,11 +1067,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1024,6 +1086,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1039,13 +1102,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1063,11 +1127,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1075,6 +1141,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1094,11 +1172,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1111,6 +1191,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1118,6 +1199,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -1155,6 +1237,18 @@ spec: podSecurityContext: description: "Security Context to apply to the Cryostat report generator pod." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -1207,6 +1301,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -1223,6 +1318,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -1246,6 +1342,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1255,12 +1363,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1481,11 +1591,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1502,11 +1614,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -1518,6 +1632,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -1542,11 +1657,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1563,14 +1680,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1588,7 +1708,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1606,11 +1726,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1618,6 +1740,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1637,11 +1771,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1654,6 +1790,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1669,13 +1806,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1693,11 +1831,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1705,6 +1845,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1724,11 +1876,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1741,6 +1895,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1748,6 +1903,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Pod anti-affinity scheduling rules for a Cryostat pod. See: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodAntiAffinity" @@ -1761,7 +1917,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1779,11 +1935,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1791,6 +1949,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1810,11 +1980,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1827,6 +1999,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1842,13 +2015,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1866,11 +2040,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1878,6 +2054,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1897,11 +2085,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1914,6 +2104,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1921,6 +2112,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -1961,6 +2153,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1970,12 +2174,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2048,6 +2254,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2057,12 +2275,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2135,6 +2355,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2144,12 +2376,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2222,6 +2456,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2231,12 +2477,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2306,6 +2554,18 @@ spec: podSecurityContext: description: "Security Context to apply to the Cryostat pod." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -2358,6 +2618,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -2374,6 +2635,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2397,6 +2659,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2406,12 +2680,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2609,6 +2885,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -2648,21 +2925,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2701,11 +2963,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2716,6 +2980,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" diff --git a/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta2/cryostats.yaml b/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta2/cryostats.yaml index 7f8fc2043..be3481412 100644 --- a/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta2/cryostats.yaml +++ b/crd-catalog/cryostatio/cryostat-operator/operator.cryostat.io/v1beta2/cryostats.yaml @@ -42,6 +42,50 @@ spec: spec: description: "CryostatSpec defines the desired state of Cryostat." properties: + agentOptions: + description: "Options to control how the operator configures Cryostat Agents\nto communicate with this Cryostat instance." + properties: + disableHostnameVerification: + description: "Disables hostname verification when Cryostat connects to Agents over TLS.\nConsider enabling this if the Cryostat Agent fails to determine the hostname of your pod." + type: "boolean" + resources: + description: "The resources allocated to the init container used to inject the Cryostat agent,\nwhen using the operator's agent auto-configuration feature." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + type: "object" authorizationOptions: description: "Additional configuration options for the authorization proxy." properties: @@ -123,7 +167,7 @@ spec: annotations: additionalProperties: type: "string" - description: "Annotations to add to the Ingress or Route during its creation." + description: "Annotations to add to the object during its creation." type: "object" externalHost: description: "Externally routable host to be used to reach this\nCryostat service. Used to define a Route's host on\nOpenShift when it is first created.\nOn Kubernetes, define this using \"spec.ingressSpec\"." @@ -271,10 +315,42 @@ spec: labels: additionalProperties: type: "string" - description: "Labels to add to the Ingress or Route during its creation.\nThe label with key \"app\" is reserved for use by the operator." + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." type: "object" type: "object" type: "object" + networkPolicies: + description: "Options to customize the NetworkPolicy objects created for Cryostat's various Services." + properties: + coreConfig: + description: "NetworkPolicy configuration for the Cryostat application service." + properties: + disabled: + description: "Disable the NetworkPolicy for a given service." + type: "boolean" + type: "object" + databaseConfig: + description: "NetworkPolicy configuration for the database service." + properties: + disabled: + description: "Disable the NetworkPolicy for a given service." + type: "boolean" + type: "object" + reportsConfig: + description: "NetworkPolicy configuration for the cryostat-reports service." + properties: + disabled: + description: "Disable the NetworkPolicy for a given service." + type: "boolean" + type: "object" + storageConfig: + description: "NetworkPolicy configuration for the storage service." + properties: + disabled: + description: "Disable the NetworkPolicy for a given service." + type: "boolean" + type: "object" + type: "object" operandMetadata: description: "Options to configure the Cryostat deployments and pods metadata" properties: @@ -284,12 +360,12 @@ spec: annotations: additionalProperties: type: "string" - description: "Annotations to add to the resources during its creation." + description: "Annotations to add to the object during its creation." type: "object" labels: additionalProperties: type: "string" - description: "Labels to add to the resources during its creation.\nThe labels with keys \"app\" and \"component\" are reserved\nfor use by the operator." + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." type: "object" type: "object" podMetadata: @@ -298,12 +374,12 @@ spec: annotations: additionalProperties: type: "string" - description: "Annotations to add to the resources during its creation." + description: "Annotations to add to the object during its creation." type: "object" labels: additionalProperties: type: "string" - description: "Labels to add to the resources during its creation.\nThe labels with keys \"app\" and \"component\" are reserved\nfor use by the operator." + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." type: "object" type: "object" type: "object" @@ -384,11 +460,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -405,11 +483,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -421,6 +501,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -445,11 +526,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -466,14 +549,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -491,7 +577,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -509,11 +595,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -521,6 +609,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -540,11 +640,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -557,6 +659,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -572,13 +675,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -596,11 +700,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -608,6 +714,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -627,11 +745,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -644,6 +764,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -651,6 +772,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Pod anti-affinity scheduling rules for a Cryostat pod. See: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodAntiAffinity" @@ -664,7 +786,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -682,11 +804,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -694,6 +818,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -713,11 +849,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -730,6 +868,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -745,13 +884,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -769,11 +909,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -781,6 +923,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -800,11 +954,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -817,6 +973,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -824,6 +981,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -861,6 +1019,18 @@ spec: podSecurityContext: description: "Security Context to apply to the Cryostat report generator pod." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -913,6 +1083,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -929,6 +1100,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -952,6 +1124,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -961,12 +1145,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1335,11 +1521,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1356,11 +1544,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -1372,6 +1562,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -1396,11 +1587,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1417,14 +1610,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1442,7 +1638,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1460,11 +1656,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1472,6 +1670,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1491,11 +1701,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1508,6 +1720,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1523,13 +1736,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1547,11 +1761,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1559,6 +1775,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1578,11 +1806,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1595,6 +1825,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1602,6 +1833,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Pod anti-affinity scheduling rules for a Cryostat pod. See: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodAntiAffinity" @@ -1615,7 +1847,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1633,11 +1865,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1645,6 +1879,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1664,11 +1910,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1681,6 +1929,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1696,13 +1945,14 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -1720,11 +1970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1732,6 +1984,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1751,11 +2015,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1768,6 +2034,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1775,6 +2042,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: @@ -1815,6 +2083,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1824,12 +2104,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1902,6 +2184,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1911,12 +2205,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1989,6 +2285,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1998,12 +2306,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2076,6 +2386,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2085,12 +2407,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2163,6 +2487,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2172,12 +2508,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2250,6 +2588,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2259,12 +2609,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2334,6 +2686,18 @@ spec: podSecurityContext: description: "Security Context to apply to the Cryostat pod." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -2386,6 +2750,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -2402,6 +2767,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -2425,6 +2791,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2434,12 +2812,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2510,13 +2890,27 @@ spec: serviceOptions: description: "Options to customize the services created for the Cryostat application." properties: - agentConfig: + agentCallbackConfig: + description: "Specification for the headless services in each target namespace that allow Cryostat\nto communicate with agents in those namespaces." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations to add to the object during its creation." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." + type: "object" + type: "object" + agentGatewayConfig: description: "Specification for the service responsible for agents to communicate with Cryostat." properties: annotations: additionalProperties: type: "string" - description: "Annotations to add to the service during its creation." + description: "Annotations to add to the object during its creation." type: "object" httpPort: description: "HTTP port number for the Cryostat agent API service.\nDefaults to 8282." @@ -2525,7 +2919,7 @@ spec: labels: additionalProperties: type: "string" - description: "Labels to add to the service during its creation.\nThe labels with keys \"app\" and \"component\" are reserved\nfor use by the operator." + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." type: "object" serviceType: description: "Type of service to create. Defaults to \"ClusterIP\"." @@ -2537,7 +2931,7 @@ spec: annotations: additionalProperties: type: "string" - description: "Annotations to add to the service during its creation." + description: "Annotations to add to the object during its creation." type: "object" httpPort: description: "HTTP port number for the Cryostat application service.\nDefaults to 8181." @@ -2546,7 +2940,28 @@ spec: labels: additionalProperties: type: "string" - description: "Labels to add to the service during its creation.\nThe labels with keys \"app\" and \"component\" are reserved\nfor use by the operator." + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." + type: "object" + serviceType: + description: "Type of service to create. Defaults to \"ClusterIP\"." + type: "string" + type: "object" + databaseConfig: + description: "Specification for the service responsible for the cryostat application's database." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations to add to the object during its creation." + type: "object" + databasePort: + description: "DatabasePort number for the cryostat application's database.\nDefaults to 5432." + format: "int32" + type: "integer" + labels: + additionalProperties: + type: "string" + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." type: "object" serviceType: description: "Type of service to create. Defaults to \"ClusterIP\"." @@ -2558,7 +2973,7 @@ spec: annotations: additionalProperties: type: "string" - description: "Annotations to add to the service during its creation." + description: "Annotations to add to the object during its creation." type: "object" httpPort: description: "HTTP port number for the cryostat-reports service.\nDefaults to 10000." @@ -2567,7 +2982,28 @@ spec: labels: additionalProperties: type: "string" - description: "Labels to add to the service during its creation.\nThe labels with keys \"app\" and \"component\" are reserved\nfor use by the operator." + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." + type: "object" + serviceType: + description: "Type of service to create. Defaults to \"ClusterIP\"." + type: "string" + type: "object" + storageConfig: + description: "Specification for the service responsible for the storage to be created by the operator." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations to add to the object during its creation." + type: "object" + httpPort: + description: "HTTP port number for the storage to be created by the operator.\nDefaults to 8333." + format: "int32" + type: "integer" + labels: + additionalProperties: + type: "string" + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." type: "object" serviceType: description: "Type of service to create. Defaults to \"ClusterIP\"." @@ -2577,8 +3013,153 @@ spec: storageOptions: description: "Options to customize the storage provisioned for the database and object storage." properties: + database: + description: "Configuration for the Persistent Volume Claim to be created by the operator for the database." + properties: + emptyDir: + description: "Configuration for an EmptyDir to be created\nby the operator instead of a PVC." + properties: + enabled: + description: "When enabled, Cryostat will use EmptyDir volumes instead of a Persistent Volume Claim. Any PVC configurations will be ignored." + type: "boolean" + medium: + description: "Unless specified, the emptyDir volume will be mounted on\nthe same storage medium backing the node. Setting this field to\n\"Memory\" will mount the emptyDir on a tmpfs (RAM-backed filesystem)." + type: "string" + sizeLimit: + description: "The maximum memory limit for the emptyDir. Default is unbounded." + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + type: "string" + type: "object" + pvc: + description: "Configuration for the Persistent Volume Claim to be created\nby the operator." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations to add to the object during its creation." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." + type: "object" + spec: + description: "Spec for a Persistent Volume Claim, whose options will override the\ndefaults used by the operator. Unless overriden, the PVC will be\ncreated with the default Storage Class and 500MiB of storage.\nOnce the operator has created the PVC, changes to this field have\nno effect." + properties: + accessModes: + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + dataSource: + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + required: + - "kind" + - "name" + type: "object" + x-kubernetes-map-type: "atomic" + dataSourceRef: + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + namespace: + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + type: "string" + required: + - "kind" + - "name" + type: "object" + resources: + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + selector: + description: "selector is a label query over volumes to consider for binding." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + storageClassName: + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" + volumeMode: + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." + type: "string" + volumeName: + description: "volumeName is the binding reference to the PersistentVolume backing this claim." + type: "string" + type: "object" + type: "object" + type: "object" emptyDir: - description: "Configuration for an EmptyDir to be created\nby the operator instead of a PVC." + description: "Configuration for an EmptyDir to be created\nby the operator instead of a PVC.\nDeprecated: use storageOptions.database and storageOptions.objectStorage" properties: enabled: description: "When enabled, Cryostat will use EmptyDir volumes instead of a Persistent Volume Claim. Any PVC configurations will be ignored." @@ -2591,18 +3172,163 @@ spec: pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" type: "string" type: "object" + objectStorage: + description: "Configuration for the Persistent Volume Claim to be created by the operator for the object storage." + properties: + emptyDir: + description: "Configuration for an EmptyDir to be created\nby the operator instead of a PVC." + properties: + enabled: + description: "When enabled, Cryostat will use EmptyDir volumes instead of a Persistent Volume Claim. Any PVC configurations will be ignored." + type: "boolean" + medium: + description: "Unless specified, the emptyDir volume will be mounted on\nthe same storage medium backing the node. Setting this field to\n\"Memory\" will mount the emptyDir on a tmpfs (RAM-backed filesystem)." + type: "string" + sizeLimit: + description: "The maximum memory limit for the emptyDir. Default is unbounded." + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + type: "string" + type: "object" + pvc: + description: "Configuration for the Persistent Volume Claim to be created\nby the operator." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations to add to the object during its creation." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." + type: "object" + spec: + description: "Spec for a Persistent Volume Claim, whose options will override the\ndefaults used by the operator. Unless overriden, the PVC will be\ncreated with the default Storage Class and 500MiB of storage.\nOnce the operator has created the PVC, changes to this field have\nno effect." + properties: + accessModes: + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + dataSource: + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + required: + - "kind" + - "name" + type: "object" + x-kubernetes-map-type: "atomic" + dataSourceRef: + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + namespace: + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + type: "string" + required: + - "kind" + - "name" + type: "object" + resources: + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + properties: + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + selector: + description: "selector is a label query over volumes to consider for binding." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + storageClassName: + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" + volumeMode: + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." + type: "string" + volumeName: + description: "volumeName is the binding reference to the PersistentVolume backing this claim." + type: "string" + type: "object" + type: "object" + type: "object" pvc: - description: "Configuration for the Persistent Volume Claim to be created\nby the operator." + description: "Configuration for the Persistent Volume Claim to be created\nby the operator.\nDeprecated: use storageOptions.database and storageOptions.objectStorage" properties: annotations: additionalProperties: type: "string" - description: "Annotations to add to the Persistent Volume Claim during its creation." + description: "Annotations to add to the object during its creation." type: "object" labels: additionalProperties: type: "string" - description: "Labels to add to the Persistent Volume Claim during its creation.\nThe label with key \"app\" is reserved for use by the operator." + description: "Labels to add to the object during its creation.\nThe following label keys are reserved for use by the operator:\n\"app\", \"component\", \"app.kubernetes.io/name\", \"app.kubernetes.io/instance\",\n\"app.kubernetes.io/component\", and \"app.kubernetes.io/part-of\"." type: "object" spec: description: "Spec for a Persistent Volume Claim, whose options will override the\ndefaults used by the operator. Unless overriden, the PVC will be\ncreated with the default Storage Class and 500MiB of storage.\nOnce the operator has created the PVC, changes to this field have\nno effect." @@ -2612,6 +3338,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -2651,21 +3378,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -2704,11 +3416,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -2719,6 +3433,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -2767,7 +3484,7 @@ spec: type: "array" type: "object" targetNamespaces: - description: "List of namespaces whose workloads Cryostat should be\npermitted to access and profile. Defaults to this Cryostat's namespace.\nWarning: All Cryostat users will be able to create and manage\nrecordings for workloads in the listed namespaces.\nMore details: https://github.com/cryostatio/cryostat-operator/blob/v3.0.0/docs/config.md#data-isolation" + description: "List of namespaces whose workloads Cryostat should be\npermitted to access and profile. Defaults to this Cryostat's namespace.\nWarning: All Cryostat users will be able to create and manage\nrecordings for workloads in the listed namespaces.\nMore details: https://github.com/cryostatio/cryostat-operator/blob/v4.0.0/docs/config.md#data-isolation" items: type: "string" type: "array" diff --git a/crd-catalog/datainfrahq/druid-operator/druid.apache.org/v1alpha1/druids.yaml b/crd-catalog/datainfrahq/druid-operator/druid.apache.org/v1alpha1/druids.yaml index 77daeaa2b..3c9c0a119 100644 --- a/crd-catalog/datainfrahq/druid-operator/druid.apache.org/v1alpha1/druids.yaml +++ b/crd-catalog/datainfrahq/druid-operator/druid.apache.org/v1alpha1/druids.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.2" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "druids.druid.apache.org" spec: group: "druid.apache.org" @@ -19,10 +19,10 @@ spec: description: "Druid is the Schema for the druids API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -32,7 +32,7 @@ spec: additionalContainer: description: "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods." items: - description: "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. (will be part of Kubernetes native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary)." + description: "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods.\n(will be part of Kubernetes native in the future:\nhttps://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary)." properties: args: description: "Args Arguments to call the command." @@ -56,7 +56,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -68,7 +68,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -78,7 +78,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -91,7 +91,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -117,7 +117,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -140,7 +140,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -154,7 +154,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -173,12 +173,12 @@ spec: description: "Resources Kubernetes Native `resources` specification." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -194,7 +194,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -203,7 +203,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" runAsInit: @@ -213,10 +213,10 @@ spec: description: "ContainerSecurityContext If not present, will be taken from top level pod." properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -232,27 +232,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -268,31 +268,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -302,22 +302,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -337,9 +337,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -347,16 +347,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -368,16 +368,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -398,26 +398,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -429,16 +429,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -459,7 +459,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -472,16 +472,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -493,26 +493,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -524,23 +524,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -549,9 +549,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -559,16 +559,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -580,26 +580,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -611,17 +611,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -632,7 +632,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -645,16 +645,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -666,26 +666,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -697,23 +697,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -722,9 +722,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -732,16 +732,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -753,26 +753,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -784,17 +784,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -802,6 +802,25 @@ spec: type: "array" type: "object" type: "object" + auth: + properties: + secretRef: + description: "SecretReference represents a Secret Reference. It has enough information to retrieve secret\nin any namespace" + properties: + name: + description: "name is unique within a namespace to reference a secret resource." + type: "string" + namespace: + description: "namespace defines the space within which the secret name must be unique." + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: + type: "string" + required: + - "secretRef" + - "type" + type: "object" common.runtime.properties: description: "CommonRuntimeProperties Content fo the `common.runtime.properties` configuration file." type: "string" @@ -813,10 +832,10 @@ spec: description: "ContainerSecurityContext" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -832,27 +851,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -868,31 +887,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -903,7 +922,7 @@ spec: description: "DeepStorage IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator." properties: spec: - description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding." + description: "RawMessage is a raw encoded JSON value.\nIt implements [Marshaler] and [Unmarshaler] and can\nbe used to delay JSON decoding or precompute a JSON encoding." format: "byte" type: "string" type: @@ -914,7 +933,7 @@ spec: type: "object" defaultProbes: default: true - description: "DefaultProbes If set to true this will add default probes (liveness / readiness / startup) for all druid components but it won't override existing probes" + description: "DefaultProbes If set to true this will add default probes (liveness / readiness / startup) for all druid components\nbut it won't override existing probes" type: "boolean" deleteOrphanPvc: default: true @@ -924,6 +943,10 @@ spec: default: false description: "DisablePVCDeletionFinalizer Whether PVCs shall be deleted on the deletion of the Druid cluster." type: "boolean" + dynamicConfig: + description: "Dynamic Configurations for Druid. Applied through the dynamic configuration API." + type: "object" + x-kubernetes-preserve-unknown-fields: true env: description: "Env Environment variables for druid containers." items: @@ -933,7 +956,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -945,7 +968,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -955,7 +978,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -968,7 +991,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -994,7 +1017,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1017,7 +1040,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1031,7 +1054,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1041,44 +1064,44 @@ spec: type: "object" type: "array" extraCommonConfig: - description: "ExtraCommonConfig References to ConfigMaps holding more configuration files to mount to the common configuration path." + description: "ExtraCommonConfig References to ConfigMaps holding more configuration files to mount to the\ncommon configuration path." items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object.\n---\nNew uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.\n 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.\n 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular\n restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\".\n Those cannot be well described when embedded.\n 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.\n 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity\n during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple\n and the version of the actual struct is irrelevant.\n 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type\n will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.\n\n\nInstead of using this type, create a locally provided and used type that is well-focused on your reference.\nFor example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" forceDeleteStsPodOnError: default: true - description: "ForceDeleteStsPodOnError Delete the StatefulSet's pods if the StatefulSet is set to ordered ready. issue: https://github.com/kubernetes/kubernetes/issues/67250 doc: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#forced-rollback" + description: "ForceDeleteStsPodOnError Delete the StatefulSet's pods if the StatefulSet is set to ordered ready.\nissue: https://github.com/kubernetes/kubernetes/issues/67250\ndoc: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#forced-rollback" type: "boolean" hdfs-site.xml: description: "HdfsSite Contents of `hdfs-site.xml`." type: "string" ignored: default: false - description: "Ignored is now deprecated API. In order to avoid reconciliation of objects use the `druid.apache.org/ignored: \"true\"` annotation." + description: "Ignored is now deprecated API. In order to avoid reconciliation of objects use the\n`druid.apache.org/ignored: \"true\"` annotation." type: "boolean" image: description: "Image Required here or at the NodeSpec level." @@ -1090,10 +1113,10 @@ spec: imagePullSecrets: description: "ImagePullSecrets" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1102,19 +1125,19 @@ spec: description: "JvmOptions Contents of the shared `jvm.options` configuration file for druid JVM processes." type: "string" livenessProbe: - description: "LivenessProbe Port is set to `druid.port` if not specified with httpGet handler." + description: "LivenessProbe\nPort is set to `druid.port` if not specified with httpGet handler." properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1125,7 +1148,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1134,7 +1157,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1142,7 +1165,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1159,24 +1182,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1189,17 +1212,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -1210,7 +1233,7 @@ spec: description: "MetadataStore IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator." properties: spec: - description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding." + description: "RawMessage is a raw encoded JSON value.\nIt implements [Marshaler] and [Unmarshaler] and can\nbe used to delay JSON decoding or precompute a JSON encoding." format: "byte" type: "string" type: @@ -1220,7 +1243,7 @@ spec: - "type" type: "object" metricDimensions.json: - description: "DimensionsMapPath Custom Dimension Map Path for statsd emitter. stastd documentation is described in the following documentation: https://druid.apache.org/docs/latest/development/extensions-contrib/statsd.html" + description: "DimensionsMapPath Custom Dimension Map Path for statsd emitter.\nstastd documentation is described in the following documentation:\nhttps://druid.apache.org/docs/latest/development/extensions-contrib/statsd.html" type: "string" nodeSelector: additionalProperties: @@ -1229,12 +1252,12 @@ spec: type: "object" nodes: additionalProperties: - description: "DruidNodeSpec Specification of `Druid` Node type and its configurations. The key in following map can be arbitrary string that helps you identify resources for a specific nodeSpec. It is used in the Kubernetes resources' names, so it must be compliant with restrictions placed on Kubernetes resource names: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/" + description: "DruidNodeSpec Specification of `Druid` Node type and its configurations.\nThe key in following map can be arbitrary string that helps you identify resources for a specific nodeSpec.\nIt is used in the Kubernetes resources' names, so it must be compliant with restrictions\nplaced on Kubernetes resource names:\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/names/" properties: additionalContainer: description: "Operator deploys the sidecar container based on these properties." items: - description: "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. (will be part of Kubernetes native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary)." + description: "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods.\n(will be part of Kubernetes native in the future:\nhttps://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary)." properties: args: description: "Args Arguments to call the command." @@ -1258,7 +1281,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1270,7 +1293,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1280,7 +1303,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1293,7 +1316,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1319,7 +1342,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1342,7 +1365,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1356,7 +1379,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1375,12 +1398,12 @@ spec: description: "Resources Kubernetes Native `resources` specification." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1396,7 +1419,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1405,7 +1428,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" runAsInit: @@ -1415,10 +1438,10 @@ spec: description: "ContainerSecurityContext If not present, will be taken from top level pod." properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1434,27 +1457,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1470,31 +1493,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -1504,22 +1527,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1539,9 +1562,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -1549,16 +1572,16 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1570,16 +1593,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1600,26 +1623,26 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1631,16 +1654,16 @@ spec: matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" @@ -1661,7 +1684,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1674,16 +1697,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1695,26 +1718,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1726,23 +1749,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1751,9 +1774,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -1761,16 +1784,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1782,26 +1805,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1813,17 +1836,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -1834,7 +1857,7 @@ spec: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -1847,16 +1870,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1868,26 +1891,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1899,23 +1922,23 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -1924,9 +1947,9 @@ spec: type: "object" type: "array" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: description: "A label query over a set of resources, in this case pods." @@ -1934,16 +1957,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1955,26 +1978,26 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -1986,17 +2009,17 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" @@ -2008,10 +2031,10 @@ spec: description: "ContainerSecurityContext" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2027,27 +2050,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2063,31 +2086,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -2095,6 +2118,10 @@ spec: description: "DruidPort Used by the `Druid` process." format: "int32" type: "integer" + dynamicConfig: + description: "Dynamic Configurations for Druid. Applied through the dynamic configuration API." + type: "object" + x-kubernetes-preserve-unknown-fields: true env: description: "Env Environment variables for druid containers." items: @@ -2104,7 +2131,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -2116,7 +2143,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2126,7 +2153,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -2139,7 +2166,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -2165,7 +2192,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2188,7 +2215,7 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2202,7 +2229,7 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2218,25 +2245,25 @@ spec: description: "HPAutoScaler Kubernetes Native `HorizontalPodAutoscaler` specification." properties: behavior: - description: "behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). If not set, the default HPAScalingRules for scale up and scale down are used." + description: "behavior configures the scaling behavior of the target\nin both Up and Down directions (scaleUp and scaleDown fields respectively).\nIf not set, the default HPAScalingRules for scale up and scale down are used." properties: scaleDown: - description: "scaleDown is scaling policy for scaling Down. If not set, the default value is to allow to scale down to minReplicas pods, with a 300 second stabilization window (i.e., the highest recommendation for the last 300sec is used)." + description: "scaleDown is scaling policy for scaling Down.\nIf not set, the default value is to allow to scale down to minReplicas pods, with a\n300 second stabilization window (i.e., the highest recommendation for\nthe last 300sec is used)." properties: policies: - description: "policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid" + description: "policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid" items: description: "HPAScalingPolicy is a single policy which must hold true for a specified past interval." properties: periodSeconds: - description: "periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)." + description: "periodSeconds specifies the window of time for which the policy should hold true.\nPeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)." format: "int32" type: "integer" type: description: "type is used to specify the scaling policy." type: "string" value: - description: "value contains the amount of change which is permitted by the policy. It must be greater than zero" + description: "value contains the amount of change which is permitted by the policy.\nIt must be greater than zero" format: "int32" type: "integer" required: @@ -2247,30 +2274,30 @@ spec: type: "array" x-kubernetes-list-type: "atomic" selectPolicy: - description: "selectPolicy is used to specify which policy should be used. If not set, the default value Max is used." + description: "selectPolicy is used to specify which policy should be used.\nIf not set, the default value Max is used." type: "string" stabilizationWindowSeconds: - description: "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long)." + description: "stabilizationWindowSeconds is the number of seconds for which past recommendations should be\nconsidered while scaling up or scaling down.\nStabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour).\nIf not set, use the default values:\n- For scale up: 0 (i.e. no stabilization is done).\n- For scale down: 300 (i.e. the stabilization window is 300 seconds long)." format: "int32" type: "integer" type: "object" scaleUp: - description: "scaleUp is scaling policy for scaling Up. If not set, the default value is the higher of: * increase no more than 4 pods per 60 seconds * double the number of pods per 60 seconds No stabilization is used." + description: "scaleUp is scaling policy for scaling Up.\nIf not set, the default value is the higher of:\n * increase no more than 4 pods per 60 seconds\n * double the number of pods per 60 seconds\nNo stabilization is used." properties: policies: - description: "policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid" + description: "policies is a list of potential scaling polices which can be used during scaling.\nAt least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid" items: description: "HPAScalingPolicy is a single policy which must hold true for a specified past interval." properties: periodSeconds: - description: "periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)." + description: "periodSeconds specifies the window of time for which the policy should hold true.\nPeriodSeconds must be greater than zero and less than or equal to 1800 (30 min)." format: "int32" type: "integer" type: description: "type is used to specify the scaling policy." type: "string" value: - description: "value contains the amount of change which is permitted by the policy. It must be greater than zero" + description: "value contains the amount of change which is permitted by the policy.\nIt must be greater than zero" format: "int32" type: "integer" required: @@ -2281,25 +2308,25 @@ spec: type: "array" x-kubernetes-list-type: "atomic" selectPolicy: - description: "selectPolicy is used to specify which policy should be used. If not set, the default value Max is used." + description: "selectPolicy is used to specify which policy should be used.\nIf not set, the default value Max is used." type: "string" stabilizationWindowSeconds: - description: "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long)." + description: "stabilizationWindowSeconds is the number of seconds for which past recommendations should be\nconsidered while scaling up or scaling down.\nStabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour).\nIf not set, use the default values:\n- For scale up: 0 (i.e. no stabilization is done).\n- For scale down: 300 (i.e. the stabilization window is 300 seconds long)." format: "int32" type: "integer" type: "object" type: "object" maxReplicas: - description: "maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas." + description: "maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up.\nIt cannot be less that minReplicas." format: "int32" type: "integer" metrics: - description: "metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization." + description: "metrics contains the specifications for which to use to calculate the\ndesired replica count (the maximum replica count across all metrics will\nbe used). The desired replica count is calculated multiplying the\nratio between the target value and the current value by the current\nnumber of pods. Ergo, metrics used must decrease as the pod count is\nincreased, and vice-versa. See the individual metric source types for\nmore information about how each type of metric must respond.\nIf not set, the default metric will be set to 80% average CPU utilization." items: - description: "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once)." + description: "MetricSpec specifies how to scale based on a single metric\n(only `type` and one other matching field should be set at once)." properties: containerResource: - description: "containerResource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag." + description: "containerResource refers to a resource metric (such as those specified in\nrequests and limits) known to Kubernetes describing a single container in\neach pod of the current scale target (e.g. CPU or memory). Such metrics are\nbuilt in to Kubernetes, and have special scaling options on top of those\navailable to normal per-pod metrics using the \"pods\" source.\nThis is an alpha feature and can be enabled by the HPAContainerMetrics feature flag." properties: container: description: "container is the name of the container in the pods of the scaling target" @@ -2311,14 +2338,14 @@ spec: description: "target specifies the target value for the given metric" properties: averageUtilization: - description: "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type" + description: "averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type" format: "int32" type: "integer" averageValue: anyOf: - type: "integer" - type: "string" - description: "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + description: "averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: @@ -2340,7 +2367,7 @@ spec: - "target" type: "object" external: - description: "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster)." + description: "external refers to a global metric that is not associated\nwith any Kubernetes object. It allows autoscaling based on information\ncoming from components running outside of cluster\n(for example length of queue in cloud messaging service, or\nQPS from loadbalancer running outside of cluster)." properties: metric: description: "metric identifies the target metric by name and selector" @@ -2349,21 +2376,21 @@ spec: description: "name is the name of the given metric" type: "string" selector: - description: "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics." + description: "selector is the string-encoded form of a standard kubernetes label selector for the given metric\nWhen set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.\nWhen unset, just the metricName will be used to gather metrics." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2375,7 +2402,7 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" @@ -2386,14 +2413,14 @@ spec: description: "target specifies the target value for the given metric" properties: averageUtilization: - description: "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type" + description: "averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type" format: "int32" type: "integer" averageValue: anyOf: - type: "integer" - type: "string" - description: "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + description: "averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: @@ -2414,7 +2441,7 @@ spec: - "target" type: "object" object: - description: "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object)." + description: "object refers to a metric describing a single kubernetes object\n(for example, hits-per-second on an Ingress object)." properties: describedObject: description: "describedObject specifies the descriptions of a object,such as kind,name apiVersion" @@ -2439,21 +2466,21 @@ spec: description: "name is the name of the given metric" type: "string" selector: - description: "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics." + description: "selector is the string-encoded form of a standard kubernetes label selector for the given metric\nWhen set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.\nWhen unset, just the metricName will be used to gather metrics." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2465,7 +2492,7 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" @@ -2476,14 +2503,14 @@ spec: description: "target specifies the target value for the given metric" properties: averageUtilization: - description: "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type" + description: "averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type" format: "int32" type: "integer" averageValue: anyOf: - type: "integer" - type: "string" - description: "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + description: "averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: @@ -2505,7 +2532,7 @@ spec: - "target" type: "object" pods: - description: "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value." + description: "pods refers to a metric describing each pod in the current scale target\n(for example, transactions-processed-per-second). The values will be\naveraged together before being compared to the target value." properties: metric: description: "metric identifies the target metric by name and selector" @@ -2514,21 +2541,21 @@ spec: description: "name is the name of the given metric" type: "string" selector: - description: "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics." + description: "selector is the string-encoded form of a standard kubernetes label selector for the given metric\nWhen set, it is passed as an additional parameter to the metrics server for more specific metrics scoping.\nWhen unset, just the metricName will be used to gather metrics." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2540,7 +2567,7 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" @@ -2551,14 +2578,14 @@ spec: description: "target specifies the target value for the given metric" properties: averageUtilization: - description: "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type" + description: "averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type" format: "int32" type: "integer" averageValue: anyOf: - type: "integer" - type: "string" - description: "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + description: "averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: @@ -2579,7 +2606,7 @@ spec: - "target" type: "object" resource: - description: "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source." + description: "resource refers to a resource metric (such as those specified in\nrequests and limits) known to Kubernetes describing each pod in the\ncurrent scale target (e.g. CPU or memory). Such metrics are built in to\nKubernetes, and have special scaling options on top of those available\nto normal per-pod metrics using the \"pods\" source." properties: name: description: "name is the name of the resource in question." @@ -2588,14 +2615,14 @@ spec: description: "target specifies the target value for the given metric" properties: averageUtilization: - description: "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type" + description: "averageUtilization is the target value of the average of the\nresource metric across all relevant pods, represented as a percentage of\nthe requested value of the resource for the pods.\nCurrently only valid for Resource metric source type" format: "int32" type: "integer" averageValue: anyOf: - type: "integer" - type: "string" - description: "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)" + description: "averageValue is the target value of the average of the\nmetric across all relevant pods (as a quantity)" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: @@ -2616,7 +2643,7 @@ spec: - "target" type: "object" type: - description: "type is the type of metric source. It should be one of \"ContainerResource\", \"External\", \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object. Note: \"ContainerResource\" type is available on when the feature-gate HPAContainerMetrics is enabled" + description: "type is the type of metric source. It should be one of \"ContainerResource\", \"External\",\n\"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.\nNote: \"ContainerResource\" type is available on when the feature-gate\nHPAContainerMetrics is enabled" type: "string" required: - "type" @@ -2624,11 +2651,11 @@ spec: type: "array" x-kubernetes-list-type: "atomic" minReplicas: - description: "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available." + description: "minReplicas is the lower limit for the number of replicas to which the autoscaler\ncan scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the\nalpha feature gate HPAScaleToZero is enabled and at least one Object or External\nmetric is configured. Scaling is active as long as at least one metric value is\navailable." format: "int32" type: "integer" scaleTargetRef: - description: "scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count." + description: "scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics\nshould be collected, as well as to actually change the replica count." properties: apiVersion: description: "apiVersion is the API version of the referent" @@ -2656,10 +2683,10 @@ spec: imagePullSecrets: description: "ImagePullSecrets Overrides `imagePullSecrets` from top level." items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2668,13 +2695,13 @@ spec: description: "Ingress Kubernetes Native `Ingress` specification." properties: defaultBackend: - description: "defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller." + description: "defaultBackend is the backend that should handle requests that don't\nmatch any rule. If Rules are not specified, DefaultBackend must be specified.\nIf DefaultBackend is not set, the handling of requests that do not match any\nof the rules will be up to the Ingress controller." properties: resource: - description: "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\"." + description: "resource is an ObjectRef to another Kubernetes resource in the namespace\nof the Ingress object. If resource is specified, a service.Name and\nservice.Port must not be specified.\nThis is a mutually exclusive setting with \"Service\"." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -2688,19 +2715,19 @@ spec: type: "object" x-kubernetes-map-type: "atomic" service: - description: "service references a service as a backend. This is a mutually exclusive setting with \"Resource\"." + description: "service references a service as a backend.\nThis is a mutually exclusive setting with \"Resource\"." properties: name: - description: "name is the referenced service. The service must exist in the same namespace as the Ingress object." + description: "name is the referenced service. The service must exist in\nthe same namespace as the Ingress object." type: "string" port: - description: "port of the referenced service. A port name or port number is required for a IngressServiceBackend." + description: "port of the referenced service. A port name or port number\nis required for a IngressServiceBackend." properties: name: - description: "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\"." + description: "name is the name of the port on the Service.\nThis is a mutually exclusive setting with \"Number\"." type: "string" number: - description: "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\"." + description: "number is the numerical port number (e.g. 80) on the Service.\nThis is a mutually exclusive setting with \"Name\"." format: "int32" type: "integer" type: "object" @@ -2709,32 +2736,32 @@ spec: type: "object" type: "object" ingressClassName: - description: "ingressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present." + description: "ingressClassName is the name of an IngressClass cluster resource. Ingress\ncontroller implementations use this field to know whether they should be\nserving this Ingress resource, by a transitive connection\n(controller -> IngressClass -> Ingress resource). Although the\n`kubernetes.io/ingress.class` annotation (simple constant name) was never\nformally defined, it was widely supported by Ingress controllers to create\na direct binding between Ingress controller and Ingress resources. Newly\ncreated Ingress resources should prefer using the field. However, even\nthough the annotation is officially deprecated, for backwards compatibility\nreasons, ingress controllers should still honor that annotation if present." type: "string" rules: - description: "rules is a list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend." + description: "rules is a list of host rules used to configure the Ingress. If unspecified,\nor no rule matches, all traffic is sent to the default backend." items: - description: "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue." + description: "IngressRule represents the rules mapping the paths under a specified host to\nthe related backend services. Incoming requests are first evaluated for a host\nmatch, then routed to the backend associated with the matching IngressRuleValue." properties: host: - description: "host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. \n host can be \"precise\" which is a domain name without the terminating dot of a network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name prefixed with a single wildcard label (e.g. \"*.foo.com\"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\"). Requests will be matched against the Host field in the following way: 1. If host is precise, the request matches this rule if the http host header is equal to Host. 2. If host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule." + description: "host is the fully qualified domain name of a network host, as defined by RFC 3986.\nNote the following deviations from the \"host\" part of the\nURI as defined in RFC 3986:\n1. IPs are not allowed. Currently an IngressRuleValue can only apply to\n the IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future.\nIncoming requests are matched against the host before the\nIngressRuleValue. If the host is unspecified, the Ingress routes all\ntraffic based on the specified IngressRuleValue.\n\n\nhost can be \"precise\" which is a domain name without the terminating dot of\na network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name\nprefixed with a single wildcard label (e.g. \"*.foo.com\").\nThe wildcard character '*' must appear by itself as the first DNS label and\nmatches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\").\nRequests will be matched against the Host field in the following way:\n1. If host is precise, the request matches this rule if the http host header is equal to Host.\n2. If host is a wildcard, then the request matches this rule if the http host header\nis to equal to the suffix (removing the first label) of the wildcard rule." type: "string" http: - description: "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'." + description: "HTTPIngressRuleValue is a list of http selectors pointing to backends.\nIn the example: http:///? -> backend where\nwhere parts of the url correspond to RFC 3986, this resource will be used\nto match against everything after the last '/' and before the first '?'\nor '#'." properties: paths: description: "paths is a collection of paths that map requests to backends." items: - description: "HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend." + description: "HTTPIngressPath associates a path with a backend. Incoming urls matching the\npath are forwarded to the backend." properties: backend: - description: "backend defines the referenced service endpoint to which the traffic will be forwarded to." + description: "backend defines the referenced service endpoint to which the traffic\nwill be forwarded to." properties: resource: - description: "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\"." + description: "resource is an ObjectRef to another Kubernetes resource in the namespace\nof the Ingress object. If resource is specified, a service.Name and\nservice.Port must not be specified.\nThis is a mutually exclusive setting with \"Service\"." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -2748,19 +2775,19 @@ spec: type: "object" x-kubernetes-map-type: "atomic" service: - description: "service references a service as a backend. This is a mutually exclusive setting with \"Resource\"." + description: "service references a service as a backend.\nThis is a mutually exclusive setting with \"Resource\"." properties: name: - description: "name is the referenced service. The service must exist in the same namespace as the Ingress object." + description: "name is the referenced service. The service must exist in\nthe same namespace as the Ingress object." type: "string" port: - description: "port of the referenced service. A port name or port number is required for a IngressServiceBackend." + description: "port of the referenced service. A port name or port number\nis required for a IngressServiceBackend." properties: name: - description: "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\"." + description: "name is the name of the port on the Service.\nThis is a mutually exclusive setting with \"Number\"." type: "string" number: - description: "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\"." + description: "number is the numerical port number (e.g. 80) on the Service.\nThis is a mutually exclusive setting with \"Name\"." format: "int32" type: "integer" type: "object" @@ -2769,10 +2796,10 @@ spec: type: "object" type: "object" path: - description: "path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value \"Exact\" or \"Prefix\"." + description: "path is matched against the path of an incoming request. Currently it can\ncontain characters disallowed from the conventional \"path\" part of a URL\nas defined by RFC 3986. Paths must begin with a '/' and must be present\nwhen using PathType with value \"Exact\" or \"Prefix\"." type: "string" pathType: - description: "pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is done on a path element by element basis. A path element refers is the list of labels in the path split by the '/' separator. A request is a match for path p if every p is an element-wise prefix of p of the request path. Note that if the last element of the path is a substring of the last element in request path, it is not a match (e.g. /foo/bar matches /foo/bar/baz, but does not match /foo/barbaz). * ImplementationSpecific: Interpretation of the Path matching is up to the IngressClass. Implementations can treat this as a separate PathType or treat it identically to Prefix or Exact path types. Implementations are required to support all path types." + description: "pathType determines the interpretation of the path matching. PathType can\nbe one of the following values:\n* Exact: Matches the URL path exactly.\n* Prefix: Matches based on a URL path prefix split by '/'. Matching is\n done on a path element by element basis. A path element refers is the\n list of labels in the path split by the '/' separator. A request is a\n match for path p if every p is an element-wise prefix of p of the\n request path. Note that if the last element of the path is a substring\n of the last element in request path, it is not a match (e.g. /foo/bar\n matches /foo/bar/baz, but does not match /foo/barbaz).\n* ImplementationSpecific: Interpretation of the Path matching is up to\n the IngressClass. Implementations can treat this as a separate PathType\n or treat it identically to Prefix or Exact path types.\nImplementations are required to support all path types." type: "string" required: - "backend" @@ -2787,18 +2814,18 @@ spec: type: "array" x-kubernetes-list-type: "atomic" tls: - description: "tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI." + description: "tls represents the TLS configuration. Currently the Ingress only supports a\nsingle TLS port, 443. If multiple members of this list specify different hosts,\nthey will be multiplexed on the same port according to the hostname specified\nthrough the SNI TLS extension, if the ingress controller fulfilling the\ningress supports SNI." items: description: "IngressTLS describes the transport layer security associated with an ingress." properties: hosts: - description: "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified." + description: "hosts is a list of hosts included in the TLS certificate. The values in\nthis list must match the name/s used in the tlsSecret. Defaults to the\nwildcard host setting for the loadbalancer controller fulfilling this\nIngress, if left unspecified." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" secretName: - description: "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing." + description: "secretName is the name of the secret used to terminate TLS traffic on\nport 443. Field is left optional to allow TLS routing based on SNI\nhostname alone. If the SNI host in a listener conflicts with the \"Host\"\nheader field used by an IngressRule, the SNI host is used for termination\nand value of the \"Host\" header is used for routing." type: "string" type: "object" type: "array" @@ -2814,19 +2841,19 @@ spec: type: "string" kind: default: "StatefulSet" - description: "Kind Can be StatefulSet or Deployment. Note: volumeClaimTemplates are ignored when kind=Deployment" + description: "Kind Can be StatefulSet or Deployment.\nNote: volumeClaimTemplates are ignored when kind=Deployment" type: "string" lifecycle: description: "Lifecycle" properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2835,7 +2862,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2843,7 +2870,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2860,16 +2887,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2878,20 +2905,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2900,7 +2927,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2908,7 +2935,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2925,16 +2952,16 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2943,7 +2970,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2951,19 +2978,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "LivenessProbe Port is set to `druid.port` if not specified with httpGet handler." + description: "LivenessProbe\nPort is set to `druid.port` if not specified with httpGet handler." properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2974,7 +3001,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2983,7 +3010,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2991,7 +3018,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -3008,24 +3035,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -3038,17 +3065,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -3056,11 +3083,11 @@ spec: description: "Log4jConfig Overrides `Log4jConfig` at top level." type: "string" maxSurge: - description: "MaxSurge For Deployment object only. Set to 25% by default." + description: "MaxSurge For Deployment object only.\nSet to 25% by default." format: "int32" type: "integer" maxUnavailable: - description: "MaxUnavailable For deployment object only. Set to 25% by default" + description: "MaxUnavailable For deployment object only.\nSet to 25% by default" format: "int32" type: "integer" nodeConfigMountPath: @@ -3088,13 +3115,13 @@ spec: description: "PersistentVolumeClaim is a user's request for and claim to a persistent volume" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -3114,18 +3141,18 @@ spec: type: "string" type: "object" spec: - description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "spec defines the desired characteristics of a volume requested by a pod author.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3139,10 +3166,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3151,22 +3178,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3182,7 +3209,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3191,7 +3218,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3200,16 +3227,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3221,25 +3248,25 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" status: - description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "status represents the current information/status of a persistent volume claim.\nRead-only.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the actual access modes the volume backing the PVC has.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" @@ -3250,7 +3277,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -3262,7 +3289,7 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." items: description: "PersistentVolumeClaimCondition contains details about state of pvc" properties: @@ -3278,7 +3305,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -3294,7 +3321,7 @@ spec: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" resizeStatus: - description: "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "string" type: "object" type: "object" @@ -3311,30 +3338,30 @@ spec: anyOf: - type: "integer" - type: "string" - description: "An eviction is allowed if at most \"maxUnavailable\" pods selected by \"selector\" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with \"minAvailable\"." + description: "An eviction is allowed if at most \"maxUnavailable\" pods selected by\n\"selector\" are unavailable after the eviction, i.e. even in absence of\nthe evicted pod. For example, one can prevent all voluntary evictions\nby specifying 0. This is a mutually exclusive setting with \"minAvailable\"." x-kubernetes-int-or-string: true minAvailable: anyOf: - type: "integer" - type: "string" - description: "An eviction is allowed if at least \"minAvailable\" pods selected by \"selector\" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying \"100%\"." + description: "An eviction is allowed if at least \"minAvailable\" pods selected by\n\"selector\" will still be available after the eviction, i.e. even in the\nabsence of the evicted pod. So for example you can prevent all voluntary\nevictions by specifying \"100%\"." x-kubernetes-int-or-string: true selector: - description: "Label query over pods whose evictions are managed by the disruption budget. A null selector will match no pods, while an empty ({}) selector will select all pods within the namespace." + description: "Label query over pods whose evictions are managed by the disruption\nbudget.\nA null selector will match no pods, while an empty ({}) selector will select\nall pods within the namespace." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3346,12 +3373,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" unhealthyPodEvictionPolicy: - description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\". \n Valid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy. \n IfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction. \n AlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction. \n Additional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field. \n This field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." + description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." type: "string" type: "object" podLabels: @@ -3369,22 +3396,22 @@ spec: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -3394,19 +3421,19 @@ spec: description: "PriorityClassName Kubernetes native `priorityClassName` specification." type: "string" readinessProbe: - description: "ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler." + description: "ReadinessProbe\nPort is set to `druid.port` if not specified with httpGet handler." properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -3417,7 +3444,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3426,7 +3453,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -3434,7 +3461,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -3451,24 +3478,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -3481,17 +3508,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -3504,12 +3531,12 @@ spec: description: "Resources Kubernetes Native `resources` specification." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -3525,7 +3552,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3534,7 +3561,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" runtime.properties: @@ -3544,25 +3571,25 @@ spec: description: "PodSecurityContext Overrides `securityContext` at top level." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -3578,25 +3605,25 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -3612,19 +3639,19 @@ spec: type: "object" type: "array" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -3634,16 +3661,16 @@ spec: services: description: "Services Overrides services at top level." items: - description: "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy." + description: "Service is a named abstraction of software service (for example, mysql) consisting of local port\n(for example 3306) that the proxy listens on, and the selector that determines which pods\nwill answer requests sent through the proxy." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -3663,72 +3690,72 @@ spec: type: "string" type: "object" spec: - description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "Spec defines the behavior of a service.\nhttps://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: allocateLoadBalancerNodePorts: - description: "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type." + description: "allocateLoadBalancerNodePorts defines if NodePorts will be automatically\nallocated for services with type LoadBalancer. Default is \"true\". It\nmay be set to \"false\" if the cluster load-balancer does not rely on\nNodePorts. If the caller requests specific NodePorts (by specifying a\nvalue), those requests will be respected, regardless of this field.\nThis field may only be set for services with type LoadBalancer and will\nbe cleared if the type is changed to any other type." type: "boolean" clusterIP: - description: "clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "clusterIP is the IP address of the service and is usually assigned\nrandomly. If an address is specified manually, is in-range (as per\nsystem configuration), and is not in use, it will be allocated to the\nservice; otherwise creation of the service will fail. This field may not\nbe changed through updates unless the type field is also being changed\nto ExternalName (which requires this field to be blank) or the type\nfield is being changed from ExternalName (in which case this field may\noptionally be specified, as describe above). Valid values are \"None\",\nempty string (\"\"), or a valid IP address. Setting this to \"None\" makes a\n\"headless service\" (no virtual IP), which is useful when direct endpoint\nconnections are preferred and proxying is not required. Only applies to\ntypes ClusterIP, NodePort, and LoadBalancer. If this field is specified\nwhen creating a Service of type ExternalName, creation will fail. This\nfield will be wiped when updating a Service to type ExternalName.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" clusterIPs: - description: "ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. \n This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "ClusterIPs is a list of IP addresses assigned to this service, and are\nusually assigned randomly. If an address is specified manually, is\nin-range (as per system configuration), and is not in use, it will be\nallocated to the service; otherwise creation of the service will fail.\nThis field may not be changed through updates unless the type field is\nalso being changed to ExternalName (which requires this field to be\nempty) or the type field is being changed from ExternalName (in which\ncase this field may optionally be specified, as describe above). Valid\nvalues are \"None\", empty string (\"\"), or a valid IP address. Setting\nthis to \"None\" makes a \"headless service\" (no virtual IP), which is\nuseful when direct endpoint connections are preferred and proxying is\nnot required. Only applies to types ClusterIP, NodePort, and\nLoadBalancer. If this field is specified when creating a Service of type\nExternalName, creation will fail. This field will be wiped when updating\na Service to type ExternalName. If this field is not specified, it will\nbe initialized from the clusterIP field. If this field is specified,\nclients must ensure that clusterIPs[0] and clusterIP have the same\nvalue.\n\n\nThis field may hold a maximum of two entries (dual-stack IPs, in either order).\nThese IPs must correspond to the values of the ipFamilies field. Both\nclusterIPs and ipFamilies are governed by the ipFamilyPolicy field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" externalIPs: - description: "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system." + description: "externalIPs is a list of IP addresses for which nodes in the cluster\nwill also accept traffic for this service. These IPs are not managed by\nKubernetes. The user is responsible for ensuring that traffic arrives\nat a node with this IP. A common example is external load-balancers\nthat are not part of the Kubernetes system." items: type: "string" type: "array" externalName: - description: "externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\"." + description: "externalName is the external reference that discovery mechanisms will\nreturn as an alias for this service (e.g. a DNS CNAME record). No\nproxying will be involved. Must be a lowercase RFC-1123 hostname\n(https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\"." type: "string" externalTrafficPolicy: - description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node." + description: "externalTrafficPolicy describes how nodes distribute service traffic they\nreceive on one of the Service's \"externally-facing\" addresses (NodePorts,\nExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure\nthe service in a way that assumes that external load balancers will take care\nof balancing the service traffic between nodes, and so each node will deliver\ntraffic only to the node-local endpoints of the service, without masquerading\nthe client source IP. (Traffic mistakenly sent to a node with no endpoints will\nbe dropped.) The default value, \"Cluster\", uses the standard behavior of\nrouting to all endpoints evenly (possibly modified by topology and other\nfeatures). Note that traffic sent to an External IP or LoadBalancer IP from\nwithin the cluster will always get \"Cluster\" semantics, but clients sending to\na NodePort from within the cluster may need to take traffic policy into account\nwhen picking a node." type: "string" healthCheckNodePort: - description: "healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set." + description: "healthCheckNodePort specifies the healthcheck nodePort for the service.\nThis only applies when type is set to LoadBalancer and\nexternalTrafficPolicy is set to Local. If a value is specified, is\nin-range, and is not in use, it will be used. If not specified, a value\nwill be automatically allocated. External systems (e.g. load-balancers)\ncan use this port to determine if a given node holds endpoints for this\nservice or not. If this field is specified when creating a Service\nwhich does not need it, creation will fail. This field will be wiped\nwhen updating a Service to no longer need it (e.g. changing type).\nThis field cannot be updated once set." format: "int32" type: "integer" internalTrafficPolicy: - description: "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features)." + description: "InternalTrafficPolicy describes how nodes distribute service traffic they\nreceive on the ClusterIP. If set to \"Local\", the proxy will assume that pods\nonly want to talk to endpoints of the service on the same node as the pod,\ndropping the traffic if there are no local endpoints. The default value,\n\"Cluster\", uses the standard behavior of routing to all endpoints evenly\n(possibly modified by topology and other features)." type: "string" ipFamilies: - description: "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are \"IPv4\" and \"IPv6\". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to \"headless\" services. This field will be wiped when updating a Service to type ExternalName. \n This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field." + description: "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this\nservice. This field is usually assigned automatically based on cluster\nconfiguration and the ipFamilyPolicy field. If this field is specified\nmanually, the requested family is available in the cluster,\nand ipFamilyPolicy allows it, it will be used; otherwise creation of\nthe service will fail. This field is conditionally mutable: it allows\nfor adding or removing a secondary IP family, but it does not allow\nchanging the primary IP family of the Service. Valid values are \"IPv4\"\nand \"IPv6\". This field only applies to Services of types ClusterIP,\nNodePort, and LoadBalancer, and does apply to \"headless\" services.\nThis field will be wiped when updating a Service to type ExternalName.\n\n\nThis field may hold a maximum of two entries (dual-stack families, in\neither order). These families must correspond to the values of the\nclusterIPs field, if specified. Both clusterIPs and ipFamilies are\ngoverned by the ipFamilyPolicy field." items: - description: "IPFamily represents the IP Family (IPv4 or IPv6). This type is used to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies)." + description: "IPFamily represents the IP Family (IPv4 or IPv6). This type is used\nto express the family of an IP expressed by a type (e.g. service.spec.ipFamilies)." type: "string" type: "array" x-kubernetes-list-type: "atomic" ipFamilyPolicy: - description: "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName." + description: "IPFamilyPolicy represents the dual-stack-ness requested or required by\nthis Service. If there is no value provided, then this field will be set\nto SingleStack. Services can be \"SingleStack\" (a single IP family),\n\"PreferDualStack\" (two IP families on dual-stack configured clusters or\na single IP family on single-stack clusters), or \"RequireDualStack\"\n(two IP families on dual-stack configured clusters, otherwise fail). The\nipFamilies and clusterIPs fields depend on the value of this field. This\nfield will be wiped when updating a service to type ExternalName." type: "string" loadBalancerClass: - description: "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type." + description: "loadBalancerClass is the class of the load balancer implementation this Service belongs to.\nIf specified, the value of this field must be a label-style identifier, with an optional prefix,\ne.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users.\nThis field can only be set when the Service type is 'LoadBalancer'. If not set, the default load\nbalancer implementation is used, today this is typically done through the cloud provider integration,\nbut should apply for any default implementation. If set, it is assumed that a load balancer\nimplementation is watching for Services with a matching class. Any default load balancer\nimplementation (e.g. cloud providers) should ignore Services that set this field.\nThis field can only be set when creating or updating a Service to type 'LoadBalancer'.\nOnce set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type." type: "string" loadBalancerIP: - description: "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version." + description: "Only applies to Service Type: LoadBalancer.\nThis feature depends on whether the underlying cloud-provider supports specifying\nthe loadBalancerIP when a load balancer is created.\nThis field will be ignored if the cloud-provider does not support the feature.\nDeprecated: This field was under-specified and its meaning varies across implementations,\nand it cannot support dual-stack.\nAs of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available.\nThis field may be removed in a future API version." type: "string" loadBalancerSourceRanges: - description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/" + description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider\nload-balancer will be restricted to the specified client IPs. This field will be ignored if the\ncloud-provider does not support the feature.\"\nMore info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/" items: type: "string" type: "array" ports: - description: "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "The list of ports that are exposed by this service.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" items: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: - description: "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service." + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." type: "string" nodePort: - description: "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on each node on which this service is exposed when type is\nNodePort or LoadBalancer. Usually assigned by the system. If a value is\nspecified, in-range, and not in use it will be used, otherwise the\noperation will fail. If not specified, a port will be allocated if this\nService requires one. If this field is specified when creating a\nService which does not need it, creation will fail. This field will be\nwiped when updating a Service to no longer need it (e.g. changing type\nfrom NodePort to ClusterIP).\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" port: @@ -3737,13 +3764,13 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP." + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" targetPort: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" + description: "Number or name of the port to access on the pods targeted by the service.\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.\nIf this is a string, it will be looked up as a named port in the\ntarget Pod's container ports. If this is not specified, the value\nof the 'port' field is used (an identity map).\nThis field is ignored for services with clusterIP=None, and should be\nomitted or set equal to the 'port' field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" x-kubernetes-int-or-string: true required: - "port" @@ -3754,16 +3781,16 @@ spec: - "protocol" x-kubernetes-list-type: "map" publishNotReadyAddresses: - description: "publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered \"ready\" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior." + description: "publishNotReadyAddresses indicates that any agent which deals with endpoints for this\nService should disregard any indications of ready/not-ready.\nThe primary use case for setting this field is for a StatefulSet's Headless Service to\npropagate SRV DNS records for its Pods for the purpose of peer discovery.\nThe Kubernetes controllers that generate Endpoints and EndpointSlice resources for\nServices interpret this to mean that all endpoints are considered \"ready\" even if the\nPods themselves are not. Agents which consume only Kubernetes generated endpoints\nthrough the Endpoints or EndpointSlice resources can safely assume this behavior." type: "boolean" selector: additionalProperties: type: "string" - description: "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/" + description: "Route service traffic to pods with label keys and values matching this\nselector. If empty or not present, the service is assumed to have an\nexternal process managing its endpoints, which Kubernetes will not\nmodify. Only applies to types ClusterIP, NodePort, and LoadBalancer.\nIgnored if type is ExternalName.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/" type: "object" x-kubernetes-map-type: "atomic" sessionAffinity: - description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity.\nEnable client IP based session affinity.\nMust be ClientIP or None.\nDefaults to None.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" sessionAffinityConfig: description: "sessionAffinityConfig contains the configurations of session affinity." @@ -3772,38 +3799,38 @@ spec: description: "clientIP contains the configurations of Client IP based session affinity." properties: timeoutSeconds: - description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours)." + description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time.\nThe value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\".\nDefault value is 10800(for 3 hours)." format: "int32" type: "integer" type: "object" type: "object" type: - description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" + description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid\noptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.\n\"ClusterIP\" allocates a cluster-internal IP address for load-balancing\nto endpoints. Endpoints are determined by the selector or if that is not\nspecified, by manual construction of an Endpoints object or\nEndpointSlice objects. If clusterIP is \"None\", no virtual IP is\nallocated and the endpoints are published as a set of endpoints rather\nthan a virtual IP.\n\"NodePort\" builds on ClusterIP and allocates a port on every node which\nroutes to the same endpoints as the clusterIP.\n\"LoadBalancer\" builds on NodePort and creates an external load-balancer\n(if supported in the current cloud) which routes to the same endpoints\nas the clusterIP.\n\"ExternalName\" aliases this service to the specified externalName.\nSeveral other fields do not apply to ExternalName services.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" type: "string" type: "object" status: - description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "Most recently observed status of the service.\nPopulated by the system.\nRead-only.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: conditions: description: "Current service state" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -3816,7 +3843,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -3832,25 +3859,25 @@ spec: - "type" x-kubernetes-list-type: "map" loadBalancer: - description: "LoadBalancer contains the current status of the load-balancer, if one is present." + description: "LoadBalancer contains the current status of the load-balancer,\nif one is present." properties: ingress: - description: "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points." + description: "Ingress is a list containing ingress points for the load-balancer.\nTraffic intended for the service should be sent to these ingress points." items: - description: "LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point." + description: "LoadBalancerIngress represents the status of a load-balancer ingress point:\ntraffic intended for the service should be sent to an ingress point." properties: hostname: - description: "Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)" + description: "Hostname is set for load-balancer ingress points that are DNS based\n(typically AWS load-balancers)" type: "string" ip: - description: "IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)" + description: "IP is set for load-balancer ingress points that are IP based\n(typically GCE or OpenStack load-balancers)" type: "string" ports: - description: "Ports is a list of records of service ports If used, every port defined in the service should have an entry in it" + description: "Ports is a list of records of service ports\nIf used, every port defined in the service should have an entry in it" items: properties: error: - description: "Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "Error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase.\n---\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -3860,7 +3887,7 @@ spec: type: "integer" protocol: default: "TCP" - description: "Protocol is the protocol of the service port of which status is recorded here The supported values are: \"TCP\", \"UDP\", \"SCTP\"" + description: "Protocol is the protocol of the service port of which status is recorded here\nThe supported values are: \"TCP\", \"UDP\", \"SCTP\"" type: "string" required: - "port" @@ -3881,13 +3908,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -3898,7 +3925,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3907,7 +3934,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -3915,7 +3942,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -3932,24 +3959,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -3962,17 +3989,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -3983,23 +4010,23 @@ spec: tolerations: description: "Tolerations Kubernetes native `tolerations` specification." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -4009,21 +4036,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4035,35 +4062,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -4081,15 +4108,15 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." x-kubernetes-int-or-string: true partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0." + description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." format: "int32" type: "integer" type: "object" type: - description: "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate." + description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." type: "string" type: "object" volumeClaimTemplates: @@ -4098,13 +4125,13 @@ spec: description: "PersistentVolumeClaim is a user's request for and claim to a persistent volume" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -4124,18 +4151,18 @@ spec: type: "string" type: "object" spec: - description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "spec defines the desired characteristics of a volume requested by a pod author.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -4149,10 +4176,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -4161,22 +4188,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4192,7 +4219,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4201,7 +4228,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -4210,16 +4237,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4231,25 +4258,25 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" status: - description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "status represents the current information/status of a persistent volume claim.\nRead-only.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the actual access modes the volume backing the PVC has.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" @@ -4260,7 +4287,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -4272,7 +4299,7 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." items: description: "PersistentVolumeClaimCondition contains details about state of pvc" properties: @@ -4288,7 +4315,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -4304,7 +4331,7 @@ spec: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" resizeStatus: - description: "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "string" type: "object" type: "object" @@ -4315,22 +4342,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -4343,20 +4370,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -4374,13 +4401,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -4390,7 +4417,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -4406,7 +4433,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -4414,44 +4441,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -4460,11 +4487,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4472,11 +4499,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -4484,7 +4511,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4495,26 +4522,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -4523,7 +4550,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -4545,14 +4572,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -4577,27 +4604,27 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." properties: annotations: additionalProperties: @@ -4617,18 +4644,18 @@ spec: type: "string" type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -4642,10 +4669,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -4654,22 +4681,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -4685,7 +4712,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -4694,7 +4721,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -4703,16 +4730,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -4724,15 +4751,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -4746,14 +4773,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -4761,19 +4788,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -4781,13 +4808,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4798,36 +4825,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -4839,35 +4866,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -4876,39 +4903,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -4916,32 +4943,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -4950,7 +4977,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -4962,10 +4989,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -4977,7 +5004,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -4989,7 +5016,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -4997,11 +5024,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -5009,7 +5036,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -5038,14 +5065,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -5073,7 +5100,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -5081,11 +5108,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -5093,7 +5120,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -5104,14 +5131,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -5123,19 +5150,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -5145,38 +5172,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -5186,7 +5213,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -5195,13 +5222,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5209,7 +5236,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -5218,7 +5245,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -5226,14 +5253,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -5241,11 +5268,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -5256,38 +5283,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -5316,7 +5343,7 @@ spec: - "nodeType" - "runtime.properties" type: "object" - description: "Nodes a list of `Druid` Node types and their configurations. `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific `NodeSpec` level." + description: "Nodes a list of `Druid` Node types and their configurations.\n`DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific\n`NodeSpec` level." type: "object" podAnnotations: additionalProperties: @@ -5336,19 +5363,19 @@ spec: description: "PriorityClassName Kubernetes native `priorityClassName` specification." type: "string" readinessProbe: - description: "ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler." + description: "ReadinessProbe\nPort is set to `druid.port` if not specified with httpGet handler." properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5359,7 +5386,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5368,7 +5395,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5376,7 +5403,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5393,24 +5420,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5423,23 +5450,23 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" rollingDeploy: default: true - description: "RollingDeploy Whether to deploy the components in a rolling update as described in the documentation: https://druid.apache.org/docs/latest/operations/rolling-updates.html If set to true then operator checks the rollout status of previous version workloads before updating the next. This will be done only for update actions." + description: "RollingDeploy Whether to deploy the components in a rolling update as described in the documentation:\nhttps://druid.apache.org/docs/latest/operations/rolling-updates.html\nIf set to true then operator checks the rollout status of previous version workloads before updating the next.\nThis will be done only for update actions." type: "boolean" scalePvcSts: default: false @@ -5449,25 +5476,25 @@ spec: description: "PodSecurityContext" properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -5483,25 +5510,25 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust only be set if type is \"Localhost\"." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -5517,19 +5544,19 @@ spec: type: "object" type: "array" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nThis field is alpha-level and will only be honored by components that enable the\nWindowsHostProcessContainers feature flag. Setting this field without the feature\nflag will result in errors when validating the Pod. All of a Pod's containers must\nhave the same effective HostProcess value (it is not allowed to have a mix of HostProcess\ncontainers and non-HostProcess containers). In addition, if HostProcess is true\nthen HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -5539,16 +5566,16 @@ spec: services: description: "Services Kubernetes services to be created for each workload." items: - description: "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy." + description: "Service is a named abstraction of software service (for example, mysql) consisting of local port\n(for example 3306) that the proxy listens on, and the selector that determines which pods\nwill answer requests sent through the proxy." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -5568,72 +5595,72 @@ spec: type: "string" type: "object" spec: - description: "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "Spec defines the behavior of a service.\nhttps://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: allocateLoadBalancerNodePorts: - description: "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type." + description: "allocateLoadBalancerNodePorts defines if NodePorts will be automatically\nallocated for services with type LoadBalancer. Default is \"true\". It\nmay be set to \"false\" if the cluster load-balancer does not rely on\nNodePorts. If the caller requests specific NodePorts (by specifying a\nvalue), those requests will be respected, regardless of this field.\nThis field may only be set for services with type LoadBalancer and will\nbe cleared if the type is changed to any other type." type: "boolean" clusterIP: - description: "clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "clusterIP is the IP address of the service and is usually assigned\nrandomly. If an address is specified manually, is in-range (as per\nsystem configuration), and is not in use, it will be allocated to the\nservice; otherwise creation of the service will fail. This field may not\nbe changed through updates unless the type field is also being changed\nto ExternalName (which requires this field to be blank) or the type\nfield is being changed from ExternalName (in which case this field may\noptionally be specified, as describe above). Valid values are \"None\",\nempty string (\"\"), or a valid IP address. Setting this to \"None\" makes a\n\"headless service\" (no virtual IP), which is useful when direct endpoint\nconnections are preferred and proxying is not required. Only applies to\ntypes ClusterIP, NodePort, and LoadBalancer. If this field is specified\nwhen creating a Service of type ExternalName, creation will fail. This\nfield will be wiped when updating a Service to type ExternalName.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" clusterIPs: - description: "ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. \n This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "ClusterIPs is a list of IP addresses assigned to this service, and are\nusually assigned randomly. If an address is specified manually, is\nin-range (as per system configuration), and is not in use, it will be\nallocated to the service; otherwise creation of the service will fail.\nThis field may not be changed through updates unless the type field is\nalso being changed to ExternalName (which requires this field to be\nempty) or the type field is being changed from ExternalName (in which\ncase this field may optionally be specified, as describe above). Valid\nvalues are \"None\", empty string (\"\"), or a valid IP address. Setting\nthis to \"None\" makes a \"headless service\" (no virtual IP), which is\nuseful when direct endpoint connections are preferred and proxying is\nnot required. Only applies to types ClusterIP, NodePort, and\nLoadBalancer. If this field is specified when creating a Service of type\nExternalName, creation will fail. This field will be wiped when updating\na Service to type ExternalName. If this field is not specified, it will\nbe initialized from the clusterIP field. If this field is specified,\nclients must ensure that clusterIPs[0] and clusterIP have the same\nvalue.\n\n\nThis field may hold a maximum of two entries (dual-stack IPs, in either order).\nThese IPs must correspond to the values of the ipFamilies field. Both\nclusterIPs and ipFamilies are governed by the ipFamilyPolicy field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" items: type: "string" type: "array" x-kubernetes-list-type: "atomic" externalIPs: - description: "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system." + description: "externalIPs is a list of IP addresses for which nodes in the cluster\nwill also accept traffic for this service. These IPs are not managed by\nKubernetes. The user is responsible for ensuring that traffic arrives\nat a node with this IP. A common example is external load-balancers\nthat are not part of the Kubernetes system." items: type: "string" type: "array" externalName: - description: "externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\"." + description: "externalName is the external reference that discovery mechanisms will\nreturn as an alias for this service (e.g. a DNS CNAME record). No\nproxying will be involved. Must be a lowercase RFC-1123 hostname\n(https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\"." type: "string" externalTrafficPolicy: - description: "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node." + description: "externalTrafficPolicy describes how nodes distribute service traffic they\nreceive on one of the Service's \"externally-facing\" addresses (NodePorts,\nExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure\nthe service in a way that assumes that external load balancers will take care\nof balancing the service traffic between nodes, and so each node will deliver\ntraffic only to the node-local endpoints of the service, without masquerading\nthe client source IP. (Traffic mistakenly sent to a node with no endpoints will\nbe dropped.) The default value, \"Cluster\", uses the standard behavior of\nrouting to all endpoints evenly (possibly modified by topology and other\nfeatures). Note that traffic sent to an External IP or LoadBalancer IP from\nwithin the cluster will always get \"Cluster\" semantics, but clients sending to\na NodePort from within the cluster may need to take traffic policy into account\nwhen picking a node." type: "string" healthCheckNodePort: - description: "healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set." + description: "healthCheckNodePort specifies the healthcheck nodePort for the service.\nThis only applies when type is set to LoadBalancer and\nexternalTrafficPolicy is set to Local. If a value is specified, is\nin-range, and is not in use, it will be used. If not specified, a value\nwill be automatically allocated. External systems (e.g. load-balancers)\ncan use this port to determine if a given node holds endpoints for this\nservice or not. If this field is specified when creating a Service\nwhich does not need it, creation will fail. This field will be wiped\nwhen updating a Service to no longer need it (e.g. changing type).\nThis field cannot be updated once set." format: "int32" type: "integer" internalTrafficPolicy: - description: "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features)." + description: "InternalTrafficPolicy describes how nodes distribute service traffic they\nreceive on the ClusterIP. If set to \"Local\", the proxy will assume that pods\nonly want to talk to endpoints of the service on the same node as the pod,\ndropping the traffic if there are no local endpoints. The default value,\n\"Cluster\", uses the standard behavior of routing to all endpoints evenly\n(possibly modified by topology and other features)." type: "string" ipFamilies: - description: "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are \"IPv4\" and \"IPv6\". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to \"headless\" services. This field will be wiped when updating a Service to type ExternalName. \n This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field." + description: "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this\nservice. This field is usually assigned automatically based on cluster\nconfiguration and the ipFamilyPolicy field. If this field is specified\nmanually, the requested family is available in the cluster,\nand ipFamilyPolicy allows it, it will be used; otherwise creation of\nthe service will fail. This field is conditionally mutable: it allows\nfor adding or removing a secondary IP family, but it does not allow\nchanging the primary IP family of the Service. Valid values are \"IPv4\"\nand \"IPv6\". This field only applies to Services of types ClusterIP,\nNodePort, and LoadBalancer, and does apply to \"headless\" services.\nThis field will be wiped when updating a Service to type ExternalName.\n\n\nThis field may hold a maximum of two entries (dual-stack families, in\neither order). These families must correspond to the values of the\nclusterIPs field, if specified. Both clusterIPs and ipFamilies are\ngoverned by the ipFamilyPolicy field." items: - description: "IPFamily represents the IP Family (IPv4 or IPv6). This type is used to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies)." + description: "IPFamily represents the IP Family (IPv4 or IPv6). This type is used\nto express the family of an IP expressed by a type (e.g. service.spec.ipFamilies)." type: "string" type: "array" x-kubernetes-list-type: "atomic" ipFamilyPolicy: - description: "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName." + description: "IPFamilyPolicy represents the dual-stack-ness requested or required by\nthis Service. If there is no value provided, then this field will be set\nto SingleStack. Services can be \"SingleStack\" (a single IP family),\n\"PreferDualStack\" (two IP families on dual-stack configured clusters or\na single IP family on single-stack clusters), or \"RequireDualStack\"\n(two IP families on dual-stack configured clusters, otherwise fail). The\nipFamilies and clusterIPs fields depend on the value of this field. This\nfield will be wiped when updating a service to type ExternalName." type: "string" loadBalancerClass: - description: "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type." + description: "loadBalancerClass is the class of the load balancer implementation this Service belongs to.\nIf specified, the value of this field must be a label-style identifier, with an optional prefix,\ne.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users.\nThis field can only be set when the Service type is 'LoadBalancer'. If not set, the default load\nbalancer implementation is used, today this is typically done through the cloud provider integration,\nbut should apply for any default implementation. If set, it is assumed that a load balancer\nimplementation is watching for Services with a matching class. Any default load balancer\nimplementation (e.g. cloud providers) should ignore Services that set this field.\nThis field can only be set when creating or updating a Service to type 'LoadBalancer'.\nOnce set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type." type: "string" loadBalancerIP: - description: "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version." + description: "Only applies to Service Type: LoadBalancer.\nThis feature depends on whether the underlying cloud-provider supports specifying\nthe loadBalancerIP when a load balancer is created.\nThis field will be ignored if the cloud-provider does not support the feature.\nDeprecated: This field was under-specified and its meaning varies across implementations,\nand it cannot support dual-stack.\nAs of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available.\nThis field may be removed in a future API version." type: "string" loadBalancerSourceRanges: - description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/" + description: "If specified and supported by the platform, this will restrict traffic through the cloud-provider\nload-balancer will be restricted to the specified client IPs. This field will be ignored if the\ncloud-provider does not support the feature.\"\nMore info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/" items: type: "string" type: "array" ports: - description: "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "The list of ports that are exposed by this service.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" items: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: - description: "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service." + description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." type: "string" nodePort: - description: "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + description: "The port on each node on which this service is exposed when type is\nNodePort or LoadBalancer. Usually assigned by the system. If a value is\nspecified, in-range, and not in use it will be used, otherwise the\noperation will fail. If not specified, a port will be allocated if this\nService requires one. If this field is specified when creating a\nService which does not need it, creation will fail. This field will be\nwiped when updating a Service to no longer need it (e.g. changing type\nfrom NodePort to ClusterIP).\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" format: "int32" type: "integer" port: @@ -5642,13 +5669,13 @@ spec: type: "integer" protocol: default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP." + description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." type: "string" targetPort: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" + description: "Number or name of the port to access on the pods targeted by the service.\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.\nIf this is a string, it will be looked up as a named port in the\ntarget Pod's container ports. If this is not specified, the value\nof the 'port' field is used (an identity map).\nThis field is ignored for services with clusterIP=None, and should be\nomitted or set equal to the 'port' field.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" x-kubernetes-int-or-string: true required: - "port" @@ -5659,16 +5686,16 @@ spec: - "protocol" x-kubernetes-list-type: "map" publishNotReadyAddresses: - description: "publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered \"ready\" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior." + description: "publishNotReadyAddresses indicates that any agent which deals with endpoints for this\nService should disregard any indications of ready/not-ready.\nThe primary use case for setting this field is for a StatefulSet's Headless Service to\npropagate SRV DNS records for its Pods for the purpose of peer discovery.\nThe Kubernetes controllers that generate Endpoints and EndpointSlice resources for\nServices interpret this to mean that all endpoints are considered \"ready\" even if the\nPods themselves are not. Agents which consume only Kubernetes generated endpoints\nthrough the Endpoints or EndpointSlice resources can safely assume this behavior." type: "boolean" selector: additionalProperties: type: "string" - description: "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/" + description: "Route service traffic to pods with label keys and values matching this\nselector. If empty or not present, the service is assumed to have an\nexternal process managing its endpoints, which Kubernetes will not\nmodify. Only applies to types ClusterIP, NodePort, and LoadBalancer.\nIgnored if type is ExternalName.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/" type: "object" x-kubernetes-map-type: "atomic" sessionAffinity: - description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + description: "Supports \"ClientIP\" and \"None\". Used to maintain session affinity.\nEnable client IP based session affinity.\nMust be ClientIP or None.\nDefaults to None.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" type: "string" sessionAffinityConfig: description: "sessionAffinityConfig contains the configurations of session affinity." @@ -5677,38 +5704,38 @@ spec: description: "clientIP contains the configurations of Client IP based session affinity." properties: timeoutSeconds: - description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours)." + description: "timeoutSeconds specifies the seconds of ClientIP type session sticky time.\nThe value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\".\nDefault value is 10800(for 3 hours)." format: "int32" type: "integer" type: "object" type: "object" type: - description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" + description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid\noptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.\n\"ClusterIP\" allocates a cluster-internal IP address for load-balancing\nto endpoints. Endpoints are determined by the selector or if that is not\nspecified, by manual construction of an Endpoints object or\nEndpointSlice objects. If clusterIP is \"None\", no virtual IP is\nallocated and the endpoints are published as a set of endpoints rather\nthan a virtual IP.\n\"NodePort\" builds on ClusterIP and allocates a port on every node which\nroutes to the same endpoints as the clusterIP.\n\"LoadBalancer\" builds on NodePort and creates an external load-balancer\n(if supported in the current cloud) which routes to the same endpoints\nas the clusterIP.\n\"ExternalName\" aliases this service to the specified externalName.\nSeveral other fields do not apply to ExternalName services.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" type: "string" type: "object" status: - description: "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "Most recently observed status of the service.\nPopulated by the system.\nRead-only.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: conditions: description: "Current service state" items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -5721,7 +5748,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -5737,25 +5764,25 @@ spec: - "type" x-kubernetes-list-type: "map" loadBalancer: - description: "LoadBalancer contains the current status of the load-balancer, if one is present." + description: "LoadBalancer contains the current status of the load-balancer,\nif one is present." properties: ingress: - description: "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points." + description: "Ingress is a list containing ingress points for the load-balancer.\nTraffic intended for the service should be sent to these ingress points." items: - description: "LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point." + description: "LoadBalancerIngress represents the status of a load-balancer ingress point:\ntraffic intended for the service should be sent to an ingress point." properties: hostname: - description: "Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)" + description: "Hostname is set for load-balancer ingress points that are DNS based\n(typically AWS load-balancers)" type: "string" ip: - description: "IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)" + description: "IP is set for load-balancer ingress points that are IP based\n(typically GCE or OpenStack load-balancers)" type: "string" ports: - description: "Ports is a list of records of service ports If used, every port defined in the service should have an entry in it" + description: "Ports is a list of records of service ports\nIf used, every port defined in the service should have an entry in it" items: properties: error: - description: "Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "Error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase.\n---\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -5765,7 +5792,7 @@ spec: type: "integer" protocol: default: "TCP" - description: "Protocol is the protocol of the service port of which status is recorded here The supported values are: \"TCP\", \"UDP\", \"SCTP\"" + description: "Protocol is the protocol of the service port of which status is recorded here\nThe supported values are: \"TCP\", \"UDP\", \"SCTP\"" type: "string" required: - "port" @@ -5790,13 +5817,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -5807,7 +5834,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5816,7 +5843,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -5824,7 +5851,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -5841,24 +5868,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -5871,40 +5898,40 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" tolerations: description: "Tolerations Kubernetes native `tolerations` specification." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -5918,15 +5945,15 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." x-kubernetes-int-or-string: true partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0." + description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." format: "int32" type: "integer" type: "object" type: - description: "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate." + description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." type: "string" type: "object" volumeClaimTemplates: @@ -5935,13 +5962,13 @@ spec: description: "PersistentVolumeClaim is a user's request for and claim to a persistent volume" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -5961,18 +5988,18 @@ spec: type: "string" type: "object" spec: - description: "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "spec defines the desired characteristics of a volume requested by a pod author.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -5986,10 +6013,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -5998,22 +6025,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -6029,7 +6056,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6038,7 +6065,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -6047,16 +6074,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6068,25 +6095,25 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." type: "string" type: "object" status: - description: "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "status represents the current information/status of a persistent volume claim.\nRead-only.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: accessModes: - description: "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the actual access modes the volume backing the PVC has.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" @@ -6097,7 +6124,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may\nbe larger than the actual capacity when a volume expansion operation is requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources is used.\nIf allocatedResources is not set, PVC.spec.resources alone is used for quota calculation.\nIf a volume expansion capacity request is lowered, allocatedResources is only\nlowered if there are no expansion operations in progress and if the actual volume capacity\nis equal or lower than the requested capacity.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "object" capacity: additionalProperties: @@ -6109,7 +6136,7 @@ spec: description: "capacity represents the actual resources of the underlying volume." type: "object" conditions: - description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'." + description: "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being\nresized then the Condition will be set to 'ResizeStarted'." items: description: "PersistentVolumeClaimCondition contains details about state of pvc" properties: @@ -6125,7 +6152,7 @@ spec: description: "message is the human-readable message indicating details about last transition." type: "string" reason: - description: "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized." + description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"ResizeStarted\" that means the underlying\npersistent volume is being resized." type: "string" status: type: "string" @@ -6141,7 +6168,7 @@ spec: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" resizeStatus: - description: "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." + description: "resizeStatus stores status of resize operation.\nResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty\nstring by resize controller or kubelet.\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: "string" type: "object" type: "object" @@ -6152,22 +6179,22 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -6180,20 +6207,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -6211,13 +6238,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -6227,7 +6254,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -6243,7 +6270,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -6251,44 +6278,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -6297,11 +6324,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6309,11 +6336,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6321,7 +6348,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6332,26 +6359,26 @@ spec: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -6360,7 +6387,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -6382,14 +6409,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -6414,27 +6441,27 @@ spec: type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." properties: annotations: additionalProperties: @@ -6454,18 +6481,18 @@ spec: type: "string" type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6479,10 +6506,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -6491,22 +6518,22 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -6522,7 +6549,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -6531,7 +6558,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -6540,16 +6567,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -6561,15 +6588,15 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -6583,14 +6610,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -6598,19 +6625,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -6618,13 +6645,13 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6635,36 +6662,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -6676,35 +6703,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -6713,39 +6740,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -6753,32 +6780,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -6787,7 +6814,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -6799,10 +6826,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -6814,7 +6841,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -6826,7 +6853,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6834,11 +6861,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6846,7 +6873,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6875,14 +6902,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -6910,7 +6937,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -6918,11 +6945,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -6930,7 +6957,7 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -6941,14 +6968,14 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -6960,19 +6987,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -6982,38 +7009,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -7023,7 +7050,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -7032,13 +7059,13 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -7046,7 +7073,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -7055,7 +7082,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -7063,14 +7090,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -7078,11 +7105,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -7093,38 +7120,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -7145,13 +7172,13 @@ spec: workloadAnnotations: additionalProperties: type: "string" - description: "WorkloadAnnotations annotations to be populated in StatefulSet or Deployment spec. if the same key is specified at both the DruidNodeSpec level and DruidSpec level, the DruidNodeSpec WorkloadAnnotations will take precedence." + description: "WorkloadAnnotations annotations to be populated in StatefulSet or Deployment spec.\nif the same key is specified at both the DruidNodeSpec level and DruidSpec level, the DruidNodeSpec WorkloadAnnotations will take precedence." type: "object" zookeeper: description: "Zookeeper IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator." properties: spec: - description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding." + description: "RawMessage is a raw encoded JSON value.\nIt implements [Marshaler] and [Unmarshaler] and can\nbe used to delay JSON decoding or precompute a JSON encoding." format: "byte" type: "string" type: @@ -7176,7 +7203,7 @@ spec: type: "string" type: "array" druidNodeStatus: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"make\" to regenerate code after modifying this file" + description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" properties: druidNode: type: "string" diff --git a/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1/valssecrets.yaml b/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1/valssecrets.yaml index e142fe477..7dda5a03b 100644 --- a/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1/valssecrets.yaml +++ b/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1/valssecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "valssecrets.digitalis.io" spec: group: "digitalis.io" @@ -19,10 +19,10 @@ spec: description: "ValsSecret is the Schema for the valssecrets API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: description: "Encoding type for the secret. Only base64 supported. Optional" type: "string" ref: - description: "Ref value to the secret in the format ref+backend://path https://github.com/helmfile/vals" + description: "Ref value to the secret in the format ref+backend://path\nhttps://github.com/helmfile/vals" type: "string" required: - "ref" @@ -94,6 +94,21 @@ spec: type: "array" name: type: "string" + rollout: + items: + description: "RolloutTarget sets up what deployment or sts to restart" + properties: + kind: + description: "Kind is either Deployment, Pod or StatefulSet" + type: "string" + name: + description: "Name is the object name" + type: "string" + required: + - "kind" + - "name" + type: "object" + type: "array" template: additionalProperties: type: "string" diff --git a/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1beta1/dbsecrets.yaml b/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1beta1/dbsecrets.yaml index 09164525f..b881d9a01 100644 --- a/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1beta1/dbsecrets.yaml +++ b/crd-catalog/digitalis-io/vals-operator/digitalis.io/v1beta1/dbsecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.10.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "dbsecrets.digitalis.io" spec: group: "digitalis.io" @@ -19,10 +19,10 @@ spec: description: "DbSecret is the Schema for the dbsecrets API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml index 5f7a97adc..1af8b0007 100644 --- a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml +++ b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml @@ -705,7 +705,7 @@ spec: description: "External devfile registries configuration." properties: url: - description: "The public UR of the devfile registry that serves sample ready-to-use devfiles." + description: "The public URL of the devfile registry that serves sample ready-to-use devfiles." type: "string" type: "object" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/authservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/authservices.yaml index 875af259d..748d09cd3 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/authservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/authservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "authservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "AuthService is the Schema for the authservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -60,7 +60,7 @@ spec: type: "string" type: "array" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/consulresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/consulresolvers.yaml index e5f095617..c7c10aca0 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/consulresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/consulresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "consulresolvers.getambassador.io" spec: conversion: @@ -33,20 +33,20 @@ spec: description: "ConsulResolver is the Schema for the ConsulResolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "ConsulResolver tells Ambassador to use Consul to resolve services. In addition to the AmbassadorID, it needs information about which Consul server and DC to use." + description: "ConsulResolver tells Ambassador to use Consul to resolve services. In addition\nto the AmbassadorID, it needs information about which Consul server and DC to\nuse." properties: address: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/devportals.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/devportals.yaml index 64bca785b..e10b0b8b6 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/devportals.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/devportals.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "devportals.getambassador.io" spec: conversion: @@ -30,13 +30,13 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "DevPortal is the Schema for the DevPortals API \n DevPortal resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what` is in a DevPortal can be controlled with \n - a `selector`, that can be used for filtering `Mappings`. \n - a `docs` listing of (services, url) \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository with go-templates/markdown/css). \n Multiple `DevPortal`s can exist in the cluster, and the Dev Portal server will show them at different endpoints. A `DevPortal` resource with a special name, `ambassador`, will be used for configuring the default Dev Portal (served at `/docs/` by default)." + description: "DevPortal is the Schema for the DevPortals API\n\nDevPortal resources specify the `what` and `how` is shown in a DevPortal:\n\n 1. `what` is in a DevPortal can be controlled with\n\n - a `selector`, that can be used for filtering `Mappings`.\n\n - a `docs` listing of (services, url)\n\n 2. `how` is a pointer to some `contents` (a checkout of a Git repository\n with go-templates/markdown/css).\n\nMultiple `DevPortal`s can exist in the cluster, and the Dev Portal server\nwill show them at different endpoints. A `DevPortal` resource with a special\nname, `ambassador`, will be used for configuring the default Dev Portal\n(served at `/docs/` by default)." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "DevPortalSpec defines the desired state of DevPortal" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: @@ -66,13 +66,13 @@ spec: docs: description: "Docs is a static docs definition" items: - description: "DevPortalDocsSpec is a static documentation definition: instead of using a Selector for finding documentation for services, users can provide a static list of : tuples. These services will be shown in the Dev Portal with the documentation obtained from this URL." + description: "DevPortalDocsSpec is a static documentation definition:\ninstead of using a Selector for finding documentation for services,\nusers can provide a static list of : tuples. These services\nwill be shown in the Dev Portal with the documentation obtained from\nthis URL." properties: service: description: "Service is the service being documented" type: "string" timeout_ms: - description: "Timeout specifies the amount of time devportal will wait for the downstream service to report an openapi spec back" + description: "Timeout specifies the amount of time devportal will wait\nfor the downstream service to report an openapi spec back" type: "integer" url: description: "URL is the URL used for obtaining docs" @@ -86,7 +86,7 @@ spec: - "name.prefix" type: "string" preserve_servers: - description: "Configures this DevPortal to use server definitions from the openAPI doc instead of rewriting them based on the url used for the connection." + description: "Configures this DevPortal to use server definitions from the openAPI doc instead of\nrewriting them based on the url used for the connection." type: "boolean" search: description: "DevPortalSearchSpec allows configuration over search functionality for the DevPortal" @@ -94,7 +94,7 @@ spec: enabled: type: "boolean" type: - description: "Type of search. \"title-only\" does a fuzzy search over openapi and page titles \"all-content\" will fuzzy search over all openapi and page content. \"title-only\" is the default. warning: using all-content may incur a larger memory footprint" + description: "Type of search.\n\"title-only\" does a fuzzy search over openapi and page titles\n\"all-content\" will fuzzy search over all openapi and page content.\n\"title-only\" is the default.\nwarning: using all-content may incur a larger memory footprint" enum: - "title-only" - "all-content" @@ -106,10 +106,10 @@ spec: matchLabels: additionalProperties: type: "string" - description: "MatchLabels specifies the list of labels that must be present in Mappings for being present in this DevPortal." + description: "MatchLabels specifies the list of labels that must be present\nin Mappings for being present in this DevPortal." type: "object" matchNamespaces: - description: "MatchNamespaces is a list of namespaces that will be included in this DevPortal." + description: "MatchNamespaces is a list of namespaces that will be included in\nthis DevPortal." items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesendpointresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesendpointresolvers.yaml index 3882a0b79..098ddd699 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesendpointresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesendpointresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubernetesendpointresolvers.getambassador.io" spec: conversion: @@ -33,18 +33,18 @@ spec: description: "KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints resources to resolve services. It actually has no spec other than the AmbassadorID." + description: "KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints\nresources to resolve services. It actually has no spec other than the\nAmbassadorID." properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesserviceresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesserviceresolvers.yaml index 6e39823e3..777e4bff6 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesserviceresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/kubernetesserviceresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubernetesserviceresolvers.getambassador.io" spec: conversion: @@ -33,18 +33,18 @@ spec: description: "KubernetesServiceResolver is the Schema for the kubernetesserviceresolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "KubernetesServiceResolver tells Ambassador to use Kubernetes Service resources to resolve services. It actually has no spec other than the AmbassadorID." + description: "KubernetesServiceResolver tells Ambassador to use Kubernetes Service\nresources to resolve services. It actually has no spec other than the\nAmbassadorID." properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/logservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/logservices.yaml index aaee50f56..444c8d19d 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/logservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/logservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "logservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "LogService is the Schema for the logservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "LogServiceSpec defines the desired state of LogService" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/mappings.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/mappings.yaml index fc4da1b55..e61a508e6 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/mappings.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/mappings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "mappings.getambassador.io" spec: conversion: @@ -49,10 +49,10 @@ spec: description: "Mapping is the Schema for the mappings API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -74,12 +74,12 @@ spec: - type: "object" type: "object" allow_upgrade: - description: "A case-insensitive list of the non-HTTP protocols to allow \"upgrading\" to from HTTP via the \"Connection: upgrade\" mechanism[1]. After the upgrade, Ambassador does not interpret the traffic, and behaves similarly to how it does for TCPMappings. \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example, if your upstream service supports WebSockets, you would write \n allow_upgrade: - websocket \n Or if your upstream service supports upgrading from HTTP to SPDY (as the Kubernetes apiserver does for `kubectl exec` functionality), you would write \n allow_upgrade: - spdy/3.1" + description: "A case-insensitive list of the non-HTTP protocols to allow\n\"upgrading\" to from HTTP via the \"Connection: upgrade\"\nmechanism[1]. After the upgrade, Ambassador does not\ninterpret the traffic, and behaves similarly to how it does\nfor TCPMappings.\n\n[1]: https://tools.ietf.org/html/rfc7230#section-6.7\n\nFor example, if your upstream service supports WebSockets,\nyou would write\n\n allow_upgrade:\n - websocket\n\nOr if your upstream service supports upgrading from HTTP to\nSPDY (as the Kubernetes apiserver does for `kubectl exec`\nfunctionality), you would write\n\n allow_upgrade:\n - spdy/3.1" items: type: "string" type: "array" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: @@ -129,14 +129,14 @@ spec: credentials: type: "boolean" exposed_headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: - type: "string" - type: "array" headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: @@ -145,7 +145,7 @@ spec: max_age: type: "string" methods: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: @@ -159,7 +159,7 @@ spec: dns_type: type: "string" docs: - description: "DocsInfo provides some extra information about the docs for the Mapping (used by the Dev Portal)" + description: "DocsInfo provides some extra information about the docs for the Mapping\n(used by the Dev Portal)" properties: display_name: type: "string" @@ -180,7 +180,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true error_response_overrides: - description: "Error response overrides for this Mapping. Replaces all of the `error_response_overrides` set on the Ambassador module, if any." + description: "Error response overrides for this Mapping. Replaces all of the `error_response_overrides`\nset on the Ambassador module, if any." items: description: "A response rewrite for an HTTP error response" properties: @@ -188,18 +188,18 @@ spec: description: "The new response body" properties: content_type: - description: "The content type to set on the error response body when using text_format or text_format_source. Defaults to 'text/plain'." + description: "The content type to set on the error response body when\nusing text_format or text_format_source. Defaults to 'text/plain'." type: "string" json_format: additionalProperties: type: "string" - description: "A JSON response with content-type: application/json. The values can contain format text like in text_format." + description: "A JSON response with content-type: application/json. The values can\ncontain format text like in text_format." type: "object" text_format: - description: "A format string representing a text response body. Content-Type can be set using the `content_type` field below." + description: "A format string representing a text response body.\nContent-Type can be set using the `content_type` field below." type: "string" text_format_source: - description: "A format string sourced from a file on the Ambassador container. Useful for larger response bodies that should not be placed inline in configuration." + description: "A format string sourced from a file on the Ambassador container.\nUseful for larger response bodies that should not be placed inline\nin configuration." properties: filename: description: "The name of a file on the Ambassador pod that contains a format text string." @@ -249,18 +249,18 @@ spec: description: "A MappingLabelGroupsArray is an array of MappingLabelGroups. I know, complex." items: additionalProperties: - description: "A MappingLabelsArray is the value in the MappingLabelGroup: an array of label specifiers." + description: "A MappingLabelsArray is the value in the MappingLabelGroup: an array of label\nspecifiers." items: oneOf: - type: "string" - type: "object" type: "array" - description: "A MappingLabelGroup is a single element of a MappingLabelGroupsArray: a second map, where the key is a human-readable name that identifies the group." + description: "A MappingLabelGroup is a single element of a MappingLabelGroupsArray: a second\nmap, where the key is a human-readable name that identifies the group." maxProperties: 1 minProperties: 1 type: "object" type: "array" - description: "A DomainMap is the overall Mapping.spec.Labels type. It maps domains (kind of like namespaces for Mapping labels) to arrays of label groups." + description: "A DomainMap is the overall Mapping.spec.Labels type. It maps domains (kind of\nlike namespaces for Mapping labels) to arrays of label groups." type: "object" load_balancer: properties: @@ -323,7 +323,7 @@ spec: - type: "boolean" type: "object" redirect_response_code: - description: "The response code to use when generating an HTTP redirect. Defaults to 301. Used with `host_redirect`." + description: "The response code to use when generating an HTTP redirect. Defaults to 301. Used with\n`host_redirect`." enum: - 301 - 302 @@ -355,14 +355,14 @@ spec: type: "string" type: "object" remove_request_headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: - type: "string" - type: "array" remove_response_headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: @@ -402,7 +402,7 @@ spec: - type: "string" - type: "boolean" use_websocket: - description: "use_websocket is deprecated, and is equivlaent to setting `allow_upgrade: [\"websocket\"]`" + description: "use_websocket is deprecated, and is equivlaent to setting\n`allow_upgrade: [\"websocket\"]`" type: "boolean" v3StatsName: type: "string" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/modules.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/modules.yaml index d365d0005..f3e19e792 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/modules.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/modules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "modules.getambassador.io" spec: conversion: @@ -30,20 +30,20 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "A Module defines system-wide configuration. The type of module is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\". \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated" + description: "A Module defines system-wide configuration. The type of module is\ncontrolled by the .metadata.name; valid names are \"ambassador\" or\n\"tls\".\n\nhttps://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module\nhttps://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/ratelimitservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/ratelimitservices.yaml index 55a4c1d34..3b3200fcf 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/ratelimitservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/ratelimitservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "ratelimitservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "RateLimitService is the Schema for the ratelimitservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -53,7 +53,7 @@ spec: domain: type: "string" failure_mode_deny: - description: "FailureModeDeny when set to true, envoy will deny traffic if it is unable to communicate with the rate limit service." + description: "FailureModeDeny when set to true, envoy will deny traffic if it\nis unable to communicate with the rate limit service." type: "boolean" protocol_version: enum: @@ -71,7 +71,7 @@ spec: v3GRPC: properties: use_resource_exhausted_code: - description: "UseResourceExhaustedCode, when set to true, will cause envoy to return a `RESOURCE_EXHAUSTED` gRPC code instead of the default `UNAVAILABLE` gRPC code." + description: "UseResourceExhaustedCode, when set to true, will cause envoy\nto return a `RESOURCE_EXHAUSTED` gRPC code instead of the default\n`UNAVAILABLE` gRPC code." type: "boolean" type: "object" v3StatsName: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tcpmappings.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tcpmappings.yaml index 509ba848b..6aa6d0069 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tcpmappings.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tcpmappings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tcpmappings.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TCPMapping is the Schema for the tcpmappings API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: address: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tlscontexts.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tlscontexts.yaml index c64c32c7c..4daf78944 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tlscontexts.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tlscontexts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tlscontexts.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TLSContext is the Schema for the tlscontexts API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: alpn_protocols: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tracingservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tracingservices.yaml index b1c29d2ab..b84eae869 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tracingservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v1/tracingservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tracingservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TracingService is the Schema for the tracingservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "TracingServiceSpec defines the desired state of TracingService" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: @@ -109,7 +109,7 @@ spec: description: "TracingCustomTag provides a data structure for capturing envoy's `type.tracing.v3.CustomTag`" properties: environment: - description: "Environment explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Environment explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: default_value: type: "string" @@ -119,7 +119,7 @@ spec: - "name" type: "object" literal: - description: "Literal explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Literal explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: value: type: "string" @@ -127,7 +127,7 @@ spec: - "value" type: "object" request_header: - description: "Header explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Header explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: default_value: type: "string" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/authservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/authservices.yaml index f15eabd2a..8db9eeeff 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/authservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/authservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "authservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "AuthService is the Schema for the authservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -60,7 +60,7 @@ spec: type: "string" type: "array" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/consulresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/consulresolvers.yaml index 254c80d07..d9d5d8451 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/consulresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/consulresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "consulresolvers.getambassador.io" spec: conversion: @@ -33,20 +33,20 @@ spec: description: "ConsulResolver is the Schema for the ConsulResolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "ConsulResolver tells Ambassador to use Consul to resolve services. In addition to the AmbassadorID, it needs information about which Consul server and DC to use." + description: "ConsulResolver tells Ambassador to use Consul to resolve services. In addition\nto the AmbassadorID, it needs information about which Consul server and DC to\nuse." properties: address: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/devportals.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/devportals.yaml index d20bc18de..fb6854dda 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/devportals.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/devportals.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "devportals.getambassador.io" spec: conversion: @@ -30,13 +30,13 @@ spec: - name: "v2" schema: openAPIV3Schema: - description: "DevPortal is the Schema for the DevPortals API \n DevPortal resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what` is in a DevPortal can be controlled with \n - a `selector`, that can be used for filtering `Mappings`. \n - a `docs` listing of (services, url) \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository with go-templates/markdown/css). \n Multiple `DevPortal`s can exist in the cluster, and the Dev Portal server will show them at different endpoints. A `DevPortal` resource with a special name, `ambassador`, will be used for configuring the default Dev Portal (served at `/docs/` by default)." + description: "DevPortal is the Schema for the DevPortals API\n\nDevPortal resources specify the `what` and `how` is shown in a DevPortal:\n\n 1. `what` is in a DevPortal can be controlled with\n\n - a `selector`, that can be used for filtering `Mappings`.\n\n - a `docs` listing of (services, url)\n\n 2. `how` is a pointer to some `contents` (a checkout of a Git repository\n with go-templates/markdown/css).\n\nMultiple `DevPortal`s can exist in the cluster, and the Dev Portal server\nwill show them at different endpoints. A `DevPortal` resource with a special\nname, `ambassador`, will be used for configuring the default Dev Portal\n(served at `/docs/` by default)." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "DevPortalSpec defines the desired state of DevPortal" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: @@ -66,13 +66,13 @@ spec: docs: description: "Docs is a static docs definition" items: - description: "DevPortalDocsSpec is a static documentation definition: instead of using a Selector for finding documentation for services, users can provide a static list of : tuples. These services will be shown in the Dev Portal with the documentation obtained from this URL." + description: "DevPortalDocsSpec is a static documentation definition:\ninstead of using a Selector for finding documentation for services,\nusers can provide a static list of : tuples. These services\nwill be shown in the Dev Portal with the documentation obtained from\nthis URL." properties: service: description: "Service is the service being documented" type: "string" timeout_ms: - description: "Timeout specifies the amount of time devportal will wait for the downstream service to report an openapi spec back" + description: "Timeout specifies the amount of time devportal will wait\nfor the downstream service to report an openapi spec back" type: "integer" url: description: "URL is the URL used for obtaining docs" @@ -86,7 +86,7 @@ spec: - "name.prefix" type: "string" preserve_servers: - description: "Configures this DevPortal to use server definitions from the openAPI doc instead of rewriting them based on the url used for the connection." + description: "Configures this DevPortal to use server definitions from the openAPI doc instead of\nrewriting them based on the url used for the connection." type: "boolean" search: description: "DevPortalSearchSpec allows configuration over search functionality for the DevPortal" @@ -94,7 +94,7 @@ spec: enabled: type: "boolean" type: - description: "Type of search. \"title-only\" does a fuzzy search over openapi and page titles \"all-content\" will fuzzy search over all openapi and page content. \"title-only\" is the default. warning: using all-content may incur a larger memory footprint" + description: "Type of search.\n\"title-only\" does a fuzzy search over openapi and page titles\n\"all-content\" will fuzzy search over all openapi and page content.\n\"title-only\" is the default.\nwarning: using all-content may incur a larger memory footprint" enum: - "title-only" - "all-content" @@ -106,10 +106,10 @@ spec: matchLabels: additionalProperties: type: "string" - description: "MatchLabels specifies the list of labels that must be present in Mappings for being present in this DevPortal." + description: "MatchLabels specifies the list of labels that must be present\nin Mappings for being present in this DevPortal." type: "object" matchNamespaces: - description: "MatchNamespaces is a list of namespaces that will be included in this DevPortal." + description: "MatchNamespaces is a list of namespaces that will be included in\nthis DevPortal." items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/hosts.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/hosts.yaml index d651529ef..8f43e8ae0 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/hosts.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/hosts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "hosts.getambassador.io" spec: conversion: @@ -49,10 +49,10 @@ spec: description: "Host is the Schema for the hosts API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -63,16 +63,16 @@ spec: description: "Specifies whether/who to talk ACME with to automatically manage the $tlsSecret." properties: authority: - description: "Specifies who to talk ACME with to get certs. Defaults to Let's Encrypt; if \"none\" (case-insensitive), do not try to do ACME for this Host." + description: "Specifies who to talk ACME with to get certs. Defaults to Let's\nEncrypt; if \"none\" (case-insensitive), do not try to do ACME for\nthis Host." type: "string" email: type: "string" privateKeySecret: - description: "Specifies the Kubernetes Secret to use to store the private key of the ACME account (essentially, where to store the auto-generated password for the auto-created ACME account). You should not normally need to set this--the default value is based on a combination of the ACME authority being registered wit and the email address associated with the account. \n Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." + description: "Specifies the Kubernetes Secret to use to store the private key of the ACME\naccount (essentially, where to store the auto-generated password for the\nauto-created ACME account). You should not normally need to set this--the\ndefault value is based on a combination of the ACME authority being registered\nwit and the email address associated with the account.\n\nNote that this is a native-Kubernetes-style core.v1.LocalObjectReference, not\nan Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it\ndoes not support referencing a Secret in another namespace (because most native\nKubernetes resources don't support that), but if we ever abandon that opinion\nand decide to support non-local references it, it would be by adding a\n`namespace:` field by changing it from a core.v1.LocalObjectReference to a\ncore.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." properties: name: default: "" - description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -81,7 +81,7 @@ spec: type: "string" type: "object" ambassadorId: - description: "A compatibility alias for \"ambassador_id\"; because Host used to be specified with protobuf, and jsonpb allowed either \"ambassador_id\" or \"ambassadorId\", and even though we didn't tell people about \"ambassadorId\" it's what the web policy console generated because of jsonpb. So Hosts with 'ambassadorId' exist in the wild." + description: "A compatibility alias for \"ambassador_id\"; because Host\nused to be specified with protobuf, and jsonpb allowed\neither \"ambassador_id\" or \"ambassadorId\", and even though\nwe didn't tell people about \"ambassadorId\" it's what the\nweb policy console generated because of jsonpb. So Hosts\nwith 'ambassadorId' exist in the wild." items: type: "string" oneOf: @@ -130,16 +130,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -153,12 +153,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" tls: - description: "TLS configuration. It is not valid to specify both `tlsContext` and `tls`." + description: "TLS configuration. It is not valid to specify both\n`tlsContext` and `tls`." properties: alpn_protocols: type: "string" @@ -192,16 +192,16 @@ spec: type: "string" type: "object" tlsContext: - description: "Name of the TLSContext the Host resource is linked with. It is not valid to specify both `tlsContext` and `tls`. \n Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." + description: "Name of the TLSContext the Host resource is linked with.\nIt is not valid to specify both `tlsContext` and `tls`.\n\nNote that this is a native-Kubernetes-style core.v1.LocalObjectReference, not\nan Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it\ndoes not support referencing a Secret in another namespace (because most native\nKubernetes resources don't support that), but if we ever abandon that opinion\nand decide to support non-local references it, it would be by adding a\n`namespace:` field by changing it from a core.v1.LocalObjectReference to a\ncore.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." properties: name: default: "" - description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" tlsSecret: - description: "Name of the Kubernetes secret into which to save generated certificates. If ACME is enabled (see $acmeProvider), then the default is $hostname; otherwise the default is \"\". If the value is \"\", then we do not do TLS for this Host." + description: "Name of the Kubernetes secret into which to save generated\ncertificates. If ACME is enabled (see $acmeProvider), then the\ndefault is $hostname; otherwise the default is \"\". If the value\nis \"\", then we do not do TLS for this Host." properties: name: description: "name is unique within a namespace to reference a secret resource." @@ -224,7 +224,7 @@ spec: format: "date-time" type: "string" phaseCompleted: - description: "phaseCompleted and phasePending are valid when state==Pending or state==Error." + description: "phaseCompleted and phasePending are valid when state==Pending or\nstate==Error." enum: - "NA" - "DefaultsFilled" @@ -233,7 +233,7 @@ spec: - "ACMECertificateChallenge" type: "string" phasePending: - description: "phaseCompleted and phasePending are valid when state==Pending or state==Error." + description: "phaseCompleted and phasePending are valid when state==Pending or\nstate==Error." enum: - "NA" - "DefaultsFilled" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesendpointresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesendpointresolvers.yaml index 8a72d1319..f214af21d 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesendpointresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesendpointresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubernetesendpointresolvers.getambassador.io" spec: conversion: @@ -33,18 +33,18 @@ spec: description: "KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints resources to resolve services. It actually has no spec other than the AmbassadorID." + description: "KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints\nresources to resolve services. It actually has no spec other than the\nAmbassadorID." properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesserviceresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesserviceresolvers.yaml index 5defabeaa..10434561a 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesserviceresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/kubernetesserviceresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubernetesserviceresolvers.getambassador.io" spec: conversion: @@ -33,18 +33,18 @@ spec: description: "KubernetesServiceResolver is the Schema for the kubernetesserviceresolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "KubernetesServiceResolver tells Ambassador to use Kubernetes Service resources to resolve services. It actually has no spec other than the AmbassadorID." + description: "KubernetesServiceResolver tells Ambassador to use Kubernetes Service\nresources to resolve services. It actually has no spec other than the\nAmbassadorID." properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/logservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/logservices.yaml index 73288c226..f265c4b4c 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/logservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/logservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "logservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "LogService is the Schema for the logservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "LogServiceSpec defines the desired state of LogService" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/mappings.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/mappings.yaml index d3bdddbb0..a885c6c83 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/mappings.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/mappings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "mappings.getambassador.io" spec: conversion: @@ -49,10 +49,10 @@ spec: description: "Mapping is the Schema for the mappings API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -74,12 +74,12 @@ spec: - type: "object" type: "object" allow_upgrade: - description: "A case-insensitive list of the non-HTTP protocols to allow \"upgrading\" to from HTTP via the \"Connection: upgrade\" mechanism[1]. After the upgrade, Ambassador does not interpret the traffic, and behaves similarly to how it does for TCPMappings. \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example, if your upstream service supports WebSockets, you would write \n allow_upgrade: - websocket \n Or if your upstream service supports upgrading from HTTP to SPDY (as the Kubernetes apiserver does for `kubectl exec` functionality), you would write \n allow_upgrade: - spdy/3.1" + description: "A case-insensitive list of the non-HTTP protocols to allow\n\"upgrading\" to from HTTP via the \"Connection: upgrade\"\nmechanism[1]. After the upgrade, Ambassador does not\ninterpret the traffic, and behaves similarly to how it does\nfor TCPMappings.\n\n[1]: https://tools.ietf.org/html/rfc7230#section-6.7\n\nFor example, if your upstream service supports WebSockets,\nyou would write\n\n allow_upgrade:\n - websocket\n\nOr if your upstream service supports upgrading from HTTP to\nSPDY (as the Kubernetes apiserver does for `kubectl exec`\nfunctionality), you would write\n\n allow_upgrade:\n - spdy/3.1" items: type: "string" type: "array" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: @@ -129,14 +129,14 @@ spec: credentials: type: "boolean" exposed_headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: - type: "string" - type: "array" headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: @@ -145,7 +145,7 @@ spec: max_age: type: "string" methods: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: @@ -159,7 +159,7 @@ spec: dns_type: type: "string" docs: - description: "DocsInfo provides some extra information about the docs for the Mapping (used by the Dev Portal)" + description: "DocsInfo provides some extra information about the docs for the Mapping\n(used by the Dev Portal)" properties: display_name: type: "string" @@ -180,7 +180,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true error_response_overrides: - description: "Error response overrides for this Mapping. Replaces all of the `error_response_overrides` set on the Ambassador module, if any." + description: "Error response overrides for this Mapping. Replaces all of the `error_response_overrides`\nset on the Ambassador module, if any." items: description: "A response rewrite for an HTTP error response" properties: @@ -188,18 +188,18 @@ spec: description: "The new response body" properties: content_type: - description: "The content type to set on the error response body when using text_format or text_format_source. Defaults to 'text/plain'." + description: "The content type to set on the error response body when\nusing text_format or text_format_source. Defaults to 'text/plain'." type: "string" json_format: additionalProperties: type: "string" - description: "A JSON response with content-type: application/json. The values can contain format text like in text_format." + description: "A JSON response with content-type: application/json. The values can\ncontain format text like in text_format." type: "object" text_format: - description: "A format string representing a text response body. Content-Type can be set using the `content_type` field below." + description: "A format string representing a text response body.\nContent-Type can be set using the `content_type` field below." type: "string" text_format_source: - description: "A format string sourced from a file on the Ambassador container. Useful for larger response bodies that should not be placed inline in configuration." + description: "A format string sourced from a file on the Ambassador container.\nUseful for larger response bodies that should not be placed inline\nin configuration." properties: filename: description: "The name of a file on the Ambassador pod that contains a format text string." @@ -249,18 +249,18 @@ spec: description: "A MappingLabelGroupsArray is an array of MappingLabelGroups. I know, complex." items: additionalProperties: - description: "A MappingLabelsArray is the value in the MappingLabelGroup: an array of label specifiers." + description: "A MappingLabelsArray is the value in the MappingLabelGroup: an array of label\nspecifiers." items: oneOf: - type: "string" - type: "object" type: "array" - description: "A MappingLabelGroup is a single element of a MappingLabelGroupsArray: a second map, where the key is a human-readable name that identifies the group." + description: "A MappingLabelGroup is a single element of a MappingLabelGroupsArray: a second\nmap, where the key is a human-readable name that identifies the group." maxProperties: 1 minProperties: 1 type: "object" type: "array" - description: "A DomainMap is the overall Mapping.spec.Labels type. It maps domains (kind of like namespaces for Mapping labels) to arrays of label groups." + description: "A DomainMap is the overall Mapping.spec.Labels type. It maps domains (kind of\nlike namespaces for Mapping labels) to arrays of label groups." type: "object" load_balancer: properties: @@ -323,7 +323,7 @@ spec: - type: "boolean" type: "object" redirect_response_code: - description: "The response code to use when generating an HTTP redirect. Defaults to 301. Used with `host_redirect`." + description: "The response code to use when generating an HTTP redirect. Defaults to 301. Used with\n`host_redirect`." enum: - 301 - 302 @@ -355,14 +355,14 @@ spec: type: "string" type: "object" remove_request_headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: - type: "string" - type: "array" remove_response_headers: - description: "StringOrStringList is just what it says on the tin, but note that it will always marshal as a list of strings right now." + description: "StringOrStringList is just what it says on the tin, but note that it will always\nmarshal as a list of strings right now." items: type: "string" oneOf: @@ -402,7 +402,7 @@ spec: - type: "string" - type: "boolean" use_websocket: - description: "use_websocket is deprecated, and is equivlaent to setting `allow_upgrade: [\"websocket\"]`" + description: "use_websocket is deprecated, and is equivlaent to setting\n`allow_upgrade: [\"websocket\"]`" type: "boolean" v3StatsName: type: "string" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/modules.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/modules.yaml index 0aa2464a9..6ca2e7887 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/modules.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/modules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "modules.getambassador.io" spec: conversion: @@ -30,20 +30,20 @@ spec: - name: "v2" schema: openAPIV3Schema: - description: "A Module defines system-wide configuration. The type of module is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\". \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated" + description: "A Module defines system-wide configuration. The type of module is\ncontrolled by the .metadata.name; valid names are \"ambassador\" or\n\"tls\".\n\nhttps://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module\nhttps://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/ratelimitservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/ratelimitservices.yaml index 1baf3bb70..517d41d71 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/ratelimitservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/ratelimitservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "ratelimitservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "RateLimitService is the Schema for the ratelimitservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -53,7 +53,7 @@ spec: domain: type: "string" failure_mode_deny: - description: "FailureModeDeny when set to true, envoy will deny traffic if it is unable to communicate with the rate limit service." + description: "FailureModeDeny when set to true, envoy will deny traffic if it\nis unable to communicate with the rate limit service." type: "boolean" protocol_version: enum: @@ -71,7 +71,7 @@ spec: v3GRPC: properties: use_resource_exhausted_code: - description: "UseResourceExhaustedCode, when set to true, will cause envoy to return a `RESOURCE_EXHAUSTED` gRPC code instead of the default `UNAVAILABLE` gRPC code." + description: "UseResourceExhaustedCode, when set to true, will cause envoy\nto return a `RESOURCE_EXHAUSTED` gRPC code instead of the default\n`UNAVAILABLE` gRPC code." type: "boolean" type: "object" v3StatsName: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tcpmappings.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tcpmappings.yaml index 7c53f8889..c0bde00dc 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tcpmappings.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tcpmappings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tcpmappings.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TCPMapping is the Schema for the tcpmappings API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: address: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tlscontexts.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tlscontexts.yaml index a41bcc99c..52448a9b7 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tlscontexts.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tlscontexts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tlscontexts.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TLSContext is the Schema for the tlscontexts API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: alpn_protocols: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tracingservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tracingservices.yaml index 52335d140..bab5e2646 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tracingservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v2/tracingservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tracingservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TracingService is the Schema for the tracingservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "TracingServiceSpec defines the desired state of TracingService" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. May either be a string or a list of\nstrings. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" oneOf: @@ -109,7 +109,7 @@ spec: description: "TracingCustomTag provides a data structure for capturing envoy's `type.tracing.v3.CustomTag`" properties: environment: - description: "Environment explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Environment explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: default_value: type: "string" @@ -119,7 +119,7 @@ spec: - "name" type: "object" literal: - description: "Literal explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Literal explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: value: type: "string" @@ -127,7 +127,7 @@ spec: - "value" type: "object" request_header: - description: "Header explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Header explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: default_value: type: "string" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/authservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/authservices.yaml index 0a0fe069a..b21eba1de 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/authservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/authservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "authservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "AuthService is the Schema for the authservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -60,7 +60,7 @@ spec: type: "string" type: "array" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" @@ -122,14 +122,14 @@ spec: tls: type: "string" v2ExplicitTLS: - description: "V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior." + description: "V2ExplicitTLS controls some vanity/stylistic elements when converting\nfrom v3alpha1 to v2. The values in an V2ExplicitTLS should not in any\nway affect the runtime operation of Emissary; except that it may affect\ninternal names in the Envoy config, which may in turn affect stats\nnames. But it should not affect any end-user observable behavior." properties: serviceScheme: - description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the service URL. \n Acceptable values are \"http://\" (case-insensitive), \"https://\" (case-insensitive), or \"\". The value is used if it agrees with whether or not this resource enables TLS origination, or if something else in the resource overrides the scheme." + description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the\nservice URL.\n\nAcceptable values are \"http://\" (case-insensitive), \"https://\"\n(case-insensitive), or \"\". The value is used if it agrees with\nwhether or not this resource enables TLS origination, or if\nsomething else in the resource overrides the scheme." pattern: "^([hH][tT][tT][pP][sS]?://)?$" type: "string" tls: - description: "TLS controls whether and how to represent the \"tls\" field when its value could be implied by the \"service\" field. In v2, there were a lot of different ways to spell an \"empty\" value, and this field specifies which way to spell it (and will therefore only be used if the value will indeed be empty). \n | Value | Representation | Meaning of representation | |--------------+---------------------------------------+------------------------------------| | \"\" | omit the field | defer to service (no TLSContext) | | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) | | \"string\" | store an empty string in the field | defer to service (no TLSContext) | | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) | | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) | \n If the meaning of the representation contradicts anything else (if a TLSContext is to be used, or in the case of \"bool:true\" if TLS is not to be originated), then this field is ignored." + description: "TLS controls whether and how to represent the \"tls\" field when\nits value could be implied by the \"service\" field. In v2, there\nwere a lot of different ways to spell an \"empty\" value, and this\nfield specifies which way to spell it (and will therefore only\nbe used if the value will indeed be empty).\n\n | Value | Representation | Meaning of representation |\n |--------------+---------------------------------------+------------------------------------|\n | \"\" | omit the field | defer to service (no TLSContext) |\n | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) |\n | \"string\" | store an empty string in the field | defer to service (no TLSContext) |\n | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) |\n | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) |\n\nIf the meaning of the representation contradicts anything else\n(if a TLSContext is to be used, or in the case of \"bool:true\" if\nTLS is not to be originated), then this field is ignored." enum: - "" - "null" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/consulresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/consulresolvers.yaml index 6fffaa64d..2f4eb7e75 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/consulresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/consulresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "consulresolvers.getambassador.io" spec: conversion: @@ -33,20 +33,20 @@ spec: description: "ConsulResolver is the Schema for the ConsulResolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "ConsulResolver tells Ambassador to use Consul to resolve services. In addition to the AmbassadorID, it needs information about which Consul server and DC to use." + description: "ConsulResolver tells Ambassador to use Consul to resolve services. In addition\nto the AmbassadorID, it needs information about which Consul server and DC to\nuse." properties: address: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/devportals.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/devportals.yaml index 5f15ce2b1..b4ce6fab5 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/devportals.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/devportals.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "devportals.getambassador.io" spec: conversion: @@ -30,13 +30,13 @@ spec: - name: "v3alpha1" schema: openAPIV3Schema: - description: "DevPortal is the Schema for the DevPortals API \n DevPortal resources specify the `what` and `how` is shown in a DevPortal: \n 1. `what` is in a DevPortal can be controlled with \n - a `selector`, that can be used for filtering `Mappings`. \n - a `docs` listing of (services, url) \n 2. `how` is a pointer to some `contents` (a checkout of a Git repository with go-templates/markdown/css). \n Multiple `DevPortal`s can exist in the cluster, and the Dev Portal server will show them at different endpoints. A `DevPortal` resource with a special name, `ambassador`, will be used for configuring the default Dev Portal (served at `/docs/` by default)." + description: "DevPortal is the Schema for the DevPortals API\n\nDevPortal resources specify the `what` and `how` is shown in a DevPortal:\n\n 1. `what` is in a DevPortal can be controlled with\n\n - a `selector`, that can be used for filtering `Mappings`.\n\n - a `docs` listing of (services, url)\n\n 2. `how` is a pointer to some `contents` (a checkout of a Git repository\n with go-templates/markdown/css).\n\nMultiple `DevPortal`s can exist in the cluster, and the Dev Portal server\nwill show them at different endpoints. A `DevPortal` resource with a special\nname, `ambassador`, will be used for configuring the default Dev Portal\n(served at `/docs/` by default)." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "DevPortalSpec defines the desired state of DevPortal" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" @@ -64,13 +64,13 @@ spec: docs: description: "Docs is a static docs definition" items: - description: "DevPortalDocsSpec is a static documentation definition: instead of using a Selector for finding documentation for services, users can provide a static list of : tuples. These services will be shown in the Dev Portal with the documentation obtained from this URL." + description: "DevPortalDocsSpec is a static documentation definition:\ninstead of using a Selector for finding documentation for services,\nusers can provide a static list of : tuples. These services\nwill be shown in the Dev Portal with the documentation obtained from\nthis URL." properties: service: description: "Service is the service being documented" type: "string" timeout_ms: - description: "Timeout specifies the amount of time devportal will wait for the downstream service to report an openapi spec back" + description: "Timeout specifies the amount of time devportal will wait\nfor the downstream service to report an openapi spec back" type: "integer" url: description: "URL is the URL used for obtaining docs" @@ -84,7 +84,7 @@ spec: - "name.prefix" type: "string" preserve_servers: - description: "Configures this DevPortal to use server definitions from the openAPI doc instead of rewriting them based on the url used for the connection." + description: "Configures this DevPortal to use server definitions from the openAPI doc instead of\nrewriting them based on the url used for the connection." type: "boolean" search: description: "DevPortalSearchSpec allows configuration over search functionality for the DevPortal" @@ -92,7 +92,7 @@ spec: enabled: type: "boolean" type: - description: "Type of search. \"title-only\" does a fuzzy search over openapi and page titles \"all-content\" will fuzzy search over all openapi and page content. \"title-only\" is the default. warning: using all-content may incur a larger memory footprint" + description: "Type of search.\n\"title-only\" does a fuzzy search over openapi and page titles\n\"all-content\" will fuzzy search over all openapi and page content.\n\"title-only\" is the default.\nwarning: using all-content may incur a larger memory footprint" enum: - "title-only" - "all-content" @@ -104,10 +104,10 @@ spec: matchLabels: additionalProperties: type: "string" - description: "MatchLabels specifies the list of labels that must be present in Mappings for being present in this DevPortal." + description: "MatchLabels specifies the list of labels that must be present\nin Mappings for being present in this DevPortal." type: "object" matchNamespaces: - description: "MatchNamespaces is a list of namespaces that will be included in this DevPortal." + description: "MatchNamespaces is a list of namespaces that will be included in\nthis DevPortal." items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/hosts.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/hosts.yaml index 1a30708bf..0a6f4dbf3 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/hosts.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/hosts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "hosts.getambassador.io" spec: conversion: @@ -49,10 +49,10 @@ spec: description: "Host is the Schema for the hosts API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -63,16 +63,16 @@ spec: description: "Specifies whether/who to talk ACME with to automatically manage the $tlsSecret." properties: authority: - description: "Specifies who to talk ACME with to get certs. Defaults to Let's Encrypt; if \"none\" (case-insensitive), do not try to do ACME for this Host." + description: "Specifies who to talk ACME with to get certs. Defaults to Let's\nEncrypt; if \"none\" (case-insensitive), do not try to do ACME for\nthis Host." type: "string" email: type: "string" privateKeySecret: - description: "Specifies the Kubernetes Secret to use to store the private key of the ACME account (essentially, where to store the auto-generated password for the auto-created ACME account). You should not normally need to set this--the default value is based on a combination of the ACME authority being registered wit and the email address associated with the account. \n Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." + description: "Specifies the Kubernetes Secret to use to store the private key of the ACME\naccount (essentially, where to store the auto-generated password for the\nauto-created ACME account). You should not normally need to set this--the\ndefault value is based on a combination of the ACME authority being registered\nwit and the email address associated with the account.\n\nNote that this is a native-Kubernetes-style core.v1.LocalObjectReference, not\nan Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it\ndoes not support referencing a Secret in another namespace (because most native\nKubernetes resources don't support that), but if we ever abandon that opinion\nand decide to support non-local references it, it would be by adding a\n`namespace:` field by changing it from a core.v1.LocalObjectReference to a\ncore.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." properties: name: default: "" - description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -89,21 +89,21 @@ spec: description: "Hostname by which the Ambassador can be reached." type: "string" mappingSelector: - description: "Selector for Mappings we'll associate with this Host. At the moment, Selector and MappingSelector are synonyms, but that will change soon." + description: "Selector for Mappings we'll associate with this Host. At the moment, Selector and\nMappingSelector are synonyms, but that will change soon." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -117,7 +117,7 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" @@ -154,16 +154,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -177,12 +177,12 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" tls: - description: "TLS configuration. It is not valid to specify both `tlsContext` and `tls`." + description: "TLS configuration. It is not valid to specify both\n`tlsContext` and `tls`." properties: alpn_protocols: type: "string" @@ -216,16 +216,16 @@ spec: type: "string" type: "object" tlsContext: - description: "Name of the TLSContext the Host resource is linked with. It is not valid to specify both `tlsContext` and `tls`. \n Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." + description: "Name of the TLSContext the Host resource is linked with.\nIt is not valid to specify both `tlsContext` and `tls`.\n\nNote that this is a native-Kubernetes-style core.v1.LocalObjectReference, not\nan Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it\ndoes not support referencing a Secret in another namespace (because most native\nKubernetes resources don't support that), but if we ever abandon that opinion\nand decide to support non-local references it, it would be by adding a\n`namespace:` field by changing it from a core.v1.LocalObjectReference to a\ncore.v1.SecretReference, not by adopting the `{name}.{namespace}` notation." properties: name: default: "" - description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" tlsSecret: - description: "Name of the Kubernetes secret into which to save generated certificates. If ACME is enabled (see $acmeProvider), then the default is $hostname; otherwise the default is \"\". If the value is \"\", then we do not do TLS for this Host." + description: "Name of the Kubernetes secret into which to save generated\ncertificates. If ACME is enabled (see $acmeProvider), then the\ndefault is $hostname; otherwise the default is \"\". If the value\nis \"\", then we do not do TLS for this Host." properties: name: description: "name is unique within a namespace to reference a secret resource." @@ -248,7 +248,7 @@ spec: format: "date-time" type: "string" phaseCompleted: - description: "phaseCompleted and phasePending are valid when state==Pending or state==Error." + description: "phaseCompleted and phasePending are valid when state==Pending or\nstate==Error." enum: - "NA" - "DefaultsFilled" @@ -257,7 +257,7 @@ spec: - "ACMECertificateChallenge" type: "string" phasePending: - description: "phaseCompleted and phasePending are valid when state==Pending or state==Error." + description: "phaseCompleted and phasePending are valid when state==Pending or\nstate==Error." enum: - "NA" - "DefaultsFilled" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesendpointresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesendpointresolvers.yaml index 624f007bb..92d65ae5c 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesendpointresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesendpointresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubernetesendpointresolvers.getambassador.io" spec: conversion: @@ -33,18 +33,18 @@ spec: description: "KubernetesEndpointResolver is the Schema for the kubernetesendpointresolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints resources to resolve services. It actually has no spec other than the AmbassadorID." + description: "KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints\nresources to resolve services. It actually has no spec other than the\nAmbassadorID." properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesserviceresolvers.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesserviceresolvers.yaml index bbdd0f9d6..a8c5853cb 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesserviceresolvers.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/kubernetesserviceresolvers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubernetesserviceresolvers.getambassador.io" spec: conversion: @@ -33,18 +33,18 @@ spec: description: "KubernetesServiceResolver is the Schema for the kubernetesserviceresolver API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "KubernetesServiceResolver tells Ambassador to use Kubernetes Service resources to resolve services. It actually has no spec other than the AmbassadorID." + description: "KubernetesServiceResolver tells Ambassador to use Kubernetes Service\nresources to resolve services. It actually has no spec other than the\nAmbassadorID." properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/listeners.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/listeners.yaml index b0a8a44a4..f7100d0a7 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/listeners.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/listeners.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "listeners.getambassador.io" spec: group: "getambassador.io" @@ -41,10 +41,10 @@ spec: description: "Listener is the Schema for the hosts API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -52,7 +52,7 @@ spec: description: "ListenerSpec defines the desired state of this Port" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" @@ -71,21 +71,21 @@ spec: type: "string" type: "object" selector: - description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects." + description: "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -99,13 +99,13 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" type: "object" l7Depth: - description: "L7Depth specifies how many layer 7 load balancers are between us and the edge of the network." + description: "L7Depth specifies how many layer 7 load balancers are between us and the edge of\nthe network." format: "int32" type: "integer" port: @@ -115,7 +115,7 @@ spec: minimum: 1.0 type: "integer" protocol: - description: "Protocol is a shorthand for certain predefined stacks. Exactly one of Protocol or ProtocolStack must be supplied." + description: "Protocol is a shorthand for certain predefined stacks. Exactly one of Protocol\nor ProtocolStack must be supplied." enum: - "HTTP" - "HTTPS" @@ -126,9 +126,9 @@ spec: - "UDP" type: "string" protocolStack: - description: "ProtocolStack explicitly specifies the protocol stack to set up. Exactly one of Protocol or ProtocolStack must be supplied." + description: "ProtocolStack explicitly specifies the protocol stack to set up. Exactly one of Protocol\nor ProtocolStack must be supplied." items: - description: "ProtocolStackElement defines specific layers that may be combined in a protocol stack for processing connections to a port." + description: "ProtocolStackElement defines specific layers that may be combined in a protocol\nstack for processing connections to a port." enum: - "HTTP" - "PROXY" @@ -138,14 +138,14 @@ spec: type: "string" type: "array" securityModel: - description: "SecurityModel specifies how to determine whether connections to this port are secure or insecure." + description: "SecurityModel specifies how to determine whether connections to this port are secure\nor insecure." enum: - "XFP" - "SECURE" - "INSECURE" type: "string" statsPrefix: - description: "StatsPrefix specifies the prefix for statistics sent by Envoy about this Listener. The default depends on the protocol: \"ingress-http\", \"ingress-https\", \"ingress-tls-$port\", or \"ingress-$port\"." + description: "StatsPrefix specifies the prefix for statistics sent by Envoy about this\nListener. The default depends on the protocol: \"ingress-http\",\n\"ingress-https\", \"ingress-tls-$port\", or \"ingress-$port\"." type: "string" required: - "hostBinding" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/logservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/logservices.yaml index fec1eb5da..cc64f61df 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/logservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/logservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "logservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "LogService is the Schema for the logservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "LogServiceSpec defines the desired state of LogService" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/mappings.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/mappings.yaml index 5556a183e..7d57bcce6 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/mappings.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/mappings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "mappings.getambassador.io" spec: conversion: @@ -49,10 +49,10 @@ spec: description: "Mapping is the Schema for the mappings API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -92,12 +92,12 @@ spec: type: "object" type: "object" allow_upgrade: - description: "A case-insensitive list of the non-HTTP protocols to allow \"upgrading\" to from HTTP via the \"Connection: upgrade\" mechanism[1]. After the upgrade, Ambassador does not interpret the traffic, and behaves similarly to how it does for TCPMappings. \n [1]: https://tools.ietf.org/html/rfc7230#section-6.7 \n For example, if your upstream service supports WebSockets, you would write \n allow_upgrade: - websocket \n Or if your upstream service supports upgrading from HTTP to SPDY (as the Kubernetes apiserver does for `kubectl exec` functionality), you would write \n allow_upgrade: - spdy/3.1" + description: "A case-insensitive list of the non-HTTP protocols to allow\n\"upgrading\" to from HTTP via the \"Connection: upgrade\"\nmechanism[1]. After the upgrade, Ambassador does not\ninterpret the traffic, and behaves similarly to how it does\nfor TCPMappings.\n\n[1]: https://tools.ietf.org/html/rfc7230#section-6.7\n\nFor example, if your upstream service supports WebSockets,\nyou would write\n\n allow_upgrade:\n - websocket\n\nOr if your upstream service supports upgrading from HTTP to\nSPDY (as the Kubernetes apiserver does for `kubectl exec`\nfunctionality), you would write\n\n allow_upgrade:\n - spdy/3.1" items: type: "string" type: "array" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" @@ -168,7 +168,7 @@ spec: dns_type: type: "string" docs: - description: "DocsInfo provides some extra information about the docs for the Mapping. Docs is used by both the agent and the DevPortal." + description: "DocsInfo provides some extra information about the docs for the Mapping.\nDocs is used by both the agent and the DevPortal." properties: display_name: type: "string" @@ -189,7 +189,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true error_response_overrides: - description: "Error response overrides for this Mapping. Replaces all of the `error_response_overrides` set on the Ambassador module, if any." + description: "Error response overrides for this Mapping. Replaces all of the `error_response_overrides`\nset on the Ambassador module, if any." items: description: "A response rewrite for an HTTP error response" properties: @@ -197,18 +197,18 @@ spec: description: "The new response body" properties: content_type: - description: "The content type to set on the error response body when using text_format or text_format_source. Defaults to 'text/plain'." + description: "The content type to set on the error response body when\nusing text_format or text_format_source. Defaults to 'text/plain'." type: "string" json_format: additionalProperties: type: "string" - description: "A JSON response with content-type: application/json. The values can contain format text like in text_format." + description: "A JSON response with content-type: application/json. The values can\ncontain format text like in text_format." type: "object" text_format: - description: "A format string representing a text response body. Content-Type can be set using the `content_type` field below." + description: "A format string representing a text response body.\nContent-Type can be set using the `content_type` field below." type: "string" text_format_source: - description: "A format string sourced from a file on the Ambassador container. Useful for larger response bodies that should not be placed inline in configuration." + description: "A format string sourced from a file on the Ambassador container.\nUseful for larger response bodies that should not be placed inline\nin configuration." properties: filename: description: "The name of a file on the Ambassador pod that contains a format text string." @@ -320,7 +320,7 @@ spec: minItems: 1 type: "array" host: - description: "Exact match for the hostname of a request if HostRegex is false; regex match for the hostname if HostRegex is true. \n Host specifies both a match for the ':authority' header of a request, as well as a match criterion for Host CRDs: a Mapping that specifies Host will not associate with a Host that doesn't have a matching Hostname. \n If both Host and Hostname are set, an error is logged, Host is ignored, and Hostname is used. \n DEPRECATED: Host is either an exact match or a regex, depending on HostRegex. Use HostName instead." + description: "Exact match for the hostname of a request if HostRegex is false; regex match for the\nhostname if HostRegex is true.\n\nHost specifies both a match for the ':authority' header of a request, as well as a match\ncriterion for Host CRDs: a Mapping that specifies Host will not associate with a Host that\ndoesn't have a matching Hostname.\n\nIf both Host and Hostname are set, an error is logged, Host is ignored, and Hostname is\nused.\n\nDEPRECATED: Host is either an exact match or a regex, depending on HostRegex. Use HostName instead." type: "string" host_redirect: type: "boolean" @@ -330,7 +330,7 @@ spec: host_rewrite: type: "string" hostname: - description: "Hostname is a DNS glob specifying the hosts to which this Mapping applies. \n Hostname specifies both a match for the ':authority' header of a request, as well as a match criterion for Host CRDs: a Mapping that specifies Hostname will not associate with a Host that doesn't have a matching Hostname. \n If both Host and Hostname are set, an error is logged, Host is ignored, and Hostname is used." + description: "Hostname is a DNS glob specifying the hosts to which this Mapping applies.\n\nHostname specifies both a match for the ':authority' header of a request, as well as a\nmatch criterion for Host CRDs: a Mapping that specifies Hostname will not associate with\na Host that doesn't have a matching Hostname.\n\nIf both Host and Hostname are set, an error is logged, Host is ignored, and Hostname is\nused." type: "string" idle_timeout_ms: type: "integer" @@ -348,9 +348,9 @@ spec: description: "A MappingLabelGroupsArray is an array of MappingLabelGroups. I know, complex." items: additionalProperties: - description: "A MappingLabelsArray is the value in the MappingLabelGroup: an array of label specifiers." + description: "A MappingLabelsArray is the value in the MappingLabelGroup: an array of label\nspecifiers." items: - description: "A MappingLabelSpecifier (finally!) defines a single label. \n This mimics envoy/config/route/v3/route_components.proto:RateLimit:Action:action_specifier." + description: "A MappingLabelSpecifier (finally!) defines a single label.\n\nThis mimics envoy/config/route/v3/route_components.proto:RateLimit:Action:action_specifier." maxProperties: 1 minProperties: 1 properties: @@ -365,7 +365,7 @@ spec: - "key" type: "object" generic_key: - description: "Sets the label \"«key»=«value»\" (where by default «key» is \"generic_key\")." + description: "Sets the label \"«key»=«value»\" (where by default «key»\nis \"generic_key\")." properties: key: description: "The default is \"generic_key\"." @@ -388,7 +388,7 @@ spec: - "key" type: "object" request_headers: - description: "If the «header_name» header is set, then set the label \"«key»=«Value of the «header_name» header»\"; otherwise skip applying this label group." + description: "If the «header_name» header is set, then set the label \"«key»=«Value of the\n«header_name» header»\"; otherwise skip applying this label group." properties: header_name: type: "string" @@ -412,12 +412,12 @@ spec: type: "object" type: "object" type: "array" - description: "A MappingLabelGroup is a single element of a MappingLabelGroupsArray: a second map, where the key is a human-readable name that identifies the group." + description: "A MappingLabelGroup is a single element of a MappingLabelGroupsArray: a second\nmap, where the key is a human-readable name that identifies the group." maxProperties: 1 minProperties: 1 type: "object" type: "array" - description: "A DomainMap is the overall Mapping.spec.Labels type. It maps domains (kind of like namespaces for Mapping labels) to arrays of label groups." + description: "A DomainMap is the overall Mapping.spec.Labels type. It maps domains (kind of\nlike namespaces for Mapping labels) to arrays of label groups." type: "object" load_balancer: properties: @@ -478,7 +478,7 @@ spec: type: "string" type: "object" redirect_response_code: - description: "The response code to use when generating an HTTP redirect. Defaults to 301. Used with `host_redirect`." + description: "The response code to use when generating an HTTP redirect. Defaults to 301. Used with\n`host_redirect`." enum: - 301 - 302 @@ -551,7 +551,7 @@ spec: tls: type: "string" use_websocket: - description: "use_websocket is deprecated, and is equivlaent to setting `allow_upgrade: [\"websocket\"]`" + description: "use_websocket is deprecated, and is equivlaent to setting\n`allow_upgrade: [\"websocket\"]`" type: "boolean" v2BoolHeaders: items: @@ -562,14 +562,14 @@ spec: type: "string" type: "array" v2ExplicitTLS: - description: "V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior." + description: "V2ExplicitTLS controls some vanity/stylistic elements when converting\nfrom v3alpha1 to v2. The values in an V2ExplicitTLS should not in any\nway affect the runtime operation of Emissary; except that it may affect\ninternal names in the Envoy config, which may in turn affect stats\nnames. But it should not affect any end-user observable behavior." properties: serviceScheme: - description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the service URL. \n Acceptable values are \"http://\" (case-insensitive), \"https://\" (case-insensitive), or \"\". The value is used if it agrees with whether or not this resource enables TLS origination, or if something else in the resource overrides the scheme." + description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the\nservice URL.\n\nAcceptable values are \"http://\" (case-insensitive), \"https://\"\n(case-insensitive), or \"\". The value is used if it agrees with\nwhether or not this resource enables TLS origination, or if\nsomething else in the resource overrides the scheme." pattern: "^([hH][tT][tT][pP][sS]?://)?$" type: "string" tls: - description: "TLS controls whether and how to represent the \"tls\" field when its value could be implied by the \"service\" field. In v2, there were a lot of different ways to spell an \"empty\" value, and this field specifies which way to spell it (and will therefore only be used if the value will indeed be empty). \n | Value | Representation | Meaning of representation | |--------------+---------------------------------------+------------------------------------| | \"\" | omit the field | defer to service (no TLSContext) | | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) | | \"string\" | store an empty string in the field | defer to service (no TLSContext) | | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) | | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) | \n If the meaning of the representation contradicts anything else (if a TLSContext is to be used, or in the case of \"bool:true\" if TLS is not to be originated), then this field is ignored." + description: "TLS controls whether and how to represent the \"tls\" field when\nits value could be implied by the \"service\" field. In v2, there\nwere a lot of different ways to spell an \"empty\" value, and this\nfield specifies which way to spell it (and will therefore only\nbe used if the value will indeed be empty).\n\n | Value | Representation | Meaning of representation |\n |--------------+---------------------------------------+------------------------------------|\n | \"\" | omit the field | defer to service (no TLSContext) |\n | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) |\n | \"string\" | store an empty string in the field | defer to service (no TLSContext) |\n | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) |\n | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) |\n\nIf the meaning of the representation contradicts anything else\n(if a TLSContext is to be used, or in the case of \"bool:true\" if\nTLS is not to be originated), then this field is ignored." enum: - "" - "null" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/modules.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/modules.yaml index f90718154..b7cc42fe6 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/modules.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/modules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "modules.getambassador.io" spec: conversion: @@ -30,20 +30,20 @@ spec: - name: "v3alpha1" schema: openAPIV3Schema: - description: "A Module defines system-wide configuration. The type of module is controlled by the .metadata.name; valid names are \"ambassador\" or \"tls\". \n https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated" + description: "A Module defines system-wide configuration. The type of module is\ncontrolled by the .metadata.name; valid names are \"ambassador\" or\n\"tls\".\n\nhttps://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/#the-ambassador-module\nhttps://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/#tls-module-deprecated" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/ratelimitservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/ratelimitservices.yaml index e75541c69..0a0b3930c 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/ratelimitservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/ratelimitservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "ratelimitservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "RateLimitService is the Schema for the ratelimitservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -51,12 +51,12 @@ spec: domain: type: "string" failure_mode_deny: - description: "FailureModeDeny when set to true, envoy will deny traffic if it is unable to communicate with the rate limit service." + description: "FailureModeDeny when set to true, envoy will deny traffic if it\nis unable to communicate with the rate limit service." type: "boolean" grpc: properties: use_resource_exhausted_code: - description: "UseResourceExhaustedCode, when set to true, will cause envoy to return a `RESOURCE_EXHAUSTED` gRPC code instead of the default `UNAVAILABLE` gRPC code." + description: "UseResourceExhaustedCode, when set to true, will cause envoy\nto return a `RESOURCE_EXHAUSTED` gRPC code instead of the default\n`UNAVAILABLE` gRPC code." type: "boolean" type: "object" protocol_version: @@ -74,14 +74,14 @@ spec: tls: type: "string" v2ExplicitTLS: - description: "V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior." + description: "V2ExplicitTLS controls some vanity/stylistic elements when converting\nfrom v3alpha1 to v2. The values in an V2ExplicitTLS should not in any\nway affect the runtime operation of Emissary; except that it may affect\ninternal names in the Envoy config, which may in turn affect stats\nnames. But it should not affect any end-user observable behavior." properties: serviceScheme: - description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the service URL. \n Acceptable values are \"http://\" (case-insensitive), \"https://\" (case-insensitive), or \"\". The value is used if it agrees with whether or not this resource enables TLS origination, or if something else in the resource overrides the scheme." + description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the\nservice URL.\n\nAcceptable values are \"http://\" (case-insensitive), \"https://\"\n(case-insensitive), or \"\". The value is used if it agrees with\nwhether or not this resource enables TLS origination, or if\nsomething else in the resource overrides the scheme." pattern: "^([hH][tT][tT][pP][sS]?://)?$" type: "string" tls: - description: "TLS controls whether and how to represent the \"tls\" field when its value could be implied by the \"service\" field. In v2, there were a lot of different ways to spell an \"empty\" value, and this field specifies which way to spell it (and will therefore only be used if the value will indeed be empty). \n | Value | Representation | Meaning of representation | |--------------+---------------------------------------+------------------------------------| | \"\" | omit the field | defer to service (no TLSContext) | | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) | | \"string\" | store an empty string in the field | defer to service (no TLSContext) | | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) | | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) | \n If the meaning of the representation contradicts anything else (if a TLSContext is to be used, or in the case of \"bool:true\" if TLS is not to be originated), then this field is ignored." + description: "TLS controls whether and how to represent the \"tls\" field when\nits value could be implied by the \"service\" field. In v2, there\nwere a lot of different ways to spell an \"empty\" value, and this\nfield specifies which way to spell it (and will therefore only\nbe used if the value will indeed be empty).\n\n | Value | Representation | Meaning of representation |\n |--------------+---------------------------------------+------------------------------------|\n | \"\" | omit the field | defer to service (no TLSContext) |\n | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) |\n | \"string\" | store an empty string in the field | defer to service (no TLSContext) |\n | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) |\n | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) |\n\nIf the meaning of the representation contradicts anything else\n(if a TLSContext is to be used, or in the case of \"bool:true\" if\nTLS is not to be originated), then this field is ignored." enum: - "" - "null" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tcpmappings.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tcpmappings.yaml index 2f1c62b84..ca9782fb2 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tcpmappings.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tcpmappings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tcpmappings.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TCPMapping is the Schema for the tcpmappings API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: address: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" @@ -90,14 +90,14 @@ spec: tls: type: "string" v2ExplicitTLS: - description: "V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior." + description: "V2ExplicitTLS controls some vanity/stylistic elements when converting\nfrom v3alpha1 to v2. The values in an V2ExplicitTLS should not in any\nway affect the runtime operation of Emissary; except that it may affect\ninternal names in the Envoy config, which may in turn affect stats\nnames. But it should not affect any end-user observable behavior." properties: serviceScheme: - description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the service URL. \n Acceptable values are \"http://\" (case-insensitive), \"https://\" (case-insensitive), or \"\". The value is used if it agrees with whether or not this resource enables TLS origination, or if something else in the resource overrides the scheme." + description: "ServiceScheme specifies how to spell and capitalize the scheme-part of the\nservice URL.\n\nAcceptable values are \"http://\" (case-insensitive), \"https://\"\n(case-insensitive), or \"\". The value is used if it agrees with\nwhether or not this resource enables TLS origination, or if\nsomething else in the resource overrides the scheme." pattern: "^([hH][tT][tT][pP][sS]?://)?$" type: "string" tls: - description: "TLS controls whether and how to represent the \"tls\" field when its value could be implied by the \"service\" field. In v2, there were a lot of different ways to spell an \"empty\" value, and this field specifies which way to spell it (and will therefore only be used if the value will indeed be empty). \n | Value | Representation | Meaning of representation | |--------------+---------------------------------------+------------------------------------| | \"\" | omit the field | defer to service (no TLSContext) | | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) | | \"string\" | store an empty string in the field | defer to service (no TLSContext) | | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) | | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) | \n If the meaning of the representation contradicts anything else (if a TLSContext is to be used, or in the case of \"bool:true\" if TLS is not to be originated), then this field is ignored." + description: "TLS controls whether and how to represent the \"tls\" field when\nits value could be implied by the \"service\" field. In v2, there\nwere a lot of different ways to spell an \"empty\" value, and this\nfield specifies which way to spell it (and will therefore only\nbe used if the value will indeed be empty).\n\n | Value | Representation | Meaning of representation |\n |--------------+---------------------------------------+------------------------------------|\n | \"\" | omit the field | defer to service (no TLSContext) |\n | \"null\" | store an explicit \"null\" in the field | defer to service (no TLSContext) |\n | \"string\" | store an empty string in the field | defer to service (no TLSContext) |\n | \"bool:false\" | store a Boolean \"false\" in the field | defer to service (no TLSContext) |\n | \"bool:true\" | store a Boolean \"true\" in the field | originate TLS (no TLSContext) |\n\nIf the meaning of the representation contradicts anything else\n(if a TLSContext is to be used, or in the case of \"bool:true\" if\nTLS is not to be originated), then this field is ignored." enum: - "" - "null" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tlscontexts.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tlscontexts.yaml index dfa8bf360..d3fc796b5 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tlscontexts.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tlscontexts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tlscontexts.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TLSContext is the Schema for the tlscontexts API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -46,7 +46,7 @@ spec: alpn_protocols: type: "string" ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" diff --git a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tracingservices.yaml b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tracingservices.yaml index ffc293a79..7d4ea9b8e 100644 --- a/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tracingservices.yaml +++ b/crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/tracingservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.13.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "tracingservices.getambassador.io" spec: conversion: @@ -33,10 +33,10 @@ spec: description: "TracingService is the Schema for the tracingservices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -44,7 +44,7 @@ spec: description: "TracingServiceSpec defines the desired state of TracingService" properties: ambassador_id: - description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: \n ambassador_id: - \"default\"" + description: "AmbassadorID declares which Ambassador instances should pay\nattention to this resource. If no value is provided, the default is:\n\n\tambassador_id:\n\t- \"default\"" items: type: "string" type: "array" @@ -85,7 +85,7 @@ spec: description: "TracingCustomTag provides a data structure for capturing envoy's `type.tracing.v3.CustomTag`" properties: environment: - description: "Environment explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Environment explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: default_value: type: "string" @@ -95,7 +95,7 @@ spec: - "name" type: "object" literal: - description: "Literal explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Literal explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: value: type: "string" @@ -103,7 +103,7 @@ spec: - "value" type: "object" request_header: - description: "Header explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied." + description: "Header explicitly specifies the protocol stack to set up. Exactly one of Literal,\nEnvironment or Header must be supplied." properties: default_value: type: "string" @@ -139,7 +139,7 @@ spec: stats_name: type: "string" tag_headers: - description: "Deprecated: tag_headers is deprecated. Use custom_tags instead. `tag_headers: [\"header\"]` can be defined as `custom_tags: [{\"request_header\": {\"name\": \"header\"}}]`." + description: "Deprecated: tag_headers is deprecated. Use custom_tags instead.\n`tag_headers: [\"header\"]` can be defined as `custom_tags: [{\"request_header\": {\"name\": \"header\"}}]`." items: type: "string" type: "array" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxbrokers.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxbrokers.yaml index 0b7aebb3b..2abf661e8 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxbrokers.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxbrokers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxbrokers.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxenterprises.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxenterprises.yaml index 58cc79b34..d675542c1 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxenterprises.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxenterprises.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxenterprises.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxplugins.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxplugins.yaml index c3d1dd521..a4e089c24 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxplugins.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta3/emqxplugins.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxplugins.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxbrokers.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxbrokers.yaml index e4a3e03cf..af8d560bd 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxbrokers.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxbrokers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxbrokers.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxenterprises.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxenterprises.yaml index c1f856674..638206976 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxenterprises.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxenterprises.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxenterprises.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxplugins.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxplugins.yaml index 97ba02256..c1964d2db 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxplugins.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/emqxplugins.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxplugins.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/rebalances.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/rebalances.yaml index cce96884b..e63717418 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/rebalances.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v1beta4/rebalances.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "rebalances.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2alpha1/emqxes.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2alpha1/emqxes.yaml index a427c7994..fb6b2abfe 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2alpha1/emqxes.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2alpha1/emqxes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxes.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/emqxes.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/emqxes.yaml index 28aae2dcd..2175ccf5e 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/emqxes.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/emqxes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "emqxes.apps.emqx.io" spec: group: "apps.emqx.io" @@ -2937,6 +2937,16 @@ spec: format: "int32" type: "integer" type: "object" + maxUnavailable: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true nodeName: type: "string" nodeSelector: @@ -3404,6 +3414,9 @@ spec: type: "string" type: "object" type: "object" + x-kubernetes-validations: + - message: "minAvailable cannot be set when maxUnavailable is specified. These fields are mutually exclusive in PodDisruptionBudget." + rule: "has(self.minAvailable) && has(self.maxUnavailable) ? false : true" type: "object" dashboardServiceTemplate: properties: @@ -6491,6 +6504,16 @@ spec: format: "int32" type: "integer" type: "object" + maxUnavailable: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true nodeName: type: "string" nodeSelector: @@ -6873,6 +6896,9 @@ spec: type: "object" type: "array" type: "object" + x-kubernetes-validations: + - message: "minAvailable cannot be set when maxUnavailable is specified. These fields are mutually exclusive in PodDisruptionBudget." + rule: "has(self.minAvailable) && has(self.maxUnavailable) ? false : true" type: "object" revisionHistoryLimit: default: 3 diff --git a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/rebalances.yaml b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/rebalances.yaml index 9245a0755..4b4f90127 100644 --- a/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/rebalances.yaml +++ b/crd-catalog/emqx/emqx-operator/apps.emqx.io/v2beta1/rebalances.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "rebalances.apps.emqx.io" spec: group: "apps.emqx.io" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/clustersecretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/clustersecretstores.yaml index 5d01fce5b..d7c25c0b7 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/clustersecretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/clustersecretstores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: external-secrets.io/component: "controller" name: "clustersecretstores.external-secrets.io" @@ -73,13 +73,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Akeyless. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -92,9 +101,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -110,39 +125,66 @@ spec: description: "The SecretAccessID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessType: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessTypeParam: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -155,13 +197,22 @@ spec: description: "The provider for the CA bundle to use to validate Akeyless Gateway certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -207,26 +258,44 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessKeySecretSecretRef: description: "The AccessKeySecret is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -260,9 +329,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -275,26 +350,44 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretAccessKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -325,26 +418,44 @@ spec: description: "The Azure clientId of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientSecret: description: "The Azure ClientSecret of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -369,9 +480,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -420,13 +537,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -448,9 +574,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -477,13 +609,22 @@ spec: description: "AccessToken is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -511,13 +652,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -542,29 +692,47 @@ spec: description: "has both clientCert and clientKey as secretKeySelector" properties: clientCert: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientKey: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -581,9 +749,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -593,16 +767,25 @@ spec: description: "use static token to authenticate with" properties: bearerToken: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -610,6 +793,9 @@ spec: remoteNamespace: default: "default" description: "Remote namespace to fetch the secrets from" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" server: description: "configures the Kubernetes server Address." @@ -622,13 +808,22 @@ spec: description: "see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider" properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -661,26 +856,44 @@ spec: description: "Fingerprint is the fingerprint of the API private key." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" privatekey: description: "PrivateKey is the user's API Signing Key in PEM format, used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -725,9 +938,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -751,13 +970,22 @@ spec: description: "Username / Password is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -795,13 +1023,22 @@ spec: description: "Reference to a key in a Secret that contains the App Role secret used\nto authenticate with Vault.\nThe `key` field must be specified and denotes which entry within the Secret\nresource is used as the app role secret." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -816,26 +1053,44 @@ spec: description: "ClientCert is a certificate to authenticate using the Cert Vault\nauthentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretRef: description: "SecretRef to a key in a Secret resource containing client private key to\nauthenticate with Vault using the Cert authentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -864,9 +1119,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -885,13 +1146,22 @@ spec: description: "Optional SecretRef that refers to a key in a Secret resource containing JWT token to\nauthenticate with Vault using the JWT/OIDC authentication method." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -911,13 +1181,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Vault. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -930,9 +1209,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -952,13 +1237,22 @@ spec: description: "SecretRef to a key in a Secret resource containing password for the LDAP\nuser used to authenticate with Vault using the LDAP authentication\nmethod" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" username: @@ -972,13 +1266,22 @@ spec: description: "TokenSecretRef authenticates with Vault by presenting a token." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -990,13 +1293,22 @@ spec: description: "The provider for the CA bundle to use to validate Vault server certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -1048,13 +1360,22 @@ spec: description: "The provider for the CA bundle to use to validate webhook server certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -1092,13 +1413,22 @@ spec: description: "Secret ref to fill in credentials" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1129,13 +1459,22 @@ spec: description: "The authorized key used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1143,16 +1482,25 @@ spec: description: "The provider for the CA bundle to use to validate Yandex.Cloud server certificate." properties: certSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/externalsecrets.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/externalsecrets.yaml index 0fe1b2e63..e67d16d27 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/externalsecrets.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/externalsecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: external-secrets.io/component: "controller" name: "externalsecrets.external-secrets.io" @@ -20,6 +20,9 @@ spec: scope: "Namespaced" versions: - additionalPrinterColumns: + - jsonPath: ".spec.secretStoreRef.kind" + name: "Store" + type: "string" - jsonPath: ".spec.secretStoreRef.name" name: "Store" type: "string" @@ -74,6 +77,10 @@ spec: - "key" type: "object" secretKey: + description: "The key in the Kubernetes Secret to store the value." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" required: - "remoteRef" @@ -114,19 +121,23 @@ spec: properties: kind: description: "Kind of the SecretStore resource (SecretStore or ClusterSecretStore)\nDefaults to `SecretStore`" + enum: + - "SecretStore" + - "ClusterSecretStore" type: "string" name: description: "Name of the SecretStore resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" - required: - - "name" type: "object" target: description: "ExternalSecretTarget defines the Kubernetes Secret to be created\nThere can be only one target per ExternalSecret." properties: creationPolicy: default: "Owner" - description: "CreationPolicy defines rules on how to create the resulting Secret\nDefaults to 'Owner'" + description: "CreationPolicy defines rules on how to create the resulting Secret.\nDefaults to \"Owner\"" enum: - "Owner" - "Merge" @@ -136,7 +147,10 @@ spec: description: "Immutable defines if the final secret will be immutable" type: "boolean" name: - description: "Name defines the name of the Secret resource to be managed\nThis field is immutable\nDefaults to the .metadata.name of the ExternalSecret resource" + description: "The name of the Secret resource to be managed.\nDefaults to the .metadata.name of the ExternalSecret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" template: description: "Template defines a blueprint for the created Secret resource." @@ -172,15 +186,24 @@ spec: configMap: properties: items: + description: "A list of keys in the ConfigMap/Secret to use as templates for Secret data" items: properties: key: + description: "A key in the ConfigMap/Secret" + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" required: - "key" type: "object" type: "array" name: + description: "The name of the ConfigMap/Secret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "items" @@ -189,15 +212,24 @@ spec: secret: properties: items: + description: "A list of keys in the ConfigMap/Secret to use as templates for Secret data" items: properties: key: + description: "A key in the ConfigMap/Secret" + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" required: - "key" type: "object" type: "array" name: + description: "The name of the ConfigMap/Secret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "items" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/secretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/secretstores.yaml index 934b8b717..fcf3fc9fe 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/secretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1alpha1/secretstores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: external-secrets.io/component: "controller" name: "secretstores.external-secrets.io" @@ -73,13 +73,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Akeyless. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -92,9 +101,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -110,39 +125,66 @@ spec: description: "The SecretAccessID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessType: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessTypeParam: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -155,13 +197,22 @@ spec: description: "The provider for the CA bundle to use to validate Akeyless Gateway certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -207,26 +258,44 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessKeySecretSecretRef: description: "The AccessKeySecret is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -260,9 +329,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -275,26 +350,44 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretAccessKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -325,26 +418,44 @@ spec: description: "The Azure clientId of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientSecret: description: "The Azure ClientSecret of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -369,9 +480,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -420,13 +537,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -448,9 +574,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -477,13 +609,22 @@ spec: description: "AccessToken is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -511,13 +652,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -542,29 +692,47 @@ spec: description: "has both clientCert and clientKey as secretKeySelector" properties: clientCert: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientKey: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -581,9 +749,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -593,16 +767,25 @@ spec: description: "use static token to authenticate with" properties: bearerToken: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -610,6 +793,9 @@ spec: remoteNamespace: default: "default" description: "Remote namespace to fetch the secrets from" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" server: description: "configures the Kubernetes server Address." @@ -622,13 +808,22 @@ spec: description: "see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider" properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -661,26 +856,44 @@ spec: description: "Fingerprint is the fingerprint of the API private key." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" privatekey: description: "PrivateKey is the user's API Signing Key in PEM format, used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -725,9 +938,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -751,13 +970,22 @@ spec: description: "Username / Password is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -795,13 +1023,22 @@ spec: description: "Reference to a key in a Secret that contains the App Role secret used\nto authenticate with Vault.\nThe `key` field must be specified and denotes which entry within the Secret\nresource is used as the app role secret." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -816,26 +1053,44 @@ spec: description: "ClientCert is a certificate to authenticate using the Cert Vault\nauthentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretRef: description: "SecretRef to a key in a Secret resource containing client private key to\nauthenticate with Vault using the Cert authentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -864,9 +1119,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -885,13 +1146,22 @@ spec: description: "Optional SecretRef that refers to a key in a Secret resource containing JWT token to\nauthenticate with Vault using the JWT/OIDC authentication method." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -911,13 +1181,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Vault. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -930,9 +1209,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -952,13 +1237,22 @@ spec: description: "SecretRef to a key in a Secret resource containing password for the LDAP\nuser used to authenticate with Vault using the LDAP authentication\nmethod" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" username: @@ -972,13 +1266,22 @@ spec: description: "TokenSecretRef authenticates with Vault by presenting a token." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -990,13 +1293,22 @@ spec: description: "The provider for the CA bundle to use to validate Vault server certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -1048,13 +1360,22 @@ spec: description: "The provider for the CA bundle to use to validate webhook server certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -1092,13 +1413,22 @@ spec: description: "Secret ref to fill in credentials" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1129,13 +1459,22 @@ spec: description: "The authorized key used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1143,16 +1482,25 @@ spec: description: "The provider for the CA bundle to use to validate Yandex.Cloud server certificate." properties: certSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml index 7613e694a..810af369f 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clusterexternalsecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: external-secrets.io/component: "controller" name: "clusterexternalsecrets.external-secrets.io" @@ -58,7 +58,10 @@ spec: type: "object" type: "object" externalSecretName: - description: "The name of the external secrets to be created defaults to the name of the ClusterExternalSecret" + description: "The name of the external secrets to be created.\nDefaults to the name of the ClusterExternalSecret" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" externalSecretSpec: description: "The spec for the ExternalSecrets to be created" @@ -107,11 +110,15 @@ spec: - "key" type: "object" secretKey: - description: "SecretKey defines the key in which the controller stores\nthe value. This is the key in the Kind=Secret" + description: "The key in the Kubernetes Secret to store the value." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" sourceRef: - description: "SourceRef allows you to override the source\nfrom which the value will pulled from." + description: "SourceRef allows you to override the source\nfrom which the value will be pulled." maxProperties: 1 + minProperties: 1 properties: generatorRef: description: "GeneratorRef points to a generator custom resource.\n\nDeprecated: The generatorRef is not implemented in .data[].\nthis will be removed with v1." @@ -121,10 +128,27 @@ spec: description: "Specify the apiVersion of the generator resource" type: "string" kind: - description: "Specify the Kind of the resource, e.g. Password, ACRAccessToken etc." + description: "Specify the Kind of the generator resource" + enum: + - "ACRAccessToken" + - "ClusterGenerator" + - "ECRAuthorizationToken" + - "Fake" + - "GCRAccessToken" + - "GithubAccessToken" + - "QuayAccessToken" + - "Password" + - "STSSessionToken" + - "UUID" + - "VaultDynamicSecret" + - "Webhook" + - "Grafana" type: "string" name: description: "Specify the name of the generator resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "kind" @@ -135,12 +159,16 @@ spec: properties: kind: description: "Kind of the SecretStore resource (SecretStore or ClusterSecretStore)\nDefaults to `SecretStore`" + enum: + - "SecretStore" + - "ClusterSecretStore" type: "string" name: description: "Name of the SecretStore resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" - required: - - "name" type: "object" type: "object" required: @@ -256,6 +284,7 @@ spec: sourceRef: description: "SourceRef points to a store or generator\nwhich contains secret values ready to use.\nUse this in combination with Extract or Find pull values out of\na specific SecretStore.\nWhen sourceRef points to a generator Extract or Find is not supported.\nThe generator returns a static map of values" maxProperties: 1 + minProperties: 1 properties: generatorRef: description: "GeneratorRef points to a generator custom resource." @@ -265,10 +294,27 @@ spec: description: "Specify the apiVersion of the generator resource" type: "string" kind: - description: "Specify the Kind of the resource, e.g. Password, ACRAccessToken etc." + description: "Specify the Kind of the generator resource" + enum: + - "ACRAccessToken" + - "ClusterGenerator" + - "ECRAuthorizationToken" + - "Fake" + - "GCRAccessToken" + - "GithubAccessToken" + - "QuayAccessToken" + - "Password" + - "STSSessionToken" + - "UUID" + - "VaultDynamicSecret" + - "Webhook" + - "Grafana" type: "string" name: description: "Specify the name of the generator resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "kind" @@ -279,31 +325,39 @@ spec: properties: kind: description: "Kind of the SecretStore resource (SecretStore or ClusterSecretStore)\nDefaults to `SecretStore`" + enum: + - "SecretStore" + - "ClusterSecretStore" type: "string" name: description: "Name of the SecretStore resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" - required: - - "name" type: "object" type: "object" type: "object" type: "array" refreshInterval: default: "1h" - description: "RefreshInterval is the amount of time before the values are read again from the SecretStore provider\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"\nMay be set to zero to fetch and create it once. Defaults to 1h." + description: "RefreshInterval is the amount of time before the values are read again from the SecretStore provider,\nspecified as Golang Duration strings.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"\nExample values: \"1h\", \"2h30m\", \"5d\", \"10s\"\nMay be set to zero to fetch and create it once. Defaults to 1h." type: "string" secretStoreRef: description: "SecretStoreRef defines which SecretStore to fetch the ExternalSecret data." properties: kind: description: "Kind of the SecretStore resource (SecretStore or ClusterSecretStore)\nDefaults to `SecretStore`" + enum: + - "SecretStore" + - "ClusterSecretStore" type: "string" name: description: "Name of the SecretStore resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" - required: - - "name" type: "object" target: default: @@ -313,7 +367,7 @@ spec: properties: creationPolicy: default: "Owner" - description: "CreationPolicy defines rules on how to create the resulting Secret\nDefaults to 'Owner'" + description: "CreationPolicy defines rules on how to create the resulting Secret.\nDefaults to \"Owner\"" enum: - "Owner" - "Orphan" @@ -322,7 +376,7 @@ spec: type: "string" deletionPolicy: default: "Retain" - description: "DeletionPolicy defines rules on how to delete the resulting Secret\nDefaults to 'Retain'" + description: "DeletionPolicy defines rules on how to delete the resulting Secret.\nDefaults to \"Retain\"" enum: - "Delete" - "Merge" @@ -332,7 +386,10 @@ spec: description: "Immutable defines if the final secret will be immutable" type: "boolean" name: - description: "Name defines the name of the Secret resource to be managed\nThis field is immutable\nDefaults to the .metadata.name of the ExternalSecret resource" + description: "The name of the Secret resource to be managed.\nDefaults to the .metadata.name of the ExternalSecret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" template: description: "Template defines a blueprint for the created Secret resource." @@ -372,9 +429,14 @@ spec: configMap: properties: items: + description: "A list of keys in the ConfigMap/Secret to use as templates for Secret data" items: properties: key: + description: "A key in the ConfigMap/Secret" + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" templateAs: default: "Values" @@ -387,6 +449,10 @@ spec: type: "object" type: "array" name: + description: "The name of the ConfigMap/Secret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "items" @@ -397,9 +463,14 @@ spec: secret: properties: items: + description: "A list of keys in the ConfigMap/Secret to use as templates for Secret data" items: properties: key: + description: "A key in the ConfigMap/Secret" + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" templateAs: default: "Values" @@ -412,6 +483,10 @@ spec: type: "object" type: "array" name: + description: "The name of the ConfigMap/Secret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "items" @@ -503,6 +578,9 @@ spec: namespaces: description: "Choose namespaces by name. This field is ORed with anything that NamespaceSelectors ends up choosing." items: + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "array" refreshTime: diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml index 8ba18111b..6592f6341 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: external-secrets.io/component: "controller" name: "clustersecretstores.external-secrets.io" @@ -94,6 +94,9 @@ spec: namespaces: description: "Choose namespaces by name" items: + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "array" type: "object" @@ -128,13 +131,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Akeyless. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -147,9 +159,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -165,39 +183,66 @@ spec: description: "The SecretAccessID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessType: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessTypeParam: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -211,12 +256,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -262,26 +316,44 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessKeySecretSecretRef: description: "The AccessKeySecret is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -320,9 +392,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -335,39 +413,66 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretAccessKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" sessionTokenSecretRef: description: "The SessionToken used for authentication\nThis must be defined if AccessKeyID and SecretAccessKey are temporary credentials\nsee: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -433,52 +538,88 @@ spec: description: "The Azure ClientCertificate of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientId: description: "The Azure clientId of the service principle or managed identity used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientSecret: description: "The Azure ClientSecret of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" tenantId: description: "The Azure tenantId of the managed identity used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -512,9 +653,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -534,20 +681,58 @@ spec: auth: description: "Auth configures how the operator authenticates with Beyondtrust." properties: + apiKey: + description: "APIKey If not provided then ClientID/ClientSecret become required." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" certificate: - description: "Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate." + description: "Certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate." properties: secretRef: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -561,13 +746,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -575,18 +769,28 @@ spec: type: "string" type: "object" clientId: + description: "ClientID is the API OAuth Client ID." properties: secretRef: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -594,33 +798,42 @@ spec: type: "string" type: "object" clientSecret: + description: "ClientSecret is the API OAuth Client Secret." properties: secretRef: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: description: "Value can be specified directly to set a value without using a secret." type: "string" type: "object" - required: - - "clientId" - - "clientSecret" type: "object" server: description: "Auth configures how API server works." properties: apiUrl: type: "string" + apiVersion: + type: "string" clientTimeOutSeconds: description: "Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds." type: "integer" @@ -655,13 +868,22 @@ spec: description: "AccessToken used for the bitwarden instance." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -680,12 +902,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -723,13 +954,22 @@ spec: description: "SecretKey is the Signing Key in PEM format, used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -759,29 +999,47 @@ spec: account: type: "string" apiKeyRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" userRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -800,13 +1058,22 @@ spec: description: "Optional SecretRef that refers to a key in a Secret resource containing JWT token to\nauthenticate with Conjur using the JWT authentication method." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -819,9 +1086,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -841,12 +1114,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -874,13 +1156,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -894,13 +1185,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -933,13 +1233,22 @@ spec: description: "Username / Password is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -965,13 +1274,22 @@ spec: description: "The DopplerToken is used for authentication.\nSee https://docs.doppler.com/reference/api#authentication for auth token types.\nThe Key attribute defaults to dopplerToken if not specified." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1042,13 +1360,22 @@ spec: description: "SecretRef is a reference to a secret containing the SDKMS API Key." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1068,13 +1395,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1096,9 +1432,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -1116,6 +1458,67 @@ spec: description: "ProjectID project where secret is located" type: "string" type: "object" + github: + description: "Github configures this store to push Github Action secrets using Github API provider" + properties: + appID: + description: "appID specifies the Github APP that will be used to authenticate the client" + format: "int64" + type: "integer" + auth: + description: "auth configures how secret-manager authenticates with a Github instance." + properties: + privateKey: + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + required: + - "privateKey" + type: "object" + environment: + description: "environment will be used to fetch secrets from a particular environment within a github repository" + type: "string" + installationID: + description: "installationID specifies the Github APP installation that will be used to authenticate the client" + format: "int64" + type: "integer" + organization: + description: "organization will be used to fetch secrets from the Github organization" + type: "string" + repository: + description: "repository will be used to fetch secrets from the Github repository within an organization" + type: "string" + uploadURL: + description: "Upload URL for enterprise instances. Default to URL." + type: "string" + url: + default: "https://github.com/" + description: "URL configures the Github instance URL. Defaults to https://github.com/." + type: "string" + required: + - "appID" + - "auth" + - "installationID" + - "organization" + type: "object" gitlab: description: "GitLab configures this store to sync secrets using GitLab Variables provider" properties: @@ -1128,13 +1531,22 @@ spec: description: "AccessToken is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1189,13 +1601,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1215,29 +1636,47 @@ spec: universalAuthCredentials: properties: clientId: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientSecret: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1272,16 +1711,25 @@ spec: description: "KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider" properties: authRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" folderID: @@ -1302,29 +1750,47 @@ spec: description: "has both clientCert and clientKey as secretKeySelector" properties: clientCert: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientKey: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1338,9 +1804,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -1349,16 +1821,25 @@ spec: description: "use static token to authenticate with" properties: bearerToken: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1367,18 +1848,30 @@ spec: description: "A reference to a secret that contains the auth information." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" remoteNamespace: default: "default" description: "Remote namespace to fetch the secrets from" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" server: description: "configures the Kubernetes server Address." @@ -1392,12 +1885,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -1429,26 +1931,44 @@ spec: description: "OnboardbaseAPIKey is the APIKey generated by an admin account.\nIt is used to recognize and authorize access to a project and environment within onboardbase" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" passcodeRef: description: "OnboardbasePasscode is the passcode attached to the API Key" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1482,13 +2002,22 @@ spec: description: "The ConnectToken is used for authentication to a 1Password Connect Server." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1523,26 +2052,44 @@ spec: description: "Fingerprint is the fingerprint of the API private key." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" privatekey: description: "PrivateKey is the user's API Signing Key in PEM format, used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1587,9 +2134,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -1607,29 +2160,47 @@ spec: description: "Auth defines the information necessary to authenticate against Passbolt Server" properties: passwordSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" privateKeySecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1655,13 +2226,22 @@ spec: description: "Username / Password is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1692,13 +2272,22 @@ spec: description: "The AccessToken is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1720,13 +2309,22 @@ spec: description: "SecretRef is a reference to a secret containing the Pulumi API token." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1759,13 +2357,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1788,13 +2395,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1817,13 +2433,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1840,13 +2465,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1867,16 +2501,25 @@ spec: clientId: type: "string" clientSecretSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1918,26 +2561,44 @@ spec: description: "Reference to a key in a Secret that contains the App Role ID used\nto authenticate with Vault.\nThe `key` field must be specified and denotes which entry within the Secret\nresource is used as the app role id." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretRef: description: "Reference to a key in a Secret that contains the App Role secret used\nto authenticate with Vault.\nThe `key` field must be specified and denotes which entry within the Secret\nresource is used as the app role secret." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1951,26 +2612,44 @@ spec: description: "ClientCert is a certificate to authenticate using the Cert Vault\nauthentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretRef: description: "SecretRef to a key in a Secret resource containing client private key to\nauthenticate with Vault using the Cert authentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1993,9 +2672,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -2017,39 +2702,66 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretAccessKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" sessionTokenSecretRef: description: "The SessionToken used for authentication\nThis must be defined if AccessKeyID and SecretAccessKey are temporary credentials\nsee: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2087,9 +2799,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -2108,13 +2826,22 @@ spec: description: "Optional SecretRef that refers to a key in a Secret resource containing JWT token to\nauthenticate with Vault using the JWT/OIDC authentication method." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -2134,13 +2861,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Vault. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -2153,9 +2889,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -2175,17 +2917,26 @@ spec: description: "SecretRef to a key in a Secret resource containing password for the LDAP\nuser used to authenticate with Vault using the LDAP authentication\nmethod" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" username: - description: "Username is a LDAP user name used to authenticate using the LDAP Vault\nauthentication method" + description: "Username is an LDAP username used to authenticate using the LDAP Vault\nauthentication method" type: "string" required: - "path" @@ -2198,37 +2949,55 @@ spec: description: "TokenSecretRef authenticates with Vault by presenting a token." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" userPass: description: "UserPass authenticates with Vault by passing username/password pair" properties: path: - default: "user" - description: "Path where the UserPassword authentication backend is mounted\nin Vault, e.g: \"user\"" + default: "userpass" + description: "Path where the UserPassword authentication backend is mounted\nin Vault, e.g: \"userpass\"" type: "string" secretRef: description: "SecretRef to a key in a Secret resource containing password for the\nuser used to authenticate with Vault using the UserPass authentication\nmethod" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" username: - description: "Username is a user name used to authenticate using the UserPass Vault\nauthentication method" + description: "Username is a username used to authenticate using the UserPass Vault\nauthentication method" type: "string" required: - "path" @@ -2244,12 +3013,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -2288,26 +3066,44 @@ spec: description: "CertSecretRef is a certificate added to the transport layer\nwhen communicating with the Vault server.\nIf no key for the Secret is specified, external-secret will default to 'tls.crt'." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" keySecretRef: description: "KeySecretRef to a key in a Secret resource containing client private key\nadded to the transport layer when communicating with the Vault server.\nIf no key for the Secret is specified, external-secret will default to 'tls.key'." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2336,13 +3132,22 @@ spec: description: "The provider for the CA bundle to use to validate webhook server certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -2380,13 +3185,22 @@ spec: description: "Secret ref to fill in credentials" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -2417,13 +3231,22 @@ spec: description: "The authorized key used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2431,16 +3254,25 @@ spec: description: "The provider for the CA bundle to use to validate Yandex.Cloud server certificate." properties: certSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2460,13 +3292,22 @@ spec: description: "The authorized key used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2474,16 +3315,25 @@ spec: description: "The provider for the CA bundle to use to validate Yandex.Cloud server certificate." properties: certSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/externalsecrets.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/externalsecrets.yaml index 949e0c98b..0406a4550 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/externalsecrets.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/externalsecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: external-secrets.io/component: "controller" name: "externalsecrets.external-secrets.io" @@ -20,6 +20,9 @@ spec: scope: "Namespaced" versions: - additionalPrinterColumns: + - jsonPath: ".spec.secretStoreRef.kind" + name: "StoreType" + type: "string" - jsonPath: ".spec.secretStoreRef.name" name: "Store" type: "string" @@ -92,11 +95,15 @@ spec: - "key" type: "object" secretKey: - description: "SecretKey defines the key in which the controller stores\nthe value. This is the key in the Kind=Secret" + description: "The key in the Kubernetes Secret to store the value." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" sourceRef: - description: "SourceRef allows you to override the source\nfrom which the value will pulled from." + description: "SourceRef allows you to override the source\nfrom which the value will be pulled." maxProperties: 1 + minProperties: 1 properties: generatorRef: description: "GeneratorRef points to a generator custom resource.\n\nDeprecated: The generatorRef is not implemented in .data[].\nthis will be removed with v1." @@ -106,10 +113,27 @@ spec: description: "Specify the apiVersion of the generator resource" type: "string" kind: - description: "Specify the Kind of the resource, e.g. Password, ACRAccessToken etc." + description: "Specify the Kind of the generator resource" + enum: + - "ACRAccessToken" + - "ClusterGenerator" + - "ECRAuthorizationToken" + - "Fake" + - "GCRAccessToken" + - "GithubAccessToken" + - "QuayAccessToken" + - "Password" + - "STSSessionToken" + - "UUID" + - "VaultDynamicSecret" + - "Webhook" + - "Grafana" type: "string" name: description: "Specify the name of the generator resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "kind" @@ -120,12 +144,16 @@ spec: properties: kind: description: "Kind of the SecretStore resource (SecretStore or ClusterSecretStore)\nDefaults to `SecretStore`" + enum: + - "SecretStore" + - "ClusterSecretStore" type: "string" name: description: "Name of the SecretStore resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" - required: - - "name" type: "object" type: "object" required: @@ -241,6 +269,7 @@ spec: sourceRef: description: "SourceRef points to a store or generator\nwhich contains secret values ready to use.\nUse this in combination with Extract or Find pull values out of\na specific SecretStore.\nWhen sourceRef points to a generator Extract or Find is not supported.\nThe generator returns a static map of values" maxProperties: 1 + minProperties: 1 properties: generatorRef: description: "GeneratorRef points to a generator custom resource." @@ -250,10 +279,27 @@ spec: description: "Specify the apiVersion of the generator resource" type: "string" kind: - description: "Specify the Kind of the resource, e.g. Password, ACRAccessToken etc." + description: "Specify the Kind of the generator resource" + enum: + - "ACRAccessToken" + - "ClusterGenerator" + - "ECRAuthorizationToken" + - "Fake" + - "GCRAccessToken" + - "GithubAccessToken" + - "QuayAccessToken" + - "Password" + - "STSSessionToken" + - "UUID" + - "VaultDynamicSecret" + - "Webhook" + - "Grafana" type: "string" name: description: "Specify the name of the generator resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "kind" @@ -264,31 +310,39 @@ spec: properties: kind: description: "Kind of the SecretStore resource (SecretStore or ClusterSecretStore)\nDefaults to `SecretStore`" + enum: + - "SecretStore" + - "ClusterSecretStore" type: "string" name: description: "Name of the SecretStore resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" - required: - - "name" type: "object" type: "object" type: "object" type: "array" refreshInterval: default: "1h" - description: "RefreshInterval is the amount of time before the values are read again from the SecretStore provider\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"\nMay be set to zero to fetch and create it once. Defaults to 1h." + description: "RefreshInterval is the amount of time before the values are read again from the SecretStore provider,\nspecified as Golang Duration strings.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"\nExample values: \"1h\", \"2h30m\", \"5d\", \"10s\"\nMay be set to zero to fetch and create it once. Defaults to 1h." type: "string" secretStoreRef: description: "SecretStoreRef defines which SecretStore to fetch the ExternalSecret data." properties: kind: description: "Kind of the SecretStore resource (SecretStore or ClusterSecretStore)\nDefaults to `SecretStore`" + enum: + - "SecretStore" + - "ClusterSecretStore" type: "string" name: description: "Name of the SecretStore resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" - required: - - "name" type: "object" target: default: @@ -298,7 +352,7 @@ spec: properties: creationPolicy: default: "Owner" - description: "CreationPolicy defines rules on how to create the resulting Secret\nDefaults to 'Owner'" + description: "CreationPolicy defines rules on how to create the resulting Secret.\nDefaults to \"Owner\"" enum: - "Owner" - "Orphan" @@ -307,7 +361,7 @@ spec: type: "string" deletionPolicy: default: "Retain" - description: "DeletionPolicy defines rules on how to delete the resulting Secret\nDefaults to 'Retain'" + description: "DeletionPolicy defines rules on how to delete the resulting Secret.\nDefaults to \"Retain\"" enum: - "Delete" - "Merge" @@ -317,7 +371,10 @@ spec: description: "Immutable defines if the final secret will be immutable" type: "boolean" name: - description: "Name defines the name of the Secret resource to be managed\nThis field is immutable\nDefaults to the .metadata.name of the ExternalSecret resource" + description: "The name of the Secret resource to be managed.\nDefaults to the .metadata.name of the ExternalSecret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" template: description: "Template defines a blueprint for the created Secret resource." @@ -357,9 +414,14 @@ spec: configMap: properties: items: + description: "A list of keys in the ConfigMap/Secret to use as templates for Secret data" items: properties: key: + description: "A key in the ConfigMap/Secret" + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" templateAs: default: "Values" @@ -372,6 +434,10 @@ spec: type: "object" type: "array" name: + description: "The name of the ConfigMap/Secret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "items" @@ -382,9 +448,14 @@ spec: secret: properties: items: + description: "A list of keys in the ConfigMap/Secret to use as templates for Secret data" items: properties: key: + description: "A key in the ConfigMap/Secret" + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" templateAs: default: "Values" @@ -397,6 +468,10 @@ spec: type: "object" type: "array" name: + description: "The name of the ConfigMap/Secret resource" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" required: - "items" diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml index 5dd192ec0..3297d8a25 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: external-secrets.io/component: "controller" name: "secretstores.external-secrets.io" @@ -94,6 +94,9 @@ spec: namespaces: description: "Choose namespaces by name" items: + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "array" type: "object" @@ -128,13 +131,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Akeyless. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -147,9 +159,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -165,39 +183,66 @@ spec: description: "The SecretAccessID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessType: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessTypeParam: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -211,12 +256,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -262,26 +316,44 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" accessKeySecretSecretRef: description: "The AccessKeySecret is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -320,9 +392,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -335,39 +413,66 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretAccessKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" sessionTokenSecretRef: description: "The SessionToken used for authentication\nThis must be defined if AccessKeyID and SecretAccessKey are temporary credentials\nsee: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -433,52 +538,88 @@ spec: description: "The Azure ClientCertificate of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientId: description: "The Azure clientId of the service principle or managed identity used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientSecret: description: "The Azure ClientSecret of the service principle used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" tenantId: description: "The Azure tenantId of the managed identity used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -512,9 +653,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -534,20 +681,58 @@ spec: auth: description: "Auth configures how the operator authenticates with Beyondtrust." properties: + apiKey: + description: "APIKey If not provided then ClientID/ClientSecret become required." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" certificate: - description: "Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate." + description: "Certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate." properties: secretRef: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -561,13 +746,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -575,18 +769,28 @@ spec: type: "string" type: "object" clientId: + description: "ClientID is the API OAuth Client ID." properties: secretRef: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -594,33 +798,42 @@ spec: type: "string" type: "object" clientSecret: + description: "ClientSecret is the API OAuth Client Secret." properties: secretRef: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: description: "Value can be specified directly to set a value without using a secret." type: "string" type: "object" - required: - - "clientId" - - "clientSecret" type: "object" server: description: "Auth configures how API server works." properties: apiUrl: type: "string" + apiVersion: + type: "string" clientTimeOutSeconds: description: "Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds." type: "integer" @@ -655,13 +868,22 @@ spec: description: "AccessToken used for the bitwarden instance." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -680,12 +902,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -723,13 +954,22 @@ spec: description: "SecretKey is the Signing Key in PEM format, used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -759,29 +999,47 @@ spec: account: type: "string" apiKeyRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" userRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -800,13 +1058,22 @@ spec: description: "Optional SecretRef that refers to a key in a Secret resource containing JWT token to\nauthenticate with Conjur using the JWT authentication method." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -819,9 +1086,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -841,12 +1114,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -874,13 +1156,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -894,13 +1185,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -933,13 +1233,22 @@ spec: description: "Username / Password is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -965,13 +1274,22 @@ spec: description: "The DopplerToken is used for authentication.\nSee https://docs.doppler.com/reference/api#authentication for auth token types.\nThe Key attribute defaults to dopplerToken if not specified." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1042,13 +1360,22 @@ spec: description: "SecretRef is a reference to a secret containing the SDKMS API Key." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1068,13 +1395,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1096,9 +1432,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -1116,6 +1458,67 @@ spec: description: "ProjectID project where secret is located" type: "string" type: "object" + github: + description: "Github configures this store to push Github Action secrets using Github API provider" + properties: + appID: + description: "appID specifies the Github APP that will be used to authenticate the client" + format: "int64" + type: "integer" + auth: + description: "auth configures how secret-manager authenticates with a Github instance." + properties: + privateKey: + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." + properties: + key: + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" + type: "string" + name: + description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + namespace: + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + type: "object" + required: + - "privateKey" + type: "object" + environment: + description: "environment will be used to fetch secrets from a particular environment within a github repository" + type: "string" + installationID: + description: "installationID specifies the Github APP installation that will be used to authenticate the client" + format: "int64" + type: "integer" + organization: + description: "organization will be used to fetch secrets from the Github organization" + type: "string" + repository: + description: "repository will be used to fetch secrets from the Github repository within an organization" + type: "string" + uploadURL: + description: "Upload URL for enterprise instances. Default to URL." + type: "string" + url: + default: "https://github.com/" + description: "URL configures the Github instance URL. Defaults to https://github.com/." + type: "string" + required: + - "appID" + - "auth" + - "installationID" + - "organization" + type: "object" gitlab: description: "GitLab configures this store to sync secrets using GitLab Variables provider" properties: @@ -1128,13 +1531,22 @@ spec: description: "AccessToken is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1189,13 +1601,22 @@ spec: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1215,29 +1636,47 @@ spec: universalAuthCredentials: properties: clientId: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientSecret: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1272,16 +1711,25 @@ spec: description: "KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider" properties: authRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" folderID: @@ -1302,29 +1750,47 @@ spec: description: "has both clientCert and clientKey as secretKeySelector" properties: clientCert: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" clientKey: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1338,9 +1804,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -1349,16 +1821,25 @@ spec: description: "use static token to authenticate with" properties: bearerToken: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1367,18 +1848,30 @@ spec: description: "A reference to a secret that contains the auth information." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" remoteNamespace: default: "default" description: "Remote namespace to fetch the secrets from" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" server: description: "configures the Kubernetes server Address." @@ -1392,12 +1885,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -1429,26 +1931,44 @@ spec: description: "OnboardbaseAPIKey is the APIKey generated by an admin account.\nIt is used to recognize and authorize access to a project and environment within onboardbase" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" passcodeRef: description: "OnboardbasePasscode is the passcode attached to the API Key" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1482,13 +2002,22 @@ spec: description: "The ConnectToken is used for authentication to a 1Password Connect Server." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1523,26 +2052,44 @@ spec: description: "Fingerprint is the fingerprint of the API private key." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" privatekey: description: "PrivateKey is the user's API Signing Key in PEM format, used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1587,9 +2134,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -1607,29 +2160,47 @@ spec: description: "Auth defines the information necessary to authenticate against Passbolt Server" properties: passwordSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" privateKeySecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1655,13 +2226,22 @@ spec: description: "Username / Password is used for authentication." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1692,13 +2272,22 @@ spec: description: "The AccessToken is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1720,13 +2309,22 @@ spec: description: "SecretRef is a reference to a secret containing the Pulumi API token." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1759,13 +2357,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1788,13 +2395,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1817,13 +2433,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1840,13 +2465,22 @@ spec: description: "SecretRef references a key in a secret that will be used as value." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" value: @@ -1867,16 +2501,25 @@ spec: clientId: type: "string" clientSecretSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1918,26 +2561,44 @@ spec: description: "Reference to a key in a Secret that contains the App Role ID used\nto authenticate with Vault.\nThe `key` field must be specified and denotes which entry within the Secret\nresource is used as the app role id." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretRef: description: "Reference to a key in a Secret that contains the App Role secret used\nto authenticate with Vault.\nThe `key` field must be specified and denotes which entry within the Secret\nresource is used as the app role secret." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -1951,26 +2612,44 @@ spec: description: "ClientCert is a certificate to authenticate using the Cert Vault\nauthentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretRef: description: "SecretRef to a key in a Secret resource containing client private key to\nauthenticate with Vault using the Cert authentication method" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -1993,9 +2672,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -2017,39 +2702,66 @@ spec: description: "The AccessKeyID is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" secretAccessKeySecretRef: description: "The SecretAccessKey is used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" sessionTokenSecretRef: description: "The SessionToken used for authentication\nThis must be defined if AccessKeyID and SecretAccessKey are temporary credentials\nsee: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2087,9 +2799,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -2108,13 +2826,22 @@ spec: description: "Optional SecretRef that refers to a key in a Secret resource containing JWT token to\nauthenticate with Vault using the JWT/OIDC authentication method." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -2134,13 +2861,22 @@ spec: description: "Optional secret field containing a Kubernetes ServiceAccount JWT used\nfor authenticating with Vault. If a name is specified without a key,\n`token` is the default. If one is not specified, the one bound to\nthe controller will be used." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" serviceAccountRef: @@ -2153,9 +2889,15 @@ spec: type: "array" name: description: "The name of the ServiceAccount resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" required: - "name" @@ -2175,17 +2917,26 @@ spec: description: "SecretRef to a key in a Secret resource containing password for the LDAP\nuser used to authenticate with Vault using the LDAP authentication\nmethod" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" username: - description: "Username is a LDAP user name used to authenticate using the LDAP Vault\nauthentication method" + description: "Username is an LDAP username used to authenticate using the LDAP Vault\nauthentication method" type: "string" required: - "path" @@ -2198,37 +2949,55 @@ spec: description: "TokenSecretRef authenticates with Vault by presenting a token." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" userPass: description: "UserPass authenticates with Vault by passing username/password pair" properties: path: - default: "user" - description: "Path where the UserPassword authentication backend is mounted\nin Vault, e.g: \"user\"" + default: "userpass" + description: "Path where the UserPassword authentication backend is mounted\nin Vault, e.g: \"userpass\"" type: "string" secretRef: description: "SecretRef to a key in a Secret resource containing password for the\nuser used to authenticate with Vault using the UserPass authentication\nmethod" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" username: - description: "Username is a user name used to authenticate using the UserPass Vault\nauthentication method" + description: "Username is a username used to authenticate using the UserPass Vault\nauthentication method" type: "string" required: - "path" @@ -2244,12 +3013,21 @@ spec: properties: key: description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in.\nCan only be defined when used in a ClusterSecretStore." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -2288,26 +3066,44 @@ spec: description: "CertSecretRef is a certificate added to the transport layer\nwhen communicating with the Vault server.\nIf no key for the Secret is specified, external-secret will default to 'tls.crt'." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" keySecretRef: description: "KeySecretRef to a key in a Secret resource containing client private key\nadded to the transport layer when communicating with the Vault server.\nIf no key for the Secret is specified, external-secret will default to 'tls.key'." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2336,13 +3132,22 @@ spec: description: "The provider for the CA bundle to use to validate webhook server certificate." properties: key: - description: "The key the value inside of the provider type to use, only used with \"Secret\" type" + description: "The key where the CA certificate can be found in the Secret or ConfigMap." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the object located at the provider type." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: description: "The namespace the Provider type is in." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: description: "The type of provider to use such as \"Secret\", or \"ConfigMap\"." @@ -2380,13 +3185,22 @@ spec: description: "Secret ref to fill in credentials" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" required: @@ -2417,13 +3231,22 @@ spec: description: "The authorized key used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2431,16 +3254,25 @@ spec: description: "The provider for the CA bundle to use to validate Yandex.Cloud server certificate." properties: certSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2460,13 +3292,22 @@ spec: description: "The authorized key used for authentication" properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" @@ -2474,16 +3315,25 @@ spec: description: "The provider for the CA bundle to use to validate Yandex.Cloud server certificate." properties: certSecretRef: - description: "A reference to a specific 'key' within a Secret resource,\nIn some instances, `key` is a required field." + description: "A reference to a specific 'key' within a Secret resource.\nIn some instances, `key` is a required field." properties: key: - description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + description: "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required." + maxLength: 253 + minLength: 1 + pattern: "^[-._a-zA-Z0-9]+$" type: "string" name: description: "The name of the Secret resource being referred to." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" namespace: - description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + description: "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent." + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" type: "object" type: "object" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml index a6080f4eb..8ab89a1e6 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfilters.yaml @@ -691,6 +691,10 @@ spec: matchRegex: description: "A regular expression to match against the tags of incoming records.\nUse this option if you want to use the full regex syntax." type: "string" + ordinal: + description: "An ordinal to influence filter ordering" + format: "int32" + type: "integer" type: "object" type: "object" served: true diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml index 54af2287f..2734d2495 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterfluentbitconfigs.yaml @@ -220,8 +220,7 @@ spec: type: "string" flushSeconds: description: "Interval to flush output" - format: "int64" - type: "integer" + type: "number" graceSeconds: description: "Wait time on exit" format: "int64" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml index 8b19a6dfe..b93b144c3 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusterinputs.yaml @@ -610,6 +610,9 @@ spec: multilineParser: description: "This will help to reassembly multiline messages originally split by Docker or CRI\nSpecify one or Multiline Parser definition to apply to the content." type: "string" + offsetKey: + description: "If enabled, Fluent Bit appends the offset of the current monitored file as part of the record.\nThe value assigned becomes the key in the map" + type: "string" parser: description: "Specify the name of a parser to interpret the entry as a structured message." type: "string" @@ -662,6 +665,9 @@ spec: tagRegex: description: "Set a regex to exctract fields from the file" type: "string" + threaded: + description: "Threaded mechanism allows input plugin to run in a separate thread which helps to desaturate the main pipeline." + type: "string" type: "object" tcp: description: "TCP defines the TCP input plugin configuration" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml index 717af7378..fe07e16b2 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/clusteroutputs.yaml @@ -1610,6 +1610,13 @@ spec: topics: description: "Single entry or list of topics separated by comma (,) that Fluent Bit will use to send messages to Kafka.\nIf only one topic is set, that one will be used for all records.\nInstead if multiple topics exists, the one set in the record by Topic_Key will be used." type: "string" + totalLimitSize: + description: "Limit the maximum number of Chunks in the filesystem for the current output logical destination." + type: "string" + workers: + description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." + format: "int32" + type: "integer" type: "object" kinesis: description: "Kinesis defines Kinesis Output configuration." @@ -1913,9 +1920,16 @@ spec: description: "Hostname to be used for TLS SNI extension" type: "string" type: "object" + totalLimitSize: + description: "Limit the maximum number of Chunks in the filesystem for the current output logical destination." + type: "string" uri: description: "Specify a custom HTTP URI. It must start with forward slash." type: "string" + workers: + description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." + format: "int32" + type: "integer" required: - "host" type: "object" @@ -1931,10 +1945,6 @@ spec: opensearch: description: "OpenSearch defines OpenSearch Output configuration." properties: - Workers: - description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." - format: "int32" - type: "integer" awsAuth: description: "Enable AWS Sigv4 Authentication for Amazon OpenSearch Service." type: "string" @@ -2184,6 +2194,10 @@ spec: type: description: "Type name" type: "string" + workers: + description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." + format: "int32" + type: "integer" writeOperation: description: "Operation to use to write in bulk requests." type: "string" @@ -2257,6 +2271,9 @@ spec: logResponsePayload: description: "Log the response payload within the Fluent Bit log." type: "boolean" + logsBodyKey: + description: "The log body key to look up in the log events body/message. Sets the Body field of the opentelemtry logs data model." + type: "string" logsBodyKeyAttributes: description: "If true, remaining unmatched keys are added as attributes." type: "boolean" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml index 016266fe9..d2155a6f3 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/filters.yaml @@ -691,6 +691,10 @@ spec: matchRegex: description: "A regular expression to match against the tags of incoming records.\nUse this option if you want to use the full regex syntax." type: "string" + ordinal: + description: "An ordinal to influence filter ordering" + format: "int32" + type: "integer" type: "object" type: "object" served: true diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml index b6f21696d..58aa9a3e2 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbitconfigs.yaml @@ -244,8 +244,7 @@ spec: type: "string" flushSeconds: description: "Interval to flush output" - format: "int64" - type: "integer" + type: "number" graceSeconds: description: "Wait time on exit" format: "int64" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml index 70f53c832..df81e7c3f 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/fluentbits.yaml @@ -802,6 +802,24 @@ spec: fluentBitConfigName: description: "Fluentbitconfig object associated with this Fluentbit" type: "string" + hostAliases: + description: "HostAliases is an optional list of IPs and hostnames that will be injected into the pod's hosts file if specified." + items: + description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." + properties: + hostnames: + description: "Hostnames for the above IP address." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + ip: + description: "IP address of the host file entry." + type: "string" + required: + - "ip" + type: "object" + type: "array" hostNetwork: description: "Host networking is requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false." type: "boolean" diff --git a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml index 77b608de2..afc9912bf 100644 --- a/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentbit.fluent.io/v1alpha2/outputs.yaml @@ -1610,6 +1610,13 @@ spec: topics: description: "Single entry or list of topics separated by comma (,) that Fluent Bit will use to send messages to Kafka.\nIf only one topic is set, that one will be used for all records.\nInstead if multiple topics exists, the one set in the record by Topic_Key will be used." type: "string" + totalLimitSize: + description: "Limit the maximum number of Chunks in the filesystem for the current output logical destination." + type: "string" + workers: + description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." + format: "int32" + type: "integer" type: "object" kinesis: description: "Kinesis defines Kinesis Output configuration." @@ -1913,9 +1920,16 @@ spec: description: "Hostname to be used for TLS SNI extension" type: "string" type: "object" + totalLimitSize: + description: "Limit the maximum number of Chunks in the filesystem for the current output logical destination." + type: "string" uri: description: "Specify a custom HTTP URI. It must start with forward slash." type: "string" + workers: + description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." + format: "int32" + type: "integer" required: - "host" type: "object" @@ -1931,10 +1945,6 @@ spec: opensearch: description: "OpenSearch defines OpenSearch Output configuration." properties: - Workers: - description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." - format: "int32" - type: "integer" awsAuth: description: "Enable AWS Sigv4 Authentication for Amazon OpenSearch Service." type: "string" @@ -2184,6 +2194,10 @@ spec: type: description: "Type name" type: "string" + workers: + description: "Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0." + format: "int32" + type: "integer" writeOperation: description: "Operation to use to write in bulk requests." type: "string" @@ -2257,6 +2271,9 @@ spec: logResponsePayload: description: "Log the response payload within the Fluent Bit log." type: "boolean" + logsBodyKey: + description: "The log body key to look up in the log events body/message. Sets the Body field of the opentelemtry logs data model." + type: "string" logsBodyKeyAttributes: description: "If true, remaining unmatched keys are added as attributes." type: "boolean" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml index 9da49847a..a9b287994 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/clusteroutputs.yaml @@ -615,6 +615,10 @@ spec: reconnectOnError: description: "Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false)" type: "boolean" + reloadAfter: + description: "Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000." + format: "int32" + type: "integer" reloadConnections: description: "Optional, Automatically reload connection after 10000 documents (default: true)" type: "boolean" @@ -628,6 +632,9 @@ spec: scheme: description: "Specify https if your Elasticsearch endpoint supports SSL (default: http)." type: "string" + snifferClassName: + description: "Optional, Provide a different sniffer class name" + type: "string" sslVerify: description: "Optional, Force certificate validation" type: "boolean" @@ -833,6 +840,10 @@ spec: reconnectOnError: description: "Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false)" type: "boolean" + reloadAfter: + description: "Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000." + format: "int32" + type: "integer" reloadConnections: description: "Optional, Automatically reload connection after 10000 documents (default: true)" type: "boolean" @@ -846,6 +857,9 @@ spec: scheme: description: "Specify https if your Elasticsearch endpoint supports SSL (default: http)." type: "string" + snifferClassName: + description: "Optional, Provide a different sniffer class name" + type: "string" sslVerify: description: "Optional, Force certificate validation" type: "boolean" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml index 75310bc68..4a364e977 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/fluentds.yaml @@ -1059,6 +1059,40 @@ spec: disableService: description: "By default will build the related service according to the globalinputs definition." type: "boolean" + envFrom: + description: "EnvFrom represent environment variables that can be passed to fluentd pods directly from secret or configmap" + items: + description: "EnvFromSource represents the source of a set of ConfigMaps" + properties: + configMapRef: + description: "The ConfigMap to select from" + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap must be defined" + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" + prefix: + description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." + type: "string" + secretRef: + description: "The Secret to select from" + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret must be defined" + type: "boolean" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "array" envVars: description: "EnvVars represent environment variables that can be passed to fluentd pods." items: @@ -1875,6 +1909,24 @@ spec: type: "object" type: "object" type: "array" + hostAliases: + description: "HostAliases is an optional list of IPs and hostnames that will be injected into the pod's hosts file if specified." + items: + description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." + properties: + hostnames: + description: "Hostnames for the above IP address." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + ip: + description: "IP address of the host file entry." + type: "string" + required: + - "ip" + type: "object" + type: "array" image: description: "Fluentd image." type: "string" diff --git a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml index 31546433e..bed7e4a64 100644 --- a/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml +++ b/crd-catalog/fluent/fluent-operator/fluentd.fluent.io/v1alpha1/outputs.yaml @@ -615,6 +615,10 @@ spec: reconnectOnError: description: "Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false)" type: "boolean" + reloadAfter: + description: "Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000." + format: "int32" + type: "integer" reloadConnections: description: "Optional, Automatically reload connection after 10000 documents (default: true)" type: "boolean" @@ -628,6 +632,9 @@ spec: scheme: description: "Specify https if your Elasticsearch endpoint supports SSL (default: http)." type: "string" + snifferClassName: + description: "Optional, Provide a different sniffer class name" + type: "string" sslVerify: description: "Optional, Force certificate validation" type: "boolean" @@ -833,6 +840,10 @@ spec: reconnectOnError: description: "Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false)" type: "boolean" + reloadAfter: + description: "Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000." + format: "int32" + type: "integer" reloadConnections: description: "Optional, Automatically reload connection after 10000 documents (default: true)" type: "boolean" @@ -846,6 +857,9 @@ spec: scheme: description: "Specify https if your Elasticsearch endpoint supports SSL (default: http)." type: "string" + snifferClassName: + description: "Optional, Provide a different sniffer class name" + type: "string" sslVerify: description: "Optional, Force certificate validation" type: "boolean" diff --git a/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml b/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml index ed1cca7d2..54f0d5cb3 100644 --- a/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml +++ b/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/canaries.yaml @@ -285,6 +285,9 @@ spec: description: "Webhook list for this canary" items: properties: + disableTLS: + description: "Disable TLS verification for this webhook" + type: "boolean" metadata: additionalProperties: type: "string" @@ -345,9 +348,11 @@ spec: primaryScalerReplicas: properties: maxReplicas: - type: "number" + minimum: 1.0 + type: "integer" minReplicas: - type: "number" + minimum: 1.0 + type: "integer" type: "object" required: - "apiVersion" @@ -572,6 +577,9 @@ spec: type: "object" type: "object" type: "object" + headless: + description: "Headless if set to true, generates headless Kubernetes services." + type: "boolean" hosts: description: "The list of host names for this service" items: diff --git a/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/metrictemplates.yaml b/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/metrictemplates.yaml index 88592dd5a..614de9e84 100644 --- a/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/metrictemplates.yaml +++ b/crd-catalog/fluxcd/flagger/flagger.app/v1beta1/metrictemplates.yaml @@ -68,6 +68,7 @@ spec: - "graphite" - "dynatrace" - "keptn" + - "splunk" type: "string" required: - "type" diff --git a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2/helmreleases.yaml b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2/helmreleases.yaml index c71f9b88c..fd6c89b7c 100644 --- a/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2/helmreleases.yaml +++ b/crd-catalog/fluxcd/helm-controller/helm.toolkit.fluxcd.io/v2/helmreleases.yaml @@ -258,6 +258,9 @@ spec: disableSchemaValidation: description: "DisableSchemaValidation prevents the Helm install action from validating\nthe values against the JSON Schema." type: "boolean" + disableTakeOwnership: + description: "DisableTakeOwnership disables taking ownership of existing resources\nduring the Helm install action. Defaults to false." + type: "boolean" disableWait: description: "DisableWait disables the waiting for resources to be ready after a Helm\ninstall has been performed." type: "boolean" @@ -516,6 +519,9 @@ spec: disableSchemaValidation: description: "DisableSchemaValidation prevents the Helm upgrade action from validating\nthe values against the JSON Schema." type: "boolean" + disableTakeOwnership: + description: "DisableTakeOwnership disables taking ownership of existing resources\nduring the Helm upgrade action. Defaults to false." + type: "boolean" disableWait: description: "DisableWait disables the waiting for resources to be ready after a Helm\nupgrade has been performed." type: "boolean" diff --git a/crd-catalog/fluxcd/kustomize-controller/kustomize.toolkit.fluxcd.io/v1/kustomizations.yaml b/crd-catalog/fluxcd/kustomize-controller/kustomize.toolkit.fluxcd.io/v1/kustomizations.yaml index e4243069f..ecde17334 100644 --- a/crd-catalog/fluxcd/kustomize-controller/kustomize.toolkit.fluxcd.io/v1/kustomizations.yaml +++ b/crd-catalog/fluxcd/kustomize-controller/kustomize.toolkit.fluxcd.io/v1/kustomizations.yaml @@ -80,6 +80,13 @@ spec: required: - "provider" type: "object" + deletionPolicy: + description: "DeletionPolicy can be used to control garbage collection when this\nKustomization is deleted. Valid values are ('MirrorPrune', 'Delete',\n'Orphan'). 'MirrorPrune' mirrors the Prune field (orphan if false,\ndelete if true). Defaults to 'MirrorPrune'." + enum: + - "MirrorPrune" + - "Delete" + - "Orphan" + type: "string" dependsOn: description: "DependsOn may contain a meta.NamespacedObjectReference slice\nwith references to Kustomization resources that must be ready before this\nKustomization can be reconciled." items: @@ -99,6 +106,32 @@ spec: default: false description: "Force instructs the controller to recreate resources\nwhen patching fails due to an immutable field change." type: "boolean" + healthCheckExprs: + description: "HealthCheckExprs is a list of healthcheck expressions for evaluating the\nhealth of custom resources using Common Expression Language (CEL).\nThe expressions are evaluated only when Wait or HealthChecks are specified." + items: + description: "CustomHealthCheck defines the health check for custom resources." + properties: + apiVersion: + description: "APIVersion of the custom resource under evaluation." + type: "string" + current: + description: "Current is the CEL expression that determines if the status\nof the custom resource has reached the desired state." + type: "string" + failed: + description: "Failed is the CEL expression that determines if the status\nof the custom resource has failed to reach the desired state." + type: "string" + inProgress: + description: "InProgress is the CEL expression that determines if the status\nof the custom resource has not yet reached the desired state." + type: "string" + kind: + description: "Kind of the custom resource under evaluation." + type: "string" + required: + - "apiVersion" + - "current" + - "kind" + type: "object" + type: "array" healthChecks: description: "A list of resources to be included in the health assessment." items: @@ -371,6 +404,9 @@ spec: required: - "entries" type: "object" + lastAppliedOriginRevision: + description: "The last successfully applied origin revision.\nEquals the origin revision of the applied Artifact from the referenced Source.\nUsually present on the Metadata of the applied Artifact and depends on the\nSource type, e.g. for OCI it's the value associated with the key\n\"org.opencontainers.image.revision\"." + type: "string" lastAppliedRevision: description: "The last successfully applied revision.\nEquals the Revision of the applied Artifact from the referenced Source." type: "string" diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1/receivers.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1/receivers.yaml index 1b493edbf..2402e0cec 100644 --- a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1/receivers.yaml +++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1/receivers.yaml @@ -49,6 +49,9 @@ spec: description: "Interval at which to reconcile the Receiver with its Secret references." pattern: "^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" type: "string" + resourceFilter: + description: "ResourceFilter is a CEL expression expected to return a boolean that is\nevaluated for each resource referenced in the Resources field when a\nwebhook is received. If the expression returns false then the controller\nwill not request a reconciliation for the resource.\nWhen the expression is specified the controller will parse it and mark\nthe object as terminally failed if the expression is invalid or does not\nreturn a boolean." + type: "string" resources: description: "A list of resources to be notified about changes." items: diff --git a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml index d9533790f..d69cb06dc 100644 --- a/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml +++ b/crd-catalog/fluxcd/notification-controller/notification.toolkit.fluxcd.io/v1beta3/alerts.yaml @@ -107,7 +107,7 @@ spec: - "name" type: "object" summary: - description: "Summary holds a short description of the impact and affected cluster." + description: "Summary holds a short description of the impact and affected cluster.\nDeprecated: Use EventMetadata instead." maxLength: 255 type: "string" suspend: diff --git a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1/gitrepositories.yaml b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1/gitrepositories.yaml index 6a85584c8..6401660ae 100644 --- a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1/gitrepositories.yaml +++ b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1/gitrepositories.yaml @@ -76,10 +76,11 @@ spec: pattern: "^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" type: "string" provider: - description: "Provider used for authentication, can be 'azure', 'generic'.\nWhen not specified, defaults to 'generic'." + description: "Provider used for authentication, can be 'azure', 'github', 'generic'.\nWhen not specified, defaults to 'generic'." enum: - "generic" - "azure" + - "github" type: "string" proxySecretRef: description: "ProxySecretRef specifies the Secret containing the proxy configuration\nto use while communicating with the Git server." diff --git a/crd-catalog/gitlab-org/cloud-native/gitlab-operator/apps.gitlab.com/v1beta1/gitlabs.yaml b/crd-catalog/gitlab-org/cloud-native/gitlab-operator/apps.gitlab.com/v1beta1/gitlabs.yaml index 80d657b4c..4703d1f5e 100644 --- a/crd-catalog/gitlab-org/cloud-native/gitlab-operator/apps.gitlab.com/v1beta1/gitlabs.yaml +++ b/crd-catalog/gitlab-org/cloud-native/gitlab-operator/apps.gitlab.com/v1beta1/gitlabs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "gitlabs.apps.gitlab.com" spec: group: "apps.gitlab.com" @@ -28,10 +28,10 @@ spec: description: "GitLab is a complete DevOps platform, delivered in a single application." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -52,27 +52,27 @@ spec: type: "object" type: "object" status: - description: "Most recently observed status of the GitLab instance. It is read-only to the user." + description: "Most recently observed status of the GitLab instance.\nIt is read-only to the user." properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -85,7 +85,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -109,9 +109,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/gitlab-org/gl-openshift/gitlab-runner-operator/apps.gitlab.com/v1beta2/runners.yaml b/crd-catalog/gitlab-org/gl-openshift/gitlab-runner-operator/apps.gitlab.com/v1beta2/runners.yaml index b096e11f6..ce1750a0f 100644 --- a/crd-catalog/gitlab-org/gl-openshift/gitlab-runner-operator/apps.gitlab.com/v1beta2/runners.yaml +++ b/crd-catalog/gitlab-org/gl-openshift/gitlab-runner-operator/apps.gitlab.com/v1beta2/runners.yaml @@ -67,6 +67,9 @@ spec: config: description: "allow user to provide configmap name\ncontaining the user provided config.toml" type: "string" + connectionMaxAge: + description: "The maximum duration a TLS keepalive connection to the GitLab server should remain open before reconnecting. The default value is `15m` for 15 minutes. If set to `0` or lower, the connection persists as long as possible." + type: "string" env: description: "Accepts configmap name. Provides user mechanism to inject environment\nvariables in the GitLab Runner pod via the key value pairs in the ConfigMap" type: "string" @@ -96,9 +99,21 @@ spec: description: "Option to define the number of seconds between checks for new jobs.\nThis is set to a default of 30s by operator if not set" format: "int32" type: "integer" + listenAddr: + description: "Option to set the metrics listen address for the runner." + type: "string" locked: description: "Specify whether the runner should be locked to a specific project. Defaults to false." type: "boolean" + logFormat: + description: "Specifies the log format. Options are `runner`, `text`, and `json`. The default value is `runner`, which contains ANSI escape codes for coloring." + type: "string" + logLevel: + description: "Option to set the log level for the runner.\nValid values are \"debug\", \"info\", \"warn\", \"error\", \"fatal\", \"panic\"" + type: "string" + namespace: + description: "If specified, overrides the namespace where job pods are created" + type: "string" podSpec: items: description: "KubernetesPodSpec represents the structure expected when adding a custom PodSpec to configure\nthe Pod running the GitLab Runner Manager" @@ -147,9 +162,16 @@ spec: server: type: "string" type: "object" + sentryDsn: + description: "Enables tracking of all system level errors to Sentry.\nIf not specified, error tracking with Sentry will be disabled." + type: "string" serviceaccount: description: "allow user to override service account\nused by GitLab Runner" type: "string" + shutdownTimeout: + description: "Number of seconds until the forceful shutdown operation times out and exits the process. The default value is `30`. If set to `0` or lower, the default value is used." + format: "int32" + type: "integer" tags: description: "List of comma separated tags to be applied to the runner\nMore info: https://docs.gitlab.com/ee/ci/runners/#use-tags-to-limit-the-number-of-jobs-using-the-runner" type: "string" diff --git a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml index 5909b5c3e..91fe80fa9 100644 --- a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml +++ b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadashboards.yaml @@ -43,10 +43,11 @@ spec: description: "GrafanaDashboardSpec defines the desired state of GrafanaDashboard" properties: allowCrossNamespaceImport: - description: "allow to import this resources from an operator in a different namespace" + default: false + description: "Allow the Operator to match this resource with Grafanas outside the current namespace" type: "boolean" configMapRef: - description: "dashboard from configmap" + description: "model from configmap" properties: key: description: "The key to select." @@ -63,11 +64,12 @@ spec: type: "object" x-kubernetes-map-type: "atomic" contentCacheDuration: - description: "Cache duration for dashboards fetched from URLs" + description: "Cache duration for models fetched from URLs" type: "string" datasources: description: "maps required data sources to existing ones" items: + description: "GrafanaResourceDatasource is used to set the datasource name of any templated datasources in\ncontent definitions (e.g., dashboard JSON)." properties: datasourceName: type: "string" @@ -189,11 +191,11 @@ spec: - "id" type: "object" gzipJson: - description: "GzipJson the dashboard's JSON compressed with Gzip. Base64-encoded when in YAML." + description: "GzipJson the model's JSON compressed with Gzip. Base64-encoded when in YAML." format: "byte" type: "string" instanceSelector: - description: "selects Grafanas for import" + description: "Selects Grafana instances for import" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -226,10 +228,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" x-kubernetes-validations: - - message: "Value is immutable" + - message: "spec.instanceSelector is immutable" rule: "self == oldSelf" json: - description: "dashboard json" + description: "model json" type: "string" jsonnet: description: "Jsonnet" @@ -264,22 +266,24 @@ spec: type: "object" type: "array" resyncPeriod: - default: "5m" - description: "how often the dashboard is refreshed, defaults to 5m if not set" + default: "10m0s" + description: "How often the resource is synced, defaults to 10m0s if not set" format: "duration" pattern: "^([0-9]+(\\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$" type: "string" uid: - description: "Manually specify the uid for the dashboard, overwrites uids already present in the json model" + description: "Manually specify the uid, overwrites uids already present in the json model.\nCan be any string consisting of alphanumeric characters, - and _ with a maximum length of 40." + maxLength: 40 + pattern: "^[a-zA-Z0-9-_]+$" type: "string" x-kubernetes-validations: - message: "spec.uid is immutable" rule: "self == oldSelf" url: - description: "dashboard url" + description: "model url" type: "string" urlAuthorization: - description: "authorization options for dashboard from url" + description: "authorization options for model from url" properties: basicAuth: properties: @@ -329,6 +333,8 @@ spec: rule: "(has(self.folder) && !(has(self.folderRef) || has(self.folderUID))) || !(has(self.folder))" - message: "spec.uid is immutable" rule: "((!has(oldSelf.uid) && !has(self.uid)) || (has(oldSelf.uid) && has(self.uid)))" + - message: "disabling spec.allowCrossNamespaceImport requires a recreate to ensure desired state" + rule: "!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport && self.allowCrossNamespaceImport)" status: description: "GrafanaDashboardStatus defines the observed state of GrafanaDashboard" properties: @@ -336,6 +342,7 @@ spec: description: "The dashboard instanceSelector can't find matching grafana instances" type: "boolean" conditions: + description: "Results when synchonizing resource with Grafana instances" items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: @@ -389,7 +396,7 @@ spec: hash: type: "string" lastResync: - description: "Last time the dashboard was resynced" + description: "Last time the resource was synchronized with Grafana instances" format: "date-time" type: "string" uid: diff --git a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadatasources.yaml b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadatasources.yaml index 991c8f8d9..fbdcedf36 100644 --- a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadatasources.yaml +++ b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanadatasources.yaml @@ -43,7 +43,8 @@ spec: description: "GrafanaDatasourceSpec defines the desired state of GrafanaDatasource" properties: allowCrossNamespaceImport: - description: "allow to import this resources from an operator in a different namespace" + default: false + description: "Allow the Operator to match this resource with Grafanas outside the current namespace" type: "boolean" datasource: properties: @@ -56,7 +57,7 @@ spec: database: type: "string" editable: - description: "Deprecated field, it has no effect" + description: "Whether to enable/disable editing of the datasource in Grafana UI" type: "boolean" isDefault: type: "boolean" @@ -75,6 +76,7 @@ spec: type: type: "string" uid: + description: "Deprecated field, use spec.uid instead" type: "string" url: type: "string" @@ -82,7 +84,7 @@ spec: type: "string" type: "object" instanceSelector: - description: "selects Grafana instances for import" + description: "Selects Grafana instances for import" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -115,7 +117,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" x-kubernetes-validations: - - message: "Value is immutable" + - message: "spec.instanceSelector is immutable" rule: "self == oldSelf" plugins: description: "plugins" @@ -131,11 +133,19 @@ spec: type: "object" type: "array" resyncPeriod: - default: "5m" - description: "how often the datasource is refreshed, defaults to 5m if not set" + default: "10m0s" + description: "How often the resource is synced, defaults to 10m0s if not set" format: "duration" pattern: "^([0-9]+(\\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$" type: "string" + uid: + description: "The UID, for the datasource, fallback to the deprecated spec.datasource.uid\nand metadata.uid. Can be any string consisting of alphanumeric characters,\n- and _ with a maximum length of 40 +optional" + maxLength: 40 + pattern: "^[a-zA-Z0-9-_]+$" + type: "string" + x-kubernetes-validations: + - message: "spec.uid is immutable" + rule: "self == oldSelf" valuesFrom: description: "environments variables from secrets or config maps" items: @@ -192,18 +202,68 @@ spec: - "datasource" - "instanceSelector" type: "object" + x-kubernetes-validations: + - message: "spec.uid is immutable" + rule: "((!has(oldSelf.uid) && !has(self.uid)) || (has(oldSelf.uid) && has(self.uid)))" + - message: "disabling spec.allowCrossNamespaceImport requires a recreate to ensure desired state" + rule: "!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport && self.allowCrossNamespaceImport)" status: description: "GrafanaDatasourceStatus defines the observed state of GrafanaDatasource" properties: NoMatchingInstances: description: "The datasource instanceSelector can't find matching grafana instances" type: "boolean" + conditions: + description: "Results when synchonizing resource with Grafana instances" + items: + description: "Condition contains details for one aspect of the current state of this API Resource." + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase." + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" hash: type: "string" lastMessage: + description: "Deprecated: Check status.conditions or operator logs" type: "string" lastResync: - description: "Last time the datasource was resynced" + description: "Last time the resource was synchronized with Grafana instances" format: "date-time" type: "string" uid: diff --git a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml index 653620ded..3f0636f4b 100644 --- a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml +++ b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanafolders.yaml @@ -19,6 +19,10 @@ spec: - jsonPath: ".status.NoMatchingInstances" name: "No matching instances" type: "boolean" + - format: "date-time" + jsonPath: ".status.lastResync" + name: "Last resync" + type: "date" - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" @@ -39,10 +43,11 @@ spec: description: "GrafanaFolderSpec defines the desired state of GrafanaFolder" properties: allowCrossNamespaceImport: - description: "Enable matching Grafana instances outside the current namespace" + default: false + description: "Allow the Operator to match this resource with Grafanas outside the current namespace" type: "boolean" instanceSelector: - description: "Selects Grafanas for import" + description: "Selects Grafana instances for import" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -75,7 +80,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" x-kubernetes-validations: - - message: "Value is immutable" + - message: "spec.instanceSelector is immutable" rule: "self == oldSelf" parentFolderRef: description: "Reference to an existing GrafanaFolder CR in the same namespace" @@ -87,8 +92,8 @@ spec: description: "Raw json with folder permissions, potentially exported from Grafana" type: "string" resyncPeriod: - default: "5m" - description: "How often the folder is synced, defaults to 5m if not set" + default: "10m0s" + description: "How often the resource is synced, defaults to 10m0s if not set" format: "duration" pattern: "^([0-9]+(\\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$" type: "string" @@ -96,7 +101,9 @@ spec: description: "Display name of the folder in Grafana" type: "string" uid: - description: "Manually specify the UID the Folder is created with" + description: "Manually specify the UID the Folder is created with. Can be any string consisting of alphanumeric characters, - and _ with a maximum length of 40" + maxLength: 40 + pattern: "^[a-zA-Z0-9-_]+$" type: "string" x-kubernetes-validations: - message: "spec.uid is immutable" @@ -109,6 +116,8 @@ spec: rule: "(has(self.parentFolderUID) && !(has(self.parentFolderRef))) || (has(self.parentFolderRef) && !(has(self.parentFolderUID))) || !(has(self.parentFolderRef) && (has(self.parentFolderUID)))" - message: "spec.uid is immutable" rule: "((!has(oldSelf.uid) && !has(self.uid)) || (has(oldSelf.uid) && has(self.uid)))" + - message: "disabling spec.allowCrossNamespaceImport requires a recreate to ensure desired state" + rule: "!oldSelf.allowCrossNamespaceImport || (oldSelf.allowCrossNamespaceImport && self.allowCrossNamespaceImport)" status: description: "GrafanaFolderStatus defines the observed state of GrafanaFolder" properties: @@ -116,6 +125,7 @@ spec: description: "The folder instanceSelector can't find matching grafana instances" type: "boolean" conditions: + description: "Results when synchonizing resource with Grafana instances" items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: @@ -159,10 +169,9 @@ spec: type: "object" type: "array" hash: - description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster\nImportant: Run \"make\" to regenerate code after modifying this file" type: "string" lastResync: - description: "Last time the folder was resynced" + description: "Last time the resource was synchronized with Grafana instances" format: "date-time" type: "string" type: "object" diff --git a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml index f7be79124..b217926d6 100644 --- a/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml +++ b/crd-catalog/grafana-operator/grafana-operator/grafana.integreatly.org/v1beta1/grafanas.yaml @@ -47,6 +47,11 @@ spec: client: description: "Client defines how the grafana-operator talks to the grafana instance." properties: + headers: + additionalProperties: + type: "string" + description: "Custom HTTP headers to use when interacting with this Grafana." + type: "object" preferIngress: description: "If the operator should send it's request through the grafana instances ingress object instead of through the service." nullable: true @@ -901,7 +906,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -911,7 +916,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -949,7 +954,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -959,7 +964,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -978,7 +983,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -988,7 +993,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1026,7 +1031,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1036,7 +1041,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1056,7 +1061,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1070,7 +1075,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1084,7 +1089,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1134,7 +1139,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1195,7 +1200,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1209,7 +1214,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1223,7 +1228,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1273,7 +1278,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1461,7 +1466,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1475,7 +1480,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1489,7 +1494,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1539,7 +1544,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1652,9 +1657,10 @@ spec: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" @@ -1825,7 +1831,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1835,7 +1841,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1873,7 +1879,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1883,7 +1889,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1902,7 +1908,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1912,7 +1918,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1950,7 +1956,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1960,7 +1966,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1980,7 +1986,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1994,7 +2000,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2008,7 +2014,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2058,7 +2064,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2119,7 +2125,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2133,7 +2139,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2147,7 +2153,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2197,7 +2203,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2385,7 +2391,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2399,7 +2405,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2413,7 +2419,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2463,7 +2469,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2762,7 +2768,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2772,7 +2778,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2810,7 +2816,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2820,7 +2826,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2839,7 +2845,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2849,7 +2855,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2887,7 +2893,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2897,7 +2903,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2917,7 +2923,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2931,7 +2937,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2945,7 +2951,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2995,7 +3001,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3056,7 +3062,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3070,7 +3076,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3084,7 +3090,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3134,7 +3140,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3322,7 +3328,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3336,7 +3342,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3350,7 +3356,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3400,7 +3406,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3589,6 +3595,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3781,7 +3790,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -3800,7 +3809,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -3827,7 +3836,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -3843,7 +3852,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -3876,7 +3885,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -3937,7 +3946,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -4190,7 +4199,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -4219,7 +4228,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -4229,7 +4238,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4248,7 +4257,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -4263,7 +4272,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -4384,7 +4393,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4396,7 +4405,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4614,7 +4623,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -4639,7 +4648,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -4682,7 +4691,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -4763,7 +4772,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4788,7 +4797,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5254,19 +5263,26 @@ spec: description: "RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service'\nkind is allowed. Use 'weight' field to emphasize one over others." properties: kind: + default: "Service" description: "The kind of target that the route is referring to. Currently, only 'Service' is allowed" + enum: + - "Service" + - "" type: "string" name: description: "name of the service/target that is being referred to. e.g. name of the service" + minLength: 1 type: "string" weight: + default: 100 description: "weight as an integer between 0 and 256, default 100, that specifies the target's relative weight\nagainst other target reference objects. 0 suppresses requests to this backend." format: "int32" + maximum: 256.0 + minimum: 0.0 type: "integer" required: - "kind" - "name" - - "weight" type: "object" type: "array" host: @@ -5292,40 +5308,67 @@ spec: description: "caCertificate provides the cert authority certificate contents" type: "string" certificate: - description: "certificate provides certificate contents" + description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate\nchain. Do not include a CA certificate." type: "string" destinationCACertificate: description: "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify." type: "string" + externalCertificate: + description: "externalCertificate provides certificate contents as a secret reference.\nThis should be a single serving certificate, not a certificate\nchain. Do not include a CA certificate. The secret referenced should\nbe present in the same namespace as that of the Route.\nForbidden when `certificate` is set.\nThe router service account needs to be granted with read-only access to this secret,\nplease refer to openshift docs for additional details." + properties: + name: + description: "name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\n* Allow - traffic is sent to the server on the insecure port (default)\n* Disable - no traffic is allowed on the insecure port.\n* Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While\neach router may make its own decisions on which ports to expose, this is normally port 80.\n\nIf a route does not specify insecureEdgeTerminationPolicy, then the default behavior is \"None\".\n\n* Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only).\n\n* None - no traffic is allowed on the insecure port (default).\n\n* Redirect - clients are redirected to the secure port." + enum: + - "Allow" + - "None" + - "Redirect" + - "" type: "string" key: description: "key provides key file contents" type: "string" termination: - description: "termination indicates termination type." + description: "termination indicates termination type.\n\n* edge - TLS termination is done by the router and http is used to communicate with the backend (default)\n* passthrough - Traffic is sent straight to the destination without the router providing TLS termination\n* reencrypt - TLS termination is done by the router and https is used to communicate with the backend\n\nNote: passthrough termination is incompatible with httpHeader actions" + enum: + - "edge" + - "reencrypt" + - "passthrough" type: "string" required: - "termination" type: "object" + x-kubernetes-validations: + - message: "cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow" + rule: "has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true" to: description: "RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service'\nkind is allowed. Use 'weight' field to emphasize one over others." properties: kind: + default: "Service" description: "The kind of target that the route is referring to. Currently, only 'Service' is allowed" + enum: + - "Service" + - "" type: "string" name: description: "name of the service/target that is being referred to. e.g. name of the service" + minLength: 1 type: "string" weight: + default: 100 description: "weight as an integer between 0 and 256, default 100, that specifies the target's relative weight\nagainst other target reference objects. 0 suppresses requests to this backend." format: "int32" + maximum: 256.0 + minimum: 0.0 type: "integer" required: - "kind" - "name" - - "weight" type: "object" wildcardPolicy: description: "WildcardPolicyType indicates the type of wildcard support needed by routes." @@ -5465,7 +5508,7 @@ spec: type: "object" type: "object" trafficDistribution: - description: "TrafficDistribution offers a way to express preferences for how traffic is\ndistributed to Service endpoints. Implementations can use this field as a\nhint, but are not required to guarantee strict adherence. If the field is\nnot set, the implementation will apply its default routing strategy. If set\nto \"PreferClose\", implementations should prioritize endpoints that are\ntopologically close (e.g., same zone).\nThis is an alpha field and requires enabling ServiceTrafficDistribution feature." + description: "TrafficDistribution offers a way to express preferences for how traffic is\ndistributed to Service endpoints. Implementations can use this field as a\nhint, but are not required to guarantee strict adherence. If the field is\nnot set, the implementation will apply its default routing strategy. If set\nto \"PreferClose\", implementations should prioritize endpoints that are\ntopologically close (e.g., same zone).\nThis is a beta field and requires enabling ServiceTrafficDistribution feature." type: "string" type: description: "type determines how the Service is exposed. Defaults to ClusterIP. Valid\noptions are ExternalName, ClusterIP, NodePort, and LoadBalancer.\n\"ClusterIP\" allocates a cluster-internal IP address for load-balancing\nto endpoints. Endpoints are determined by the selector or if that is not\nspecified, by manual construction of an Endpoints object or\nEndpointSlice objects. If clusterIP is \"None\", no virtual IP is\nallocated and the endpoints are published as a set of endpoints rather\nthan a virtual IP.\n\"NodePort\" builds on ClusterIP and allocates a port on every node which\nroutes to the same endpoints as the clusterIP.\n\"LoadBalancer\" builds on NodePort and creates an external load-balancer\n(if supported in the current cloud) which routes to the same endpoints\nas the clusterIP.\n\"ExternalName\" aliases this service to the specified externalName.\nSeveral other fields do not apply to ExternalName services.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types" @@ -5552,6 +5595,10 @@ spec: type: "array" lastMessage: type: "string" + libraryPanels: + items: + type: "string" + type: "array" stage: type: "string" stageStatus: diff --git a/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml b/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml index 571a9aee2..e906edfb9 100644 --- a/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml +++ b/crd-catalog/grafana/loki/loki.grafana.com/v1/lokistacks.yaml @@ -109,11 +109,11 @@ spec: otlp: description: "OTLP to configure which resource, scope and log attributes are stored as stream labels or structured metadata.\n\nTenancy modes can provide a default OTLP configuration, when no custom OTLP configuration is set or even\nenforce the use of some required attributes." properties: - streamLabels: - description: "StreamLabels configures which resource attributes are converted to Loki stream labels." + drop: + description: "Drop configures which attributes are dropped from the log entry." properties: - resourceAttributes: - description: "ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels." + logAttributes: + description: "LogAttributes lists the names of log attributes that should be included in structured metadata." items: properties: name: @@ -126,12 +126,8 @@ spec: - "name" type: "object" type: "array" - type: "object" - structuredMetadata: - description: "StructuredMetadata configures which attributes are saved in structured metadata." - properties: - logAttributes: - description: "LogAttributes lists the names of log attributes that should be included in structured metadata." + resourceAttributes: + description: "ResourceAttributes lists the names of resource attributes that should be included in structured metadata." items: properties: name: @@ -144,8 +140,8 @@ spec: - "name" type: "object" type: "array" - resourceAttributes: - description: "ResourceAttributes lists the names of resource attributes that should be included in structured metadata." + scopeAttributes: + description: "ScopeAttributes lists the names of scope attributes that should be included in structured metadata." items: properties: name: @@ -158,8 +154,12 @@ spec: - "name" type: "object" type: "array" - scopeAttributes: - description: "ScopeAttributes lists the names of scope attributes that should be included in structured metadata." + type: "object" + streamLabels: + description: "StreamLabels configures which resource attributes are converted to Loki stream labels." + properties: + resourceAttributes: + description: "ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels." items: properties: name: @@ -186,7 +186,7 @@ spec: format: "int32" type: "integer" maxEntriesLimitPerQuery: - description: "MaxEntriesLimitsPerQuery defines the maximum number of log entries\nthat will be returned for a query." + description: "MaxEntriesLimitPerQuery defines the maximum number of log entries\nthat will be returned for a query." format: "int32" type: "integer" maxQuerySeries: @@ -286,11 +286,11 @@ spec: otlp: description: "OTLP to configure which resource, scope and log attributes are stored as stream labels or structured metadata.\n\nTenancy modes can provide a default OTLP configuration, when no custom OTLP configuration is set or even\nenforce the use of some required attributes.\n\nThe per-tenant configuration for OTLP attributes will be merged with the global configuration." properties: - streamLabels: - description: "StreamLabels configures which resource attributes are converted to Loki stream labels." + drop: + description: "Drop configures which attributes are dropped from the log entry." properties: - resourceAttributes: - description: "ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels." + logAttributes: + description: "LogAttributes lists the names of log attributes that should be included in structured metadata." items: properties: name: @@ -303,12 +303,8 @@ spec: - "name" type: "object" type: "array" - type: "object" - structuredMetadata: - description: "StructuredMetadata configures which attributes are saved in structured metadata." - properties: - logAttributes: - description: "LogAttributes lists the names of log attributes that should be included in structured metadata." + resourceAttributes: + description: "ResourceAttributes lists the names of resource attributes that should be included in structured metadata." items: properties: name: @@ -321,8 +317,8 @@ spec: - "name" type: "object" type: "array" - resourceAttributes: - description: "ResourceAttributes lists the names of resource attributes that should be included in structured metadata." + scopeAttributes: + description: "ScopeAttributes lists the names of scope attributes that should be included in structured metadata." items: properties: name: @@ -335,8 +331,12 @@ spec: - "name" type: "object" type: "array" - scopeAttributes: - description: "ScopeAttributes lists the names of scope attributes that should be included in structured metadata." + type: "object" + streamLabels: + description: "StreamLabels configures which resource attributes are converted to Loki stream labels." + properties: + resourceAttributes: + description: "ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels." items: properties: name: @@ -391,7 +391,7 @@ spec: format: "int32" type: "integer" maxEntriesLimitPerQuery: - description: "MaxEntriesLimitsPerQuery defines the maximum number of log entries\nthat will be returned for a query." + description: "MaxEntriesLimitPerQuery defines the maximum number of log entries\nthat will be returned for a query." format: "int32" type: "integer" maxQuerySeries: @@ -2497,7 +2497,7 @@ spec: description: "OTLP contains settings for ingesting data using OTLP in the OpenShift tenancy mode." properties: disableRecommendedAttributes: - description: "DisableRecommendedAttributes can be used to reduce the number of attributes used for stream labels and structured\nmetadata.\n\nEnabling this setting removes the \"recommended attributes\" from the generated Loki configuration. This will cause\nmeta information to not be available as stream labels or structured metadata, potentially making queries more\nexpensive and less performant.\n\nNote that there is a set of \"required attributes\", needed for OpenShift Logging to work properly. Those will be\nadded to the configuration, even if this field is set to true.\n\nThis option is supposed to be combined with a custom label configuration customizing the labels for the specific\nusecase." + description: "DisableRecommendedAttributes can be used to reduce the number of attributes used as stream labels.\n\nEnabling this setting removes the \"recommended attributes\" from the generated Loki configuration. This will cause\nsome stream labels to disappear from the index, potentially making queries more expensive and less performant.\n\nNote that there is a set of \"required attributes\", needed for OpenShift Logging to work properly. Those will be\nadded to the configuration, even if this field is set to true.\n\nThis option is supposed to be combined with a custom attribute configuration listing the stream labels that\nshould continue to exist." type: "boolean" type: "object" type: "object" diff --git a/crd-catalog/grafana/loki/loki.grafana.com/v1beta1/lokistacks.yaml b/crd-catalog/grafana/loki/loki.grafana.com/v1beta1/lokistacks.yaml index 62910af45..b74f2b58f 100644 --- a/crd-catalog/grafana/loki/loki.grafana.com/v1beta1/lokistacks.yaml +++ b/crd-catalog/grafana/loki/loki.grafana.com/v1beta1/lokistacks.yaml @@ -77,7 +77,7 @@ spec: format: "int32" type: "integer" maxEntriesLimitPerQuery: - description: "MaxEntriesLimitsPerQuery defines the maximum number of log entries\nthat will be returned for a query." + description: "MaxEntriesLimitPerQuery defines the maximum number of log entries\nthat will be returned for a query." format: "int32" type: "integer" maxQuerySeries: @@ -130,7 +130,7 @@ spec: format: "int32" type: "integer" maxEntriesLimitPerQuery: - description: "MaxEntriesLimitsPerQuery defines the maximum number of log entries\nthat will be returned for a query." + description: "MaxEntriesLimitPerQuery defines the maximum number of log entries\nthat will be returned for a query." format: "int32" type: "integer" maxQuerySeries: diff --git a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml index fa364e484..77e6178cd 100644 --- a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml +++ b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempomonolithics.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "tempomonolithics.tempo.grafana.com" spec: group: "tempo.grafana.com" @@ -578,7 +578,7 @@ spec: description: "Enabled defines if OTLP over gRPC is enabled.\nDefault: enabled." type: "boolean" tls: - description: "TLS defines the TLS configuration for OTLP/gRPC ingestion.\n\n\nOn OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName`\nare provided it will use OpenShift serving certificate service." + description: "TLS defines the TLS configuration for OTLP/gRPC ingestion.\n\nOn OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName`\nare provided it will use OpenShift serving certificate service." properties: caName: description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." @@ -604,7 +604,7 @@ spec: description: "Enabled defines if OTLP over HTTP is enabled.\nDefault: enabled." type: "boolean" tls: - description: "TLS defines the TLS configuration for OTLP/HTTP ingestion.\n\n\nOn OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName`\nare provided it will use OpenShift serving certificate service." + description: "TLS defines the TLS configuration for OTLP/HTTP ingestion.\n\nOn OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName`\nare provided it will use OpenShift serving certificate service." properties: caName: description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." @@ -637,7 +637,7 @@ spec: description: "Resources defines the compute resource requirements of the OAuth Proxy container.\nThe OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -704,7 +704,7 @@ spec: description: "Resources defines the compute resource requirements of the Jaeger UI container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -898,7 +898,7 @@ spec: description: "Resources defines the compute resource requirements of the gateway container.\nThe gateway performs authentication and authorization of incoming requests when multi-tenancy is enabled." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1010,11 +1010,22 @@ spec: type: "object" type: "object" type: "object" + query: + description: "Query defines query configuration." + properties: + rbac: + description: "RBAC defines query RBAC options.\nThis option can be used only with multi-tenancy." + properties: + enabled: + description: "Enabled defines if the query RBAC should be enabled." + type: "boolean" + type: "object" + type: "object" resources: description: "Resources defines the compute resource requirements of the Tempo container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1169,7 +1180,7 @@ spec: conditions: description: "Conditions of the Tempo deployment health." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -1198,7 +1209,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml index 4add3f76b..847f51423 100644 --- a/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml +++ b/crd-catalog/grafana/tempo-operator/tempo.grafana.com/v1alpha1/tempostacks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "tempostacks.tempo.grafana.com" spec: group: "tempo.grafana.com" @@ -226,10 +226,14 @@ spec: properties: jaeger_agent_endpoint: default: "localhost:6831" - description: "JaegerAgentEndpoint defines the jaeger endpoint data gets send to." + description: "JaegerAgentEndpoint defines the jaeger endpoint data gets send to.\nDeprecated: in favor of OTLPHttpEndpoint." + type: "string" + otlp_http_endpoint: + default: "http://localhost:4320" + description: "OTLPHttpEndpoint defines the OTLP/http endpoint data gets send to.\nFor example, \"http://localhost:4320\".\nThe default OTLP/http port 4318 collides with the distributor ports, therefore it is recommended to use a different port\non the sidecar injected to the Tempo (e.g. 4320)." type: "string" sampling_fraction: - description: "SamplingFraction defines the sampling ratio. Valid values are 0 to 1." + description: "SamplingFraction defines the sampling ratio. Valid values are 0 to 1.\nThe SamplingFraction has to be defined to enable tracing." type: "string" type: "object" type: "object" @@ -243,7 +247,7 @@ spec: description: "The total amount of resources for Tempo instance.\nThe operator autonomously splits resources between deployed Tempo components.\nOnly limits are supported, the operator calculates requests automatically.\nSee http://github.com/grafana/tempo/issues/1540." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -380,7 +384,7 @@ spec: description: "PodSecurityContext defines security context will be applied to all pods of this component." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -420,7 +424,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -472,7 +476,7 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -534,7 +538,7 @@ spec: description: "Distributor defines the distributor component spec." properties: component: - description: "TempoComponentSpec is embedded to extend this definition with further options.\n\n\nCurrently, there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" + description: "TempoComponentSpec is embedded to extend this definition with further options.\n\nCurrently, there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" properties: nodeSelector: additionalProperties: @@ -545,7 +549,7 @@ spec: description: "PodSecurityContext defines security context will be applied to all pods of this component." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -585,7 +589,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -637,7 +641,7 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -696,7 +700,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" tls: - description: "TLS defines TLS configuration for distributor receivers\n\n\nIf openshift feature flag `servingCertsService` is enabled and TLS is enabled but no\ncertName or caName is specified, OpenShift service serving certificates will be used." + description: "TLS defines TLS configuration for distributor receivers\n\nIf openshift feature flag `servingCertsService` is enabled and TLS is enabled but no\ncertName or caName is specified, OpenShift service serving certificates will be used." properties: caName: description: "CA is the name of a ConfigMap containing a CA certificate (service-ca.crt).\nIt needs to be in the same namespace as the Tempo custom resource." @@ -716,7 +720,7 @@ spec: description: "Gateway defines the tempo gateway spec." properties: component: - description: "TempoComponentSpec is embedded to extend this definition with further options.\n\n\nCurrently there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" + description: "TempoComponentSpec is embedded to extend this definition with further options.\n\nCurrently there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" properties: nodeSelector: additionalProperties: @@ -727,7 +731,7 @@ spec: description: "PodSecurityContext defines security context will be applied to all pods of this component." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -767,7 +771,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -819,7 +823,7 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -913,6 +917,13 @@ spec: - "" type: "string" type: "object" + rbac: + description: "RBAC defines query RBAC options." + properties: + enabled: + description: "Enabled defines if the query RBAC should be enabled." + type: "boolean" + type: "object" required: - "enabled" type: "object" @@ -928,7 +939,7 @@ spec: description: "PodSecurityContext defines security context will be applied to all pods of this component." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -968,7 +979,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1020,7 +1031,7 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1090,7 +1101,7 @@ spec: description: "PodSecurityContext defines security context will be applied to all pods of this component." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -1130,7 +1141,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1182,7 +1193,7 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1244,7 +1255,7 @@ spec: description: "TempoQueryFrontendSpec defines the query frontend spec." properties: component: - description: "TempoComponentSpec is embedded to extend this definition with further options.\n\n\nCurrently there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" + description: "TempoComponentSpec is embedded to extend this definition with further options.\n\nCurrently there is no way to inline this field.\nSee: https://github.com/golang/go/issues/6213" properties: nodeSelector: additionalProperties: @@ -1255,7 +1266,7 @@ spec: description: "PodSecurityContext defines security context will be applied to all pods of this component." properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -1295,7 +1306,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1347,7 +1358,7 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1418,7 +1429,7 @@ spec: description: "Resources defines the compute resource requirements of the OAuth Proxy container.\nThe OAuth Proxy performs authentication and authorization of incoming requests to Jaeger UI when multi-tenancy is disabled." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1505,15 +1516,14 @@ spec: description: "PrometheusEndpoint defines the endpoint to the Prometheus instance that contains the span rate, error, and duration (RED) metrics.\nFor instance on OpenShift this is set to https://thanos-querier.openshift-monitoring.svc.cluster.local:9091" type: "string" redMetricsNamespace: - default: "traces.span.metrics" - description: "REDMetricsNamespace defines the a prefix used retrieve span rate, error, and duration (RED) metrics.\nBy default it is set to `traces.span.metrics` following the default namespace of the OpenTelemetry Collector since Version 0.109.0." + description: "REDMetricsNamespace defines the a prefix used retrieve span rate, error, and duration (RED) metrics." type: "string" type: "object" resources: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1556,7 +1566,7 @@ spec: description: "Resources defines resources for this component, this will override the calculated resources derived from total" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: @@ -1717,6 +1727,7 @@ spec: description: "Timeout configures the same timeout on all components starting at ingress down to the ingestor/querier.\nTimeout configuration on a specific component has a higher precedence.\nDefaults to 30 seconds." type: "string" required: + - "managementState" - "storage" type: "object" status: @@ -1771,7 +1782,7 @@ spec: conditions: description: "Conditions of the Tempo deployment health." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -1800,7 +1811,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml index d4bf50950..7f81af864 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportprovisiontokens.yaml @@ -88,6 +88,32 @@ spec: nullable: true type: "array" type: "object" + bitbucket: + description: "Bitbucket allows the configuration of options specific to the \"bitbucket\" join method." + nullable: true + properties: + allow: + description: "Allow is a list of Rules, nodes using this token must match one allow rule to use this token." + items: + properties: + branch_name: + type: "string" + deployment_environment_uuid: + type: "string" + repository_uuid: + type: "string" + workspace_uuid: + type: "string" + type: "object" + nullable: true + type: "array" + audience: + description: "Audience is a Bitbucket-specified audience value for this token. It is unique to each Bitbucket repository, and must be set to the value as written in the Pipelines -> OpenID Connect section of the repository settings." + type: "string" + identity_provider_url: + description: "IdentityProviderURL is a Bitbucket-specified issuer URL for incoming OIDC tokens. It is unique to each Bitbucket repository, and must be set to the value as written in the Pipelines -> OpenID Connect section of the repository settings." + type: "string" + type: "object" bot_name: description: "BotName is the name of the bot this token grants access to, if any" type: "string" @@ -169,6 +195,9 @@ spec: enterprise_slug: description: "EnterpriseSlug allows the slug of a GitHub Enterprise organisation to be included in the expected issuer of the OIDC tokens. This is for compatibility with the `include_enterprise_slug` option in GHE. This field should be set to the slug of your enterprise if this is enabled. If this is not enabled, then this field must be left empty. This field cannot be specified if `enterprise_server_host` is specified. See https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-issuer-value-for-an-enterprise for more information about customized issuer values." type: "string" + static_jwks: + description: "StaticJWKS disables fetching of the GHES signing keys via the JWKS/OIDC endpoints, and allows them to be directly specified. This allows joining from GitHub Actions in GHES instances that are not reachable by the Teleport Auth Service." + type: "string" type: "object" gitlab: description: "GitLab allows the configuration of options specific to the \"gitlab\" join method." @@ -244,6 +273,30 @@ spec: description: "Type controls which behavior should be used for validating the Kubernetes Service Account token. Support values: - `in_cluster` - `static_jwks` If unset, this defaults to `in_cluster`." type: "string" type: "object" + oracle: + description: "Oracle allows the configuration of options specific to the \"oracle\" join method." + nullable: true + properties: + allow: + description: "Allow is a list of Rules, nodes using this token must match one allow rule to use this token." + items: + properties: + parent_compartments: + items: + type: "string" + nullable: true + type: "array" + regions: + items: + type: "string" + nullable: true + type: "array" + tenancy: + type: "string" + type: "object" + nullable: true + type: "array" + type: "object" roles: description: "Roles is a list of roles associated with the token, that will be converted to metadata in the SSH and X509 certificates issued to the user of the token" items: diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportusers.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportusers.yaml index eb677cd35..380641fc6 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportusers.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v2/teleportusers.yaml @@ -49,6 +49,9 @@ spec: samlSingleLogoutUrl: description: "SAMLSingleLogoutURL is the SAML Single log-out URL to initiate SAML SLO (single log-out), if applicable." type: "string" + user_id: + description: "UserID is the ID of the identity. Some connectors like GitHub have an unique ID apart from the username." + type: "string" username: description: "Username is username supplied by external identity provider" type: "string" @@ -64,6 +67,9 @@ spec: samlSingleLogoutUrl: description: "SAMLSingleLogoutURL is the SAML Single log-out URL to initiate SAML SLO (single log-out), if applicable." type: "string" + user_id: + description: "UserID is the ID of the identity. Some connectors like GitHub have an unique ID apart from the username." + type: "string" username: description: "Username is username supplied by external identity provider" type: "string" @@ -85,6 +91,9 @@ spec: samlSingleLogoutUrl: description: "SAMLSingleLogoutURL is the SAML Single log-out URL to initiate SAML SLO (single log-out), if applicable." type: "string" + user_id: + description: "UserID is the ID of the identity. Some connectors like GitHub have an unique ID apart from the username." + type: "string" username: description: "Username is username supplied by external identity provider" type: "string" diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml index f88beb622..1b870a9f3 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v5/teleportroles.yaml @@ -131,6 +131,17 @@ spec: type: "string" nullable: true type: "array" + github_permissions: + description: "GitHubPermissions defines GitHub integration related permissions." + items: + properties: + orgs: + items: + type: "string" + nullable: true + type: "array" + type: "object" + type: "array" group_labels: additionalProperties: x-kubernetes-preserve-unknown-fields: true @@ -295,6 +306,14 @@ spec: description: "MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used." format: "duration" type: "string" + reason: + description: "Reason defines settings for the reason for the access provided by the user." + nullable: true + properties: + mode: + description: "Mode can be either \"required\" or \"optional\". Empty string is treated as \"optional\". If a role has the request reason mode set to \"required\", then reason is required for all Access Requests requesting roles or resources allowed by this role. It applies only to users who have this role assigned." + type: "string" + type: "object" roles: description: "Roles is the name of roles which will match the request rule." items: @@ -467,6 +486,14 @@ spec: type: "string" nullable: true type: "array" + workload_identity_labels: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: "WorkloadIdentityLabels controls whether or not specific WorkloadIdentity resources can be invoked. Further authorization controls exist on the WorkloadIdentity resource itself." + type: "object" + workload_identity_labels_expression: + description: "WorkloadIdentityLabelsExpression is a predicate expression used to allow/deny access to issuing a WorkloadIdentity." + type: "string" type: "object" deny: description: "Deny is the set of conditions evaluated to deny access. Deny takes priority over allow." @@ -572,6 +599,17 @@ spec: type: "string" nullable: true type: "array" + github_permissions: + description: "GitHubPermissions defines GitHub integration related permissions." + items: + properties: + orgs: + items: + type: "string" + nullable: true + type: "array" + type: "object" + type: "array" group_labels: additionalProperties: x-kubernetes-preserve-unknown-fields: true @@ -736,6 +774,14 @@ spec: description: "MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used." format: "duration" type: "string" + reason: + description: "Reason defines settings for the reason for the access provided by the user." + nullable: true + properties: + mode: + description: "Mode can be either \"required\" or \"optional\". Empty string is treated as \"optional\". If a role has the request reason mode set to \"required\", then reason is required for all Access Requests requesting roles or resources allowed by this role. It applies only to users who have this role assigned." + type: "string" + type: "object" roles: description: "Roles is the name of roles which will match the request rule." items: @@ -908,6 +954,14 @@ spec: type: "string" nullable: true type: "array" + workload_identity_labels: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: "WorkloadIdentityLabels controls whether or not specific WorkloadIdentity resources can be invoked. Further authorization controls exist on the WorkloadIdentity resource itself." + type: "object" + workload_identity_labels_expression: + description: "WorkloadIdentityLabelsExpression is a predicate expression used to allow/deny access to issuing a WorkloadIdentity." + type: "string" type: "object" options: description: "Options is for OpenSSH options like agent forwarding." @@ -1020,7 +1074,7 @@ spec: description: "PinSourceIP forces the same client IP for certificate generation and usage" type: "boolean" port_forwarding: - description: "PortForwarding defines if the certificate will have \"permit-port-forwarding\" in the certificate. PortForwarding is \"yes\" if not set, that's why this is a pointer" + description: "Deprecated: Use SSHPortForwarding instead" type: "boolean" record_session: description: "RecordDesktopSession indicates whether desktop access sessions should be recorded. It defaults to true unless explicitly set to false." @@ -1048,6 +1102,25 @@ spec: ssh_file_copy: description: "SSHFileCopy indicates whether remote file operations via SCP or SFTP are allowed over an SSH session. It defaults to true unless explicitly set to false." type: "boolean" + ssh_port_forwarding: + description: "SSHPortForwarding configures what types of SSH port forwarding are allowed by a role." + nullable: true + properties: + local: + description: "Allow local port forwarding." + nullable: true + properties: + enabled: + type: "boolean" + type: "object" + remote: + description: "Allow remote port forwarding." + nullable: true + properties: + enabled: + type: "boolean" + type: "object" + type: "object" type: "object" type: "object" status: diff --git a/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml b/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml index 33279ec97..839df04ff 100644 --- a/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml +++ b/crd-catalog/gravitational/teleport/resources.teleport.dev/v6/teleportroles.yaml @@ -131,6 +131,17 @@ spec: type: "string" nullable: true type: "array" + github_permissions: + description: "GitHubPermissions defines GitHub integration related permissions." + items: + properties: + orgs: + items: + type: "string" + nullable: true + type: "array" + type: "object" + type: "array" group_labels: additionalProperties: x-kubernetes-preserve-unknown-fields: true @@ -295,6 +306,14 @@ spec: description: "MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used." format: "duration" type: "string" + reason: + description: "Reason defines settings for the reason for the access provided by the user." + nullable: true + properties: + mode: + description: "Mode can be either \"required\" or \"optional\". Empty string is treated as \"optional\". If a role has the request reason mode set to \"required\", then reason is required for all Access Requests requesting roles or resources allowed by this role. It applies only to users who have this role assigned." + type: "string" + type: "object" roles: description: "Roles is the name of roles which will match the request rule." items: @@ -467,6 +486,14 @@ spec: type: "string" nullable: true type: "array" + workload_identity_labels: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: "WorkloadIdentityLabels controls whether or not specific WorkloadIdentity resources can be invoked. Further authorization controls exist on the WorkloadIdentity resource itself." + type: "object" + workload_identity_labels_expression: + description: "WorkloadIdentityLabelsExpression is a predicate expression used to allow/deny access to issuing a WorkloadIdentity." + type: "string" type: "object" deny: description: "Deny is the set of conditions evaluated to deny access. Deny takes priority over allow." @@ -572,6 +599,17 @@ spec: type: "string" nullable: true type: "array" + github_permissions: + description: "GitHubPermissions defines GitHub integration related permissions." + items: + properties: + orgs: + items: + type: "string" + nullable: true + type: "array" + type: "object" + type: "array" group_labels: additionalProperties: x-kubernetes-preserve-unknown-fields: true @@ -736,6 +774,14 @@ spec: description: "MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration is used." format: "duration" type: "string" + reason: + description: "Reason defines settings for the reason for the access provided by the user." + nullable: true + properties: + mode: + description: "Mode can be either \"required\" or \"optional\". Empty string is treated as \"optional\". If a role has the request reason mode set to \"required\", then reason is required for all Access Requests requesting roles or resources allowed by this role. It applies only to users who have this role assigned." + type: "string" + type: "object" roles: description: "Roles is the name of roles which will match the request rule." items: @@ -908,6 +954,14 @@ spec: type: "string" nullable: true type: "array" + workload_identity_labels: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: "WorkloadIdentityLabels controls whether or not specific WorkloadIdentity resources can be invoked. Further authorization controls exist on the WorkloadIdentity resource itself." + type: "object" + workload_identity_labels_expression: + description: "WorkloadIdentityLabelsExpression is a predicate expression used to allow/deny access to issuing a WorkloadIdentity." + type: "string" type: "object" options: description: "Options is for OpenSSH options like agent forwarding." @@ -1020,7 +1074,7 @@ spec: description: "PinSourceIP forces the same client IP for certificate generation and usage" type: "boolean" port_forwarding: - description: "PortForwarding defines if the certificate will have \"permit-port-forwarding\" in the certificate. PortForwarding is \"yes\" if not set, that's why this is a pointer" + description: "Deprecated: Use SSHPortForwarding instead" type: "boolean" record_session: description: "RecordDesktopSession indicates whether desktop access sessions should be recorded. It defaults to true unless explicitly set to false." @@ -1048,6 +1102,25 @@ spec: ssh_file_copy: description: "SSHFileCopy indicates whether remote file operations via SCP or SFTP are allowed over an SSH session. It defaults to true unless explicitly set to false." type: "boolean" + ssh_port_forwarding: + description: "SSHPortForwarding configures what types of SSH port forwarding are allowed by a role." + nullable: true + properties: + local: + description: "Allow local port forwarding." + nullable: true + properties: + enabled: + type: "boolean" + type: "object" + remote: + description: "Allow remote port forwarding." + nullable: true + properties: + enabled: + type: "boolean" + type: "object" + type: "object" type: "object" type: "object" status: diff --git a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml index afd3baf72..9aba9952d 100644 --- a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml +++ b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/agentpools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "agentpools.app.terraform.io" spec: group: "app.terraform.io" @@ -16,7 +16,7 @@ spec: - name: "v1alpha2" schema: openAPIV3Schema: - description: "AgentPool is the Schema for the agentpools API." + description: "AgentPool manages HCP Terraform Agent Pools, HCP Terraform Agent Tokens and can perform HCP Terraform Agent scaling.\nMore infromation:\n - https://developer.hashicorp.com/terraform/cloud-docs/agents/agent-pools\n - https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens#agent-api-tokens\n - https://developer.hashicorp.com/terraform/cloud-docs/agents" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -232,13 +232,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -337,13 +337,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -441,13 +441,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -546,13 +546,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -648,7 +648,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -698,7 +698,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -725,7 +725,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -740,7 +740,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -939,7 +939,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1077,7 +1078,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1177,13 +1179,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1253,7 +1258,7 @@ spec: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1292,7 +1297,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1339,7 +1344,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1470,7 +1476,7 @@ spec: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." @@ -1534,7 +1540,7 @@ spec: ephemeralContainers: description: "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing\npod to perform user-initiated actions such as debugging. This list cannot be specified when\ncreating a pod, and it cannot be modified by updating the pod spec. In order to add an\nephemeral container to an existing pod, use the pod's ephemeralcontainers subresource." items: - description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." + description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." properties: args: description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" @@ -1570,7 +1576,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1620,7 +1626,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1647,7 +1653,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1662,7 +1668,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1861,7 +1867,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1999,7 +2006,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2099,13 +2107,16 @@ spec: description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2175,7 +2186,7 @@ spec: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2214,7 +2225,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2261,7 +2272,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2347,7 +2359,7 @@ spec: description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" targetContainerName: - description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." + description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." type: "string" terminationMessagePath: description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." @@ -2395,7 +2407,7 @@ spec: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." @@ -2464,7 +2476,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2511,7 +2523,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2561,7 +2573,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2588,7 +2600,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2603,7 +2615,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2802,7 +2814,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2940,7 +2953,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3040,13 +3054,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -3116,7 +3133,7 @@ spec: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -3155,7 +3172,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -3202,7 +3219,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3333,7 +3351,7 @@ spec: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." @@ -3360,7 +3378,7 @@ spec: - "name" x-kubernetes-list-type: "map" nodeName: - description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this pod onto that node, assuming that it fits resource\nrequirements." + description: "NodeName indicates in which node this pod is scheduled.\nIf empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName.\nOnce this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod.\nThis field should not be used to express a desire for the pod to be scheduled on a specific node.\nhttps://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename" type: "string" nodeSelector: additionalProperties: @@ -3369,7 +3387,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" os: - description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.appArmorProfile\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.appArmorProfile\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup" + description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.appArmorProfile\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.securityContext.supplementalGroupsPolicy\n- spec.containers[*].securityContext.appArmorProfile\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup" properties: name: description: "Name is the name of the operating system. The currently supported values are linux and windows.\nAdditional value may be defined in future and can be one of:\nhttps://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration\nClients should expect to handle additional values and treat unrecognized values in this field as os: null" @@ -3410,23 +3428,19 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resourceClaims: - description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable." + description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable." items: - description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource.\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name." + description: "PodResourceClaim references exactly one ResourceClaim, either directly\nor by naming a ResourceClaimTemplate which is then turned into a ResourceClaim\nfor the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name." properties: name: description: "Name uniquely identifies this resource claim inside the pod.\nThis must be a DNS_LABEL." type: "string" - source: - description: "Source describes where to find the ResourceClaim." - properties: - resourceClaimName: - description: "ResourceClaimName is the name of a ResourceClaim object in the same\nnamespace as this pod." - type: "string" - resourceClaimTemplateName: - description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim." - type: "string" - type: "object" + resourceClaimName: + description: "ResourceClaimName is the name of a ResourceClaim object in the same\nnamespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must\nbe set." + type: "string" + resourceClaimTemplateName: + description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must\nbe set." + type: "string" required: - "name" type: "object" @@ -3444,7 +3458,7 @@ spec: description: "If specified, the pod will be dispatched by specified scheduler.\nIf not specified, the pod will be dispatched by default scheduler." type: "string" schedulingGates: - description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards." + description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards." items: description: "PodSchedulingGate is associated to a Pod to guard its scheduling." properties: @@ -3474,7 +3488,7 @@ spec: - "type" type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -3514,18 +3528,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -3642,7 +3659,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" @@ -3652,14 +3669,14 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." @@ -3686,7 +3703,7 @@ spec: description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -3714,12 +3731,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -3765,7 +3784,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3789,7 +3808,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3829,7 +3848,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3850,7 +3869,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3938,10 +3957,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -4050,7 +4069,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -4067,7 +4086,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -4111,7 +4130,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4132,7 +4151,7 @@ spec: description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4179,7 +4198,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -4190,6 +4209,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -4200,7 +4229,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -4209,6 +4238,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -4229,7 +4259,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4307,12 +4337,12 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." @@ -4388,7 +4418,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4475,7 +4505,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -4531,12 +4561,13 @@ spec: description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -4546,6 +4577,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -4556,11 +4588,12 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -4571,6 +4604,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -4587,7 +4621,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4595,6 +4629,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -4660,7 +4695,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4795,7 +4830,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/modules.yaml b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/modules.yaml index 652cee326..8b606dfed 100644 --- a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/modules.yaml +++ b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/modules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "modules.app.terraform.io" spec: group: "app.terraform.io" @@ -23,7 +23,7 @@ spec: name: "v1alpha2" schema: openAPIV3Schema: - description: "Module is the Schema for the modules API\nModule implements the API-driven Run Workflow\nMore information:\n - https://developer.hashicorp.com/terraform/cloud-docs/run/api" + description: "Module implements API-driven Run Workflows.\nMore information:\n - https://developer.hashicorp.com/terraform/cloud-docs/run/api" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -96,7 +96,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml index 12dcff052..235120b71 100644 --- a/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml +++ b/crd-catalog/hashicorp/terraform-cloud-operator/app.terraform.io/v1alpha2/workspaces.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "workspaces.app.terraform.io" spec: group: "app.terraform.io" @@ -20,7 +20,7 @@ spec: name: "v1alpha2" schema: openAPIV3Schema: - description: "Workspace is the Schema for the workspaces API" + description: "Workspace manages HCP Terraform Workspaces.\nMore information:\n - https://developer.hashicorp.com/terraform/cloud-docs/workspaces" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -103,7 +103,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -120,7 +120,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -404,7 +404,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -421,7 +421,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -451,7 +451,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -463,6 +463,21 @@ spec: required: - "secretKeyRef" type: "object" + variableSets: + description: "HCP Terraform variable sets let you reuse variables in an efficient and centralized way.\nMore information\n - https://developer.hashicorp.com/terraform/tutorials/cloud/cloud-multiple-variable-sets" + items: + properties: + id: + description: "ID of the variable set.\nMust match pattern: `varset-[a-zA-Z0-9]+$`\nMore information:\n - https://developer.hashicorp.com/terraform/tutorials/cloud/cloud-multiple-variable-sets" + pattern: "varset-[a-zA-Z0-9]+$" + type: "string" + name: + description: "Name of the variable set.\nMore information:\n - https://developer.hashicorp.com/terraform/tutorials/cloud/cloud-multiple-variable-sets" + minLength: 1 + type: "string" + type: "object" + minItems: 1 + type: "array" versionControl: description: "Settings for the workspace's VCS repository, enabling the UI/VCS-driven run workflow.\nOmit this argument to utilize the CLI-driven and API-driven workflows, where runs are not driven by webhooks on your VCS provider.\nMore information:\n - https://www.terraform.io/cloud-docs/run/ui\n - https://www.terraform.io/cloud-docs/vcs" properties: @@ -546,6 +561,16 @@ spec: description: "Workspace last update timestamp." format: "int64" type: "integer" + variableSet: + description: "Variable Sets." + items: + properties: + id: + type: "string" + name: + type: "string" + type: "object" + type: "array" variables: description: "Workspace variables." items: diff --git a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultpkisecrets.yaml b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultpkisecrets.yaml index 4d75cfb38..75d53bd79 100644 --- a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultpkisecrets.yaml +++ b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultpkisecrets.yaml @@ -202,7 +202,7 @@ spec: type: "array" ttl: description: "TTL for the certificate; sets the expiration date.\nIf not specified the Vault role's default,\nbackend default, or system default TTL is used, in that order.\nCannot be larger than the mount's max TTL.\nNote: this only has an effect when generating a CA cert or signing a CA cert,\nnot when generating a CSR for an intermediate CA.\nShould be in duration notation e.g. 120s, 2h, etc." - pattern: "^([0-9]+(\\.[0-9]+)?(s|m|h))$" + pattern: "^([0-9]+(\\.[0-9]+)?(s|m|h|d))$" type: "string" uriSans: description: "The requested URI SANs." diff --git a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml index d1a7c5619..05da714a9 100644 --- a/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml +++ b/crd-catalog/hashicorp/vault-secrets-operator/secrets.hashicorp.com/v1beta1/vaultstaticsecrets.yaml @@ -145,7 +145,7 @@ spec: pattern: "^([0-9]+(\\.[0-9]+)?(s|m|h))$" type: "string" rolloutRestartTargets: - description: "RolloutRestartTargets should be configured whenever the application(s) consuming the Vault secret does\nnot support dynamically reloading a rotated secret.\nIn that case one, or more RolloutRestartTarget(s) can be configured here. The Operator will\ntrigger a \"rollout-restart\" for each target whenever the Vault secret changes between reconciliation events.\nAll configured targets wil be ignored if HMACSecretData is set to false.\nSee RolloutRestartTarget for more details." + description: "RolloutRestartTargets should be configured whenever the application(s) consuming the Vault secret does\nnot support dynamically reloading a rotated secret.\nIn that case one, or more RolloutRestartTarget(s) can be configured here. The Operator will\ntrigger a \"rollout-restart\" for each target whenever the Vault secret changes between reconciliation events.\nAll configured targets will be ignored if HMACSecretData is set to false.\nSee RolloutRestartTarget for more details." items: description: "RolloutRestartTarget provides the configuration required to perform a\nrollout-restart of the supported resources upon Vault Secret rotation.\nThe rollout-restart is triggered by patching the target resource's\n'spec.template.metadata.annotations' to include 'vso.secrets.hashicorp.com/restartedAt'\nwith a timestamp value of when the trigger was executed.\nE.g. vso.secrets.hashicorp.com/restartedAt: \"2023-03-23T13:39:31Z\"\n\nSupported resources: Deployment, DaemonSet, StatefulSet, argo.Rollout" properties: diff --git a/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha1/sopssecrets.yaml b/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha1/sopssecrets.yaml index 35de33455..222bb0523 100644 --- a/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha1/sopssecrets.yaml +++ b/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha1/sopssecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "sopssecrets.isindir.github.com" spec: group: "isindir.github.com" diff --git a/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha2/sopssecrets.yaml b/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha2/sopssecrets.yaml index 6f04c3e1b..0020ea4b4 100644 --- a/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha2/sopssecrets.yaml +++ b/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha2/sopssecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "sopssecrets.isindir.github.com" spec: group: "isindir.github.com" diff --git a/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha3/sopssecrets.yaml b/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha3/sopssecrets.yaml index 5ca4a1baf..d0588a490 100644 --- a/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha3/sopssecrets.yaml +++ b/crd-catalog/isindir/sops-secrets-operator/isindir.github.com/v1alpha3/sopssecrets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "sopssecrets.isindir.github.com" spec: group: "isindir.github.com" diff --git a/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml b/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml index 1eee52717..4e03f0dad 100644 --- a/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml +++ b/crd-catalog/k8gb-io/k8gb/k8gb.absa.oss/v1beta1/gslbs.yaml @@ -234,7 +234,7 @@ spec: description: "Primary Geo Tag. Valid for failover strategy only" type: "string" splitBrainThresholdSeconds: - description: "Split brain TXT record expiration in seconds" + description: "Split brain TXT record expiration in seconds. The field is deprecated and not used." type: "integer" type: description: "Load balancing strategy type:(roundRobin|failover)" diff --git a/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml b/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml index b6de2b514..111bb9a11 100644 --- a/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml +++ b/crd-catalog/k8ssandra/cass-operator/cassandra.datastax.com/v1beta1/cassandradatacenters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.4" name: "cassandradatacenters.cassandra.datastax.com" spec: group: "cassandra.datastax.com" @@ -187,13 +187,16 @@ spec: description: "Kubernetes resource requests and limits per server config initialization container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -221,7 +224,7 @@ spec: type: "object" type: "object" configSecret: - description: "ConfigSecret is the name of a secret that contains configuration for Cassandra. The\nsecret is expected to have a property named config whose value should be a JSON\nformatted string that should look like this:\n\n\n config: |-\n {\n \"cassandra-yaml\": {\n \"read_request_timeout_in_ms\": 10000\n },\n \"jmv-options\": {\n \"max_heap_size\": 1024M\n }\n }\n\n\nConfigSecret is mutually exclusive with Config. ConfigSecret takes precedence and\nwill be used exclusively if both properties are set. The operator sets a watch such\nthat an update to the secret will trigger an update of the StatefulSets." + description: "ConfigSecret is the name of a secret that contains configuration for Cassandra. The\nsecret is expected to have a property named config whose value should be a JSON\nformatted string that should look like this:\n\n config: |-\n {\n \"cassandra-yaml\": {\n \"read_request_timeout_in_ms\": 10000\n },\n \"jmv-options\": {\n \"max_heap_size\": 1024M\n }\n }\n\nConfigSecret is mutually exclusive with Config. ConfigSecret takes precedence and\nwill be used exclusively if both properties are set. The operator sets a watch such\nthat an update to the secret will trigger an update of the StatefulSets." type: "string" datacenterName: description: "DatacenterName allows to override the name of the Cassandra datacenter. In Cassandra the DC name will be overridden by this value.\nThis setting can create conflicts if multiple DCs coexist in the same namespace if metadata.name for a DC with no override is set to the same value as the override name of another DC.\nUse cautiously." @@ -354,11 +357,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -375,11 +380,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -391,6 +398,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -415,11 +423,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -436,14 +446,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -479,11 +492,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -492,13 +507,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -522,11 +537,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -539,6 +556,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -554,6 +572,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -578,11 +597,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -591,13 +612,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -621,11 +642,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -638,6 +661,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -645,6 +669,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -676,11 +701,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -689,13 +716,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -719,11 +746,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -736,6 +765,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -751,6 +781,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -775,11 +806,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -788,13 +821,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -818,11 +851,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -835,6 +870,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -842,6 +878,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" automountServiceAccountToken: @@ -857,11 +894,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -883,7 +922,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -932,7 +972,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -946,6 +987,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -955,7 +999,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -969,7 +1014,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -978,6 +1024,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -998,6 +1045,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1021,6 +1069,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1073,6 +1122,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1096,6 +1146,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1149,6 +1200,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1162,7 +1214,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1189,6 +1242,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1285,6 +1339,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1298,7 +1353,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1325,6 +1381,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1397,13 +1454,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1439,6 +1499,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1448,18 +1520,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1498,7 +1572,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1531,6 +1605,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1544,7 +1619,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1571,6 +1647,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1653,6 +1730,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1662,7 +1742,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1670,6 +1750,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1681,6 +1764,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1688,6 +1774,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" dnsConfig: description: "Specifies the DNS parameters of a pod.\nParameters specified here will be merged to the generated DNS\nconfiguration based on DNSPolicy." properties: @@ -1696,6 +1785,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: @@ -1708,11 +1798,13 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" dnsPolicy: description: "Set DNS policy for the pod.\nDefaults to \"ClusterFirst\".\nValid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.\nDNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.\nTo have DNS options set along with hostNetwork, you have to specify DNS policy\nexplicitly to 'ClusterFirstWithHostNet'." @@ -1723,18 +1815,20 @@ spec: ephemeralContainers: description: "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing\npod to perform user-initiated actions such as debugging. This list cannot be specified when\ncreating a pod, and it cannot be modified by updating the pod spec. In order to add an\nephemeral container to an existing pod, use the pod's ephemeralcontainers subresource." items: - description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." + description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." properties: args: description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -1756,7 +1850,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1805,7 +1900,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1819,6 +1915,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1828,7 +1927,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1842,7 +1942,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1851,6 +1952,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" @@ -1871,6 +1973,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1894,6 +1997,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1946,6 +2050,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1969,6 +2074,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2022,6 +2128,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2035,7 +2142,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2062,6 +2170,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2158,6 +2267,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2171,7 +2281,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2198,6 +2309,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2270,13 +2382,16 @@ spec: description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2312,6 +2427,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2321,18 +2448,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2371,7 +2500,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2404,6 +2533,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2417,7 +2547,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2444,6 +2575,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2502,7 +2634,7 @@ spec: description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" targetContainerName: - description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." + description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." type: "string" terminationMessagePath: description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." @@ -2529,6 +2661,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." items: @@ -2538,7 +2673,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2546,6 +2681,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2557,6 +2695,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -2564,8 +2705,11 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" hostAliases: - description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified. This is only valid for non-hostNetwork pods." + description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified." items: description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." properties: @@ -2574,11 +2718,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: description: "IP address of the host file entry." type: "string" + required: + - "ip" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "ip" + x-kubernetes-list-type: "map" hostIPC: description: "Use the host's ipc namespace.\nOptional: Default to false." type: "boolean" @@ -2600,11 +2750,15 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" initContainers: description: "List of initialization containers belonging to the pod.\nInit containers are executed in order prior to containers being started. If any\ninit container fails, the pod is considered to have failed and is handled according\nto its restartPolicy. The name for an init container or normal container must be\nunique among all containers.\nInit containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.\nThe resourceRequirements of an init container are taken into account during scheduling\nby finding the highest request/limit for each resource type, and then using the max of\nof that value or the sum of the normal containers. Limits are applied to init containers\nin a similar fashion.\nInit containers cannot currently be added or removed.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/" items: @@ -2615,11 +2769,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -2641,7 +2797,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2690,7 +2847,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2704,6 +2862,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -2713,7 +2874,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2727,7 +2889,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2736,6 +2899,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -2756,6 +2920,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2779,6 +2944,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2831,6 +2997,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2854,6 +3021,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2907,6 +3075,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2920,7 +3089,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2947,6 +3117,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3043,6 +3214,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3056,7 +3228,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3083,6 +3256,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3155,13 +3329,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -3197,6 +3374,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3206,18 +3395,20 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -3256,7 +3447,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -3289,6 +3480,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3302,7 +3494,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3329,6 +3522,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3411,6 +3605,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -3420,7 +3617,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3428,6 +3625,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -3439,6 +3639,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -3446,8 +3649,11 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" nodeName: - description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this pod onto that node, assuming that it fits resource\nrequirements." + description: "NodeName indicates in which node this pod is scheduled.\nIf empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName.\nOnce this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod.\nThis field should not be used to express a desire for the pod to be scheduled on a specific node.\nhttps://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename" type: "string" nodeSelector: additionalProperties: @@ -3456,7 +3662,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" os: - description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup" + description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.appArmorProfile\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.securityContext.supplementalGroupsPolicy\n- spec.containers[*].securityContext.appArmorProfile\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup" properties: name: description: "Name is the name of the operating system. The currently supported values are linux and windows.\nAdditional value may be defined in future and can be one of:\nhttps://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration\nClients should expect to handle additional values and treat unrecognized values in this field as os: null" @@ -3495,24 +3701,21 @@ spec: - "conditionType" type: "object" type: "array" + x-kubernetes-list-type: "atomic" resourceClaims: - description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable." + description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable." items: - description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource.\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name." + description: "PodResourceClaim references exactly one ResourceClaim, either directly\nor by naming a ResourceClaimTemplate which is then turned into a ResourceClaim\nfor the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name." properties: name: description: "Name uniquely identifies this resource claim inside the pod.\nThis must be a DNS_LABEL." type: "string" - source: - description: "Source describes where to find the ResourceClaim." - properties: - resourceClaimName: - description: "ResourceClaimName is the name of a ResourceClaim object in the same\nnamespace as this pod." - type: "string" - resourceClaimTemplateName: - description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim." - type: "string" - type: "object" + resourceClaimName: + description: "ResourceClaimName is the name of a ResourceClaim object in the same\nnamespace as this pod.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must\nbe set." + type: "string" + resourceClaimTemplateName: + description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must\nbe set." + type: "string" required: - "name" type: "object" @@ -3530,7 +3733,7 @@ spec: description: "If specified, the pod will be dispatched by specified scheduler.\nIf not specified, the pod will be dispatched by default scheduler." type: "string" schedulingGates: - description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate." + description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards." items: description: "PodSchedulingGate is associated to a Pod to guard its scheduling." properties: @@ -3547,8 +3750,20 @@ spec: securityContext: description: "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: @@ -3588,17 +3803,21 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in\naddition to the container's primary GID and fsGroup (if specified). If\nthe SupplementalGroupsPolicy feature is enabled, the\nsupplementalGroupsPolicy field determines whether these are in addition\nto or instead of any group memberships defined in the container image.\nIf unspecified, no additional groups are added, though group memberships\ndefined in the container image may still be used, depending on the\nsupplementalGroupsPolicy field.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + description: "Defines how supplemental groups of the first container processes are calculated.\nValid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used.\n(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled\nand the container runtime must implement support for this feature.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -3615,6 +3834,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -3633,7 +3853,7 @@ spec: type: "object" type: "object" serviceAccount: - description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead." + description: "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead." type: "string" serviceAccountName: description: "ServiceAccountName is the name of the ServiceAccount to use to run this pod.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" @@ -3674,6 +3894,7 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" topologySpreadConstraints: description: "TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." items: @@ -3698,11 +3919,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3711,7 +3934,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" @@ -3721,14 +3944,14 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." @@ -3755,7 +3978,7 @@ spec: description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -3783,12 +4006,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -3819,6 +4044,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -3832,7 +4058,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3855,7 +4082,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3892,8 +4120,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3913,7 +4143,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3941,7 +4172,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3984,6 +4215,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -4000,10 +4232,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -4033,6 +4265,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -4110,11 +4343,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4126,7 +4361,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -4143,7 +4378,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -4157,11 +4392,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -4184,7 +4421,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4205,7 +4443,7 @@ spec: description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4252,7 +4490,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -4263,6 +4501,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -4273,7 +4521,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -4282,6 +4530,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -4293,6 +4542,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -4300,7 +4550,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4378,12 +4629,12 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." @@ -4404,11 +4655,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4454,8 +4707,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4471,7 +4726,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4514,6 +4769,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -4538,8 +4794,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -4564,6 +4822,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -4594,12 +4853,13 @@ spec: description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -4607,7 +4867,9 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -4617,11 +4879,13 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -4632,6 +4896,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -4647,7 +4912,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4655,6 +4921,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -4698,6 +4965,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -4718,7 +4986,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4751,6 +5020,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" required: - "containers" type: "object" @@ -4790,11 +5062,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -4811,11 +5085,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -4827,6 +5103,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -4851,11 +5128,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -4872,14 +5151,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -4915,11 +5197,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4928,13 +5212,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4958,11 +5242,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4975,6 +5261,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -4990,6 +5277,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -5014,11 +5302,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5027,13 +5317,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5057,11 +5347,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5074,6 +5366,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -5081,6 +5374,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -5112,11 +5406,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5125,13 +5421,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5155,11 +5451,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5172,6 +5470,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -5187,6 +5486,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -5211,11 +5511,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5224,13 +5526,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5254,11 +5556,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5271,6 +5575,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -5278,6 +5583,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" name: @@ -5308,13 +5614,16 @@ spec: description: "Kubernetes resource requests and limits, per pod" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -5394,6 +5703,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -5471,11 +5781,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5487,7 +5799,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -5503,7 +5815,7 @@ spec: description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -5531,12 +5843,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -5567,6 +5881,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -5580,7 +5895,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5603,7 +5919,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5640,8 +5957,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -5661,7 +5980,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5689,7 +6009,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -5732,6 +6052,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -5748,10 +6069,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -5781,6 +6102,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -5858,11 +6180,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -5874,7 +6198,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -5891,7 +6215,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -5905,11 +6229,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -5932,7 +6258,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -5953,7 +6280,7 @@ spec: description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -6000,7 +6327,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -6011,6 +6338,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -6021,7 +6358,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -6030,6 +6367,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -6041,6 +6379,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -6048,7 +6387,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6123,12 +6463,12 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." @@ -6149,11 +6489,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6199,8 +6541,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -6216,7 +6560,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -6259,6 +6603,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -6283,8 +6628,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -6309,6 +6656,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -6339,12 +6687,13 @@ spec: description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -6352,7 +6701,9 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -6362,11 +6713,13 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -6377,6 +6730,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -6392,7 +6746,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6400,6 +6755,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -6443,6 +6799,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -6463,7 +6820,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -6506,6 +6864,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -6583,11 +6942,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -6599,7 +6960,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -6619,13 +6980,16 @@ spec: description: "Kubernetes resource requests and limits per system logger container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -6764,13 +7128,13 @@ spec: trackedTasks: description: "TrackedTasks tracks the tasks for completion that were created by the cass-operator" items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object.\n---\nNew uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.\n 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.\n 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular\n restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\".\n Those cannot be well described when embedded.\n 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.\n 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity\n during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple\n and the version of the actual struct is irrelevant.\n 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type\n will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.\n\n\nInstead of using this type, create a locally provided and used type that is well-focused on your reference.\nFor example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object." properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" diff --git a/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml b/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml index 6f51e954a..9532df6a4 100644 --- a/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml +++ b/crd-catalog/k8ssandra/cass-operator/control.k8ssandra.io/v1alpha1/cassandratasks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.4" name: "cassandratasks.control.k8ssandra.io" spec: group: "control.k8ssandra.io" @@ -60,7 +60,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" @@ -155,7 +155,7 @@ spec: conditions: description: "The latest available observations of an object's current state. When a Job\nfails, one of the conditions will have type \"Failed\" and status true. When\na Job is suspended, one of the conditions will have type \"Suspended\" and\nstatus true; when the Job is resumed, the status of this condition will\nbecome false. When a Job is completed, one of the conditions will have\ntype \"Complete\" and status true.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -184,7 +184,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/k8up-io/k8up/k8up.io/v1/backups.yaml b/crd-catalog/k8up-io/k8up/k8up.io/v1/backups.yaml index be04daac0..19f190880 100644 --- a/crd-catalog/k8up-io/k8up/k8up.io/v1/backups.yaml +++ b/crd-catalog/k8up-io/k8up/k8up.io/v1/backups.yaml @@ -346,6 +346,40 @@ spec: keepJobs: description: "KeepJobs amount of jobs to keep for later analysis.\n\n\nDeprecated: Use FailedJobsHistoryLimit and SuccessfulJobsHistoryLimit respectively." type: "integer" + labelSelectors: + description: "LabelSelectors is a list of selectors that we filter for.\nWhen defined, only PVCs and PreBackupPods matching them are backed up." + items: + description: "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" podConfigRef: description: "PodConfigRef describes the pod spec with wich this action shall be executed.\nIt takes precedence over the Resources or PodSecurityContext field.\nIt does not allow changing the image or the command of the resulting pod.\nThis is for advanced use-cases only. Please only set this if you know what you're doing." properties: diff --git a/crd-catalog/k8up-io/k8up/k8up.io/v1/schedules.yaml b/crd-catalog/k8up-io/k8up/k8up.io/v1/schedules.yaml index 904d0a877..98401665c 100644 --- a/crd-catalog/k8up-io/k8up/k8up.io/v1/schedules.yaml +++ b/crd-catalog/k8up-io/k8up/k8up.io/v1/schedules.yaml @@ -1263,6 +1263,40 @@ spec: keepJobs: description: "KeepJobs amount of jobs to keep for later analysis.\n\n\nDeprecated: Use FailedJobsHistoryLimit and SuccessfulJobsHistoryLimit respectively." type: "integer" + labelSelectors: + description: "LabelSelectors is a list of selectors that we filter for.\nWhen defined, only PVCs and PreBackupPods matching them are backed up." + items: + description: "A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" podConfigRef: description: "PodConfigRef describes the pod spec with wich this action shall be executed.\nIt takes precedence over the Resources or PodSecurityContext field.\nIt does not allow changing the image or the command of the resulting pod.\nThis is for advanced use-cases only. Please only set this if you know what you're doing." properties: diff --git a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml index afd7c9460..cd5c3720b 100644 --- a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml +++ b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/cronfederatedhpas.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "cronfederatedhpas.autoscaling.karmada.io" spec: group: "autoscaling.karmada.io" @@ -56,7 +56,7 @@ spec: minimum: 0.0 type: "integer" name: - description: "Name of the rule.\nEach rule in a CronFederatedHPA must have a unique name.\n\n\nNote: the name will be used as an identifier to record its execution\nhistory. Changing the name will be considered as deleting the old rule\nand adding a new rule, that means the original execution history will be\ndiscarded." + description: "Name of the rule.\nEach rule in a CronFederatedHPA must have a unique name.\n\nNote: the name will be used as an identifier to record its execution\nhistory. Changing the name will be considered as deleting the old rule\nand adding a new rule, that means the original execution history will be\ndiscarded." maxLength: 32 minLength: 1 type: "string" diff --git a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml index 07797924e..56a026407 100644 --- a/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml +++ b/crd-catalog/karmada-io/karmada/autoscaling.karmada.io/v1alpha1/federatedhpas.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "federatedhpas.autoscaling.karmada.io" spec: group: "autoscaling.karmada.io" diff --git a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml index 4b1aea3f5..777edf402 100644 --- a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml +++ b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpretercustomizations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "resourceinterpretercustomizations.config.karmada.io" spec: group: "config.karmada.io" @@ -50,7 +50,7 @@ spec: description: "DependencyInterpretation describes the rules for Karmada to analyze the\ndependent resources.\nKarmada provides built-in rules for several standard Kubernetes types, see:\nhttps://karmada.io/docs/userguide/globalview/customizing-resource-interpreter/#interpretdependency\nIf DependencyInterpretation is set, the built-in rules will be ignored." properties: luaScript: - description: "LuaScript holds the Lua script that is used to interpret the dependencies of\na specific resource.\nThe script should implement a function as follows:\n\n\n```\n luaScript: >\n function GetDependencies(desiredObj)\n dependencies = {}\n serviceAccountName = desiredObj.spec.template.spec.serviceAccountName\n if serviceAccountName ~= nil and serviceAccountName ~= \"default\" then\n dependency = {}\n dependency.apiVersion = \"v1\"\n dependency.kind = \"ServiceAccount\"\n dependency.name = serviceAccountName\n dependency.namespace = desiredObj.metadata.namespace\n dependencies[1] = dependency\n end\n return dependencies\n end\n```\n\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n\n\nThe returned value should be expressed by a slice of DependentObjectReference." + description: "LuaScript holds the Lua script that is used to interpret the dependencies of\na specific resource.\nThe script should implement a function as follows:\n\n```\n luaScript: >\n function GetDependencies(desiredObj)\n dependencies = {}\n serviceAccountName = desiredObj.spec.template.spec.serviceAccountName\n if serviceAccountName ~= nil and serviceAccountName ~= \"default\" then\n dependency = {}\n dependency.apiVersion = \"v1\"\n dependency.kind = \"ServiceAccount\"\n dependency.name = serviceAccountName\n dependency.namespace = desiredObj.metadata.namespace\n dependencies[1] = dependency\n end\n return dependencies\n end\n```\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n\nThe returned value should be expressed by a slice of DependentObjectReference." type: "string" required: - "luaScript" @@ -59,7 +59,7 @@ spec: description: "HealthInterpretation describes the health assessment rules by which Karmada\ncan assess the health state of the resource type." properties: luaScript: - description: "LuaScript holds the Lua script that is used to assess the health state of\na specific resource.\nThe script should implement a function as follows:\n\n\n```\n luaScript: >\n function InterpretHealth(observedObj)\n if observedObj.status.readyReplicas == observedObj.spec.replicas then\n return true\n end\n end\n```\n\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\n\nThe parameters will be supplied by the system:\n - observedObj: the object represents the configuration that is observed\n from a specific member cluster.\n\n\nThe returned boolean value indicates the health status." + description: "LuaScript holds the Lua script that is used to assess the health state of\na specific resource.\nThe script should implement a function as follows:\n\n```\n luaScript: >\n function InterpretHealth(observedObj)\n if observedObj.status.readyReplicas == observedObj.spec.replicas then\n return true\n end\n end\n```\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\nThe parameters will be supplied by the system:\n - observedObj: the object represents the configuration that is observed\n from a specific member cluster.\n\nThe returned boolean value indicates the health status." type: "string" required: - "luaScript" @@ -68,7 +68,7 @@ spec: description: "ReplicaResource describes the rules for Karmada to discover the resource's\nreplica as well as resource requirements.\nIt would be useful for those CRD resources that declare workload types like\nDeployment.\nIt is usually not needed for Kubernetes native resources(Deployment, Job) as\nKarmada knows how to discover info from them. But if it is set, the built-in\ndiscovery rules will be ignored." properties: luaScript: - description: "LuaScript holds the Lua script that is used to discover the resource's\nreplica as well as resource requirements\n\n\nThe script should implement a function as follows:\n\n\n```\n luaScript: >\n function GetReplicas(desiredObj)\n replica = desiredObj.spec.replicas\n requirement = {}\n requirement.nodeClaim = {}\n requirement.nodeClaim.nodeSelector = desiredObj.spec.template.spec.nodeSelector\n requirement.nodeClaim.tolerations = desiredObj.spec.template.spec.tolerations\n requirement.resourceRequest = desiredObj.spec.template.spec.containers[1].resources.limits\n return replica, requirement\n end\n```\n\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n\n\nThe function expects two return values:\n - replica: the declared replica number\n - requirement: the resource required by each replica expressed with a\n ResourceBindingSpec.ReplicaRequirements.\nThe returned values will be set into a ResourceBinding or ClusterResourceBinding." + description: "LuaScript holds the Lua script that is used to discover the resource's\nreplica as well as resource requirements\n\nThe script should implement a function as follows:\n\n```\n luaScript: >\n function GetReplicas(desiredObj)\n replica = desiredObj.spec.replicas\n requirement = {}\n requirement.nodeClaim = {}\n requirement.nodeClaim.nodeSelector = desiredObj.spec.template.spec.nodeSelector\n requirement.nodeClaim.tolerations = desiredObj.spec.template.spec.tolerations\n requirement.resourceRequest = desiredObj.spec.template.spec.containers[1].resources.limits\n return replica, requirement\n end\n```\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n\nThe function expects two return values:\n - replica: the declared replica number\n - requirement: the resource required by each replica expressed with a\n ResourceBindingSpec.ReplicaRequirements.\nThe returned values will be set into a ResourceBinding or ClusterResourceBinding." type: "string" required: - "luaScript" @@ -77,7 +77,7 @@ spec: description: "ReplicaRevision describes the rules for Karmada to revise the resource's replica.\nIt would be useful for those CRD resources that declare workload types like\nDeployment.\nIt is usually not needed for Kubernetes native resources(Deployment, Job) as\nKarmada knows how to revise replicas for them. But if it is set, the built-in\nrevision rules will be ignored." properties: luaScript: - description: "LuaScript holds the Lua script that is used to revise replicas in the desired specification.\nThe script should implement a function as follows:\n\n\n```\n luaScript: >\n function ReviseReplica(desiredObj, desiredReplica)\n desiredObj.spec.replicas = desiredReplica\n return desiredObj\n end\n```\n\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n - desiredReplica: the replica number should be applied with.\n\n\nThe returned object should be a revised configuration which will be\napplied to member cluster eventually." + description: "LuaScript holds the Lua script that is used to revise replicas in the desired specification.\nThe script should implement a function as follows:\n\n```\n luaScript: >\n function ReviseReplica(desiredObj, desiredReplica)\n desiredObj.spec.replicas = desiredReplica\n return desiredObj\n end\n```\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n - desiredReplica: the replica number should be applied with.\n\nThe returned object should be a revised configuration which will be\napplied to member cluster eventually." type: "string" required: - "luaScript" @@ -86,7 +86,7 @@ spec: description: "Retention describes the desired behavior that Karmada should react on\nthe changes made by member cluster components. This avoids system\nrunning into a meaningless loop that Karmada resource controller and\nthe member cluster component continually applying opposite values of a field.\nFor example, the \"replicas\" of Deployment might be changed by the HPA\ncontroller on member cluster. In this case, Karmada should retain the \"replicas\"\nand not try to change it." properties: luaScript: - description: "LuaScript holds the Lua script that is used to retain runtime values\nto the desired specification.\n\n\nThe script should implement a function as follows:\n\n\n```\n luaScript: >\n function Retain(desiredObj, observedObj)\n desiredObj.spec.fieldFoo = observedObj.spec.fieldFoo\n return desiredObj\n end\n```\n\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n - observedObj: the object represents the configuration that is observed\n from a specific member cluster.\n\n\nThe returned object should be a retained configuration which will be\napplied to member cluster eventually." + description: "LuaScript holds the Lua script that is used to retain runtime values\nto the desired specification.\n\nThe script should implement a function as follows:\n\n```\n luaScript: >\n function Retain(desiredObj, observedObj)\n desiredObj.spec.fieldFoo = observedObj.spec.fieldFoo\n return desiredObj\n end\n```\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents the configuration to be applied\n to the member cluster.\n - observedObj: the object represents the configuration that is observed\n from a specific member cluster.\n\nThe returned object should be a retained configuration which will be\napplied to member cluster eventually." type: "string" required: - "luaScript" @@ -95,7 +95,7 @@ spec: description: "StatusAggregation describes the rules for Karmada to aggregate status\ncollected from member clusters to resource template.\nKarmada provides built-in rules for several standard Kubernetes types, see:\nhttps://karmada.io/docs/userguide/globalview/customizing-resource-interpreter/#aggregatestatus\nIf StatusAggregation is set, the built-in rules will be ignored." properties: luaScript: - description: "LuaScript holds the Lua script that is used to aggregate decentralized statuses\nto the desired specification.\nThe script should implement a function as follows:\n\n\n```\n luaScript: >\n function AggregateStatus(desiredObj, statusItems)\n for i = 1, #statusItems do\n desiredObj.status.readyReplicas = desiredObj.status.readyReplicas + items[i].readyReplicas\n end\n return desiredObj\n end\n```\n\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents a resource template.\n - statusItems: the slice of status expressed with AggregatedStatusItem.\n\n\nThe returned object should be a whole object with status aggregated." + description: "LuaScript holds the Lua script that is used to aggregate decentralized statuses\nto the desired specification.\nThe script should implement a function as follows:\n\n```\n luaScript: >\n function AggregateStatus(desiredObj, statusItems)\n for i = 1, #statusItems do\n desiredObj.status.readyReplicas = desiredObj.status.readyReplicas + items[i].readyReplicas\n end\n return desiredObj\n end\n```\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\nThe parameters will be supplied by the system:\n - desiredObj: the object represents a resource template.\n - statusItems: the slice of status expressed with AggregatedStatusItem.\n\nThe returned object should be a whole object with status aggregated." type: "string" required: - "luaScript" @@ -104,7 +104,7 @@ spec: description: "StatusReflection describes the rules for Karmada to pick the resource's status.\nKarmada provides built-in rules for several standard Kubernetes types, see:\nhttps://karmada.io/docs/userguide/globalview/customizing-resource-interpreter/#interpretstatus\nIf StatusReflection is set, the built-in rules will be ignored." properties: luaScript: - description: "LuaScript holds the Lua script that is used to get the status from the observed specification.\nThe script should implement a function as follows:\n\n\n```\n luaScript: >\n function ReflectStatus(observedObj)\n status = {}\n status.readyReplicas = observedObj.status.observedObj\n return status\n end\n```\n\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\n\nThe parameters will be supplied by the system:\n - observedObj: the object represents the configuration that is observed\n from a specific member cluster.\n\n\nThe returned status could be the whole status or part of it and will\nbe set into both Work and ResourceBinding(ClusterResourceBinding)." + description: "LuaScript holds the Lua script that is used to get the status from the observed specification.\nThe script should implement a function as follows:\n\n```\n luaScript: >\n function ReflectStatus(observedObj)\n status = {}\n status.readyReplicas = observedObj.status.observedObj\n return status\n end\n```\n\nThe content of the LuaScript needs to be a whole function including both\ndeclaration and implementation.\n\nThe parameters will be supplied by the system:\n - observedObj: the object represents the configuration that is observed\n from a specific member cluster.\n\nThe returned status could be the whole status or part of it and will\nbe set into both Work and ResourceBinding(ClusterResourceBinding)." type: "string" required: - "luaScript" diff --git a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml index 5a4556af3..834328f15 100644 --- a/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml +++ b/crd-catalog/karmada-io/karmada/config.karmada.io/v1alpha1/resourceinterpreterwebhookconfigurations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "resourceinterpreterwebhookconfigurations.config.karmada.io" spec: group: "config.karmada.io" @@ -34,14 +34,14 @@ spec: description: "ResourceInterpreterWebhook describes the webhook as well as the resources and operations it applies to." properties: clientConfig: - description: "ClientConfig defines how to communicate with the hook." + description: "ClientConfig defines how to communicate with the hook.\nIt supports two mutually exclusive configuration modes:\n\n1. URL - Directly specify the webhook URL with format `scheme://host:port/path`.\n Example: https://webhook.example.com:8443/my-interpreter\n\n2. Service - Reference a Kubernetes Service that exposes the webhook.\n When using Service reference, Karmada resolves the endpoint through following steps:\n a) First attempts to locate the Service in karmada-apiserver\n b) If found, constructs URL based on Service type:\n - ClusterIP/LoadBalancer/NodePort: Uses ClusterIP with port from Service spec\n (Note: Services with ClusterIP \"None\" are rejected), Example:\n `https://:`\n - ExternalName: Uses external DNS name format: `https://:`\n c) If NOT found in karmada-apiserver, falls back to standard Kubernetes\n service DNS name format: `https://..svc:`\n\nNote: When both URL and Service are specified, the Service reference takes precedence\n and the URL configuration will be ignored." properties: caBundle: description: "`caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.\nIf unspecified, system trust roots on the apiserver are used." format: "byte" type: "string" service: - description: "`service` is a reference to the service for this webhook. Either\n`service` or `url` must be specified.\n\n\nIf the webhook is running within the cluster, then you should use `service`." + description: "`service` is a reference to the service for this webhook. Either\n`service` or `url` must be specified.\n\nIf the webhook is running within the cluster, then you should use `service`." properties: name: description: "`name` is the name of the service.\nRequired" @@ -61,7 +61,7 @@ spec: - "namespace" type: "object" url: - description: "`url` gives the location of the webhook, in standard URL form\n(`scheme://host:port/path`). Exactly one of `url` or `service`\nmust be specified.\n\n\nThe `host` should not refer to a service running in the cluster; use\nthe `service` field instead. The host might be resolved via external\nDNS in some apiservers (e.g., `kube-apiserver` cannot resolve\nin-cluster DNS as that would be a layering violation). `host` may\nalso be an IP address.\n\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is\nrisky unless you take great care to run this webhook on all hosts\nwhich run an apiserver which might need to make calls to this\nwebhook. Such installs are likely to be non-portable, i.e., not easy\nto turn up in a new cluster.\n\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\n\nA path is optional, and if present may be any string permissible in\na URL. You may use the path to pass an arbitrary string to the\nwebhook, for example, a cluster identifier.\n\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not\nallowed. Fragments (\"#...\") and query parameters (\"?...\") are not\nallowed, either." + description: "`url` gives the location of the webhook, in standard URL form\n(`scheme://host:port/path`). Exactly one of `url` or `service`\nmust be specified.\n\nThe `host` should not refer to a service running in the cluster; use\nthe `service` field instead. The host might be resolved via external\nDNS in some apiservers (e.g., `kube-apiserver` cannot resolve\nin-cluster DNS as that would be a layering violation). `host` may\nalso be an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a `host` is\nrisky unless you take great care to run this webhook on all hosts\nwhich run an apiserver which might need to make calls to this\nwebhook. Such installs are likely to be non-portable, i.e., not easy\nto turn up in a new cluster.\n\nThe scheme must be \"https\"; the URL must begin with \"https://\".\n\nA path is optional, and if present may be any string permissible in\na URL. You may use the path to pass an arbitrary string to the\nwebhook, for example, a cluster identifier.\n\nAttempting to use a user or basic auth e.g. \"user:password@\" is not\nallowed. Fragments (\"#...\") and query parameters (\"?...\") are not\nallowed, either." type: "string" type: "object" interpreterContextVersions: @@ -78,7 +78,7 @@ spec: description: "RuleWithOperations is a tuple of Operations and Resources. It is recommended to make\nsure that all the tuple expansions are valid." properties: apiGroups: - description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nFor example:\n [\"apps\", \"batch\", \"example.io\"] means matches 3 groups.\n [\"*\"] means matches all group\n\n\nNote: The group could be empty, e.g the 'core' group of kubernetes, in that case use [\"\"]." + description: "APIGroups is the API groups the resources belong to. '*' is all groups.\nIf '*' is present, the length of the slice must be one.\nFor example:\n [\"apps\", \"batch\", \"example.io\"] means matches 3 groups.\n [\"*\"] means matches all group\n\nNote: The group could be empty, e.g the 'core' group of kubernetes, in that case use [\"\"]." items: type: "string" type: "array" diff --git a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml index d79cefcb5..aacf59622 100644 --- a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml +++ b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusteringresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "multiclusteringresses.networking.karmada.io" spec: group: "networking.karmada.io" @@ -70,6 +70,7 @@ spec: format: "int32" type: "integer" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -83,7 +84,7 @@ spec: description: "IngressRule represents the rules mapping the paths under a specified host to\nthe related backend services. Incoming requests are first evaluated for a host\nmatch, then routed to the backend associated with the matching IngressRuleValue." properties: host: - description: "host is the fully qualified domain name of a network host, as defined by RFC 3986.\nNote the following deviations from the \"host\" part of the\nURI as defined in RFC 3986:\n1. IPs are not allowed. Currently an IngressRuleValue can only apply to\n the IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future.\nIncoming requests are matched against the host before the\nIngressRuleValue. If the host is unspecified, the Ingress routes all\ntraffic based on the specified IngressRuleValue.\n\n\nhost can be \"precise\" which is a domain name without the terminating dot of\na network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name\nprefixed with a single wildcard label (e.g. \"*.foo.com\").\nThe wildcard character '*' must appear by itself as the first DNS label and\nmatches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\").\nRequests will be matched against the Host field in the following way:\n1. If host is precise, the request matches this rule if the http host header is equal to Host.\n2. If host is a wildcard, then the request matches this rule if the http host header\nis to equal to the suffix (removing the first label) of the wildcard rule." + description: "host is the fully qualified domain name of a network host, as defined by RFC 3986.\nNote the following deviations from the \"host\" part of the\nURI as defined in RFC 3986:\n1. IPs are not allowed. Currently an IngressRuleValue can only apply to\n the IP in the Spec of the parent Ingress.\n2. The `:` delimiter is not respected because ports are not allowed.\n\t Currently the port of an Ingress is implicitly :80 for http and\n\t :443 for https.\nBoth these may change in the future.\nIncoming requests are matched against the host before the\nIngressRuleValue. If the host is unspecified, the Ingress routes all\ntraffic based on the specified IngressRuleValue.\n\nhost can be \"precise\" which is a domain name without the terminating dot of\na network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name\nprefixed with a single wildcard label (e.g. \"*.foo.com\").\nThe wildcard character '*' must appear by itself as the first DNS label and\nmatches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\").\nRequests will be matched against the Host field in the following way:\n1. If host is precise, the request matches this rule if the http host header is equal to Host.\n2. If host is a wildcard, then the request matches this rule if the http host header\nis to equal to the suffix (removing the first label) of the wildcard rule." type: "string" http: description: "HTTPIngressRuleValue is a list of http selectors pointing to backends.\nIn the example: http:///? -> backend where\nwhere parts of the url correspond to RFC 3986, this resource will be used\nto match against everything after the last '/' and before the first '?'\nor '#'." @@ -130,6 +131,7 @@ spec: format: "int32" type: "integer" type: "object" + x-kubernetes-map-type: "atomic" required: - "name" type: "object" @@ -193,7 +195,7 @@ spec: description: "IngressPortStatus represents the error condition of a service port" properties: error: - description: "error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase.\n---\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -202,10 +204,10 @@ spec: format: "int32" type: "integer" protocol: - default: "TCP" description: "protocol is the protocol of the ingress port.\nThe supported values are: \"TCP\", \"UDP\", \"SCTP\"" type: "string" required: + - "error" - "port" - "protocol" type: "object" diff --git a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml index 05adea19e..b39a5e143 100644 --- a/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml +++ b/crd-catalog/karmada-io/karmada/networking.karmada.io/v1alpha1/multiclusterservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "multiclusterservices.networking.karmada.io" spec: group: "networking.karmada.io" @@ -41,6 +41,8 @@ spec: name: description: "Name is the name of the cluster to be selected." type: "string" + required: + - "name" type: "object" type: "array" ports: @@ -67,6 +69,8 @@ spec: name: description: "Name is the name of the cluster to be selected." type: "string" + required: + - "name" type: "object" type: "array" range: @@ -103,7 +107,7 @@ spec: conditions: description: "Current service state" items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -132,7 +136,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -169,7 +173,7 @@ spec: items: properties: error: - description: "Error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase.\n---\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "Error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -178,10 +182,10 @@ spec: format: "int32" type: "integer" protocol: - default: "TCP" description: "Protocol is the protocol of the service port of which status is recorded here\nThe supported values are: \"TCP\", \"UDP\", \"SCTP\"" type: "string" required: + - "error" - "port" - "protocol" type: "object" diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml index 9fa618df0..3905af549 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusteroverridepolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "clusteroverridepolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -60,6 +60,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" argsOverrider: @@ -188,7 +189,7 @@ spec: - "replace" type: "string" predicate: - description: "Predicate filters images before applying the rule.\n\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\n\nIf not nil, only images matches the filters will be processed." + description: "Predicate filters images before applying the rule.\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\nIf not nil, only images matches the filters will be processed." properties: path: description: "Path indicates the path of target field" @@ -223,6 +224,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" plaintext: @@ -327,7 +329,7 @@ spec: type: "object" type: "array" overriders: - description: "Overriders represents the override rules that would apply on resources\n\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." + description: "Overriders represents the override rules that would apply on resources\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." properties: annotationsOverrider: description: "AnnotationsOverrider represents the rules dedicated to handling workload annotations" @@ -348,6 +350,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" argsOverrider: @@ -476,7 +479,7 @@ spec: - "replace" type: "string" predicate: - description: "Predicate filters images before applying the rule.\n\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\n\nIf not nil, only images matches the filters will be processed." + description: "Predicate filters images before applying the rule.\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\nIf not nil, only images matches the filters will be processed." properties: path: description: "Path indicates the path of target field" @@ -511,6 +514,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" plaintext: @@ -593,7 +597,7 @@ spec: type: "object" type: "array" targetCluster: - description: "TargetCluster defines restrictions on this override policy\nthat only applies to resources propagated to the matching clusters.\nnil means matching all clusters.\n\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." + description: "TargetCluster defines restrictions on this override policy\nthat only applies to resources propagated to the matching clusters.\nnil means matching all clusters.\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." properties: clusterNames: description: "ClusterNames is the list of clusters to be selected." diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml index 4637d689a..607aba17b 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "clusterpropagationpolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -44,7 +44,7 @@ spec: description: "Spec represents the desired behavior of ClusterPropagationPolicy." properties: activationPreference: - description: "ActivationPreference indicates how the referencing resource template will\nbe propagated, in case of policy changes.\n\n\nIf empty, the resource template will respond to policy changes\nimmediately, in other words, any policy changes will drive the resource\ntemplate to be propagated immediately as per the current propagation rules.\n\n\nIf the value is 'Lazy' means the policy changes will not take effect for now\nbut defer to the resource template changes, in other words, the resource\ntemplate will not be propagated as per the current propagation rules until\nthere is an update on it.\nThis is an experimental feature that might help in a scenario where a policy\nmanages huge amount of resource templates, changes to a policy typically\naffect numerous applications simultaneously. A minor misconfiguration\ncould lead to widespread failures. With this feature, the change can be\ngradually rolled out through iterative modifications of resource templates." + description: "ActivationPreference indicates how the referencing resource template will\nbe propagated, in case of policy changes.\n\nIf empty, the resource template will respond to policy changes\nimmediately, in other words, any policy changes will drive the resource\ntemplate to be propagated immediately as per the current propagation rules.\n\nIf the value is 'Lazy' means the policy changes will not take effect for now\nbut defer to the resource template changes, in other words, the resource\ntemplate will not be propagated as per the current propagation rules until\nthere is an update on it.\nThis is an experimental feature that might help in a scenario where a policy\nmanages huge amount of resource templates, changes to a policy typically\naffect numerous applications simultaneously. A minor misconfiguration\ncould lead to widespread failures. With this feature, the change can be\ngradually rolled out through iterative modifications of resource templates." enum: - "Lazy" type: "string" @@ -53,13 +53,13 @@ spec: type: "boolean" conflictResolution: default: "Abort" - description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." + description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." enum: - "Abort" - "Overwrite" type: "string" dependentOverrides: - description: "DependentOverrides represents the list of overrides(OverridePolicy)\nwhich must present before the current PropagationPolicy takes effect.\n\n\nIt used to explicitly specify overrides which current PropagationPolicy rely on.\nA typical scenario is the users create OverridePolicy(ies) and resources at the same time,\nthey want to ensure the new-created policies would be adopted.\n\n\nNote: For the overrides, OverridePolicy(ies) in current namespace and ClusterOverridePolicy(ies),\nwhich not present in this list will still be applied if they matches the resources." + description: "DependentOverrides represents the list of overrides(OverridePolicy)\nwhich must present before the current PropagationPolicy takes effect.\n\nIt used to explicitly specify overrides which current PropagationPolicy rely on.\nA typical scenario is the users create OverridePolicy(ies) and resources at the same time,\nthey want to ensure the new-created policies would be adopted.\n\nNote: For the overrides, OverridePolicy(ies) in current namespace and ClusterOverridePolicy(ies),\nwhich not present in this list will still be applied if they matches the resources." items: type: "string" type: "array" @@ -90,6 +90,28 @@ spec: - "Graciously" - "Never" type: "string" + statePreservation: + description: "StatePreservation defines the policy for preserving and restoring state data\nduring failover events for stateful applications.\n\nWhen an application fails over from one cluster to another, this policy enables\nthe extraction of critical data from the original resource configuration.\nUpon successful migration, the extracted data is then re-injected into the new\nresource, ensuring that the application can resume operation with its previous\nstate intact.\nThis is particularly useful for stateful applications where maintaining data\nconsistency across failover events is crucial.\nIf not specified, means no state data will be preserved.\n\nNote: This requires the StatefulFailoverInjection feature gate to be enabled,\nwhich is alpha." + properties: + rules: + description: "Rules contains a list of StatePreservationRule configurations.\nEach rule specifies a JSONPath expression targeting specific pieces of\nstate data to be preserved during failover events. An AliasLabelName is associated\nwith each rule, serving as a label key when the preserved data is passed\nto the new cluster." + items: + description: "StatePreservationRule defines a single rule for state preservation.\nIt includes a JSONPath expression and an alias name that will be used\nas a label key when passing state information to the new cluster." + properties: + aliasLabelName: + description: "AliasLabelName is the name that will be used as a label key when the preserved\ndata is passed to the new cluster. This facilitates the injection of the\npreserved state back into the application resources during recovery." + type: "string" + jsonPath: + description: "JSONPath is the JSONPath template used to identify the state data\nto be preserved from the original resource configuration.\nThe JSONPath syntax follows the Kubernetes specification:\nhttps://kubernetes.io/docs/reference/kubectl/jsonpath/\n\nNote: The JSONPath expression will start searching from the \"status\" field of\nthe API resource object by default. For example, to extract the \"availableReplicas\"\nfrom a Deployment, the JSONPath expression should be \"{.availableReplicas}\", not\n\"{.status.availableReplicas}\"." + type: "string" + required: + - "aliasLabelName" + - "jsonPath" + type: "object" + type: "array" + required: + - "rules" + type: "object" required: - "decisionConditions" type: "object" @@ -98,7 +120,7 @@ spec: description: "Placement represents the rule for select clusters to propagate resources." properties: clusterAffinities: - description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." + description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." items: description: "ClusterAffinityTerm selects a set of cluster." properties: @@ -423,15 +445,15 @@ spec: - "Never" type: "string" preserveResourcesOnDeletion: - description: "PreserveResourcesOnDeletion controls whether resources should be preserved on the\nmember clusters when the resource template is deleted.\nIf set to true, resources will be preserved on the member clusters.\nDefault is false, which means resources will be deleted along with the resource template.\n\n\nThis setting is particularly useful during workload migration scenarios to ensure\nthat rollback can occur quickly without affecting the workloads running on the\nmember clusters.\n\n\nAdditionally, this setting applies uniformly across all member clusters and will not\nselectively control preservation on only some clusters.\n\n\nNote: This setting does not apply to the deletion of the policy itself.\nWhen the policy is deleted, the resource templates and their corresponding\npropagated resources in member clusters will remain unchanged unless explicitly deleted." + description: "PreserveResourcesOnDeletion controls whether resources should be preserved on the\nmember clusters when the resource template is deleted.\nIf set to true, resources will be preserved on the member clusters.\nDefault is false, which means resources will be deleted along with the resource template.\n\nThis setting is particularly useful during workload migration scenarios to ensure\nthat rollback can occur quickly without affecting the workloads running on the\nmember clusters.\n\nAdditionally, this setting applies uniformly across all member clusters and will not\nselectively control preservation on only some clusters.\n\nNote: This setting does not apply to the deletion of the policy itself.\nWhen the policy is deleted, the resource templates and their corresponding\npropagated resources in member clusters will remain unchanged unless explicitly deleted." type: "boolean" priority: default: 0 - description: "Priority indicates the importance of a policy(PropagationPolicy or ClusterPropagationPolicy).\nA policy will be applied for the matched resource templates if there is\nno other policies with higher priority at the point of the resource\ntemplate be processed.\nOnce a resource template has been claimed by a policy, by default it will\nnot be preempted by following policies even with a higher priority.\nSee Preemption for more details.\n\n\nIn case of two policies have the same priority, the one with a more precise\nmatching rules in ResourceSelectors wins:\n- matching by name(resourceSelector.name) has higher priority than\n by selector(resourceSelector.labelSelector)\n- matching by selector(resourceSelector.labelSelector) has higher priority\n than by APIVersion(resourceSelector.apiVersion) and Kind(resourceSelector.kind).\nIf there is still no winner at this point, the one with the lower alphabetic\norder wins, e.g. policy 'bar' has higher priority than 'foo'.\n\n\nThe higher the value, the higher the priority. Defaults to zero." + description: "Priority indicates the importance of a policy(PropagationPolicy or ClusterPropagationPolicy).\nA policy will be applied for the matched resource templates if there is\nno other policies with higher priority at the point of the resource\ntemplate be processed.\nOnce a resource template has been claimed by a policy, by default it will\nnot be preempted by following policies even with a higher priority.\nSee Preemption for more details.\n\nIn case of two policies have the same priority, the one with a more precise\nmatching rules in ResourceSelectors wins:\n- matching by name(resourceSelector.name) has higher priority than\n by selector(resourceSelector.labelSelector)\n- matching by selector(resourceSelector.labelSelector) has higher priority\n than by APIVersion(resourceSelector.apiVersion) and Kind(resourceSelector.kind).\nIf there is still no winner at this point, the one with the lower alphabetic\norder wins, e.g. policy 'bar' has higher priority than 'foo'.\n\nThe higher the value, the higher the priority. Defaults to zero." format: "int32" type: "integer" propagateDeps: - description: "PropagateDeps tells if relevant resources should be propagated automatically.\nTake 'Deployment' which referencing 'ConfigMap' and 'Secret' as an example, when 'propagateDeps' is 'true',\nthe referencing resources could be omitted(for saving config effort) from 'resourceSelectors' as they will be\npropagated along with the Deployment. In addition to the propagating process, the referencing resources will be\nmigrated along with the Deployment in the fail-over scenario.\n\n\nDefaults to false." + description: "PropagateDeps tells if relevant resources should be propagated automatically.\nTake 'Deployment' which referencing 'ConfigMap' and 'Secret' as an example, when 'propagateDeps' is 'true',\nthe referencing resources could be omitted(for saving config effort) from 'resourceSelectors' as they will be\npropagated along with the Deployment. In addition to the propagating process, the referencing resources will be\nmigrated along with the Deployment in the fail-over scenario.\n\nDefaults to false." type: "boolean" resourceSelectors: description: "ResourceSelectors used to select resources.\nNil or empty selector is not allowed and doesn't mean match all kinds\nof resources for security concerns that sensitive resources(like Secret)\nmight be accidentally propagated." @@ -489,6 +511,21 @@ spec: type: "object" minItems: 1 type: "array" + schedulePriority: + description: "SchedulePriority defines how Karmada should resolve the priority and preemption policy\nfor workload scheduling.\n\nThis setting is useful for controlling the scheduling behavior of offline workloads.\nBy setting a higher or lower priority, users can control which workloads are scheduled first.\nAdditionally, it allows specifying a preemption policy where higher-priority workloads can\npreempt lower-priority ones in scenarios of resource contention.\n\nNote: This feature is currently in the alpha stage. The priority-based scheduling functionality is\ncontrolled by the PriorityBasedScheduling feature gate, and preemption is controlled by the\nPriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is\nsupported. Preemption functionality is not yet available and will be introduced in future\nreleases as the feature matures." + properties: + priorityClassName: + description: "PriorityClassName specifies which PriorityClass to use. Its behavior depends on PriorityClassSource:\n\nBehavior of PriorityClassName:\n\nFor KubePriorityClass:\n- When specified: Uses the named Kubernetes PriorityClass.\n\nFor PodPriorityClass:\n- Uses PriorityClassName from the PodTemplate.\n- Not yet implemented.\n\nFor FederatedPriorityClass:\n- Not yet implemented." + type: "string" + priorityClassSource: + description: "PriorityClassSource specifies where Karmada should look for the PriorityClass definition.\nAvailable options:\n- KubePriorityClass: Uses Kubernetes PriorityClass (scheduling.k8s.io/v1)\n- PodPriorityClass: Uses PriorityClassName from PodTemplate: PodSpec.PriorityClassName (not yet implemented)\n- FederatedPriorityClass: Uses Karmada FederatedPriorityClass (not yet implemented)" + enum: + - "KubePriorityClass" + type: "string" + required: + - "priorityClassName" + - "priorityClassSource" + type: "object" schedulerName: default: "default-scheduler" description: "SchedulerName represents which scheduler to proceed the scheduling.\nIf specified, the policy will be dispatched by specified scheduler.\nIf not specified, the policy will be dispatched by default scheduler." diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml index 6af6c9c38..87a1eccd8 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/federatedresourcequotas.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "federatedresourcequotas.policy.karmada.io" spec: group: "policy.karmada.io" diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml index b63b4708b..ea9441212 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/overridepolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "overridepolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -60,6 +60,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" argsOverrider: @@ -188,7 +189,7 @@ spec: - "replace" type: "string" predicate: - description: "Predicate filters images before applying the rule.\n\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\n\nIf not nil, only images matches the filters will be processed." + description: "Predicate filters images before applying the rule.\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\nIf not nil, only images matches the filters will be processed." properties: path: description: "Path indicates the path of target field" @@ -223,6 +224,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" plaintext: @@ -327,7 +329,7 @@ spec: type: "object" type: "array" overriders: - description: "Overriders represents the override rules that would apply on resources\n\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." + description: "Overriders represents the override rules that would apply on resources\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." properties: annotationsOverrider: description: "AnnotationsOverrider represents the rules dedicated to handling workload annotations" @@ -348,6 +350,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" argsOverrider: @@ -476,7 +479,7 @@ spec: - "replace" type: "string" predicate: - description: "Predicate filters images before applying the rule.\n\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\n\nIf not nil, only images matches the filters will be processed." + description: "Predicate filters images before applying the rule.\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - DaemonSet: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\n - Job: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one container.\n\nIf not nil, only images matches the filters will be processed." properties: path: description: "Path indicates the path of target field" @@ -511,6 +514,7 @@ spec: type: "object" required: - "operator" + - "value" type: "object" type: "array" plaintext: @@ -593,7 +597,7 @@ spec: type: "object" type: "array" targetCluster: - description: "TargetCluster defines restrictions on this override policy\nthat only applies to resources propagated to the matching clusters.\nnil means matching all clusters.\n\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." + description: "TargetCluster defines restrictions on this override policy\nthat only applies to resources propagated to the matching clusters.\nnil means matching all clusters.\n\nDeprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead." properties: clusterNames: description: "ClusterNames is the list of clusters to be selected." diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml index 262396546..f695dbda1 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "propagationpolicies.policy.karmada.io" spec: group: "policy.karmada.io" @@ -44,7 +44,7 @@ spec: description: "Spec represents the desired behavior of PropagationPolicy." properties: activationPreference: - description: "ActivationPreference indicates how the referencing resource template will\nbe propagated, in case of policy changes.\n\n\nIf empty, the resource template will respond to policy changes\nimmediately, in other words, any policy changes will drive the resource\ntemplate to be propagated immediately as per the current propagation rules.\n\n\nIf the value is 'Lazy' means the policy changes will not take effect for now\nbut defer to the resource template changes, in other words, the resource\ntemplate will not be propagated as per the current propagation rules until\nthere is an update on it.\nThis is an experimental feature that might help in a scenario where a policy\nmanages huge amount of resource templates, changes to a policy typically\naffect numerous applications simultaneously. A minor misconfiguration\ncould lead to widespread failures. With this feature, the change can be\ngradually rolled out through iterative modifications of resource templates." + description: "ActivationPreference indicates how the referencing resource template will\nbe propagated, in case of policy changes.\n\nIf empty, the resource template will respond to policy changes\nimmediately, in other words, any policy changes will drive the resource\ntemplate to be propagated immediately as per the current propagation rules.\n\nIf the value is 'Lazy' means the policy changes will not take effect for now\nbut defer to the resource template changes, in other words, the resource\ntemplate will not be propagated as per the current propagation rules until\nthere is an update on it.\nThis is an experimental feature that might help in a scenario where a policy\nmanages huge amount of resource templates, changes to a policy typically\naffect numerous applications simultaneously. A minor misconfiguration\ncould lead to widespread failures. With this feature, the change can be\ngradually rolled out through iterative modifications of resource templates." enum: - "Lazy" type: "string" @@ -53,13 +53,13 @@ spec: type: "boolean" conflictResolution: default: "Abort" - description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." + description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." enum: - "Abort" - "Overwrite" type: "string" dependentOverrides: - description: "DependentOverrides represents the list of overrides(OverridePolicy)\nwhich must present before the current PropagationPolicy takes effect.\n\n\nIt used to explicitly specify overrides which current PropagationPolicy rely on.\nA typical scenario is the users create OverridePolicy(ies) and resources at the same time,\nthey want to ensure the new-created policies would be adopted.\n\n\nNote: For the overrides, OverridePolicy(ies) in current namespace and ClusterOverridePolicy(ies),\nwhich not present in this list will still be applied if they matches the resources." + description: "DependentOverrides represents the list of overrides(OverridePolicy)\nwhich must present before the current PropagationPolicy takes effect.\n\nIt used to explicitly specify overrides which current PropagationPolicy rely on.\nA typical scenario is the users create OverridePolicy(ies) and resources at the same time,\nthey want to ensure the new-created policies would be adopted.\n\nNote: For the overrides, OverridePolicy(ies) in current namespace and ClusterOverridePolicy(ies),\nwhich not present in this list will still be applied if they matches the resources." items: type: "string" type: "array" @@ -90,6 +90,28 @@ spec: - "Graciously" - "Never" type: "string" + statePreservation: + description: "StatePreservation defines the policy for preserving and restoring state data\nduring failover events for stateful applications.\n\nWhen an application fails over from one cluster to another, this policy enables\nthe extraction of critical data from the original resource configuration.\nUpon successful migration, the extracted data is then re-injected into the new\nresource, ensuring that the application can resume operation with its previous\nstate intact.\nThis is particularly useful for stateful applications where maintaining data\nconsistency across failover events is crucial.\nIf not specified, means no state data will be preserved.\n\nNote: This requires the StatefulFailoverInjection feature gate to be enabled,\nwhich is alpha." + properties: + rules: + description: "Rules contains a list of StatePreservationRule configurations.\nEach rule specifies a JSONPath expression targeting specific pieces of\nstate data to be preserved during failover events. An AliasLabelName is associated\nwith each rule, serving as a label key when the preserved data is passed\nto the new cluster." + items: + description: "StatePreservationRule defines a single rule for state preservation.\nIt includes a JSONPath expression and an alias name that will be used\nas a label key when passing state information to the new cluster." + properties: + aliasLabelName: + description: "AliasLabelName is the name that will be used as a label key when the preserved\ndata is passed to the new cluster. This facilitates the injection of the\npreserved state back into the application resources during recovery." + type: "string" + jsonPath: + description: "JSONPath is the JSONPath template used to identify the state data\nto be preserved from the original resource configuration.\nThe JSONPath syntax follows the Kubernetes specification:\nhttps://kubernetes.io/docs/reference/kubectl/jsonpath/\n\nNote: The JSONPath expression will start searching from the \"status\" field of\nthe API resource object by default. For example, to extract the \"availableReplicas\"\nfrom a Deployment, the JSONPath expression should be \"{.availableReplicas}\", not\n\"{.status.availableReplicas}\"." + type: "string" + required: + - "aliasLabelName" + - "jsonPath" + type: "object" + type: "array" + required: + - "rules" + type: "object" required: - "decisionConditions" type: "object" @@ -98,7 +120,7 @@ spec: description: "Placement represents the rule for select clusters to propagate resources." properties: clusterAffinities: - description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." + description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." items: description: "ClusterAffinityTerm selects a set of cluster." properties: @@ -423,15 +445,15 @@ spec: - "Never" type: "string" preserveResourcesOnDeletion: - description: "PreserveResourcesOnDeletion controls whether resources should be preserved on the\nmember clusters when the resource template is deleted.\nIf set to true, resources will be preserved on the member clusters.\nDefault is false, which means resources will be deleted along with the resource template.\n\n\nThis setting is particularly useful during workload migration scenarios to ensure\nthat rollback can occur quickly without affecting the workloads running on the\nmember clusters.\n\n\nAdditionally, this setting applies uniformly across all member clusters and will not\nselectively control preservation on only some clusters.\n\n\nNote: This setting does not apply to the deletion of the policy itself.\nWhen the policy is deleted, the resource templates and their corresponding\npropagated resources in member clusters will remain unchanged unless explicitly deleted." + description: "PreserveResourcesOnDeletion controls whether resources should be preserved on the\nmember clusters when the resource template is deleted.\nIf set to true, resources will be preserved on the member clusters.\nDefault is false, which means resources will be deleted along with the resource template.\n\nThis setting is particularly useful during workload migration scenarios to ensure\nthat rollback can occur quickly without affecting the workloads running on the\nmember clusters.\n\nAdditionally, this setting applies uniformly across all member clusters and will not\nselectively control preservation on only some clusters.\n\nNote: This setting does not apply to the deletion of the policy itself.\nWhen the policy is deleted, the resource templates and their corresponding\npropagated resources in member clusters will remain unchanged unless explicitly deleted." type: "boolean" priority: default: 0 - description: "Priority indicates the importance of a policy(PropagationPolicy or ClusterPropagationPolicy).\nA policy will be applied for the matched resource templates if there is\nno other policies with higher priority at the point of the resource\ntemplate be processed.\nOnce a resource template has been claimed by a policy, by default it will\nnot be preempted by following policies even with a higher priority.\nSee Preemption for more details.\n\n\nIn case of two policies have the same priority, the one with a more precise\nmatching rules in ResourceSelectors wins:\n- matching by name(resourceSelector.name) has higher priority than\n by selector(resourceSelector.labelSelector)\n- matching by selector(resourceSelector.labelSelector) has higher priority\n than by APIVersion(resourceSelector.apiVersion) and Kind(resourceSelector.kind).\nIf there is still no winner at this point, the one with the lower alphabetic\norder wins, e.g. policy 'bar' has higher priority than 'foo'.\n\n\nThe higher the value, the higher the priority. Defaults to zero." + description: "Priority indicates the importance of a policy(PropagationPolicy or ClusterPropagationPolicy).\nA policy will be applied for the matched resource templates if there is\nno other policies with higher priority at the point of the resource\ntemplate be processed.\nOnce a resource template has been claimed by a policy, by default it will\nnot be preempted by following policies even with a higher priority.\nSee Preemption for more details.\n\nIn case of two policies have the same priority, the one with a more precise\nmatching rules in ResourceSelectors wins:\n- matching by name(resourceSelector.name) has higher priority than\n by selector(resourceSelector.labelSelector)\n- matching by selector(resourceSelector.labelSelector) has higher priority\n than by APIVersion(resourceSelector.apiVersion) and Kind(resourceSelector.kind).\nIf there is still no winner at this point, the one with the lower alphabetic\norder wins, e.g. policy 'bar' has higher priority than 'foo'.\n\nThe higher the value, the higher the priority. Defaults to zero." format: "int32" type: "integer" propagateDeps: - description: "PropagateDeps tells if relevant resources should be propagated automatically.\nTake 'Deployment' which referencing 'ConfigMap' and 'Secret' as an example, when 'propagateDeps' is 'true',\nthe referencing resources could be omitted(for saving config effort) from 'resourceSelectors' as they will be\npropagated along with the Deployment. In addition to the propagating process, the referencing resources will be\nmigrated along with the Deployment in the fail-over scenario.\n\n\nDefaults to false." + description: "PropagateDeps tells if relevant resources should be propagated automatically.\nTake 'Deployment' which referencing 'ConfigMap' and 'Secret' as an example, when 'propagateDeps' is 'true',\nthe referencing resources could be omitted(for saving config effort) from 'resourceSelectors' as they will be\npropagated along with the Deployment. In addition to the propagating process, the referencing resources will be\nmigrated along with the Deployment in the fail-over scenario.\n\nDefaults to false." type: "boolean" resourceSelectors: description: "ResourceSelectors used to select resources.\nNil or empty selector is not allowed and doesn't mean match all kinds\nof resources for security concerns that sensitive resources(like Secret)\nmight be accidentally propagated." @@ -489,6 +511,21 @@ spec: type: "object" minItems: 1 type: "array" + schedulePriority: + description: "SchedulePriority defines how Karmada should resolve the priority and preemption policy\nfor workload scheduling.\n\nThis setting is useful for controlling the scheduling behavior of offline workloads.\nBy setting a higher or lower priority, users can control which workloads are scheduled first.\nAdditionally, it allows specifying a preemption policy where higher-priority workloads can\npreempt lower-priority ones in scenarios of resource contention.\n\nNote: This feature is currently in the alpha stage. The priority-based scheduling functionality is\ncontrolled by the PriorityBasedScheduling feature gate, and preemption is controlled by the\nPriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is\nsupported. Preemption functionality is not yet available and will be introduced in future\nreleases as the feature matures." + properties: + priorityClassName: + description: "PriorityClassName specifies which PriorityClass to use. Its behavior depends on PriorityClassSource:\n\nBehavior of PriorityClassName:\n\nFor KubePriorityClass:\n- When specified: Uses the named Kubernetes PriorityClass.\n\nFor PodPriorityClass:\n- Uses PriorityClassName from the PodTemplate.\n- Not yet implemented.\n\nFor FederatedPriorityClass:\n- Not yet implemented." + type: "string" + priorityClassSource: + description: "PriorityClassSource specifies where Karmada should look for the PriorityClass definition.\nAvailable options:\n- KubePriorityClass: Uses Kubernetes PriorityClass (scheduling.k8s.io/v1)\n- PodPriorityClass: Uses PriorityClassName from PodTemplate: PodSpec.PriorityClassName (not yet implemented)\n- FederatedPriorityClass: Uses Karmada FederatedPriorityClass (not yet implemented)" + enum: + - "KubePriorityClass" + type: "string" + required: + - "priorityClassName" + - "priorityClassSource" + type: "object" schedulerName: default: "default-scheduler" description: "SchedulerName represents which scheduler to proceed the scheduling.\nIf specified, the policy will be dispatched by specified scheduler.\nIf not specified, the policy will be dispatched by default scheduler." diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml index 185a56b4d..d8d9ff874 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/clusterresourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "clusterresourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -116,7 +116,7 @@ spec: conditions: description: "Conditions contain the different condition statuses." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -145,7 +145,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml index cae7326cb..9dea381d1 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/resourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "resourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -116,7 +116,7 @@ spec: conditions: description: "Conditions contain the different condition statuses." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -145,7 +145,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml index 9da3c1f1d..e0a1ebe74 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "works.work.karmada.io" spec: group: "work.karmada.io" @@ -67,7 +67,7 @@ spec: conditions: description: "Conditions contain the different condition statuses for this work.\nValid condition types are:\n1. Applied represents workload in Work is applied successfully on a managed cluster.\n2. Progressing represents workload in Work is being applied on a managed cluster.\n3. Available represents workload in Work exists on the managed cluster.\n4. Degraded represents the current state of workload does not match the desired\nstate for a certain period." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -96,7 +96,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml index f3bab66b8..c90cb8551 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "clusterresourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -61,7 +61,7 @@ spec: type: "array" conflictResolution: default: "Abort" - description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." + description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." enum: - "Abort" - "Overwrite" @@ -93,6 +93,28 @@ spec: - "Graciously" - "Never" type: "string" + statePreservation: + description: "StatePreservation defines the policy for preserving and restoring state data\nduring failover events for stateful applications.\n\nWhen an application fails over from one cluster to another, this policy enables\nthe extraction of critical data from the original resource configuration.\nUpon successful migration, the extracted data is then re-injected into the new\nresource, ensuring that the application can resume operation with its previous\nstate intact.\nThis is particularly useful for stateful applications where maintaining data\nconsistency across failover events is crucial.\nIf not specified, means no state data will be preserved.\n\nNote: This requires the StatefulFailoverInjection feature gate to be enabled,\nwhich is alpha." + properties: + rules: + description: "Rules contains a list of StatePreservationRule configurations.\nEach rule specifies a JSONPath expression targeting specific pieces of\nstate data to be preserved during failover events. An AliasLabelName is associated\nwith each rule, serving as a label key when the preserved data is passed\nto the new cluster." + items: + description: "StatePreservationRule defines a single rule for state preservation.\nIt includes a JSONPath expression and an alias name that will be used\nas a label key when passing state information to the new cluster." + properties: + aliasLabelName: + description: "AliasLabelName is the name that will be used as a label key when the preserved\ndata is passed to the new cluster. This facilitates the injection of the\npreserved state back into the application resources during recovery." + type: "string" + jsonPath: + description: "JSONPath is the JSONPath template used to identify the state data\nto be preserved from the original resource configuration.\nThe JSONPath syntax follows the Kubernetes specification:\nhttps://kubernetes.io/docs/reference/kubectl/jsonpath/\n\nNote: The JSONPath expression will start searching from the \"status\" field of\nthe API resource object by default. For example, to extract the \"availableReplicas\"\nfrom a Deployment, the JSONPath expression should be \"{.availableReplicas}\", not\n\"{.status.availableReplicas}\"." + type: "string" + required: + - "aliasLabelName" + - "jsonPath" + type: "object" + type: "array" + required: + - "rules" + type: "object" required: - "decisionConditions" type: "object" @@ -102,8 +124,13 @@ spec: items: description: "GracefulEvictionTask represents a graceful eviction task." properties: + clustersBeforeFailover: + description: "ClustersBeforeFailover records the clusters where running the application before failover." + items: + type: "string" + type: "array" creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was\ncreated.\nClients should not set this value to avoid the time inconsistency issue.\nIt is represented in RFC3339 form(like '2021-04-25T10:02:10Z') and is in UTC.\n\n\nPopulated by the system. Read-only." + description: "CreationTimestamp is a timestamp representing the server time when this object was\ncreated.\nClients should not set this value to avoid the time inconsistency issue.\nIt is represented in RFC3339 form(like '2021-04-25T10:02:10Z') and is in UTC.\n\nPopulated by the system. Read-only." format: "date-time" type: "string" fromCluster: @@ -117,9 +144,21 @@ spec: description: "Message is a human-readable message indicating details about the eviction.\nThis may be an empty string." maxLength: 1024 type: "string" + preservedLabelState: + additionalProperties: + type: "string" + description: "PreservedLabelState represents the application state information collected from the original cluster,\nand it will be injected into the new cluster in form of application labels." + type: "object" producer: description: "Producer indicates the controller who triggered the eviction." type: "string" + purgeMode: + description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\"." + enum: + - "Immediately" + - "Graciously" + - "Never" + type: "string" reason: description: "Reason contains a programmatic identifier indicating the reason for the eviction.\nProducers may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 32 @@ -143,7 +182,7 @@ spec: description: "Placement represents the rule for select clusters to propagate resources." properties: clusterAffinities: - description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." + description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." items: description: "ClusterAffinityTerm selects a set of cluster." properties: @@ -615,7 +654,7 @@ spec: type: "object" type: "array" rescheduleTriggeredAt: - description: "RescheduleTriggeredAt is a timestamp representing when the referenced resource is triggered rescheduling.\nWhen this field is updated, it means a rescheduling is manually triggered by user, and the expected behavior\nof this action is to do a complete recalculation without referring to last scheduling results.\nIt works with the status.lastScheduledTime field, and only when this timestamp is later than timestamp in\nstatus.lastScheduledTime will the rescheduling actually execute, otherwise, ignored.\n\n\nIt is represented in RFC3339 form (like '2006-01-02T15:04:05Z') and is in UTC." + description: "RescheduleTriggeredAt is a timestamp representing when the referenced resource is triggered rescheduling.\nWhen this field is updated, it means a rescheduling is manually triggered by user, and the expected behavior\nof this action is to do a complete recalculation without referring to last scheduling results.\nIt works with the status.lastScheduledTime field, and only when this timestamp is later than timestamp in\nstatus.lastScheduledTime will the rescheduling actually execute, otherwise, ignored.\n\nIt is represented in RFC3339 form (like '2006-01-02T15:04:05Z') and is in UTC." format: "date-time" type: "string" resource: @@ -644,6 +683,15 @@ spec: - "kind" - "name" type: "object" + schedulePriority: + description: "SchedulePriority represents the scheduling priority assigned to workloads." + properties: + priority: + default: 0 + description: "Priority specifies the scheduling priority for the binding.\nHigher values indicate a higher priority.\nIf not explicitly set, the default value is 0." + format: "int32" + type: "integer" + type: "object" schedulerName: description: "SchedulerName represents which scheduler to proceed the scheduling.\nIt inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy)." type: "string" @@ -662,6 +710,9 @@ spec: type: "string" type: "array" type: "object" + scheduling: + description: "Scheduling controls whether scheduling should be suspended, the scheduler will pause scheduling and not\nprocess resource binding when the value is true and resume scheduling when it's false or nil.\nThis is designed for third-party systems to temporarily pause the scheduling of applications, which enabling\nmanage resource allocation, prioritize critical workloads, etc.\nIt is expected that third-party systems use an admission webhook to suspend scheduling at the time of\nResourceBinding creation. Once a ResourceBinding has been scheduled, it cannot be paused afterward, as it may\nlead to ineffective suspension." + type: "boolean" type: "object" required: - "resource" @@ -701,7 +752,7 @@ spec: conditions: description: "Conditions contain the different condition statuses." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -730,7 +781,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml index ab7146ddd..4c3a9b1ef 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "resourcebindings.work.karmada.io" spec: group: "work.karmada.io" @@ -61,7 +61,7 @@ spec: type: "array" conflictResolution: default: "Abort" - description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." + description: "ConflictResolution declares how potential conflict should be handled when\na resource that is being propagated already exists in the target cluster.\n\nIt defaults to \"Abort\" which means stop propagating to avoid unexpected\noverwrites. The \"Overwrite\" might be useful when migrating legacy cluster\nresources to Karmada, in which case conflict is predictable and can be\ninstructed to Karmada take over the resource by overwriting." enum: - "Abort" - "Overwrite" @@ -93,6 +93,28 @@ spec: - "Graciously" - "Never" type: "string" + statePreservation: + description: "StatePreservation defines the policy for preserving and restoring state data\nduring failover events for stateful applications.\n\nWhen an application fails over from one cluster to another, this policy enables\nthe extraction of critical data from the original resource configuration.\nUpon successful migration, the extracted data is then re-injected into the new\nresource, ensuring that the application can resume operation with its previous\nstate intact.\nThis is particularly useful for stateful applications where maintaining data\nconsistency across failover events is crucial.\nIf not specified, means no state data will be preserved.\n\nNote: This requires the StatefulFailoverInjection feature gate to be enabled,\nwhich is alpha." + properties: + rules: + description: "Rules contains a list of StatePreservationRule configurations.\nEach rule specifies a JSONPath expression targeting specific pieces of\nstate data to be preserved during failover events. An AliasLabelName is associated\nwith each rule, serving as a label key when the preserved data is passed\nto the new cluster." + items: + description: "StatePreservationRule defines a single rule for state preservation.\nIt includes a JSONPath expression and an alias name that will be used\nas a label key when passing state information to the new cluster." + properties: + aliasLabelName: + description: "AliasLabelName is the name that will be used as a label key when the preserved\ndata is passed to the new cluster. This facilitates the injection of the\npreserved state back into the application resources during recovery." + type: "string" + jsonPath: + description: "JSONPath is the JSONPath template used to identify the state data\nto be preserved from the original resource configuration.\nThe JSONPath syntax follows the Kubernetes specification:\nhttps://kubernetes.io/docs/reference/kubectl/jsonpath/\n\nNote: The JSONPath expression will start searching from the \"status\" field of\nthe API resource object by default. For example, to extract the \"availableReplicas\"\nfrom a Deployment, the JSONPath expression should be \"{.availableReplicas}\", not\n\"{.status.availableReplicas}\"." + type: "string" + required: + - "aliasLabelName" + - "jsonPath" + type: "object" + type: "array" + required: + - "rules" + type: "object" required: - "decisionConditions" type: "object" @@ -102,8 +124,13 @@ spec: items: description: "GracefulEvictionTask represents a graceful eviction task." properties: + clustersBeforeFailover: + description: "ClustersBeforeFailover records the clusters where running the application before failover." + items: + type: "string" + type: "array" creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was\ncreated.\nClients should not set this value to avoid the time inconsistency issue.\nIt is represented in RFC3339 form(like '2021-04-25T10:02:10Z') and is in UTC.\n\n\nPopulated by the system. Read-only." + description: "CreationTimestamp is a timestamp representing the server time when this object was\ncreated.\nClients should not set this value to avoid the time inconsistency issue.\nIt is represented in RFC3339 form(like '2021-04-25T10:02:10Z') and is in UTC.\n\nPopulated by the system. Read-only." format: "date-time" type: "string" fromCluster: @@ -117,9 +144,21 @@ spec: description: "Message is a human-readable message indicating details about the eviction.\nThis may be an empty string." maxLength: 1024 type: "string" + preservedLabelState: + additionalProperties: + type: "string" + description: "PreservedLabelState represents the application state information collected from the original cluster,\nand it will be injected into the new cluster in form of application labels." + type: "object" producer: description: "Producer indicates the controller who triggered the eviction." type: "string" + purgeMode: + description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\"." + enum: + - "Immediately" + - "Graciously" + - "Never" + type: "string" reason: description: "Reason contains a programmatic identifier indicating the reason for the eviction.\nProducers may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 32 @@ -143,7 +182,7 @@ spec: description: "Placement represents the rule for select clusters to propagate resources." properties: clusterAffinities: - description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." + description: "ClusterAffinities represents scheduling restrictions to multiple cluster\ngroups that indicated by ClusterAffinityTerm.\n\nThe scheduler will evaluate these groups one by one in the order they\nappear in the spec, the group that does not satisfy scheduling restrictions\nwill be ignored which means all clusters in this group will not be selected\nunless it also belongs to the next group(a cluster could belong to multiple\ngroups).\n\nIf none of the groups satisfy the scheduling restrictions, then scheduling\nfails, which means no cluster will be selected.\n\nNote:\n 1. ClusterAffinities can not co-exist with ClusterAffinity.\n 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster\n can be scheduling candidates.\n\nPotential use case 1:\nThe private clusters in the local data center could be the main group, and\nthe managed clusters provided by cluster providers could be the secondary\ngroup. So that the Karmada scheduler would prefer to schedule workloads\nto the main group and the second group will only be considered in case of\nthe main group does not satisfy restrictions(like, lack of resources).\n\nPotential use case 2:\nFor the disaster recovery scenario, the clusters could be organized to\nprimary and backup groups, the workloads would be scheduled to primary\nclusters firstly, and when primary cluster fails(like data center power off),\nKarmada scheduler could migrate workloads to the backup clusters." items: description: "ClusterAffinityTerm selects a set of cluster." properties: @@ -615,7 +654,7 @@ spec: type: "object" type: "array" rescheduleTriggeredAt: - description: "RescheduleTriggeredAt is a timestamp representing when the referenced resource is triggered rescheduling.\nWhen this field is updated, it means a rescheduling is manually triggered by user, and the expected behavior\nof this action is to do a complete recalculation without referring to last scheduling results.\nIt works with the status.lastScheduledTime field, and only when this timestamp is later than timestamp in\nstatus.lastScheduledTime will the rescheduling actually execute, otherwise, ignored.\n\n\nIt is represented in RFC3339 form (like '2006-01-02T15:04:05Z') and is in UTC." + description: "RescheduleTriggeredAt is a timestamp representing when the referenced resource is triggered rescheduling.\nWhen this field is updated, it means a rescheduling is manually triggered by user, and the expected behavior\nof this action is to do a complete recalculation without referring to last scheduling results.\nIt works with the status.lastScheduledTime field, and only when this timestamp is later than timestamp in\nstatus.lastScheduledTime will the rescheduling actually execute, otherwise, ignored.\n\nIt is represented in RFC3339 form (like '2006-01-02T15:04:05Z') and is in UTC." format: "date-time" type: "string" resource: @@ -644,6 +683,15 @@ spec: - "kind" - "name" type: "object" + schedulePriority: + description: "SchedulePriority represents the scheduling priority assigned to workloads." + properties: + priority: + default: 0 + description: "Priority specifies the scheduling priority for the binding.\nHigher values indicate a higher priority.\nIf not explicitly set, the default value is 0." + format: "int32" + type: "integer" + type: "object" schedulerName: description: "SchedulerName represents which scheduler to proceed the scheduling.\nIt inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy)." type: "string" @@ -662,6 +710,9 @@ spec: type: "string" type: "array" type: "object" + scheduling: + description: "Scheduling controls whether scheduling should be suspended, the scheduler will pause scheduling and not\nprocess resource binding when the value is true and resume scheduling when it's false or nil.\nThis is designed for third-party systems to temporarily pause the scheduling of applications, which enabling\nmanage resource allocation, prioritize critical workloads, etc.\nIt is expected that third-party systems use an admission webhook to suspend scheduling at the time of\nResourceBinding creation. Once a ResourceBinding has been scheduled, it cannot be paused afterward, as it may\nlead to ineffective suspension." + type: "boolean" type: "object" required: - "resource" @@ -701,7 +752,7 @@ spec: conditions: description: "Conditions contain the different condition statuses." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -730,7 +781,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml index 479dc0335..552d9a85f 100644 --- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml +++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml @@ -163,6 +163,8 @@ spec: type: "string" parameter: type: "string" + secretKey: + type: "string" versionId: type: "string" versionStage: diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml index 75a975227..bc89263a9 100644 --- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml +++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml @@ -168,6 +168,14 @@ spec: fallback: description: "Fallback is the spec for fallback options" properties: + behavior: + default: "static" + enum: + - "static" + - "currentReplicas" + - "currentReplicasIfHigher" + - "currentReplicasIfLower" + type: "string" failureThreshold: format: "int32" type: "integer" diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml index c3daa307a..63cb5f1c6 100644 --- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml +++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml @@ -163,6 +163,8 @@ spec: type: "string" parameter: type: "string" + secretKey: + type: "string" versionId: type: "string" versionStage: diff --git a/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml b/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml index 23cbd3435..d427cc49f 100644 --- a/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml +++ b/crd-catalog/kiali/kiali-operator/kiali.io/v1alpha1/kialis.yaml @@ -420,6 +420,36 @@ spec: priority_class_name: description: "The priorityClassName used to assign the priority of the Kiali pod." type: "string" + probes: + description: "Configures the liveness, readiness, and startup probes of the Kiali pod." + properties: + liveness: + description: "Configures the liveness probe of the Kiali pod." + properties: + initial_delay_seconds: + type: "integer" + period_seconds: + type: "integer" + type: "object" + readiness: + description: "Configures the readiness probe of the Kiali pod." + properties: + initial_delay_seconds: + type: "integer" + period_seconds: + type: "integer" + type: "object" + startup: + description: "Configures the startup probe of the Kiali pod." + properties: + failure_threshold: + type: "integer" + initial_delay_seconds: + type: "integer" + period_seconds: + type: "integer" + type: "object" + type: "object" remote_cluster_resources_only: description: "When `true`, only those resources necessary for a remote Kiali Server to access this cluster are created (such as the service account and roles/bindings). There will be no Kiali Server deployment/pod created when this is `true`." type: "boolean" @@ -450,6 +480,12 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true type: "array" + topology_spread_constraints: + description: "A list of constraints which control how the Kiali pods are spread across your cluster to help achieve high availability as well as efficient resource utilization. See the Kubernetes documentation on Topology Spread Constraints for more details." + items: + type: "object" + x-kubernetes-preserve-unknown-fields: true + type: "array" version_label: description: "Kiali resources will be assigned a 'version' label when they are deployed.\nThis setting determines what value those 'version' labels will have.\nWhen empty, its default will be determined as follows,\n\n* If `deployment.image_version` is 'latest', `version_label` will be fixed to 'master'.\n* If `deployment.image_version` is 'lastrelease', `version_label` will be fixed to the last Kiali release version string.\n* If `deployment.image_version` is anything else, `version_label` will be that value, too.\n" type: "string" @@ -716,6 +752,9 @@ spec: url_service_version: description: "The Istio service used to determine the Istio version. If empty, assumes the URL for the well-known Istio version endpoint." type: "string" + validation_reconcile_interval: + description: "Configures how often Kiali will validate Istio configuration. Validations cannot be disabled at the moment but you can set this to a long period of time. Accepts a golang duration string e.g. '1h' or '30m'." + type: "string" type: "object" prometheus: description: "The Prometheus configuration defined here refers to the Prometheus instance that is used by Istio to store its telemetry." @@ -817,6 +856,9 @@ spec: description: "A set of name/value settings that will be passed as headers when requests are sent to the Tracing backend." type: "object" x-kubernetes-preserve-unknown-fields: true + disable_version_check: + description: "When true, the version of the Tracing backend will not be retrieved. This will mean Kiali will not be able to display the version of your Tracing component in the Kiali UI. This may be needed in order to avoid Kiali reporting errors in cases where the full version endpoint is not accessible or is unknown. A common use case is when using Jaeger with gRPC and the HTTP endpoint is not deployed in the standard port (80). Defaults to `false`" + type: "boolean" enabled: description: "When true, connections to the Tracing server are enabled. `internal_url` and/or `external_url` need to be provided." type: "boolean" @@ -851,6 +893,12 @@ spec: tempo_config: description: "Settings used to configure the access url to the Tempo Datasource in Grafana." properties: + cache_capacity: + description: "When `cache_enabled` is true, the number of traces saved in the cache. 200 by default." + type: "integer" + cache_enabled: + description: "A FIFO cache with the last `cache_capacity` traces viewed." + type: "boolean" datasource_uid: description: "The unique identifier (uid) of the Tempo datasource in Grafana." type: "string" @@ -928,7 +976,7 @@ spec: description: "Defines specific labels used by Istio that Kiali needs to know about." properties: app_label_name: - description: "The name of the label used to define what application a workload belongs to. This is typically something like `app` or `app.kubernetes.io/name`." + description: "If using a single scheme for app/version labeling, set this to the app label name being used. This is typically `app` or `app.kubernetes.io/name`. The default is unset, and Kiali will handle mixed schemes." type: "string" egress_gateway_label: description: "The selector label for Egress Gateway workload. This is typically `istio=egressgateway`." @@ -943,7 +991,7 @@ spec: description: "The label used to identify the Istio revision." type: "string" version_label_name: - description: "The name of the label used to define what version of the application a workload belongs to. This is typically something like `version` or `app.kubernetes.io/version`." + description: "If using a single scheme for app/version labeling, set this to the version label name being used. This is typically `version` or `app.kubernetes.io/version`. The default is unset, and Kiali will handle mixed schemes." type: "string" type: "object" istio_namespace: @@ -1004,9 +1052,27 @@ spec: type: "string" type: "object" type: "array" + settings: + description: "Various presentation options." + properties: + animation: + description: "The traffic animation style. Value must be one of: `dash` or `point`. Default is `point`." + enum: + - "dash" + - "point" + type: "string" + type: "object" traffic: description: "These settings determine which rates are used to determine graph traffic." properties: + ambient: + description: "Ambient traffic is reported by ztunnel and/or waypoints. Value must be one of: `none`, `total`, `waypoint`, or `ztunnel`." + enum: + - "none" + - "total" + - "waypoint" + - "ztunnel" + type: "string" grpc: description: "gRPC traffic is measured in requests or sent/received/total messages. Value must be one of: `none`, `requests`, `sent`, `received`, or `total`." enum: @@ -1235,6 +1301,9 @@ spec: description: "When 'true', the profiler will be enabled and accessible at /debug/pprof/ on the Kiali endpoint." type: "boolean" type: "object" + require_auth: + description: "When true, the /api endpoint will require users to authenticate themselves. When false, users need not authenticate with Kiali in order to get basic runtime info about the server via the /api endpoint. This setting is ignored if auth.strategy is 'anonymous'." + type: "boolean" web_fqdn: description: "Defines the public domain where Kiali is being served. This is the 'domain' part of the URL (usually it's a fully-qualified domain name). For example, `kiali.example.org`. When empty, Kiali will try to guess this value from HTTP headers. On non-OpenShift clusters, you must populate this value if you want to enable cross-linking between Kiali instances in a multi-cluster setup." type: "string" diff --git a/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml b/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml index 408eedd96..e1a7469b7 100644 --- a/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml +++ b/crd-catalog/kiegroup/kogito-serverless-operator/sonataflow.org/v1alpha08/sonataflows.yaml @@ -6379,6 +6379,9 @@ spec: endpoint: description: "Endpoint is an externally accessible URL of the workflow" type: "string" + flowCRC: + format: "int32" + type: "integer" lastTimeRecoverAttempt: format: "date-time" type: "string" diff --git a/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml b/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml index d3302dc63..2046e951b 100644 --- a/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml +++ b/crd-catalog/kube-green/kube-green/kube-green.com/v1alpha1/sleepinfos.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "sleepinfos.kube-green.com" spec: group: "kube-green.com" @@ -97,7 +97,7 @@ spec: type: "object" type: "array" sleepAt: - description: "Hours:Minutes\n\n\nAccept cron schedule for both hour and minute.\nFor example, *:*/2 is set to configure a run every even minute." + description: "Hours:Minutes\n\nAccept cron schedule for both hour and minute.\nFor example, *:*/2 is set to configure a run every even minute." type: "string" suspendCronJobs: description: "If SuspendCronjobs is set to true, on sleep the cronjobs of the namespace will be suspended." @@ -105,17 +105,17 @@ spec: suspendDeployments: description: "If SuspendDeployments is set to false, on sleep the deployment of the namespace will not be suspended. By default Deployment will be suspended." type: "boolean" - suspendStatefulsets: + suspendStatefulSets: description: "If SuspendStatefulSets is set to false, on sleep the statefulset of the namespace will not be suspended. By default StatefulSet will be suspended." type: "boolean" timeZone: description: "Time zone to set the schedule, in IANA time zone identifier.\nIt is not required, default to UTC.\nFor example, for the Italy time zone set Europe/Rome." type: "string" wakeUpAt: - description: "Hours:Minutes\n\n\nAccept cron schedule for both hour and minute.\nFor example, *:*/2 is set to configure a run every even minute.\nIt is not required." + description: "Hours:Minutes\n\nAccept cron schedule for both hour and minute.\nFor example, *:*/2 is set to configure a run every even minute.\nIt is not required." type: "string" weekdays: - description: "Weekdays are in cron notation.\n\n\nFor example, to configure a schedule from monday to friday, set it to \"1-5\"" + description: "Weekdays are in cron notation.\n\nFor example, to configure a schedule from monday to friday, set it to \"1-5\"" type: "string" required: - "sleepAt" diff --git a/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml b/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml index 7c74234f7..1c8536dfb 100644 --- a/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/eventtailers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "eventtailers.logging-extensions.banzaicloud.io" spec: group: "logging-extensions.banzaicloud.io" @@ -329,6 +329,9 @@ spec: type: "object" controlNamespace: type: "string" + x-kubernetes-validations: + - message: "Value is immutable, please recreate the resource" + rule: "self == oldSelf" image: properties: imagePullSecrets: @@ -1640,6 +1643,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/hosttailers.yaml b/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/hosttailers.yaml index 09c139c66..dcd5d05a4 100644 --- a/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/hosttailers.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging-extensions.banzaicloud.io/v1alpha1/hosttailers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "hosttailers.logging-extensions.banzaicloud.io" spec: group: "logging-extensions.banzaicloud.io" @@ -1822,6 +1822,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -2675,8 +2677,6 @@ spec: type: "object" type: "array" type: "object" - required: - - "workloadMetaOverrides" type: "object" status: type: "object" diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusterflows.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusterflows.yaml index b380eb872..01aab3559 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusterflows.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusterflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "clusterflows.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -129,156 +129,6 @@ spec: use_record_as_seed: type: "boolean" type: "object" - enhanceK8s: - properties: - api_groups: - items: - type: "string" - type: "array" - bearer_token_file: - type: "string" - ca_file: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - cache_refresh: - type: "integer" - cache_refresh_variation: - type: "integer" - cache_size: - type: "integer" - cache_ttl: - type: "integer" - client_cert: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - client_key: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - core_api_versions: - items: - type: "string" - type: "array" - data_type: - type: "string" - in_namespace_path: - items: - type: "string" - type: "array" - in_pod_path: - items: - type: "string" - type: "array" - kubernetes_url: - type: "string" - secret_dir: - type: "string" - ssl_partial_chain: - type: "boolean" - verify_ssl: - type: "boolean" - type: "object" geoip: properties: backend_library: @@ -913,61 +763,6 @@ spec: output_type: type: "string" type: "object" - sumologic: - properties: - collector_key_name: - type: "string" - collector_value: - type: "string" - exclude_container_regex: - type: "string" - exclude_facility_regex: - type: "string" - exclude_host_regex: - type: "string" - exclude_namespace_regex: - type: "string" - exclude_pod_regex: - type: "string" - exclude_priority_regex: - type: "string" - exclude_unit_regex: - type: "string" - log_format: - type: "string" - source_category: - type: "string" - source_category_key_name: - type: "string" - source_category_prefix: - type: "string" - source_category_replace_dash: - type: "string" - source_host: - type: "string" - source_host_key_name: - type: "string" - source_name: - type: "string" - source_name_key_name: - type: "string" - tracing_annotation_prefix: - type: "string" - tracing_container_name: - type: "string" - tracing_format: - type: "boolean" - tracing_host: - type: "string" - tracing_label_prefix: - type: "string" - tracing_namespace: - type: "string" - tracing_pod: - type: "string" - tracing_pod_id: - type: "string" - type: "object" tag_normaliser: properties: format: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml index 181299600..fa2f40d4c 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/clusteroutputs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "clusteroutputs.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -1909,10 +1909,6 @@ spec: write_operation: type: "string" type: "object" - enabledNamespaces: - items: - type: "string" - type: "array" file: properties: add_path_suffix: @@ -2851,6 +2847,8 @@ spec: type: type: "string" type: "object" + compress: + type: "string" content_type: type: "string" endpoint: @@ -2878,6 +2876,10 @@ spec: additionalProperties: type: "string" type: "object" + headers_from_placeholders: + additionalProperties: + type: "string" + type: "object" http_method: type: "string" json_array: @@ -2892,6 +2894,8 @@ spec: items: type: "integer" type: "array" + reuse_connections: + type: "boolean" slow_flush_log_threshold: type: "string" ssl_timeout: @@ -3263,6 +3267,193 @@ spec: type: "object" principal: type: "string" + rdkafka_options: + properties: + allow.auto.create.topics: + type: "boolean" + api.version.fallback.ms: + type: "integer" + api.version.request: + type: "boolean" + api.version.request.timeout.ms: + type: "integer" + background_event_cb: + type: "string" + bootstrap.servers: + type: "string" + broker.address.family: + type: "string" + broker.address.ttl: + type: "integer" + broker.version.fallback: + type: "string" + builtin.features: + type: "string" + client.id: + type: "string" + closesocket_cb: + type: "string" + connect_cb: + type: "string" + connections.max.idle.ms: + type: "integer" + debug: + type: "string" + default_topic_conf: + type: "string" + enable.random.seed: + type: "boolean" + enable.sasl.oauthbearer.unsecure.jwt: + type: "boolean" + enable.ssl.certificate.verification: + type: "boolean" + enabled_events: + type: "integer" + error_cb: + type: "string" + interceptors: + type: "string" + internal.termination.signal: + type: "integer" + log.connection.close: + type: "boolean" + log.queue: + type: "boolean" + log.thread.name: + type: "boolean" + log_cb: + type: "string" + log_level: + type: "integer" + max.in.flight: + type: "integer" + max.in.flight.requests.per.connection: + type: "integer" + message.copy.max.bytes: + type: "integer" + message.max.bytes: + type: "integer" + metadata.broker.list: + type: "string" + metadata.max.age.ms: + type: "integer" + oauthbearer_token_refresh_cb: + type: "string" + opaque: + type: "string" + open_cb: + type: "string" + plugin.library.paths: + type: "string" + receive.message.max.bytes: + type: "integer" + reconnect.backoff.max.ms: + type: "integer" + reconnect.backoff.ms: + type: "integer" + resolve_cb: + type: "string" + sasl.kerberos.keytab: + type: "string" + sasl.kerberos.kinit.cmd: + type: "string" + sasl.kerberos.min.time.before.relogin: + type: "integer" + sasl.kerberos.principal: + type: "string" + sasl.kerberos.service.name: + type: "string" + sasl.mechanisms: + type: "string" + sasl.oauthbearer.client.id: + type: "string" + sasl.oauthbearer.client.secret: + type: "string" + sasl.oauthbearer.config: + type: "string" + sasl.oauthbearer.extensions: + type: "string" + sasl.oauthbearer.method: + type: "string" + sasl.oauthbearer.scope: + type: "string" + sasl.oauthbearer.token.endpoint.url: + type: "string" + sasl.password: + type: "string" + sasl.username: + type: "string" + security.protocol: + type: "string" + socket.blocking.max.ms: + type: "integer" + socket.connection.setup.timeout.ms: + type: "integer" + socket.keepalive.enable: + type: "boolean" + socket.max.fails: + type: "integer" + socket.nagle.disable: + type: "boolean" + socket.receive.buffer.bytes: + type: "integer" + socket.send.buffer.bytes: + type: "integer" + socket.timeout.ms: + type: "integer" + socket_cb: + type: "string" + ssl.ca.location: + type: "string" + ssl.ca.pem: + type: "string" + ssl.certificate.location: + type: "string" + ssl.certificate.pem: + type: "string" + ssl.cipher.suites: + type: "string" + ssl.crl.location: + type: "string" + ssl.curves.list: + type: "string" + ssl.endpoint.identification.algorithm: + type: "string" + ssl.engine.id: + type: "string" + ssl.engine.location: + type: "string" + ssl.key.location: + type: "string" + ssl.key.password: + type: "string" + ssl.key.pem: + type: "string" + ssl.keystore.location: + type: "string" + ssl.keystore.password: + type: "string" + ssl.providers: + type: "string" + ssl.sigalgs.list: + type: "string" + statistics.interval.ms: + type: "integer" + stats_cb: + type: "string" + throttle_cb: + type: "string" + topic.blacklist: + type: "string" + topic.metadata.propagation.max.ms: + type: "integer" + topic.metadata.refresh.fast.interval.ms: + type: "integer" + topic.metadata.refresh.interval.ms: + type: "integer" + topic.metadata.refresh.sparse: + type: "boolean" + type: "object" required_acks: type: "integer" sasl_over_ssl: @@ -6593,162 +6784,6 @@ spec: tag_property_name: type: "string" type: "object" - sumologic: - properties: - add_timestamp: - type: "boolean" - buffer: - properties: - chunk_full_threshold: - type: "string" - chunk_limit_records: - type: "integer" - chunk_limit_size: - type: "string" - compress: - type: "string" - delayed_commit_timeout: - type: "string" - disable_chunk_backup: - type: "boolean" - disabled: - type: "boolean" - flush_at_shutdown: - type: "boolean" - flush_interval: - type: "string" - flush_mode: - type: "string" - flush_thread_burst_interval: - type: "string" - flush_thread_count: - type: "integer" - flush_thread_interval: - type: "string" - overflow_action: - type: "string" - path: - type: "string" - queue_limit_length: - type: "integer" - queued_chunks_limit_size: - type: "integer" - retry_exponential_backoff_base: - type: "string" - retry_forever: - type: "boolean" - retry_max_interval: - type: "string" - retry_max_times: - type: "integer" - retry_randomize: - type: "boolean" - retry_secondary_threshold: - type: "string" - retry_timeout: - type: "string" - retry_type: - type: "string" - retry_wait: - type: "string" - tags: - type: "string" - timekey: - type: "string" - timekey_use_utc: - type: "boolean" - timekey_wait: - type: "string" - timekey_zone: - type: "string" - total_limit_size: - type: "string" - type: - type: "string" - type: "object" - compress: - type: "boolean" - compress_encoding: - type: "string" - custom_dimensions: - type: "string" - custom_fields: - items: - type: "string" - type: "array" - data_type: - type: "string" - delimiter: - type: "string" - disable_cookies: - type: "boolean" - endpoint: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - log_format: - type: "string" - log_key: - type: "string" - metric_data_format: - type: "string" - open_timeout: - type: "integer" - proxy_uri: - type: "string" - slow_flush_log_threshold: - type: "string" - source_category: - type: "string" - source_host: - type: "string" - source_name: - type: "string" - source_name_key: - type: "string" - sumo_client: - type: "string" - timestamp_key: - type: "string" - verify_ssl: - type: "boolean" - required: - - "endpoint" - - "source_name" - type: "object" syslog: properties: allow_self_signed_cert: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/flows.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/flows.yaml index fa4bdfc53..359331912 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/flows.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/flows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "flows.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -129,156 +129,6 @@ spec: use_record_as_seed: type: "boolean" type: "object" - enhanceK8s: - properties: - api_groups: - items: - type: "string" - type: "array" - bearer_token_file: - type: "string" - ca_file: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - cache_refresh: - type: "integer" - cache_refresh_variation: - type: "integer" - cache_size: - type: "integer" - cache_ttl: - type: "integer" - client_cert: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - client_key: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - core_api_versions: - items: - type: "string" - type: "array" - data_type: - type: "string" - in_namespace_path: - items: - type: "string" - type: "array" - in_pod_path: - items: - type: "string" - type: "array" - kubernetes_url: - type: "string" - secret_dir: - type: "string" - ssl_partial_chain: - type: "boolean" - verify_ssl: - type: "boolean" - type: "object" geoip: properties: backend_library: @@ -913,61 +763,6 @@ spec: output_type: type: "string" type: "object" - sumologic: - properties: - collector_key_name: - type: "string" - collector_value: - type: "string" - exclude_container_regex: - type: "string" - exclude_facility_regex: - type: "string" - exclude_host_regex: - type: "string" - exclude_namespace_regex: - type: "string" - exclude_pod_regex: - type: "string" - exclude_priority_regex: - type: "string" - exclude_unit_regex: - type: "string" - log_format: - type: "string" - source_category: - type: "string" - source_category_key_name: - type: "string" - source_category_prefix: - type: "string" - source_category_replace_dash: - type: "string" - source_host: - type: "string" - source_host_key_name: - type: "string" - source_name: - type: "string" - source_name_key_name: - type: "string" - tracing_annotation_prefix: - type: "string" - tracing_container_name: - type: "string" - tracing_format: - type: "boolean" - tracing_host: - type: "string" - tracing_label_prefix: - type: "string" - tracing_namespace: - type: "string" - tracing_pod: - type: "string" - tracing_pod_id: - type: "string" - type: "object" tag_normaliser: properties: format: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/loggings.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/loggings.yaml index a15828d53..d0a70057b 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/loggings.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/loggings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "loggings.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml index fee4e2fb9..cbdf6d1be 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1alpha1/outputs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "outputs.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -2847,6 +2847,8 @@ spec: type: type: "string" type: "object" + compress: + type: "string" content_type: type: "string" endpoint: @@ -2874,6 +2876,10 @@ spec: additionalProperties: type: "string" type: "object" + headers_from_placeholders: + additionalProperties: + type: "string" + type: "object" http_method: type: "string" json_array: @@ -2888,6 +2894,8 @@ spec: items: type: "integer" type: "array" + reuse_connections: + type: "boolean" slow_flush_log_threshold: type: "string" ssl_timeout: @@ -3259,6 +3267,193 @@ spec: type: "object" principal: type: "string" + rdkafka_options: + properties: + allow.auto.create.topics: + type: "boolean" + api.version.fallback.ms: + type: "integer" + api.version.request: + type: "boolean" + api.version.request.timeout.ms: + type: "integer" + background_event_cb: + type: "string" + bootstrap.servers: + type: "string" + broker.address.family: + type: "string" + broker.address.ttl: + type: "integer" + broker.version.fallback: + type: "string" + builtin.features: + type: "string" + client.id: + type: "string" + closesocket_cb: + type: "string" + connect_cb: + type: "string" + connections.max.idle.ms: + type: "integer" + debug: + type: "string" + default_topic_conf: + type: "string" + enable.random.seed: + type: "boolean" + enable.sasl.oauthbearer.unsecure.jwt: + type: "boolean" + enable.ssl.certificate.verification: + type: "boolean" + enabled_events: + type: "integer" + error_cb: + type: "string" + interceptors: + type: "string" + internal.termination.signal: + type: "integer" + log.connection.close: + type: "boolean" + log.queue: + type: "boolean" + log.thread.name: + type: "boolean" + log_cb: + type: "string" + log_level: + type: "integer" + max.in.flight: + type: "integer" + max.in.flight.requests.per.connection: + type: "integer" + message.copy.max.bytes: + type: "integer" + message.max.bytes: + type: "integer" + metadata.broker.list: + type: "string" + metadata.max.age.ms: + type: "integer" + oauthbearer_token_refresh_cb: + type: "string" + opaque: + type: "string" + open_cb: + type: "string" + plugin.library.paths: + type: "string" + receive.message.max.bytes: + type: "integer" + reconnect.backoff.max.ms: + type: "integer" + reconnect.backoff.ms: + type: "integer" + resolve_cb: + type: "string" + sasl.kerberos.keytab: + type: "string" + sasl.kerberos.kinit.cmd: + type: "string" + sasl.kerberos.min.time.before.relogin: + type: "integer" + sasl.kerberos.principal: + type: "string" + sasl.kerberos.service.name: + type: "string" + sasl.mechanisms: + type: "string" + sasl.oauthbearer.client.id: + type: "string" + sasl.oauthbearer.client.secret: + type: "string" + sasl.oauthbearer.config: + type: "string" + sasl.oauthbearer.extensions: + type: "string" + sasl.oauthbearer.method: + type: "string" + sasl.oauthbearer.scope: + type: "string" + sasl.oauthbearer.token.endpoint.url: + type: "string" + sasl.password: + type: "string" + sasl.username: + type: "string" + security.protocol: + type: "string" + socket.blocking.max.ms: + type: "integer" + socket.connection.setup.timeout.ms: + type: "integer" + socket.keepalive.enable: + type: "boolean" + socket.max.fails: + type: "integer" + socket.nagle.disable: + type: "boolean" + socket.receive.buffer.bytes: + type: "integer" + socket.send.buffer.bytes: + type: "integer" + socket.timeout.ms: + type: "integer" + socket_cb: + type: "string" + ssl.ca.location: + type: "string" + ssl.ca.pem: + type: "string" + ssl.certificate.location: + type: "string" + ssl.certificate.pem: + type: "string" + ssl.cipher.suites: + type: "string" + ssl.crl.location: + type: "string" + ssl.curves.list: + type: "string" + ssl.endpoint.identification.algorithm: + type: "string" + ssl.engine.id: + type: "string" + ssl.engine.location: + type: "string" + ssl.key.location: + type: "string" + ssl.key.password: + type: "string" + ssl.key.pem: + type: "string" + ssl.keystore.location: + type: "string" + ssl.keystore.password: + type: "string" + ssl.providers: + type: "string" + ssl.sigalgs.list: + type: "string" + statistics.interval.ms: + type: "integer" + stats_cb: + type: "string" + throttle_cb: + type: "string" + topic.blacklist: + type: "string" + topic.metadata.propagation.max.ms: + type: "integer" + topic.metadata.refresh.fast.interval.ms: + type: "integer" + topic.metadata.refresh.interval.ms: + type: "integer" + topic.metadata.refresh.sparse: + type: "boolean" + type: "object" required_acks: type: "integer" sasl_over_ssl: @@ -6255,162 +6450,6 @@ spec: tag_property_name: type: "string" type: "object" - sumologic: - properties: - add_timestamp: - type: "boolean" - buffer: - properties: - chunk_full_threshold: - type: "string" - chunk_limit_records: - type: "integer" - chunk_limit_size: - type: "string" - compress: - type: "string" - delayed_commit_timeout: - type: "string" - disable_chunk_backup: - type: "boolean" - disabled: - type: "boolean" - flush_at_shutdown: - type: "boolean" - flush_interval: - type: "string" - flush_mode: - type: "string" - flush_thread_burst_interval: - type: "string" - flush_thread_count: - type: "integer" - flush_thread_interval: - type: "string" - overflow_action: - type: "string" - path: - type: "string" - queue_limit_length: - type: "integer" - queued_chunks_limit_size: - type: "integer" - retry_exponential_backoff_base: - type: "string" - retry_forever: - type: "boolean" - retry_max_interval: - type: "string" - retry_max_times: - type: "integer" - retry_randomize: - type: "boolean" - retry_secondary_threshold: - type: "string" - retry_timeout: - type: "string" - retry_type: - type: "string" - retry_wait: - type: "string" - tags: - type: "string" - timekey: - type: "string" - timekey_use_utc: - type: "boolean" - timekey_wait: - type: "string" - timekey_zone: - type: "string" - total_limit_size: - type: "string" - type: - type: "string" - type: "object" - compress: - type: "boolean" - compress_encoding: - type: "string" - custom_dimensions: - type: "string" - custom_fields: - items: - type: "string" - type: "array" - data_type: - type: "string" - delimiter: - type: "string" - disable_cookies: - type: "boolean" - endpoint: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - log_format: - type: "string" - log_key: - type: "string" - metric_data_format: - type: "string" - open_timeout: - type: "integer" - proxy_uri: - type: "string" - slow_flush_log_threshold: - type: "string" - source_category: - type: "string" - source_host: - type: "string" - source_name: - type: "string" - source_name_key: - type: "string" - sumo_client: - type: "string" - timestamp_key: - type: "string" - verify_ssl: - type: "boolean" - required: - - "endpoint" - - "source_name" - type: "object" syslog: properties: allow_self_signed_cert: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusterflows.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusterflows.yaml index 68e420318..cf89b9315 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusterflows.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusterflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "clusterflows.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -129,156 +129,6 @@ spec: use_record_as_seed: type: "boolean" type: "object" - enhanceK8s: - properties: - api_groups: - items: - type: "string" - type: "array" - bearer_token_file: - type: "string" - ca_file: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - cache_refresh: - type: "integer" - cache_refresh_variation: - type: "integer" - cache_size: - type: "integer" - cache_ttl: - type: "integer" - client_cert: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - client_key: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - core_api_versions: - items: - type: "string" - type: "array" - data_type: - type: "string" - in_namespace_path: - items: - type: "string" - type: "array" - in_pod_path: - items: - type: "string" - type: "array" - kubernetes_url: - type: "string" - secret_dir: - type: "string" - ssl_partial_chain: - type: "boolean" - verify_ssl: - type: "boolean" - type: "object" geoip: properties: backend_library: @@ -913,61 +763,6 @@ spec: output_type: type: "string" type: "object" - sumologic: - properties: - collector_key_name: - type: "string" - collector_value: - type: "string" - exclude_container_regex: - type: "string" - exclude_facility_regex: - type: "string" - exclude_host_regex: - type: "string" - exclude_namespace_regex: - type: "string" - exclude_pod_regex: - type: "string" - exclude_priority_regex: - type: "string" - exclude_unit_regex: - type: "string" - log_format: - type: "string" - source_category: - type: "string" - source_category_key_name: - type: "string" - source_category_prefix: - type: "string" - source_category_replace_dash: - type: "string" - source_host: - type: "string" - source_host_key_name: - type: "string" - source_name: - type: "string" - source_name_key_name: - type: "string" - tracing_annotation_prefix: - type: "string" - tracing_container_name: - type: "string" - tracing_format: - type: "boolean" - tracing_host: - type: "string" - tracing_label_prefix: - type: "string" - tracing_namespace: - type: "string" - tracing_pod: - type: "string" - tracing_pod_id: - type: "string" - type: "object" tag_normaliser: properties: format: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml index 9b34994fa..a9794f4e9 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/clusteroutputs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "clusteroutputs.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -1909,10 +1909,6 @@ spec: write_operation: type: "string" type: "object" - enabledNamespaces: - items: - type: "string" - type: "array" file: properties: add_path_suffix: @@ -2851,6 +2847,8 @@ spec: type: type: "string" type: "object" + compress: + type: "string" content_type: type: "string" endpoint: @@ -2878,6 +2876,10 @@ spec: additionalProperties: type: "string" type: "object" + headers_from_placeholders: + additionalProperties: + type: "string" + type: "object" http_method: type: "string" json_array: @@ -2892,6 +2894,8 @@ spec: items: type: "integer" type: "array" + reuse_connections: + type: "boolean" slow_flush_log_threshold: type: "string" ssl_timeout: @@ -3263,6 +3267,193 @@ spec: type: "object" principal: type: "string" + rdkafka_options: + properties: + allow.auto.create.topics: + type: "boolean" + api.version.fallback.ms: + type: "integer" + api.version.request: + type: "boolean" + api.version.request.timeout.ms: + type: "integer" + background_event_cb: + type: "string" + bootstrap.servers: + type: "string" + broker.address.family: + type: "string" + broker.address.ttl: + type: "integer" + broker.version.fallback: + type: "string" + builtin.features: + type: "string" + client.id: + type: "string" + closesocket_cb: + type: "string" + connect_cb: + type: "string" + connections.max.idle.ms: + type: "integer" + debug: + type: "string" + default_topic_conf: + type: "string" + enable.random.seed: + type: "boolean" + enable.sasl.oauthbearer.unsecure.jwt: + type: "boolean" + enable.ssl.certificate.verification: + type: "boolean" + enabled_events: + type: "integer" + error_cb: + type: "string" + interceptors: + type: "string" + internal.termination.signal: + type: "integer" + log.connection.close: + type: "boolean" + log.queue: + type: "boolean" + log.thread.name: + type: "boolean" + log_cb: + type: "string" + log_level: + type: "integer" + max.in.flight: + type: "integer" + max.in.flight.requests.per.connection: + type: "integer" + message.copy.max.bytes: + type: "integer" + message.max.bytes: + type: "integer" + metadata.broker.list: + type: "string" + metadata.max.age.ms: + type: "integer" + oauthbearer_token_refresh_cb: + type: "string" + opaque: + type: "string" + open_cb: + type: "string" + plugin.library.paths: + type: "string" + receive.message.max.bytes: + type: "integer" + reconnect.backoff.max.ms: + type: "integer" + reconnect.backoff.ms: + type: "integer" + resolve_cb: + type: "string" + sasl.kerberos.keytab: + type: "string" + sasl.kerberos.kinit.cmd: + type: "string" + sasl.kerberos.min.time.before.relogin: + type: "integer" + sasl.kerberos.principal: + type: "string" + sasl.kerberos.service.name: + type: "string" + sasl.mechanisms: + type: "string" + sasl.oauthbearer.client.id: + type: "string" + sasl.oauthbearer.client.secret: + type: "string" + sasl.oauthbearer.config: + type: "string" + sasl.oauthbearer.extensions: + type: "string" + sasl.oauthbearer.method: + type: "string" + sasl.oauthbearer.scope: + type: "string" + sasl.oauthbearer.token.endpoint.url: + type: "string" + sasl.password: + type: "string" + sasl.username: + type: "string" + security.protocol: + type: "string" + socket.blocking.max.ms: + type: "integer" + socket.connection.setup.timeout.ms: + type: "integer" + socket.keepalive.enable: + type: "boolean" + socket.max.fails: + type: "integer" + socket.nagle.disable: + type: "boolean" + socket.receive.buffer.bytes: + type: "integer" + socket.send.buffer.bytes: + type: "integer" + socket.timeout.ms: + type: "integer" + socket_cb: + type: "string" + ssl.ca.location: + type: "string" + ssl.ca.pem: + type: "string" + ssl.certificate.location: + type: "string" + ssl.certificate.pem: + type: "string" + ssl.cipher.suites: + type: "string" + ssl.crl.location: + type: "string" + ssl.curves.list: + type: "string" + ssl.endpoint.identification.algorithm: + type: "string" + ssl.engine.id: + type: "string" + ssl.engine.location: + type: "string" + ssl.key.location: + type: "string" + ssl.key.password: + type: "string" + ssl.key.pem: + type: "string" + ssl.keystore.location: + type: "string" + ssl.keystore.password: + type: "string" + ssl.providers: + type: "string" + ssl.sigalgs.list: + type: "string" + statistics.interval.ms: + type: "integer" + stats_cb: + type: "string" + throttle_cb: + type: "string" + topic.blacklist: + type: "string" + topic.metadata.propagation.max.ms: + type: "integer" + topic.metadata.refresh.fast.interval.ms: + type: "integer" + topic.metadata.refresh.interval.ms: + type: "integer" + topic.metadata.refresh.sparse: + type: "boolean" + type: "object" required_acks: type: "integer" sasl_over_ssl: @@ -6593,162 +6784,6 @@ spec: tag_property_name: type: "string" type: "object" - sumologic: - properties: - add_timestamp: - type: "boolean" - buffer: - properties: - chunk_full_threshold: - type: "string" - chunk_limit_records: - type: "integer" - chunk_limit_size: - type: "string" - compress: - type: "string" - delayed_commit_timeout: - type: "string" - disable_chunk_backup: - type: "boolean" - disabled: - type: "boolean" - flush_at_shutdown: - type: "boolean" - flush_interval: - type: "string" - flush_mode: - type: "string" - flush_thread_burst_interval: - type: "string" - flush_thread_count: - type: "integer" - flush_thread_interval: - type: "string" - overflow_action: - type: "string" - path: - type: "string" - queue_limit_length: - type: "integer" - queued_chunks_limit_size: - type: "integer" - retry_exponential_backoff_base: - type: "string" - retry_forever: - type: "boolean" - retry_max_interval: - type: "string" - retry_max_times: - type: "integer" - retry_randomize: - type: "boolean" - retry_secondary_threshold: - type: "string" - retry_timeout: - type: "string" - retry_type: - type: "string" - retry_wait: - type: "string" - tags: - type: "string" - timekey: - type: "string" - timekey_use_utc: - type: "boolean" - timekey_wait: - type: "string" - timekey_zone: - type: "string" - total_limit_size: - type: "string" - type: - type: "string" - type: "object" - compress: - type: "boolean" - compress_encoding: - type: "string" - custom_dimensions: - type: "string" - custom_fields: - items: - type: "string" - type: "array" - data_type: - type: "string" - delimiter: - type: "string" - disable_cookies: - type: "boolean" - endpoint: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - log_format: - type: "string" - log_key: - type: "string" - metric_data_format: - type: "string" - open_timeout: - type: "integer" - proxy_uri: - type: "string" - slow_flush_log_threshold: - type: "string" - source_category: - type: "string" - source_host: - type: "string" - source_name: - type: "string" - source_name_key: - type: "string" - sumo_client: - type: "string" - timestamp_key: - type: "string" - verify_ssl: - type: "boolean" - required: - - "endpoint" - - "source_name" - type: "object" syslog: properties: allow_self_signed_cert: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/flows.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/flows.yaml index a0ba77801..d974793ed 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/flows.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/flows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "flows.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -129,156 +129,6 @@ spec: use_record_as_seed: type: "boolean" type: "object" - enhanceK8s: - properties: - api_groups: - items: - type: "string" - type: "array" - bearer_token_file: - type: "string" - ca_file: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - cache_refresh: - type: "integer" - cache_refresh_variation: - type: "integer" - cache_size: - type: "integer" - cache_ttl: - type: "integer" - client_cert: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - client_key: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - core_api_versions: - items: - type: "string" - type: "array" - data_type: - type: "string" - in_namespace_path: - items: - type: "string" - type: "array" - in_pod_path: - items: - type: "string" - type: "array" - kubernetes_url: - type: "string" - secret_dir: - type: "string" - ssl_partial_chain: - type: "boolean" - verify_ssl: - type: "boolean" - type: "object" geoip: properties: backend_library: @@ -913,61 +763,6 @@ spec: output_type: type: "string" type: "object" - sumologic: - properties: - collector_key_name: - type: "string" - collector_value: - type: "string" - exclude_container_regex: - type: "string" - exclude_facility_regex: - type: "string" - exclude_host_regex: - type: "string" - exclude_namespace_regex: - type: "string" - exclude_pod_regex: - type: "string" - exclude_priority_regex: - type: "string" - exclude_unit_regex: - type: "string" - log_format: - type: "string" - source_category: - type: "string" - source_category_key_name: - type: "string" - source_category_prefix: - type: "string" - source_category_replace_dash: - type: "string" - source_host: - type: "string" - source_host_key_name: - type: "string" - source_name: - type: "string" - source_name_key_name: - type: "string" - tracing_annotation_prefix: - type: "string" - tracing_container_name: - type: "string" - tracing_format: - type: "boolean" - tracing_host: - type: "string" - tracing_label_prefix: - type: "string" - tracing_namespace: - type: "string" - tracing_pod: - type: "string" - tracing_pod_id: - type: "string" - type: "object" tag_normaliser: properties: format: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml index ed7d7f5f8..6cfb92e63 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/fluentbitagents.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "fluentbitagents.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -1163,6 +1163,8 @@ spec: type: "string" enableUpstream: type: "boolean" + enabledIPv6: + type: "boolean" envVars: items: properties: @@ -1474,6 +1476,8 @@ spec: flush: format: "int32" type: "integer" + forceHotReloadAfterGrace: + type: "boolean" forwardOptions: properties: Require_ack_response: @@ -1581,6 +1585,8 @@ spec: items: type: "string" type: "array" + storage.pause_on_chunks_overlimit: + type: "string" storage.type: type: "string" type: "object" @@ -2465,6 +2471,8 @@ spec: type: "object" security: properties: + createOpenShiftSCC: + type: "boolean" podSecurityContext: properties: appArmorProfile: @@ -2489,6 +2497,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml index 2ba5064ba..d1a3b37b5 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/loggings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "loggings.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -46,6 +46,9 @@ spec: properties: allowClusterResourcesFromAllNamespaces: type: "boolean" + x-kubernetes-validations: + - message: "Value is immutable, please recreate the resource" + rule: "self == oldSelf" clusterDomain: type: "string" configCheck: @@ -61,6 +64,9 @@ spec: type: "object" controlNamespace: type: "string" + x-kubernetes-validations: + - message: "Value is immutable, please recreate the resource" + rule: "self == oldSelf" defaultFlow: properties: filters: @@ -156,156 +162,6 @@ spec: use_record_as_seed: type: "boolean" type: "object" - enhanceK8s: - properties: - api_groups: - items: - type: "string" - type: "array" - bearer_token_file: - type: "string" - ca_file: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - cache_refresh: - type: "integer" - cache_refresh_variation: - type: "integer" - cache_size: - type: "integer" - cache_ttl: - type: "integer" - client_cert: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - client_key: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - core_api_versions: - items: - type: "string" - type: "array" - data_type: - type: "string" - in_namespace_path: - items: - type: "string" - type: "array" - in_pod_path: - items: - type: "string" - type: "array" - kubernetes_url: - type: "string" - secret_dir: - type: "string" - ssl_partial_chain: - type: "boolean" - verify_ssl: - type: "boolean" - type: "object" geoip: properties: backend_library: @@ -940,61 +796,6 @@ spec: output_type: type: "string" type: "object" - sumologic: - properties: - collector_key_name: - type: "string" - collector_value: - type: "string" - exclude_container_regex: - type: "string" - exclude_facility_regex: - type: "string" - exclude_host_regex: - type: "string" - exclude_namespace_regex: - type: "string" - exclude_pod_regex: - type: "string" - exclude_priority_regex: - type: "string" - exclude_unit_regex: - type: "string" - log_format: - type: "string" - source_category: - type: "string" - source_category_key_name: - type: "string" - source_category_prefix: - type: "string" - source_category_replace_dash: - type: "string" - source_host: - type: "string" - source_host_key_name: - type: "string" - source_name: - type: "string" - source_name_key_name: - type: "string" - tracing_annotation_prefix: - type: "string" - tracing_container_name: - type: "string" - tracing_format: - type: "boolean" - tracing_host: - type: "string" - tracing_label_prefix: - type: "string" - tracing_namespace: - type: "string" - tracing_pod: - type: "string" - tracing_pod_id: - type: "string" - type: "object" tag_normaliser: properties: format: @@ -2191,6 +1992,8 @@ spec: type: "string" enableUpstream: type: "boolean" + enabledIPv6: + type: "boolean" envVars: items: properties: @@ -2502,6 +2305,8 @@ spec: flush: format: "int32" type: "integer" + forceHotReloadAfterGrace: + type: "boolean" forwardOptions: properties: Require_ack_response: @@ -2609,6 +2414,8 @@ spec: items: type: "string" type: "array" + storage.pause_on_chunks_overlimit: + type: "string" storage.type: type: "string" type: "object" @@ -3493,6 +3300,8 @@ spec: type: "object" security: properties: + createOpenShiftSCC: + type: "boolean" podSecurityContext: properties: appArmorProfile: @@ -3517,6 +3326,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -4882,6 +4693,8 @@ spec: x-kubernetes-int-or-string: true type: "object" type: "object" + configReloaderUseGracefulReloadWebhook: + type: "boolean" disablePvc: type: "boolean" dnsConfig: @@ -4911,6 +4724,8 @@ spec: type: "string" enableMsgpackTimeSupport: type: "boolean" + enabledIPv6: + type: "boolean" envVars: items: properties: @@ -6161,6 +5976,8 @@ spec: type: "object" security: properties: + createOpenShiftSCC: + type: "boolean" podSecurityContext: properties: appArmorProfile: @@ -6185,6 +6002,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -7244,156 +7063,6 @@ spec: use_record_as_seed: type: "boolean" type: "object" - enhanceK8s: - properties: - api_groups: - items: - type: "string" - type: "array" - bearer_token_file: - type: "string" - ca_file: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - cache_refresh: - type: "integer" - cache_refresh_variation: - type: "integer" - cache_size: - type: "integer" - cache_ttl: - type: "integer" - client_cert: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - client_key: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - core_api_versions: - items: - type: "string" - type: "array" - data_type: - type: "string" - in_namespace_path: - items: - type: "string" - type: "array" - in_pod_path: - items: - type: "string" - type: "array" - kubernetes_url: - type: "string" - secret_dir: - type: "string" - ssl_partial_chain: - type: "boolean" - verify_ssl: - type: "boolean" - type: "object" geoip: properties: backend_library: @@ -8028,61 +7697,6 @@ spec: output_type: type: "string" type: "object" - sumologic: - properties: - collector_key_name: - type: "string" - collector_value: - type: "string" - exclude_container_regex: - type: "string" - exclude_facility_regex: - type: "string" - exclude_host_regex: - type: "string" - exclude_namespace_regex: - type: "string" - exclude_pod_regex: - type: "string" - exclude_priority_regex: - type: "string" - exclude_unit_regex: - type: "string" - log_format: - type: "string" - source_category: - type: "string" - source_category_key_name: - type: "string" - source_category_prefix: - type: "string" - source_category_replace_dash: - type: "string" - source_host: - type: "string" - source_host_key_name: - type: "string" - source_name: - type: "string" - source_name_key_name: - type: "string" - tracing_annotation_prefix: - type: "string" - tracing_container_name: - type: "string" - tracing_format: - type: "boolean" - tracing_host: - type: "string" - tracing_label_prefix: - type: "string" - tracing_namespace: - type: "string" - tracing_pod: - type: "string" - tracing_pod_id: - type: "string" - type: "object" tag_normaliser: properties: format: @@ -11022,6 +10636,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -12158,6 +11774,8 @@ spec: items: type: "string" type: "array" + storage.pause_on_chunks_overlimit: + type: "string" storage.type: type: "string" type: "object" @@ -12746,6 +12364,8 @@ spec: type: "object" security: properties: + createOpenShiftSCC: + type: "boolean" podSecurityContext: properties: appArmorProfile: @@ -12770,6 +12390,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -12970,6 +12592,17 @@ spec: type: "string" type: "object" type: "array" + routeConfig: + properties: + disableLoggingRoute: + type: "boolean" + enableTelemetryControllerRoute: + type: "boolean" + tenantLabels: + additionalProperties: + type: "string" + type: "object" + type: "object" skipInvalidResources: type: "boolean" syslogNG: @@ -16071,6 +15704,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -20258,6 +19893,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml index 39e5eb14b..924e8724a 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/nodeagents.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "nodeagents.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -2926,6 +2926,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -4062,6 +4064,8 @@ spec: items: type: "string" type: "array" + storage.pause_on_chunks_overlimit: + type: "string" storage.type: type: "string" type: "object" @@ -4650,6 +4654,8 @@ spec: type: "object" security: properties: + createOpenShiftSCC: + type: "boolean" podSecurityContext: properties: appArmorProfile: @@ -4674,6 +4680,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml index 5b8338d8d..674a1e59f 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/outputs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "outputs.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -2847,6 +2847,8 @@ spec: type: type: "string" type: "object" + compress: + type: "string" content_type: type: "string" endpoint: @@ -2874,6 +2876,10 @@ spec: additionalProperties: type: "string" type: "object" + headers_from_placeholders: + additionalProperties: + type: "string" + type: "object" http_method: type: "string" json_array: @@ -2888,6 +2894,8 @@ spec: items: type: "integer" type: "array" + reuse_connections: + type: "boolean" slow_flush_log_threshold: type: "string" ssl_timeout: @@ -3259,6 +3267,193 @@ spec: type: "object" principal: type: "string" + rdkafka_options: + properties: + allow.auto.create.topics: + type: "boolean" + api.version.fallback.ms: + type: "integer" + api.version.request: + type: "boolean" + api.version.request.timeout.ms: + type: "integer" + background_event_cb: + type: "string" + bootstrap.servers: + type: "string" + broker.address.family: + type: "string" + broker.address.ttl: + type: "integer" + broker.version.fallback: + type: "string" + builtin.features: + type: "string" + client.id: + type: "string" + closesocket_cb: + type: "string" + connect_cb: + type: "string" + connections.max.idle.ms: + type: "integer" + debug: + type: "string" + default_topic_conf: + type: "string" + enable.random.seed: + type: "boolean" + enable.sasl.oauthbearer.unsecure.jwt: + type: "boolean" + enable.ssl.certificate.verification: + type: "boolean" + enabled_events: + type: "integer" + error_cb: + type: "string" + interceptors: + type: "string" + internal.termination.signal: + type: "integer" + log.connection.close: + type: "boolean" + log.queue: + type: "boolean" + log.thread.name: + type: "boolean" + log_cb: + type: "string" + log_level: + type: "integer" + max.in.flight: + type: "integer" + max.in.flight.requests.per.connection: + type: "integer" + message.copy.max.bytes: + type: "integer" + message.max.bytes: + type: "integer" + metadata.broker.list: + type: "string" + metadata.max.age.ms: + type: "integer" + oauthbearer_token_refresh_cb: + type: "string" + opaque: + type: "string" + open_cb: + type: "string" + plugin.library.paths: + type: "string" + receive.message.max.bytes: + type: "integer" + reconnect.backoff.max.ms: + type: "integer" + reconnect.backoff.ms: + type: "integer" + resolve_cb: + type: "string" + sasl.kerberos.keytab: + type: "string" + sasl.kerberos.kinit.cmd: + type: "string" + sasl.kerberos.min.time.before.relogin: + type: "integer" + sasl.kerberos.principal: + type: "string" + sasl.kerberos.service.name: + type: "string" + sasl.mechanisms: + type: "string" + sasl.oauthbearer.client.id: + type: "string" + sasl.oauthbearer.client.secret: + type: "string" + sasl.oauthbearer.config: + type: "string" + sasl.oauthbearer.extensions: + type: "string" + sasl.oauthbearer.method: + type: "string" + sasl.oauthbearer.scope: + type: "string" + sasl.oauthbearer.token.endpoint.url: + type: "string" + sasl.password: + type: "string" + sasl.username: + type: "string" + security.protocol: + type: "string" + socket.blocking.max.ms: + type: "integer" + socket.connection.setup.timeout.ms: + type: "integer" + socket.keepalive.enable: + type: "boolean" + socket.max.fails: + type: "integer" + socket.nagle.disable: + type: "boolean" + socket.receive.buffer.bytes: + type: "integer" + socket.send.buffer.bytes: + type: "integer" + socket.timeout.ms: + type: "integer" + socket_cb: + type: "string" + ssl.ca.location: + type: "string" + ssl.ca.pem: + type: "string" + ssl.certificate.location: + type: "string" + ssl.certificate.pem: + type: "string" + ssl.cipher.suites: + type: "string" + ssl.crl.location: + type: "string" + ssl.curves.list: + type: "string" + ssl.endpoint.identification.algorithm: + type: "string" + ssl.engine.id: + type: "string" + ssl.engine.location: + type: "string" + ssl.key.location: + type: "string" + ssl.key.password: + type: "string" + ssl.key.pem: + type: "string" + ssl.keystore.location: + type: "string" + ssl.keystore.password: + type: "string" + ssl.providers: + type: "string" + ssl.sigalgs.list: + type: "string" + statistics.interval.ms: + type: "integer" + stats_cb: + type: "string" + throttle_cb: + type: "string" + topic.blacklist: + type: "string" + topic.metadata.propagation.max.ms: + type: "integer" + topic.metadata.refresh.fast.interval.ms: + type: "integer" + topic.metadata.refresh.interval.ms: + type: "integer" + topic.metadata.refresh.sparse: + type: "boolean" + type: "object" required_acks: type: "integer" sasl_over_ssl: @@ -6587,162 +6782,6 @@ spec: tag_property_name: type: "string" type: "object" - sumologic: - properties: - add_timestamp: - type: "boolean" - buffer: - properties: - chunk_full_threshold: - type: "string" - chunk_limit_records: - type: "integer" - chunk_limit_size: - type: "string" - compress: - type: "string" - delayed_commit_timeout: - type: "string" - disable_chunk_backup: - type: "boolean" - disabled: - type: "boolean" - flush_at_shutdown: - type: "boolean" - flush_interval: - type: "string" - flush_mode: - type: "string" - flush_thread_burst_interval: - type: "string" - flush_thread_count: - type: "integer" - flush_thread_interval: - type: "string" - overflow_action: - type: "string" - path: - type: "string" - queue_limit_length: - type: "integer" - queued_chunks_limit_size: - type: "integer" - retry_exponential_backoff_base: - type: "string" - retry_forever: - type: "boolean" - retry_max_interval: - type: "string" - retry_max_times: - type: "integer" - retry_randomize: - type: "boolean" - retry_secondary_threshold: - type: "string" - retry_timeout: - type: "string" - retry_type: - type: "string" - retry_wait: - type: "string" - tags: - type: "string" - timekey: - type: "string" - timekey_use_utc: - type: "boolean" - timekey_wait: - type: "string" - timekey_zone: - type: "string" - total_limit_size: - type: "string" - type: - type: "string" - type: "object" - compress: - type: "boolean" - compress_encoding: - type: "string" - custom_dimensions: - type: "string" - custom_fields: - items: - type: "string" - type: "array" - data_type: - type: "string" - delimiter: - type: "string" - disable_cookies: - type: "boolean" - endpoint: - properties: - mountFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - value: - type: "string" - valueFrom: - properties: - secretKeyRef: - properties: - key: - type: "string" - name: - default: "" - type: "string" - optional: - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "object" - log_format: - type: "string" - log_key: - type: "string" - metric_data_format: - type: "string" - open_timeout: - type: "integer" - proxy_uri: - type: "string" - slow_flush_log_threshold: - type: "string" - source_category: - type: "string" - source_host: - type: "string" - source_name: - type: "string" - source_name_key: - type: "string" - sumo_client: - type: "string" - timestamp_key: - type: "string" - verify_ssl: - type: "boolean" - required: - - "endpoint" - - "source_name" - type: "object" syslog: properties: allow_self_signed_cert: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusterflows.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusterflows.yaml index 76cec340f..f3f6caba2 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusterflows.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusterflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "syslogngclusterflows.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml index da9f06c5e..f1751ed53 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "syslogngclusteroutputs.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" @@ -596,10 +596,6 @@ spec: workers: type: "integer" type: "object" - enabledNamespaces: - items: - type: "string" - type: "array" file: properties: create_dirs: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngflows.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngflows.yaml index d2d560477..7272e1f18 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngflows.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngflows.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "syslogngflows.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml index 9241caf1f..2c0dc97a4 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "syslogngoutputs.logging.banzaicloud.io" spec: group: "logging.banzaicloud.io" diff --git a/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/edgeapplications.yaml b/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/edgeapplications.yaml index ae1d18389..da7a054d2 100644 --- a/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/edgeapplications.yaml +++ b/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/edgeapplications.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "edgeapplications.apps.kubeedge.io" spec: group: "apps.kubeedge.io" @@ -21,10 +21,10 @@ spec: description: "EdgeApplication is the Schema for the edgeapplications API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,7 +37,7 @@ spec: targetNodeGroups: description: "TargetNodeGroups represents the target node groups of workload to be deployed." items: - description: "TargetNodeGroup represents the target node group of workload to be deployed, including override rules to apply for this node group." + description: "TargetNodeGroup represents the target node group of workload to be deployed, including\noverride rules to apply for this node group." properties: name: description: "Name represents the name of target node group" @@ -60,7 +60,7 @@ spec: - "remove" type: "string" value: - description: "Value to be applied to command/args. Items in Value which will be appended after command/args when Operator is 'add'. Items in Value which match in command/args will be deleted when Operator is 'remove'. If Value is empty, then the command/args will remain the same." + description: "Value to be applied to command/args.\nItems in Value which will be appended after command/args when Operator is 'add'.\nItems in Value which match in command/args will be deleted when Operator is 'remove'.\nIf Value is empty, then the command/args will remain the same." items: type: "string" type: "array" @@ -84,7 +84,7 @@ spec: - "remove" type: "string" value: - description: "Value to be applied to command/args. Items in Value which will be appended after command/args when Operator is 'add'. Items in Value which match in command/args will be deleted when Operator is 'remove'. If Value is empty, then the command/args will remain the same." + description: "Value to be applied to command/args.\nItems in Value which will be appended after command/args when Operator is 'add'.\nItems in Value which match in command/args will be deleted when Operator is 'remove'.\nIf Value is empty, then the command/args will remain the same." items: type: "string" type: "array" @@ -109,7 +109,7 @@ spec: - "replace" type: "string" value: - description: "Value to be applied to env. Must not be empty when operator is 'add' or 'replace'. When the operator is 'remove', the matched value in env will be deleted and only the name of the value will be matched. If Value is empty, then the env will remain the same." + description: "Value to be applied to env.\nMust not be empty when operator is 'add' or 'replace'.\nWhen the operator is 'remove', the matched value in env will be deleted\nand only the name of the value will be matched.\nIf Value is empty, then the env will remain the same." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -117,7 +117,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -129,7 +129,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -137,8 +138,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -149,8 +151,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -168,6 +171,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -175,7 +179,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -183,6 +188,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" @@ -199,7 +205,7 @@ spec: description: "ImageOverrider represents the rules dedicated to handling image overrides." properties: component: - description: "Component is part of image name. Basically we presume an image can be made of '[registry/]repository[:tag]'. The registry could be: - k8s.gcr.io - fictional.registry.example:10443 The repository could be: - kube-apiserver - fictional/nginx The tag cloud be: - latest - v1.19.1 - @sha256:dbcc1c35ac38df41fd2f5e4130b32ffdb93ebae8b3dbe638c23575912276fc9c" + description: "Component is part of image name.\nBasically we presume an image can be made of '[registry/]repository[:tag]'.\nThe registry could be:\n- k8s.gcr.io\n- fictional.registry.example:10443\nThe repository could be:\n- kube-apiserver\n- fictional/nginx\nThe tag cloud be:\n- latest\n- v1.19.1\n- @sha256:dbcc1c35ac38df41fd2f5e4130b32ffdb93ebae8b3dbe638c23575912276fc9c" enum: - "Registry" - "Repository" @@ -213,7 +219,7 @@ spec: - "replace" type: "string" predicate: - description: "Predicate filters images before applying the rule. \n Defaults to nil, in that case, the system will automatically detect image fields if the resource type is Pod, ReplicaSet, Deployment or StatefulSet by following rule: - Pod: /spec/containers//image - ReplicaSet: /spec/template/spec/containers//image - Deployment: /spec/template/spec/containers//image - StatefulSet: /spec/template/spec/containers//image In addition, all images will be processed if the resource object has more than one containers. \n If not nil, only images matches the filters will be processed." + description: "Predicate filters images before applying the rule.\n\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment or StatefulSet by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one containers.\n\n\nIf not nil, only images matches the filters will be processed." properties: path: description: "Path indicates the path of target field" @@ -222,7 +228,7 @@ spec: - "path" type: "object" value: - description: "Value to be applied to image. Must not be empty when operator is 'add' or 'replace'. Defaults to empty and ignored when operator is 'remove'." + description: "Value to be applied to image.\nMust not be empty when operator is 'add' or 'replace'.\nDefaults to empty and ignored when operator is 'remove'." type: "string" required: - "component" @@ -241,15 +247,15 @@ spec: description: "The name of container" type: "string" value: - description: "Value to be applied to resources. Must not be empty" + description: "Value to be applied to resources.\nMust not be empty" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -265,7 +271,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -274,7 +280,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" required: @@ -286,9 +292,295 @@ spec: - "name" type: "object" type: "array" + targetNodeLabels: + description: "TargetNodeLabels represents the target nodes with specified labels of workload to be deployed" + items: + description: "TargetNodeLabels represents the target nodes with specified labels of workload to be deployed, including\noverride rules to apply for the node." + properties: + labelSelector: + description: "LabelSelector represents the label selectors used to match nodes for workload deployment.\nIt defines the criteria for selecting the target nodes based on their labels." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + overriders: + description: "Overriders represents the override rules that would apply to the workload for the nodes\nselected by the label selector." + properties: + argsOverriders: + description: "ArgsOverriders represents the rules dedicated to handling container args" + items: + description: "CommandArgsOverrider represents the rules dedicated to handling command/args overrides." + properties: + containerName: + description: "The name of container" + type: "string" + operator: + description: "Operator represents the operator which will apply on the command/args." + enum: + - "add" + - "remove" + type: "string" + value: + description: "Value to be applied to command/args.\nItems in Value which will be appended after command/args when Operator is 'add'.\nItems in Value which match in command/args will be deleted when Operator is 'remove'.\nIf Value is empty, then the command/args will remain the same." + items: + type: "string" + type: "array" + required: + - "containerName" + - "operator" + type: "object" + type: "array" + commandOverriders: + description: "CommandOverriders represents the rules dedicated to handling container command" + items: + description: "CommandArgsOverrider represents the rules dedicated to handling command/args overrides." + properties: + containerName: + description: "The name of container" + type: "string" + operator: + description: "Operator represents the operator which will apply on the command/args." + enum: + - "add" + - "remove" + type: "string" + value: + description: "Value to be applied to command/args.\nItems in Value which will be appended after command/args when Operator is 'add'.\nItems in Value which match in command/args will be deleted when Operator is 'remove'.\nIf Value is empty, then the command/args will remain the same." + items: + type: "string" + type: "array" + required: + - "containerName" + - "operator" + type: "object" + type: "array" + envOverriders: + description: "EnvOverriders will override the env field of the container" + items: + description: "EnvOverrider represents the rules dedicated to handling env overrides." + properties: + containerName: + description: "The name of container" + type: "string" + operator: + description: "Operator represents the operator which will apply on the env." + enum: + - "add" + - "remove" + - "replace" + type: "string" + value: + description: "Value to be applied to env.\nMust not be empty when operator is 'add' or 'replace'.\nWhen the operator is 'remove', the matched value in env will be deleted\nand only the name of the value will be matched.\nIf Value is empty, then the env will remain the same." + items: + description: "EnvVar represents an environment variable present in a Container." + properties: + name: + description: "Name of the environment variable. Must be a C_IDENTIFIER." + type: "string" + value: + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." + type: "string" + valueFrom: + description: "Source for the environment variable's value. Cannot be used if value is not empty." + properties: + configMapKeyRef: + description: "Selects a key of a ConfigMap." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + properties: + apiVersion: + description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." + type: "string" + fieldPath: + description: "Path of the field to select in the specified API version." + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + properties: + containerName: + description: "Container name: required for volumes, optional for env vars" + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + description: "Specifies the output format of the exposed resources, defaults to \"1\"" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + description: "Required: resource to select" + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + description: "Selects a key of a secret in the pod's namespace" + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + required: + - "name" + type: "object" + type: "array" + required: + - "containerName" + - "operator" + type: "object" + type: "array" + imageOverriders: + description: "ImageOverriders represents the rules dedicated to handling image overrides." + items: + description: "ImageOverrider represents the rules dedicated to handling image overrides." + properties: + component: + description: "Component is part of image name.\nBasically we presume an image can be made of '[registry/]repository[:tag]'.\nThe registry could be:\n- k8s.gcr.io\n- fictional.registry.example:10443\nThe repository could be:\n- kube-apiserver\n- fictional/nginx\nThe tag cloud be:\n- latest\n- v1.19.1\n- @sha256:dbcc1c35ac38df41fd2f5e4130b32ffdb93ebae8b3dbe638c23575912276fc9c" + enum: + - "Registry" + - "Repository" + - "Tag" + type: "string" + operator: + description: "Operator represents the operator which will apply on the image." + enum: + - "add" + - "remove" + - "replace" + type: "string" + predicate: + description: "Predicate filters images before applying the rule.\n\n\nDefaults to nil, in that case, the system will automatically detect image fields if the resource type is\nPod, ReplicaSet, Deployment or StatefulSet by following rule:\n - Pod: /spec/containers//image\n - ReplicaSet: /spec/template/spec/containers//image\n - Deployment: /spec/template/spec/containers//image\n - StatefulSet: /spec/template/spec/containers//image\nIn addition, all images will be processed if the resource object has more than one containers.\n\n\nIf not nil, only images matches the filters will be processed." + properties: + path: + description: "Path indicates the path of target field" + type: "string" + required: + - "path" + type: "object" + value: + description: "Value to be applied to image.\nMust not be empty when operator is 'add' or 'replace'.\nDefaults to empty and ignored when operator is 'remove'." + type: "string" + required: + - "component" + - "operator" + type: "object" + type: "array" + replicas: + description: "Replicas will override the replicas field of deployment" + type: "integer" + resourcesOverriders: + description: "ResourcesOverriders will override the resources field of the container" + items: + description: "ResourcesOverrider represents the rules dedicated to handling resources overrides." + properties: + containerName: + description: "The name of container" + type: "string" + value: + description: "Value to be applied to resources.\nMust not be empty" + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "containerName" + type: "object" + type: "array" + type: "object" + type: "object" + type: "array" type: "object" workloadTemplate: - description: "WorkloadTemplate contains original templates of resources to be deployed as an EdgeApplication." + description: "WorkloadTemplate contains original templates of resources to be deployed\nas an EdgeApplication." properties: manifests: description: "Manifests represent a list of Kubernetes resources to be deployed on the managed node groups." @@ -310,7 +602,7 @@ spec: description: "ManifestStatus contains running status of a specific manifest in spec." properties: conditions: - description: "Conditions contain the different condition statuses for this manifest. Valid condition types are: 1. Processing: this workload is under processing and the current state of manifest does not match the desired. 2. Available: the current status of this workload matches the desired." + description: "Conditions contain the different condition statuses for this manifest.\nValid condition types are:\n1. Processing: this workload is under processing and the current state of manifest does not match the desired.\n2. Available: the current status of this workload matches the desired." enum: - "Processing" - "Available" @@ -331,7 +623,7 @@ spec: description: "Namespace is the namespace of the resource" type: "string" ordinal: - description: "Ordinal represents an index in manifests list, so the condition can still be linked to a manifest even though manifest cannot be parsed successfully." + description: "Ordinal represents an index in manifests list, so the condition can still be linked\nto a manifest even though manifest cannot be parsed successfully." minimum: 0.0 type: "integer" resource: @@ -353,9 +645,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/nodegroups.yaml b/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/nodegroups.yaml index e3491154d..f4ec8d0c4 100644 --- a/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/nodegroups.yaml +++ b/crd-catalog/kubeedge/kubeedge/apps.kubeedge.io/v1alpha1/nodegroups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "nodegroups.apps.kubeedge.io" spec: group: "apps.kubeedge.io" @@ -21,10 +21,10 @@ spec: description: "NodeGroup is the Schema for the nodegroups API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -74,9 +74,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devicemodels.yaml b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devicemodels.yaml index ef5445948..f436bcb84 100644 --- a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devicemodels.yaml +++ b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devicemodels.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "devicemodels.devices.kubeedge.io" spec: group: "devices.kubeedge.io" @@ -19,15 +19,15 @@ spec: description: "DeviceModel is the Schema for the device model API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "DeviceModelSpec defines the model / template for a device.It is a blueprint which describes the device capabilities and access mechanism via property visitors." + description: "DeviceModelSpec defines the model / template for a device.It is a blueprint which describes the device\ncapabilities and access mechanism via property visitors." properties: properties: description: "Required: List of device properties." @@ -141,9 +141,3 @@ spec: type: "object" served: true storage: false -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml index b9da0d8bd..60a984f9e 100644 --- a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml +++ b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1alpha2/devices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "devices.devices.kubeedge.io" spec: group: "devices.kubeedge.io" @@ -19,10 +19,10 @@ spec: description: "Device is the Schema for the devices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,7 +30,7 @@ spec: description: "DeviceSpec represents a single device instance. It is an instantation of a device model." properties: data: - description: "Data section describe a list of time-series properties which should be processed on edge node." + description: "Data section describe a list of time-series properties which should be processed\non edge node." properties: dataProperties: description: "Required: A list of data properties, which are not required to be processed by edgecore" @@ -43,80 +43,89 @@ spec: description: "Additional metadata like timestamp when the value was reported etc." type: "object" propertyName: - description: "Required: The property name for which should be processed by external apps. This property should be present in the device model." + description: "Required: The property name for which should be processed by external apps.\nThis property should be present in the device model." type: "string" type: "object" type: "array" dataTopic: - description: "Topic used by mapper, all data collected from dataProperties should be published to this topic, the default value is $ke/events/device/+/data/update" + description: "Topic used by mapper, all data collected from dataProperties\nshould be published to this topic,\nthe default value is $ke/events/device/+/data/update" type: "string" type: "object" deviceModelRef: - description: "Required: DeviceModelRef is reference to the device model used as a template to create the device instance." + description: "Required: DeviceModelRef is reference to the device model used as a template\nto create the device instance." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" + x-kubernetes-map-type: "atomic" nodeSelector: - description: "NodeSelector indicates the binding preferences between devices and nodes. Refer to k8s.io/kubernetes/pkg/apis/core NodeSelector for more details" + description: "NodeSelector indicates the binding preferences between devices and nodes.\nRefer to k8s.io/kubernetes/pkg/apis/core NodeSelector for more details" properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" + x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" + x-kubernetes-map-type: "atomic" propertyVisitors: - description: "List of property visitors which describe how to access the device properties. PropertyVisitors must unique by propertyVisitor.propertyName." + description: "List of property visitors which describe how to access the device properties.\nPropertyVisitors must unique by propertyVisitor.propertyName." items: - description: "DevicePropertyVisitor describes the specifics of accessing a particular device property. Visitors are intended to be consumed by device mappers which connect to devices and collect data / perform actions on the device." + description: "DevicePropertyVisitor describes the specifics of accessing a particular device\nproperty. Visitors are intended to be consumed by device mappers which connect to devices\nand collect data / perform actions on the device." properties: bluetooth: description: "Bluetooth represents a set of additional visitor config fields of bluetooth protocol." @@ -128,7 +137,7 @@ spec: description: "Responsible for converting the data being read from the bluetooth device into a form that is understandable by the platform" properties: endIndex: - description: "Required: Specifies the end index of incoming byte stream to be considered to convert the data the value specified should be inclusive for example if 3 is specified it includes the third index" + description: "Required: Specifies the end index of incoming byte stream to be considered to convert the data\nthe value specified should be inclusive for example if 3 is specified it includes the third index" type: "integer" orderOfOperations: description: "Specifies in what order the operations(which are required to be performed to convert incoming data into understandable form) are performed" @@ -150,14 +159,14 @@ spec: description: "Refers to the number of bits to shift right, if right-shift operation is necessary for conversion" type: "integer" startIndex: - description: "Required: Specifies the start index of the incoming byte stream to be considered to convert the data. For example: start-index:2, end-index:3 concatenates the value present at second and third index of the incoming byte stream. If we want to reverse the order we can give it as start-index:3, end-index:2" + description: "Required: Specifies the start index of the incoming byte stream to be considered to convert the data.\nFor example: start-index:2, end-index:3 concatenates the value present at second and third index of the incoming byte stream. If we want to reverse the order we can give it as start-index:3, end-index:2" type: "integer" type: "object" dataWrite: additionalProperties: format: "byte" type: "string" - description: "Responsible for converting the data coming from the platform into a form that is understood by the bluetooth device For example: \"ON\":[1], \"OFF\":[0]" + description: "Responsible for converting the data coming from the platform into a form that is understood by the bluetooth device\nFor example: \"ON\":[1], \"OFF\":[0]" type: "object" type: "object" collectCycle: @@ -183,10 +192,10 @@ spec: description: "Modbus represents a set of additional visitor config fields of modbus protocol." properties: isRegisterSwap: - description: "Indicates whether the high and low register swapped. Defaults to false." + description: "Indicates whether the high and low register swapped.\nDefaults to false." type: "boolean" isSwap: - description: "Indicates whether the high and low byte swapped. Defaults to false." + description: "Indicates whether the high and low byte swapped.\nDefaults to false." type: "boolean" limit: description: "Required: Limit number of registers to read/write." @@ -205,7 +214,7 @@ spec: - "HoldingRegister" type: "string" scale: - description: "The scale to convert raw property data into final units. Defaults to 1.0" + description: "The scale to convert raw property data into final units.\nDefaults to 1.0" type: "number" type: "object" opcua: @@ -219,7 +228,7 @@ spec: type: "string" type: "object" propertyName: - description: "Required: The device property name to be accessed. This should refer to one of the device properties defined in the device model." + description: "Required: The device property name to be accessed. This should refer to one of the\ndevice properties defined in the device model." type: "string" reportCycle: description: "Define how frequent mapper will report the value." @@ -339,7 +348,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true protocolName: - description: "Unique protocol name Required." + description: "Unique protocol name\nRequired." type: "string" type: "object" modbus: @@ -385,9 +394,9 @@ spec: description: "DeviceStatus reports the device state and the desired/reported values of twin attributes." properties: twins: - description: "A list of device twins containing desired/reported desired/reported values of twin properties. Optional: A passive device won't have twin properties and this list could be empty." + description: "A list of device twins containing desired/reported desired/reported values of twin properties.\nOptional: A passive device won't have twin properties and this list could be empty." items: - description: "Twin provides a logical representation of control properties (writable properties in the device model). The properties can have a Desired state and a Reported state. The cloud configures the `Desired`state of a device property and this configuration update is pushed to the edge node. The mapper sends a command to the device to change this property value as per the desired state . It receives the `Reported` state of the property once the previous operation is complete and sends the reported state to the cloud. Offline device interaction in the edge is possible via twin properties for control/command operations." + description: "Twin provides a logical representation of control properties (writable properties in the\ndevice model). The properties can have a Desired state and a Reported state. The cloud configures\nthe `Desired`state of a device property and this configuration update is pushed to the edge node.\nThe mapper sends a command to the device to change this property value as per the desired state .\nIt receives the `Reported` state of the property once the previous operation is complete and sends\nthe reported state to the cloud. Offline device interaction in the edge is possible via twin\nproperties for control/command operations." properties: desired: description: "Required: the desired property value." @@ -404,7 +413,7 @@ spec: - "value" type: "object" propertyName: - description: "Required: The property name for which the desired/reported values are specified. This property should be present in the device model." + description: "Required: The property name for which the desired/reported values are specified.\nThis property should be present in the device model." type: "string" reported: description: "Required: the reported property value." @@ -426,9 +435,3 @@ spec: type: "object" served: true storage: false -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devicemodels.yaml b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devicemodels.yaml index 320826c84..aecbabd79 100644 --- a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devicemodels.yaml +++ b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devicemodels.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "devicemodels.devices.kubeedge.io" spec: group: "devices.kubeedge.io" @@ -19,15 +19,15 @@ spec: description: "DeviceModel is the Schema for the device model API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "DeviceModelSpec defines the model for a device.It is a blueprint which describes the device capabilities and access mechanism via property visitors." + description: "DeviceModelSpec defines the model for a device.It is a blueprint which describes the device\ncapabilities and access mechanism via property visitors." properties: properties: description: "Required: List of device properties." @@ -48,7 +48,7 @@ spec: minimum: type: "string" name: - description: "Required: The device property name. Note: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo" + description: "Required: The device property name.\nNote: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo" type: "string" type: description: "Required: Type of device property, ENUM: INT,FLOAT,DOUBLE,STRING,BOOLEAN,BYTES,STREAM" @@ -73,9 +73,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml index 903f98227..00edb0e15 100644 --- a/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml +++ b/crd-catalog/kubeedge/kubeedge/devices.kubeedge.io/v1beta1/devices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "devices.devices.kubeedge.io" spec: group: "devices.kubeedge.io" @@ -19,10 +19,10 @@ spec: description: "Device is the Schema for the devices API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,14 +30,16 @@ spec: description: "DeviceSpec represents a single device instance." properties: deviceModelRef: - description: "Required: DeviceModelRef is reference to the device model used as a template to create the device instance." + description: "Required: DeviceModelRef is reference to the device model used as a template\nto create the device instance." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" + x-kubernetes-map-type: "atomic" methods: - description: "List of methods of device. methods list item must be unique by method.Name." + description: "List of methods of device.\nmethods list item must be unique by method.Name." items: description: "DeviceMethod describes the specifics all the methods of the device." properties: @@ -48,17 +50,17 @@ spec: description: "Required: The device method name to be accessed. It must be unique." type: "string" propertyNames: - description: "PropertyNames are list of device properties that device methods can control. Required: A device method can control multiple device properties." + description: "PropertyNames are list of device properties that device methods can control.\nRequired: A device method can control multiple device properties." items: type: "string" type: "array" type: "object" type: "array" nodeName: - description: "NodeName is a request to schedule this device onto a specific node. If it is non-empty, the scheduler simply schedules this device onto that node, assuming that it fits resource requirements." + description: "NodeName is a request to schedule this device onto a specific node. If it is non-empty,\nthe scheduler simply schedules this device onto that node, assuming that it fits\nresource requirements." type: "string" properties: - description: "List of properties which describe the device properties. properties list item must be unique by properties.Name." + description: "List of properties which describe the device properties.\nproperties list item must be unique by properties.Name." items: description: "DeviceProperty describes the specifics all the properties of the device." properties: @@ -81,13 +83,13 @@ spec: - "value" type: "object" name: - description: "Required: The device property name to be accessed. It must be unique. Note: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo" + description: "Required: The device property name to be accessed. It must be unique.\nNote: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo" type: "string" pushMethod: - description: "PushMethod represents the protocol used to push data, please ensure that the mapper can access the destination address." + description: "PushMethod represents the protocol used to push data,\nplease ensure that the mapper can access the destination address." properties: dbMethod: - description: "DBMethod represents the method used to push data to database, please ensure that the mapper can access the destination address." + description: "DBMethod represents the method used to push data to database,\nplease ensure that the mapper can access the destination address." properties: TDEngine: properties: @@ -216,7 +218,7 @@ spec: description: "whether be reported to the cloud" type: "boolean" visitors: - description: "Visitors are intended to be consumed by device mappers which connect to devices and collect data / perform actions on the device. Required: Protocol relevant config details about the how to access the device property." + description: "Visitors are intended to be consumed by device mappers which connect to devices\nand collect data / perform actions on the device.\nRequired: Protocol relevant config details about the how to access the device property." properties: configData: description: "Required: The configData of customized protocol" @@ -236,7 +238,7 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true protocolName: - description: "Unique protocol name Required." + description: "Unique protocol name\nRequired." type: "string" type: "object" type: "object" @@ -257,12 +259,12 @@ spec: description: "Optional: The state of the device." type: "string" twins: - description: "A list of device twins containing desired/reported desired/reported values of twin properties. Optional: A passive device won't have twin properties and this list could be empty." + description: "A list of device twins containing desired/reported desired/reported values of twin properties.\nOptional: A passive device won't have twin properties and this list could be empty." items: - description: "Twin provides a logical representation of control properties (writable properties in the device model). The properties can have a Desired state and a Reported state. The cloud configures the `Desired`state of a device property and this configuration update is pushed to the edge node. The mapper sends a command to the device to change this property value as per the desired state . It receives the `Reported` state of the property once the previous operation is complete and sends the reported state to the cloud. Offline device interaction in the edge is possible via twin properties for control/command operations." + description: "Twin provides a logical representation of control properties (writable properties in the\ndevice model). The properties can have a Desired state and a Reported state. The cloud configures\nthe `Desired`state of a device property and this configuration update is pushed to the edge node.\nThe mapper sends a command to the device to change this property value as per the desired state .\nIt receives the `Reported` state of the property once the previous operation is complete and sends\nthe reported state to the cloud. Offline device interaction in the edge is possible via twin\nproperties for control/command operations." properties: observedDesired: - description: "The meaning of here is to indicate desired value of `deviceProperty.Desired` that the mapper has received in current cycle. Useful in cases that people want to check whether the mapper is working appropriately and its internal status is up-to-date. This value should be only updated by devicecontroller upstream." + description: "The meaning of here is to indicate desired value of `deviceProperty.Desired`\nthat the mapper has received in current cycle.\nUseful in cases that people want to check whether the mapper is working\nappropriately and its internal status is up-to-date.\nThis value should be only updated by devicecontroller upstream." properties: metadata: additionalProperties: @@ -276,7 +278,7 @@ spec: - "value" type: "object" propertyName: - description: "Required: The property name for which the desired/reported values are specified. This property should be present in the device model." + description: "Required: The property name for which the desired/reported values are specified.\nThis property should be present in the device model." type: "string" reported: description: "Required: the reported property value." @@ -298,9 +300,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/operations.kubeedge.io/v1alpha1/nodeupgradejobs.yaml b/crd-catalog/kubeedge/kubeedge/operations.kubeedge.io/v1alpha1/nodeupgradejobs.yaml index 92f86ce7a..0f1e1561b 100644 --- a/crd-catalog/kubeedge/kubeedge/operations.kubeedge.io/v1alpha1/nodeupgradejobs.yaml +++ b/crd-catalog/kubeedge/kubeedge/operations.kubeedge.io/v1alpha1/nodeupgradejobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "nodeupgradejobs.operations.kubeedge.io" spec: group: "operations.kubeedge.io" @@ -19,10 +19,10 @@ spec: description: "NodeUpgradeJob is used to upgrade edge node from cloud side." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,22 +30,22 @@ spec: description: "Specification of the desired behavior of NodeUpgradeJob." properties: checkItems: - description: "CheckItems specifies the items need to be checked before the task is executed. The default CheckItems value is nil." + description: "CheckItems specifies the items need to be checked before the task is executed.\nThe default CheckItems value is nil." items: type: "string" type: "array" concurrency: - description: "Concurrency specifies the max number of edge nodes that can be upgraded at the same time. The default Concurrency value is 1." + description: "Concurrency specifies the max number of edge nodes that can be upgraded at the same time.\nThe default Concurrency value is 1." format: "int32" type: "integer" failureTolerate: - description: "FailureTolerate specifies the task tolerance failure ratio. The default FailureTolerate value is 0.1." + description: "FailureTolerate specifies the task tolerance failure ratio.\nThe default FailureTolerate value is 0.1." type: "string" image: - description: "Image specifies a container image name, the image contains: keadm and edgecore. keadm is used as upgradetool, to install the new version of edgecore. The image name consists of registry hostname and repository name, if it includes the tag or digest, the tag or digest will be overwritten by Version field above. If the registry hostname is empty, docker.io will be used as default. The default image name is: kubeedge/installation-package." + description: "Image specifies a container image name, the image contains: keadm and edgecore.\nkeadm is used as upgradetool, to install the new version of edgecore.\nThe image name consists of registry hostname and repository name,\nif it includes the tag or digest, the tag or digest will be overwritten by Version field above.\nIf the registry hostname is empty, docker.io will be used as default.\nThe default image name is: kubeedge/installation-package." type: "string" imageDigestGatter: - description: "ImageDigestGatter define registry v2 interface access configuration. As a transition, it is not required at first, and the image digest is checked when this field is set." + description: "ImageDigestGatter define registry v2 interface access configuration.\nAs a transition, it is not required at first, and the image digest is checked when this field is set." properties: registryAPI: description: "RegistryAPI define registry v2 interface access configuration" @@ -63,45 +63,48 @@ spec: type: "string" type: "object" labelSelector: - description: "LabelSelector is a filter to select member clusters by labels. It must match a node's labels for the NodeUpgradeJob to be operated on that node. Please note that sets of NodeNames and LabelSelector are ORed. Users must set one and can only set one." + description: "LabelSelector is a filter to select member clusters by labels.\nIt must match a node's labels for the NodeUpgradeJob to be operated on that node.\nPlease note that sets of NodeNames and LabelSelector are ORed.\nUsers must set one and can only set one." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" nodeNames: - description: "NodeNames is a request to select some specific nodes. If it is non-empty, the upgrade job simply select these edge nodes to do upgrade operation. Please note that sets of NodeNames and LabelSelector are ORed. Users must set one and can only set one." + description: "NodeNames is a request to select some specific nodes. If it is non-empty,\nthe upgrade job simply select these edge nodes to do upgrade operation.\nPlease note that sets of NodeNames and LabelSelector are ORed.\nUsers must set one and can only set one." items: type: "string" type: "array" requireConfirmation: - description: "RequireConfirmation specifies whether you need to confirm the upgrade. The default RequireConfirmation value is false." + description: "RequireConfirmation specifies whether you need to confirm the upgrade.\nThe default RequireConfirmation value is false." type: "boolean" timeoutSeconds: - description: "TimeoutSeconds limits the duration of the node upgrade job. Default to 300. If set to 0, we'll use the default value 300." + description: "TimeoutSeconds limits the duration of the node upgrade job.\nDefault to 300.\nIf set to 0, we'll use the default value 300." format: "int32" type: "integer" version: @@ -111,13 +114,13 @@ spec: description: "Most recently observed status of the NodeUpgradeJob." properties: action: - description: "Action represents for the action of the ImagePrePullJob. There are two possible action values: Success, Failure." + description: "Action represents for the action of the ImagePrePullJob.\nThere are two possible action values: Success, Failure." type: "string" currentVersion: description: "CurrentVersion represents for the current status of the EdgeCore." type: "string" event: - description: "Event represents for the event of the ImagePrePullJob. There are six possible event values: Init, Check, BackUp, Upgrade, TimeOut, Rollback." + description: "Event represents for the event of the ImagePrePullJob.\nThere are six possible event values: Init, Check, BackUp, Upgrade, TimeOut, Rollback." type: "string" historicVersion: description: "HistoricVersion represents for the historic status of the EdgeCore." @@ -128,10 +131,10 @@ spec: description: "TaskStatus stores the status of Upgrade for each edge node." properties: action: - description: "Action represents for the action of the ImagePrePullJob. There are three possible action values: Success, Failure, TimeOut." + description: "Action represents for the action of the ImagePrePullJob.\nThere are three possible action values: Success, Failure, TimeOut." type: "string" event: - description: "Event represents for the event of the ImagePrePullJob. There are three possible event values: Init, Check, Pull." + description: "Event represents for the event of the ImagePrePullJob.\nThere are three possible event values: Init, Check, Pull." type: "string" nodeName: description: "NodeName is the name of edge node." @@ -140,7 +143,7 @@ spec: description: "Reason represents for the reason of the ImagePrePullJob." type: "string" state: - description: "State represents for the upgrade state phase of the edge node. There are several possible state values: \"\", Upgrading, BackingUp, RollingBack and Checking." + description: "State represents for the upgrade state phase of the edge node.\nThere are several possible state values: \"\", Upgrading, BackingUp, RollingBack and Checking." type: "string" time: description: "Time represents for the running time of the ImagePrePullJob." @@ -151,7 +154,7 @@ spec: description: "Reason represents for the reason of the ImagePrePullJob." type: "string" state: - description: "State represents for the state phase of the NodeUpgradeJob. There are several possible state values: \"\", Upgrading, BackingUp, RollingBack and Checking." + description: "State represents for the state phase of the NodeUpgradeJob.\nThere are several possible state values: \"\", Upgrading, BackingUp, RollingBack and Checking." type: "string" time: description: "Time represents for the running time of the ImagePrePullJob." @@ -162,9 +165,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/policy.kubeedge.io/v1alpha1/serviceaccountaccesses.yaml b/crd-catalog/kubeedge/kubeedge/policy.kubeedge.io/v1alpha1/serviceaccountaccesses.yaml index f7cab2976..c54f48fe8 100644 --- a/crd-catalog/kubeedge/kubeedge/policy.kubeedge.io/v1alpha1/serviceaccountaccesses.yaml +++ b/crd-catalog/kubeedge/kubeedge/policy.kubeedge.io/v1alpha1/serviceaccountaccesses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "serviceaccountaccesses.policy.kubeedge.io" spec: group: "policy.kubeedge.io" @@ -21,10 +21,10 @@ spec: description: "ServiceAccountAccess is the Schema for the ServiceAccountAccess API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -40,10 +40,10 @@ spec: description: "ClusterRoleBinding represents rbac ClusterRoleBinding." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: description: "Standard object's metadata." @@ -66,7 +66,7 @@ spec: type: "string" type: "object" roleRef: - description: "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. This field is immutable." + description: "RoleRef can only reference a ClusterRole in the global namespace.\nIf the RoleRef cannot be resolved, the Authorizer must return an error.\nThis field is immutable." properties: apiGroup: description: "APIGroup is the group for the resource being referenced" @@ -82,61 +82,69 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" subjects: description: "Subjects holds references to the objects the role applies to." items: - description: "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names." + description: "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference,\nor a value for non-objects such as user and group names." properties: apiGroup: - description: "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects." + description: "APIGroup holds the API group of the referenced subject.\nDefaults to \"\" for ServiceAccount subjects.\nDefaults to \"rbac.authorization.k8s.io\" for User and Group subjects." type: "string" kind: - description: "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error." + description: "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\".\nIf the Authorizer does not recognized the kind value, the Authorizer should report an error." type: "string" name: description: "Name of the object being referenced." type: "string" namespace: - description: "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error." + description: "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty\nthe Authorizer should report an error." type: "string" required: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "roleRef" type: "object" rules: description: "Rules contains role rules." items: - description: "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to." + description: "PolicyRule holds information that describes a policy rule, but does not contain information\nabout who the rule applies to or which namespace the rule applies to." properties: apiGroups: - description: "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. \"\" represents the core API group and \"*\" represents all API groups." + description: "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of\nthe enumerated resources in any API group will be allowed. \"\" represents the core API group and \"*\" represents all API groups." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" nonResourceURLs: - description: "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both." + description: "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path\nSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.\nRules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resourceNames: description: "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resources: description: "Resources is a list of resources this rule applies to. '*' represents all resources." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" verbs: description: "Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "verbs" type: "object" @@ -152,10 +160,10 @@ spec: description: "RoleBinding represents rbac rolebinding." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: description: "Standard object's metadata." @@ -178,7 +186,7 @@ spec: type: "string" type: "object" roleRef: - description: "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. This field is immutable." + description: "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.\nIf the RoleRef cannot be resolved, the Authorizer must return an error.\nThis field is immutable." properties: apiGroup: description: "APIGroup is the group for the resource being referenced" @@ -194,61 +202,69 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" subjects: description: "Subjects holds references to the objects the role applies to." items: - description: "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names." + description: "Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference,\nor a value for non-objects such as user and group names." properties: apiGroup: - description: "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects." + description: "APIGroup holds the API group of the referenced subject.\nDefaults to \"\" for ServiceAccount subjects.\nDefaults to \"rbac.authorization.k8s.io\" for User and Group subjects." type: "string" kind: - description: "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error." + description: "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\".\nIf the Authorizer does not recognized the kind value, the Authorizer should report an error." type: "string" name: description: "Name of the object being referenced." type: "string" namespace: - description: "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error." + description: "Namespace of the referenced object. If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty\nthe Authorizer should report an error." type: "string" required: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "roleRef" type: "object" rules: description: "Rules contains role rules." items: - description: "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to." + description: "PolicyRule holds information that describes a policy rule, but does not contain information\nabout who the rule applies to or which namespace the rule applies to." properties: apiGroups: - description: "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. \"\" represents the core API group and \"*\" represents all API groups." + description: "APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of\nthe enumerated resources in any API group will be allowed. \"\" represents the core API group and \"*\" represents all API groups." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" nonResourceURLs: - description: "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both." + description: "NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path\nSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.\nRules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resourceNames: description: "ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" resources: description: "Resources is a list of resources this rule applies to. '*' represents all resources." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" verbs: description: "Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "verbs" type: "object" @@ -259,26 +275,29 @@ spec: description: "ServiceAccount is one-to-one corresponding relations with the serviceaccountaccess." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" automountServiceAccountToken: - description: "AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level." + description: "AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted.\nCan be overridden at the pod level." type: "boolean" imagePullSecrets: - description: "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod" + description: "ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images\nin pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets\ncan be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.\nMore info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod" items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" + x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: - description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + description: "Standard object's metadata.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" properties: annotations: additionalProperties: @@ -298,33 +317,39 @@ spec: type: "string" type: "object" secrets: - description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret" + description: "Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use.\nPods are only limited to this list if this service account has a \"kubernetes.io/enforce-mountable-secrets\" annotation set to \"true\".\nThis field should not be used to find auto-generated service account token secrets for use outside of pods.\nInstead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created.\nMore info: https://kubernetes.io/docs/concepts/configuration/secret" items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object.\n---\nNew uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.\n 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.\n 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular\n restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\".\n Those cannot be well described when embedded.\n 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.\n 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity\n during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple\n and the version of the actual struct is irrelevant.\n 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type\n will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.\n\n\nInstead of using this type, create a locally provided and used type that is well-focused on your reference.\nFor example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" + required: + - "name" type: "object" + x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" type: "object" serviceAccountUid: description: "ServiceAccountUID is the uid of serviceaccount." @@ -344,9 +369,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/clusterobjectsyncs.yaml b/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/clusterobjectsyncs.yaml index 019672eba..fc58c3eac 100644 --- a/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/clusterobjectsyncs.yaml +++ b/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/clusterobjectsyncs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "clusterobjectsyncs.reliablesyncs.kubeedge.io" spec: group: "reliablesyncs.kubeedge.io" @@ -16,13 +16,13 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "ClusterObjectSync stores the state of the cluster level, nonNamespaced object that was successfully persisted to the edge node. ClusterObjectSync name is a concatenation of the node name which receiving the object and the object UUID." + description: "ClusterObjectSync stores the state of the cluster level, nonNamespaced object that was successfully persisted to the edge node.\nClusterObjectSync name is a concatenation of the node name which receiving the object and the object UUID." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,20 +30,20 @@ spec: description: "ObjectSyncSpec stores the details of objects that persist to the edge." properties: objectAPIVersion: - description: "ObjectAPIVersion is the APIVersion of the object that was successfully persist to the edge node." + description: "ObjectAPIVersion is the APIVersion of the object\nthat was successfully persist to the edge node." type: "string" objectKind: - description: "ObjectType is the kind of the object that was successfully persist to the edge node." + description: "ObjectType is the kind of the object\nthat was successfully persist to the edge node." type: "string" objectName: - description: "ObjectName is the name of the object that was successfully persist to the edge node." + description: "ObjectName is the name of the object\nthat was successfully persist to the edge node." type: "string" type: "object" status: description: "ObjectSyncStatus stores the resourceversion of objects that persist to the edge." properties: objectResourceVersion: - description: "ObjectResourceVersion is the resourceversion of the object that was successfully persist to the edge node." + description: "ObjectResourceVersion is the resourceversion of the object\nthat was successfully persist to the edge node." type: "string" type: "object" type: "object" @@ -51,9 +51,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/objectsyncs.yaml b/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/objectsyncs.yaml index 5a0b8ad77..ceb5797e3 100644 --- a/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/objectsyncs.yaml +++ b/crd-catalog/kubeedge/kubeedge/reliablesyncs.kubeedge.io/v1alpha1/objectsyncs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.2" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "objectsyncs.reliablesyncs.kubeedge.io" spec: group: "reliablesyncs.kubeedge.io" @@ -16,13 +16,13 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "ObjectSync stores the state of the namespaced object that was successfully persisted to the edge node. ObjectSync name is a concatenation of the node name which receiving the object and the object UUID." + description: "ObjectSync stores the state of the namespaced object that was successfully persisted to the edge node.\nObjectSync name is a concatenation of the node name which receiving the object and the object UUID." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,20 +30,20 @@ spec: description: "ObjectSyncSpec stores the details of objects that persist to the edge." properties: objectAPIVersion: - description: "ObjectAPIVersion is the APIVersion of the object that was successfully persist to the edge node." + description: "ObjectAPIVersion is the APIVersion of the object\nthat was successfully persist to the edge node." type: "string" objectKind: - description: "ObjectType is the kind of the object that was successfully persist to the edge node." + description: "ObjectType is the kind of the object\nthat was successfully persist to the edge node." type: "string" objectName: - description: "ObjectName is the name of the object that was successfully persist to the edge node." + description: "ObjectName is the name of the object\nthat was successfully persist to the edge node." type: "string" type: "object" status: description: "ObjectSyncStatus stores the resourceversion of objects that persist to the edge." properties: objectResourceVersion: - description: "ObjectResourceVersion is the resourceversion of the object that was successfully persist to the edge node." + description: "ObjectResourceVersion is the resourceversion of the object\nthat was successfully persist to the edge node." type: "string" type: "object" type: "object" @@ -51,9 +51,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotclasses.yaml b/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotclasses.yaml new file mode 100644 index 000000000..ac18e67f3 --- /dev/null +++ b/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotclasses.yaml @@ -0,0 +1,64 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/1150" + controller-gen.kubebuilder.io/version: "v0.15.0" + name: "volumegroupsnapshotclasses.groupsnapshot.storage.k8s.io" +spec: + group: "groupsnapshot.storage.k8s.io" + names: + kind: "VolumeGroupSnapshotClass" + listKind: "VolumeGroupSnapshotClassList" + plural: "volumegroupsnapshotclasses" + shortNames: + - "vgsclass" + - "vgsclasses" + singular: "volumegroupsnapshotclass" + scope: "Cluster" + versions: + - additionalPrinterColumns: + - jsonPath: ".driver" + name: "Driver" + type: "string" + - description: "Determines whether a VolumeGroupSnapshotContent created through the VolumeGroupSnapshotClass should be deleted when its bound VolumeGroupSnapshot is deleted." + jsonPath: ".deletionPolicy" + name: "DeletionPolicy" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1beta1" + schema: + openAPIV3Schema: + description: "VolumeGroupSnapshotClass specifies parameters that a underlying storage system\nuses when creating a volume group snapshot. A specific VolumeGroupSnapshotClass\nis used by specifying its name in a VolumeGroupSnapshot object.\nVolumeGroupSnapshotClasses are non-namespaced." + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + deletionPolicy: + description: "DeletionPolicy determines whether a VolumeGroupSnapshotContent created\nthrough the VolumeGroupSnapshotClass should be deleted when its bound\nVolumeGroupSnapshot is deleted.\nSupported values are \"Retain\" and \"Delete\".\n\"Retain\" means that the VolumeGroupSnapshotContent and its physical group\nsnapshot on underlying storage system are kept.\n\"Delete\" means that the VolumeGroupSnapshotContent and its physical group\nsnapshot on underlying storage system are deleted.\nRequired." + enum: + - "Delete" + - "Retain" + type: "string" + driver: + description: "Driver is the name of the storage driver expected to handle this VolumeGroupSnapshotClass.\nRequired." + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + parameters: + additionalProperties: + type: "string" + description: "Parameters is a key-value map with storage driver specific parameters for\ncreating group snapshots.\nThese values are opaque to Kubernetes and are passed directly to the driver." + type: "object" + required: + - "deletionPolicy" + - "driver" + type: "object" + served: true + storage: true + subresources: {} diff --git a/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotcontents.yaml b/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotcontents.yaml new file mode 100644 index 000000000..33ac77e42 --- /dev/null +++ b/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotcontents.yaml @@ -0,0 +1,195 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/1150" + controller-gen.kubebuilder.io/version: "v0.15.0" + name: "volumegroupsnapshotcontents.groupsnapshot.storage.k8s.io" +spec: + group: "groupsnapshot.storage.k8s.io" + names: + kind: "VolumeGroupSnapshotContent" + listKind: "VolumeGroupSnapshotContentList" + plural: "volumegroupsnapshotcontents" + shortNames: + - "vgsc" + - "vgscs" + singular: "volumegroupsnapshotcontent" + scope: "Cluster" + versions: + - additionalPrinterColumns: + - description: "Indicates if all the individual snapshots in the group are ready to be used to restore a group of volumes." + jsonPath: ".status.readyToUse" + name: "ReadyToUse" + type: "boolean" + - description: "Determines whether this VolumeGroupSnapshotContent and its physical group snapshot on the underlying storage system should be deleted when its bound VolumeGroupSnapshot is deleted." + jsonPath: ".spec.deletionPolicy" + name: "DeletionPolicy" + type: "string" + - description: "Name of the CSI driver used to create the physical group snapshot on the underlying storage system." + jsonPath: ".spec.driver" + name: "Driver" + type: "string" + - description: "Name of the VolumeGroupSnapshotClass from which this group snapshot was (or will be) created." + jsonPath: ".spec.volumeGroupSnapshotClassName" + name: "VolumeGroupSnapshotClass" + type: "string" + - description: "Namespace of the VolumeGroupSnapshot object to which this VolumeGroupSnapshotContent object is bound." + jsonPath: ".spec.volumeGroupSnapshotRef.namespace" + name: "VolumeGroupSnapshotNamespace" + type: "string" + - description: "Name of the VolumeGroupSnapshot object to which this VolumeGroupSnapshotContent object is bound." + jsonPath: ".spec.volumeGroupSnapshotRef.name" + name: "VolumeGroupSnapshot" + type: "string" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1beta1" + schema: + openAPIV3Schema: + description: "VolumeGroupSnapshotContent represents the actual \"on-disk\" group snapshot object\nin the underlying storage system" + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + description: "Spec defines properties of a VolumeGroupSnapshotContent created by the underlying storage system.\nRequired." + properties: + deletionPolicy: + description: "DeletionPolicy determines whether this VolumeGroupSnapshotContent and the\nphysical group snapshot on the underlying storage system should be deleted\nwhen the bound VolumeGroupSnapshot is deleted.\nSupported values are \"Retain\" and \"Delete\".\n\"Retain\" means that the VolumeGroupSnapshotContent and its physical group\nsnapshot on underlying storage system are kept.\n\"Delete\" means that the VolumeGroupSnapshotContent and its physical group\nsnapshot on underlying storage system are deleted.\nFor dynamically provisioned group snapshots, this field will automatically\nbe filled in by the CSI snapshotter sidecar with the \"DeletionPolicy\" field\ndefined in the corresponding VolumeGroupSnapshotClass.\nFor pre-existing snapshots, users MUST specify this field when creating the\nVolumeGroupSnapshotContent object.\nRequired." + enum: + - "Delete" + - "Retain" + type: "string" + driver: + description: "Driver is the name of the CSI driver used to create the physical group snapshot on\nthe underlying storage system.\nThis MUST be the same as the name returned by the CSI GetPluginName() call for\nthat driver.\nRequired." + type: "string" + source: + description: "Source specifies whether the snapshot is (or should be) dynamically provisioned\nor already exists, and just requires a Kubernetes object representation.\nThis field is immutable after creation.\nRequired." + properties: + groupSnapshotHandles: + description: "GroupSnapshotHandles specifies the CSI \"group_snapshot_id\" of a pre-existing\ngroup snapshot and a list of CSI \"snapshot_id\" of pre-existing snapshots\non the underlying storage system for which a Kubernetes object\nrepresentation was (or should be) created.\nThis field is immutable." + properties: + volumeGroupSnapshotHandle: + description: "VolumeGroupSnapshotHandle specifies the CSI \"group_snapshot_id\" of a pre-existing\ngroup snapshot on the underlying storage system for which a Kubernetes object\nrepresentation was (or should be) created.\nThis field is immutable.\nRequired." + type: "string" + volumeSnapshotHandles: + description: "VolumeSnapshotHandles is a list of CSI \"snapshot_id\" of pre-existing\nsnapshots on the underlying storage system for which Kubernetes objects\nrepresentation were (or should be) created.\nThis field is immutable.\nRequired." + items: + type: "string" + type: "array" + required: + - "volumeGroupSnapshotHandle" + - "volumeSnapshotHandles" + type: "object" + x-kubernetes-validations: + - message: "groupSnapshotHandles is immutable" + rule: "self == oldSelf" + volumeHandles: + description: "VolumeHandles is a list of volume handles on the backend to be snapshotted\ntogether. It is specified for dynamic provisioning of the VolumeGroupSnapshot.\nThis field is immutable." + items: + type: "string" + type: "array" + x-kubernetes-validations: + - message: "volumeHandles is immutable" + rule: "self == oldSelf" + type: "object" + x-kubernetes-validations: + - message: "volumeHandles is required once set" + rule: "!has(oldSelf.volumeHandles) || has(self.volumeHandles)" + - message: "groupSnapshotHandles is required once set" + rule: "!has(oldSelf.groupSnapshotHandles) || has(self.groupSnapshotHandles)" + - message: "exactly one of volumeHandles and groupSnapshotHandles must be set" + rule: "(has(self.volumeHandles) && !has(self.groupSnapshotHandles)) || (!has(self.volumeHandles) && has(self.groupSnapshotHandles))" + volumeGroupSnapshotClassName: + description: "VolumeGroupSnapshotClassName is the name of the VolumeGroupSnapshotClass from\nwhich this group snapshot was (or will be) created.\nNote that after provisioning, the VolumeGroupSnapshotClass may be deleted or\nrecreated with different set of values, and as such, should not be referenced\npost-snapshot creation.\nFor dynamic provisioning, this field must be set.\nThis field may be unset for pre-provisioned snapshots." + type: "string" + volumeGroupSnapshotRef: + description: "VolumeGroupSnapshotRef specifies the VolumeGroupSnapshot object to which this\nVolumeGroupSnapshotContent object is bound.\nVolumeGroupSnapshot.Spec.VolumeGroupSnapshotContentName field must reference to\nthis VolumeGroupSnapshotContent's name for the bidirectional binding to be valid.\nFor a pre-existing VolumeGroupSnapshotContent object, name and namespace of the\nVolumeGroupSnapshot object MUST be provided for binding to happen.\nThis field is immutable after creation.\nRequired." + properties: + apiVersion: + description: "API version of the referent." + type: "string" + fieldPath: + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + type: "string" + kind: + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + namespace: + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + type: "string" + resourceVersion: + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + type: "string" + uid: + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + x-kubernetes-validations: + - message: "both volumeGroupSnapshotRef.name and volumeGroupSnapshotRef.namespace must be set" + rule: "has(self.name) && has(self.__namespace__)" + required: + - "deletionPolicy" + - "driver" + - "source" + - "volumeGroupSnapshotRef" + type: "object" + status: + description: "status represents the current information of a group snapshot." + properties: + creationTime: + description: "CreationTime is the timestamp when the point-in-time group snapshot is taken\nby the underlying storage system.\nIf not specified, it indicates the creation time is unknown.\nIf not specified, it means the readiness of a group snapshot is unknown.\nThe format of this field is a Unix nanoseconds time encoded as an int64.\nOn Unix, the command date +%s%N returns the current time in nanoseconds\nsince 1970-01-01 00:00:00 UTC.\nThis field is the source for the CreationTime field in VolumeGroupSnapshotStatus" + format: "date-time" + type: "string" + error: + description: "Error is the last observed error during group snapshot creation, if any.\nUpon success after retry, this error field will be cleared." + properties: + message: + description: "message is a string detailing the encountered error during snapshot\ncreation if specified.\nNOTE: message may be logged, and it should not contain sensitive\ninformation." + type: "string" + time: + description: "time is the timestamp when the error was encountered." + format: "date-time" + type: "string" + type: "object" + readyToUse: + description: "ReadyToUse indicates if all the individual snapshots in the group are ready to be\nused to restore a group of volumes.\nReadyToUse becomes true when ReadyToUse of all individual snapshots become true." + type: "boolean" + volumeGroupSnapshotHandle: + description: "VolumeGroupSnapshotHandle is a unique id returned by the CSI driver\nto identify the VolumeGroupSnapshot on the storage system.\nIf a storage system does not provide such an id, the\nCSI driver can choose to return the VolumeGroupSnapshot name." + type: "string" + volumeSnapshotHandlePairList: + description: "VolumeSnapshotHandlePairList is a list of CSI \"volume_id\" and \"snapshot_id\"\npair returned by the CSI driver to identify snapshots and their source volumes\non the storage system." + items: + description: "VolumeSnapshotHandlePair defines a pair of a source volume handle and a snapshot handle" + properties: + snapshotHandle: + description: "SnapshotHandle is a unique id returned by the CSI driver to identify a volume\nsnapshot on the storage system\nRequired." + type: "string" + volumeHandle: + description: "VolumeHandle is a unique id returned by the CSI driver to identify a volume\non the storage system\nRequired." + type: "string" + required: + - "snapshotHandle" + - "volumeHandle" + type: "object" + type: "array" + type: "object" + required: + - "spec" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshots.yaml b/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshots.yaml new file mode 100644 index 000000000..ec180721d --- /dev/null +++ b/crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshots.yaml @@ -0,0 +1,148 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/1150" + controller-gen.kubebuilder.io/version: "v0.15.0" + name: "volumegroupsnapshots.groupsnapshot.storage.k8s.io" +spec: + group: "groupsnapshot.storage.k8s.io" + names: + kind: "VolumeGroupSnapshot" + listKind: "VolumeGroupSnapshotList" + plural: "volumegroupsnapshots" + shortNames: + - "vgs" + singular: "volumegroupsnapshot" + scope: "Namespaced" + versions: + - additionalPrinterColumns: + - description: "Indicates if all the individual snapshots in the group are ready to be used to restore a group of volumes." + jsonPath: ".status.readyToUse" + name: "ReadyToUse" + type: "boolean" + - description: "The name of the VolumeGroupSnapshotClass requested by the VolumeGroupSnapshot." + jsonPath: ".spec.volumeGroupSnapshotClassName" + name: "VolumeGroupSnapshotClass" + type: "string" + - description: "Name of the VolumeGroupSnapshotContent object to which the VolumeGroupSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeGroupSnapshot and VolumeGroupSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object." + jsonPath: ".status.boundVolumeGroupSnapshotContentName" + name: "VolumeGroupSnapshotContent" + type: "string" + - description: "Timestamp when the point-in-time group snapshot was taken by the underlying storage system." + jsonPath: ".status.creationTime" + name: "CreationTime" + type: "date" + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1beta1" + schema: + openAPIV3Schema: + description: "VolumeGroupSnapshot is a user's request for creating either a point-in-time\ngroup snapshot or binding to a pre-existing group snapshot." + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + description: "Spec defines the desired characteristics of a group snapshot requested by a user.\nRequired." + properties: + source: + description: "Source specifies where a group snapshot will be created from.\nThis field is immutable after creation.\nRequired." + properties: + selector: + description: "Selector is a label query over persistent volume claims that are to be\ngrouped together for snapshotting.\nThis labelSelector will be used to match the label added to a PVC.\nIf the label is added or removed to a volume after a group snapshot\nis created, the existing group snapshots won't be modified.\nOnce a VolumeGroupSnapshotContent is created and the sidecar starts to process\nit, the volume list will not change with retries." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + x-kubernetes-validations: + - message: "selector is immutable" + rule: "self == oldSelf" + volumeGroupSnapshotContentName: + description: "VolumeGroupSnapshotContentName specifies the name of a pre-existing VolumeGroupSnapshotContent\nobject representing an existing volume group snapshot.\nThis field should be set if the volume group snapshot already exists and\nonly needs a representation in Kubernetes.\nThis field is immutable." + type: "string" + x-kubernetes-validations: + - message: "volumeGroupSnapshotContentName is immutable" + rule: "self == oldSelf" + type: "object" + x-kubernetes-validations: + - message: "selector is required once set" + rule: "!has(oldSelf.selector) || has(self.selector)" + - message: "volumeGroupSnapshotContentName is required once set" + rule: "!has(oldSelf.volumeGroupSnapshotContentName) || has(self.volumeGroupSnapshotContentName)" + - message: "exactly one of selector and volumeGroupSnapshotContentName must be set" + rule: "(has(self.selector) && !has(self.volumeGroupSnapshotContentName)) || (!has(self.selector) && has(self.volumeGroupSnapshotContentName))" + volumeGroupSnapshotClassName: + description: "VolumeGroupSnapshotClassName is the name of the VolumeGroupSnapshotClass\nrequested by the VolumeGroupSnapshot.\nVolumeGroupSnapshotClassName may be left nil to indicate that the default\nclass will be used.\nEmpty string is not allowed for this field." + type: "string" + x-kubernetes-validations: + - message: "volumeGroupSnapshotClassName must not be the empty string when set" + rule: "size(self) > 0" + required: + - "source" + type: "object" + status: + description: "Status represents the current information of a group snapshot.\nConsumers must verify binding between VolumeGroupSnapshot and\nVolumeGroupSnapshotContent objects is successful (by validating that both\nVolumeGroupSnapshot and VolumeGroupSnapshotContent point to each other) before\nusing this object." + properties: + boundVolumeGroupSnapshotContentName: + description: "BoundVolumeGroupSnapshotContentName is the name of the VolumeGroupSnapshotContent\nobject to which this VolumeGroupSnapshot object intends to bind to.\nIf not specified, it indicates that the VolumeGroupSnapshot object has not\nbeen successfully bound to a VolumeGroupSnapshotContent object yet.\nNOTE: To avoid possible security issues, consumers must verify binding between\nVolumeGroupSnapshot and VolumeGroupSnapshotContent objects is successful\n(by validating that both VolumeGroupSnapshot and VolumeGroupSnapshotContent\npoint at each other) before using this object." + type: "string" + creationTime: + description: "CreationTime is the timestamp when the point-in-time group snapshot is taken\nby the underlying storage system.\nIf not specified, it may indicate that the creation time of the group snapshot\nis unknown.\nThe format of this field is a Unix nanoseconds time encoded as an int64.\nOn Unix, the command date +%s%N returns the current time in nanoseconds\nsince 1970-01-01 00:00:00 UTC.\nThis field is updated based on the CreationTime field in VolumeGroupSnapshotContentStatus" + format: "date-time" + type: "string" + error: + description: "Error is the last observed error during group snapshot creation, if any.\nThis field could be helpful to upper level controllers (i.e., application\ncontroller) to decide whether they should continue on waiting for the group\nsnapshot to be created based on the type of error reported.\nThe snapshot controller will keep retrying when an error occurs during the\ngroup snapshot creation. Upon success, this error field will be cleared." + properties: + message: + description: "message is a string detailing the encountered error during snapshot\ncreation if specified.\nNOTE: message may be logged, and it should not contain sensitive\ninformation." + type: "string" + time: + description: "time is the timestamp when the error was encountered." + format: "date-time" + type: "string" + type: "object" + readyToUse: + description: "ReadyToUse indicates if all the individual snapshots in the group are ready\nto be used to restore a group of volumes.\nReadyToUse becomes true when ReadyToUse of all individual snapshots become true.\nIf not specified, it means the readiness of a group snapshot is unknown." + type: "boolean" + type: "object" + required: + - "spec" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1alpha1/targetgroupbindings.yaml b/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1alpha1/targetgroupbindings.yaml index 832df5aff..c9275d76d 100644 --- a/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1alpha1/targetgroupbindings.yaml +++ b/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1alpha1/targetgroupbindings.yaml @@ -31,6 +31,11 @@ spec: name: "ARN" priority: 1 type: "string" + - description: "The AWS TargetGroup's Name" + jsonPath: ".spec.targetGroupName" + name: "NAME" + priority: 2 + type: "string" - jsonPath: ".metadata.creationTimestamp" name: "AGE" type: "date" @@ -50,6 +55,12 @@ spec: spec: description: "TargetGroupBindingSpec defines the desired state of TargetGroupBinding" properties: + assumeRoleExternalId: + description: "IAM Role ARN to assume when calling AWS APIs. Needed to assume a role in another account and prevent the confused deputy problem. https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html" + type: "string" + iamRoleArnToAssume: + description: "IAM Role ARN to assume when calling AWS APIs. Useful if the target group is in a different AWS account" + type: "string" multiClusterTargetGroup: description: "MultiClusterTargetGroup Denotes if the TargetGroup is shared among multiple clusters" type: "boolean" @@ -128,6 +139,9 @@ spec: targetGroupARN: description: "targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup." type: "string" + targetGroupName: + description: "targetGroupName is the Name of the TargetGroup." + type: "string" targetType: description: "targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred." enum: @@ -136,7 +150,6 @@ spec: type: "string" required: - "serviceRef" - - "targetGroupARN" type: "object" status: description: "TargetGroupBindingStatus defines the observed state of TargetGroupBinding" diff --git a/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/ingressclassparams.yaml b/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/ingressclassparams.yaml index 7816744df..bc22499d9 100644 --- a/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/ingressclassparams.yaml +++ b/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/ingressclassparams.yaml @@ -116,6 +116,16 @@ spec: - "value" type: "object" type: "array" + minimumLoadBalancerCapacity: + description: "MinimumLoadBalancerCapacity define the capacity reservation for LoadBalancers for all Ingress that belong to IngressClass with this IngressClassParams." + properties: + capacityUnits: + description: "The Capacity Units Value." + format: "int32" + type: "integer" + required: + - "capacityUnits" + type: "object" namespaceSelector: description: "NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams.\n* if absent or present but empty, it selects all namespaces." properties: diff --git a/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/targetgroupbindings.yaml b/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/targetgroupbindings.yaml index 890c5af15..81ff15a46 100644 --- a/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/targetgroupbindings.yaml +++ b/crd-catalog/kubernetes-sigs/aws-load-balancer-controller/elbv2.k8s.aws/v1beta1/targetgroupbindings.yaml @@ -31,6 +31,11 @@ spec: name: "ARN" priority: 1 type: "string" + - description: "The AWS TargetGroup's Name" + jsonPath: ".spec.targetGroupName" + name: "NAME" + priority: 2 + type: "string" - jsonPath: ".metadata.creationTimestamp" name: "AGE" type: "date" @@ -50,6 +55,12 @@ spec: spec: description: "TargetGroupBindingSpec defines the desired state of TargetGroupBinding" properties: + assumeRoleExternalId: + description: "IAM Role ARN to assume when calling AWS APIs. Needed to assume a role in another account and prevent the confused deputy problem. https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html" + type: "string" + iamRoleArnToAssume: + description: "IAM Role ARN to assume when calling AWS APIs. Useful if the target group is in a different AWS account" + type: "string" ipAddressType: description: "ipAddressType specifies whether the target group is of type IPv4 or IPv6. If unspecified, it will be automatically inferred." enum: @@ -168,7 +179,9 @@ spec: type: "object" targetGroupARN: description: "targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup." - minLength: 1 + type: "string" + targetGroupName: + description: "targetGroupName is the Name of the TargetGroup." type: "string" targetType: description: "targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred." @@ -181,7 +194,6 @@ spec: type: "string" required: - "serviceRef" - - "targetGroupARN" type: "object" status: description: "TargetGroupBindingStatus defines the observed state of TargetGroupBinding" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/bootstrapproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/bootstrapproviders.yaml index 7dda72f91..70639de09 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/bootstrapproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/bootstrapproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "bootstrapproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -26,7 +26,7 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "BootstrapProvider is the Schema for the bootstrapproviders API.\n\n\nDeprecated: This type will be removed in one of the next releases." + description: "BootstrapProvider is the Schema for the bootstrapproviders API.\n\nDeprecated: This type will be removed in one of the next releases." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -84,11 +84,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -105,11 +107,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -121,6 +125,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -145,11 +150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -166,14 +173,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -209,11 +219,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -222,13 +234,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -252,11 +264,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -269,6 +283,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -284,6 +299,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -308,11 +324,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -321,13 +339,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -351,11 +369,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -368,6 +388,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -375,6 +396,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -406,11 +428,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -419,13 +443,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -449,11 +473,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -466,6 +492,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -481,6 +508,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -505,11 +533,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -518,13 +548,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -548,11 +578,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -565,6 +597,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -572,6 +605,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -610,7 +644,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -659,7 +694,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -693,13 +729,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -736,7 +775,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -799,11 +839,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -819,7 +861,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -831,7 +873,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -896,7 +938,7 @@ spec: minimum: 1.0 type: "integer" metrics: - description: "Metrics contains the controller metrics configuration" + description: "Metrics contains thw controller metrics configuration" properties: bindAddress: description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." @@ -953,16 +995,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/controlplaneproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/controlplaneproviders.yaml index a3cbeeff4..f4a28135a 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/controlplaneproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/controlplaneproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "controlplaneproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -26,7 +26,7 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "ControlPlaneProvider is the Schema for the controlplaneproviders API.\n\n\nDeprecated: This type will be removed in one of the next releases." + description: "ControlPlaneProvider is the Schema for the controlplaneproviders API.\n\nDeprecated: This type will be removed in one of the next releases." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -84,11 +84,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -105,11 +107,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -121,6 +125,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -145,11 +150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -166,14 +173,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -209,11 +219,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -222,13 +234,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -252,11 +264,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -269,6 +283,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -284,6 +299,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -308,11 +324,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -321,13 +339,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -351,11 +369,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -368,6 +388,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -375,6 +396,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -406,11 +428,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -419,13 +443,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -449,11 +473,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -466,6 +492,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -481,6 +508,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -505,11 +533,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -518,13 +548,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -548,11 +578,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -565,6 +597,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -572,6 +605,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -610,7 +644,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -659,7 +694,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -693,13 +729,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -736,7 +775,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -799,11 +839,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -819,7 +861,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -831,7 +873,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -896,7 +938,7 @@ spec: minimum: 1.0 type: "integer" metrics: - description: "Metrics contains the controller metrics configuration" + description: "Metrics contains thw controller metrics configuration" properties: bindAddress: description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." @@ -953,16 +995,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/coreproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/coreproviders.yaml index 48517f26f..556c45c22 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/coreproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/coreproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "coreproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -26,7 +26,7 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "CoreProvider is the Schema for the coreproviders API.\n\n\nDeprecated: This type will be removed in one of the next releases." + description: "CoreProvider is the Schema for the coreproviders API.\n\nDeprecated: This type will be removed in one of the next releases." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -84,11 +84,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -105,11 +107,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -121,6 +125,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -145,11 +150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -166,14 +173,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -209,11 +219,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -222,13 +234,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -252,11 +264,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -269,6 +283,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -284,6 +299,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -308,11 +324,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -321,13 +339,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -351,11 +369,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -368,6 +388,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -375,6 +396,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -406,11 +428,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -419,13 +443,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -449,11 +473,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -466,6 +492,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -481,6 +508,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -505,11 +533,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -518,13 +548,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -548,11 +578,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -565,6 +597,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -572,6 +605,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -610,7 +644,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -659,7 +694,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -693,13 +729,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -736,7 +775,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -799,11 +839,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -819,7 +861,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -831,7 +873,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -896,7 +938,7 @@ spec: minimum: 1.0 type: "integer" metrics: - description: "Metrics contains the controller metrics configuration" + description: "Metrics contains thw controller metrics configuration" properties: bindAddress: description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." @@ -953,16 +995,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/infrastructureproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/infrastructureproviders.yaml index 223ac73d1..3335a8dea 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/infrastructureproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha1/infrastructureproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "infrastructureproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -26,7 +26,7 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "InfrastructureProvider is the Schema for the infrastructureproviders API.\n\n\nDeprecated: This type will be removed in one of the next releases." + description: "InfrastructureProvider is the Schema for the infrastructureproviders API.\n\nDeprecated: This type will be removed in one of the next releases." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -84,11 +84,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -105,11 +107,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -121,6 +125,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -145,11 +150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -166,14 +173,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -209,11 +219,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -222,13 +234,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -252,11 +264,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -269,6 +283,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -284,6 +299,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -308,11 +324,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -321,13 +339,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -351,11 +369,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -368,6 +388,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -375,6 +396,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -406,11 +428,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -419,13 +443,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -449,11 +473,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -466,6 +492,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -481,6 +508,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -505,11 +533,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -518,13 +548,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -548,11 +578,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -565,6 +597,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -572,6 +605,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -610,7 +644,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -659,7 +694,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -693,13 +729,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -736,7 +775,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -799,11 +839,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -819,7 +861,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -831,7 +873,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -896,7 +938,7 @@ spec: minimum: 1.0 type: "integer" metrics: - description: "Metrics contains the controller metrics configuration" + description: "Metrics contains thw controller metrics configuration" properties: bindAddress: description: "BindAddress is the TCP address that the controller should bind to\nfor serving prometheus metrics.\nIt can be set to \"0\" to disable the metrics serving." @@ -953,16 +995,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml index 3f3751517..51d43d77f 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/addonproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "addonproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -75,11 +75,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -96,11 +98,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -112,6 +116,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -136,11 +141,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -157,14 +164,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -200,11 +210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -213,13 +225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -243,11 +255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -260,6 +274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -275,6 +290,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -299,11 +315,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -312,13 +330,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -342,11 +360,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -359,6 +379,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -366,6 +387,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -397,11 +419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -410,13 +434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -440,11 +464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -457,6 +483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -472,6 +499,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -496,11 +524,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -509,13 +539,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -539,11 +569,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -556,6 +588,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -563,6 +596,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -601,7 +635,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -650,7 +685,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -674,13 +710,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -717,7 +756,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -762,7 +802,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -774,7 +814,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -930,11 +970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -951,11 +993,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -967,6 +1011,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -991,11 +1036,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1012,14 +1059,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1055,11 +1105,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1068,13 +1120,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1098,11 +1150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1115,6 +1169,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1130,6 +1185,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1154,11 +1210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1167,13 +1225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1197,11 +1255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1214,6 +1274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1221,6 +1282,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -1252,11 +1314,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1265,13 +1329,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1295,11 +1359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1312,6 +1378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1327,6 +1394,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1351,11 +1419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1364,13 +1434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1394,11 +1464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1411,6 +1483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1418,6 +1491,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -1456,7 +1530,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1505,7 +1580,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1529,13 +1605,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1572,7 +1651,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1616,6 +1696,9 @@ spec: fetchConfig: description: "FetchConfig determines how the operator will fetch the components and metadata for the provider.\nIf nil, the operator will try to fetch components according to default\nembedded fetch configuration for the given kind and `ObjectMeta.Name`.\nFor example, the infrastructure name `aws` will fetch artifacts from\nhttps://github.com/kubernetes-sigs/cluster-api-provider-aws/releases." properties: + oci: + description: "OCI to be used for fetching the provider’s components and metadata from an OCI artifact.\nYou must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub.\nIf the providerSpec.Version is missing, latest provider version from clusterctl defaults is used." + type: "string" selector: description: "Selector to be used for fetching provider’s components and metadata from\nConfigMaps stored inside the cluster. Each ConfigMap is expected to contain\ncomponents and metadata for a specific version only.\nNote: the name of the ConfigMap should be set to the version or to override this\nadd a label like the following: provider.cluster.x-k8s.io/version=v1.4.3" properties: @@ -1635,11 +1718,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1651,11 +1736,14 @@ spec: description: "URL to be used for fetching the provider’s components and metadata from a remote Github repository.\nFor example, https://github.com/{owner}/{repository}/releases\nYou must set `providerSpec.Version` field for operator to pick up\ndesired version of the release from GitHub." type: "string" type: "object" + x-kubernetes-validations: + - message: "Must specify one and only one of {oci, url, selector}" + rule: "[has(self.oci), has(self.url), has(self.selector)].exists_one(x,x)" manager: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -1667,7 +1755,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -1788,16 +1876,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml index 05a4fe035..eb761012f 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/bootstrapproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "bootstrapproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -75,11 +75,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -96,11 +98,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -112,6 +116,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -136,11 +141,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -157,14 +164,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -200,11 +210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -213,13 +225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -243,11 +255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -260,6 +274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -275,6 +290,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -299,11 +315,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -312,13 +330,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -342,11 +360,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -359,6 +379,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -366,6 +387,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -397,11 +419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -410,13 +434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -440,11 +464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -457,6 +483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -472,6 +499,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -496,11 +524,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -509,13 +539,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -539,11 +569,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -556,6 +588,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -563,6 +596,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -601,7 +635,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -650,7 +685,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -674,13 +710,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -717,7 +756,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -762,7 +802,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -774,7 +814,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -930,11 +970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -951,11 +993,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -967,6 +1011,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -991,11 +1036,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1012,14 +1059,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1055,11 +1105,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1068,13 +1120,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1098,11 +1150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1115,6 +1169,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1130,6 +1185,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1154,11 +1210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1167,13 +1225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1197,11 +1255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1214,6 +1274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1221,6 +1282,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -1252,11 +1314,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1265,13 +1329,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1295,11 +1359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1312,6 +1378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1327,6 +1394,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1351,11 +1419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1364,13 +1434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1394,11 +1464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1411,6 +1483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1418,6 +1491,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -1456,7 +1530,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1505,7 +1580,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1529,13 +1605,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1572,7 +1651,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1616,6 +1696,9 @@ spec: fetchConfig: description: "FetchConfig determines how the operator will fetch the components and metadata for the provider.\nIf nil, the operator will try to fetch components according to default\nembedded fetch configuration for the given kind and `ObjectMeta.Name`.\nFor example, the infrastructure name `aws` will fetch artifacts from\nhttps://github.com/kubernetes-sigs/cluster-api-provider-aws/releases." properties: + oci: + description: "OCI to be used for fetching the provider’s components and metadata from an OCI artifact.\nYou must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub.\nIf the providerSpec.Version is missing, latest provider version from clusterctl defaults is used." + type: "string" selector: description: "Selector to be used for fetching provider’s components and metadata from\nConfigMaps stored inside the cluster. Each ConfigMap is expected to contain\ncomponents and metadata for a specific version only.\nNote: the name of the ConfigMap should be set to the version or to override this\nadd a label like the following: provider.cluster.x-k8s.io/version=v1.4.3" properties: @@ -1635,11 +1718,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1651,11 +1736,14 @@ spec: description: "URL to be used for fetching the provider’s components and metadata from a remote Github repository.\nFor example, https://github.com/{owner}/{repository}/releases\nYou must set `providerSpec.Version` field for operator to pick up\ndesired version of the release from GitHub." type: "string" type: "object" + x-kubernetes-validations: + - message: "Must specify one and only one of {oci, url, selector}" + rule: "[has(self.oci), has(self.url), has(self.selector)].exists_one(x,x)" manager: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -1667,7 +1755,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -1788,16 +1876,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml index 75918dd78..6a6692967 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/controlplaneproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "controlplaneproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -75,11 +75,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -96,11 +98,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -112,6 +116,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -136,11 +141,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -157,14 +164,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -200,11 +210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -213,13 +225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -243,11 +255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -260,6 +274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -275,6 +290,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -299,11 +315,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -312,13 +330,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -342,11 +360,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -359,6 +379,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -366,6 +387,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -397,11 +419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -410,13 +434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -440,11 +464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -457,6 +483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -472,6 +499,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -496,11 +524,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -509,13 +539,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -539,11 +569,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -556,6 +588,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -563,6 +596,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -601,7 +635,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -650,7 +685,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -674,13 +710,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -717,7 +756,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -762,7 +802,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -774,7 +814,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -930,11 +970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -951,11 +993,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -967,6 +1011,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -991,11 +1036,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1012,14 +1059,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1055,11 +1105,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1068,13 +1120,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1098,11 +1150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1115,6 +1169,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1130,6 +1185,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1154,11 +1210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1167,13 +1225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1197,11 +1255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1214,6 +1274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1221,6 +1282,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -1252,11 +1314,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1265,13 +1329,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1295,11 +1359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1312,6 +1378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1327,6 +1394,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1351,11 +1419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1364,13 +1434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1394,11 +1464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1411,6 +1483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1418,6 +1491,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -1456,7 +1530,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1505,7 +1580,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1529,13 +1605,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1572,7 +1651,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1616,6 +1696,9 @@ spec: fetchConfig: description: "FetchConfig determines how the operator will fetch the components and metadata for the provider.\nIf nil, the operator will try to fetch components according to default\nembedded fetch configuration for the given kind and `ObjectMeta.Name`.\nFor example, the infrastructure name `aws` will fetch artifacts from\nhttps://github.com/kubernetes-sigs/cluster-api-provider-aws/releases." properties: + oci: + description: "OCI to be used for fetching the provider’s components and metadata from an OCI artifact.\nYou must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub.\nIf the providerSpec.Version is missing, latest provider version from clusterctl defaults is used." + type: "string" selector: description: "Selector to be used for fetching provider’s components and metadata from\nConfigMaps stored inside the cluster. Each ConfigMap is expected to contain\ncomponents and metadata for a specific version only.\nNote: the name of the ConfigMap should be set to the version or to override this\nadd a label like the following: provider.cluster.x-k8s.io/version=v1.4.3" properties: @@ -1635,11 +1718,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1651,11 +1736,14 @@ spec: description: "URL to be used for fetching the provider’s components and metadata from a remote Github repository.\nFor example, https://github.com/{owner}/{repository}/releases\nYou must set `providerSpec.Version` field for operator to pick up\ndesired version of the release from GitHub." type: "string" type: "object" + x-kubernetes-validations: + - message: "Must specify one and only one of {oci, url, selector}" + rule: "[has(self.oci), has(self.url), has(self.selector)].exists_one(x,x)" manager: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -1667,7 +1755,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -1788,16 +1876,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml index 5e0c0befe..5673e6153 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/coreproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "coreproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -75,11 +75,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -96,11 +98,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -112,6 +116,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -136,11 +141,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -157,14 +164,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -200,11 +210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -213,13 +225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -243,11 +255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -260,6 +274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -275,6 +290,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -299,11 +315,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -312,13 +330,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -342,11 +360,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -359,6 +379,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -366,6 +387,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -397,11 +419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -410,13 +434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -440,11 +464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -457,6 +483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -472,6 +499,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -496,11 +524,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -509,13 +539,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -539,11 +569,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -556,6 +588,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -563,6 +596,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -601,7 +635,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -650,7 +685,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -674,13 +710,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -717,7 +756,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -762,7 +802,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -774,7 +814,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -930,11 +970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -951,11 +993,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -967,6 +1011,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -991,11 +1036,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1012,14 +1059,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1055,11 +1105,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1068,13 +1120,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1098,11 +1150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1115,6 +1169,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1130,6 +1185,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1154,11 +1210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1167,13 +1225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1197,11 +1255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1214,6 +1274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1221,6 +1282,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -1252,11 +1314,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1265,13 +1329,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1295,11 +1359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1312,6 +1378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1327,6 +1394,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1351,11 +1419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1364,13 +1434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1394,11 +1464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1411,6 +1483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1418,6 +1491,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -1456,7 +1530,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1505,7 +1580,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1529,13 +1605,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1572,7 +1651,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1616,6 +1696,9 @@ spec: fetchConfig: description: "FetchConfig determines how the operator will fetch the components and metadata for the provider.\nIf nil, the operator will try to fetch components according to default\nembedded fetch configuration for the given kind and `ObjectMeta.Name`.\nFor example, the infrastructure name `aws` will fetch artifacts from\nhttps://github.com/kubernetes-sigs/cluster-api-provider-aws/releases." properties: + oci: + description: "OCI to be used for fetching the provider’s components and metadata from an OCI artifact.\nYou must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub.\nIf the providerSpec.Version is missing, latest provider version from clusterctl defaults is used." + type: "string" selector: description: "Selector to be used for fetching provider’s components and metadata from\nConfigMaps stored inside the cluster. Each ConfigMap is expected to contain\ncomponents and metadata for a specific version only.\nNote: the name of the ConfigMap should be set to the version or to override this\nadd a label like the following: provider.cluster.x-k8s.io/version=v1.4.3" properties: @@ -1635,11 +1718,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1651,11 +1736,14 @@ spec: description: "URL to be used for fetching the provider’s components and metadata from a remote Github repository.\nFor example, https://github.com/{owner}/{repository}/releases\nYou must set `providerSpec.Version` field for operator to pick up\ndesired version of the release from GitHub." type: "string" type: "object" + x-kubernetes-validations: + - message: "Must specify one and only one of {oci, url, selector}" + rule: "[has(self.oci), has(self.url), has(self.selector)].exists_one(x,x)" manager: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -1667,7 +1755,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -1788,16 +1876,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml index 1bf0c5f50..0a1890ae6 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-operator/operator.cluster.x-k8s.io/v1alpha2/infrastructureproviders.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.1" name: "infrastructureproviders.operator.cluster.x-k8s.io" spec: group: "operator.cluster.x-k8s.io" @@ -75,11 +75,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -96,11 +98,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -112,6 +116,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -136,11 +141,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -157,14 +164,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -200,11 +210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -213,13 +225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -243,11 +255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -260,6 +274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -275,6 +290,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -299,11 +315,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -312,13 +330,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -342,11 +360,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -359,6 +379,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -366,6 +387,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -397,11 +419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -410,13 +434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -440,11 +464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -457,6 +483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -472,6 +499,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -496,11 +524,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -509,13 +539,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -539,11 +569,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -556,6 +588,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -563,6 +596,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -601,7 +635,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -650,7 +685,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -674,13 +710,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -717,7 +756,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -762,7 +802,7 @@ spec: description: "Manager defines the properties that can be enabled on the controller manager for the additional provider deployment." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -774,7 +814,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -930,11 +970,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -951,11 +993,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -967,6 +1011,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -991,11 +1036,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -1012,14 +1059,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -1055,11 +1105,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1068,13 +1120,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1098,11 +1150,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1115,6 +1169,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1130,6 +1185,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1154,11 +1210,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1167,13 +1225,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1197,11 +1255,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1214,6 +1274,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1221,6 +1282,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -1252,11 +1314,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1265,13 +1329,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1295,11 +1359,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1312,6 +1378,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1327,6 +1394,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -1351,11 +1419,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1364,13 +1434,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1394,11 +1464,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1411,6 +1483,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -1418,6 +1491,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" containers: @@ -1456,7 +1530,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1505,7 +1580,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1529,13 +1605,16 @@ spec: description: "Compute resources required by this container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1572,7 +1651,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1616,6 +1696,9 @@ spec: fetchConfig: description: "FetchConfig determines how the operator will fetch the components and metadata for the provider.\nIf nil, the operator will try to fetch components according to default\nembedded fetch configuration for the given kind and `ObjectMeta.Name`.\nFor example, the infrastructure name `aws` will fetch artifacts from\nhttps://github.com/kubernetes-sigs/cluster-api-provider-aws/releases." properties: + oci: + description: "OCI to be used for fetching the provider’s components and metadata from an OCI artifact.\nYou must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub.\nIf the providerSpec.Version is missing, latest provider version from clusterctl defaults is used." + type: "string" selector: description: "Selector to be used for fetching provider’s components and metadata from\nConfigMaps stored inside the cluster. Each ConfigMap is expected to contain\ncomponents and metadata for a specific version only.\nNote: the name of the ConfigMap should be set to the version or to override this\nadd a label like the following: provider.cluster.x-k8s.io/version=v1.4.3" properties: @@ -1635,11 +1718,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -1651,11 +1736,14 @@ spec: description: "URL to be used for fetching the provider’s components and metadata from a remote Github repository.\nFor example, https://github.com/{owner}/{repository}/releases\nYou must set `providerSpec.Version` field for operator to pick up\ndesired version of the release from GitHub." type: "string" type: "object" + x-kubernetes-validations: + - message: "Must specify one and only one of {oci, url, selector}" + rule: "[has(self.oci), has(self.url), has(self.selector)].exists_one(x,x)" manager: description: "Manager defines the properties that can be enabled on the controller manager for the provider." properties: cacheNamespace: - description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." + description: "CacheNamespace if specified restricts the manager's cache to watch objects in\nthe desired namespace Defaults to all namespaces\n\nNote: If a namespace is specified, controllers can still Watch for a\ncluster-scoped resource (e.g Node). For namespaced resources the cache\nwill only hold objects from the desired namespace." type: "string" controller: description: "Controller contains global configuration options for controllers\nregistered within this manager." @@ -1667,7 +1755,7 @@ spec: groupKindConcurrency: additionalProperties: type: "integer" - description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." + description: "GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation\nallowed for that controller.\n\nWhen a controller is registered within this manager using the builder utilities,\nusers have to specify the type the controller reconciles in the For(...) call.\nIf the object's kind passed matches one of the keys in this map, the concurrency\nfor that controller is set to the number specified.\n\nThe key is expected to be consistent in form with GroupKind.String(),\ne.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`." type: "object" recoverPanic: description: "RecoverPanic indicates if panics should be recovered." @@ -1788,16 +1876,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclusters.yaml index 7f403b027..1948bbde2 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclustertemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclustertemplates.yaml index c50cdfa56..09d71801d 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclustertemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsclustertemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsclustertemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -47,7 +47,7 @@ spec: annotations: additionalProperties: type: "string" - description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: http://kubernetes.io/docs/user-guide/annotations" + description: "annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: http://kubernetes.io/docs/user-guide/annotations" type: "object" labels: additionalProperties: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsimages.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsimages.yaml index 07377e5d7..dd082cbc7 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsimages.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsimages.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsimages.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -91,16 +91,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachines.yaml index 9372a321b..6c3dce6b6 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsmachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -86,7 +86,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -165,16 +165,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" @@ -183,10 +183,10 @@ spec: type: "object" type: "array" failureMessage: - description: "FailureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption.\n\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." + description: "FailureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption.\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." type: "string" failureReason: - description: "FailureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." + description: "FailureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." type: "string" fault: description: "Fault will report if any fault messages for the vsi." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachinetemplates.yaml index 42c91574b..f349cc788 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmpowervsmachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsmachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -56,7 +56,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcclusters.yaml index 56825a99a..2b10b680d 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmvpcclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -95,16 +95,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachines.yaml index 4516cc6d0..8f8b3c093 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmvpcmachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -84,7 +84,7 @@ spec: type: "string" type: "object" profile: - description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps\nTODO: add a reference link of profile" + description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps" type: "string" providerID: description: "ProviderID is the unique identifier as specified by the cloud provider." @@ -100,7 +100,7 @@ spec: type: "string" type: "array" zone: - description: "Zone is the place where the instance should be created. Example: us-south-3\nTODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2" + description: "Zone is the place where the instance should be created. Example: us-south-3" type: "string" required: - "zone" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachinetemplates.yaml index 38b857b6b..7592e6daa 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta1/ibmvpcmachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmvpcmachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -85,7 +85,7 @@ spec: type: "string" type: "object" profile: - description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps\nTODO: add a reference link of profile" + description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps" type: "string" providerID: description: "ProviderID is the unique identifier as specified by the cloud provider." @@ -101,7 +101,7 @@ spec: type: "string" type: "array" zone: - description: "Zone is the place where the instance should be created. Example: us-south-3\nTODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2" + description: "Zone is the place where the instance should be created. Example: us-south-3" type: "string" required: - "zone" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml index 3e8725726..dc259b5b1 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -641,16 +641,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml index 521c436cf..d69db5bc3 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsclustertemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsclustertemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -47,7 +47,7 @@ spec: annotations: additionalProperties: type: "string" - description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: http://kubernetes.io/docs/user-guide/annotations" + description: "annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: http://kubernetes.io/docs/user-guide/annotations" type: "object" labels: additionalProperties: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml index 06a7bbc32..8092fe4eb 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsimages.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsimages.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -107,16 +107,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml index 03f7f7728..a66297b49 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsmachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -86,7 +86,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -194,16 +194,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" @@ -212,10 +212,10 @@ spec: type: "object" type: "array" failureMessage: - description: "FailureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption.\n\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." + description: "FailureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption.\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." type: "string" failureReason: - description: "FailureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." + description: "FailureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." type: "string" fault: description: "Fault will report if any fault messages for the vsi." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml index 01de7630f..1188bd45d 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmpowervsmachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmpowervsmachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -56,7 +56,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml index f1c630e6b..25a029c10 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmvpcclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -760,16 +760,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachines.yaml index 3c0e579be..c17c57216 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmvpcmachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -225,7 +225,7 @@ spec: type: "string" type: "object" profile: - description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps\nTODO: add a reference link of profile" + description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps" type: "string" providerID: description: "ProviderID is the unique identifier as specified by the cloud provider." @@ -246,7 +246,7 @@ spec: type: "object" type: "array" zone: - description: "Zone is the place where the instance should be created. Example: us-south-3\nTODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2" + description: "Zone is the place where the instance should be created. Example: us-south-3" type: "string" required: - "image" @@ -284,16 +284,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachinetemplates.yaml index 7d0b606d2..3ed347a96 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-ibmcloud/infrastructure.cluster.x-k8s.io/v1beta2/ibmvpcmachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ibmvpcmachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -226,7 +226,7 @@ spec: type: "string" type: "object" profile: - description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps\nTODO: add a reference link of profile" + description: "Profile indicates the flavor of instance. Example: bx2-8x32\tmeans 8 vCPUs\t32 GB RAM\t16 Gbps" type: "string" providerID: description: "ProviderID is the unique identifier as specified by the cloud provider." @@ -247,7 +247,7 @@ spec: type: "object" type: "array" zone: - description: "Zone is the place where the instance should be created. Example: us-south-3\nTODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2" + description: "Zone is the place where the instance should be created. Example: us-south-3" type: "string" required: - "image" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclusters.yaml index d4ce2bd2d..03679e390 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubevirtclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -67,7 +67,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" @@ -96,7 +96,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" @@ -136,16 +136,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" @@ -160,10 +160,10 @@ spec: attributes: additionalProperties: type: "string" - description: "Attributes is a free form map of attributes an infrastructure provider might use or require." + description: "attributes is a free form map of attributes an infrastructure provider might use or require." type: "object" controlPlane: - description: "ControlPlane determines if this failure domain is suitable for use by control plane machines." + description: "controlPlane determines if this failure domain is suitable for use by control plane machines." type: "boolean" type: "object" description: "FailureDomains don't mean much in CAPD since it's all local, but we can see how the rest of cluster API\nwill use this if we populate it." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclustertemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclustertemplates.yaml index 36dd15bce..d748eefcb 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclustertemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtclustertemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubevirtclustertemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -37,12 +37,12 @@ spec: description: "KubevirtClusterTemplateResource describes the data needed to create a KubevirtCluster from a template." properties: metadata: - description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects\nusers must create. This is a copy of customizable fields from metav1.ObjectMeta.\n\n\nObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` and `MachineSet.Template`,\nwhich are not top-level Kubernetes objects. Given that metav1.ObjectMeta has lots of special cases\nand read-only fields which end up in the generated CRD validation, having it as a subset simplifies\nthe API and some issues that can impact user experience.\n\n\nDuring the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054)\nfor v1alpha2, we noticed a failure would occur running Cluster API test suite against the new CRDs,\nspecifically `spec.metadata.creationTimestamp in body must be of type string: \"null\"`.\nThe investigation showed that `controller-tools@v2` behaves differently than its previous version\nwhen handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) package.\n\n\nIn more details, we found that embedded (non-top level) types that embedded `metav1.ObjectMeta`\nhad validation properties, including for `creationTimestamp` (metav1.Time).\nThe `metav1.Time` type specifies a custom json marshaller that, when IsZero() is true, returns `null`\nwhich breaks validation because the field isn't marked as nullable.\n\n\nIn future versions, controller-tools@v2 might allow overriding the type and validation for embedded\ntypes. When that happens, this hack should be revisited." + description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects\nusers must create. This is a copy of customizable fields from metav1.ObjectMeta.\n\nObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` and `MachineSet.Template`,\nwhich are not top-level Kubernetes objects. Given that metav1.ObjectMeta has lots of special cases\nand read-only fields which end up in the generated CRD validation, having it as a subset simplifies\nthe API and some issues that can impact user experience.\n\nDuring the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054)\nfor v1alpha2, we noticed a failure would occur running Cluster API test suite against the new CRDs,\nspecifically `spec.metadata.creationTimestamp in body must be of type string: \"null\"`.\nThe investigation showed that `controller-tools@v2` behaves differently than its previous version\nwhen handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) package.\n\nIn more details, we found that embedded (non-top level) types that embedded `metav1.ObjectMeta`\nhad validation properties, including for `creationTimestamp` (metav1.Time).\nThe `metav1.Time` type specifies a custom json marshaller that, when IsZero() is true, returns `null`\nwhich breaks validation because the field isn't marked as nullable.\n\nIn future versions, controller-tools@v2 might allow overriding the type and validation for embedded\ntypes. When that happens, this hack should be revisited." properties: annotations: additionalProperties: type: "string" - description: "Annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: http://kubernetes.io/docs/user-guide/annotations" + description: "annotations is an unstructured key value map stored with a resource that may be\nset by external tools to store and retrieve arbitrary metadata. They are not\nqueryable and should be preserved when modifying objects.\nMore info: http://kubernetes.io/docs/user-guide/annotations" type: "object" labels: additionalProperties: @@ -89,7 +89,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" @@ -118,7 +118,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachines.yaml index 939de1f3d..4f14cc33a 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubevirtmachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -46,7 +46,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" @@ -242,7 +242,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -462,21 +462,6 @@ spec: resources: description: "Resources represents the minimum resources the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -590,7 +575,7 @@ spec: description: "Running state indicates the requested running state of the VirtualMachineInstance\nmutually exclusive with Running" type: "string" running: - description: "Running controls whether the associatied VirtualMachineInstance is created or not\nMutually exclusive with RunStrategy" + description: "Running controls whether the associatied VirtualMachineInstance is created or not\nMutually exclusive with RunStrategy\nDeprecated: VirtualMachineInstance field \"Running\" is now deprecated, please use RunStrategy instead." type: "boolean" template: description: "Template is the direct specification of VirtualMachineInstance" @@ -677,6 +662,7 @@ spec: - "source" type: "object" type: "object" + maxItems: 256 type: "array" x-kubernetes-list-type: "atomic" affinity: @@ -859,13 +845,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -964,13 +950,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1068,13 +1054,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1173,13 +1159,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1251,9 +1237,10 @@ spec: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" @@ -1534,6 +1521,7 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" downwardMetrics: description: "DownwardMetrics creates a virtio serials for exposing the downward metrics to the vmi." @@ -1681,19 +1669,19 @@ spec: description: "Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF." type: "string" macvtap: - description: "Deprecated, please refer to Kubevirt user guide for alternatives." + description: "DeprecatedMacvtap is an alias to the deprecated Macvtap interface,\nplease refer to Kubevirt user guide for alternatives.\nDeprecated: Removed in v1.3" type: "object" masquerade: description: "InterfaceMasquerade connects to a given network using netfilter rules to nat the traffic." type: "object" model: - description: "Interface model.\nOne of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio.\nDefaults to virtio.\nTODO:(ihar) switch to enums once opengen-api supports them. See: https://github.com/kubernetes/kube-openapi/issues/51" + description: "Interface model.\nOne of: e1000, e1000e, igb, ne2k_pci, pcnet, rtl8139, virtio.\nDefaults to virtio." type: "string" name: description: "Logical name of the interface as well as a reference to the associated networks.\nMust match the Name of a Network." type: "string" passt: - description: "Deprecated, please refer to Kubevirt user guide for alternatives." + description: "DeprecatedPasst is an alias to the deprecated Passt interface,\nplease refer to Kubevirt user guide for alternatives.\nDeprecated: Removed in v1.3" type: "object" pciAddress: description: "If specified, the virtual network interface will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10" @@ -1718,7 +1706,7 @@ spec: type: "object" type: "array" slirp: - description: "InterfaceSlirp connects to a given network using QEMU user networking mode." + description: "DeprecatedSlirp is an alias to the deprecated Slirp interface\nDeprecated: Removed in v1.3" type: "object" sriov: description: "InterfaceSRIOV connects to a given network by passing-through an SR-IOV PCI device via vfio." @@ -1732,6 +1720,7 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" logSerialConsole: description: "Whether to log the auto-attached default serial console or not.\nSerial console logs will be collect to a file and then streamed from a named `guest-console-log`.\nNot relevant if autoattachSerialConsole is disabled.\nDefaults to cluster wide setting on VirtualMachineOptions." @@ -1916,6 +1905,12 @@ spec: type: "boolean" type: "object" type: "object" + hypervPassthrough: + description: "This enables all supported hyperv flags automatically.\nBear in mind that if this enabled hyperV features cannot\nbe enabled explicitly. In addition, a Virtual Machine\nusing it will be non-migratable." + properties: + enabled: + type: "boolean" + type: "object" kvm: description: "Configure how KVM presence is exposed to the guest." properties: @@ -2168,7 +2163,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported\nTODO: implement a realistic TCP lifecycle hook" + description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported" properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2220,6 +2215,7 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" nodeSelector: additionalProperties: @@ -2300,7 +2296,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported\nTODO: implement a realistic TCP lifecycle hook" + description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported" properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2394,7 +2390,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" @@ -2404,14 +2400,14 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." @@ -2448,7 +2444,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2457,7 +2453,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2482,7 +2478,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2491,7 +2487,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2507,7 +2503,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or it's keys must be defined" @@ -2719,7 +2715,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2728,7 +2724,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2736,11 +2732,15 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" required: - "domain" type: "object" type: "object" + updateVolumesStrategy: + description: "UpdateVolumesStrategy is the strategy to apply on volumes updates" + type: "string" required: - "template" type: "object" @@ -2778,16 +2778,16 @@ spec: description: "A human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: - description: "Severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." + description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." type: "string" status: - description: "Status of the condition, one of True, False, Unknown." + description: "status of the condition, one of True, False, Unknown." type: "string" type: - description: "Type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions\ncan be useful (see .node.status.conditions), the ability to deconflict is important." type: "string" required: - "lastTransitionTime" @@ -2796,10 +2796,10 @@ spec: type: "object" type: "array" failureMessage: - description: "FailureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption.\n\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." + description: "FailureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption.\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." type: "string" failureReason: - description: "FailureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." + description: "FailureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\nThis field should not be set for transitive errors that a controller\nfaces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the Machine's spec or the configuration of\nthe controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the controller, or the\nresponsible controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the Machine object and/or logged in the\ncontroller's output." type: "string" loadBalancerConfigured: description: "LoadBalancerConfigured denotes that the machine has been\nadded to the load balancer" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachinetemplates.yaml index 1e786d756..931fc1b3c 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-kubevirt/infrastructure.cluster.x-k8s.io/v1alpha1/kubevirtmachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "kubevirtmachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -44,7 +44,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" @@ -240,7 +240,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -460,21 +460,6 @@ spec: resources: description: "Resources represents the minimum resources the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -588,7 +573,7 @@ spec: description: "Running state indicates the requested running state of the VirtualMachineInstance\nmutually exclusive with Running" type: "string" running: - description: "Running controls whether the associatied VirtualMachineInstance is created or not\nMutually exclusive with RunStrategy" + description: "Running controls whether the associatied VirtualMachineInstance is created or not\nMutually exclusive with RunStrategy\nDeprecated: VirtualMachineInstance field \"Running\" is now deprecated, please use RunStrategy instead." type: "boolean" template: description: "Template is the direct specification of VirtualMachineInstance" @@ -675,6 +660,7 @@ spec: - "source" type: "object" type: "object" + maxItems: 256 type: "array" x-kubernetes-list-type: "atomic" affinity: @@ -857,13 +843,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -962,13 +948,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1066,13 +1052,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1171,13 +1157,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1249,9 +1235,10 @@ spec: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" @@ -1532,6 +1519,7 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" downwardMetrics: description: "DownwardMetrics creates a virtio serials for exposing the downward metrics to the vmi." @@ -1679,19 +1667,19 @@ spec: description: "Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF." type: "string" macvtap: - description: "Deprecated, please refer to Kubevirt user guide for alternatives." + description: "DeprecatedMacvtap is an alias to the deprecated Macvtap interface,\nplease refer to Kubevirt user guide for alternatives.\nDeprecated: Removed in v1.3" type: "object" masquerade: description: "InterfaceMasquerade connects to a given network using netfilter rules to nat the traffic." type: "object" model: - description: "Interface model.\nOne of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio.\nDefaults to virtio.\nTODO:(ihar) switch to enums once opengen-api supports them. See: https://github.com/kubernetes/kube-openapi/issues/51" + description: "Interface model.\nOne of: e1000, e1000e, igb, ne2k_pci, pcnet, rtl8139, virtio.\nDefaults to virtio." type: "string" name: description: "Logical name of the interface as well as a reference to the associated networks.\nMust match the Name of a Network." type: "string" passt: - description: "Deprecated, please refer to Kubevirt user guide for alternatives." + description: "DeprecatedPasst is an alias to the deprecated Passt interface,\nplease refer to Kubevirt user guide for alternatives.\nDeprecated: Removed in v1.3" type: "object" pciAddress: description: "If specified, the virtual network interface will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10" @@ -1716,7 +1704,7 @@ spec: type: "object" type: "array" slirp: - description: "InterfaceSlirp connects to a given network using QEMU user networking mode." + description: "DeprecatedSlirp is an alias to the deprecated Slirp interface\nDeprecated: Removed in v1.3" type: "object" sriov: description: "InterfaceSRIOV connects to a given network by passing-through an SR-IOV PCI device via vfio." @@ -1730,6 +1718,7 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" logSerialConsole: description: "Whether to log the auto-attached default serial console or not.\nSerial console logs will be collect to a file and then streamed from a named `guest-console-log`.\nNot relevant if autoattachSerialConsole is disabled.\nDefaults to cluster wide setting on VirtualMachineOptions." @@ -1914,6 +1903,12 @@ spec: type: "boolean" type: "object" type: "object" + hypervPassthrough: + description: "This enables all supported hyperv flags automatically.\nBear in mind that if this enabled hyperV features cannot\nbe enabled explicitly. In addition, a Virtual Machine\nusing it will be non-migratable." + properties: + enabled: + type: "boolean" + type: "object" kvm: description: "Configure how KVM presence is exposed to the guest." properties: @@ -2166,7 +2161,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported\nTODO: implement a realistic TCP lifecycle hook" + description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported" properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2218,6 +2213,7 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" nodeSelector: additionalProperties: @@ -2298,7 +2294,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported\nTODO: implement a realistic TCP lifecycle hook" + description: "TCPSocket specifies an action involving a TCP port.\nTCP hooks not yet supported" properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2392,7 +2388,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" @@ -2402,14 +2398,14 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." @@ -2446,7 +2442,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2455,7 +2451,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2480,7 +2476,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2489,7 +2485,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2505,7 +2501,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or it's keys must be defined" @@ -2717,7 +2713,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2726,7 +2722,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2734,11 +2730,15 @@ spec: required: - "name" type: "object" + maxItems: 256 type: "array" required: - "domain" type: "object" type: "object" + updateVolumesStrategy: + description: "UpdateVolumesStrategy is the strategy to apply on volumes updates" + type: "string" required: - "template" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusteridentities.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusteridentities.yaml index 30cd14afa..764df90de 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusteridentities.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusteridentities.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclusteridentities.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusters.yaml index 119dfa90f..e8d1c042e 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vsphereclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheredeploymentzones.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheredeploymentzones.yaml index feb4c6361..7dbd228f5 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheredeploymentzones.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheredeploymentzones.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheredeploymentzones.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherefailuredomains.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherefailuredomains.yaml index 6e0769b75..84a3cf4fb 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherefailuredomains.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherefailuredomains.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspherefailuredomains.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachines.yaml index d8ea5f137..b99d8b191 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheremachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachinetemplates.yaml index 689b043ce..1e95cdf3b 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspheremachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheremachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherevms.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherevms.yaml index ba7feb723..89937d358 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherevms.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha3/vspherevms.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspherevms.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusteridentities.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusteridentities.yaml index 26eac4da0..62e658585 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusteridentities.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusteridentities.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclusteridentities.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusters.yaml index ebbf9f10d..c100930f5 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclustertemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclustertemplates.yaml index 166a91f1d..c6c57e3de 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclustertemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vsphereclustertemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclustertemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheredeploymentzones.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheredeploymentzones.yaml index d471d1ce1..91382b840 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheredeploymentzones.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheredeploymentzones.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheredeploymentzones.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherefailuredomains.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherefailuredomains.yaml index bbd8ccb1d..696307fe0 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherefailuredomains.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherefailuredomains.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspherefailuredomains.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachines.yaml index 78c5230e9..e84d0a07b 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheremachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachinetemplates.yaml index 4eee69bff..29ad9c4bb 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspheremachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheremachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherevms.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherevms.yaml index 510e16408..d3c5c3900 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherevms.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1alpha4/vspherevms.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspherevms.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusteridentities.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusteridentities.yaml index 4f1a04a2c..b3bfb38b4 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusteridentities.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusteridentities.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclusteridentities.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -82,14 +82,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusters.yaml index 221bfd855..710a251a1 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclusters.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -152,14 +152,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclustertemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclustertemplates.yaml index e3d51a3c1..32a295830 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclustertemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vsphereclustertemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vsphereclustertemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheredeploymentzones.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheredeploymentzones.yaml index 0698d9e6e..897eb3da3 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheredeploymentzones.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheredeploymentzones.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheredeploymentzones.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -62,14 +62,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherefailuredomains.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherefailuredomains.yaml index 74268755b..4d4a478c1 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherefailuredomains.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherefailuredomains.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspherefailuredomains.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -80,6 +80,119 @@ spec: - "hostGroupName" - "vmGroupName" type: "object" + networkConfigurations: + description: "NetworkConfigurations is a list of network configurations within this failure domain." + items: + description: "NetworkConfiguration defines a network configuration that should be used when consuming\na failure domain." + properties: + addressesFromPools: + description: "AddressesFromPools is a list of IPAddressPools that should be assigned\nto IPAddressClaims. The machine's cloud-init metadata will be populated\nwith IPAddresses fulfilled by an IPAM provider." + items: + description: "TypedLocalObjectReference contains enough information to let you locate the\ntyped referenced object inside the same namespace." + properties: + apiGroup: + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." + type: "string" + kind: + description: "Kind is the type of resource being referenced" + type: "string" + name: + description: "Name is the name of resource being referenced" + type: "string" + required: + - "kind" + - "name" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + dhcp4: + description: "DHCP4 is a flag that indicates whether or not to use DHCP for IPv4." + type: "boolean" + dhcp4Overrides: + description: "DHCP4Overrides allows for the control over several DHCP behaviors.\nOverrides will only be applied when the corresponding DHCP flag is set.\nOnly configured values will be sent, omitted values will default to\ndistribution defaults.\nDependent on support in the network stack for your distribution.\nFor more information see the netplan reference (https://netplan.io/reference#dhcp-overrides)" + properties: + hostname: + description: "Hostname is the name which will be sent to the DHCP server instead of\nthe machine's hostname." + type: "string" + routeMetric: + description: "RouteMetric is used to prioritize routes for devices. A lower metric for\nan interface will have a higher priority." + type: "integer" + sendHostname: + description: "SendHostname when `true`, the hostname of the machine will be sent to the\nDHCP server." + type: "boolean" + useDNS: + description: "UseDNS when `true`, the DNS servers in the DHCP server will be used and\ntake precedence." + type: "boolean" + useDomains: + description: "UseDomains can take the values `true`, `false`, or `route`. When `true`,\nthe domain name from the DHCP server will be used as the DNS search\ndomain for this device. When `route`, the domain name from the DHCP\nresponse will be used for routing DNS only, not for searching." + type: "string" + useHostname: + description: "UseHostname when `true`, the hostname from the DHCP server will be set\nas the transient hostname of the machine." + type: "boolean" + useMTU: + description: "UseMTU when `true`, the MTU from the DHCP server will be set as the\nMTU of the device." + type: "boolean" + useNTP: + description: "UseNTP when `true`, the NTP servers from the DHCP server will be used\nby systemd-timesyncd and take precedence." + type: "boolean" + useRoutes: + description: "UseRoutes when `true`, the routes from the DHCP server will be installed\nin the routing table." + type: "string" + type: "object" + dhcp6: + description: "DHCP6 is a flag that indicates whether or not to use DHCP for IPv6." + type: "boolean" + dhcp6Overrides: + description: "DHCP6Overrides allows for the control over several DHCP behaviors.\nOverrides will only be applied when the corresponding DHCP flag is set.\nOnly configured values will be sent, omitted values will default to\ndistribution defaults.\nDependent on support in the network stack for your distribution.\nFor more information see the netplan reference (https://netplan.io/reference#dhcp-overrides)" + properties: + hostname: + description: "Hostname is the name which will be sent to the DHCP server instead of\nthe machine's hostname." + type: "string" + routeMetric: + description: "RouteMetric is used to prioritize routes for devices. A lower metric for\nan interface will have a higher priority." + type: "integer" + sendHostname: + description: "SendHostname when `true`, the hostname of the machine will be sent to the\nDHCP server." + type: "boolean" + useDNS: + description: "UseDNS when `true`, the DNS servers in the DHCP server will be used and\ntake precedence." + type: "boolean" + useDomains: + description: "UseDomains can take the values `true`, `false`, or `route`. When `true`,\nthe domain name from the DHCP server will be used as the DNS search\ndomain for this device. When `route`, the domain name from the DHCP\nresponse will be used for routing DNS only, not for searching." + type: "string" + useHostname: + description: "UseHostname when `true`, the hostname from the DHCP server will be set\nas the transient hostname of the machine." + type: "boolean" + useMTU: + description: "UseMTU when `true`, the MTU from the DHCP server will be set as the\nMTU of the device." + type: "boolean" + useNTP: + description: "UseNTP when `true`, the NTP servers from the DHCP server will be used\nby systemd-timesyncd and take precedence." + type: "boolean" + useRoutes: + description: "UseRoutes when `true`, the routes from the DHCP server will be installed\nin the routing table." + type: "string" + type: "object" + nameservers: + description: "Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS\nnameservers.\nPlease note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf)." + items: + type: "string" + type: "array" + networkName: + description: "NetworkName is the network name for this machine's VM." + type: "string" + searchDomains: + description: "SearchDomains is a list of search domains used when resolving IP\naddresses with DNS." + items: + type: "string" + type: "array" + required: + - "networkName" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "networkName" + x-kubernetes-list-type: "map" networks: description: "Networks is the list of networks within this failure domain" items: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml index 1edd5869a..62b10dc22 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheremachines.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -67,11 +67,39 @@ spec: type: "string" description: "CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM\nDefaults to empty map" type: "object" + dataDisks: + description: "DataDisks are additional disks to add to the VM that are not part of the VM's OVA template." + items: + description: "VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template." + properties: + name: + description: "Name is used to identify the disk definition. Name is required and needs to be unique so that it can be used to\nclearly identify purpose of the disk." + type: "string" + provisioningMode: + description: "ProvisioningMode specifies the provisioning type to be used by this vSphere data disk.\nIf not set, the setting will be provided by the default storage policy." + enum: + - "Thin" + - "Thick" + - "EagerlyZeroed" + type: "string" + sizeGiB: + description: "SizeGiB is the size of the disk in GiB." + format: "int32" + type: "integer" + required: + - "name" + - "sizeGiB" + type: "object" + maxItems: 29 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" datacenter: - description: "Datacenter is the name or inventory path of the datacenter in which the\nvirtual machine is created/located.\nDefaults to * which selects the default datacenter." + description: "Datacenter is the name, inventory path, managed object reference or the managed\nobject ID of the datacenter in which the virtual machine is created/located.\nDefaults to * which selects the default datacenter." type: "string" datastore: - description: "Datastore is the name or inventory path of the datastore in which the\nvirtual machine is created/located." + description: "Datastore is the name, inventory path, managed object reference or the managed\nobject ID of the datastore in which the virtual machine is created/located." type: "string" diskGiB: description: "DiskGiB is the size of a virtual machine's disk, in GiB.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." @@ -81,7 +109,7 @@ spec: description: "FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.\nFor this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone." type: "string" folder: - description: "Folder is the name or inventory path of the folder in which the\nvirtual machine is created/located." + description: "Folder is the name, inventory path, managed object reference or the managed\nobject ID of the folder in which the virtual machine is created/located." type: "string" guestSoftPowerOffTimeout: description: "GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest.\nThe VM will be powered off forcibly after the timeout if the VM is still\nup and running when the PowerOffMode is set to trySoft.\n\nThis parameter only applies when the PowerOffMode is set to trySoft.\n\nIf omitted, the timeout defaults to 5 minutes." @@ -93,6 +121,13 @@ spec: description: "MemoryMiB is the size of a virtual machine's memory, in MiB.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." format: "int64" type: "integer" + namingStrategy: + description: "NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM." + properties: + template: + description: "Template defines the template to use for generating the name of the VSphereVM object.\nIf not defined, it will fall back to `{{ .machine.name }}`.\nThe templating has the following data available:\n* `.machine.name`: The name of the Machine object.\nThe templating also has the following funcs available:\n* `trimSuffix`: same as strings.TrimSuffix\n* `trunc`: truncates a string, e.g. `trunc 2 \"hello\"` or `trunc -2 \"hello\"`\nNotes:\n* While the template offers some flexibility, we would like the name to link to the Machine name\n to ensure better user experience when troubleshooting\n* Generated names must be valid Kubernetes names as they are used to create a VSphereVM object\n and usually also as the name of the Node object.\n* Names are automatically truncated at 63 characters. Please note that this can lead to name conflicts,\n so we highly recommend to use a template which leads to a name shorter than 63 characters." + type: "string" + type: "object" network: description: "Network is the network configuration for this machine's VM." properties: @@ -216,7 +251,7 @@ spec: type: "string" type: "array" networkName: - description: "NetworkName is the name of the vSphere network to which the device\nwill be connected." + description: "NetworkName is the name, managed object reference or the managed\nobject ID of the vSphere network to which the device will be connected." type: "string" routes: description: "Routes is a list of optional, static routes applied to the device." @@ -322,7 +357,7 @@ spec: description: "ProviderID is the virtual machine's BIOS UUID formated as\nvsphere://12345678-1234-1234-1234-123456789abc" type: "string" resourcePool: - description: "ResourcePool is the name or inventory path of the resource pool in which\nthe virtual machine is created/located." + description: "ResourcePool is the name, inventory path, managed object reference or the managed\nobject ID in which the virtual machine is created/located." type: "string" server: description: "Server is the IP address or FQDN of the vSphere server on which\nthe virtual machine is created/located." @@ -339,7 +374,7 @@ spec: type: "string" type: "array" template: - description: "Template is the name or inventory path of the template used to clone\nthe virtual machine." + description: "Template is the name, inventory path, managed object reference or the managed\nobject ID of the template used to clone the virtual machine." minLength: 1 type: "string" thumbprint: @@ -358,10 +393,10 @@ spec: description: "MachineAddress contains information for the node's address." properties: address: - description: "The machine address." + description: "address is the machine address." type: "string" type: - description: "Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS." + description: "type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS." type: "string" required: - "address" @@ -374,14 +409,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml index 9eec43f1e..f49591a13 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspheremachinetemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspheremachinetemplates.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -45,7 +45,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" spec: @@ -65,11 +65,39 @@ spec: type: "string" description: "CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM\nDefaults to empty map" type: "object" + dataDisks: + description: "DataDisks are additional disks to add to the VM that are not part of the VM's OVA template." + items: + description: "VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template." + properties: + name: + description: "Name is used to identify the disk definition. Name is required and needs to be unique so that it can be used to\nclearly identify purpose of the disk." + type: "string" + provisioningMode: + description: "ProvisioningMode specifies the provisioning type to be used by this vSphere data disk.\nIf not set, the setting will be provided by the default storage policy." + enum: + - "Thin" + - "Thick" + - "EagerlyZeroed" + type: "string" + sizeGiB: + description: "SizeGiB is the size of the disk in GiB." + format: "int32" + type: "integer" + required: + - "name" + - "sizeGiB" + type: "object" + maxItems: 29 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" datacenter: - description: "Datacenter is the name or inventory path of the datacenter in which the\nvirtual machine is created/located.\nDefaults to * which selects the default datacenter." + description: "Datacenter is the name, inventory path, managed object reference or the managed\nobject ID of the datacenter in which the virtual machine is created/located.\nDefaults to * which selects the default datacenter." type: "string" datastore: - description: "Datastore is the name or inventory path of the datastore in which the\nvirtual machine is created/located." + description: "Datastore is the name, inventory path, managed object reference or the managed\nobject ID of the datastore in which the virtual machine is created/located." type: "string" diskGiB: description: "DiskGiB is the size of a virtual machine's disk, in GiB.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." @@ -79,7 +107,7 @@ spec: description: "FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API.\nFor this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone." type: "string" folder: - description: "Folder is the name or inventory path of the folder in which the\nvirtual machine is created/located." + description: "Folder is the name, inventory path, managed object reference or the managed\nobject ID of the folder in which the virtual machine is created/located." type: "string" guestSoftPowerOffTimeout: description: "GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest.\nThe VM will be powered off forcibly after the timeout if the VM is still\nup and running when the PowerOffMode is set to trySoft.\n\nThis parameter only applies when the PowerOffMode is set to trySoft.\n\nIf omitted, the timeout defaults to 5 minutes." @@ -91,6 +119,13 @@ spec: description: "MemoryMiB is the size of a virtual machine's memory, in MiB.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." format: "int64" type: "integer" + namingStrategy: + description: "NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM." + properties: + template: + description: "Template defines the template to use for generating the name of the VSphereVM object.\nIf not defined, it will fall back to `{{ .machine.name }}`.\nThe templating has the following data available:\n* `.machine.name`: The name of the Machine object.\nThe templating also has the following funcs available:\n* `trimSuffix`: same as strings.TrimSuffix\n* `trunc`: truncates a string, e.g. `trunc 2 \"hello\"` or `trunc -2 \"hello\"`\nNotes:\n* While the template offers some flexibility, we would like the name to link to the Machine name\n to ensure better user experience when troubleshooting\n* Generated names must be valid Kubernetes names as they are used to create a VSphereVM object\n and usually also as the name of the Node object.\n* Names are automatically truncated at 63 characters. Please note that this can lead to name conflicts,\n so we highly recommend to use a template which leads to a name shorter than 63 characters." + type: "string" + type: "object" network: description: "Network is the network configuration for this machine's VM." properties: @@ -214,7 +249,7 @@ spec: type: "string" type: "array" networkName: - description: "NetworkName is the name of the vSphere network to which the device\nwill be connected." + description: "NetworkName is the name, managed object reference or the managed\nobject ID of the vSphere network to which the device will be connected." type: "string" routes: description: "Routes is a list of optional, static routes applied to the device." @@ -320,7 +355,7 @@ spec: description: "ProviderID is the virtual machine's BIOS UUID formated as\nvsphere://12345678-1234-1234-1234-123456789abc" type: "string" resourcePool: - description: "ResourcePool is the name or inventory path of the resource pool in which\nthe virtual machine is created/located." + description: "ResourcePool is the name, inventory path, managed object reference or the managed\nobject ID in which the virtual machine is created/located." type: "string" server: description: "Server is the IP address or FQDN of the vSphere server on which\nthe virtual machine is created/located." @@ -337,7 +372,7 @@ spec: type: "string" type: "array" template: - description: "Template is the name or inventory path of the template used to clone\nthe virtual machine." + description: "Template is the name, inventory path, managed object reference or the managed\nobject ID of the template used to clone the virtual machine." minLength: 1 type: "string" thumbprint: diff --git a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml index 183f024af..81a836963 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api-provider-vsphere/infrastructure.cluster.x-k8s.io/v1beta1/vspherevms.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.3" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "vspherevms.infrastructure.cluster.x-k8s.io" spec: group: "infrastructure.cluster.x-k8s.io" @@ -74,18 +74,46 @@ spec: type: "string" description: "CustomVMXKeys is a dictionary of advanced VMX options that can be set on VM\nDefaults to empty map" type: "object" + dataDisks: + description: "DataDisks are additional disks to add to the VM that are not part of the VM's OVA template." + items: + description: "VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template." + properties: + name: + description: "Name is used to identify the disk definition. Name is required and needs to be unique so that it can be used to\nclearly identify purpose of the disk." + type: "string" + provisioningMode: + description: "ProvisioningMode specifies the provisioning type to be used by this vSphere data disk.\nIf not set, the setting will be provided by the default storage policy." + enum: + - "Thin" + - "Thick" + - "EagerlyZeroed" + type: "string" + sizeGiB: + description: "SizeGiB is the size of the disk in GiB." + format: "int32" + type: "integer" + required: + - "name" + - "sizeGiB" + type: "object" + maxItems: 29 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" datacenter: - description: "Datacenter is the name or inventory path of the datacenter in which the\nvirtual machine is created/located.\nDefaults to * which selects the default datacenter." + description: "Datacenter is the name, inventory path, managed object reference or the managed\nobject ID of the datacenter in which the virtual machine is created/located.\nDefaults to * which selects the default datacenter." type: "string" datastore: - description: "Datastore is the name or inventory path of the datastore in which the\nvirtual machine is created/located." + description: "Datastore is the name, inventory path, managed object reference or the managed\nobject ID of the datastore in which the virtual machine is created/located." type: "string" diskGiB: description: "DiskGiB is the size of a virtual machine's disk, in GiB.\nDefaults to the eponymous property value in the template from which the\nvirtual machine is cloned." format: "int32" type: "integer" folder: - description: "Folder is the name or inventory path of the folder in which the\nvirtual machine is created/located." + description: "Folder is the name, inventory path, managed object reference or the managed\nobject ID of the folder in which the virtual machine is created/located." type: "string" guestSoftPowerOffTimeout: description: "GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest.\nThe VM will be powered off forcibly after the timeout if the VM is still\nup and running when the PowerOffMode is set to trySoft.\n\nThis parameter only applies when the PowerOffMode is set to trySoft.\n\nIf omitted, the timeout defaults to 5 minutes." @@ -220,7 +248,7 @@ spec: type: "string" type: "array" networkName: - description: "NetworkName is the name of the vSphere network to which the device\nwill be connected." + description: "NetworkName is the name, managed object reference or the managed\nobject ID of the vSphere network to which the device will be connected." type: "string" routes: description: "Routes is a list of optional, static routes applied to the device." @@ -323,7 +351,7 @@ spec: - "trySoft" type: "string" resourcePool: - description: "ResourcePool is the name or inventory path of the resource pool in which\nthe virtual machine is created/located." + description: "ResourcePool is the name, inventory path, managed object reference or the managed\nobject ID in which the virtual machine is created/located." type: "string" server: description: "Server is the IP address or FQDN of the vSphere server on which\nthe virtual machine is created/located." @@ -340,7 +368,7 @@ spec: type: "string" type: "array" template: - description: "Template is the name or inventory path of the template used to clone\nthe virtual machine." + description: "Template is the name, inventory path, managed object reference or the managed\nobject ID of the template used to clone the virtual machine." minLength: 1 type: "string" thumbprint: @@ -367,14 +395,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesetbindings.yaml b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesetbindings.yaml index 663e027f2..98be0b14f 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesetbindings.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesetbindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterresourcesetbindings.addons.cluster.x-k8s.io" spec: group: "addons.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesets.yaml b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesets.yaml index 1629f5221..72865b871 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesets.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha3/clusterresourcesets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterresourcesets.addons.cluster.x-k8s.io" spec: group: "addons.cluster.x-k8s.io" @@ -33,7 +33,7 @@ spec: description: "ClusterResourceSetSpec defines the desired state of ClusterResourceSet." properties: clusterSelector: - description: "Label selector for Clusters. The Clusters that are\nselected by this will be the ones affected by this ClusterResourceSet.\nIt must match the Cluster labels. This field is immutable." + description: "clusterSelector is the label selector for Clusters. The Clusters that are\nselected by this will be the ones affected by this ClusterResourceSet.\nIt must match the Cluster labels. This field is immutable." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -102,14 +102,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesetbindings.yaml b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesetbindings.yaml index fb5d7a1c7..a61e643c6 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesetbindings.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesetbindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterresourcesetbindings.addons.cluster.x-k8s.io" spec: group: "addons.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesets.yaml b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesets.yaml index 028921cdc..625e5ac01 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesets.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1alpha4/clusterresourcesets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterresourcesets.addons.cluster.x-k8s.io" spec: group: "addons.cluster.x-k8s.io" @@ -38,7 +38,7 @@ spec: description: "ClusterResourceSetSpec defines the desired state of ClusterResourceSet." properties: clusterSelector: - description: "Label selector for Clusters. The Clusters that are\nselected by this will be the ones affected by this ClusterResourceSet.\nIt must match the Cluster labels. This field is immutable.\nLabel selector cannot be empty." + description: "clusterSelector is the label selector for Clusters. The Clusters that are\nselected by this will be the ones affected by this ClusterResourceSet.\nIt must match the Cluster labels. This field is immutable.\nLabel selector cannot be empty." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -107,14 +107,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesetbindings.yaml b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesetbindings.yaml index 7acfb4c13..d344e70eb 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesetbindings.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesetbindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterresourcesetbindings.addons.cluster.x-k8s.io" spec: group: "addons.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesets.yaml b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesets.yaml index f8bee50e3..9ec8b2511 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesets.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/addons.cluster.x-k8s.io/v1beta1/clusterresourcesets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterresourcesets.addons.cluster.x-k8s.io" spec: group: "addons.cluster.x-k8s.io" @@ -23,7 +23,7 @@ spec: name: "v1beta1" schema: openAPIV3Schema: - description: "ClusterResourceSet is the Schema for the clusterresourcesets API." + description: "ClusterResourceSet is the Schema for the clusterresourcesets API.\nFor advanced use cases an add-on provider should be used instead." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -37,7 +37,7 @@ spec: description: "ClusterResourceSetSpec defines the desired state of ClusterResourceSet." properties: clusterSelector: - description: "Label selector for Clusters. The Clusters that are\nselected by this will be the ones affected by this ClusterResourceSet.\nIt must match the Cluster labels. This field is immutable.\nLabel selector cannot be empty." + description: "clusterSelector is the label selector for Clusters. The Clusters that are\nselected by this will be the ones affected by this ClusterResourceSet.\nIt must match the Cluster labels. This field is immutable.\nLabel selector cannot be empty." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -107,14 +107,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/clusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/clusters.yaml index 48cceed68..6c9e06111 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/clusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/clusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusters.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -40,16 +40,17 @@ spec: description: "ClusterSpec defines the desired state of Cluster." properties: clusterNetwork: - description: "Cluster network configuration." + description: "clusterNetwork is the cluster network configuration." properties: apiServerPort: description: "apiServerPort specifies the port the API Server should bind to.\nDefaults to 6443." format: "int32" type: "integer" pods: - description: "The network ranges from which Pod networks are allocated." + description: "pods is the network ranges from which Pod networks are allocated." properties: cidrBlocks: + description: "cidrBlocks is a list of CIDR blocks." items: type: "string" type: "array" @@ -57,12 +58,13 @@ spec: - "cidrBlocks" type: "object" serviceDomain: - description: "Domain name for services." + description: "serviceDomain is the domain name for services." type: "string" services: - description: "The network ranges from which service VIPs are allocated." + description: "services is the network ranges from which service VIPs are allocated." properties: cidrBlocks: + description: "cidrBlocks is a list of CIDR blocks." items: type: "string" type: "array" @@ -74,10 +76,10 @@ spec: description: "controlPlaneEndpoint represents the endpoint used to communicate with the control plane." properties: host: - description: "The hostname on which the API server is serving." + description: "host is the hostname on which the API server is serving." type: "string" port: - description: "The port on which the API server is serving." + description: "port is the port on which the API server is serving." format: "int32" type: "integer" required: @@ -149,14 +151,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinedeployments.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinedeployments.yaml index 06ea52c92..7d262acaa 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinedeployments.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinedeployments.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinedeployments.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -60,26 +60,26 @@ spec: minLength: 1 type: "string" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" + description: "minReadySeconds is the minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" format: "int32" type: "integer" paused: - description: "Indicates that the deployment is paused." + description: "paused indicates that the deployment is paused." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for a deployment to make progress before it\nis considered to be failed. The deployment controller will continue to\nprocess failed deployments and a condition with a ProgressDeadlineExceeded\nreason will be surfaced in the deployment status. Note that progress will\nnot be estimated during the time a deployment is paused. Defaults to 600s." + description: "progressDeadlineSeconds is the maximum time in seconds for a deployment to make progress before it\nis considered to be failed. The deployment controller will continue to\nprocess failed deployments and a condition with a ProgressDeadlineExceeded\nreason will be surfaced in the deployment status. Note that progress will\nnot be estimated during the time a deployment is paused. Defaults to 600s." format: "int32" type: "integer" replicas: - description: "Number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." + description: "replicas is the number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." format: "int32" type: "integer" revisionHistoryLimit: - description: "The number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1." + description: "revisionHistoryLimit is the number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1." format: "int32" type: "integer" selector: - description: "Label selector for machines. Existing MachineSets whose machines are\nselected by this will be the ones affected by this deployment.\nIt must match the machine template's labels." + description: "selector is the label selector for machines. Existing MachineSets whose machines are\nselected by this will be the ones affected by this deployment.\nIt must match the machine template's labels." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -112,22 +112,22 @@ spec: type: "object" x-kubernetes-map-type: "atomic" strategy: - description: "The deployment strategy to use to replace existing machines with\nnew ones." + description: "strategy is the deployment strategy to use to replace existing machines with\nnew ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." + description: "rollingUpdate is the rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." properties: maxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." + description: "maxSurge is the maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." + description: "maxUnavailable is the maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." x-kubernetes-int-or-string: true type: "object" type: @@ -151,7 +151,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" name: description: "name must be unique within a namespace. Is required when creating resources, although\nsome resources may allow a client to request the generation of an appropriate name\nautomatically. Name is primarily intended for creation idempotence and configuration\ndefinition.\nCannot be updated.\nMore info: http://kubernetes.io/docs/user-guide/identifiers#names\n\nDeprecated: This field has no function and is going to be removed in a next release." @@ -160,7 +160,7 @@ spec: description: "namespace defines the space within each name must be unique. An empty namespace is\nequivalent to the \"default\" namespace, but \"default\" is the canonical representation.\nNot all objects are required to be scoped to a namespace - the value of this field for\nthose objects will be empty.\n\nMust be a DNS_LABEL.\nCannot be updated.\nMore info: http://kubernetes.io/docs/user-guide/namespaces\n\nDeprecated: This field has no function and is going to be removed in a next release." type: "string" ownerReferences: - description: "List of objects depended by this object. If ALL objects in the list have\nbeen deleted, this object will be garbage collected. If this object is managed by a controller,\nthen an entry in this list will point to this controller, with the controller field set to true.\nThere cannot be more than one managing controller.\n\nDeprecated: This field has no function and is going to be removed in a next release." + description: "ownerReferences is the list of objects depended by this object. If ALL objects in the list have\nbeen deleted, this object will be garbage collected. If this object is managed by a controller,\nthen an entry in this list will point to this controller, with the controller field set to true.\nThere cannot be more than one managing controller.\n\nDeprecated: This field has no function and is going to be removed in a next release." items: description: "OwnerReference contains enough information to let you identify an owning\nobject. An owning object must be in the same namespace as the dependent, or\nbe cluster-scoped, so there is no namespace field." properties: @@ -192,7 +192,7 @@ spec: type: "array" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -287,33 +287,33 @@ spec: description: "MachineDeploymentStatus defines the observed state of MachineDeployment." properties: availableReplicas: - description: "Total number of available machines (ready for at least minReadySeconds)\ntargeted by this deployment." + description: "availableReplicas is the total number of available machines (ready for at least minReadySeconds)\ntargeted by this deployment." format: "int32" type: "integer" observedGeneration: - description: "The generation observed by the deployment controller." + description: "observedGeneration is the generation observed by the deployment controller." format: "int64" type: "integer" phase: description: "phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown)." type: "string" readyReplicas: - description: "Total number of ready machines targeted by this deployment." + description: "readyReplicas is the total number of ready machines targeted by this deployment." format: "int32" type: "integer" replicas: - description: "Total number of non-terminated machines targeted by this deployment\n(their labels match the selector)." + description: "replicas is the total number of non-terminated machines targeted by this deployment\n(their labels match the selector)." format: "int32" type: "integer" selector: description: "selector is the same as the label selector but in the string format to avoid introspection\nby clients. The string will be in the same format as the query-param syntax.\nMore info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors" type: "string" unavailableReplicas: - description: "Total number of unavailable machines targeted by this deployment.\nThis is the total number of machines that are still required for\nthe deployment to have 100% available capacity. They may either\nbe machines that are running but not yet available or machines\nthat still have not been created." + description: "unavailableReplicas is the total number of unavailable machines targeted by this deployment.\nThis is the total number of machines that are still required for\nthe deployment to have 100% available capacity. They may either\nbe machines that are running but not yet available or machines\nthat still have not been created." format: "int32" type: "integer" updatedReplicas: - description: "Total number of non-terminated machines targeted by this deployment\nthat have the desired template spec." + description: "updatedReplicas is the total number of non-terminated machines targeted by this deployment\nthat have the desired template spec." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinehealthchecks.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinehealthchecks.yaml index 00d57a260..4b8085026 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinehealthchecks.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinehealthchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinehealthchecks.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -46,7 +46,7 @@ spec: metadata: type: "object" spec: - description: "Specification of machine health check policy" + description: "spec is the specification of machine health check policy" properties: clusterName: description: "clusterName is the name of the Cluster this object belongs to." @@ -56,10 +56,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy." + description: "maxUnhealthy specifies the maximum number of unhealthy machines allowed.\nAny further remediation is only allowed if at most \"maxUnhealthy\" machines selected by\n\"selector\" are not healthy." x-kubernetes-int-or-string: true nodeStartupTimeout: - description: "Machines older than this duration without a node will be considered to have\nfailed and will be remediated." + description: "nodeStartupTimeout is the duration after which machines without a node will be considered to\nhave failed and will be remediated." type: "string" remediationTemplate: description: "remediationTemplate is a reference to a remediation template\nprovided by an infrastructure provider.\n\nThis field is completely optional, when filled, the MachineHealthCheck controller\ncreates a new object from the template referenced and hands off remediation of the machine to\na controller that lives outside of Cluster API." @@ -88,7 +88,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" selector: - description: "Label selector to match machines whose health will be exercised" + description: "selector is the label selector to match machines whose health will be exercised" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -126,11 +126,14 @@ spec: description: "UnhealthyCondition represents a Node condition type and value with a timeout\nspecified as a duration. When the named condition has been in the given\nstatus for at least the timeout value, a node is considered unhealthy." properties: status: + description: "status of the condition, one of True, False, Unknown." minLength: 1 type: "string" timeout: + description: "timeout is the duration that a node must be in a given status for,\nafter which the node is considered unhealthy.\nFor example, with a value of \"1h\", the node must match the status\nfor at least 1 hour before being considered unhealthy." type: "string" type: + description: "type of Node condition" minLength: 1 type: "string" required: @@ -146,7 +149,7 @@ spec: - "unhealthyConditions" type: "object" status: - description: "Most recently observed status of MachineHealthCheck resource" + description: "status is the most recently observed status of MachineHealthCheck resource" properties: conditions: description: "conditions defines current service state of the MachineHealthCheck." @@ -154,14 +157,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -178,12 +181,12 @@ spec: type: "object" type: "array" currentHealthy: - description: "total number of healthy machines counted by this machine health check" + description: "currentHealthy is the total number of healthy machines counted by this machine health check" format: "int32" minimum: 0.0 type: "integer" expectedMachines: - description: "total number of machines counted by this machine health check" + description: "expectedMachines is the total number of machines counted by this machine health check" format: "int32" minimum: 0.0 type: "integer" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinepools.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinepools.yaml index eefccb80e..801251016 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinepools.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinepools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinepools.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -57,7 +57,7 @@ spec: type: "string" type: "array" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine instances should\nbe ready.\nDefaults to 0 (machine instance will be considered available as soon as it\nis ready)" + description: "minReadySeconds is the minimum number of seconds for which a newly created machine instances should\nbe ready.\nDefaults to 0 (machine instance will be considered available as soon as it\nis ready)" format: "int32" type: "integer" providerIDList: @@ -66,26 +66,26 @@ spec: type: "string" type: "array" replicas: - description: "Number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." + description: "replicas is the number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." format: "int32" type: "integer" strategy: - description: "The deployment strategy to use to replace existing machine instances with\nnew ones." + description: "strategy is the deployment strategy to use to replace existing machine instances with\nnew ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." + description: "rollingUpdate is the rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." properties: maxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." + description: "maxSurge is the maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." + description: "maxUnavailable is the maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." x-kubernetes-int-or-string: true type: "object" type: @@ -109,7 +109,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" name: description: "name must be unique within a namespace. Is required when creating resources, although\nsome resources may allow a client to request the generation of an appropriate name\nautomatically. Name is primarily intended for creation idempotence and configuration\ndefinition.\nCannot be updated.\nMore info: http://kubernetes.io/docs/user-guide/identifiers#names\n\nDeprecated: This field has no function and is going to be removed in a next release." @@ -118,7 +118,7 @@ spec: description: "namespace defines the space within each name must be unique. An empty namespace is\nequivalent to the \"default\" namespace, but \"default\" is the canonical representation.\nNot all objects are required to be scoped to a namespace - the value of this field for\nthose objects will be empty.\n\nMust be a DNS_LABEL.\nCannot be updated.\nMore info: http://kubernetes.io/docs/user-guide/namespaces\n\nDeprecated: This field has no function and is going to be removed in a next release." type: "string" ownerReferences: - description: "List of objects depended by this object. If ALL objects in the list have\nbeen deleted, this object will be garbage collected. If this object is managed by a controller,\nthen an entry in this list will point to this controller, with the controller field set to true.\nThere cannot be more than one managing controller.\n\nDeprecated: This field has no function and is going to be removed in a next release." + description: "ownerReferences is the list of objects depended by this object. If ALL objects in the list have\nbeen deleted, this object will be garbage collected. If this object is managed by a controller,\nthen an entry in this list will point to this controller, with the controller field set to true.\nThere cannot be more than one managing controller.\n\nDeprecated: This field has no function and is going to be removed in a next release." items: description: "OwnerReference contains enough information to let you identify an owning\nobject. An owning object must be in the same namespace as the dependent, or\nbe cluster-scoped, so there is no namespace field." properties: @@ -150,7 +150,7 @@ spec: type: "array" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -244,7 +244,7 @@ spec: description: "MachinePoolStatus defines the observed state of MachinePool." properties: availableReplicas: - description: "The number of available replicas (ready for at least minReadySeconds) for this MachinePool." + description: "availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachinePool." format: "int32" type: "integer" bootstrapReady: @@ -256,14 +256,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -325,7 +325,7 @@ spec: description: "phase represents the current phase of cluster actuation.\nE.g. Pending, Running, Terminating, Failed etc." type: "string" readyReplicas: - description: "The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is \"Ready\"." + description: "readyReplicas is the number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is \"Ready\"." format: "int32" type: "integer" replicas: @@ -333,7 +333,7 @@ spec: format: "int32" type: "integer" unavailableReplicas: - description: "Total number of unavailable machine instances targeted by this machine pool.\nThis is the total number of machine instances that are still required for\nthe machine pool to have 100% available capacity. They may either\nbe machine instances that are running but not yet available or machine instances\nthat still have not been created." + description: "unavailableReplicas is the total number of unavailable machine instances targeted by this machine pool.\nThis is the total number of machine instances that are still required for\nthe machine pool to have 100% available capacity. They may either\nbe machine instances that are running but not yet available or machine instances\nthat still have not been created." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machines.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machines.yaml index 1b52a75cd..7e2eabfb9 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machines.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -144,10 +144,10 @@ spec: description: "MachineAddress contains information for the node's address." properties: address: - description: "The machine address." + description: "address is the machine address." type: "string" type: - description: "Machine address type, one of Hostname, ExternalIP or InternalIP." + description: "type is the machine address type, one of Hostname, ExternalIP or InternalIP." type: "string" required: - "address" @@ -163,14 +163,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinesets.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinesets.yaml index 7435e71a7..fa1db14e6 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinesets.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha3/machinesets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinesets.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -116,7 +116,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" name: description: "name must be unique within a namespace. Is required when creating resources, although\nsome resources may allow a client to request the generation of an appropriate name\nautomatically. Name is primarily intended for creation idempotence and configuration\ndefinition.\nCannot be updated.\nMore info: http://kubernetes.io/docs/user-guide/identifiers#names\n\nDeprecated: This field has no function and is going to be removed in a next release." @@ -125,7 +125,7 @@ spec: description: "namespace defines the space within each name must be unique. An empty namespace is\nequivalent to the \"default\" namespace, but \"default\" is the canonical representation.\nNot all objects are required to be scoped to a namespace - the value of this field for\nthose objects will be empty.\n\nMust be a DNS_LABEL.\nCannot be updated.\nMore info: http://kubernetes.io/docs/user-guide/namespaces\n\nDeprecated: This field has no function and is going to be removed in a next release." type: "string" ownerReferences: - description: "List of objects depended by this object. If ALL objects in the list have\nbeen deleted, this object will be garbage collected. If this object is managed by a controller,\nthen an entry in this list will point to this controller, with the controller field set to true.\nThere cannot be more than one managing controller.\n\nDeprecated: This field has no function and is going to be removed in a next release." + description: "ownerReferences is the list of objects depended by this object. If ALL objects in the list have\nbeen deleted, this object will be garbage collected. If this object is managed by a controller,\nthen an entry in this list will point to this controller, with the controller field set to true.\nThere cannot be more than one managing controller.\n\nDeprecated: This field has no function and is going to be removed in a next release." items: description: "OwnerReference contains enough information to let you identify an owning\nobject. An owning object must be in the same namespace as the dependent, or\nbe cluster-scoped, so there is no namespace field." properties: @@ -157,7 +157,7 @@ spec: type: "array" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -251,16 +251,17 @@ spec: description: "MachineSetStatus defines the observed state of MachineSet." properties: availableReplicas: - description: "The number of available replicas (ready for at least minReadySeconds) for this MachineSet." + description: "availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachineSet." format: "int32" type: "integer" failureMessage: + description: "failureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption." type: "string" failureReason: - description: "In the event that there is a terminal problem reconciling the\nreplicas, both FailureReason and FailureMessage will be set. FailureReason\nwill be populated with a succinct value suitable for machine\ninterpretation, while FailureMessage will contain a more verbose\nstring suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a\ncontroller faces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the MachineTemplate's spec or the configuration of\nthe machine controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the machine controller, or the\nresponsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the MachineSet object and/or logged in the\ncontroller's output." + description: "failureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\nIn the event that there is a terminal problem reconciling the\nreplicas, both FailureReason and FailureMessage will be set. FailureReason\nwill be populated with a succinct value suitable for machine\ninterpretation, while FailureMessage will contain a more verbose\nstring suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a\ncontroller faces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the MachineTemplate's spec or the configuration of\nthe machine controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the machine controller, or the\nresponsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the MachineSet object and/or logged in the\ncontroller's output." type: "string" fullyLabeledReplicas: - description: "The number of replicas that have labels matching the labels of the machine template of the MachineSet." + description: "fullyLabeledReplicas is the number of replicas that have labels matching the labels of the machine template of the MachineSet." format: "int32" type: "integer" observedGeneration: @@ -268,7 +269,7 @@ spec: format: "int64" type: "integer" readyReplicas: - description: "The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\"." + description: "readyReplicas is the number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\"." format: "int32" type: "integer" replicas: diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusterclasses.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusterclasses.yaml index 4100f9545..1c236926d 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusterclasses.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusterclasses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterclasses.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -43,7 +43,7 @@ spec: description: "controlPlane is a reference to a local struct that holds the details\nfor provisioning the Control Plane for the Cluster." properties: machineInfrastructure: - description: "MachineTemplate defines the metadata and infrastructure information\nfor control plane machines.\n\nThis field is supported if and only if the control plane provider template\nreferenced above is Machine based and supports setting replicas." + description: "machineInfrastructure defines the metadata and infrastructure information\nfor control plane machines.\n\nThis field is supported if and only if the control plane provider template\nreferenced above is Machine based and supports setting replicas." properties: ref: description: "ref is a required reference to a custom resource\noffered by a provider." @@ -85,7 +85,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" ref: @@ -238,7 +238,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" required: diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusters.yaml index 0236fad4d..eeef0a19a 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/clusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusters.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -44,16 +44,17 @@ spec: description: "ClusterSpec defines the desired state of Cluster." properties: clusterNetwork: - description: "Cluster network configuration." + description: "clusterNetwork is the cluster network configuration." properties: apiServerPort: description: "apiServerPort specifies the port the API Server should bind to.\nDefaults to 6443." format: "int32" type: "integer" pods: - description: "The network ranges from which Pod networks are allocated." + description: "pods is the network ranges from which Pod networks are allocated." properties: cidrBlocks: + description: "cidrBlocks is a list of CIDR blocks." items: type: "string" type: "array" @@ -61,12 +62,13 @@ spec: - "cidrBlocks" type: "object" serviceDomain: - description: "Domain name for services." + description: "serviceDomain is the domain name for services." type: "string" services: - description: "The network ranges from which service VIPs are allocated." + description: "services is the network ranges from which service VIPs are allocated." properties: cidrBlocks: + description: "cidrBlocks is a list of CIDR blocks." items: type: "string" type: "array" @@ -78,10 +80,10 @@ spec: description: "controlPlaneEndpoint represents the endpoint used to communicate with the control plane." properties: host: - description: "The hostname on which the API server is serving." + description: "host is the hostname on which the API server is serving." type: "string" port: - description: "The port on which the API server is serving." + description: "port is the port on which the API server is serving." format: "int32" type: "integer" required: @@ -144,10 +146,10 @@ spec: description: "paused can be used to prevent controllers from processing the Cluster and all its associated objects." type: "boolean" topology: - description: "This encapsulates the topology for the cluster.\nNOTE: It is required to enable the ClusterTopology\nfeature gate flag to activate managed topologies support;\nthis feature is highly experimental, and parts of it might still be not implemented." + description: "topology encapsulates the topology for the cluster.\nNOTE: It is required to enable the ClusterTopology\nfeature gate flag to activate managed topologies support;\nthis feature is highly experimental, and parts of it might still be not implemented." properties: class: - description: "The name of the ClusterClass object to create the topology." + description: "class is the name of the ClusterClass object to create the topology." type: "string" controlPlane: description: "controlPlane describes the cluster control plane." @@ -163,7 +165,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" replicas: @@ -176,7 +178,7 @@ spec: format: "date-time" type: "string" version: - description: "The Kubernetes version of the cluster." + description: "version is the Kubernetes version of the cluster." type: "string" workers: description: "workers encapsulates the different constructs that form the worker nodes\nfor the cluster." @@ -200,7 +202,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" name: @@ -230,14 +232,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinedeployments.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinedeployments.yaml index 80f6dfec8..93030b764 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinedeployments.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinedeployments.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinedeployments.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -68,27 +68,27 @@ spec: minLength: 1 type: "string" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" + description: "minReadySeconds is the minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" format: "int32" type: "integer" paused: - description: "Indicates that the deployment is paused." + description: "paused indicates that the deployment is paused." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for a deployment to make progress before it\nis considered to be failed. The deployment controller will continue to\nprocess failed deployments and a condition with a ProgressDeadlineExceeded\nreason will be surfaced in the deployment status. Note that progress will\nnot be estimated during the time a deployment is paused. Defaults to 600s." + description: "progressDeadlineSeconds is the maximum time in seconds for a deployment to make progress before it\nis considered to be failed. The deployment controller will continue to\nprocess failed deployments and a condition with a ProgressDeadlineExceeded\nreason will be surfaced in the deployment status. Note that progress will\nnot be estimated during the time a deployment is paused. Defaults to 600s." format: "int32" type: "integer" replicas: default: 1 - description: "Number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." + description: "replicas is the number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." format: "int32" type: "integer" revisionHistoryLimit: - description: "The number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1." + description: "revisionHistoryLimit is the number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1." format: "int32" type: "integer" selector: - description: "Label selector for machines. Existing MachineSets whose machines are\nselected by this will be the ones affected by this deployment.\nIt must match the machine template's labels." + description: "selector is the label selector for machines. Existing MachineSets whose machines are\nselected by this will be the ones affected by this deployment.\nIt must match the machine template's labels." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -121,10 +121,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" strategy: - description: "The deployment strategy to use to replace existing machines with\nnew ones." + description: "strategy is the deployment strategy to use to replace existing machines with\nnew ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." + description: "rollingUpdate is the rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." properties: deletePolicy: description: "deletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling.\nValid values are \"Random, \"Newest\", \"Oldest\"\nWhen no value is supplied, the default DeletePolicy of MachineSet is used" @@ -137,13 +137,13 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." + description: "maxSurge is the maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." + description: "maxUnavailable is the maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." x-kubernetes-int-or-string: true type: "object" type: @@ -167,11 +167,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -263,7 +263,7 @@ spec: description: "MachineDeploymentStatus defines the observed state of MachineDeployment." properties: availableReplicas: - description: "Total number of available machines (ready for at least minReadySeconds)\ntargeted by this deployment." + description: "availableReplicas is the total number of available machines (ready for at least minReadySeconds)\ntargeted by this deployment." format: "int32" type: "integer" conditions: @@ -272,14 +272,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -296,29 +296,29 @@ spec: type: "object" type: "array" observedGeneration: - description: "The generation observed by the deployment controller." + description: "observedGeneration is the generation observed by the deployment controller." format: "int64" type: "integer" phase: description: "phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown)." type: "string" readyReplicas: - description: "Total number of ready machines targeted by this deployment." + description: "readyReplicas is the total number of ready machines targeted by this deployment." format: "int32" type: "integer" replicas: - description: "Total number of non-terminated machines targeted by this deployment\n(their labels match the selector)." + description: "replicas is the total number of non-terminated machines targeted by this deployment\n(their labels match the selector)." format: "int32" type: "integer" selector: description: "selector is the same as the label selector but in the string format to avoid introspection\nby clients. The string will be in the same format as the query-param syntax.\nMore info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors" type: "string" unavailableReplicas: - description: "Total number of unavailable machines targeted by this deployment.\nThis is the total number of machines that are still required for\nthe deployment to have 100% available capacity. They may either\nbe machines that are running but not yet available or machines\nthat still have not been created." + description: "unavailableReplicas is the total number of unavailable machines targeted by this deployment.\nThis is the total number of machines that are still required for\nthe deployment to have 100% available capacity. They may either\nbe machines that are running but not yet available or machines\nthat still have not been created." format: "int32" type: "integer" updatedReplicas: - description: "Total number of non-terminated machines targeted by this deployment\nthat have the desired template spec." + description: "updatedReplicas is the total number of non-terminated machines targeted by this deployment\nthat have the desired template spec." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinehealthchecks.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinehealthchecks.yaml index 9530943af..7f65c3e64 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinehealthchecks.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinehealthchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinehealthchecks.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -54,7 +54,7 @@ spec: metadata: type: "object" spec: - description: "Specification of machine health check policy" + description: "spec is the specification of machine health check policy" properties: clusterName: description: "clusterName is the name of the Cluster this object belongs to." @@ -64,10 +64,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy." + description: "maxUnhealthy specifies the maximum number of unhealthy machines allowed.\nAny further remediation is only allowed if at most \"maxUnhealthy\" machines selected by\n\"selector\" are not healthy." x-kubernetes-int-or-string: true nodeStartupTimeout: - description: "Machines older than this duration without a node will be considered to have\nfailed and will be remediated.\nIf not set, this value is defaulted to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." + description: "nodeStartupTimeout is the duration after which machines without a node will be considered to\nhave failed and will be remediated.\nIf not set, this value is defaulted to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." type: "string" remediationTemplate: description: "remediationTemplate is a reference to a remediation template\nprovided by an infrastructure provider.\n\nThis field is completely optional, when filled, the MachineHealthCheck controller\ncreates a new object from the template referenced and hands off remediation of the machine to\na controller that lives outside of Cluster API." @@ -96,7 +96,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" selector: - description: "Label selector to match machines whose health will be exercised" + description: "selector is the label selector to match machines whose health will be exercised" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -134,11 +134,14 @@ spec: description: "UnhealthyCondition represents a Node condition type and value with a timeout\nspecified as a duration. When the named condition has been in the given\nstatus for at least the timeout value, a node is considered unhealthy." properties: status: + description: "status of the condition, one of True, False, Unknown." minLength: 1 type: "string" timeout: + description: "timeout is the duration that a node must be in a given status for,\nafter which the node is considered unhealthy.\nFor example, with a value of \"1h\", the node must match the status\nfor at least 1 hour before being considered unhealthy." type: "string" type: + description: "type of Node condition" minLength: 1 type: "string" required: @@ -149,7 +152,7 @@ spec: minItems: 1 type: "array" unhealthyRange: - description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" + description: "unhealthyRange specifies the range of unhealthy machines allowed.\nAny further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"unhealthyRange\". Takes precedence over maxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" pattern: "^\\[[0-9]+-[0-9]+\\]$" type: "string" required: @@ -158,7 +161,7 @@ spec: - "unhealthyConditions" type: "object" status: - description: "Most recently observed status of MachineHealthCheck resource" + description: "status is the most recently observed status of MachineHealthCheck resource" properties: conditions: description: "conditions defines current service state of the MachineHealthCheck." @@ -166,14 +169,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -190,12 +193,12 @@ spec: type: "object" type: "array" currentHealthy: - description: "total number of healthy machines counted by this machine health check" + description: "currentHealthy is the total number of healthy machines counted by this machine health check" format: "int32" minimum: 0.0 type: "integer" expectedMachines: - description: "total number of machines counted by this machine health check" + description: "expectedMachines is the total number of machines counted by this machine health check" format: "int32" minimum: 0.0 type: "integer" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinepools.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinepools.yaml index f4666e879..f3b756bb9 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinepools.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinepools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinepools.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -61,7 +61,7 @@ spec: type: "string" type: "array" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine instances should\nbe ready.\nDefaults to 0 (machine instance will be considered available as soon as it\nis ready)" + description: "minReadySeconds is the minimum number of seconds for which a newly created machine instances should\nbe ready.\nDefaults to 0 (machine instance will be considered available as soon as it\nis ready)" format: "int32" type: "integer" providerIDList: @@ -70,7 +70,7 @@ spec: type: "string" type: "array" replicas: - description: "Number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." + description: "replicas is the number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." format: "int32" type: "integer" template: @@ -87,11 +87,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -182,7 +182,7 @@ spec: description: "MachinePoolStatus defines the observed state of MachinePool." properties: availableReplicas: - description: "The number of available replicas (ready for at least minReadySeconds) for this MachinePool." + description: "availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachinePool." format: "int32" type: "integer" bootstrapReady: @@ -194,14 +194,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -263,7 +263,7 @@ spec: description: "phase represents the current phase of cluster actuation.\nE.g. Pending, Running, Terminating, Failed etc." type: "string" readyReplicas: - description: "The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is \"Ready\"." + description: "readyReplicas is the number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is \"Ready\"." format: "int32" type: "integer" replicas: @@ -271,7 +271,7 @@ spec: format: "int32" type: "integer" unavailableReplicas: - description: "Total number of unavailable machine instances targeted by this machine pool.\nThis is the total number of machine instances that are still required for\nthe machine pool to have 100% available capacity. They may either\nbe machine instances that are running but not yet available or machine instances\nthat still have not been created." + description: "unavailableReplicas is the total number of unavailable machine instances targeted by this machine pool.\nThis is the total number of machine instances that are still required for\nthe machine pool to have 100% available capacity. They may either\nbe machine instances that are running but not yet available or machine instances\nthat still have not been created." format: "int32" type: "integer" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machines.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machines.yaml index a792389df..4a3b47958 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machines.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -149,10 +149,10 @@ spec: description: "MachineAddress contains information for the node's address." properties: address: - description: "The machine address." + description: "address is the machine address." type: "string" type: - description: "Machine address type, one of Hostname, ExternalIP or InternalIP." + description: "type is the machine address type, one of Hostname, ExternalIP or InternalIP." type: "string" required: - "address" @@ -168,14 +168,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinesets.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinesets.yaml index ca8e760c4..951850cea 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinesets.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1alpha4/machinesets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinesets.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -122,11 +122,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -217,7 +217,7 @@ spec: description: "MachineSetStatus defines the observed state of MachineSet." properties: availableReplicas: - description: "The number of available replicas (ready for at least minReadySeconds) for this MachineSet." + description: "availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachineSet." format: "int32" type: "integer" conditions: @@ -226,14 +226,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may not be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -250,12 +250,13 @@ spec: type: "object" type: "array" failureMessage: + description: "failureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption." type: "string" failureReason: - description: "In the event that there is a terminal problem reconciling the\nreplicas, both FailureReason and FailureMessage will be set. FailureReason\nwill be populated with a succinct value suitable for machine\ninterpretation, while FailureMessage will contain a more verbose\nstring suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a\ncontroller faces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the MachineTemplate's spec or the configuration of\nthe machine controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the machine controller, or the\nresponsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the MachineSet object and/or logged in the\ncontroller's output." + description: "failureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\nIn the event that there is a terminal problem reconciling the\nreplicas, both FailureReason and FailureMessage will be set. FailureReason\nwill be populated with a succinct value suitable for machine\ninterpretation, while FailureMessage will contain a more verbose\nstring suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a\ncontroller faces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the MachineTemplate's spec or the configuration of\nthe machine controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the machine controller, or the\nresponsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the MachineSet object and/or logged in the\ncontroller's output." type: "string" fullyLabeledReplicas: - description: "The number of replicas that have labels matching the labels of the machine template of the MachineSet." + description: "fullyLabeledReplicas is the number of replicas that have labels matching the labels of the machine template of the MachineSet." format: "int32" type: "integer" observedGeneration: @@ -263,7 +264,7 @@ spec: format: "int64" type: "integer" readyReplicas: - description: "The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\"." + description: "readyReplicas is the number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\"." format: "int32" type: "integer" replicas: diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml index 906f3e5eb..e18603595 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusterclasses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusterclasses.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -48,7 +48,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy." + description: "maxUnhealthy specifies the maximum number of unhealthy machines allowed.\nAny further remediation is only allowed if at most \"maxUnhealthy\" machines selected by\n\"selector\" are not healthy." x-kubernetes-int-or-string: true nodeStartupTimeout: description: "nodeStartupTimeout allows to set the maximum time for MachineHealthCheck\nto consider a Machine unhealthy if a corresponding Node isn't associated\nthrough a `Spec.ProviderID` field.\n\nThe duration set in this field is compared to the greatest of:\n- Cluster's infrastructure ready condition timestamp (if and when available)\n- Control Plane's initialized condition timestamp (if and when available)\n- Machine's infrastructure ready condition timestamp (if and when available)\n- Machine's metadata creation timestamp\n\nDefaults to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." @@ -85,11 +85,14 @@ spec: description: "UnhealthyCondition represents a Node condition type and value with a timeout\nspecified as a duration. When the named condition has been in the given\nstatus for at least the timeout value, a node is considered unhealthy." properties: status: + description: "status of the condition, one of True, False, Unknown." minLength: 1 type: "string" timeout: + description: "timeout is the duration that a node must be in a given status for,\nafter which the node is considered unhealthy.\nFor example, with a value of \"1h\", the node must match the status\nfor at least 1 hour before being considered unhealthy." type: "string" type: + description: "type of Node condition" minLength: 1 type: "string" required: @@ -99,7 +102,7 @@ spec: type: "object" type: "array" unhealthyRange: - description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" + description: "unhealthyRange specifies the range of unhealthy machines allowed.\nAny further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"unhealthyRange\". Takes precedence over maxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" pattern: "^\\[[0-9]+-[0-9]+\\]$" type: "string" type: "object" @@ -146,7 +149,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" namingStrategy: @@ -359,7 +362,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) variables." + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) variables." type: "object" type: "object" name: @@ -514,7 +517,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) variables." + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) variables." type: "object" type: "object" type: "object" @@ -548,7 +551,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy." + description: "maxUnhealthy specifies the maximum number of unhealthy machines allowed.\nAny further remediation is only allowed if at most \"maxUnhealthy\" machines selected by\n\"selector\" are not healthy." x-kubernetes-int-or-string: true nodeStartupTimeout: description: "nodeStartupTimeout allows to set the maximum time for MachineHealthCheck\nto consider a Machine unhealthy if a corresponding Node isn't associated\nthrough a `Spec.ProviderID` field.\n\nThe duration set in this field is compared to the greatest of:\n- Cluster's infrastructure ready condition timestamp (if and when available)\n- Control Plane's initialized condition timestamp (if and when available)\n- Machine's infrastructure ready condition timestamp (if and when available)\n- Machine's metadata creation timestamp\n\nDefaults to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." @@ -585,11 +588,14 @@ spec: description: "UnhealthyCondition represents a Node condition type and value with a timeout\nspecified as a duration. When the named condition has been in the given\nstatus for at least the timeout value, a node is considered unhealthy." properties: status: + description: "status of the condition, one of True, False, Unknown." minLength: 1 type: "string" timeout: + description: "timeout is the duration that a node must be in a given status for,\nafter which the node is considered unhealthy.\nFor example, with a value of \"1h\", the node must match the status\nfor at least 1 hour before being considered unhealthy." type: "string" type: + description: "type of Node condition" minLength: 1 type: "string" required: @@ -599,12 +605,12 @@ spec: type: "object" type: "array" unhealthyRange: - description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" + description: "unhealthyRange specifies the range of unhealthy machines allowed.\nAny further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"unhealthyRange\". Takes precedence over maxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" pattern: "^\\[[0-9]+-[0-9]+\\]$" type: "string" type: "object" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)\nNOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass." + description: "minReadySeconds is the minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)\nNOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass." format: "int32" type: "integer" namingStrategy: @@ -624,7 +630,7 @@ spec: description: "nodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes\nto be detached. The default value is 0, meaning that the volumes can be detached without any time limitations.\nNOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass." type: "string" strategy: - description: "The deployment strategy to use to replace existing machines with\nnew ones.\nNOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass." + description: "strategy is the deployment strategy to use to replace existing machines with\nnew ones.\nNOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass." properties: remediation: description: "remediation controls the strategy of remediating unhealthy machines\nand how remediating operations should occur during the lifecycle of the dependant MachineSets." @@ -637,7 +643,7 @@ spec: x-kubernetes-int-or-string: true type: "object" rollingUpdate: - description: "Rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." + description: "rollingUpdate is the rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." properties: deletePolicy: description: "deletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling.\nValid values are \"Random, \"Newest\", \"Oldest\"\nWhen no value is supplied, the default DeletePolicy of MachineSet is used" @@ -650,13 +656,13 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." + description: "maxSurge is the maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." + description: "maxUnavailable is the maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." x-kubernetes-int-or-string: true type: "object" type: @@ -744,7 +750,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" required: @@ -773,7 +779,7 @@ spec: type: "string" type: "array" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine pool should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)\nNOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass." + description: "minReadySeconds is the minimum number of seconds for which a newly created machine pool should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)\nNOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass." format: "int32" type: "integer" namingStrategy: @@ -870,7 +876,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" required: @@ -896,14 +902,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -1000,7 +1006,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) variables." + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) variables." type: "object" type: "object" required: @@ -1152,7 +1158,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) variables." + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) variables." type: "object" type: "object" type: "object" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml index 269be3352..4bd230f04 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/clusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "clusters.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -70,16 +70,17 @@ spec: - "conditionType" x-kubernetes-list-type: "map" clusterNetwork: - description: "Cluster network configuration." + description: "clusterNetwork represents the cluster network configuration." properties: apiServerPort: description: "apiServerPort specifies the port the API Server should bind to.\nDefaults to 6443." format: "int32" type: "integer" pods: - description: "The network ranges from which Pod networks are allocated." + description: "pods is the network ranges from which Pod networks are allocated." properties: cidrBlocks: + description: "cidrBlocks is a list of CIDR blocks." items: type: "string" type: "array" @@ -87,12 +88,13 @@ spec: - "cidrBlocks" type: "object" serviceDomain: - description: "Domain name for services." + description: "serviceDomain is the domain name for services." type: "string" services: - description: "The network ranges from which service VIPs are allocated." + description: "services is the network ranges from which service VIPs are allocated." properties: cidrBlocks: + description: "cidrBlocks is a list of CIDR blocks." items: type: "string" type: "array" @@ -104,10 +106,10 @@ spec: description: "controlPlaneEndpoint represents the endpoint used to communicate with the control plane." properties: host: - description: "The hostname on which the API server is serving." + description: "host is the hostname on which the API server is serving." type: "string" port: - description: "The port on which the API server is serving." + description: "port is the port on which the API server is serving." format: "int32" type: "integer" required: @@ -170,10 +172,16 @@ spec: description: "paused can be used to prevent controllers from processing the Cluster and all its associated objects." type: "boolean" topology: - description: "This encapsulates the topology for the cluster.\nNOTE: It is required to enable the ClusterTopology\nfeature gate flag to activate managed topologies support;\nthis feature is highly experimental, and parts of it might still be not implemented." + description: "topology encapsulates the topology for the cluster.\nNOTE: It is required to enable the ClusterTopology\nfeature gate flag to activate managed topologies support;\nthis feature is highly experimental, and parts of it might still be not implemented." properties: class: - description: "The name of the ClusterClass object to create the topology." + description: "class is the name of the ClusterClass object to create the topology." + type: "string" + classNamespace: + description: "classNamespace is the namespace of the ClusterClass object to create the topology.\nIf the namespace is empty or not set, it is defaulted to the namespace of the cluster object.\nValue must follow the DNS1123Subdomain syntax." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9](?:[-a-z0-9]*[a-z0-9])?(?:\\.[a-z0-9](?:[-a-z0-9]*[a-z0-9])?)*$" type: "string" controlPlane: description: "controlPlane describes the cluster control plane." @@ -188,7 +196,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy." + description: "maxUnhealthy specifies the maximum number of unhealthy machines allowed.\nAny further remediation is only allowed if at most \"maxUnhealthy\" machines selected by\n\"selector\" are not healthy." x-kubernetes-int-or-string: true nodeStartupTimeout: description: "nodeStartupTimeout allows to set the maximum time for MachineHealthCheck\nto consider a Machine unhealthy if a corresponding Node isn't associated\nthrough a `Spec.ProviderID` field.\n\nThe duration set in this field is compared to the greatest of:\n- Cluster's infrastructure ready condition timestamp (if and when available)\n- Control Plane's initialized condition timestamp (if and when available)\n- Machine's infrastructure ready condition timestamp (if and when available)\n- Machine's metadata creation timestamp\n\nDefaults to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." @@ -225,11 +233,14 @@ spec: description: "UnhealthyCondition represents a Node condition type and value with a timeout\nspecified as a duration. When the named condition has been in the given\nstatus for at least the timeout value, a node is considered unhealthy." properties: status: + description: "status of the condition, one of True, False, Unknown." minLength: 1 type: "string" timeout: + description: "timeout is the duration that a node must be in a given status for,\nafter which the node is considered unhealthy.\nFor example, with a value of \"1h\", the node must match the status\nfor at least 1 hour before being considered unhealthy." type: "string" type: + description: "type of Node condition" minLength: 1 type: "string" required: @@ -239,7 +250,7 @@ spec: type: "object" type: "array" unhealthyRange: - description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" + description: "unhealthyRange specifies the range of unhealthy machines allowed.\nAny further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"unhealthyRange\". Takes precedence over maxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" pattern: "^\\[[0-9]+-[0-9]+\\]$" type: "string" type: "object" @@ -254,7 +265,7 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" nodeDeletionTimeout: @@ -324,7 +335,7 @@ spec: - "name" x-kubernetes-list-type: "map" version: - description: "The Kubernetes version of the cluster." + description: "version is the Kubernetes version of the cluster." type: "string" workers: description: "workers encapsulates the different constructs that form the worker nodes\nfor the cluster." @@ -350,7 +361,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy." + description: "maxUnhealthy specifies the maximum number of unhealthy machines allowed.\nAny further remediation is only allowed if at most \"maxUnhealthy\" machines selected by\n\"selector\" are not healthy." x-kubernetes-int-or-string: true nodeStartupTimeout: description: "nodeStartupTimeout allows to set the maximum time for MachineHealthCheck\nto consider a Machine unhealthy if a corresponding Node isn't associated\nthrough a `Spec.ProviderID` field.\n\nThe duration set in this field is compared to the greatest of:\n- Cluster's infrastructure ready condition timestamp (if and when available)\n- Control Plane's initialized condition timestamp (if and when available)\n- Machine's infrastructure ready condition timestamp (if and when available)\n- Machine's metadata creation timestamp\n\nDefaults to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." @@ -387,11 +398,14 @@ spec: description: "UnhealthyCondition represents a Node condition type and value with a timeout\nspecified as a duration. When the named condition has been in the given\nstatus for at least the timeout value, a node is considered unhealthy." properties: status: + description: "status of the condition, one of True, False, Unknown." minLength: 1 type: "string" timeout: + description: "timeout is the duration that a node must be in a given status for,\nafter which the node is considered unhealthy.\nFor example, with a value of \"1h\", the node must match the status\nfor at least 1 hour before being considered unhealthy." type: "string" type: + description: "type of Node condition" minLength: 1 type: "string" required: @@ -401,7 +415,7 @@ spec: type: "object" type: "array" unhealthyRange: - description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" + description: "unhealthyRange specifies the range of unhealthy machines allowed.\nAny further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"unhealthyRange\". Takes precedence over maxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines" pattern: "^\\[[0-9]+-[0-9]+\\]$" type: "string" type: "object" @@ -416,11 +430,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" + description: "minReadySeconds is the minimum number of seconds for which a newly created machine should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" format: "int32" type: "integer" name: @@ -440,7 +454,7 @@ spec: format: "int32" type: "integer" strategy: - description: "The deployment strategy to use to replace existing machines with\nnew ones." + description: "strategy is the deployment strategy to use to replace existing machines with\nnew ones." properties: remediation: description: "remediation controls the strategy of remediating unhealthy machines\nand how remediating operations should occur during the lifecycle of the dependant MachineSets." @@ -453,7 +467,7 @@ spec: x-kubernetes-int-or-string: true type: "object" rollingUpdate: - description: "Rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." + description: "rollingUpdate is the rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." properties: deletePolicy: description: "deletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling.\nValid values are \"Random, \"Newest\", \"Oldest\"\nWhen no value is supplied, the default DeletePolicy of MachineSet is used" @@ -466,13 +480,13 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." + description: "maxSurge is the maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." + description: "maxUnavailable is the maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." x-kubernetes-int-or-string: true type: "object" type: @@ -540,11 +554,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine pool should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" + description: "minReadySeconds is the minimum number of seconds for which a newly created machine pool should\nbe ready.\nDefaults to 0 (machine will be considered available as soon as it\nis ready)" format: "int32" type: "integer" name: @@ -612,14 +626,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml index 48ae14707..1ace98440 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinedeployments.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinedeployments.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -75,23 +75,31 @@ spec: description: "clusterName is the name of the Cluster this object belongs to." minLength: 1 type: "string" + machineNamingStrategy: + description: "machineNamingStrategy allows changing the naming pattern used when creating Machines.\nNote: InfraMachines & BootstrapConfigs will use the same name as the corresponding Machines." + properties: + template: + description: "template defines the template to use for generating the names of the\nMachine objects.\nIf not defined, it will fallback to `{{ .machineSet.name }}-{{ .random }}`.\nIf the generated name string exceeds 63 characters, it will be trimmed to\n58 characters and will\nget concatenated with a random suffix of length 5.\nLength of the template string must not exceed 256 characters.\nThe template allows the following variables `.cluster.name`,\n`.machineSet.name` and `.random`.\nThe variable `.cluster.name` retrieves the name of the cluster object\nthat owns the Machines being created.\nThe variable `.machineSet.name` retrieves the name of the MachineSet\nobject that owns the Machines being created.\nThe variable `.random` is substituted with random alphanumeric string,\nwithout vowels, of length 5. This variable is required part of the\ntemplate. If not provided, validation will fail." + maxLength: 256 + type: "string" + type: "object" minReadySeconds: description: "minReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available.\nDefaults to 0 (machine will be considered available as soon as the Node is ready)" format: "int32" type: "integer" paused: - description: "Indicates that the deployment is paused." + description: "paused indicates that the deployment is paused." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for a deployment to make progress before it\nis considered to be failed. The deployment controller will continue to\nprocess failed deployments and a condition with a ProgressDeadlineExceeded\nreason will be surfaced in the deployment status. Note that progress will\nnot be estimated during the time a deployment is paused. Defaults to 600s." + description: "progressDeadlineSeconds is the maximum time in seconds for a deployment to make progress before it\nis considered to be failed. The deployment controller will continue to\nprocess failed deployments and a condition with a ProgressDeadlineExceeded\nreason will be surfaced in the deployment status. Note that progress will\nnot be estimated during the time a deployment is paused. Defaults to 600s.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/11470 for more details." format: "int32" type: "integer" replicas: - description: "Number of desired machines.\nThis is a pointer to distinguish between explicit zero and not specified.\n\nDefaults to:\n* if the Kubernetes autoscaler min size and max size annotations are set:\n - if it's a new MachineDeployment, use min size\n - if the replicas field of the old MachineDeployment is < min size, use min size\n - if the replicas field of the old MachineDeployment is > max size, use max size\n - if the replicas field of the old MachineDeployment is in the (min size, max size) range, keep the value from the oldMD\n* otherwise use 1\nNote: Defaulting will be run whenever the replicas field is not set:\n* A new MachineDeployment is created with replicas not set.\n* On an existing MachineDeployment the replicas field was first set and is now unset.\nThose cases are especially relevant for the following Kubernetes autoscaler use cases:\n* A new MachineDeployment is created and replicas should be managed by the autoscaler\n* An existing MachineDeployment which initially wasn't controlled by the autoscaler\n should be later controlled by the autoscaler" + description: "replicas is the number of desired machines.\nThis is a pointer to distinguish between explicit zero and not specified.\n\nDefaults to:\n* if the Kubernetes autoscaler min size and max size annotations are set:\n - if it's a new MachineDeployment, use min size\n - if the replicas field of the old MachineDeployment is < min size, use min size\n - if the replicas field of the old MachineDeployment is > max size, use max size\n - if the replicas field of the old MachineDeployment is in the (min size, max size) range, keep the value from the oldMD\n* otherwise use 1\nNote: Defaulting will be run whenever the replicas field is not set:\n* A new MachineDeployment is created with replicas not set.\n* On an existing MachineDeployment the replicas field was first set and is now unset.\nThose cases are especially relevant for the following Kubernetes autoscaler use cases:\n* A new MachineDeployment is created and replicas should be managed by the autoscaler\n* An existing MachineDeployment which initially wasn't controlled by the autoscaler\n should be later controlled by the autoscaler" format: "int32" type: "integer" revisionHistoryLimit: - description: "The number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10479 for more details." + description: "revisionHistoryLimit is the number of old MachineSets to retain to allow rollback.\nThis is a pointer to distinguish between explicit zero and not specified.\nDefaults to 1.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10479 for more details." format: "int32" type: "integer" rolloutAfter: @@ -99,7 +107,7 @@ spec: format: "date-time" type: "string" selector: - description: "Label selector for machines. Existing MachineSets whose machines are\nselected by this will be the ones affected by this deployment.\nIt must match the machine template's labels." + description: "selector is the label selector for machines. Existing MachineSets whose machines are\nselected by this will be the ones affected by this deployment.\nIt must match the machine template's labels." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -132,7 +140,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" strategy: - description: "The deployment strategy to use to replace existing machines with\nnew ones." + description: "strategy is the deployment strategy to use to replace existing machines with\nnew ones." properties: remediation: description: "remediation controls the strategy of remediating unhealthy machines\nand how remediating operations should occur during the lifecycle of the dependant MachineSets." @@ -145,7 +153,7 @@ spec: x-kubernetes-int-or-string: true type: "object" rollingUpdate: - description: "Rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." + description: "rollingUpdate is the rolling update config params. Present only if\nMachineDeploymentStrategyType = RollingUpdate." properties: deletePolicy: description: "deletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling.\nValid values are \"Random, \"Newest\", \"Oldest\"\nWhen no value is supplied, the default DeletePolicy of MachineSet is used" @@ -158,13 +166,13 @@ spec: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." + description: "maxSurge is the maximum number of machines that can be scheduled above the\ndesired number of machines.\nValue can be an absolute number (ex: 5) or a percentage of\ndesired machines (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 1.\nExample: when this is set to 30%, the new MachineSet can be scaled\nup immediately when the rolling update starts, such that the total\nnumber of old and new machines do not exceed 130% of desired\nmachines. Once old machines have been killed, new MachineSet can\nbe scaled up further, ensuring that total number of machines running\nat any time during the update is at most 130% of desired machines." x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." + description: "maxUnavailable is the maximum number of machines that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired\nmachines (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 0.\nExample: when this is set to 30%, the old MachineSet can be scaled\ndown to 70% of desired machines immediately when the rolling update\nstarts. Once new machines are ready, old MachineSet can be scaled\ndown further, followed by scaling up the new MachineSet, ensuring\nthat the total number of machines available at all times\nduring the update is at least 70% of desired machines." x-kubernetes-int-or-string: true type: "object" type: @@ -188,11 +196,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -273,7 +281,7 @@ spec: description: "providerID is the identification ID of the machine provided by the provider.\nThis field must match the provider ID as seen on the node object corresponding to this machine.\nThis field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler\nwith cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out\nmachines at provider which could not get registered as Kubernetes nodes. With cluster-api as a\ngeneric out-of-tree provider for autoscaler, this field is required by autoscaler to be\nable to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver\nand then a comparison is done to find out unregistered machines and are marked for delete.\nThis field will be set by the actuators and consumed by higher level entities like autoscaler that will\nbe interfacing with cluster-api as generic provider." type: "string" readinessGates: - description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: this field is considered only for computing v1beta2 conditions." + description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: This field is considered only for computing v1beta2 conditions.\nNOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those\nreadiness gates condition are reporting the same message, when computing the Machine's Ready condition those\nreadinessGates will be replaced by a single entry reporting \"Control plane components: \" + message.\nThis helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster)." items: description: "MachineReadinessGate contains the type of a Machine condition to be used as a readiness gate." properties: @@ -309,7 +317,7 @@ spec: description: "MachineDeploymentStatus defines the observed state of MachineDeployment." properties: availableReplicas: - description: "Total number of available machines (ready for at least minReadySeconds)\ntargeted by this deployment." + description: "availableReplicas is the total number of available machines (ready for at least minReadySeconds)\ntargeted by this deployment." format: "int32" type: "integer" conditions: @@ -318,14 +326,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -343,29 +351,29 @@ spec: type: "object" type: "array" observedGeneration: - description: "The generation observed by the deployment controller." + description: "observedGeneration is the generation observed by the deployment controller." format: "int64" type: "integer" phase: description: "phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown)." type: "string" readyReplicas: - description: "Total number of ready machines targeted by this deployment." + description: "readyReplicas is the total number of ready machines targeted by this deployment." format: "int32" type: "integer" replicas: - description: "Total number of non-terminated machines targeted by this deployment\n(their labels match the selector)." + description: "replicas is the total number of non-terminated machines targeted by this deployment\n(their labels match the selector)." format: "int32" type: "integer" selector: description: "selector is the same as the label selector but in the string format to avoid introspection\nby clients. The string will be in the same format as the query-param syntax.\nMore info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors" type: "string" unavailableReplicas: - description: "Total number of unavailable machines targeted by this deployment.\nThis is the total number of machines that are still required for\nthe deployment to have 100% available capacity. They may either\nbe machines that are running but not yet available or machines\nthat still have not been created." + description: "unavailableReplicas is the total number of unavailable machines targeted by this deployment.\nThis is the total number of machines that are still required for\nthe deployment to have 100% available capacity. They may either\nbe machines that are running but not yet available or machines\nthat still have not been created.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details." format: "int32" type: "integer" updatedReplicas: - description: "Total number of non-terminated machines targeted by this deployment\nthat have the desired template spec." + description: "updatedReplicas is the total number of non-terminated machines targeted by this deployment\nthat have the desired template spec." format: "int32" type: "integer" v1beta2: diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml index 6679669cb..b9a1bc1bd 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinehealthchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinehealthchecks.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -53,7 +53,7 @@ spec: metadata: type: "object" spec: - description: "Specification of machine health check policy" + description: "spec is the specification of machine health check policy" properties: clusterName: description: "clusterName is the name of the Cluster this object belongs to." @@ -63,7 +63,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Any further remediation is only allowed if at most \"MaxUnhealthy\" machines selected by\n\"selector\" are not healthy.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details." + description: "maxUnhealthy specifies the maximum number of unhealthy machines allowed.\nAny further remediation is only allowed if at most \"maxUnhealthy\" machines selected by\n\"selector\" are not healthy.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details." x-kubernetes-int-or-string: true nodeStartupTimeout: description: "nodeStartupTimeout allows to set the maximum time for MachineHealthCheck\nto consider a Machine unhealthy if a corresponding Node isn't associated\nthrough a `Spec.ProviderID` field.\n\nThe duration set in this field is compared to the greatest of:\n- Cluster's infrastructure ready condition timestamp (if and when available)\n- Control Plane's initialized condition timestamp (if and when available)\n- Machine's infrastructure ready condition timestamp (if and when available)\n- Machine's metadata creation timestamp\n\nDefaults to 10 minutes.\nIf you wish to disable this feature, set the value explicitly to 0." @@ -95,7 +95,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" selector: - description: "Label selector to match machines whose health will be exercised" + description: "selector is a label selector to match machines whose health will be exercised" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -133,11 +133,14 @@ spec: description: "UnhealthyCondition represents a Node condition type and value with a timeout\nspecified as a duration. When the named condition has been in the given\nstatus for at least the timeout value, a node is considered unhealthy." properties: status: + description: "status of the condition, one of True, False, Unknown." minLength: 1 type: "string" timeout: + description: "timeout is the duration that a node must be in a given status for,\nafter which the node is considered unhealthy.\nFor example, with a value of \"1h\", the node must match the status\nfor at least 1 hour before being considered unhealthy." type: "string" type: + description: "type of Node condition" minLength: 1 type: "string" required: @@ -147,7 +150,7 @@ spec: type: "object" type: "array" unhealthyRange: - description: "Any further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"UnhealthyRange\". Takes precedence over MaxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details." + description: "unhealthyRange specifies the range of unhealthy machines allowed.\nAny further remediation is only allowed if the number of machines selected by \"selector\" as not healthy\nis within the range of \"unhealthyRange\". Takes precedence over maxUnhealthy.\nEg. \"[3-5]\" - This means that remediation will be allowed only when:\n(a) there are at least 3 unhealthy machines (and)\n(b) there are at most 5 unhealthy machines\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details." pattern: "^\\[[0-9]+-[0-9]+\\]$" type: "string" required: @@ -155,7 +158,7 @@ spec: - "selector" type: "object" status: - description: "Most recently observed status of MachineHealthCheck resource" + description: "status is the most recently observed status of MachineHealthCheck resource" properties: conditions: description: "conditions defines current service state of the MachineHealthCheck." @@ -163,14 +166,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -188,12 +191,12 @@ spec: type: "object" type: "array" currentHealthy: - description: "total number of healthy machines counted by this machine health check" + description: "currentHealthy is the total number of healthy machines counted by this machine health check" format: "int32" minimum: 0.0 type: "integer" expectedMachines: - description: "total number of machines counted by this machine health check" + description: "expectedMachines is the total number of machines counted by this machine health check" format: "int32" minimum: 0.0 type: "integer" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinepools.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinepools.yaml index ba846cf29..20390ea2a 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinepools.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinepools.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinepools.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -69,7 +69,7 @@ spec: type: "string" type: "array" minReadySeconds: - description: "Minimum number of seconds for which a newly created machine instances should\nbe ready.\nDefaults to 0 (machine instance will be considered available as soon as it\nis ready)" + description: "minReadySeconds is the minimum number of seconds for which a newly created machine instances should\nbe ready.\nDefaults to 0 (machine instance will be considered available as soon as it\nis ready)" format: "int32" type: "integer" providerIDList: @@ -78,7 +78,7 @@ spec: type: "string" type: "array" replicas: - description: "Number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." + description: "replicas is the number of desired machines. Defaults to 1.\nThis is a pointer to distinguish between explicit zero and not specified." format: "int32" type: "integer" template: @@ -95,11 +95,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -180,7 +180,7 @@ spec: description: "providerID is the identification ID of the machine provided by the provider.\nThis field must match the provider ID as seen on the node object corresponding to this machine.\nThis field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler\nwith cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out\nmachines at provider which could not get registered as Kubernetes nodes. With cluster-api as a\ngeneric out-of-tree provider for autoscaler, this field is required by autoscaler to be\nable to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver\nand then a comparison is done to find out unregistered machines and are marked for delete.\nThis field will be set by the actuators and consumed by higher level entities like autoscaler that will\nbe interfacing with cluster-api as generic provider." type: "string" readinessGates: - description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: this field is considered only for computing v1beta2 conditions." + description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: This field is considered only for computing v1beta2 conditions.\nNOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those\nreadiness gates condition are reporting the same message, when computing the Machine's Ready condition those\nreadinessGates will be replaced by a single entry reporting \"Control plane components: \" + message.\nThis helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster)." items: description: "MachineReadinessGate contains the type of a Machine condition to be used as a readiness gate." properties: @@ -215,7 +215,7 @@ spec: description: "MachinePoolStatus defines the observed state of MachinePool." properties: availableReplicas: - description: "The number of available replicas (ready for at least minReadySeconds) for this MachinePool." + description: "availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachinePool." format: "int32" type: "integer" bootstrapReady: @@ -227,14 +227,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -297,7 +297,7 @@ spec: description: "phase represents the current phase of cluster actuation.\nE.g. Pending, Running, Terminating, Failed etc." type: "string" readyReplicas: - description: "The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is \"Ready\"." + description: "readyReplicas is the number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is \"Ready\"." format: "int32" type: "integer" replicas: @@ -305,7 +305,7 @@ spec: format: "int32" type: "integer" unavailableReplicas: - description: "Total number of unavailable machine instances targeted by this machine pool.\nThis is the total number of machine instances that are still required for\nthe machine pool to have 100% available capacity. They may either\nbe machine instances that are running but not yet available or machine instances\nthat still have not been created." + description: "unavailableReplicas is the total number of unavailable machine instances targeted by this machine pool.\nThis is the total number of machine instances that are still required for\nthe machine pool to have 100% available capacity. They may either\nbe machine instances that are running but not yet available or machine instances\nthat still have not been created.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details." format: "int32" type: "integer" v1beta2: diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machines.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machines.yaml index eb1556610..2180ad4bb 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machines.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machines.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machines.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -137,7 +137,7 @@ spec: description: "providerID is the identification ID of the machine provided by the provider.\nThis field must match the provider ID as seen on the node object corresponding to this machine.\nThis field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler\nwith cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out\nmachines at provider which could not get registered as Kubernetes nodes. With cluster-api as a\ngeneric out-of-tree provider for autoscaler, this field is required by autoscaler to be\nable to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver\nand then a comparison is done to find out unregistered machines and are marked for delete.\nThis field will be set by the actuators and consumed by higher level entities like autoscaler that will\nbe interfacing with cluster-api as generic provider." type: "string" readinessGates: - description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: this field is considered only for computing v1beta2 conditions." + description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: This field is considered only for computing v1beta2 conditions.\nNOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those\nreadiness gates condition are reporting the same message, when computing the Machine's Ready condition those\nreadinessGates will be replaced by a single entry reporting \"Control plane components: \" + message.\nThis helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster)." items: description: "MachineReadinessGate contains the type of a Machine condition to be used as a readiness gate." properties: @@ -172,10 +172,10 @@ spec: description: "MachineAddress contains information for the node's address." properties: address: - description: "The machine address." + description: "address is the machine address." type: "string" type: - description: "Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS." + description: "type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS." type: "string" required: - "address" @@ -195,14 +195,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml index d9b436d53..dfaadc446 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/cluster.x-k8s.io/v1beta1/machinesets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "machinesets.cluster.x-k8s.io" spec: group: "cluster.x-k8s.io" @@ -74,6 +74,14 @@ spec: - "Newest" - "Oldest" type: "string" + machineNamingStrategy: + description: "machineNamingStrategy allows changing the naming pattern used when creating Machines.\nNote: InfraMachines & BootstrapConfigs will use the same name as the corresponding Machines." + properties: + template: + description: "template defines the template to use for generating the names of the\nMachine objects.\nIf not defined, it will fallback to `{{ .machineSet.name }}-{{ .random }}`.\nIf the generated name string exceeds 63 characters, it will be trimmed to\n58 characters and will\nget concatenated with a random suffix of length 5.\nLength of the template string must not exceed 256 characters.\nThe template allows the following variables `.cluster.name`,\n`.machineSet.name` and `.random`.\nThe variable `.cluster.name` retrieves the name of the cluster object\nthat owns the Machines being created.\nThe variable `.machineSet.name` retrieves the name of the MachineSet\nobject that owns the Machines being created.\nThe variable `.random` is substituted with random alphanumeric string,\nwithout vowels, of length 5. This variable is required part of the\ntemplate. If not provided, validation will fail." + maxLength: 256 + type: "string" + type: "object" minReadySeconds: description: "minReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available.\nDefaults to 0 (machine will be considered available as soon as the Node is ready)" format: "int32" @@ -129,11 +137,11 @@ spec: labels: additionalProperties: type: "string" - description: "Map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" + description: "labels is a map of string keys and values that can be used to organize and categorize\n(scope and select) objects. May match selectors of replication controllers\nand services.\nMore info: http://kubernetes.io/docs/user-guide/labels" type: "object" type: "object" spec: - description: "Specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + description: "spec is the specification of the desired behavior of the machine.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" properties: bootstrap: description: "bootstrap is a reference to a local struct which encapsulates\nfields to configure the Machine’s bootstrapping mechanism." @@ -214,7 +222,7 @@ spec: description: "providerID is the identification ID of the machine provided by the provider.\nThis field must match the provider ID as seen on the node object corresponding to this machine.\nThis field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler\nwith cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out\nmachines at provider which could not get registered as Kubernetes nodes. With cluster-api as a\ngeneric out-of-tree provider for autoscaler, this field is required by autoscaler to be\nable to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver\nand then a comparison is done to find out unregistered machines and are marked for delete.\nThis field will be set by the actuators and consumed by higher level entities like autoscaler that will\nbe interfacing with cluster-api as generic provider." type: "string" readinessGates: - description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: this field is considered only for computing v1beta2 conditions." + description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition.\n\nThis field can be used e.g. by Cluster API control plane providers to extend the semantic of the\nReady condition for the Machine they control, like the kubeadm control provider adding ReadinessGates\nfor the APIServerPodHealthy, SchedulerPodHealthy conditions, etc.\n\nAnother example are external controllers, e.g. responsible to install special software/hardware on the Machines;\nthey can include the status of those components with a new condition and add this condition to ReadinessGates.\n\nNOTE: This field is considered only for computing v1beta2 conditions.\nNOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those\nreadiness gates condition are reporting the same message, when computing the Machine's Ready condition those\nreadinessGates will be replaced by a single entry reporting \"Control plane components: \" + message.\nThis helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster)." items: description: "MachineReadinessGate contains the type of a Machine condition to be used as a readiness gate." properties: @@ -249,7 +257,7 @@ spec: description: "MachineSetStatus defines the observed state of MachineSet." properties: availableReplicas: - description: "The number of available replicas (ready for at least minReadySeconds) for this MachineSet." + description: "availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachineSet." format: "int32" type: "integer" conditions: @@ -258,14 +266,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -283,13 +291,13 @@ spec: type: "object" type: "array" failureMessage: - description: "Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details." + description: "failureMessage will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a more verbose string suitable\nfor logging and human consumption.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details." type: "string" failureReason: - description: "In the event that there is a terminal problem reconciling the\nreplicas, both FailureReason and FailureMessage will be set. FailureReason\nwill be populated with a succinct value suitable for machine\ninterpretation, while FailureMessage will contain a more verbose\nstring suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a\ncontroller faces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the MachineTemplate's spec or the configuration of\nthe machine controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the machine controller, or the\nresponsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the MachineSet object and/or logged in the\ncontroller's output.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details." + description: "failureReason will be set in the event that there is a terminal problem\nreconciling the Machine and will contain a succinct value suitable\nfor machine interpretation.\n\nIn the event that there is a terminal problem reconciling the\nreplicas, both FailureReason and FailureMessage will be set. FailureReason\nwill be populated with a succinct value suitable for machine\ninterpretation, while FailureMessage will contain a more verbose\nstring suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a\ncontroller faces that are expected to be fixed automatically over\ntime (like service outages), but instead indicate that something is\nfundamentally wrong with the MachineTemplate's spec or the configuration of\nthe machine controller, and that manual intervention is required. Examples\nof terminal errors would be invalid combinations of settings in the\nspec, values that are unsupported by the machine controller, or the\nresponsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines\ncan be added as events to the MachineSet object and/or logged in the\ncontroller's output.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details." type: "string" fullyLabeledReplicas: - description: "The number of replicas that have labels matching the labels of the machine template of the MachineSet." + description: "fullyLabeledReplicas is the number of replicas that have labels matching the labels of the machine template of the MachineSet.\n\nDeprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details." format: "int32" type: "integer" observedGeneration: @@ -297,7 +305,7 @@ spec: format: "int64" type: "integer" readyReplicas: - description: "The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\"." + description: "readyReplicas is the number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\"." format: "int32" type: "integer" replicas: diff --git a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddressclaims.yaml b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddressclaims.yaml index ad4149e8f..6a05c1707 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddressclaims.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddressclaims.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "ipaddressclaims.ipam.cluster.x-k8s.io" spec: group: "ipam.cluster.x-k8s.io" @@ -82,14 +82,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddresses.yaml b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddresses.yaml index 575dbf593..814d4c988 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddresses.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1alpha1/ipaddresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "ipaddresses.ipam.cluster.x-k8s.io" spec: group: "ipam.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddressclaims.yaml b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddressclaims.yaml index 877285a35..748fb0d2a 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddressclaims.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddressclaims.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "ipaddressclaims.ipam.cluster.x-k8s.io" spec: group: "ipam.cluster.x-k8s.io" @@ -85,14 +85,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." diff --git a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddresses.yaml b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddresses.yaml index a71dcc21c..642fd16a6 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddresses.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/ipam.cluster.x-k8s.io/v1beta1/ipaddresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "ipaddresses.ipam.cluster.x-k8s.io" spec: group: "ipam.cluster.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/cluster-api/runtime.cluster.x-k8s.io/v1alpha1/extensionconfigs.yaml b/crd-catalog/kubernetes-sigs/cluster-api/runtime.cluster.x-k8s.io/v1alpha1/extensionconfigs.yaml index a61763426..830cd078e 100644 --- a/crd-catalog/kubernetes-sigs/cluster-api/runtime.cluster.x-k8s.io/v1alpha1/extensionconfigs.yaml +++ b/crd-catalog/kubernetes-sigs/cluster-api/runtime.cluster.x-k8s.io/v1alpha1/extensionconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "extensionconfigs.runtime.cluster.x-k8s.io" spec: group: "runtime.cluster.x-k8s.io" @@ -36,7 +36,7 @@ spec: metadata: type: "object" spec: - description: "ExtensionConfigSpec is the desired state of the ExtensionConfig" + description: "spec is the desired state of the ExtensionConfig" properties: clientConfig: description: "clientConfig defines how to communicate with the Extension server." @@ -111,7 +111,7 @@ spec: - "clientConfig" type: "object" status: - description: "ExtensionConfigStatus is the current state of the ExtensionConfig" + description: "status is the current state of the ExtensionConfig" properties: conditions: description: "conditions define the current service state of the ExtensionConfig." @@ -119,14 +119,14 @@ spec: description: "Condition defines an observation of a Cluster API resource operational state." properties: lastTransitionTime: - description: "Last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when\nthe API field changed is acceptable." format: "date-time" type: "string" message: - description: "A human readable message indicating details about the transition.\nThis field may be empty." + description: "message is a human readable message indicating details about the transition.\nThis field may be empty." type: "string" reason: - description: "The reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." + description: "reason is the reason for the condition's last transition in CamelCase.\nThe specific API may choose whether or not this field is considered a guaranteed API.\nThis field may be empty." type: "string" severity: description: "severity provides an explicit classification of Reason code, so the users or machines can immediately\nunderstand the current situation and act accordingly.\nThe Severity field MUST be set only when Status=False." @@ -179,6 +179,58 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + v1beta2: + description: "v1beta2 groups all the fields that will be added or modified in ExtensionConfig's status with the V1Beta2 version." + properties: + conditions: + description: "conditions represents the observations of a ExtensionConfig's current state.\nKnown condition types are Discovered, Paused." + items: + description: "Condition contains details for one aspect of the current state of this API Resource." + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase." + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + maxItems: 32 + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + type: "object" type: "object" type: "object" served: true diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gatewayclasses.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gatewayclasses.yaml index 196807404..2163b2d55 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gatewayclasses.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gatewayclasses.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "gatewayclasses.gateway.networking.k8s.io" spec: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml index 85864c59a..68da1847d 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/gateways.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "gateways.gateway.networking.k8s.io" spec: @@ -49,7 +49,7 @@ spec: description: "Spec defines the desired state of Gateway." properties: addresses: - description: "Addresses requested for this Gateway. This is optional and behavior can\ndepend on the implementation. If a value is set in the spec and the\nrequested address is invalid or unavailable, the implementation MUST\nindicate this in the associated entry in GatewayStatus.Addresses.\n\nThe Addresses field represents a request for the address(es) on the\n\"outside of the Gateway\", that traffic bound for this Gateway will use.\nThis could be the IP address or hostname of an external load balancer or\nother networking infrastructure, or some other address that traffic will\nbe sent to.\n\nIf no Addresses are specified, the implementation MAY schedule the\nGateway in an implementation-specific manner, assigning an appropriate\nset of Addresses.\n\nThe implementation MUST bind all Listeners to every GatewayAddress that\nit assigns to the Gateway and add a corresponding entry in\nGatewayStatus.Addresses.\n\nSupport: Extended\n\n" + description: "Addresses requested for this Gateway. This is optional and behavior can\ndepend on the implementation. If a value is set in the spec and the\nrequested address is invalid or unavailable, the implementation MUST\nindicate this in the associated entry in GatewayStatus.Addresses.\n\nThe Addresses field represents a request for the address(es) on the\n\"outside of the Gateway\", that traffic bound for this Gateway will use.\nThis could be the IP address or hostname of an external load balancer or\nother networking infrastructure, or some other address that traffic will\nbe sent to.\n\nIf no Addresses are specified, the implementation MAY schedule the\nGateway in an implementation-specific manner, assigning an appropriate\nset of Addresses.\n\nThe implementation MUST bind all Listeners to every GatewayAddress that\nit assigns to the Gateway and add a corresponding entry in\nGatewayStatus.Addresses.\n\nSupport: Extended" items: description: "GatewayAddress describes an address that can be bound to a Gateway." oneOf: @@ -130,7 +130,7 @@ spec: - message: "If specified, the label key's prefix must be a DNS subdomain not longer than 253 characters in total." rule: "self.all(key, key.split(\"/\")[0].size() < 253)" parametersRef: - description: "ParametersRef is a reference to a resource that contains the configuration\nparameters corresponding to the Gateway. This is optional if the\ncontroller does not require any additional configuration.\n\nThis follows the same semantics as GatewayClass's `parametersRef`, but on a per-Gateway basis\n\nThe Gateway's GatewayClass may provide its own `parametersRef`. When both are specified,\nthe merging behavior is implementation specific.\nIt is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway.\n\nSupport: Implementation-specific" + description: "ParametersRef is a reference to a resource that contains the configuration\nparameters corresponding to the Gateway. This is optional if the\ncontroller does not require any additional configuration.\n\nThis follows the same semantics as GatewayClass's `parametersRef`, but on a per-Gateway basis\n\nThe Gateway's GatewayClass may provide its own `parametersRef`. When both are specified,\nthe merging behavior is implementation specific.\nIt is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway.\n\nIf the referent cannot be found, refers to an unsupported kind, or when\nthe data within that resource is malformed, the Gateway SHOULD be\nrejected with the \"Accepted\" status condition set to \"False\" and an\n\"InvalidParameters\" reason.\n\nSupport: Implementation-specific" properties: group: description: "Group is the group of the referent." @@ -155,7 +155,7 @@ spec: type: "object" type: "object" listeners: - description: "Listeners associated with this Gateway. Listeners define\nlogical endpoints that are bound on this Gateway's addresses.\nAt least one Listener MUST be specified.\n\nEach Listener in a set of Listeners (for example, in a single Gateway)\nMUST be _distinct_, in that a traffic flow MUST be able to be assigned to\nexactly one listener. (This section uses \"set of Listeners\" rather than\n\"Listeners in a single Gateway\" because implementations MAY merge configuration\nfrom multiple Gateways onto a single data plane, and these rules _also_\napply in that case).\n\nPractically, this means that each listener in a set MUST have a unique\ncombination of Port, Protocol, and, if supported by the protocol, Hostname.\n\nSome combinations of port, protocol, and TLS settings are considered\nCore support and MUST be supported by implementations based on their\ntargeted conformance profile:\n\nHTTP Profile\n\n1. HTTPRoute, Port: 80, Protocol: HTTP\n2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided\n\nTLS Profile\n\n1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough\n\n\"Distinct\" Listeners have the following property:\n\nThe implementation can match inbound requests to a single distinct\nListener. When multiple Listeners share values for fields (for\nexample, two Listeners with the same Port value), the implementation\ncan match requests to only one of the Listeners using other\nListener fields.\n\nFor example, the following Listener scenarios are distinct:\n\n1. Multiple Listeners with the same Port that all use the \"HTTP\"\n Protocol that all have unique Hostname values.\n2. Multiple Listeners with the same Port that use either the \"HTTPS\" or\n \"TLS\" Protocol that all have unique Hostname values.\n3. A mixture of \"TCP\" and \"UDP\" Protocol Listeners, where no Listener\n with the same Protocol has the same Port value.\n\nSome fields in the Listener struct have possible values that affect\nwhether the Listener is distinct. Hostname is particularly relevant\nfor HTTP or HTTPS protocols.\n\nWhen using the Hostname value to select between same-Port, same-Protocol\nListeners, the Hostname value must be different on each Listener for the\nListener to be distinct.\n\nWhen the Listeners are distinct based on Hostname, inbound request\nhostnames MUST match from the most specific to least specific Hostname\nvalues to choose the correct Listener and its associated set of Routes.\n\nExact matches must be processed before wildcard matches, and wildcard\nmatches must be processed before fallback (empty Hostname value)\nmatches. For example, `\"foo.example.com\"` takes precedence over\n`\"*.example.com\"`, and `\"*.example.com\"` takes precedence over `\"\"`.\n\nAdditionally, if there are multiple wildcard entries, more specific\nwildcard entries must be processed before less specific wildcard entries.\nFor example, `\"*.foo.example.com\"` takes precedence over `\"*.example.com\"`.\nThe precise definition here is that the higher the number of dots in the\nhostname to the right of the wildcard character, the higher the precedence.\n\nThe wildcard character will match any number of characters _and dots_ to\nthe left, however, so `\"*.example.com\"` will match both\n`\"foo.bar.example.com\"` _and_ `\"bar.example.com\"`.\n\nIf a set of Listeners contains Listeners that are not distinct, then those\nListeners are Conflicted, and the implementation MUST set the \"Conflicted\"\ncondition in the Listener Status to \"True\".\n\nImplementations MAY choose to accept a Gateway with some Conflicted\nListeners only if they only accept the partial Listener set that contains\nno Conflicted Listeners. To put this another way, implementations may\naccept a partial Listener set only if they throw out *all* the conflicting\nListeners. No picking one of the conflicting listeners as the winner.\nThis also means that the Gateway must have at least one non-conflicting\nListener in this case, otherwise it violates the requirement that at\nleast one Listener must be present.\n\nThe implementation MUST set a \"ListenersNotValid\" condition on the\nGateway Status when the Gateway contains Conflicted Listeners whether or\nnot they accept the Gateway. That Condition SHOULD clearly\nindicate in the Message which Listeners are conflicted, and which are\nAccepted. Additionally, the Listener status for those listeners SHOULD\nindicate which Listeners are conflicted and not Accepted.\n\nA Gateway's Listeners are considered \"compatible\" if:\n\n1. They are distinct.\n2. The implementation can serve them in compliance with the Addresses\n requirement that all Listeners are available on all assigned\n addresses.\n\nCompatible combinations in Extended support are expected to vary across\nimplementations. A combination that is compatible for one implementation\nmay not be compatible for another.\n\nFor example, an implementation that cannot serve both TCP and UDP listeners\non the same address, or cannot mix HTTPS and generic TLS listens on the same port\nwould not consider those cases compatible, even though they are distinct.\n\nNote that requests SHOULD match at most one Listener. For example, if\nListeners are defined for \"foo.example.com\" and \"*.example.com\", a\nrequest to \"foo.example.com\" SHOULD only be routed using routes attached\nto the \"foo.example.com\" Listener (and not the \"*.example.com\" Listener).\nThis concept is known as \"Listener Isolation\". Implementations that do\nnot support Listener Isolation MUST clearly document this.\n\nImplementations MAY merge separate Gateways onto a single set of\nAddresses if all Listeners across all Gateways are compatible.\n\nSupport: Core" + description: "Listeners associated with this Gateway. Listeners define\nlogical endpoints that are bound on this Gateway's addresses.\nAt least one Listener MUST be specified.\n\n## Distinct Listeners\n\nEach Listener in a set of Listeners (for example, in a single Gateway)\nMUST be _distinct_, in that a traffic flow MUST be able to be assigned to\nexactly one listener. (This section uses \"set of Listeners\" rather than\n\"Listeners in a single Gateway\" because implementations MAY merge configuration\nfrom multiple Gateways onto a single data plane, and these rules _also_\napply in that case).\n\nPractically, this means that each listener in a set MUST have a unique\ncombination of Port, Protocol, and, if supported by the protocol, Hostname.\n\nSome combinations of port, protocol, and TLS settings are considered\nCore support and MUST be supported by implementations based on the objects\nthey support:\n\nHTTPRoute\n\n1. HTTPRoute, Port: 80, Protocol: HTTP\n2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided\n\nTLSRoute\n\n1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough\n\n\"Distinct\" Listeners have the following property:\n\n**The implementation can match inbound requests to a single distinct\nListener**.\n\nWhen multiple Listeners share values for fields (for\nexample, two Listeners with the same Port value), the implementation\ncan match requests to only one of the Listeners using other\nListener fields.\n\nWhen multiple listeners have the same value for the Protocol field, then\neach of the Listeners with matching Protocol values MUST have different\nvalues for other fields.\n\nThe set of fields that MUST be different for a Listener differs per protocol.\nThe following rules define the rules for what fields MUST be considered for\nListeners to be distinct with each protocol currently defined in the\nGateway API spec.\n\nThe set of listeners that all share a protocol value MUST have _different_\nvalues for _at least one_ of these fields to be distinct:\n\n* **HTTP, HTTPS, TLS**: Port, Hostname\n* **TCP, UDP**: Port\n\nOne **very** important rule to call out involves what happens when an\nimplementation:\n\n* Supports TCP protocol Listeners, as well as HTTP, HTTPS, or TLS protocol\n Listeners, and\n* sees HTTP, HTTPS, or TLS protocols with the same `port` as one with TCP\n Protocol.\n\nIn this case all the Listeners that share a port with the\nTCP Listener are not distinct and so MUST NOT be accepted.\n\nIf an implementation does not support TCP Protocol Listeners, then the\nprevious rule does not apply, and the TCP Listeners SHOULD NOT be\naccepted.\n\nNote that the `tls` field is not used for determining if a listener is distinct, because\nListeners that _only_ differ on TLS config will still conflict in all cases.\n\n### Listeners that are distinct only by Hostname\n\nWhen the Listeners are distinct based only on Hostname, inbound request\nhostnames MUST match from the most specific to least specific Hostname\nvalues to choose the correct Listener and its associated set of Routes.\n\nExact matches MUST be processed before wildcard matches, and wildcard\nmatches MUST be processed before fallback (empty Hostname value)\nmatches. For example, `\"foo.example.com\"` takes precedence over\n`\"*.example.com\"`, and `\"*.example.com\"` takes precedence over `\"\"`.\n\nAdditionally, if there are multiple wildcard entries, more specific\nwildcard entries must be processed before less specific wildcard entries.\nFor example, `\"*.foo.example.com\"` takes precedence over `\"*.example.com\"`.\n\nThe precise definition here is that the higher the number of dots in the\nhostname to the right of the wildcard character, the higher the precedence.\n\nThe wildcard character will match any number of characters _and dots_ to\nthe left, however, so `\"*.example.com\"` will match both\n`\"foo.bar.example.com\"` _and_ `\"bar.example.com\"`.\n\n## Handling indistinct Listeners\n\nIf a set of Listeners contains Listeners that are not distinct, then those\nListeners are _Conflicted_, and the implementation MUST set the \"Conflicted\"\ncondition in the Listener Status to \"True\".\n\nThe words \"indistinct\" and \"conflicted\" are considered equivalent for the\npurpose of this documentation.\n\nImplementations MAY choose to accept a Gateway with some Conflicted\nListeners only if they only accept the partial Listener set that contains\nno Conflicted Listeners.\n\nSpecifically, an implementation MAY accept a partial Listener set subject to\nthe following rules:\n\n* The implementation MUST NOT pick one conflicting Listener as the winner.\n ALL indistinct Listeners must not be accepted for processing.\n* At least one distinct Listener MUST be present, or else the Gateway effectively\n contains _no_ Listeners, and must be rejected from processing as a whole.\n\nThe implementation MUST set a \"ListenersNotValid\" condition on the\nGateway Status when the Gateway contains Conflicted Listeners whether or\nnot they accept the Gateway. That Condition SHOULD clearly\nindicate in the Message which Listeners are conflicted, and which are\nAccepted. Additionally, the Listener status for those listeners SHOULD\nindicate which Listeners are conflicted and not Accepted.\n\n## General Listener behavior\n\nNote that, for all distinct Listeners, requests SHOULD match at most one Listener.\nFor example, if Listeners are defined for \"foo.example.com\" and \"*.example.com\", a\nrequest to \"foo.example.com\" SHOULD only be routed using routes attached\nto the \"foo.example.com\" Listener (and not the \"*.example.com\" Listener).\n\nThis concept is known as \"Listener Isolation\", and it is an Extended feature\nof Gateway API. Implementations that do not support Listener Isolation MUST\nclearly document this, and MUST NOT claim support for the\n`GatewayHTTPListenerIsolation` feature.\n\nImplementations that _do_ support Listener Isolation SHOULD claim support\nfor the Extended `GatewayHTTPListenerIsolation` feature and pass the associated\nconformance tests.\n\n## Compatible Listeners\n\nA Gateway's Listeners are considered _compatible_ if:\n\n1. They are distinct.\n2. The implementation can serve them in compliance with the Addresses\n requirement that all Listeners are available on all assigned\n addresses.\n\nCompatible combinations in Extended support are expected to vary across\nimplementations. A combination that is compatible for one implementation\nmay not be compatible for another.\n\nFor example, an implementation that cannot serve both TCP and UDP listeners\non the same address, or cannot mix HTTPS and generic TLS listens on the same port\nwould not consider those cases compatible, even though they are distinct.\n\nImplementations MAY merge separate Gateways onto a single set of\nAddresses if all Listeners across all Gateways are compatible.\n\nIn a future release the MinItems=1 requirement MAY be dropped.\n\nSupport: Core" items: description: "Listener embodies the concept of a logical endpoint where a Gateway accepts\nnetwork connections." properties: @@ -199,6 +199,7 @@ spec: - "All" - "Selector" - "Same" + - "None" type: "string" selector: description: "Selector must be specified when From is set to \"Selector\". In that case,\nonly Routes in Namespaces matching this Selector will be selected by this\nGateway. This field is ignored for other values of \"From\".\n\nSupport: Core" @@ -236,7 +237,7 @@ spec: type: "object" type: "object" hostname: - description: "Hostname specifies the virtual hostname to match for protocol types that\ndefine this concept. When unspecified, all hostnames are matched. This\nfield is ignored for protocols that don't require hostname based\nmatching.\n\nImplementations MUST apply Hostname matching appropriately for each of\nthe following protocols:\n\n* TLS: The Listener Hostname MUST match the SNI.\n* HTTP: The Listener Hostname MUST match the Host header of the request.\n* HTTPS: The Listener Hostname SHOULD match at both the TLS and HTTP\n protocol layers as described above. If an implementation does not\n ensure that both the SNI and Host header match the Listener hostname,\n it MUST clearly document that.\n\nFor HTTPRoute and TLSRoute resources, there is an interaction with the\n`spec.hostnames` array. When both listener and route specify hostnames,\nthere MUST be an intersection between the values for a Route to be\naccepted. For more information, refer to the Route specific Hostnames\ndocumentation.\n\nHostnames that are prefixed with a wildcard label (`*.`) are interpreted\nas a suffix match. That means that a match for `*.example.com` would match\nboth `test.example.com`, and `foo.test.example.com`, but not `example.com`.\n\nSupport: Core" + description: "Hostname specifies the virtual hostname to match for protocol types that\ndefine this concept. When unspecified, all hostnames are matched. This\nfield is ignored for protocols that don't require hostname based\nmatching.\n\nImplementations MUST apply Hostname matching appropriately for each of\nthe following protocols:\n\n* TLS: The Listener Hostname MUST match the SNI.\n* HTTP: The Listener Hostname MUST match the Host header of the request.\n* HTTPS: The Listener Hostname SHOULD match both the SNI and Host header.\n Note that this does not require the SNI and Host header to be the same.\n The semantics of this are described in more detail below.\n\nTo ensure security, Section 11.1 of RFC-6066 emphasizes that server\nimplementations that rely on SNI hostname matching MUST also verify\nhostnames within the application protocol.\n\nSection 9.1.2 of RFC-7540 provides a mechanism for servers to reject the\nreuse of a connection by responding with the HTTP 421 Misdirected Request\nstatus code. This indicates that the origin server has rejected the\nrequest because it appears to have been misdirected.\n\nTo detect misdirected requests, Gateways SHOULD match the authority of\nthe requests with all the SNI hostname(s) configured across all the\nGateway Listeners on the same port and protocol:\n\n* If another Listener has an exact match or more specific wildcard entry,\n the Gateway SHOULD return a 421.\n* If the current Listener (selected by SNI matching during ClientHello)\n does not match the Host:\n * If another Listener does match the Host the Gateway SHOULD return a\n 421.\n * If no other Listener matches the Host, the Gateway MUST return a\n 404.\n\nFor HTTPRoute and TLSRoute resources, there is an interaction with the\n`spec.hostnames` array. When both listener and route specify hostnames,\nthere MUST be an intersection between the values for a Route to be\naccepted. For more information, refer to the Route specific Hostnames\ndocumentation.\n\nHostnames that are prefixed with a wildcard label (`*.`) are interpreted\nas a suffix match. That means that a match for `*.example.com` would match\nboth `test.example.com`, and `foo.test.example.com`, but not `example.com`.\n\nSupport: Core" maxLength: 253 minLength: 1 pattern: "^(\\*\\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" @@ -358,7 +359,7 @@ spec: description: "Status defines the current state of Gateway." properties: addresses: - description: "Addresses lists the network addresses that have been bound to the\nGateway.\n\nThis list may differ from the addresses provided in the spec under some\nconditions:\n\n * no addresses are specified, all addresses are dynamically assigned\n * a combination of specified and dynamic addresses are assigned\n * a specified address was unusable (e.g. already in use)\n\n" + description: "Addresses lists the network addresses that have been bound to the\nGateway.\n\nThis list may differ from the addresses provided in the spec under some\nconditions:\n\n * no addresses are specified, all addresses are dynamically assigned\n * a combination of specified and dynamic addresses are assigned\n * a specified address was unusable (e.g. already in use)" items: description: "GatewayStatusAddress describes a network address that is bound to a Gateway." oneOf: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/grpcroutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/grpcroutes.yaml index 8cdcf117d..fe2672a74 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/grpcroutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/grpcroutes.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "grpcroutes.gateway.networking.k8s.io" spec: @@ -51,7 +51,7 @@ spec: maxItems: 16 type: "array" parentRefs: - description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\n\n\n\n\n" + description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference." items: description: "ParentReference identifies an API object (usually a Gateway) that can be considered\na parent of this resource (usually a route). There are two kinds of parent resources\nwith \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid." properties: @@ -74,13 +74,13 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\n\nSupport: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\nSupport: Core" maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -102,14 +102,14 @@ spec: - message: "sectionName must be unique when parentRefs includes 2 or more references to the same parent" rule: "self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName == '')) || (has(p1.sectionName) && has(p2.sectionName) && p1.sectionName == p2.sectionName))))" rules: - description: "Rules are a list of GRPC matchers, filters and actions.\n\n" + description: "Rules are a list of GRPC matchers, filters and actions." items: description: "GRPCRouteRule defines the semantics for matching a gRPC request based on\nconditions (matches), processing it (filters), and forwarding the request to\nan API object (backendRefs)." properties: backendRefs: description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive an `UNAVAILABLE` status.\n\nSee the GRPCBackendRef definition for the rules about what makes a single\nGRPCBackendRef invalid.\n\nWhen a GRPCBackendRef is invalid, `UNAVAILABLE` statuses MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive an `UNAVAILABLE` status.\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic MUST receive an `UNAVAILABLE` status.\nImplementations may choose how that 50 percent is determined.\n\nSupport: Core for Kubernetes Service\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Core" items: - description: "GRPCBackendRef defines how a GRPCRoute forwards a gRPC request.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n" + description: "GRPCBackendRef defines how a GRPCRoute forwards a gRPC request.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details." properties: filters: description: "Filters defined at this level MUST be executed if and only if the\nrequest is being forwarded to the backend defined here.\n\nSupport: Implementation-specific (For broader support of filters, use the\nFilters field in GRPCRouteRule.)" @@ -149,7 +149,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -181,7 +181,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -202,7 +202,7 @@ spec: x-kubernetes-list-type: "map" type: "object" requestMirror: - description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended\n\n" + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" properties: backendRef: description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" @@ -255,7 +255,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -287,7 +287,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -308,7 +308,7 @@ spec: x-kubernetes-list-type: "map" type: "object" type: - description: "Type identifies the type of filter to apply. As with other API fields,\ntypes are classified into three conformance levels:\n\n- Core: Filter types and their corresponding configuration defined by\n \"Support: Core\" in this package, e.g. \"RequestHeaderModifier\". All\n implementations supporting GRPCRoute MUST support core filters.\n\n- Extended: Filter types and their corresponding configuration defined by\n \"Support: Extended\" in this package, e.g. \"RequestMirror\". Implementers\n are encouraged to support extended filters.\n\n- Implementation-specific: Filters that are defined and supported by specific vendors.\n In the future, filters showing convergence in behavior across multiple\n implementations will be considered for inclusion in extended or core\n conformance levels. Filter-specific configuration for such filters\n is specified using the ExtensionRef field. `Type` MUST be set to\n \"ExtensionRef\" for custom filters.\n\nImplementers are encouraged to define custom implementation types to\nextend the core API with implementation-specific behavior.\n\nIf a reference to a custom filter type cannot be resolved, the filter\nMUST NOT be skipped. Instead, requests that would have been processed by\nthat filter MUST receive a HTTP error response.\n\n" + description: "Type identifies the type of filter to apply. As with other API fields,\ntypes are classified into three conformance levels:\n\n- Core: Filter types and their corresponding configuration defined by\n \"Support: Core\" in this package, e.g. \"RequestHeaderModifier\". All\n implementations supporting GRPCRoute MUST support core filters.\n\n- Extended: Filter types and their corresponding configuration defined by\n \"Support: Extended\" in this package, e.g. \"RequestMirror\". Implementers\n are encouraged to support extended filters.\n\n- Implementation-specific: Filters that are defined and supported by specific vendors.\n In the future, filters showing convergence in behavior across multiple\n implementations will be considered for inclusion in extended or core\n conformance levels. Filter-specific configuration for such filters\n is specified using the ExtensionRef field. `Type` MUST be set to\n \"ExtensionRef\" for custom filters.\n\nImplementers are encouraged to define custom implementation types to\nextend the core API with implementation-specific behavior.\n\nIf a reference to a custom filter type cannot be resolved, the filter\nMUST NOT be skipped. Instead, requests that would have been processed by\nthat filter MUST receive a HTTP error response." enum: - "ResponseHeaderModifier" - "RequestHeaderModifier" @@ -388,7 +388,7 @@ spec: maxItems: 16 type: "array" filters: - description: "Filters define the filters that are applied to requests that match\nthis rule.\n\nThe effects of ordering of multiple behaviors are currently unspecified.\nThis can change in the future based on feedback during the alpha stage.\n\nConformance-levels at this level are defined based on the type of filter:\n\n- ALL core filters MUST be supported by all implementations that support\n GRPCRoute.\n- Implementers are encouraged to support extended filters.\n- Implementation-specific custom filters have no API guarantees across\n implementations.\n\nSpecifying the same filter multiple times is not supported unless explicitly\nindicated in the filter.\n\nIf an implementation can not support a combination of filters, it must clearly\ndocument that limitation. In cases where incompatible or unsupported\nfilters are specified and cause the `Accepted` condition to be set to status\n`False`, implementations may use the `IncompatibleFilters` reason to specify\nthis configuration error.\n\nSupport: Core" + description: "Filters define the filters that are applied to requests that match\nthis rule.\n\nThe effects of ordering of multiple behaviors are currently unspecified.\nThis can change in the future based on feedback during the alpha stage.\n\nConformance-levels at this level are defined based on the type of filter:\n\n- ALL core filters MUST be supported by all implementations that support\n GRPCRoute.\n- Implementers are encouraged to support extended filters.\n- Implementation-specific custom filters have no API guarantees across\n implementations.\n\nSpecifying the same filter multiple times is not supported unless explicitly\nindicated in the filter.\n\nIf an implementation cannot support a combination of filters, it must clearly\ndocument that limitation. In cases where incompatible or unsupported\nfilters are specified and cause the `Accepted` condition to be set to status\n`False`, implementations may use the `IncompatibleFilters` reason to specify\nthis configuration error.\n\nSupport: Core" items: description: "GRPCRouteFilter defines processing steps that must be completed during the\nrequest or response lifecycle. GRPCRouteFilters are meant as an extension\npoint to express processing that may be done in Gateway implementations. Some\nexamples include request or response modification, implementing\nauthentication strategies, rate-limiting, and traffic shaping. API\nguarantee/conformance is defined based on the type of the filter." properties: @@ -425,7 +425,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -457,7 +457,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -478,7 +478,7 @@ spec: x-kubernetes-list-type: "map" type: "object" requestMirror: - description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended\n\n" + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" properties: backendRef: description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" @@ -531,7 +531,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -563,7 +563,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -584,7 +584,7 @@ spec: x-kubernetes-list-type: "map" type: "object" type: - description: "Type identifies the type of filter to apply. As with other API fields,\ntypes are classified into three conformance levels:\n\n- Core: Filter types and their corresponding configuration defined by\n \"Support: Core\" in this package, e.g. \"RequestHeaderModifier\". All\n implementations supporting GRPCRoute MUST support core filters.\n\n- Extended: Filter types and their corresponding configuration defined by\n \"Support: Extended\" in this package, e.g. \"RequestMirror\". Implementers\n are encouraged to support extended filters.\n\n- Implementation-specific: Filters that are defined and supported by specific vendors.\n In the future, filters showing convergence in behavior across multiple\n implementations will be considered for inclusion in extended or core\n conformance levels. Filter-specific configuration for such filters\n is specified using the ExtensionRef field. `Type` MUST be set to\n \"ExtensionRef\" for custom filters.\n\nImplementers are encouraged to define custom implementation types to\nextend the core API with implementation-specific behavior.\n\nIf a reference to a custom filter type cannot be resolved, the filter\nMUST NOT be skipped. Instead, requests that would have been processed by\nthat filter MUST receive a HTTP error response.\n\n" + description: "Type identifies the type of filter to apply. As with other API fields,\ntypes are classified into three conformance levels:\n\n- Core: Filter types and their corresponding configuration defined by\n \"Support: Core\" in this package, e.g. \"RequestHeaderModifier\". All\n implementations supporting GRPCRoute MUST support core filters.\n\n- Extended: Filter types and their corresponding configuration defined by\n \"Support: Extended\" in this package, e.g. \"RequestMirror\". Implementers\n are encouraged to support extended filters.\n\n- Implementation-specific: Filters that are defined and supported by specific vendors.\n In the future, filters showing convergence in behavior across multiple\n implementations will be considered for inclusion in extended or core\n conformance levels. Filter-specific configuration for such filters\n is specified using the ExtensionRef field. `Type` MUST be set to\n \"ExtensionRef\" for custom filters.\n\nImplementers are encouraged to define custom implementation types to\nextend the core API with implementation-specific behavior.\n\nIf a reference to a custom filter type cannot be resolved, the filter\nMUST NOT be skipped. Instead, requests that would have been processed by\nthat filter MUST receive a HTTP error response." enum: - "ResponseHeaderModifier" - "RequestHeaderModifier" @@ -700,7 +700,7 @@ spec: description: "RouteParentStatus describes the status of a route with respect to an\nassociated Parent." properties: conditions: - description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a non-existent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." + description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a nonexistent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: @@ -776,13 +776,13 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\n\nSupport: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\nSupport: Core" maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml index 49016ef51..bccdaacd6 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "httproutes.gateway.networking.k8s.io" spec: @@ -51,7 +51,7 @@ spec: maxItems: 16 type: "array" parentRefs: - description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\n\n\n\n\n" + description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference." items: description: "ParentReference identifies an API object (usually a Gateway) that can be considered\na parent of this resource (usually a route). There are two kinds of parent resources\nwith \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid." properties: @@ -74,13 +74,13 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\n\nSupport: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\nSupport: Core" maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -107,14 +107,14 @@ spec: - path: type: "PathPrefix" value: "/" - description: "Rules are a list of HTTP matchers, filters and actions.\n\n" + description: "Rules are a list of HTTP matchers, filters and actions." items: description: "HTTPRouteRule defines semantics for matching an HTTP request based on\nconditions (matches), processing it (filters), and forwarding the request to\nan API object (backendRefs)." properties: backendRefs: description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive a 500 status code.\n\nSee the HTTPBackendRef definition for the rules about what makes a single\nHTTPBackendRef invalid.\n\nWhen a HTTPBackendRef is invalid, 500 status codes MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive a 500 status code.\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic must receive a 500. Implementations may\nchoose how that 50 percent is determined.\n\nWhen a HTTPBackendRef refers to a Service that has no ready endpoints,\nimplementations SHOULD return a 503 for requests to that backend instead.\nIf an implementation chooses to do this, all of the above rules for 500 responses\nMUST also apply for responses that return a 503.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Core" items: - description: "HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n" + description: "HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details." properties: filters: description: "Filters defined at this level should be executed if and only if the\nrequest is being forwarded to the backend defined here.\n\nSupport: Implementation-specific (For broader support of filters, use the\nFilters field in HTTPRouteRule.)" @@ -154,7 +154,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -186,7 +186,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -207,7 +207,7 @@ spec: x-kubernetes-list-type: "map" type: "object" requestMirror: - description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended\n\n" + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" properties: backendRef: description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" @@ -318,7 +318,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -350,7 +350,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -508,7 +508,7 @@ spec: maxItems: 16 type: "array" filters: - description: "Filters define the filters that are applied to requests that match\nthis rule.\n\nWherever possible, implementations SHOULD implement filters in the order\nthey are specified.\n\nImplementations MAY choose to implement this ordering strictly, rejecting\nany combination or order of filters that can not be supported. If implementations\nchoose a strict interpretation of filter ordering, they MUST clearly document\nthat behavior.\n\nTo reject an invalid combination or order of filters, implementations SHOULD\nconsider the Route Rules with this configuration invalid. If all Route Rules\nin a Route are invalid, the entire Route would be considered invalid. If only\na portion of Route Rules are invalid, implementations MUST set the\n\"PartiallyInvalid\" condition for the Route.\n\nConformance-levels at this level are defined based on the type of filter:\n\n- ALL core filters MUST be supported by all implementations.\n- Implementers are encouraged to support extended filters.\n- Implementation-specific custom filters have no API guarantees across\n implementations.\n\nSpecifying the same filter multiple times is not supported unless explicitly\nindicated in the filter.\n\nAll filters are expected to be compatible with each other except for the\nURLRewrite and RequestRedirect filters, which may not be combined. If an\nimplementation can not support other combinations of filters, they must clearly\ndocument that limitation. In cases where incompatible or unsupported\nfilters are specified and cause the `Accepted` condition to be set to status\n`False`, implementations may use the `IncompatibleFilters` reason to specify\nthis configuration error.\n\nSupport: Core" + description: "Filters define the filters that are applied to requests that match\nthis rule.\n\nWherever possible, implementations SHOULD implement filters in the order\nthey are specified.\n\nImplementations MAY choose to implement this ordering strictly, rejecting\nany combination or order of filters that cannot be supported. If implementations\nchoose a strict interpretation of filter ordering, they MUST clearly document\nthat behavior.\n\nTo reject an invalid combination or order of filters, implementations SHOULD\nconsider the Route Rules with this configuration invalid. If all Route Rules\nin a Route are invalid, the entire Route would be considered invalid. If only\na portion of Route Rules are invalid, implementations MUST set the\n\"PartiallyInvalid\" condition for the Route.\n\nConformance-levels at this level are defined based on the type of filter:\n\n- ALL core filters MUST be supported by all implementations.\n- Implementers are encouraged to support extended filters.\n- Implementation-specific custom filters have no API guarantees across\n implementations.\n\nSpecifying the same filter multiple times is not supported unless explicitly\nindicated in the filter.\n\nAll filters are expected to be compatible with each other except for the\nURLRewrite and RequestRedirect filters, which may not be combined. If an\nimplementation cannot support other combinations of filters, they must clearly\ndocument that limitation. In cases where incompatible or unsupported\nfilters are specified and cause the `Accepted` condition to be set to status\n`False`, implementations may use the `IncompatibleFilters` reason to specify\nthis configuration error.\n\nSupport: Core" items: description: "HTTPRouteFilter defines processing steps that must be completed during the\nrequest or response lifecycle. HTTPRouteFilters are meant as an extension\npoint to express processing that may be done in Gateway implementations. Some\nexamples include request or response modification, implementing\nauthentication strategies, rate-limiting, and traffic shaping. API\nguarantee/conformance is defined based on the type of the filter." properties: @@ -545,7 +545,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -577,7 +577,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -598,7 +598,7 @@ spec: x-kubernetes-list-type: "map" type: "object" requestMirror: - description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended\n\n" + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" properties: backendRef: description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" @@ -709,7 +709,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -741,7 +741,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -866,7 +866,7 @@ spec: description: "HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request\nheaders." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, only the first\nentry with an equivalent name MUST be considered for a match. Subsequent\nentries with an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent.\n\nWhen a header is repeated in an HTTP request, it is\nimplementation-specific behavior as to how this is represented.\nGenerally, proxies should follow the guidance from the RFC:\nhttps://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding\nprocessing a repeated header, with special handling for \"Set-Cookie\"." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, only the first\nentry with an equivalent name MUST be considered for a match. Subsequent\nentries with an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent.\n\nWhen a header is repeated in an HTTP request, it is\nimplementation-specific behavior as to how this is represented.\nGenerally, proxies should follow the guidance from the RFC:\nhttps://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding\nprocessing a repeated header, with special handling for \"Set-Cookie\"." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -1025,7 +1025,7 @@ spec: description: "RouteParentStatus describes the status of a route with respect to an\nassociated Parent." properties: conditions: - description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a non-existent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." + description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a nonexistent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: @@ -1101,13 +1101,13 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\n\nSupport: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\nSupport: Core" maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/backendlbpolicies.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/backendlbpolicies.yaml index d595daf99..45f651a71 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/backendlbpolicies.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/backendlbpolicies.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "experimental" labels: gateway.networking.k8s.io/policy: "Direct" @@ -53,7 +53,7 @@ spec: properties: lifetimeType: default: "Session" - description: "LifetimeType specifies whether the cookie has a permanent or\nsession-based lifetime. A permanent cookie persists until its\nspecified expiry time, defined by the Expires or Max-Age cookie\nattributes, while a session cookie is deleted when the current\nsession ends.\n\nWhen set to \"Permanent\", AbsoluteTimeout indicates the\ncookie's lifetime via the Expires or Max-Age cookie attributes\nand is required.\n\nWhen set to \"Session\", AbsoluteTimeout indicates the\nabsolute lifetime of the cookie tracked by the gateway and\nis optional.\n\nSupport: Core for \"Session\" type\n\nSupport: Extended for \"Permanent\" type" + description: "LifetimeType specifies whether the cookie has a permanent or\nsession-based lifetime. A permanent cookie persists until its\nspecified expiry time, defined by the Expires or Max-Age cookie\nattributes, while a session cookie is deleted when the current\nsession ends.\n\nWhen set to \"Permanent\", AbsoluteTimeout indicates the\ncookie's lifetime via the Expires or Max-Age cookie attributes\nand is required.\n\nWhen set to \"Session\", AbsoluteTimeout indicates the\nabsolute lifetime of the cookie tracked by the gateway and\nis optional.\n\nDefaults to \"Session\".\n\nSupport: Core for \"Session\" type\n\nSupport: Extended for \"Permanent\" type" enum: - "Permanent" - "Session" diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml index 109417a13..aab0a0f3d 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tcproutes.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "experimental" name: "tcproutes.gateway.networking.k8s.io" spec: @@ -38,7 +38,7 @@ spec: description: "Spec defines the desired state of TCPRoute." properties: parentRefs: - description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route.\n\n\n\n\n\n" + description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route." items: description: "ParentReference identifies an API object (usually a Gateway) that can be considered\na parent of this resource (usually a route). There are two kinds of parent resources\nwith \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid." properties: @@ -89,14 +89,14 @@ spec: - message: "sectionName or port must be unique when parentRefs includes 2 or more references to the same parent" rule: "self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName == '')) || ( has(p1.sectionName) && has(p2.sectionName) && p1.sectionName == p2.sectionName)) && (((!has(p1.port) || p1.port == 0) && (!has(p2.port) || p2.port == 0)) || (has(p1.port) && has(p2.port) && p1.port == p2.port))))" rules: - description: "Rules are a list of TCP matchers and actions.\n\n" + description: "Rules are a list of TCP matchers and actions." items: description: "TCPRouteRule is the configuration for a given rule." properties: backendRefs: - description: "BackendRefs defines the backend(s) where matching requests should be\nsent. If unspecified or invalid (refers to a non-existent resource or a\nService with no endpoints), the underlying implementation MUST actively\nreject connection attempts to this backend. Connection rejections must\nrespect weight; if an invalid backend is requested to have 80% of\nconnections, then 80% of connections must be rejected instead.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Extended" + description: "BackendRefs defines the backend(s) where matching requests should be\nsent. If unspecified or invalid (refers to a nonexistent resource or a\nService with no endpoints), the underlying implementation MUST actively\nreject connection attempts to this backend. Connection rejections must\nrespect weight; if an invalid backend is requested to have 80% of\nconnections, then 80% of connections must be rejected instead.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Extended" items: - description: "BackendRef defines how a Route should forward a request to a Kubernetes\nresource.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\n\nNote that when the BackendTLSPolicy object is enabled by the implementation,\nthere are some extra rules about validity to consider here. See the fields\nwhere this struct is used for more information about the exact behavior." + description: "BackendRef defines how a Route should forward a request to a Kubernetes\nresource.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\nNote that when the BackendTLSPolicy object is enabled by the implementation,\nthere are some extra rules about validity to consider here. See the fields\nwhere this struct is used for more information about the exact behavior." properties: group: default: "" @@ -169,7 +169,7 @@ spec: description: "RouteParentStatus describes the status of a route with respect to an\nassociated Parent." properties: conditions: - description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a non-existent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." + description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a nonexistent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml index 4ec2039b6..e0495ba31 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/tlsroutes.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "experimental" name: "tlsroutes.gateway.networking.k8s.io" spec: @@ -48,7 +48,7 @@ spec: maxItems: 16 type: "array" parentRefs: - description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route.\n\n\n\n\n\n" + description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route." items: description: "ParentReference identifies an API object (usually a Gateway) that can be considered\na parent of this resource (usually a route). There are two kinds of parent resources\nwith \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid." properties: @@ -99,14 +99,14 @@ spec: - message: "sectionName or port must be unique when parentRefs includes 2 or more references to the same parent" rule: "self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName == '')) || ( has(p1.sectionName) && has(p2.sectionName) && p1.sectionName == p2.sectionName)) && (((!has(p1.port) || p1.port == 0) && (!has(p2.port) || p2.port == 0)) || (has(p1.port) && has(p2.port) && p1.port == p2.port))))" rules: - description: "Rules are a list of TLS matchers and actions.\n\n" + description: "Rules are a list of TLS matchers and actions." items: description: "TLSRouteRule is the configuration for a given rule." properties: backendRefs: - description: "BackendRefs defines the backend(s) where matching requests should be\nsent. If unspecified or invalid (refers to a non-existent resource or\na Service with no endpoints), the rule performs no forwarding; if no\nfilters are specified that would result in a response being sent, the\nunderlying implementation must actively reject request attempts to this\nbackend, by rejecting the connection or returning a 500 status code.\nRequest rejections must respect weight; if an invalid backend is\nrequested to have 80% of requests, then 80% of requests must be rejected\ninstead.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Extended" + description: "BackendRefs defines the backend(s) where matching requests should be\nsent. If unspecified or invalid (refers to a nonexistent resource or\na Service with no endpoints), the rule performs no forwarding; if no\nfilters are specified that would result in a response being sent, the\nunderlying implementation must actively reject request attempts to this\nbackend, by rejecting the connection or returning a 500 status code.\nRequest rejections must respect weight; if an invalid backend is\nrequested to have 80% of requests, then 80% of requests must be rejected\ninstead.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Extended" items: - description: "BackendRef defines how a Route should forward a request to a Kubernetes\nresource.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\n\nNote that when the BackendTLSPolicy object is enabled by the implementation,\nthere are some extra rules about validity to consider here. See the fields\nwhere this struct is used for more information about the exact behavior." + description: "BackendRef defines how a Route should forward a request to a Kubernetes\nresource.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\nNote that when the BackendTLSPolicy object is enabled by the implementation,\nthere are some extra rules about validity to consider here. See the fields\nwhere this struct is used for more information about the exact behavior." properties: group: default: "" @@ -179,7 +179,7 @@ spec: description: "RouteParentStatus describes the status of a route with respect to an\nassociated Parent." properties: conditions: - description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a non-existent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." + description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a nonexistent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml index 97a252a40..34f8dfc5d 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha2/udproutes.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "experimental" name: "udproutes.gateway.networking.k8s.io" spec: @@ -38,7 +38,7 @@ spec: description: "Spec defines the desired state of UDPRoute." properties: parentRefs: - description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route.\n\n\n\n\n\n" + description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route." items: description: "ParentReference identifies an API object (usually a Gateway) that can be considered\na parent of this resource (usually a route). There are two kinds of parent resources\nwith \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid." properties: @@ -89,14 +89,14 @@ spec: - message: "sectionName or port must be unique when parentRefs includes 2 or more references to the same parent" rule: "self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName == '')) || ( has(p1.sectionName) && has(p2.sectionName) && p1.sectionName == p2.sectionName)) && (((!has(p1.port) || p1.port == 0) && (!has(p2.port) || p2.port == 0)) || (has(p1.port) && has(p2.port) && p1.port == p2.port))))" rules: - description: "Rules are a list of UDP matchers and actions.\n\n" + description: "Rules are a list of UDP matchers and actions." items: description: "UDPRouteRule is the configuration for a given rule." properties: backendRefs: - description: "BackendRefs defines the backend(s) where matching requests should be\nsent. If unspecified or invalid (refers to a non-existent resource or a\nService with no endpoints), the underlying implementation MUST actively\nreject connection attempts to this backend. Packet drops must\nrespect weight; if an invalid backend is requested to have 80% of\nthe packets, then 80% of packets must be dropped instead.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Extended" + description: "BackendRefs defines the backend(s) where matching requests should be\nsent. If unspecified or invalid (refers to a nonexistent resource or a\nService with no endpoints), the underlying implementation MUST actively\nreject connection attempts to this backend. Packet drops must\nrespect weight; if an invalid backend is requested to have 80% of\nthe packets, then 80% of packets must be dropped instead.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Extended" items: - description: "BackendRef defines how a Route should forward a request to a Kubernetes\nresource.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\n\nNote that when the BackendTLSPolicy object is enabled by the implementation,\nthere are some extra rules about validity to consider here. See the fields\nwhere this struct is used for more information about the exact behavior." + description: "BackendRef defines how a Route should forward a request to a Kubernetes\nresource.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n\nNote that when the BackendTLSPolicy object is enabled by the implementation,\nthere are some extra rules about validity to consider here. See the fields\nwhere this struct is used for more information about the exact behavior." properties: group: default: "" @@ -169,7 +169,7 @@ spec: description: "RouteParentStatus describes the status of a route with respect to an\nassociated Parent." properties: conditions: - description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a non-existent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." + description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a nonexistent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml index 90ada969b..bfae1f8e7 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1alpha3/backendtlspolicies.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "experimental" labels: gateway.networking.k8s.io/policy: "Direct" @@ -51,7 +51,7 @@ spec: maxProperties: 16 type: "object" targetRefs: - description: "TargetRefs identifies an API object to apply the policy to.\nOnly Services have Extended support. Implementations MAY support\nadditional objects, with Implementation Specific support.\nNote that this config applies to the entire referenced resource\nby default, but this default may change in the future to provide\na more granular application of the policy.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" + description: "TargetRefs identifies an API object to apply the policy to.\nOnly Services have Extended support. Implementations MAY support\nadditional objects, with Implementation Specific support.\nNote that this config applies to the entire referenced resource\nby default, but this default may change in the future to provide\na more granular application of the policy.\n\nTargetRefs must be _distinct_. This means either that:\n\n* They select different targets. If this is the case, then targetRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, and `name` must\n be unique across all targetRef entries in the BackendTLSPolicy.\n* They select different sectionNames in the same target.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" items: description: "LocalPolicyTargetReferenceWithSectionName identifies an API object to apply a\ndirect policy to. This should be used as part of Policy resources that can\ntarget single resources. For more information on how this policy attachment\nmode works, and a sample Policy resource, refer to the policy attachment\ndocumentation for Gateway API.\n\nNote: This should only be used for direct policy attachment when references\nto SectionName are actually needed. In all other cases,\nLocalPolicyTargetReference should be used." properties: @@ -85,11 +85,16 @@ spec: maxItems: 16 minItems: 1 type: "array" + x-kubernetes-validations: + - message: "sectionName must be specified when targetRefs includes 2 or more references to the same target" + rule: "self.all(p1, self.all(p2, p1.group == p2.group && p1.kind == p2.kind && p1.name == p2.name ? ((!has(p1.sectionName) || p1.sectionName == '') == (!has(p2.sectionName) || p2.sectionName == '')) : true))" + - message: "sectionName must be unique when targetRefs includes 2 or more references to the same target" + rule: "self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind == p2.kind && p1.name == p2.name && (((!has(p1.sectionName) || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName == '')) || (has(p1.sectionName) && has(p2.sectionName) && p1.sectionName == p2.sectionName))))" validation: description: "Validation contains backend TLS validation configuration." properties: caCertificateRefs: - description: "CACertificateRefs contains one or more references to Kubernetes objects that\ncontain a PEM-encoded TLS CA certificate bundle, which is used to\nvalidate a TLS handshake between the Gateway and backend Pod.\n\nIf CACertificateRefs is empty or unspecified, then WellKnownCACertificates must be\nspecified. Only one of CACertificateRefs or WellKnownCACertificates may be specified,\nnot both. If CACertifcateRefs is empty or unspecified, the configuration for\nWellKnownCACertificates MUST be honored instead if supported by the implementation.\n\nReferences to a resource in a different namespace are invalid for the\nmoment, although we will revisit this in the future.\n\nA single CACertificateRef to a Kubernetes ConfigMap kind has \"Core\" support.\nImplementations MAY choose to support attaching multiple certificates to\na backend, but this behavior is implementation-specific.\n\nSupport: Core - An optional single reference to a Kubernetes ConfigMap,\nwith the CA certificate in a key named `ca.crt`.\n\nSupport: Implementation-specific (More than one reference, or other kinds\nof resources)." + description: "CACertificateRefs contains one or more references to Kubernetes objects that\ncontain a PEM-encoded TLS CA certificate bundle, which is used to\nvalidate a TLS handshake between the Gateway and backend Pod.\n\nIf CACertificateRefs is empty or unspecified, then WellKnownCACertificates must be\nspecified. Only one of CACertificateRefs or WellKnownCACertificates may be specified,\nnot both. If CACertificateRefs is empty or unspecified, the configuration for\nWellKnownCACertificates MUST be honored instead if supported by the implementation.\n\nReferences to a resource in a different namespace are invalid for the\nmoment, although we will revisit this in the future.\n\nA single CACertificateRef to a Kubernetes ConfigMap kind has \"Core\" support.\nImplementations MAY choose to support attaching multiple certificates to\na backend, but this behavior is implementation-specific.\n\nSupport: Core - An optional single reference to a Kubernetes ConfigMap,\nwith the CA certificate in a key named `ca.crt`.\n\nSupport: Implementation-specific (More than one reference, or other kinds\nof resources)." items: description: "LocalObjectReference identifies an API object within the namespace of the\nreferrer.\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid.\n\nReferences to objects with invalid Group and Kind are not valid, and must\nbe rejected by the implementation, with appropriate Conditions set\non the containing object." properties: @@ -117,13 +122,13 @@ spec: maxItems: 8 type: "array" hostname: - description: "Hostname is used for two purposes in the connection between Gateways and\nbackends:\n\n1. Hostname MUST be used as the SNI to connect to the backend (RFC 6066).\n2. If SubjectAltNames is not specified, Hostname MUST be used for\n authentication and MUST match the certificate served by the matching\n backend.\n\nSupport: Core" + description: "Hostname is used for two purposes in the connection between Gateways and\nbackends:\n\n1. Hostname MUST be used as the SNI to connect to the backend (RFC 6066).\n2. Hostname MUST be used for authentication and MUST match the certificate served by the matching backend, unless SubjectAltNames is specified.\n authentication and MUST match the certificate served by the matching\n backend.\n\nSupport: Core" maxLength: 253 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" subjectAltNames: - description: "SubjectAltNames contains one or more Subject Alternative Names.\nWhen specified, the certificate served from the backend MUST have at least one\nSubject Alternate Name matching one of the specified SubjectAltNames.\n\nSupport: Core" + description: "SubjectAltNames contains one or more Subject Alternative Names.\nWhen specified the certificate served from the backend MUST\nhave at least one Subject Alternate Name matching one of the specified SubjectAltNames.\n\nSupport: Extended" items: description: "SubjectAltName represents Subject Alternative Name." properties: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gatewayclasses.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gatewayclasses.yaml index d8318a3e6..78ba1858a 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gatewayclasses.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gatewayclasses.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "gatewayclasses.gateway.networking.k8s.io" spec: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml index 229cdc39e..b378d1672 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/gateways.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "gateways.gateway.networking.k8s.io" spec: @@ -49,7 +49,7 @@ spec: description: "Spec defines the desired state of Gateway." properties: addresses: - description: "Addresses requested for this Gateway. This is optional and behavior can\ndepend on the implementation. If a value is set in the spec and the\nrequested address is invalid or unavailable, the implementation MUST\nindicate this in the associated entry in GatewayStatus.Addresses.\n\nThe Addresses field represents a request for the address(es) on the\n\"outside of the Gateway\", that traffic bound for this Gateway will use.\nThis could be the IP address or hostname of an external load balancer or\nother networking infrastructure, or some other address that traffic will\nbe sent to.\n\nIf no Addresses are specified, the implementation MAY schedule the\nGateway in an implementation-specific manner, assigning an appropriate\nset of Addresses.\n\nThe implementation MUST bind all Listeners to every GatewayAddress that\nit assigns to the Gateway and add a corresponding entry in\nGatewayStatus.Addresses.\n\nSupport: Extended\n\n" + description: "Addresses requested for this Gateway. This is optional and behavior can\ndepend on the implementation. If a value is set in the spec and the\nrequested address is invalid or unavailable, the implementation MUST\nindicate this in the associated entry in GatewayStatus.Addresses.\n\nThe Addresses field represents a request for the address(es) on the\n\"outside of the Gateway\", that traffic bound for this Gateway will use.\nThis could be the IP address or hostname of an external load balancer or\nother networking infrastructure, or some other address that traffic will\nbe sent to.\n\nIf no Addresses are specified, the implementation MAY schedule the\nGateway in an implementation-specific manner, assigning an appropriate\nset of Addresses.\n\nThe implementation MUST bind all Listeners to every GatewayAddress that\nit assigns to the Gateway and add a corresponding entry in\nGatewayStatus.Addresses.\n\nSupport: Extended" items: description: "GatewayAddress describes an address that can be bound to a Gateway." oneOf: @@ -130,7 +130,7 @@ spec: - message: "If specified, the label key's prefix must be a DNS subdomain not longer than 253 characters in total." rule: "self.all(key, key.split(\"/\")[0].size() < 253)" parametersRef: - description: "ParametersRef is a reference to a resource that contains the configuration\nparameters corresponding to the Gateway. This is optional if the\ncontroller does not require any additional configuration.\n\nThis follows the same semantics as GatewayClass's `parametersRef`, but on a per-Gateway basis\n\nThe Gateway's GatewayClass may provide its own `parametersRef`. When both are specified,\nthe merging behavior is implementation specific.\nIt is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway.\n\nSupport: Implementation-specific" + description: "ParametersRef is a reference to a resource that contains the configuration\nparameters corresponding to the Gateway. This is optional if the\ncontroller does not require any additional configuration.\n\nThis follows the same semantics as GatewayClass's `parametersRef`, but on a per-Gateway basis\n\nThe Gateway's GatewayClass may provide its own `parametersRef`. When both are specified,\nthe merging behavior is implementation specific.\nIt is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway.\n\nIf the referent cannot be found, refers to an unsupported kind, or when\nthe data within that resource is malformed, the Gateway SHOULD be\nrejected with the \"Accepted\" status condition set to \"False\" and an\n\"InvalidParameters\" reason.\n\nSupport: Implementation-specific" properties: group: description: "Group is the group of the referent." @@ -155,7 +155,7 @@ spec: type: "object" type: "object" listeners: - description: "Listeners associated with this Gateway. Listeners define\nlogical endpoints that are bound on this Gateway's addresses.\nAt least one Listener MUST be specified.\n\nEach Listener in a set of Listeners (for example, in a single Gateway)\nMUST be _distinct_, in that a traffic flow MUST be able to be assigned to\nexactly one listener. (This section uses \"set of Listeners\" rather than\n\"Listeners in a single Gateway\" because implementations MAY merge configuration\nfrom multiple Gateways onto a single data plane, and these rules _also_\napply in that case).\n\nPractically, this means that each listener in a set MUST have a unique\ncombination of Port, Protocol, and, if supported by the protocol, Hostname.\n\nSome combinations of port, protocol, and TLS settings are considered\nCore support and MUST be supported by implementations based on their\ntargeted conformance profile:\n\nHTTP Profile\n\n1. HTTPRoute, Port: 80, Protocol: HTTP\n2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided\n\nTLS Profile\n\n1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough\n\n\"Distinct\" Listeners have the following property:\n\nThe implementation can match inbound requests to a single distinct\nListener. When multiple Listeners share values for fields (for\nexample, two Listeners with the same Port value), the implementation\ncan match requests to only one of the Listeners using other\nListener fields.\n\nFor example, the following Listener scenarios are distinct:\n\n1. Multiple Listeners with the same Port that all use the \"HTTP\"\n Protocol that all have unique Hostname values.\n2. Multiple Listeners with the same Port that use either the \"HTTPS\" or\n \"TLS\" Protocol that all have unique Hostname values.\n3. A mixture of \"TCP\" and \"UDP\" Protocol Listeners, where no Listener\n with the same Protocol has the same Port value.\n\nSome fields in the Listener struct have possible values that affect\nwhether the Listener is distinct. Hostname is particularly relevant\nfor HTTP or HTTPS protocols.\n\nWhen using the Hostname value to select between same-Port, same-Protocol\nListeners, the Hostname value must be different on each Listener for the\nListener to be distinct.\n\nWhen the Listeners are distinct based on Hostname, inbound request\nhostnames MUST match from the most specific to least specific Hostname\nvalues to choose the correct Listener and its associated set of Routes.\n\nExact matches must be processed before wildcard matches, and wildcard\nmatches must be processed before fallback (empty Hostname value)\nmatches. For example, `\"foo.example.com\"` takes precedence over\n`\"*.example.com\"`, and `\"*.example.com\"` takes precedence over `\"\"`.\n\nAdditionally, if there are multiple wildcard entries, more specific\nwildcard entries must be processed before less specific wildcard entries.\nFor example, `\"*.foo.example.com\"` takes precedence over `\"*.example.com\"`.\nThe precise definition here is that the higher the number of dots in the\nhostname to the right of the wildcard character, the higher the precedence.\n\nThe wildcard character will match any number of characters _and dots_ to\nthe left, however, so `\"*.example.com\"` will match both\n`\"foo.bar.example.com\"` _and_ `\"bar.example.com\"`.\n\nIf a set of Listeners contains Listeners that are not distinct, then those\nListeners are Conflicted, and the implementation MUST set the \"Conflicted\"\ncondition in the Listener Status to \"True\".\n\nImplementations MAY choose to accept a Gateway with some Conflicted\nListeners only if they only accept the partial Listener set that contains\nno Conflicted Listeners. To put this another way, implementations may\naccept a partial Listener set only if they throw out *all* the conflicting\nListeners. No picking one of the conflicting listeners as the winner.\nThis also means that the Gateway must have at least one non-conflicting\nListener in this case, otherwise it violates the requirement that at\nleast one Listener must be present.\n\nThe implementation MUST set a \"ListenersNotValid\" condition on the\nGateway Status when the Gateway contains Conflicted Listeners whether or\nnot they accept the Gateway. That Condition SHOULD clearly\nindicate in the Message which Listeners are conflicted, and which are\nAccepted. Additionally, the Listener status for those listeners SHOULD\nindicate which Listeners are conflicted and not Accepted.\n\nA Gateway's Listeners are considered \"compatible\" if:\n\n1. They are distinct.\n2. The implementation can serve them in compliance with the Addresses\n requirement that all Listeners are available on all assigned\n addresses.\n\nCompatible combinations in Extended support are expected to vary across\nimplementations. A combination that is compatible for one implementation\nmay not be compatible for another.\n\nFor example, an implementation that cannot serve both TCP and UDP listeners\non the same address, or cannot mix HTTPS and generic TLS listens on the same port\nwould not consider those cases compatible, even though they are distinct.\n\nNote that requests SHOULD match at most one Listener. For example, if\nListeners are defined for \"foo.example.com\" and \"*.example.com\", a\nrequest to \"foo.example.com\" SHOULD only be routed using routes attached\nto the \"foo.example.com\" Listener (and not the \"*.example.com\" Listener).\nThis concept is known as \"Listener Isolation\". Implementations that do\nnot support Listener Isolation MUST clearly document this.\n\nImplementations MAY merge separate Gateways onto a single set of\nAddresses if all Listeners across all Gateways are compatible.\n\nSupport: Core" + description: "Listeners associated with this Gateway. Listeners define\nlogical endpoints that are bound on this Gateway's addresses.\nAt least one Listener MUST be specified.\n\n## Distinct Listeners\n\nEach Listener in a set of Listeners (for example, in a single Gateway)\nMUST be _distinct_, in that a traffic flow MUST be able to be assigned to\nexactly one listener. (This section uses \"set of Listeners\" rather than\n\"Listeners in a single Gateway\" because implementations MAY merge configuration\nfrom multiple Gateways onto a single data plane, and these rules _also_\napply in that case).\n\nPractically, this means that each listener in a set MUST have a unique\ncombination of Port, Protocol, and, if supported by the protocol, Hostname.\n\nSome combinations of port, protocol, and TLS settings are considered\nCore support and MUST be supported by implementations based on the objects\nthey support:\n\nHTTPRoute\n\n1. HTTPRoute, Port: 80, Protocol: HTTP\n2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided\n\nTLSRoute\n\n1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough\n\n\"Distinct\" Listeners have the following property:\n\n**The implementation can match inbound requests to a single distinct\nListener**.\n\nWhen multiple Listeners share values for fields (for\nexample, two Listeners with the same Port value), the implementation\ncan match requests to only one of the Listeners using other\nListener fields.\n\nWhen multiple listeners have the same value for the Protocol field, then\neach of the Listeners with matching Protocol values MUST have different\nvalues for other fields.\n\nThe set of fields that MUST be different for a Listener differs per protocol.\nThe following rules define the rules for what fields MUST be considered for\nListeners to be distinct with each protocol currently defined in the\nGateway API spec.\n\nThe set of listeners that all share a protocol value MUST have _different_\nvalues for _at least one_ of these fields to be distinct:\n\n* **HTTP, HTTPS, TLS**: Port, Hostname\n* **TCP, UDP**: Port\n\nOne **very** important rule to call out involves what happens when an\nimplementation:\n\n* Supports TCP protocol Listeners, as well as HTTP, HTTPS, or TLS protocol\n Listeners, and\n* sees HTTP, HTTPS, or TLS protocols with the same `port` as one with TCP\n Protocol.\n\nIn this case all the Listeners that share a port with the\nTCP Listener are not distinct and so MUST NOT be accepted.\n\nIf an implementation does not support TCP Protocol Listeners, then the\nprevious rule does not apply, and the TCP Listeners SHOULD NOT be\naccepted.\n\nNote that the `tls` field is not used for determining if a listener is distinct, because\nListeners that _only_ differ on TLS config will still conflict in all cases.\n\n### Listeners that are distinct only by Hostname\n\nWhen the Listeners are distinct based only on Hostname, inbound request\nhostnames MUST match from the most specific to least specific Hostname\nvalues to choose the correct Listener and its associated set of Routes.\n\nExact matches MUST be processed before wildcard matches, and wildcard\nmatches MUST be processed before fallback (empty Hostname value)\nmatches. For example, `\"foo.example.com\"` takes precedence over\n`\"*.example.com\"`, and `\"*.example.com\"` takes precedence over `\"\"`.\n\nAdditionally, if there are multiple wildcard entries, more specific\nwildcard entries must be processed before less specific wildcard entries.\nFor example, `\"*.foo.example.com\"` takes precedence over `\"*.example.com\"`.\n\nThe precise definition here is that the higher the number of dots in the\nhostname to the right of the wildcard character, the higher the precedence.\n\nThe wildcard character will match any number of characters _and dots_ to\nthe left, however, so `\"*.example.com\"` will match both\n`\"foo.bar.example.com\"` _and_ `\"bar.example.com\"`.\n\n## Handling indistinct Listeners\n\nIf a set of Listeners contains Listeners that are not distinct, then those\nListeners are _Conflicted_, and the implementation MUST set the \"Conflicted\"\ncondition in the Listener Status to \"True\".\n\nThe words \"indistinct\" and \"conflicted\" are considered equivalent for the\npurpose of this documentation.\n\nImplementations MAY choose to accept a Gateway with some Conflicted\nListeners only if they only accept the partial Listener set that contains\nno Conflicted Listeners.\n\nSpecifically, an implementation MAY accept a partial Listener set subject to\nthe following rules:\n\n* The implementation MUST NOT pick one conflicting Listener as the winner.\n ALL indistinct Listeners must not be accepted for processing.\n* At least one distinct Listener MUST be present, or else the Gateway effectively\n contains _no_ Listeners, and must be rejected from processing as a whole.\n\nThe implementation MUST set a \"ListenersNotValid\" condition on the\nGateway Status when the Gateway contains Conflicted Listeners whether or\nnot they accept the Gateway. That Condition SHOULD clearly\nindicate in the Message which Listeners are conflicted, and which are\nAccepted. Additionally, the Listener status for those listeners SHOULD\nindicate which Listeners are conflicted and not Accepted.\n\n## General Listener behavior\n\nNote that, for all distinct Listeners, requests SHOULD match at most one Listener.\nFor example, if Listeners are defined for \"foo.example.com\" and \"*.example.com\", a\nrequest to \"foo.example.com\" SHOULD only be routed using routes attached\nto the \"foo.example.com\" Listener (and not the \"*.example.com\" Listener).\n\nThis concept is known as \"Listener Isolation\", and it is an Extended feature\nof Gateway API. Implementations that do not support Listener Isolation MUST\nclearly document this, and MUST NOT claim support for the\n`GatewayHTTPListenerIsolation` feature.\n\nImplementations that _do_ support Listener Isolation SHOULD claim support\nfor the Extended `GatewayHTTPListenerIsolation` feature and pass the associated\nconformance tests.\n\n## Compatible Listeners\n\nA Gateway's Listeners are considered _compatible_ if:\n\n1. They are distinct.\n2. The implementation can serve them in compliance with the Addresses\n requirement that all Listeners are available on all assigned\n addresses.\n\nCompatible combinations in Extended support are expected to vary across\nimplementations. A combination that is compatible for one implementation\nmay not be compatible for another.\n\nFor example, an implementation that cannot serve both TCP and UDP listeners\non the same address, or cannot mix HTTPS and generic TLS listens on the same port\nwould not consider those cases compatible, even though they are distinct.\n\nImplementations MAY merge separate Gateways onto a single set of\nAddresses if all Listeners across all Gateways are compatible.\n\nIn a future release the MinItems=1 requirement MAY be dropped.\n\nSupport: Core" items: description: "Listener embodies the concept of a logical endpoint where a Gateway accepts\nnetwork connections." properties: @@ -199,6 +199,7 @@ spec: - "All" - "Selector" - "Same" + - "None" type: "string" selector: description: "Selector must be specified when From is set to \"Selector\". In that case,\nonly Routes in Namespaces matching this Selector will be selected by this\nGateway. This field is ignored for other values of \"From\".\n\nSupport: Core" @@ -236,7 +237,7 @@ spec: type: "object" type: "object" hostname: - description: "Hostname specifies the virtual hostname to match for protocol types that\ndefine this concept. When unspecified, all hostnames are matched. This\nfield is ignored for protocols that don't require hostname based\nmatching.\n\nImplementations MUST apply Hostname matching appropriately for each of\nthe following protocols:\n\n* TLS: The Listener Hostname MUST match the SNI.\n* HTTP: The Listener Hostname MUST match the Host header of the request.\n* HTTPS: The Listener Hostname SHOULD match at both the TLS and HTTP\n protocol layers as described above. If an implementation does not\n ensure that both the SNI and Host header match the Listener hostname,\n it MUST clearly document that.\n\nFor HTTPRoute and TLSRoute resources, there is an interaction with the\n`spec.hostnames` array. When both listener and route specify hostnames,\nthere MUST be an intersection between the values for a Route to be\naccepted. For more information, refer to the Route specific Hostnames\ndocumentation.\n\nHostnames that are prefixed with a wildcard label (`*.`) are interpreted\nas a suffix match. That means that a match for `*.example.com` would match\nboth `test.example.com`, and `foo.test.example.com`, but not `example.com`.\n\nSupport: Core" + description: "Hostname specifies the virtual hostname to match for protocol types that\ndefine this concept. When unspecified, all hostnames are matched. This\nfield is ignored for protocols that don't require hostname based\nmatching.\n\nImplementations MUST apply Hostname matching appropriately for each of\nthe following protocols:\n\n* TLS: The Listener Hostname MUST match the SNI.\n* HTTP: The Listener Hostname MUST match the Host header of the request.\n* HTTPS: The Listener Hostname SHOULD match both the SNI and Host header.\n Note that this does not require the SNI and Host header to be the same.\n The semantics of this are described in more detail below.\n\nTo ensure security, Section 11.1 of RFC-6066 emphasizes that server\nimplementations that rely on SNI hostname matching MUST also verify\nhostnames within the application protocol.\n\nSection 9.1.2 of RFC-7540 provides a mechanism for servers to reject the\nreuse of a connection by responding with the HTTP 421 Misdirected Request\nstatus code. This indicates that the origin server has rejected the\nrequest because it appears to have been misdirected.\n\nTo detect misdirected requests, Gateways SHOULD match the authority of\nthe requests with all the SNI hostname(s) configured across all the\nGateway Listeners on the same port and protocol:\n\n* If another Listener has an exact match or more specific wildcard entry,\n the Gateway SHOULD return a 421.\n* If the current Listener (selected by SNI matching during ClientHello)\n does not match the Host:\n * If another Listener does match the Host the Gateway SHOULD return a\n 421.\n * If no other Listener matches the Host, the Gateway MUST return a\n 404.\n\nFor HTTPRoute and TLSRoute resources, there is an interaction with the\n`spec.hostnames` array. When both listener and route specify hostnames,\nthere MUST be an intersection between the values for a Route to be\naccepted. For more information, refer to the Route specific Hostnames\ndocumentation.\n\nHostnames that are prefixed with a wildcard label (`*.`) are interpreted\nas a suffix match. That means that a match for `*.example.com` would match\nboth `test.example.com`, and `foo.test.example.com`, but not `example.com`.\n\nSupport: Core" maxLength: 253 minLength: 1 pattern: "^(\\*\\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" @@ -358,7 +359,7 @@ spec: description: "Status defines the current state of Gateway." properties: addresses: - description: "Addresses lists the network addresses that have been bound to the\nGateway.\n\nThis list may differ from the addresses provided in the spec under some\nconditions:\n\n * no addresses are specified, all addresses are dynamically assigned\n * a combination of specified and dynamic addresses are assigned\n * a specified address was unusable (e.g. already in use)\n\n" + description: "Addresses lists the network addresses that have been bound to the\nGateway.\n\nThis list may differ from the addresses provided in the spec under some\nconditions:\n\n * no addresses are specified, all addresses are dynamically assigned\n * a combination of specified and dynamic addresses are assigned\n * a specified address was unusable (e.g. already in use)" items: description: "GatewayStatusAddress describes a network address that is bound to a Gateway." oneOf: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml index 05b4fc08a..a93ddf1b8 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "httproutes.gateway.networking.k8s.io" spec: @@ -51,7 +51,7 @@ spec: maxItems: 16 type: "array" parentRefs: - description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference.\n\n\n\n\n\n\n" + description: "ParentRefs references the resources (usually Gateways) that a Route wants\nto be attached to. Note that the referenced parent resource needs to\nallow this for the attachment to be complete. For Gateways, that means\nthe Gateway needs to allow attachment from Routes of this kind and\nnamespace. For Services, that means the Service must either be in the same\nnamespace for a \"producer\" route, or the mesh implementation must support\nand allow \"consumer\" routes for the referenced Service. ReferenceGrant is\nnot applicable for governing ParentRefs to Services - it is not possible to\ncreate a \"producer\" route for a Service in a different namespace from the\nRoute.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nParentRefs must be _distinct_. This means either that:\n\n* They select different objects. If this is the case, then parentRef\n entries are distinct. In terms of fields, this means that the\n multi-part key defined by `group`, `kind`, `namespace`, and `name` must\n be unique across all parentRef entries in the Route.\n* They do not select different objects, but for each optional field used,\n each ParentRef that selects the same object must set the same set of\n optional fields to different values. If one ParentRef sets a\n combination of optional fields, all must set the same combination.\n\nSome examples:\n\n* If one ParentRef sets `sectionName`, all ParentRefs referencing the\n same object must also set `sectionName`.\n* If one ParentRef sets `port`, all ParentRefs referencing the same\n object must also set `port`.\n* If one ParentRef sets `sectionName` and `port`, all ParentRefs\n referencing the same object must also set `sectionName` and `port`.\n\nIt is possible to separately reference multiple distinct objects that may\nbe collapsed by an implementation. For example, some implementations may\nchoose to merge compatible Gateway Listeners together. If that is the\ncase, the list of routes attached to those resources should also be\nmerged.\n\nNote that for ParentRefs that cross namespace boundaries, there are specific\nrules. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example,\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable other kinds of cross-namespace reference." items: description: "ParentReference identifies an API object (usually a Gateway) that can be considered\na parent of this resource (usually a route). There are two kinds of parent resources\nwith \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nThis API may be extended in the future to support additional kinds of parent\nresources.\n\nThe API object must be valid in the cluster; the Group and Kind must\nbe registered in the cluster for this reference to be valid." properties: @@ -74,13 +74,13 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\n\nSupport: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\nSupport: Core" maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -107,14 +107,14 @@ spec: - path: type: "PathPrefix" value: "/" - description: "Rules are a list of HTTP matchers, filters and actions.\n\n" + description: "Rules are a list of HTTP matchers, filters and actions." items: description: "HTTPRouteRule defines semantics for matching an HTTP request based on\nconditions (matches), processing it (filters), and forwarding the request to\nan API object (backendRefs)." properties: backendRefs: description: "BackendRefs defines the backend(s) where matching requests should be\nsent.\n\nFailure behavior here depends on how many BackendRefs are specified and\nhow many are invalid.\n\nIf *all* entries in BackendRefs are invalid, and there are also no filters\nspecified in this route rule, *all* traffic which matches this rule MUST\nreceive a 500 status code.\n\nSee the HTTPBackendRef definition for the rules about what makes a single\nHTTPBackendRef invalid.\n\nWhen a HTTPBackendRef is invalid, 500 status codes MUST be returned for\nrequests that would have otherwise been routed to an invalid backend. If\nmultiple backends are specified, and some are invalid, the proportion of\nrequests that would otherwise have been routed to an invalid backend\nMUST receive a 500 status code.\n\nFor example, if two backends are specified with equal weights, and one is\ninvalid, 50 percent of traffic must receive a 500. Implementations may\nchoose how that 50 percent is determined.\n\nWhen a HTTPBackendRef refers to a Service that has no ready endpoints,\nimplementations SHOULD return a 503 for requests to that backend instead.\nIf an implementation chooses to do this, all of the above rules for 500 responses\nMUST also apply for responses that return a 503.\n\nSupport: Core for Kubernetes Service\n\nSupport: Extended for Kubernetes ServiceImport\n\nSupport: Implementation-specific for any other resource\n\nSupport for weight: Core" items: - description: "HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details.\n\n\n\nWhen the BackendRef points to a Kubernetes Service, implementations SHOULD\nhonor the appProtocol field if it is set for the target Service Port.\n\nImplementations supporting appProtocol SHOULD recognize the Kubernetes\nStandard Application Protocols defined in KEP-3726.\n\nIf a Service appProtocol isn't specified, an implementation MAY infer the\nbackend protocol through its own means. Implementations MAY infer the\nprotocol from the Route type referring to the backend Service.\n\nIf a Route is not able to send traffic to the backend using the specified\nprotocol then the backend is considered invalid. Implementations MUST set the\n\"ResolvedRefs\" condition to \"False\" with the \"UnsupportedProtocol\" reason.\n\n" + description: "HTTPBackendRef defines how a HTTPRoute forwards a HTTP request.\n\nNote that when a namespace different than the local namespace is specified, a\nReferenceGrant object is required in the referent namespace to allow that\nnamespace's owner to accept the reference. See the ReferenceGrant\ndocumentation for details." properties: filters: description: "Filters defined at this level should be executed if and only if the\nrequest is being forwarded to the backend defined here.\n\nSupport: Implementation-specific (For broader support of filters, use the\nFilters field in HTTPRouteRule.)" @@ -154,7 +154,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -186,7 +186,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -207,7 +207,7 @@ spec: x-kubernetes-list-type: "map" type: "object" requestMirror: - description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended\n\n" + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" properties: backendRef: description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" @@ -318,7 +318,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -350,7 +350,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -508,7 +508,7 @@ spec: maxItems: 16 type: "array" filters: - description: "Filters define the filters that are applied to requests that match\nthis rule.\n\nWherever possible, implementations SHOULD implement filters in the order\nthey are specified.\n\nImplementations MAY choose to implement this ordering strictly, rejecting\nany combination or order of filters that can not be supported. If implementations\nchoose a strict interpretation of filter ordering, they MUST clearly document\nthat behavior.\n\nTo reject an invalid combination or order of filters, implementations SHOULD\nconsider the Route Rules with this configuration invalid. If all Route Rules\nin a Route are invalid, the entire Route would be considered invalid. If only\na portion of Route Rules are invalid, implementations MUST set the\n\"PartiallyInvalid\" condition for the Route.\n\nConformance-levels at this level are defined based on the type of filter:\n\n- ALL core filters MUST be supported by all implementations.\n- Implementers are encouraged to support extended filters.\n- Implementation-specific custom filters have no API guarantees across\n implementations.\n\nSpecifying the same filter multiple times is not supported unless explicitly\nindicated in the filter.\n\nAll filters are expected to be compatible with each other except for the\nURLRewrite and RequestRedirect filters, which may not be combined. If an\nimplementation can not support other combinations of filters, they must clearly\ndocument that limitation. In cases where incompatible or unsupported\nfilters are specified and cause the `Accepted` condition to be set to status\n`False`, implementations may use the `IncompatibleFilters` reason to specify\nthis configuration error.\n\nSupport: Core" + description: "Filters define the filters that are applied to requests that match\nthis rule.\n\nWherever possible, implementations SHOULD implement filters in the order\nthey are specified.\n\nImplementations MAY choose to implement this ordering strictly, rejecting\nany combination or order of filters that cannot be supported. If implementations\nchoose a strict interpretation of filter ordering, they MUST clearly document\nthat behavior.\n\nTo reject an invalid combination or order of filters, implementations SHOULD\nconsider the Route Rules with this configuration invalid. If all Route Rules\nin a Route are invalid, the entire Route would be considered invalid. If only\na portion of Route Rules are invalid, implementations MUST set the\n\"PartiallyInvalid\" condition for the Route.\n\nConformance-levels at this level are defined based on the type of filter:\n\n- ALL core filters MUST be supported by all implementations.\n- Implementers are encouraged to support extended filters.\n- Implementation-specific custom filters have no API guarantees across\n implementations.\n\nSpecifying the same filter multiple times is not supported unless explicitly\nindicated in the filter.\n\nAll filters are expected to be compatible with each other except for the\nURLRewrite and RequestRedirect filters, which may not be combined. If an\nimplementation cannot support other combinations of filters, they must clearly\ndocument that limitation. In cases where incompatible or unsupported\nfilters are specified and cause the `Accepted` condition to be set to status\n`False`, implementations may use the `IncompatibleFilters` reason to specify\nthis configuration error.\n\nSupport: Core" items: description: "HTTPRouteFilter defines processing steps that must be completed during the\nrequest or response lifecycle. HTTPRouteFilters are meant as an extension\npoint to express processing that may be done in Gateway implementations. Some\nexamples include request or response modification, implementing\nauthentication strategies, rate-limiting, and traffic shaping. API\nguarantee/conformance is defined based on the type of the filter." properties: @@ -545,7 +545,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -577,7 +577,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -598,7 +598,7 @@ spec: x-kubernetes-list-type: "map" type: "object" requestMirror: - description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended\n\n" + description: "RequestMirror defines a schema for a filter that mirrors requests.\nRequests are sent to the specified destination, but responses from\nthat destination are ignored.\n\nThis filter can be used multiple times within the same rule. Note that\nnot all implementations will be able to support mirroring to multiple\nbackends.\n\nSupport: Extended" properties: backendRef: description: "BackendRef references a resource where mirrored requests are sent.\n\nMirrored requests must be sent only to a single destination endpoint\nwithin this BackendRef, irrespective of how many endpoints are present\nwithin this BackendRef.\n\nIf the referent cannot be found, this BackendRef is invalid and must be\ndropped from the Gateway. The controller must ensure the \"ResolvedRefs\"\ncondition on the Route status is set to `status: False` and not configure\nthis backend in the underlying implementation.\n\nIf there is a cross-namespace reference to an *existing* object\nthat is not allowed by a ReferenceGrant, the controller must ensure the\n\"ResolvedRefs\" condition on the Route is set to `status: False`,\nwith the \"RefNotPermitted\" reason and not configure this backend in the\nunderlying implementation.\n\nIn either error case, the Message of the `ResolvedRefs` Condition\nshould be used to provide more detail about the problem.\n\nSupport: Extended for Kubernetes Service\n\nSupport: Implementation-specific for any other resource" @@ -709,7 +709,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -741,7 +741,7 @@ spec: description: "HTTPHeader represents an HTTP Header name and value as defined by RFC 7230." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, the first entry with\nan equivalent name MUST be considered for a match. Subsequent entries\nwith an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -866,7 +866,7 @@ spec: description: "HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request\nheaders." properties: name: - description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, only the first\nentry with an equivalent name MUST be considered for a match. Subsequent\nentries with an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent.\n\nWhen a header is repeated in an HTTP request, it is\nimplementation-specific behavior as to how this is represented.\nGenerally, proxies should follow the guidance from the RFC:\nhttps://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding\nprocessing a repeated header, with special handling for \"Set-Cookie\"." + description: "Name is the name of the HTTP Header to be matched. Name matching MUST be\ncase-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2).\n\nIf multiple entries specify equivalent header names, only the first\nentry with an equivalent name MUST be considered for a match. Subsequent\nentries with an equivalent header name MUST be ignored. Due to the\ncase-insensitivity of header names, \"foo\" and \"Foo\" are considered\nequivalent.\n\nWhen a header is repeated in an HTTP request, it is\nimplementation-specific behavior as to how this is represented.\nGenerally, proxies should follow the guidance from the RFC:\nhttps://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding\nprocessing a repeated header, with special handling for \"Set-Cookie\"." maxLength: 256 minLength: 1 pattern: "^[A-Za-z0-9!#$%&'*+\\-.^_\\x60|~]+$" @@ -1025,7 +1025,7 @@ spec: description: "RouteParentStatus describes the status of a route with respect to an\nassociated Parent." properties: conditions: - description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a non-existent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." + description: "Conditions describes the status of the route with respect to the Gateway.\nNote that the route's availability is also subject to the Gateway's own\nstatus conditions and listener status.\n\nIf the Route's ParentRef specifies an existing Gateway that supports\nRoutes of this kind AND that Gateway's controller has sufficient access,\nthen that Gateway's controller MUST set the \"Accepted\" condition on the\nRoute, to indicate whether the route has been accepted or rejected by the\nGateway, and why.\n\nA Route MUST be considered \"Accepted\" if at least one of the Route's\nrules is implemented by the Gateway.\n\nThere are a number of cases where the \"Accepted\" condition may not be set\ndue to lack of controller visibility, that includes when:\n\n* The Route refers to a nonexistent parent.\n* The Route is of a type that the controller does not support.\n* The Route is in a namespace the controller does not have access to." items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: @@ -1101,13 +1101,13 @@ spec: minLength: 1 type: "string" namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\n\nSupport: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\nSupport: Core" maxLength: 63 minLength: 1 pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" type: "string" port: - description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" format: "int32" maximum: 65535.0 minimum: 1.0 diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/referencegrants.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/referencegrants.yaml index 4ccfcca30..c9f26c4b9 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/referencegrants.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/referencegrants.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/gateway-api/pull/3328" - gateway.networking.k8s.io/bundle-version: "v1.2.0" + gateway.networking.k8s.io/bundle-version: "v1.2.1" gateway.networking.k8s.io/channel: "standard" name: "referencegrants.gateway.networking.k8s.io" spec: diff --git a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml index 70d420993..3c1f433f4 100644 --- a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml +++ b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml @@ -136,6 +136,32 @@ spec: description: "ReplicatedJobs is the group of jobs that will form the set." items: properties: + dependsOn: + description: "DependsOn is an optional list that specifies the preceding ReplicatedJobs upon which\nthe current ReplicatedJob depends. If specified, the ReplicatedJob will be created\nonly after the referenced ReplicatedJobs reach their desired state.\nThe Order of ReplicatedJobs is defined by their enumeration in the slice.\nNote, that the first ReplicatedJob in the slice cannot use the DependsOn API.\nCurrently, only a single item is supported in the DependsOn list.\nIf JobSet is suspended the all active ReplicatedJobs will be suspended. When JobSet is\nresumed the Job sequence starts again.\nThis API is mutually exclusive with the StartupPolicy API." + items: + description: "DependsOn defines the dependency on the previous ReplicatedJob status." + properties: + name: + description: "Name of the previous ReplicatedJob." + type: "string" + status: + description: "Status defines the condition for the ReplicatedJob. Only Ready or Complete status can be set." + enum: + - "Ready" + - "Complete" + type: "string" + required: + - "name" + - "status" + type: "object" + maxItems: 1 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + x-kubernetes-validations: + - message: "Value is immutable" + rule: "self == oldSelf" name: description: "Name is the name of the entry and will be used as a suffix\nfor the Job name." type: "string" @@ -190,7 +216,7 @@ spec: format: "int32" type: "integer" managedBy: - description: "ManagedBy field indicates the controller that manages a Job. The k8s Job\ncontroller reconciles jobs which don't have this field at all or the field\nvalue is the reserved string `kubernetes.io/job-controller`, but skips\nreconciling Jobs with a custom value for this field.\nThe value must be a valid domain-prefixed path (e.g. acme.io/foo) -\nall characters before the first \"/\" must be a valid subdomain as defined\nby RFC 1123. All characters trailing the first \"/\" must be valid HTTP Path\ncharacters as defined by RFC 3986. The value cannot exceed 63 characters.\nThis field is immutable.\n\nThis field is alpha-level. The job controller accepts setting the field\nwhen the feature gate JobManagedBy is enabled (disabled by default)." + description: "ManagedBy field indicates the controller that manages a Job. The k8s Job\ncontroller reconciles jobs which don't have this field at all or the field\nvalue is the reserved string `kubernetes.io/job-controller`, but skips\nreconciling Jobs with a custom value for this field.\nThe value must be a valid domain-prefixed path (e.g. acme.io/foo) -\nall characters before the first \"/\" must be a valid subdomain as defined\nby RFC 1123. All characters trailing the first \"/\" must be valid HTTP Path\ncharacters as defined by RFC 3986. The value cannot exceed 63 characters.\nThis field is immutable.\n\nThis field is beta-level. The job controller accepts setting the field\nwhen the feature gate JobManagedBy is enabled (enabled by default)." type: "string" manualSelector: description: "manualSelector controls generation of pod labels and pod selectors.\nLeave `manualSelector` unset unless you are certain what you are doing.\nWhen false or unset, the system pick labels unique to this job\nand appends those labels to the pod template. When true,\nthe user is responsible for picking unique labels and specifying\nthe selector. Failure to pick a unique label may cause this\nand other jobs to not function correctly. However, You may see\n`manualSelector=true` in jobs that were created with the old `extensions/v1beta1`\nAPI.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector" @@ -1060,7 +1086,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1070,7 +1096,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1108,7 +1134,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1118,7 +1144,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1137,7 +1163,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1147,7 +1173,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1185,7 +1211,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1195,7 +1221,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1215,7 +1241,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1229,7 +1255,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1243,7 +1269,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1293,7 +1319,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1354,7 +1380,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1368,7 +1394,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1382,7 +1408,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1432,7 +1458,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1620,7 +1646,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1634,7 +1660,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1648,7 +1674,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1698,7 +1724,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1814,9 +1840,10 @@ spec: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" @@ -1988,7 +2015,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1998,7 +2025,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2036,7 +2063,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2046,7 +2073,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2065,7 +2092,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2075,7 +2102,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2113,7 +2140,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2123,7 +2150,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2143,7 +2170,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2157,7 +2184,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2171,7 +2198,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2221,7 +2248,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2282,7 +2309,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2296,7 +2323,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2310,7 +2337,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2360,7 +2387,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2548,7 +2575,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2562,7 +2589,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2576,7 +2603,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2626,7 +2653,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2935,7 +2962,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2945,7 +2972,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2983,7 +3010,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2993,7 +3020,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3012,7 +3039,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3022,7 +3049,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3060,7 +3087,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -3070,7 +3097,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3090,7 +3117,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3104,7 +3131,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3118,7 +3145,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3168,7 +3195,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3229,7 +3256,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3243,7 +3270,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3257,7 +3284,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3307,7 +3334,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3495,7 +3522,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3509,7 +3536,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3523,7 +3550,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3573,7 +3600,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3745,6 +3772,46 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + resources: + description: "Resources is the total amount of CPU and Memory resources required by all\ncontainers in the pod. It supports specifying Requests and Limits for\n\"cpu\" and \"memory\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the\nentire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature\ngate." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" restartPolicy: description: "Restart policy for all containers within the pod.\nOne of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.\nDefault to Always.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy" type: "string" @@ -3802,6 +3869,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3997,7 +4067,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -4016,7 +4086,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -4043,7 +4113,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -4059,7 +4129,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -4092,7 +4162,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -4153,7 +4223,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -4423,7 +4493,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -4452,7 +4522,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -4462,7 +4532,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4481,7 +4551,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -4496,7 +4566,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -4617,7 +4687,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4629,7 +4699,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4847,7 +4917,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -4872,7 +4942,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -4915,7 +4985,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -4996,7 +5066,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5021,7 +5091,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5066,7 +5136,7 @@ spec: - "name" x-kubernetes-list-type: "map" startupPolicy: - description: "StartupPolicy, if set, configures in what order jobs must be started" + description: "StartupPolicy, if set, configures in what order jobs must be started\nDeprecated: StartupPolicy is deprecated, please use the DependsOn API." properties: startupPolicyOrder: description: "StartupPolicyOrder determines the startup order of the ReplicatedJobs.\nAnyOrder means to start replicated jobs in any order.\nInOrder means to start them as they are listed in the JobSet. A ReplicatedJob is started only\nwhen all the jobs of the previous one are ready." @@ -5110,6 +5180,11 @@ spec: minimum: 0.0 type: "integer" type: "object" + x-kubernetes-validations: + - message: "StartupPolicy and DependsOn APIs are mutually exclusive" + rule: "!(has(self.startupPolicy) && self.startupPolicy.startupPolicyOrder == 'InOrder' && self.replicatedJobs.exists(x, has(x.dependsOn)))" + - message: "DependsOn can't be set for the first ReplicatedJob" + rule: "!(has(self.replicatedJobs[0].dependsOn))" status: description: "JobSetStatus defines the observed state of JobSet" properties: diff --git a/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/modules.yaml b/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/modules.yaml index df3629595..835e3f24c 100644 --- a/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/modules.yaml +++ b/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/modules.yaml @@ -218,7 +218,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -237,7 +237,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -264,7 +264,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -280,7 +280,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -313,7 +313,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -374,7 +374,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -627,7 +627,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -656,7 +656,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -666,7 +666,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -685,7 +685,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -700,7 +700,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -821,7 +821,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -833,7 +833,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1051,7 +1051,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -1076,7 +1076,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -1119,7 +1119,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -1200,7 +1200,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1225,7 +1225,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1611,6 +1611,29 @@ spec: type: "string" description: "Selector describes on which nodes the Module should be loaded and optionally built." type: "object" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" required: - "moduleLoader" - "selector" diff --git a/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/nodemodulesconfigs.yaml b/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/nodemodulesconfigs.yaml index 4a9e0c771..9204840e9 100644 --- a/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/nodemodulesconfigs.yaml +++ b/crd-catalog/kubernetes-sigs/kernel-module-management/kmm.sigs.x-k8s.io/v1beta1/nodemodulesconfigs.yaml @@ -111,7 +111,6 @@ spec: type: "object" required: - "containerImage" - - "imagePullPolicy" - "insecurePull" - "kernelVersion" - "modprobe" @@ -131,6 +130,29 @@ spec: type: "string" serviceAccountName: type: "string" + tolerations: + description: "tolerations define which tolerations should be added for every load/unload pod running on the node" + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" required: - "config" - "name" @@ -222,7 +244,6 @@ spec: type: "object" required: - "containerImage" - - "imagePullPolicy" - "insecurePull" - "kernelVersion" - "modprobe" @@ -245,6 +266,29 @@ spec: type: "string" serviceAccountName: type: "string" + tolerations: + description: "tolerations define which tolerations should be added for every load/unload pod running on the node" + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" required: - "name" - "namespace" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1alpha1/cohorts.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1alpha1/cohorts.yaml index c864ad86b..080704be8 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1alpha1/cohorts.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1alpha1/cohorts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "cohorts.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" @@ -29,6 +29,18 @@ spec: spec: description: "CohortSpec defines the desired state of Cohort" properties: + fairSharing: + description: "fairSharing defines the properties of the Cohort when\nparticipating in FairSharing. The values are only relevant\nif FairSharing is enabled in the Kueue configuration." + properties: + weight: + anyOf: + - type: "integer" + - type: "string" + default: 1 + description: "weight gives a comparative advantage to this ClusterQueue\nor Cohort when competing for unused resources in the\nCohort. The share is based on the dominant resource usage\nabove nominal quotas for each resource, divided by the\nweight. Admission prioritizes scheduling workloads from\nClusterQueues and Cohorts with the lowest share and\npreempting workloads from the ClusterQueues and Cohorts\nwith the highest share. A zero weight implies infinite\nshare value, meaning that this Node will always be at\ndisadvantage against other ClusterQueues and Cohorts." + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + type: "object" parent: description: "Parent references the name of the Cohort's parent, if\nany. It satisfies one of three cases:\n1) Unset. This Cohort is the root of its Cohort tree.\n2) References a non-existent Cohort. We use default Cohort (no borrowing/lending limits).\n3) References an existent Cohort.\n\nIf a cycle is created, we disable all members of the\nCohort, including ClusterQueues, until the cycle is\nremoved. We prevent further admission while the cycle\nexists." maxLength: 253 diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml index fc783e85d..b9f932da3 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/admissionchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "admissionchecks.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml index 212670d7d..6dea5e46c 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/clusterqueues.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "clusterqueues.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" @@ -85,14 +85,14 @@ spec: pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" type: "string" fairSharing: - description: "fairSharing defines the properties of the ClusterQueue when participating in fair sharing.\nThe values are only relevant if fair sharing is enabled in the Kueue configuration." + description: "fairSharing defines the properties of the ClusterQueue when\nparticipating in FairSharing. The values are only relevant\nif FairSharing is enabled in the Kueue configuration." properties: weight: anyOf: - type: "integer" - type: "string" default: 1 - description: "weight gives a comparative advantage to this ClusterQueue when competing for unused\nresources in the cohort against other ClusterQueues.\nThe share of a ClusterQueue is based on the dominant resource usage above nominal\nquotas for each resource, divided by the weight.\nAdmission prioritizes scheduling workloads from ClusterQueues with the lowest share\nand preempting workloads from the ClusterQueues with the highest share.\nA zero weight implies infinite share value, meaning that this ClusterQueue will always\nbe at disadvantage against other ClusterQueues." + description: "weight gives a comparative advantage to this ClusterQueue\nor Cohort when competing for unused resources in the\nCohort. The share is based on the dominant resource usage\nabove nominal quotas for each resource, divided by the\nweight. Admission prioritizes scheduling workloads from\nClusterQueues and Cohorts with the lowest share and\npreempting workloads from the ClusterQueues and Cohorts\nwith the highest share. A zero weight implies infinite\nshare value, meaning that this Node will always be at\ndisadvantage against other ClusterQueues and Cohorts." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" @@ -150,7 +150,7 @@ spec: x-kubernetes-map-type: "atomic" preemption: default: {} - description: "preemption describes policies to preempt Workloads from this ClusterQueue\nor the ClusterQueue's cohort.\n\nPreemption can happen in two scenarios:\n\n- When a Workload fits within the nominal quota of the ClusterQueue, but\n the quota is currently borrowed by other ClusterQueues in the cohort.\n Preempting Workloads in other ClusterQueues allows this ClusterQueue to\n reclaim its nominal quota.\n- When a Workload doesn't fit within the nominal quota of the ClusterQueue\n and there are admitted Workloads in the ClusterQueue with lower priority.\n\nThe preemption algorithm tries to find a minimal set of Workloads to\npreempt to accomomdate the pending Workload, preempting Workloads with\nlower priority first." + description: "preemption describes policies to preempt Workloads from this ClusterQueue\nor the ClusterQueue's cohort.\n\nPreemption can happen in two scenarios:\n\n- When a Workload fits within the nominal quota of the ClusterQueue, but\n the quota is currently borrowed by other ClusterQueues in the cohort.\n Preempting Workloads in other ClusterQueues allows this ClusterQueue to\n reclaim its nominal quota.\n- When a Workload doesn't fit within the nominal quota of the ClusterQueue\n and there are admitted Workloads in the ClusterQueue with lower priority.\n\nThe preemption algorithm tries to find a minimal set of Workloads to\npreempt to accommodate the pending Workload, preempting Workloads with\nlower priority first." properties: borrowWithinCohort: default: {} @@ -344,7 +344,7 @@ spec: description: "FairSharing contains the information about the current status of fair sharing." properties: weightedShare: - description: "WeightedShare represent the maximum of the ratios of usage above nominal\nquota to the lendable resources in the cohort, among all the resources\nprovided by the ClusterQueue, and divided by the weight.\nIf zero, it means that the usage of the ClusterQueue is below the nominal quota.\nIf the ClusterQueue has a weight of zero, this will return 9223372036854775807,\nthe maximum possible share value." + description: "WeightedShare represent the maximum of the ratios of usage\nabove nominal quota to the lendable resources in the\nCohort, among all the resources provided by the Node, and\ndivided by the weight. If zero, it means that the usage of\nthe Node is below the nominal quota. If the Node has a\nweight of zero, this will return 9223372036854775807, the\nmaximum possible share value." format: "int64" type: "integer" required: diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml index 3a897c01d..410040244 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/localqueues.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "localqueues.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueclusters.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueclusters.yaml index a27f26a05..b51579930 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueclusters.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "multikueueclusters.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" @@ -13,7 +13,16 @@ spec: singular: "multikueuecluster" scope: "Cluster" versions: - - name: "v1beta1" + - additionalPrinterColumns: + - description: "MultiKueueCluster is connected" + jsonPath: ".status.conditions[?(@.type=='Active')].status" + name: "Connected" + type: "string" + - description: "Time this workload was created" + jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1beta1" schema: openAPIV3Schema: description: "MultiKueueCluster is the Schema for the multikueue API" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueconfigs.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueconfigs.yaml index cdd952f17..49da0e210 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueconfigs.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/multikueueconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "multikueueconfigs.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/provisioningrequestconfigs.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/provisioningrequestconfigs.yaml index cc6d9d70a..780cfc165 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/provisioningrequestconfigs.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/provisioningrequestconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "provisioningrequestconfigs.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml index 33836cfbb..3474073b2 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/resourceflavors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "resourceflavors.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" @@ -41,7 +41,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" nodeTaints: - description: "nodeTaints are taints that the nodes associated with this ResourceFlavor\nhave.\nWorkloads' podsets must have tolerations for these nodeTaints in order to\nget assigned this ResourceFlavor during admission.\n\nAn example of a nodeTaint is\ncloud.provider.com/preemptible=\"true\":NoSchedule\n\nnodeTaints can be up to 8 elements." + description: "nodeTaints are taints that the nodes associated with this ResourceFlavor\nhave.\nWorkloads' podsets must have tolerations for these nodeTaints in order to\nget assigned this ResourceFlavor during admission.\nOnly the 'NoSchedule' and 'NoExecute' taint effects are evaluated,\nwhile 'PreferNoSchedule' is ignored.\n\nAn example of a nodeTaint is\ncloud.provider.com/preemptible=\"true\":NoSchedule\n\nnodeTaints can be up to 8 elements." items: description: "The node this Taint is attached to has the \"effect\" on\nany pod that does not tolerate the Taint." properties: @@ -113,6 +113,8 @@ spec: x-kubernetes-validations: - message: "at least one nodeLabel is required when topology is set" rule: "!has(self.topologyName) || self.nodeLabels.size() >= 1" + - message: "resourceFlavorSpec are immutable when topologyName is set" + rule: "!has(oldSelf.topologyName) || self == oldSelf" type: "object" served: true storage: true diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloadpriorityclasses.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloadpriorityclasses.yaml index 21dbc6ac7..75aa8264d 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloadpriorityclasses.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloadpriorityclasses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "workloadpriorityclasses.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml index 398dd7c9f..716bd2dab 100644 --- a/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml +++ b/crd-catalog/kubernetes-sigs/kueue/kueue.x-k8s.io/v1beta1/workloads.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "workloads.kueue.x-k8s.io" spec: group: "kueue.x-k8s.io" @@ -823,7 +823,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -833,7 +833,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -871,7 +871,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -881,7 +881,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -900,7 +900,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -910,7 +910,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -948,7 +948,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -958,7 +958,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -978,7 +978,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -992,7 +992,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1006,7 +1006,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1056,7 +1056,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1117,7 +1117,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1131,7 +1131,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1145,7 +1145,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1195,7 +1195,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1383,7 +1383,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1397,7 +1397,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1411,7 +1411,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1461,7 +1461,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1577,9 +1577,10 @@ spec: description: "PodDNSConfigOption defines DNS resolver options of a pod." properties: name: - description: "Required." + description: "Name is this DNS resolver option's name.\nRequired." type: "string" value: + description: "Value is this DNS resolver option's value." type: "string" type: "object" type: "array" @@ -1751,7 +1752,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1761,7 +1762,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1799,7 +1800,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1809,7 +1810,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1828,7 +1829,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1838,7 +1839,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1876,7 +1877,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1886,7 +1887,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1906,7 +1907,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1920,7 +1921,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1934,7 +1935,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1984,7 +1985,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2045,7 +2046,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2059,7 +2060,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2073,7 +2074,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2123,7 +2124,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2311,7 +2312,7 @@ spec: description: "Probes are not allowed for ephemeral containers." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2325,7 +2326,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2339,7 +2340,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2389,7 +2390,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2698,7 +2699,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2708,7 +2709,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2746,7 +2747,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2756,7 +2757,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2775,7 +2776,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2785,7 +2786,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2823,7 +2824,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2833,7 +2834,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2853,7 +2854,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2867,7 +2868,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2881,7 +2882,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2931,7 +2932,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2992,7 +2993,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3006,7 +3007,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3020,7 +3021,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3070,7 +3071,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3258,7 +3259,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3272,7 +3273,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3286,7 +3287,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3336,7 +3337,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3508,6 +3509,46 @@ spec: x-kubernetes-list-map-keys: - "name" x-kubernetes-list-type: "map" + resources: + description: "Resources is the total amount of CPU and Memory resources required by all\ncontainers in the pod. It supports specifying Requests and Limits for\n\"cpu\" and \"memory\" resource names only. ResourceClaims are not supported.\n\nThis field enables fine-grained control over resource allocation for the\nentire pod, allowing resource sharing among containers in a pod.\n\nThis is an alpha field and requires enabling the PodLevelResources feature\ngate." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" restartPolicy: description: "Restart policy for all containers within the pod.\nOne of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.\nDefault to Always.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy" type: "string" @@ -3565,6 +3606,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3760,7 +3804,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -3779,7 +3823,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -3806,7 +3850,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -3822,7 +3866,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -3855,7 +3899,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -3916,7 +3960,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -4186,7 +4230,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -4215,7 +4259,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -4225,7 +4269,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4244,7 +4288,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -4259,7 +4303,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -4380,7 +4424,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4392,7 +4436,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4610,7 +4654,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -4635,7 +4679,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -4678,7 +4722,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -4759,7 +4803,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4784,7 +4828,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4815,12 +4859,22 @@ spec: topologyRequest: description: "topologyRequest defines the topology request for the PodSet." properties: + podIndexLabel: + description: "PodIndexLabel indicates the name of the label indexing the pods.\nFor example, in the context of\n- kubernetes job this is: kubernetes.io/job-completion-index\n- JobSet: kubernetes.io/job-completion-index (inherited from Job)\n- Kubeflow: training.kubeflow.org/replica-index" + type: "string" preferred: description: "preferred indicates the topology level preferred by the PodSet, as\nindicated by the `kueue.x-k8s.io/podset-preferred-topology` PodSet\nannotation." type: "string" required: description: "required indicates the topology level required by the PodSet, as\nindicated by the `kueue.x-k8s.io/podset-required-topology` PodSet\nannotation." type: "string" + subGroupCount: + description: "SubGroupIndexLabel indicates the count of replicated Jobs (groups) within a PodSet.\nFor example, in the context of JobSet this value is read from jobset.sigs.k8s.io/replicatedjob-replicas." + format: "int32" + type: "integer" + subGroupIndexLabel: + description: "SubGroupIndexLabel indicates the name of the label indexing the instances of replicated Jobs (groups)\nwithin a PodSet. For example, in the context of JobSet this is jobset.sigs.k8s.io/job-index." + type: "string" type: "object" required: - "count" @@ -4911,7 +4965,7 @@ spec: description: "resourceUsage keeps track of the total resources all the pods in the podset need to run.\n\nBeside what is provided in podSet's specs, this calculation takes into account\nthe LimitRange defaults and RuntimeClass overheads at the moment of admission.\nThis field will not change in case of quota reclaim." type: "object" topologyAssignment: - description: "topologyAssignment indicates the topology assignment divided into\ntopology domains corresponding to the lowest level of the topology.\nThe assignment specifies the number of Pods to be scheduled per topology\ndomain and specifies the node selectors for each topology domain, in the\nfollowing way: the node selector keys are specified by the levels field\n(same for all domains), and the corresponding node selector value is\nspecified by the domains.values subfield.\n\nExample:\n\ntopologyAssignment:\n levels:\n - cloud.provider.com/topology-block\n - cloud.provider.com/topology-rack\n domains:\n - values: [block-1, rack-1]\n count: 4\n - values: [block-1, rack-2]\n count: 2\n\nHere:\n- 4 Pods are to be scheduled on nodes matching the node selector:\n cloud.provider.com/topology-block: block-1\n cloud.provider.com/topology-rack: rack-1\n- 2 Pods are to be scheduled on nodes matching the node selector:\n cloud.provider.com/topology-block: block-1\n cloud.provider.com/topology-rack: rack-2" + description: "topologyAssignment indicates the topology assignment divided into\ntopology domains corresponding to the lowest level of the topology.\nThe assignment specifies the number of Pods to be scheduled per topology\ndomain and specifies the node selectors for each topology domain, in the\nfollowing way: the node selector keys are specified by the levels field\n(same for all domains), and the corresponding node selector value is\nspecified by the domains.values subfield. If the TopologySpec.Levels field contains\n\"kubernetes.io/hostname\" label, topologyAssignment will contain data only for\nthis label, and omit higher levels in the topology\n\nExample:\n\ntopologyAssignment:\n levels:\n - cloud.provider.com/topology-block\n - cloud.provider.com/topology-rack\n domains:\n - values: [block-1, rack-1]\n count: 4\n - values: [block-1, rack-2]\n count: 2\n\nHere:\n- 4 Pods are to be scheduled on nodes matching the node selector:\n cloud.provider.com/topology-block: block-1\n cloud.provider.com/topology-rack: rack-1\n- 2 Pods are to be scheduled on nodes matching the node selector:\n cloud.provider.com/topology-block: block-1\n cloud.provider.com/topology-rack: rack-2\n\nExample:\nBelow there is an equivalent of the above example assuming, Topology\nobject defines kubernetes.io/hostname as the lowest level in topology.\nHence we omit higher level of topologies, since the hostname label\nis sufficient to explicitly identify a proper node.\n\ntopologyAssignment:\n levels:\n - kubernetes.io/hostname\n domains:\n - values: [hostname-1]\n count: 4\n - values: [hostname-2]\n count: 2" properties: domains: description: "domains is a list of topology assignments split by topology domains at\nthe lowest level of the topology." diff --git a/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceexports.yaml b/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceexports.yaml index b3e25618c..60b28469f 100644 --- a/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceexports.yaml +++ b/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceexports.yaml @@ -29,6 +29,20 @@ spec: type: "string" metadata: type: "object" + spec: + description: "spec defines the behavior of a ServiceExport." + properties: + exportedAnnotations: + additionalProperties: + type: "string" + description: "exportedAnnotations describes the annotations exported. It is optional for implementation." + type: "object" + exportedLabels: + additionalProperties: + type: "string" + description: "exportedLabels describes the labels exported. It is optional for implementation." + type: "object" + type: "object" status: description: "status describes the current state of an exported service.\nService configuration comes from the Service that had the same\nname and namespace as this ServiceExport.\nPopulated by the multi-cluster service implementation's controller." properties: diff --git a/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceimports.yaml b/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceimports.yaml index cb89d314e..95779819e 100644 --- a/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceimports.yaml +++ b/crd-catalog/kubernetes-sigs/mcs-api/multicluster.x-k8s.io/v1alpha1/serviceimports.yaml @@ -44,7 +44,7 @@ spec: description: "ip will be used as the VIP for this service when type is ClusterSetIP." items: type: "string" - maxItems: 1 + maxItems: 2 type: "array" ports: items: diff --git a/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/adminnetworkpolicies.yaml b/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/adminnetworkpolicies.yaml index e7b700dcc..38e8882ef 100644 --- a/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/adminnetworkpolicies.yaml +++ b/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/adminnetworkpolicies.yaml @@ -41,60 +41,60 @@ spec: description: "Specification of the desired behavior of AdminNetworkPolicy." properties: egress: - description: "Egress is the list of Egress rules to be applied to the selected pods.\nA total of 100 rules will be allowed in each ANP instance.\nThe relative precedence of egress rules within a single ANP object (all of\nwhich share the priority) will be determined by the order in which the rule\nis written. Thus, a rule that appears at the top of the egress rules\nwould take the highest precedence.\nANPs with no egress rules do not affect egress traffic.\n\n\nSupport: Core" + description: "Egress is the list of Egress rules to be applied to the selected pods.\nA total of 100 rules will be allowed in each ANP instance.\nThe relative precedence of egress rules within a single ANP object (all of\nwhich share the priority) will be determined by the order in which the rule\nis written. Thus, a rule that appears at the top of the egress rules\nwould take the highest precedence.\nANPs with no egress rules do not affect egress traffic.\n\nSupport: Core" items: description: "AdminNetworkPolicyEgressRule describes an action to take on a particular\nset of traffic originating from pods selected by a AdminNetworkPolicy's\nSubject field.\n" properties: action: - description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic (even if it would otherwise have been denied by NetworkPolicy)\nDeny: denies the selected traffic\nPass: instructs the selected traffic to skip any remaining ANP rules, and\nthen pass execution to any NetworkPolicies that select the pod.\nIf the pod is not selected by any NetworkPolicies then execution\nis passed to any BaselineAdminNetworkPolicies that select the pod.\n\n\nSupport: Core" + description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic (even if it would otherwise have been denied by NetworkPolicy)\nDeny: denies the selected traffic\nPass: instructs the selected traffic to skip any remaining ANP rules, and\nthen pass execution to any NetworkPolicies that select the pod.\nIf the pod is not selected by any NetworkPolicies then execution\nis passed to any BaselineAdminNetworkPolicies that select the pod.\n\nSupport: Core" enum: - "Allow" - "Deny" - "Pass" type: "string" name: - description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nAdminNetworkPolicies.\n\n\nSupport: Core" + description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nAdminNetworkPolicies.\n\nSupport: Core" maxLength: 100 type: "string" ports: - description: "Ports allows for matching traffic based on port and protocols.\nThis field is a list of destination ports for the outgoing egress traffic.\nIf Ports is not set then the rule does not filter traffic via port.\n\n\nSupport: Core" + description: "Ports allows for matching traffic based on port and protocols.\nThis field is a list of destination ports for the outgoing egress traffic.\nIf Ports is not set then the rule does not filter traffic via port.\n\nSupport: Core" items: description: "AdminNetworkPolicyPort describes how to select network ports on pod(s).\nExactly one field must be set." maxProperties: 1 minProperties: 1 properties: portNumber: - description: "Port selects a port on a pod(s) based on number.\n\n\nSupport: Core" + description: "Port selects a port on a pod(s) based on number.\n\nSupport: Core" properties: port: - description: "Number defines a network port value.\n\n\nSupport: Core" + description: "Number defines a network port value.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" required: - "port" - "protocol" type: "object" portRange: - description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\n\nSupport: Core" + description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\nSupport: Core" properties: end: - description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\n\nSupport: Core" + description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" start: - description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\n\nSupport: Core" + description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -108,14 +108,14 @@ spec: minItems: 1 type: "array" to: - description: "To is the List of destinations whose traffic this rule applies to.\nIf any AdminNetworkPolicyEgressPeer matches the destination of outgoing\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\n\nSupport: Core" + description: "To is the List of destinations whose traffic this rule applies to.\nIf any AdminNetworkPolicyEgressPeer matches the destination of outgoing\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\nSupport: Core" items: description: "AdminNetworkPolicyEgressPeer defines a peer to allow traffic to.\nExactly one of the selector pointers must be set for a given peer. If a\nconsumer observes none of its fields are set, they must assume an unknown\noption has been specified and fail closed." maxProperties: 1 minProperties: 1 properties: namespaces: - description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\n\nSupport: Core" + description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\nSupport: Core" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -148,7 +148,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" pods: - description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\n\nSupport: Core" + description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\nSupport: Core" properties: namespaceSelector: description: "NamespaceSelector follows standard label selector semantics; if empty,\nit selects all Namespaces." @@ -231,26 +231,26 @@ spec: maxItems: 100 type: "array" ingress: - description: "Ingress is the list of Ingress rules to be applied to the selected pods.\nA total of 100 rules will be allowed in each ANP instance.\nThe relative precedence of ingress rules within a single ANP object (all of\nwhich share the priority) will be determined by the order in which the rule\nis written. Thus, a rule that appears at the top of the ingress rules\nwould take the highest precedence.\nANPs with no ingress rules do not affect ingress traffic.\n\n\nSupport: Core" + description: "Ingress is the list of Ingress rules to be applied to the selected pods.\nA total of 100 rules will be allowed in each ANP instance.\nThe relative precedence of ingress rules within a single ANP object (all of\nwhich share the priority) will be determined by the order in which the rule\nis written. Thus, a rule that appears at the top of the ingress rules\nwould take the highest precedence.\nANPs with no ingress rules do not affect ingress traffic.\n\nSupport: Core" items: description: "AdminNetworkPolicyIngressRule describes an action to take on a particular\nset of traffic destined for pods selected by an AdminNetworkPolicy's\nSubject field." properties: action: - description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic (even if it would otherwise have been denied by NetworkPolicy)\nDeny: denies the selected traffic\nPass: instructs the selected traffic to skip any remaining ANP rules, and\nthen pass execution to any NetworkPolicies that select the pod.\nIf the pod is not selected by any NetworkPolicies then execution\nis passed to any BaselineAdminNetworkPolicies that select the pod.\n\n\nSupport: Core" + description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic (even if it would otherwise have been denied by NetworkPolicy)\nDeny: denies the selected traffic\nPass: instructs the selected traffic to skip any remaining ANP rules, and\nthen pass execution to any NetworkPolicies that select the pod.\nIf the pod is not selected by any NetworkPolicies then execution\nis passed to any BaselineAdminNetworkPolicies that select the pod.\n\nSupport: Core" enum: - "Allow" - "Deny" - "Pass" type: "string" from: - description: "From is the list of sources whose traffic this rule applies to.\nIf any AdminNetworkPolicyIngressPeer matches the source of incoming\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\n\nSupport: Core" + description: "From is the list of sources whose traffic this rule applies to.\nIf any AdminNetworkPolicyIngressPeer matches the source of incoming\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\nSupport: Core" items: description: "AdminNetworkPolicyIngressPeer defines an in-cluster peer to allow traffic from.\nExactly one of the selector pointers must be set for a given peer. If a\nconsumer observes none of its fields are set, they must assume an unknown\noption has been specified and fail closed." maxProperties: 1 minProperties: 1 properties: namespaces: - description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\n\nSupport: Core" + description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\nSupport: Core" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -283,7 +283,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" pods: - description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\n\nSupport: Core" + description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\nSupport: Core" properties: namespaceSelector: description: "NamespaceSelector follows standard label selector semantics; if empty,\nit selects all Namespaces." @@ -360,48 +360,48 @@ spec: minItems: 1 type: "array" name: - description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nAdminNetworkPolicies.\n\n\nSupport: Core" + description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nAdminNetworkPolicies.\n\nSupport: Core" maxLength: 100 type: "string" ports: - description: "Ports allows for matching traffic based on port and protocols.\nThis field is a list of ports which should be matched on\nthe pods selected for this policy i.e the subject of the policy.\nSo it matches on the destination port for the ingress traffic.\nIf Ports is not set then the rule does not filter traffic via port.\n\n\nSupport: Core" + description: "Ports allows for matching traffic based on port and protocols.\nThis field is a list of ports which should be matched on\nthe pods selected for this policy i.e the subject of the policy.\nSo it matches on the destination port for the ingress traffic.\nIf Ports is not set then the rule does not filter traffic via port.\n\nSupport: Core" items: description: "AdminNetworkPolicyPort describes how to select network ports on pod(s).\nExactly one field must be set." maxProperties: 1 minProperties: 1 properties: portNumber: - description: "Port selects a port on a pod(s) based on number.\n\n\nSupport: Core" + description: "Port selects a port on a pod(s) based on number.\n\nSupport: Core" properties: port: - description: "Number defines a network port value.\n\n\nSupport: Core" + description: "Number defines a network port value.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" required: - "port" - "protocol" type: "object" portRange: - description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\n\nSupport: Core" + description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\nSupport: Core" properties: end: - description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\n\nSupport: Core" + description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" start: - description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\n\nSupport: Core" + description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -421,13 +421,13 @@ spec: maxItems: 100 type: "array" priority: - description: "Priority is a value from 0 to 1000. Policies with lower priority values have\nhigher precedence, and are checked before policies with higher priority values.\nAll AdminNetworkPolicy rules have higher precedence than NetworkPolicy or\nBaselineAdminNetworkPolicy rules\nEvery AdminNetworkPolicy should have a unique priority value; if two (or more)\npolicies with the same priority could both match a connection, then the\nimplementation can apply any of the matching policies to the connection, and\nthere is no way for the user to reliably determine which one it will choose.\n\n\nSupport: Core" + description: "Priority is a value from 0 to 1000. Policies with lower priority values have\nhigher precedence, and are checked before policies with higher priority values.\nAll AdminNetworkPolicy rules have higher precedence than NetworkPolicy or\nBaselineAdminNetworkPolicy rules\nEvery AdminNetworkPolicy should have a unique priority value; if two (or more)\npolicies with the same priority could both match a connection, then the\nimplementation can apply any of the matching policies to the connection, and\nthere is no way for the user to reliably determine which one it will choose.\n\nSupport: Core" format: "int32" maximum: 1000.0 minimum: 0.0 type: "integer" subject: - description: "Subject defines the pods to which this AdminNetworkPolicy applies.\nNote that host-networked pods are not included in subject selection.\n\n\nSupport: Core" + description: "Subject defines the pods to which this AdminNetworkPolicy applies.\nNote that host-networked pods are not included in subject selection.\n\nSupport: Core" maxProperties: 1 minProperties: 1 properties: @@ -547,7 +547,7 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -576,7 +576,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml b/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml index 737130a6c..a5d9520fb 100644 --- a/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml +++ b/crd-catalog/kubernetes-sigs/network-policy-api/policy.networking.k8s.io/v1alpha1/baselineadminnetworkpolicies.yaml @@ -38,18 +38,18 @@ spec: description: "Specification of the desired behavior of BaselineAdminNetworkPolicy." properties: egress: - description: "Egress is the list of Egress rules to be applied to the selected pods if\nthey are not matched by any AdminNetworkPolicy or NetworkPolicy rules.\nA total of 100 Egress rules will be allowed in each BANP instance.\nThe relative precedence of egress rules within a single BANP object\nwill be determined by the order in which the rule is written.\nThus, a rule that appears at the top of the egress rules\nwould take the highest precedence.\nBANPs with no egress rules do not affect egress traffic.\n\n\nSupport: Core" + description: "Egress is the list of Egress rules to be applied to the selected pods if\nthey are not matched by any AdminNetworkPolicy or NetworkPolicy rules.\nA total of 100 Egress rules will be allowed in each BANP instance.\nThe relative precedence of egress rules within a single BANP object\nwill be determined by the order in which the rule is written.\nThus, a rule that appears at the top of the egress rules\nwould take the highest precedence.\nBANPs with no egress rules do not affect egress traffic.\n\nSupport: Core" items: description: "BaselineAdminNetworkPolicyEgressRule describes an action to take on a particular\nset of traffic originating from pods selected by a BaselineAdminNetworkPolicy's\nSubject field.\n" properties: action: - description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic\nDeny: denies the selected traffic\n\n\nSupport: Core" + description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic\nDeny: denies the selected traffic\n\nSupport: Core" enum: - "Allow" - "Deny" type: "string" name: - description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nBaselineAdminNetworkPolicies.\n\n\nSupport: Core" + description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nBaselineAdminNetworkPolicies.\n\nSupport: Core" maxLength: 100 type: "string" ports: @@ -60,37 +60,37 @@ spec: minProperties: 1 properties: portNumber: - description: "Port selects a port on a pod(s) based on number.\n\n\nSupport: Core" + description: "Port selects a port on a pod(s) based on number.\n\nSupport: Core" properties: port: - description: "Number defines a network port value.\n\n\nSupport: Core" + description: "Number defines a network port value.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" required: - "port" - "protocol" type: "object" portRange: - description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\n\nSupport: Core" + description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\nSupport: Core" properties: end: - description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\n\nSupport: Core" + description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" start: - description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\n\nSupport: Core" + description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -104,14 +104,14 @@ spec: minItems: 1 type: "array" to: - description: "To is the list of destinations whose traffic this rule applies to.\nIf any BaselineAdminNetworkPolicyEgressPeer matches the destination of outgoing\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\n\nSupport: Core" + description: "To is the list of destinations whose traffic this rule applies to.\nIf any BaselineAdminNetworkPolicyEgressPeer matches the destination of outgoing\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\nSupport: Core" items: description: "BaselineAdminNetworkPolicyEgressPeer defines a peer to allow traffic to.\nExactly one of the selector pointers must be set for a given peer. If a\nconsumer observes none of its fields are set, they must assume an unknown\noption has been specified and fail closed." maxProperties: 1 minProperties: 1 properties: namespaces: - description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\n\nSupport: Core" + description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\nSupport: Core" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -144,7 +144,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" pods: - description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\n\nSupport: Core" + description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\nSupport: Core" properties: namespaceSelector: description: "NamespaceSelector follows standard label selector semantics; if empty,\nit selects all Namespaces." @@ -227,25 +227,25 @@ spec: maxItems: 100 type: "array" ingress: - description: "Ingress is the list of Ingress rules to be applied to the selected pods\nif they are not matched by any AdminNetworkPolicy or NetworkPolicy rules.\nA total of 100 Ingress rules will be allowed in each BANP instance.\nThe relative precedence of ingress rules within a single BANP object\nwill be determined by the order in which the rule is written.\nThus, a rule that appears at the top of the ingress rules\nwould take the highest precedence.\nBANPs with no ingress rules do not affect ingress traffic.\n\n\nSupport: Core" + description: "Ingress is the list of Ingress rules to be applied to the selected pods\nif they are not matched by any AdminNetworkPolicy or NetworkPolicy rules.\nA total of 100 Ingress rules will be allowed in each BANP instance.\nThe relative precedence of ingress rules within a single BANP object\nwill be determined by the order in which the rule is written.\nThus, a rule that appears at the top of the ingress rules\nwould take the highest precedence.\nBANPs with no ingress rules do not affect ingress traffic.\n\nSupport: Core" items: description: "BaselineAdminNetworkPolicyIngressRule describes an action to take on a particular\nset of traffic destined for pods selected by a BaselineAdminNetworkPolicy's\nSubject field." properties: action: - description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic\nDeny: denies the selected traffic\n\n\nSupport: Core" + description: "Action specifies the effect this rule will have on matching traffic.\nCurrently the following actions are supported:\nAllow: allows the selected traffic\nDeny: denies the selected traffic\n\nSupport: Core" enum: - "Allow" - "Deny" type: "string" from: - description: "From is the list of sources whose traffic this rule applies to.\nIf any AdminNetworkPolicyIngressPeer matches the source of incoming\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\n\nSupport: Core" + description: "From is the list of sources whose traffic this rule applies to.\nIf any AdminNetworkPolicyIngressPeer matches the source of incoming\ntraffic then the specified action is applied.\nThis field must be defined and contain at least one item.\n\nSupport: Core" items: description: "AdminNetworkPolicyIngressPeer defines an in-cluster peer to allow traffic from.\nExactly one of the selector pointers must be set for a given peer. If a\nconsumer observes none of its fields are set, they must assume an unknown\noption has been specified and fail closed." maxProperties: 1 minProperties: 1 properties: namespaces: - description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\n\nSupport: Core" + description: "Namespaces defines a way to select all pods within a set of Namespaces.\nNote that host-networked pods are not included in this type of peer.\n\nSupport: Core" properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -278,7 +278,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" pods: - description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\n\nSupport: Core" + description: "Pods defines a way to select a set of pods in\na set of namespaces. Note that host-networked pods\nare not included in this type of peer.\n\nSupport: Core" properties: namespaceSelector: description: "NamespaceSelector follows standard label selector semantics; if empty,\nit selects all Namespaces." @@ -355,48 +355,48 @@ spec: minItems: 1 type: "array" name: - description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nBaselineAdminNetworkPolicies.\n\n\nSupport: Core" + description: "Name is an identifier for this rule, that may be no more than 100 characters\nin length. This field should be used by the implementation to help\nimprove observability, readability and error-reporting for any applied\nBaselineAdminNetworkPolicies.\n\nSupport: Core" maxLength: 100 type: "string" ports: - description: "Ports allows for matching traffic based on port and protocols.\nThis field is a list of ports which should be matched on\nthe pods selected for this policy i.e the subject of the policy.\nSo it matches on the destination port for the ingress traffic.\nIf Ports is not set then the rule does not filter traffic via port.\n\n\nSupport: Core" + description: "Ports allows for matching traffic based on port and protocols.\nThis field is a list of ports which should be matched on\nthe pods selected for this policy i.e the subject of the policy.\nSo it matches on the destination port for the ingress traffic.\nIf Ports is not set then the rule does not filter traffic via port.\n\nSupport: Core" items: description: "AdminNetworkPolicyPort describes how to select network ports on pod(s).\nExactly one field must be set." maxProperties: 1 minProperties: 1 properties: portNumber: - description: "Port selects a port on a pod(s) based on number.\n\n\nSupport: Core" + description: "Port selects a port on a pod(s) based on number.\n\nSupport: Core" properties: port: - description: "Number defines a network port value.\n\n\nSupport: Core" + description: "Number defines a network port value.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" required: - "port" - "protocol" type: "object" portRange: - description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\n\nSupport: Core" + description: "PortRange selects a port range on a pod(s) based on provided start and end\nvalues.\n\nSupport: Core" properties: end: - description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\n\nSupport: Core" + description: "End defines a network port that is the end of a port range, the End value\nmust be greater than Start.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 type: "integer" protocol: default: "TCP" - description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\n\nSupport: Core" + description: "Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must\nmatch. If not specified, this field defaults to TCP.\n\nSupport: Core" type: "string" start: - description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\n\nSupport: Core" + description: "Start defines a network port that is the start of a port range, the Start\nvalue must be less than End.\n\nSupport: Core" format: "int32" maximum: 65535.0 minimum: 1.0 @@ -416,7 +416,7 @@ spec: maxItems: 100 type: "array" subject: - description: "Subject defines the pods to which this BaselineAdminNetworkPolicy applies.\nNote that host-networked pods are not included in subject selection.\n\n\nSupport: Core" + description: "Subject defines the pods to which this BaselineAdminNetworkPolicy applies.\nNote that host-networked pods are not included in subject selection.\n\nSupport: Core" maxProperties: 1 minProperties: 1 properties: @@ -535,7 +535,7 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -564,7 +564,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/apparmorprofiles.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/apparmorprofiles.yaml index aeeca6ea7..332365035 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/apparmorprofiles.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/apparmorprofiles.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "apparmorprofiles.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" @@ -13,86 +13,136 @@ spec: shortNames: - "aa" singular: "apparmorprofile" - scope: "Namespaced" + scope: "Cluster" versions: - - name: "v1alpha1" + - additionalPrinterColumns: + - jsonPath: ".status.status" + name: "Status" + type: "string" + name: "v1alpha1" schema: openAPIV3Schema: - description: "AppArmorProfile is the Schema for the apparmorprofiles API" + description: "AppArmorProfile is a cluster level specification for an AppArmor profile." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "AppArmorProfileSpec defines the desired state of AppArmorProfile" + description: "AppArmorProfileSpec defines the desired state of AppArmorProfile." properties: abstract: + description: "Abstract stores the apparmor profile allow lists for executable, file, network and capabilities access." properties: capability: + description: "Capability rules for Linux capabilities." properties: allowedCapabilities: + description: "AllowedCapabilities lost of allowed capabilities." items: type: "string" type: "array" type: "object" executable: + description: "Executable rules for allowed executables." properties: allowedExecutables: + description: "AllowedExecutables list of allowed executables." items: type: "string" type: "array" allowedLibraries: + description: "AllowedLibraries list of allowed libraries." items: type: "string" type: "array" type: "object" filesystem: + description: "Filesystem rules for filesystem access." properties: readOnlyPaths: + description: "ReadOnlyPaths list of allowed read only file paths." items: type: "string" type: "array" readWritePaths: + description: "ReadWritePaths list of allowed read write file paths." items: type: "string" type: "array" writeOnlyPaths: + description: "WriteOnlyPaths list of allowed write only file paths." items: type: "string" type: "array" type: "object" network: + description: "Network rules for network access." properties: allowRaw: + description: "AllowRaw allows raw sockets." type: "boolean" allowedProtocols: + description: "Protocols keeps the allowed networking protocols." properties: allowTcp: + description: "AllowTCP allows TCP socket connections." type: "boolean" allowUdp: + description: "AllowUDP allows UDP sockets connections." type: "boolean" type: "object" type: "object" type: "object" - policy: - type: "string" + complainMode: + description: "ComplainMode places the apparmor profile into \"complain\" mode, by default is placed in \"enforce\" mode.\nIn complain mode, if a given action is not allowed, it will be allowed, but this violation will be\nlogged with a tag of access being \"ALLOWED unconfined\"." + type: "boolean" + disabled: + default: false + description: "Whether the profile is disabled and should be skipped during reconciliation." + type: "boolean" type: "object" status: - description: "AppArmorProfileStatus defines the observed state of AppArmorProfile" + description: "AppArmorProfileStatus defines the observed state of AppArmorProfile." + properties: + conditions: + description: "Conditions of the resource." + items: + description: "A Condition that may apply to a resource." + properties: + lastTransitionTime: + description: "LastTransitionTime is the last time this condition transitioned from one\nstatus to another." + format: "date-time" + type: "string" + message: + description: "A Message containing details about this condition's last transition from\none status to another, if any." + type: "string" + reason: + description: "A Reason for this condition's last transition from one status to another." + type: "string" + status: + description: "Status of this condition; is it currently True, False, or Unknown?" + type: "string" + type: + description: "Type of this condition. At most one of each condition type may apply to\na resource at any point in time." + type: "string" + required: + - "lastTransitionTime" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + status: + description: "ProfileState defines the state that the profile is in. A profile in this context\nrefers to a SeccompProfile or a SELinux profile, the states are shared between them\nas well as the management API." + type: "string" type: "object" type: "object" served: true storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilebindings.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilebindings.yaml index 22eedde0a..ecc83378b 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilebindings.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilebindings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "profilebindings.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml index 340cdcd12..4f1033424 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/profilerecordings.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "profilerecordings.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" @@ -76,11 +76,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilenodestatuses.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilenodestatuses.yaml index fd872f666..e72639ee2 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilenodestatuses.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilenodestatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "securityprofilenodestatuses.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" @@ -13,7 +13,7 @@ spec: shortNames: - "spns" singular: "securityprofilenodestatus" - scope: "Namespaced" + scope: "Cluster" versions: - additionalPrinterColumns: - jsonPath: ".status" diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilesoperatordaemons.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilesoperatordaemons.yaml index f3c687891..d7a3bb09f 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilesoperatordaemons.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha1/securityprofilesoperatordaemons.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "securityprofilesoperatordaemons.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" @@ -65,11 +65,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -86,11 +88,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -102,6 +106,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -126,11 +131,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -147,14 +154,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -190,11 +200,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -203,13 +215,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -233,11 +245,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -250,6 +264,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -265,6 +280,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -289,11 +305,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -302,13 +320,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -332,11 +350,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -349,6 +369,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -356,6 +377,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -387,11 +409,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -400,13 +424,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -430,11 +454,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -447,6 +473,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -462,6 +489,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -486,11 +514,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -499,13 +529,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -529,11 +559,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -546,6 +578,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -553,6 +586,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" allowedSeccompActions: @@ -570,13 +604,16 @@ spec: description: "DaemonResourceRequirements if defined, overwrites the default resource requirements\nof SPOD daemon." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -633,7 +670,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -715,11 +753,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -746,11 +786,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/rawselinuxprofiles.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/rawselinuxprofiles.yaml index 497d65343..7022744dc 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/rawselinuxprofiles.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/rawselinuxprofiles.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "rawselinuxprofiles.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" @@ -11,7 +11,7 @@ spec: listKind: "RawSelinuxProfileList" plural: "rawselinuxprofiles" singular: "rawselinuxprofile" - scope: "Namespaced" + scope: "Cluster" versions: - additionalPrinterColumns: - jsonPath: ".status.usage" diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/selinuxprofiles.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/selinuxprofiles.yaml index e899d369d..5cfc0cd9e 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/selinuxprofiles.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1alpha2/selinuxprofiles.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "selinuxprofiles.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" @@ -11,7 +11,7 @@ spec: listKind: "SelinuxProfileList" plural: "selinuxprofiles" singular: "selinuxprofile" - scope: "Namespaced" + scope: "Cluster" versions: - additionalPrinterColumns: - jsonPath: ".status.usage" diff --git a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1beta1/seccompprofiles.yaml b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1beta1/seccompprofiles.yaml index fb54804b6..3fe6f98ba 100644 --- a/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1beta1/seccompprofiles.yaml +++ b/crd-catalog/kubernetes-sigs/security-profiles-operator/security-profiles-operator.x-k8s.io/v1beta1/seccompprofiles.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "seccompprofiles.security-profiles-operator.x-k8s.io" spec: group: "security-profiles-operator.x-k8s.io" @@ -13,7 +13,7 @@ spec: shortNames: - "sp" singular: "seccompprofile" - scope: "Namespaced" + scope: "Cluster" versions: - additionalPrinterColumns: - jsonPath: ".status.status" diff --git a/crd-catalog/kubernetes-sigs/work-api/multicluster.x-k8s.io/v1alpha1/works.yaml b/crd-catalog/kubernetes-sigs/work-api/multicluster.x-k8s.io/v1alpha1/works.yaml index 87a8555f6..86ca5245e 100644 --- a/crd-catalog/kubernetes-sigs/work-api/multicluster.x-k8s.io/v1alpha1/works.yaml +++ b/crd-catalog/kubernetes-sigs/work-api/multicluster.x-k8s.io/v1alpha1/works.yaml @@ -45,7 +45,7 @@ spec: conditions: description: "Conditions contains the different condition statuses for this work.\nValid condition types are:\n1. Applied represents workload in Work is applied successfully on the spoke cluster.\n2. Progressing represents workload in Work in the trasitioning from one state to another the on the spoke cluster.\n3. Available represents workload in Work exists on the spoke cluster.\n4. Degraded represents the current state of workload does not match the desired\nstate for a certain period." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -74,7 +74,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -94,7 +94,7 @@ spec: conditions: description: "Conditions represents the conditions of this resource on spoke cluster" items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -123,7 +123,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -164,6 +164,7 @@ spec: type: "object" required: - "conditions" + - "identifier" type: "object" type: "array" required: diff --git a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalercheckpoints.yaml b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalercheckpoints.yaml index 98cd4392e..be08f9014 100644 --- a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalercheckpoints.yaml +++ b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalercheckpoints.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes/kubernetes/pull/63797" - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "verticalpodautoscalercheckpoints.autoscaling.k8s.io" spec: group: "autoscaling.k8s.io" @@ -19,18 +19,18 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "VerticalPodAutoscalerCheckpoint is the checkpoint of the internal state of VPA that is used for recovery after recommender's restart." + description: "VerticalPodAutoscalerCheckpoint is the checkpoint of the internal state of VPA that\nis used for recovery after recommender's restart." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "Specification of the checkpoint. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + description: "Specification of the checkpoint.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." properties: containerName: description: "Name of the checkpointed container." diff --git a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalers.yaml b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalers.yaml index 10f825500..ca84e6853 100644 --- a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalers.yaml +++ b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1/verticalpodautoscalers.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes/kubernetes/pull/63797" - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "verticalpodautoscalers.autoscaling.k8s.io" spec: group: "autoscaling.k8s.io" @@ -35,23 +35,23 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "VerticalPodAutoscaler is the configuration for a vertical pod autoscaler, which automatically manages pod resources based on historical and real time resource utilization." + description: "VerticalPodAutoscaler is the configuration for a vertical pod\nautoscaler, which automatically manages pod resources based on historical and\nreal time resource utilization." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "Specification of the behavior of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + description: "Specification of the behavior of the autoscaler.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." properties: recommenders: - description: "Recommender responsible for generating recommendation for this object. List should be empty (then the default recommender will generate the recommendation) or contain exactly one recommender." + description: "Recommender responsible for generating recommendation for this object.\nList should be empty (then the default recommender will generate the\nrecommendation) or contain exactly one recommender." items: - description: "VerticalPodAutoscalerRecommenderSelector points to a specific Vertical Pod Autoscaler recommender. In the future it might pass parameters to the recommender." + description: "VerticalPodAutoscalerRecommenderSelector points to a specific Vertical Pod Autoscaler recommender.\nIn the future it might pass parameters to the recommender." properties: name: description: "Name of the recommender responsible for generating recommendation for this object." @@ -61,24 +61,24 @@ spec: type: "object" type: "array" resourcePolicy: - description: "Controls how the autoscaler computes recommended resources. The resource policy may be used to set constraints on the recommendations for individual containers. If any individual containers need to be excluded from getting the VPA recommendations, then it must be disabled explicitly by setting mode to \"Off\" under containerPolicies. If not specified, the autoscaler computes recommended resources for all containers in the pod, without additional constraints." + description: "Controls how the autoscaler computes recommended resources.\nThe resource policy may be used to set constraints on the recommendations\nfor individual containers.\nIf any individual containers need to be excluded from getting the VPA recommendations, then\nit must be disabled explicitly by setting mode to \"Off\" under containerPolicies.\nIf not specified, the autoscaler computes recommended resources for all containers in the pod,\nwithout additional constraints." properties: containerPolicies: description: "Per-container resource policies." items: - description: "ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container." + description: "ContainerResourcePolicy controls how autoscaler computes the recommended\nresources for a specific container." properties: containerName: - description: "Name of the container or DefaultContainerResourcePolicy, in which case the policy is used by the containers that don't have their own policy specified." + description: "Name of the container or DefaultContainerResourcePolicy, in which\ncase the policy is used by the containers that don't have their own\npolicy specified." type: "string" controlledResources: - description: "Specifies the type of recommendations that will be computed (and possibly applied) by VPA. If not specified, the default of [ResourceCPU, ResourceMemory] will be used." + description: "Specifies the type of recommendations that will be computed\n(and possibly applied) by VPA.\nIf not specified, the default of [ResourceCPU, ResourceMemory] will be used." items: description: "ResourceName is the name identifying various resources in a ResourceList." type: "string" type: "array" controlledValues: - description: "Specifies which resource values should be controlled. The default is \"RequestsAndLimits\"." + description: "Specifies which resource values should be controlled.\nThe default is \"RequestsAndLimits\"." enum: - "RequestsAndLimits" - "RequestsOnly" @@ -90,7 +90,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Specifies the maximum amount of resources that will be recommended for the container. The default is no maximum." + description: "Specifies the maximum amount of resources that will be recommended\nfor the container. The default is no maximum." type: "object" minAllowed: additionalProperties: @@ -99,7 +99,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Specifies the minimal amount of resources that will be recommended for the container. The default is no minimum." + description: "Specifies the minimal amount of resources that will be recommended\nfor the container. The default is no minimum." type: "object" mode: description: "Whether autoscaler is enabled for the container. The default is \"Auto\"." @@ -111,16 +111,16 @@ spec: type: "array" type: "object" targetRef: - description: "TargetRef points to the controller managing the set of pods for the autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler can be targeted at controller implementing scale subresource (the pod set is retrieved from the controller's ScaleStatus) or some well known controllers (e.g. for DaemonSet the pod set is read from the controller's spec). If VerticalPodAutoscaler cannot use specified target it will report ConfigUnsupported condition. Note that VerticalPodAutoscaler does not require full implementation of scale subresource - it will not use it to modify the replica count. The only thing retrieved is a label selector matching pods grouped by the target resource." + description: "TargetRef points to the controller managing the set of pods for the\nautoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler\ncan be targeted at controller implementing scale subresource (the pod set is\nretrieved from the controller's ScaleStatus) or some well known controllers\n(e.g. for DaemonSet the pod set is read from the controller's spec).\nIf VerticalPodAutoscaler cannot use specified target it will report\nConfigUnsupported condition.\nNote that VerticalPodAutoscaler does not require full implementation\nof scale subresource - it will not use it to modify the replica count.\nThe only thing retrieved is a label selector matching pods grouped by\nthe target resource." properties: apiVersion: - description: "API version of the referent" + description: "apiVersion is the API version of the referent" type: "string" kind: - description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names" + description: "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" required: - "kind" @@ -128,12 +128,12 @@ spec: type: "object" x-kubernetes-map-type: "atomic" updatePolicy: - description: "Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values." + description: "Describes the rules on how changes are applied to the pods.\nIf not specified, all fields in the `PodUpdatePolicy` are set to their\ndefault values." properties: evictionRequirements: - description: "EvictionRequirements is a list of EvictionRequirements that need to evaluate to true in order for a Pod to be evicted. If more than one EvictionRequirement is specified, all of them need to be fulfilled to allow eviction." + description: "EvictionRequirements is a list of EvictionRequirements that need to\nevaluate to true in order for a Pod to be evicted. If more than one\nEvictionRequirement is specified, all of them need to be fulfilled to allow eviction." items: - description: "EvictionRequirement defines a single condition which needs to be true in order to evict a Pod" + description: "EvictionRequirement defines a single condition which needs to be true in\norder to evict a Pod" properties: changeRequirement: description: "EvictionChangeRequirement refers to the relationship between the new target recommendation for a Pod and its current requests, what kind of change is necessary for the Pod to be evicted" @@ -142,7 +142,7 @@ spec: - "TargetLowerThanRequests" type: "string" resources: - description: "Resources is a list of one or more resources that the condition applies to. If more than one resource is given, the EvictionRequirement is fulfilled if at least one resource meets `changeRequirement`." + description: "Resources is a list of one or more resources that the condition applies\nto. If more than one resource is given, the EvictionRequirement is fulfilled\nif at least one resource meets `changeRequirement`." items: description: "ResourceName is the name identifying various resources in a ResourceList." type: "string" @@ -153,11 +153,11 @@ spec: type: "object" type: "array" minReplicas: - description: "Minimal number of replicas which need to be alive for Updater to attempt pod eviction (pending other checks like PDB). Only positive values are allowed. Overrides global '--min-replicas' flag." + description: "Minimal number of replicas which need to be alive for Updater to attempt\npod eviction (pending other checks like PDB). Only positive values are\nallowed. Overrides global '--min-replicas' flag." format: "int32" type: "integer" updateMode: - description: "Controls when autoscaler applies changes to the pod resources. The default is 'Auto'." + description: "Controls when autoscaler applies changes to the pod resources.\nThe default is 'Auto'." enum: - "Off" - "Initial" @@ -172,16 +172,16 @@ spec: description: "Current information about the autoscaler." properties: conditions: - description: "Conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met." + description: "Conditions is the set of conditions required for this autoscaler to scale its target,\nand indicates whether or not those conditions are met." items: - description: "VerticalPodAutoscalerCondition describes the state of a VerticalPodAutoscaler at a certain point." + description: "VerticalPodAutoscalerCondition describes the state of\na VerticalPodAutoscaler at a certain point." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another" + description: "lastTransitionTime is the last time the condition transitioned from\none status to another" format: "date-time" type: "string" message: - description: "message is a human-readable explanation containing details about the transition" + description: "message is a human-readable explanation containing details about\nthe transition" type: "string" reason: description: "reason is the reason for the condition's last transition." @@ -198,12 +198,12 @@ spec: type: "object" type: "array" recommendation: - description: "The most recently computed amount of resources recommended by the autoscaler for the controlled pods." + description: "The most recently computed amount of resources recommended by the\nautoscaler for the controlled pods." properties: containerRecommendations: description: "Resources recommended by the autoscaler for each container." items: - description: "RecommendedContainerResources is the recommendation of resources computed by autoscaler for a specific container. Respects the container resource policy if present in the spec. In particular the recommendation is not produced for containers with `ContainerScalingMode` set to 'Off'." + description: "RecommendedContainerResources is the recommendation of resources computed by\nautoscaler for a specific container. Respects the container resource policy\nif present in the spec. In particular the recommendation is not produced for\ncontainers with `ContainerScalingMode` set to 'Off'." properties: containerName: description: "Name of the container." @@ -215,7 +215,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Minimum recommended amount of resources. Observes ContainerResourcePolicy. This amount is not guaranteed to be sufficient for the application to operate in a stable way, however running with less resources is likely to have significant impact on performance/availability." + description: "Minimum recommended amount of resources. Observes ContainerResourcePolicy.\nThis amount is not guaranteed to be sufficient for the application to operate in a stable way, however\nrunning with less resources is likely to have significant impact on performance/availability." type: "object" target: additionalProperties: @@ -233,7 +233,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "The most recent recommended resources target computed by the autoscaler for the controlled pods, based only on actual resource usage, not taking into account the ContainerResourcePolicy. May differ from the Recommendation if the actual resource usage causes the target to violate the ContainerResourcePolicy (lower than MinAllowed or higher that MaxAllowed). Used only as status indication, will not affect actual resource assignment." + description: "The most recent recommended resources target computed by the autoscaler\nfor the controlled pods, based only on actual resource usage, not taking\ninto account the ContainerResourcePolicy.\nMay differ from the Recommendation if the actual resource usage causes\nthe target to violate the ContainerResourcePolicy (lower than MinAllowed\nor higher that MaxAllowed).\nUsed only as status indication, will not affect actual resource assignment." type: "object" upperBound: additionalProperties: @@ -242,7 +242,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Maximum recommended amount of resources. Observes ContainerResourcePolicy. Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum amount of application is actually capable of consuming." + description: "Maximum recommended amount of resources. Observes ContainerResourcePolicy.\nAny resources allocated beyond this value are likely wasted. This value may be larger than the maximum\namount of application is actually capable of consuming." type: "object" required: - "target" diff --git a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalercheckpoints.yaml b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalercheckpoints.yaml index 3514fe438..bd3fcceda 100644 --- a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalercheckpoints.yaml +++ b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalercheckpoints.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes/kubernetes/pull/63797" - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "verticalpodautoscalercheckpoints.autoscaling.k8s.io" spec: group: "autoscaling.k8s.io" @@ -19,18 +19,18 @@ spec: - name: "v1beta2" schema: openAPIV3Schema: - description: "VerticalPodAutoscalerCheckpoint is the checkpoint of the internal state of VPA that is used for recovery after recommender's restart." + description: "VerticalPodAutoscalerCheckpoint is the checkpoint of the internal state of VPA that\nis used for recovery after recommender's restart." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "Specification of the checkpoint. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + description: "Specification of the checkpoint.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." properties: containerName: description: "Name of the checkpointed container." @@ -97,5 +97,5 @@ spec: type: "string" type: "object" type: "object" - served: true + served: false storage: false diff --git a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalers.yaml b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalers.yaml index 1adac31e9..b56327312 100644 --- a/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalers.yaml +++ b/crd-catalog/kubernetes/autoscaler/autoscaling.k8s.io/v1beta2/verticalpodautoscalers.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: api-approved.kubernetes.io: "https://github.com/kubernetes/kubernetes/pull/63797" - controller-gen.kubebuilder.io/version: "v0.9.2" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "verticalpodautoscalers.autoscaling.k8s.io" spec: group: "autoscaling.k8s.io" @@ -21,29 +21,29 @@ spec: name: "v1beta2" schema: openAPIV3Schema: - description: "VerticalPodAutoscaler is the configuration for a vertical pod autoscaler, which automatically manages pod resources based on historical and real time resource utilization." + description: "VerticalPodAutoscaler is the configuration for a vertical pod\nautoscaler, which automatically manages pod resources based on historical and\nreal time resource utilization." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "Specification of the behavior of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + description: "Specification of the behavior of the autoscaler.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." properties: resourcePolicy: - description: "Controls how the autoscaler computes recommended resources. The resource policy may be used to set constraints on the recommendations for individual containers. If not specified, the autoscaler computes recommended resources for all containers in the pod, without additional constraints." + description: "Controls how the autoscaler computes recommended resources.\nThe resource policy may be used to set constraints on the recommendations\nfor individual containers. If not specified, the autoscaler computes recommended\nresources for all containers in the pod, without additional constraints." properties: containerPolicies: description: "Per-container resource policies." items: - description: "ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container." + description: "ContainerResourcePolicy controls how autoscaler computes the recommended\nresources for a specific container." properties: containerName: - description: "Name of the container or DefaultContainerResourcePolicy, in which case the policy is used by the containers that don't have their own policy specified." + description: "Name of the container or DefaultContainerResourcePolicy, in which\ncase the policy is used by the containers that don't have their own\npolicy specified." type: "string" maxAllowed: additionalProperties: @@ -52,7 +52,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Specifies the maximum amount of resources that will be recommended for the container. The default is no maximum." + description: "Specifies the maximum amount of resources that will be recommended\nfor the container. The default is no maximum." type: "object" minAllowed: additionalProperties: @@ -61,7 +61,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Specifies the minimal amount of resources that will be recommended for the container. The default is no minimum." + description: "Specifies the minimal amount of resources that will be recommended\nfor the container. The default is no minimum." type: "object" mode: description: "Whether autoscaler is enabled for the container. The default is \"Auto\"." @@ -73,16 +73,16 @@ spec: type: "array" type: "object" targetRef: - description: "TargetRef points to the controller managing the set of pods for the autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler can be targeted at controller implementing scale subresource (the pod set is retrieved from the controller's ScaleStatus) or some well known controllers (e.g. for DaemonSet the pod set is read from the controller's spec). If VerticalPodAutoscaler cannot use specified target it will report ConfigUnsupported condition. Note that VerticalPodAutoscaler does not require full implementation of scale subresource - it will not use it to modify the replica count. The only thing retrieved is a label selector matching pods grouped by the target resource." + description: "TargetRef points to the controller managing the set of pods for the\nautoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler\ncan be targeted at controller implementing scale subresource (the pod set is\nretrieved from the controller's ScaleStatus) or some well known controllers\n(e.g. for DaemonSet the pod set is read from the controller's spec).\nIf VerticalPodAutoscaler cannot use specified target it will report\nConfigUnsupported condition.\nNote that VerticalPodAutoscaler does not require full implementation\nof scale subresource - it will not use it to modify the replica count.\nThe only thing retrieved is a label selector matching pods grouped by\nthe target resource." properties: apiVersion: - description: "API version of the referent" + description: "apiVersion is the API version of the referent" type: "string" kind: - description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names" + description: "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" required: - "kind" @@ -90,10 +90,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" updatePolicy: - description: "Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values." + description: "Describes the rules on how changes are applied to the pods.\nIf not specified, all fields in the `PodUpdatePolicy` are set to their\ndefault values." properties: updateMode: - description: "Controls when autoscaler applies changes to the pod resources. The default is 'Auto'." + description: "Controls when autoscaler applies changes to the pod resources.\nThe default is 'Auto'." enum: - "Off" - "Initial" @@ -108,16 +108,16 @@ spec: description: "Current information about the autoscaler." properties: conditions: - description: "Conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met." + description: "Conditions is the set of conditions required for this autoscaler to scale its target,\nand indicates whether or not those conditions are met." items: - description: "VerticalPodAutoscalerCondition describes the state of a VerticalPodAutoscaler at a certain point." + description: "VerticalPodAutoscalerCondition describes the state of\na VerticalPodAutoscaler at a certain point." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another" + description: "lastTransitionTime is the last time the condition transitioned from\none status to another" format: "date-time" type: "string" message: - description: "message is a human-readable explanation containing details about the transition" + description: "message is a human-readable explanation containing details about\nthe transition" type: "string" reason: description: "reason is the reason for the condition's last transition." @@ -134,12 +134,12 @@ spec: type: "object" type: "array" recommendation: - description: "The most recently computed amount of resources recommended by the autoscaler for the controlled pods." + description: "The most recently computed amount of resources recommended by the\nautoscaler for the controlled pods." properties: containerRecommendations: description: "Resources recommended by the autoscaler for each container." items: - description: "RecommendedContainerResources is the recommendation of resources computed by autoscaler for a specific container. Respects the container resource policy if present in the spec. In particular the recommendation is not produced for containers with `ContainerScalingMode` set to 'Off'." + description: "RecommendedContainerResources is the recommendation of resources computed by\nautoscaler for a specific container. Respects the container resource policy\nif present in the spec. In particular the recommendation is not produced for\ncontainers with `ContainerScalingMode` set to 'Off'." properties: containerName: description: "Name of the container." @@ -151,7 +151,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Minimum recommended amount of resources. Observes ContainerResourcePolicy. This amount is not guaranteed to be sufficient for the application to operate in a stable way, however running with less resources is likely to have significant impact on performance/availability." + description: "Minimum recommended amount of resources. Observes ContainerResourcePolicy.\nThis amount is not guaranteed to be sufficient for the application to operate in a stable way, however\nrunning with less resources is likely to have significant impact on performance/availability." type: "object" target: additionalProperties: @@ -169,7 +169,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "The most recent recommended resources target computed by the autoscaler for the controlled pods, based only on actual resource usage, not taking into account the ContainerResourcePolicy. May differ from the Recommendation if the actual resource usage causes the target to violate the ContainerResourcePolicy (lower than MinAllowed or higher that MaxAllowed). Used only as status indication, will not affect actual resource assignment." + description: "The most recent recommended resources target computed by the autoscaler\nfor the controlled pods, based only on actual resource usage, not taking\ninto account the ContainerResourcePolicy.\nMay differ from the Recommendation if the actual resource usage causes\nthe target to violate the ContainerResourcePolicy (lower than MinAllowed\nor higher that MaxAllowed).\nUsed only as status indication, will not affect actual resource assignment." type: "object" upperBound: additionalProperties: @@ -178,7 +178,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Maximum recommended amount of resources. Observes ContainerResourcePolicy. Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum amount of application is actually capable of consuming." + description: "Maximum recommended amount of resources. Observes ContainerResourcePolicy.\nAny resources allocated beyond this value are likely wasted. This value may be larger than the maximum\namount of application is actually capable of consuming." type: "object" required: - "target" @@ -189,7 +189,7 @@ spec: required: - "spec" type: "object" - served: true + served: false storage: false subresources: status: {} diff --git a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml index b4b3bfe05..0dedd29f6 100644 --- a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml +++ b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/migrations.yaml @@ -291,6 +291,9 @@ spec: namespace: description: "The VM Namespace\nOnly relevant for an openshift source." type: "string" + networkNameTemplate: + description: "NetworkNameTemplate is a template for generating network interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise.\n - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located.\n - .NetworkType: type of the network (\"Multus\" or \"Pod\")\n - .NetworkIndex: sequential index of the network interface (0-based)\nThe template can be used to customize network interface names based on target network configuration.\nNote:\n - This template will override at the plan level template\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"net-{{.NetworkIndex}}\"\n \"{{if eq .NetworkType \"Pod\"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}\"" + type: "string" newName: description: "The new name of the VM after matching DNS1123 requirements." type: "string" @@ -426,6 +429,9 @@ spec: - "progress" type: "object" type: "array" + pvcNameTemplate: + description: "PVCNameTemplate is a template for generating PVC names for VM disks.\nIt follows Go template syntax and has access to the following variables:\n - .VmName: name of the VM\n - .PlanName: name of the migration plan\n - .DiskIndex: initial volume index of the disk\n - .RootDiskIndex: index of the root disk\nNote:\n This template overrides the plan level template.\nExamples:\n \"{{.VmName}}-disk-{{.DiskIndex}}\"\n \"{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}\"" + type: "string" restorePowerState: description: "Source VM power state before migration." type: "string" @@ -439,6 +445,9 @@ spec: type: description: "Type used to qualify the name." type: "string" + volumeNameTemplate: + description: "VolumeNameTemplate is a template for generating volume interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .PVCName: name of the PVC mounted to the VM using this volume\n - .VolumeIndex: sequential index of the volume interface (0-based)\nNote:\n - This template will override at the plan level template\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"disk-{{.VolumeIndex}}\"\n \"pvc-{{.PVCName}}\"" + type: "string" warm: description: "Warm migration status" properties: @@ -453,9 +462,25 @@ spec: items: description: "Precopy durations" properties: + createTaskId: + type: "string" + deltas: + items: + properties: + deltaId: + type: "string" + disk: + type: "string" + required: + - "deltaId" + - "disk" + type: "object" + type: "array" end: format: "date-time" type: "string" + removeTaskId: + type: "string" snapshot: type: "string" start: diff --git a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml index a68556e75..e5301ebb1 100644 --- a/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml +++ b/crd-catalog/kubev2v/forklift/forklift.konveyor.io/v1beta1/plans.yaml @@ -50,6 +50,9 @@ spec: description: description: "Description" type: "string" + diskBus: + description: "Specify the disk bus which will be applied to all VMs disks in plan.\nPossible options 'scsi', 'sata' and 'virtio'.\nDefaults to 'virtio'." + type: "string" map: description: "Resource mapping." properties: @@ -109,6 +112,9 @@ spec: - "network" - "storage" type: "object" + networkNameTemplate: + description: "NetworkNameTemplate is a template for generating network interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise.\n - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located.\n - .NetworkType: type of the network (\"Multus\" or \"Pod\")\n - .NetworkIndex: sequential index of the network interface (0-based)\nThe template can be used to customize network interface names based on target network configuration.\nNote:\n - This template can be overridden at the individual VM level\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"net-{{.NetworkIndex}}\"\n \"{{if eq .NetworkType \"Pod\"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}\"" + type: "string" preserveClusterCpuModel: description: "Preserve the CPU model and flags the VM runs with in its oVirt cluster." type: "boolean" @@ -174,6 +180,9 @@ spec: - "destination" - "source" type: "object" + pvcNameTemplate: + description: "PVCNameTemplate is a template for generating PVC names for VM disks.\nIt follows Go template syntax and has access to the following variables:\n - .VmName: name of the VM\n - .PlanName: name of the migration plan\n - .DiskIndex: initial volume index of the disk\n - .RootDiskIndex: index of the root disk\nNote:\n This template can be overridden at the individual VM level.\nExamples:\n \"{{.VmName}}-disk-{{.DiskIndex}}\"\n \"{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}\"" + type: "string" targetNamespace: description: "Target namespace." type: "string" @@ -285,14 +294,26 @@ spec: namespace: description: "The VM Namespace\nOnly relevant for an openshift source." type: "string" + networkNameTemplate: + description: "NetworkNameTemplate is a template for generating network interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise.\n - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located.\n - .NetworkType: type of the network (\"Multus\" or \"Pod\")\n - .NetworkIndex: sequential index of the network interface (0-based)\nThe template can be used to customize network interface names based on target network configuration.\nNote:\n - This template will override at the plan level template\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"net-{{.NetworkIndex}}\"\n \"{{if eq .NetworkType \"Pod\"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}\"" + type: "string" + pvcNameTemplate: + description: "PVCNameTemplate is a template for generating PVC names for VM disks.\nIt follows Go template syntax and has access to the following variables:\n - .VmName: name of the VM\n - .PlanName: name of the migration plan\n - .DiskIndex: initial volume index of the disk\n - .RootDiskIndex: index of the root disk\nNote:\n This template overrides the plan level template.\nExamples:\n \"{{.VmName}}-disk-{{.DiskIndex}}\"\n \"{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}\"" + type: "string" rootDisk: description: "Choose the primary disk the VM boots from" type: "string" type: description: "Type used to qualify the name." type: "string" + volumeNameTemplate: + description: "VolumeNameTemplate is a template for generating volume interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .PVCName: name of the PVC mounted to the VM using this volume\n - .VolumeIndex: sequential index of the volume interface (0-based)\nNote:\n - This template will override at the plan level template\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"disk-{{.VolumeIndex}}\"\n \"pvc-{{.PVCName}}\"" + type: "string" type: "object" type: "array" + volumeNameTemplate: + description: "VolumeNameTemplate is a template for generating volume interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .PVCName: name of the PVC mounted to the VM using this volume\n - .VolumeIndex: sequential index of the volume interface (0-based)\nNote:\n - This template can be overridden at the individual VM level\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"disk-{{.VolumeIndex}}\"\n \"pvc-{{.PVCName}}\"" + type: "string" warm: description: "Whether this is a warm migration." type: "boolean" @@ -675,6 +696,9 @@ spec: namespace: description: "The VM Namespace\nOnly relevant for an openshift source." type: "string" + networkNameTemplate: + description: "NetworkNameTemplate is a template for generating network interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise.\n - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located.\n - .NetworkType: type of the network (\"Multus\" or \"Pod\")\n - .NetworkIndex: sequential index of the network interface (0-based)\nThe template can be used to customize network interface names based on target network configuration.\nNote:\n - This template will override at the plan level template\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"net-{{.NetworkIndex}}\"\n \"{{if eq .NetworkType \"Pod\"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}\"" + type: "string" newName: description: "The new name of the VM after matching DNS1123 requirements." type: "string" @@ -810,6 +834,9 @@ spec: - "progress" type: "object" type: "array" + pvcNameTemplate: + description: "PVCNameTemplate is a template for generating PVC names for VM disks.\nIt follows Go template syntax and has access to the following variables:\n - .VmName: name of the VM\n - .PlanName: name of the migration plan\n - .DiskIndex: initial volume index of the disk\n - .RootDiskIndex: index of the root disk\nNote:\n This template overrides the plan level template.\nExamples:\n \"{{.VmName}}-disk-{{.DiskIndex}}\"\n \"{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}\"" + type: "string" restorePowerState: description: "Source VM power state before migration." type: "string" @@ -823,6 +850,9 @@ spec: type: description: "Type used to qualify the name." type: "string" + volumeNameTemplate: + description: "VolumeNameTemplate is a template for generating volume interface names in the target virtual machine.\nIt follows Go template syntax and has access to the following variables:\n - .PVCName: name of the PVC mounted to the VM using this volume\n - .VolumeIndex: sequential index of the volume interface (0-based)\nNote:\n - This template will override at the plan level template\n - If not specified on VM level and on Plan leverl, default naming conventions will be used\nExamples:\n \"disk-{{.VolumeIndex}}\"\n \"pvc-{{.PVCName}}\"" + type: "string" warm: description: "Warm migration status" properties: @@ -837,9 +867,25 @@ spec: items: description: "Precopy durations" properties: + createTaskId: + type: "string" + deltas: + items: + properties: + deltaId: + type: "string" + disk: + type: "string" + required: + - "deltaId" + - "disk" + type: "object" + type: "array" end: format: "date-time" type: "string" + removeTaskId: + type: "string" snapshot: type: "string" start: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml index f3f2f9beb..3160c5d00 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/circuitbreakers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "circuitbreakers.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml index 85dbd455d..5ee92a6fa 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/containerpatches.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "containerpatches.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml index c03e49f0a..bc4655ba8 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplaneinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "dataplaneinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml index 7c44721e0..b866c647d 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/dataplanes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "dataplanes.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "Dataplane" listKind: "DataplaneList" plural: "dataplanes" + shortNames: + - "dp" singular: "dataplane" scope: "Namespaced" versions: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml index 538231c58..f325a73ef 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/externalservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "externalservices.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml index cb36e9f76..196834604 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/faultinjections.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "faultinjections.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml index 682e4f87e..d64641be5 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/healthchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "healthchecks.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml index 05f83fc79..3ff755318 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshaccesslogs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshaccesslogs.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshAccessLog" listKind: "MeshAccessLogList" plural: "meshaccesslogs" + shortNames: + - "mal" singular: "meshaccesslog" scope: "Namespaced" versions: @@ -65,6 +67,9 @@ spec: type: "string" value: type: "string" + required: + - "key" + - "value" type: "object" type: "array" omitEmptyValues: @@ -103,6 +108,9 @@ spec: type: "string" value: type: "string" + required: + - "key" + - "value" type: "object" type: "array" body: @@ -145,6 +153,9 @@ spec: type: "string" value: type: "string" + required: + - "key" + - "value" type: "object" type: "array" omitEmptyValues: @@ -189,6 +200,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -223,9 +235,161 @@ spec: type: "object" type: "object" required: + - "default" - "targetRef" type: "object" type: "array" + rules: + description: "Rules defines inbound access log configurations. Currently limited to\nselecting all inbound traffic, as L7 matching is not yet implemented." + items: + properties: + default: + description: "Default contains configuration of the inbound access logging" + properties: + backends: + items: + properties: + file: + description: "FileBackend defines configuration for file based access logs" + properties: + format: + description: "Format of access logs. Placeholders available on\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators" + properties: + json: + example: + - key: "start_time" + value: "%START_TIME%" + - key: "bytes_received" + value: "%BYTES_RECEIVED%" + items: + properties: + key: + type: "string" + value: + type: "string" + required: + - "key" + - "value" + type: "object" + type: "array" + omitEmptyValues: + default: false + type: "boolean" + plain: + example: "[%START_TIME%] %KUMA_MESH% %UPSTREAM_HOST%" + type: "string" + type: + enum: + - "Plain" + - "Json" + type: "string" + required: + - "type" + type: "object" + path: + description: "Path to a file that logs will be written to" + example: "/tmp/access.log" + minLength: 1 + type: "string" + required: + - "path" + type: "object" + openTelemetry: + description: "Defines an OpenTelemetry logging backend." + properties: + attributes: + description: "Attributes can contain placeholders available on\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators" + example: + - key: "mesh" + value: "%KUMA_MESH%" + items: + properties: + key: + type: "string" + value: + type: "string" + required: + - "key" + - "value" + type: "object" + type: "array" + body: + description: "Body is a raw string or an OTLP any value as described at\nhttps://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/logs/data-model.md#field-body\nIt can contain placeholders available on\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators" + example: + kvlistValue: + values: + - key: "mesh" + value: + stringValue: "%KUMA_MESH%" + x-kubernetes-preserve-unknown-fields: true + endpoint: + description: "Endpoint of OpenTelemetry collector. An empty port defaults to 4317." + example: "otel-collector:4317" + minLength: 1 + type: "string" + required: + - "endpoint" + type: "object" + tcp: + description: "TCPBackend defines a TCP logging backend." + properties: + address: + description: "Address of the TCP logging backend" + example: "127.0.0.1:5000" + minLength: 1 + type: "string" + format: + description: "Format of access logs. Placeholders available on\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators" + properties: + json: + example: + - key: "start_time" + value: "%START_TIME%" + - key: "bytes_received" + value: "%BYTES_RECEIVED%" + items: + properties: + key: + type: "string" + value: + type: "string" + required: + - "key" + - "value" + type: "object" + type: "array" + omitEmptyValues: + default: false + type: "boolean" + plain: + example: "[%START_TIME%] %KUMA_MESH% %UPSTREAM_HOST%" + type: "string" + type: + enum: + - "Plain" + - "Json" + type: "string" + required: + - "type" + type: "object" + required: + - "address" + type: "object" + type: + enum: + - "Tcp" + - "File" + - "OpenTelemetry" + type: "string" + required: + - "type" + type: "object" + type: "array" + type: "object" + required: + - "default" + type: "object" + type: "array" targetRef: description: "TargetRef is a reference to the resource the policy takes an effect on.\nThe resource could be either a real store object or virtual resource\ndefined in-place." properties: @@ -240,6 +404,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -301,6 +466,9 @@ spec: type: "string" value: type: "string" + required: + - "key" + - "value" type: "object" type: "array" omitEmptyValues: @@ -339,6 +507,9 @@ spec: type: "string" value: type: "string" + required: + - "key" + - "value" type: "object" type: "array" body: @@ -381,6 +552,9 @@ spec: type: "string" value: type: "string" + required: + - "key" + - "value" type: "object" type: "array" omitEmptyValues: @@ -425,6 +599,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -459,6 +634,7 @@ spec: type: "object" type: "object" required: + - "default" - "targetRef" type: "object" type: "array" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml index 3a0500215..4d4560bbe 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshcircuitbreakers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshcircuitbreakers.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshCircuitBreaker" listKind: "MeshCircuitBreakerList" plural: "meshcircuitbreakers" + shortNames: + - "mcb" singular: "meshcircuitbreaker" scope: "Namespaced" versions: @@ -139,6 +141,12 @@ spec: disabled: description: "When set to true, outlierDetection configuration won't take any effect" type: "boolean" + healthyPanicThreshold: + anyOf: + - type: "integer" + - type: "string" + description: "Allows to configure panic threshold for Envoy cluster. If not specified,\nthe default is 50%. To disable panic mode, set to 0%.\nEither int or decimal represented as string." + x-kubernetes-int-or-string: true interval: description: "The time interval between ejection analysis sweeps. This can result in\nboth new ejections and hosts being returned to service." type: "string" @@ -165,6 +173,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -202,6 +211,128 @@ spec: - "targetRef" type: "object" type: "array" + rules: + description: "Rules defines inbound circuit breaker configurations. Currently limited to\nselecting all inbound traffic, as L7 matching is not yet implemented." + items: + properties: + default: + description: "Default contains configuration of the inbound circuit breaker" + properties: + connectionLimits: + description: "ConnectionLimits contains configuration of each circuit breaking limit,\nwhich when exceeded makes the circuit breaker to become open (no traffic\nis allowed like no current is allowed in the circuits when physical\ncircuit breaker ir open)" + properties: + maxConnectionPools: + description: "The maximum number of connection pools per cluster that are concurrently\nsupported at once. Set this for clusters which create a large number of\nconnection pools." + format: "int32" + type: "integer" + maxConnections: + description: "The maximum number of connections allowed to be made to the upstream\ncluster." + format: "int32" + type: "integer" + maxPendingRequests: + description: "The maximum number of pending requests that are allowed to the upstream\ncluster. This limit is applied as a connection limit for non-HTTP\ntraffic." + format: "int32" + type: "integer" + maxRequests: + description: "The maximum number of parallel requests that are allowed to be made\nto the upstream cluster. This limit does not apply to non-HTTP traffic." + format: "int32" + type: "integer" + maxRetries: + description: "The maximum number of parallel retries that will be allowed to\nthe upstream cluster." + format: "int32" + type: "integer" + type: "object" + outlierDetection: + description: "OutlierDetection contains the configuration of the process of dynamically\ndetermining whether some number of hosts in an upstream cluster are\nperforming unlike the others and removing them from the healthy load\nbalancing set. Performance might be along different axes such as\nconsecutive failures, temporal success rate, temporal latency, etc.\nOutlier detection is a form of passive health checking." + properties: + baseEjectionTime: + description: "The base time that a host is ejected for. The real time is equal to\nthe base time multiplied by the number of times the host has been\nejected." + type: "string" + detectors: + description: "Contains configuration for supported outlier detectors" + properties: + failurePercentage: + description: "Failure Percentage based outlier detection functions similarly to success\nrate detection, in that it relies on success rate data from each host in\na cluster. However, rather than compare those values to the mean success\nrate of the cluster as a whole, they are compared to a flat\nuser-configured threshold. This threshold is configured via the\noutlierDetection.failurePercentageThreshold field.\nThe other configuration fields for failure percentage based detection are\nsimilar to the fields for success rate detection. As with success rate\ndetection, detection will not be performed for a host if its request\nvolume over the aggregation interval is less than the\noutlierDetection.detectors.failurePercentage.requestVolume value.\nDetection also will not be performed for a cluster if the number of hosts\nwith the minimum required request volume in an interval is less than the\noutlierDetection.detectors.failurePercentage.minimumHosts value." + properties: + minimumHosts: + description: "The minimum number of hosts in a cluster in order to perform failure\npercentage-based ejection. If the total number of hosts in the cluster is\nless than this value, failure percentage-based ejection will not be\nperformed." + format: "int32" + type: "integer" + requestVolume: + description: "The minimum number of total requests that must be collected in one\ninterval (as defined by the interval duration above) to perform failure\npercentage-based ejection for this host. If the volume is lower than this\nsetting, failure percentage-based ejection will not be performed for this\nhost." + format: "int32" + type: "integer" + threshold: + description: "The failure percentage to use when determining failure percentage-based\noutlier detection. If the failure percentage of a given host is greater\nthan or equal to this value, it will be ejected." + format: "int32" + type: "integer" + type: "object" + gatewayFailures: + description: "In the default mode (outlierDetection.splitExternalLocalOriginErrors is\nfalse) this detection type takes into account a subset of 5xx errors,\ncalled \"gateway errors\" (502, 503 or 504 status code) and local origin\nfailures, such as timeout, TCP reset etc.\nIn split mode (outlierDetection.splitExternalLocalOriginErrors is true)\nthis detection type takes into account a subset of 5xx errors, called\n\"gateway errors\" (502, 503 or 504 status code) and is supported only by\nthe http router." + properties: + consecutive: + description: "The number of consecutive gateway failures (502, 503, 504 status codes)\nbefore a consecutive gateway failure ejection occurs." + format: "int32" + type: "integer" + type: "object" + localOriginFailures: + description: "This detection type is enabled only when\noutlierDetection.splitExternalLocalOriginErrors is true and takes into\naccount only locally originated errors (timeout, reset, etc).\nIf Envoy repeatedly cannot connect to an upstream host or communication\nwith the upstream host is repeatedly interrupted, it will be ejected.\nVarious locally originated problems are detected: timeout, TCP reset,\nICMP errors, etc. This detection type is supported by http router and\ntcp proxy." + properties: + consecutive: + description: "The number of consecutive locally originated failures before ejection\noccurs. Parameter takes effect only when splitExternalAndLocalErrors\nis set to true." + format: "int32" + type: "integer" + type: "object" + successRate: + description: "Success Rate based outlier detection aggregates success rate data from\nevery host in a cluster. Then at given intervals ejects hosts based on\nstatistical outlier detection. Success Rate outlier detection will not be\ncalculated for a host if its request volume over the aggregation interval\nis less than the outlierDetection.detectors.successRate.requestVolume\nvalue.\nMoreover, detection will not be performed for a cluster if the number of\nhosts with the minimum required request volume in an interval is less\nthan the outlierDetection.detectors.successRate.minimumHosts value.\nIn the default configuration mode\n(outlierDetection.splitExternalLocalOriginErrors is false) this detection\ntype takes into account all types of errors: locally and externally\noriginated.\nIn split mode (outlierDetection.splitExternalLocalOriginErrors is true),\nlocally originated errors and externally originated (transaction) errors\nare counted and treated separately." + properties: + minimumHosts: + description: "The number of hosts in a cluster that must have enough request volume to\ndetect success rate outliers. If the number of hosts is less than this\nsetting, outlier detection via success rate statistics is not performed\nfor any host in the cluster." + format: "int32" + type: "integer" + requestVolume: + description: "The minimum number of total requests that must be collected in one\ninterval (as defined by the interval duration configured in\noutlierDetection section) to include this host in success rate based\noutlier detection. If the volume is lower than this setting, outlier\ndetection via success rate statistics is not performed for that host." + format: "int32" + type: "integer" + standardDeviationFactor: + anyOf: + - type: "integer" + - type: "string" + description: "This factor is used to determine the ejection threshold for success rate\noutlier ejection. The ejection threshold is the difference between\nthe mean success rate, and the product of this factor and the standard\ndeviation of the mean success rate: mean - (standard_deviation *\nsuccess_rate_standard_deviation_factor).\nEither int or decimal represented as string." + x-kubernetes-int-or-string: true + type: "object" + totalFailures: + description: "In the default mode (outlierDetection.splitExternalAndLocalErrors is\nfalse) this detection type takes into account all generated errors:\nlocally originated and externally originated (transaction) errors.\nIn split mode (outlierDetection.splitExternalLocalOriginErrors is true)\nthis detection type takes into account only externally originated\n(transaction) errors, ignoring locally originated errors.\nIf an upstream host is an HTTP-server, only 5xx types of error are taken\ninto account (see Consecutive Gateway Failure for exceptions).\nProperly formatted responses, even when they carry an operational error\n(like index not found, access denied) are not taken into account." + properties: + consecutive: + description: "The number of consecutive server-side error responses (for HTTP traffic,\n5xx responses; for TCP traffic, connection failures; for Redis, failure\nto respond PONG; etc.) before a consecutive total failure ejection\noccurs." + format: "int32" + type: "integer" + type: "object" + type: "object" + disabled: + description: "When set to true, outlierDetection configuration won't take any effect" + type: "boolean" + healthyPanicThreshold: + anyOf: + - type: "integer" + - type: "string" + description: "Allows to configure panic threshold for Envoy cluster. If not specified,\nthe default is 50%. To disable panic mode, set to 0%.\nEither int or decimal represented as string." + x-kubernetes-int-or-string: true + interval: + description: "The time interval between ejection analysis sweeps. This can result in\nboth new ejections and hosts being returned to service." + type: "string" + maxEjectionPercent: + description: "The maximum % of an upstream cluster that can be ejected due to outlier\ndetection. Defaults to 10% but will eject at least one host regardless of\nthe value." + format: "int32" + type: "integer" + splitExternalAndLocalErrors: + description: "Determines whether to distinguish local origin failures from external\nerrors. If set to true the following configuration parameters are taken\ninto account: detectors.localOriginFailures.consecutive" + type: "boolean" + type: "object" + type: "object" + type: "object" + type: "array" targetRef: description: "TargetRef is a reference to the resource the policy takes an effect on.\nThe resource could be either a real store object or virtual resource\ndefined in place." properties: @@ -216,6 +347,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -351,6 +483,12 @@ spec: disabled: description: "When set to true, outlierDetection configuration won't take any effect" type: "boolean" + healthyPanicThreshold: + anyOf: + - type: "integer" + - type: "string" + description: "Allows to configure panic threshold for Envoy cluster. If not specified,\nthe default is 50%. To disable panic mode, set to 0%.\nEither int or decimal represented as string." + x-kubernetes-int-or-string: true interval: description: "The time interval between ejection analysis sweeps. This can result in\nboth new ejections and hosts being returned to service." type: "string" @@ -377,6 +515,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml index a247db13e..a5e80527e 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshes.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "Mesh" listKind: "MeshList" plural: "meshes" + shortNames: + - "m" singular: "mesh" scope: "Cluster" versions: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml index 6189e1f09..0b23e5087 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshfaultinjections.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshfaultinjections.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshFaultInjection" listKind: "MeshFaultInjectionList" plural: "meshfaultinjections" + shortNames: + - "mfi" singular: "meshfaultinjection" scope: "Namespaced" versions: @@ -115,6 +117,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -166,6 +169,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -277,6 +281,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml index 43fd5695c..3d2ba2be0 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshgatewayconfigs.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml index 10cc678a8..da5f64524 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayinstances.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshgatewayinstances.kuma.io" spec: group: "kuma.io" @@ -230,6 +230,7 @@ spec: ports: description: "Ports is a list of records of service ports\nIf used, every port defined in the service should have an entry in it" items: + description: "PortStatus represents the error condition of a service port" properties: error: description: "Error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase." diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml index e49d0f746..1104b1507 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgatewayroutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshgatewayroutes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml index 4fba2c028..e40dda4e4 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshgateways.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshgateways.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshGateway" listKind: "MeshGatewayList" plural: "meshgateways" + shortNames: + - "mgw" singular: "meshgateway" scope: "Cluster" versions: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml index 0c471bc7e..2e9f17dde 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhealthchecks.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshhealthchecks.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshHealthCheck" listKind: "MeshHealthCheckList" plural: "meshhealthchecks" + shortNames: + - "mhc" singular: "meshhealthcheck" scope: "Namespaced" versions: @@ -51,6 +53,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -117,11 +120,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Allows to configure panic threshold for Envoy cluster. If not specified,\nthe default is 50%. To disable panic mode, set to 0%.\nEither int or decimal represented as string." + description: "Allows to configure panic threshold for Envoy cluster. If not specified,\nthe default is 50%. To disable panic mode, set to 0%.\nEither int or decimal represented as string.\nDeprecated: the setting has been moved to MeshCircuitBreaker policy,\nplease use MeshCircuitBreaker policy instead." x-kubernetes-int-or-string: true healthyThreshold: - default: 1 - description: "Number of consecutive healthy checks before considering a host healthy." + description: "Number of consecutive healthy checks before considering a host healthy.\nIf not specified then the default value is 1" format: "int32" type: "integer" http: @@ -137,8 +139,7 @@ spec: type: "integer" type: "array" path: - default: "/" - description: "The HTTP path which will be requested during the health check\n(ie. /health)" + description: "The HTTP path which will be requested during the health check\n(ie. /health)\nIf not specified then the default value is \"/\"" type: "string" requestHeadersToAdd: description: "The list of HTTP headers which should be added to each health check\nrequest" @@ -187,8 +188,7 @@ spec: description: "If specified, Envoy will start health checking after a random time in\nms between 0 and initialJitter. This only applies to the first health\ncheck." type: "string" interval: - default: "1m" - description: "Interval between consecutive health checks." + description: "Interval between consecutive health checks.\nIf not specified then the default value is 1m" type: "string" intervalJitter: description: "If specified, during every interval Envoy will add IntervalJitter to the\nwait time." @@ -219,12 +219,10 @@ spec: type: "string" type: "object" timeout: - default: "15s" - description: "Maximum time to wait for a health check response." + description: "Maximum time to wait for a health check response.\nIf not specified then the default value is 15s" type: "string" unhealthyThreshold: - default: 5 - description: "Number of consecutive unhealthy checks before considering a host\nunhealthy." + description: "Number of consecutive unhealthy checks before considering a host\nunhealthy.\nIf not specified then the default value is 5" format: "int32" type: "integer" type: "object" @@ -242,6 +240,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml index ab01ef2e8..567accd95 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshhttproutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshhttproutes.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshHTTPRoute" listKind: "MeshHTTPRouteList" plural: "meshhttproutes" + shortNames: + - "mhttpr" singular: "meshhttproute" scope: "Namespaced" versions: @@ -51,6 +53,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -115,6 +118,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -223,6 +227,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -506,6 +511,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -539,6 +545,9 @@ spec: description: "Tags used to select a subset of proxies by tags. Can only be used with kinds\n`MeshSubset` and `MeshServiceSubset`" type: "object" type: "object" + required: + - "rules" + - "targetRef" type: "object" type: "array" type: "object" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml index ec7d22413..1a5de62f8 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml index c456597a4..9082d0992 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshloadbalancingstrategies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshloadbalancingstrategies.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshLoadBalancingStrategy" listKind: "MeshLoadBalancingStrategyList" plural: "meshloadbalancingstrategies" + shortNames: + - "mlbs" singular: "meshloadbalancingstrategy" scope: "Namespaced" versions: @@ -51,6 +53,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -171,6 +174,7 @@ spec: enum: - "Header" - "Cookie" + - "Connection" - "SourceIP" - "QueryParameter" - "FilterState" @@ -257,6 +261,7 @@ spec: enum: - "Header" - "Cookie" + - "Connection" - "SourceIP" - "QueryParameter" - "FilterState" @@ -384,6 +389,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml index 14c09158d..a9df90c41 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshproxypatches.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshproxypatches.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshProxyPatch" listKind: "MeshProxyPatchList" plural: "meshproxypatches" + shortNames: + - "mpp" singular: "meshproxypatch" scope: "Namespaced" versions: @@ -347,8 +349,6 @@ spec: type: "object" type: "object" type: "array" - required: - - "appendModifications" type: "object" targetRef: description: "TargetRef is a reference to the resource the policy takes an effect on.\nThe resource could be either a real store object or virtual resource\ndefined inplace." @@ -364,6 +364,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml index 109bb6232..943678e3b 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshratelimits.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshratelimits.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshRateLimit" listKind: "MeshRateLimitList" plural: "meshratelimits" + shortNames: + - "mrl" singular: "meshratelimit" scope: "Namespaced" versions: @@ -155,6 +157,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -192,6 +195,112 @@ spec: - "targetRef" type: "object" type: "array" + rules: + description: "Rules defines inbound rate limiting configurations. Currently limited to\nselecting all inbound traffic, as L7 matching is not yet implemented." + items: + properties: + default: + description: "Default contains configuration of the inbound rate limits" + properties: + local: + description: "LocalConf defines local http or/and tcp rate limit configuration" + properties: + http: + description: "LocalHTTP defines configuration of local HTTP rate limiting\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/local_rate_limit_filter" + properties: + disabled: + description: "Define if rate limiting should be disabled." + type: "boolean" + onRateLimit: + description: "Describes the actions to take on a rate limit event" + properties: + headers: + description: "The Headers to be added to the HTTP response on a rate limit event" + properties: + add: + items: + properties: + name: + maxLength: 256 + minLength: 1 + pattern: "^[a-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + set: + items: + properties: + name: + maxLength: 256 + minLength: 1 + pattern: "^[a-z0-9!#$%&'*+\\-.^_\\x60|~]+$" + type: "string" + value: + type: "string" + required: + - "name" + - "value" + type: "object" + maxItems: 16 + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + type: "object" + status: + description: "The HTTP status code to be set on a rate limit event" + format: "int32" + type: "integer" + type: "object" + requestRate: + description: "Defines how many requests are allowed per interval." + properties: + interval: + description: "The interval the number of units is accounted for." + type: "string" + num: + description: "Number of units per interval (depending on usage it can be a number of requests,\nor a number of connections)." + format: "int32" + type: "integer" + required: + - "interval" + - "num" + type: "object" + type: "object" + tcp: + description: "LocalTCP defines confguration of local TCP rate limiting\nhttps://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/local_rate_limit_filter" + properties: + connectionRate: + description: "Defines how many connections are allowed per interval." + properties: + interval: + description: "The interval the number of units is accounted for." + type: "string" + num: + description: "Number of units per interval (depending on usage it can be a number of requests,\nor a number of connections)." + format: "int32" + type: "integer" + required: + - "interval" + - "num" + type: "object" + disabled: + description: "Define if rate limiting should be disabled.\nDefault: false" + type: "boolean" + type: "object" + type: "object" + type: "object" + type: "object" + type: "array" targetRef: description: "TargetRef is a reference to the resource the policy takes an effect on.\nThe resource could be either a real store object or virtual resource\ndefined inplace." properties: @@ -206,6 +315,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -357,6 +467,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml index 72a615c43..f1a35e1b6 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshretries.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshretries.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshRetry" listKind: "MeshRetryList" plural: "meshretries" + shortNames: + - "mr" singular: "meshretry" scope: "Namespaced" versions: @@ -51,6 +53,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -98,8 +101,7 @@ spec: description: "BackOff is a configuration of durations which will be used in an exponential\nbackoff strategy between retries." properties: baseInterval: - default: "25ms" - description: "BaseInterval is an amount of time which should be taken between retries.\nMust be greater than zero. Values less than 1 ms are rounded up to 1 ms." + description: "BaseInterval is an amount of time which should be taken between retries.\nMust be greater than zero. Values less than 1 ms are rounded up to 1 ms.\nIf not specified then the default value is \"25ms\"." type: "string" maxInterval: description: "MaxInterval is a maximal amount of time which will be taken between retries.\nDefault is 10 times the \"BaseInterval\"." @@ -116,8 +118,7 @@ spec: description: "RateLimitedBackOff is a configuration of backoff which will be used when\nthe upstream returns one of the headers configured." properties: maxInterval: - default: "300s" - description: "MaxInterval is a maximal amount of time which will be taken between retries." + description: "MaxInterval is a maximal amount of time which will be taken between retries.\nIf not specified then the default value is \"300s\"." type: "string" resetHeaders: description: "ResetHeaders specifies the list of headers (like Retry-After or X-RateLimit-Reset)\nto match against the response. Headers are tried in order, and matched\ncase-insensitive. The first header to be parsed successfully is used.\nIf no headers match the default exponential BackOff is used instead." @@ -166,8 +167,7 @@ spec: description: "BackOff is a configuration of durations which will be used in exponential\nbackoff strategy between retries." properties: baseInterval: - default: "25ms" - description: "BaseInterval is an amount of time which should be taken between retries.\nMust be greater than zero. Values less than 1 ms are rounded up to 1 ms." + description: "BaseInterval is an amount of time which should be taken between retries.\nMust be greater than zero. Values less than 1 ms are rounded up to 1 ms.\nIf not specified then the default value is \"25ms\"." type: "string" maxInterval: description: "MaxInterval is a maximal amount of time which will be taken between retries.\nDefault is 10 times the \"BaseInterval\"." @@ -213,8 +213,7 @@ spec: description: "RateLimitedBackOff is a configuration of backoff which will be used\nwhen the upstream returns one of the headers configured." properties: maxInterval: - default: "300s" - description: "MaxInterval is a maximal amount of time which will be taken between retries." + description: "MaxInterval is a maximal amount of time which will be taken between retries.\nIf not specified then the default value is \"300s\"." type: "string" resetHeaders: description: "ResetHeaders specifies the list of headers (like Retry-After or X-RateLimit-Reset)\nto match against the response. Headers are tried in order, and matched\ncase-insensitive. The first header to be parsed successfully is used.\nIf no headers match the default exponential BackOff is used instead." @@ -343,6 +342,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml index 5a2932572..f61b0fffb 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtcproutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshtcproutes.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshTCPRoute" listKind: "MeshTCPRouteList" plural: "meshtcproutes" + shortNames: + - "mtcpr" singular: "meshtcproute" scope: "Namespaced" versions: @@ -51,6 +53,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -110,6 +113,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -151,10 +155,7 @@ spec: minimum: 0.0 type: "integer" type: "object" - minItems: 1 type: "array" - required: - - "backendRefs" type: "object" required: - "default" @@ -175,6 +176,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -209,6 +211,7 @@ spec: type: "object" type: "object" required: + - "rules" - "targetRef" type: "object" minItems: 1 diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml index df947a744..3cd95c6cf 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtimeouts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshtimeouts.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshTimeout" listKind: "MeshTimeoutList" plural: "meshtimeouts" + shortNames: + - "mt" singular: "meshtimeout" scope: "Namespaced" versions: @@ -84,6 +86,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -121,6 +124,41 @@ spec: - "targetRef" type: "object" type: "array" + rules: + description: "Rules defines inbound timeout configurations. Currently limited to exactly one rule containing\ndefault timeouts that apply to all inbound traffic, as L7 matching is not yet implemented." + items: + properties: + default: + description: "Default contains configuration of the inbound timeouts" + properties: + connectionTimeout: + description: "ConnectionTimeout specifies the amount of time proxy will wait for an TCP connection to be established.\nDefault value is 5 seconds. Cannot be set to 0." + type: "string" + http: + description: "Http provides configuration for HTTP specific timeouts" + properties: + maxConnectionDuration: + description: "MaxConnectionDuration is the time after which a connection will be drained and/or closed,\nstarting from when it was first established. Setting this timeout to 0 will disable it.\nDisabled by default." + type: "string" + maxStreamDuration: + description: "MaxStreamDuration is the maximum time that a stream’s lifetime will span.\nSetting this timeout to 0 will disable it. Disabled by default." + type: "string" + requestHeadersTimeout: + description: "RequestHeadersTimeout The amount of time that proxy will wait for the request headers to be received. The timer is\nactivated when the first byte of the headers is received, and is disarmed when the last byte of\nthe headers has been received. If not specified or set to 0, this timeout is disabled.\nDisabled by default." + type: "string" + requestTimeout: + description: "RequestTimeout The amount of time that proxy will wait for the entire request to be received.\nThe timer is activated when the request is initiated, and is disarmed when the last byte of the request is sent,\nOR when the response is initiated. Setting this timeout to 0 will disable it.\nDefault is 15s." + type: "string" + streamIdleTimeout: + description: "StreamIdleTimeout is the amount of time that proxy will allow a stream to exist with no activity.\nSetting this timeout to 0 will disable it. Default is 30m" + type: "string" + type: "object" + idleTimeout: + description: "IdleTimeout is defined as the period in which there are no bytes sent or received on connection\nSetting this timeout to 0 will disable it. Be cautious when disabling it because\nit can lead to connection leaking. Default value is 1h." + type: "string" + type: "object" + type: "object" + type: "array" targetRef: description: "TargetRef is a reference to the resource the policy takes an effect on.\nThe resource could be either a real store object or virtual resource\ndefined inplace." properties: @@ -135,6 +173,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -215,6 +254,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml index 98cec2924..4428c8ae6 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtraces.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshtraces.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshTrace" listKind: "MeshTraceList" plural: "meshtraces" + shortNames: + - "mtr" singular: "meshtrace" scope: "Namespaced" versions: @@ -111,22 +113,19 @@ spec: anyOf: - type: "integer" - type: "string" - default: 100 - description: "Target percentage of requests that will be force traced if the\n'x-client-trace-id' header is set. Mirror of client_sampling in Envoy\nhttps://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L127-L133\nEither int or decimal represented as string." + description: "Target percentage of requests that will be force traced if the\n'x-client-trace-id' header is set. Mirror of client_sampling in Envoy\nhttps://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L127-L133\nEither int or decimal represented as string.\nIf not specified then the default value is 100." x-kubernetes-int-or-string: true overall: anyOf: - type: "integer" - type: "string" - default: 100 - description: "Target percentage of requests will be traced\nafter all other sampling checks have been applied (client, force tracing,\nrandom sampling). This field functions as an upper limit on the total\nconfigured sampling rate. For instance, setting client to 100\nbut overall to 1 will result in only 1% of client requests with\nthe appropriate headers to be force traced. Mirror of\noverall_sampling in Envoy\nhttps://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L142-L150\nEither int or decimal represented as string." + description: "Target percentage of requests will be traced\nafter all other sampling checks have been applied (client, force tracing,\nrandom sampling). This field functions as an upper limit on the total\nconfigured sampling rate. For instance, setting client to 100\nbut overall to 1 will result in only 1% of client requests with\nthe appropriate headers to be force traced. Mirror of\noverall_sampling in Envoy\nhttps://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L142-L150\nEither int or decimal represented as string.\nIf not specified then the default value is 100." x-kubernetes-int-or-string: true random: anyOf: - type: "integer" - type: "string" - default: 100 - description: "Target percentage of requests that will be randomly selected for trace\ngeneration, if not requested by the client or not forced.\nMirror of random_sampling in Envoy\nhttps://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L135-L140\nEither int or decimal represented as string." + description: "Target percentage of requests that will be randomly selected for trace\ngeneration, if not requested by the client or not forced.\nMirror of random_sampling in Envoy\nhttps://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L135-L140\nEither int or decimal represented as string.\nIf not specified then the default value is 100." x-kubernetes-int-or-string: true type: "object" tags: @@ -171,6 +170,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml index 3350d7591..e45767903 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/meshtrafficpermissions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "meshtrafficpermissions.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "MeshTrafficPermission" listKind: "MeshTrafficPermissionList" plural: "meshtrafficpermissions" + shortNames: + - "mtp" singular: "meshtrafficpermission" scope: "Namespaced" versions: @@ -66,6 +68,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: @@ -117,6 +120,7 @@ spec: - "MeshMultiZoneService" - "MeshServiceSubset" - "MeshHTTPRoute" + - "Dataplane" type: "string" labels: additionalProperties: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml index ea5eac2a9..8086ef57a 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/proxytemplates.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "proxytemplates.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml index afb91a03a..b2d4cea93 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/ratelimits.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "ratelimits.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml index 66051b1b1..c0963b43d 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/retries.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "retries.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml index 22e4e9e2c..d9e7b5765 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/serviceinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "serviceinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml index c667607d4..39f8fe5ea 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/timeouts.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "timeouts.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml index 7ef28c4dd..9e91856a5 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficlogs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "trafficlogs.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml index 60a4309ad..329bf2893 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficpermissions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "trafficpermissions.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml index 0be27d3ef..79cacf33b 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/trafficroutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "trafficroutes.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml index 3ce100460..aceed5ddd 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/traffictraces.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "traffictraces.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml index 7c1a380c7..1b50d34ba 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/virtualoutbounds.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "virtualoutbounds.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml index 092856f3d..9a618d321 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "zoneegresses.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "ZoneEgress" listKind: "ZoneEgressList" plural: "zoneegresses" + shortNames: + - "ze" singular: "zoneegress" scope: "Namespaced" versions: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml index 1a406d5d3..e2470f2e4 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneegressinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "zoneegressinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml index e789a8917..6ed637419 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingresses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "zoneingresses.kuma.io" spec: group: "kuma.io" @@ -12,6 +12,8 @@ spec: kind: "ZoneIngress" listKind: "ZoneIngressList" plural: "zoneingresses" + shortNames: + - "zi" singular: "zoneingress" scope: "Namespaced" versions: diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml index e8331b056..870444880 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneingressinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "zoneingressinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml index eb84baf87..37223f901 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zoneinsights.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "zoneinsights.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml index e85c4beca..68b35bcef 100644 --- a/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml +++ b/crd-catalog/kumahq/kuma/kuma.io/v1alpha1/zones.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "zones.kuma.io" spec: group: "kuma.io" diff --git a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml index 0cf921dd5..90889306e 100644 --- a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml +++ b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/configurations.yaml @@ -157,6 +157,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -568,6 +571,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" diff --git a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml index 5c296b217..aaaff98af 100644 --- a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml +++ b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha1/tests.yaml @@ -180,6 +180,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -591,6 +594,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -957,6 +963,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -1368,6 +1377,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -1600,6 +1612,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -2011,6 +2026,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -2277,6 +2295,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -2688,6 +2709,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -3131,6 +3155,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -3892,6 +3919,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" diff --git a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml index 44dd02493..4413091b9 100644 --- a/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml +++ b/crd-catalog/kyverno/chainsaw/chainsaw.kyverno.io/v1alpha2/configurations.yaml @@ -218,6 +218,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" @@ -629,6 +632,9 @@ spec: - "value" type: "object" type: "array" + skipCommandOutput: + description: "SkipCommandOutput removes the command from the output logs." + type: "boolean" skipLogOutput: description: "SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise." type: "boolean" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml index 3ab113e41..5cc38efae 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml @@ -110,7 +110,7 @@ spec: celPreconditions: description: "CELPreconditions are used to determine if a policy rule should be applied by evaluating a\nset of CEL conditions. It can only be used with the validate.cel subrule" items: - description: "MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook." + description: "MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook." properties: expression: description: "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool.\nCEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests.\n'oldObject' - The existing object. The value is null for CREATE requests.\n'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest).\n'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired." @@ -1781,10 +1781,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -1869,10 +1869,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." @@ -3525,7 +3525,7 @@ spec: celPreconditions: description: "CELPreconditions are used to determine if a policy rule should be applied by evaluating a\nset of CEL conditions. It can only be used with the validate.cel subrule" items: - description: "MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook." + description: "MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook." properties: expression: description: "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool.\nCEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests.\n'oldObject' - The existing object. The value is null for CREATE requests.\n'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest).\n'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired." @@ -5196,10 +5196,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -5284,10 +5284,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml index eb3cbad92..f3a803eb8 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml @@ -110,7 +110,7 @@ spec: celPreconditions: description: "CELPreconditions are used to determine if a policy rule should be applied by evaluating a\nset of CEL conditions. It can only be used with the validate.cel subrule" items: - description: "MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook." + description: "MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook." properties: expression: description: "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool.\nCEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests.\n'oldObject' - The existing object. The value is null for CREATE requests.\n'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest).\n'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired." @@ -1781,10 +1781,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -1869,10 +1869,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." @@ -3525,7 +3525,7 @@ spec: celPreconditions: description: "CELPreconditions are used to determine if a policy rule should be applied by evaluating a\nset of CEL conditions. It can only be used with the validate.cel subrule" items: - description: "MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook." + description: "MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook." properties: expression: description: "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool.\nCEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests.\n'oldObject' - The existing object. The value is null for CREATE requests.\n'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest).\n'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired." @@ -5196,10 +5196,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -5284,10 +5284,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml index b6ce4e136..744e5dd5a 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml @@ -18,9 +18,6 @@ spec: scope: "Cluster" versions: - additionalPrinterColumns: - - jsonPath: ".status.conditions[?(@.type == \"Ready\")].status" - name: "READY" - type: "string" - jsonPath: ".metadata.creationTimestamp" name: "AGE" type: "date" @@ -137,6 +134,21 @@ spec: - "resource" - "version" type: "object" + projections: + description: "Projections defines the list of JMESPath expressions to extract values from the cached resource." + items: + properties: + jmesPath: + description: "JMESPath is the JMESPath expression to extract the value from the cached resource." + type: "string" + name: + description: "Name is the name to use for the extracted value in the context." + type: "string" + required: + - "jmesPath" + - "name" + type: "object" + type: "array" type: "object" status: description: "Status contains globalcontextentry runtime data." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml index dc8364688..a7199f5f1 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml @@ -1499,10 +1499,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -1587,10 +1587,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." @@ -3340,7 +3340,7 @@ spec: celPreconditions: description: "CELPreconditions are used to determine if a policy rule should be applied by evaluating a\nset of CEL conditions. It can only be used with the validate.cel subrule" items: - description: "MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook." + description: "MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook." properties: expression: description: "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool.\nCEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests.\n'oldObject' - The existing object. The value is null for CREATE requests.\n'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest).\n'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired." @@ -5011,10 +5011,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -5099,10 +5099,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml index 7e3acf66d..752cad9f7 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml @@ -1499,10 +1499,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -1587,10 +1587,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." @@ -3340,7 +3340,7 @@ spec: celPreconditions: description: "CELPreconditions are used to determine if a policy rule should be applied by evaluating a\nset of CEL conditions. It can only be used with the validate.cel subrule" items: - description: "MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook." + description: "MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook." properties: expression: description: "Expression represents the expression which will be evaluated by CEL. Must evaluate to bool.\nCEL expressions have access to the contents of the AdmissionRequest and Authorizer, organized into CEL variables:\n\n'object' - The object from the incoming request. The value is null for DELETE requests.\n'oldObject' - The existing object. The value is null for CREATE requests.\n'request' - Attributes of the admission request(/pkg/apis/admission/types.go#AdmissionRequest).\n'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\nDocumentation on CEL: https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired." @@ -5011,10 +5011,10 @@ spec: - "Descending" type: "string" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" preconditions: description: "AnyAllConditions are used to determine if a policy rule should be applied by evaluating a\nset of conditions. The declaration can contain nested `any` or `all` statements.\nSee: https://kyverno.io/docs/writing-policies/preconditions/" @@ -5099,10 +5099,10 @@ spec: description: "MutateExistingOnPolicyUpdate controls if the mutateExisting rule will be applied on policy events." type: "boolean" patchStrategicMerge: - description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/." + description: "PatchStrategicMerge is a strategic merge patch used to modify resources.\nSee https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/\nand https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/." x-kubernetes-preserve-unknown-fields: true patchesJson6902: - description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/." + description: "PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources.\nSee https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/." type: "string" targets: description: "Targets defines the target resources to be mutated." diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml index f15103827..ac7e4a686 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagedatasources.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backingimagedatasources.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml index acbee945e..861446ee5 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimagemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backingimagemanagers.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml index 692635969..ab49bf253 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backingimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backingimages.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml index 299728dbe..23c7d4c28 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backups.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backups.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml index 831e6efed..580c6208e 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backuptargets.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backuptargets.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml index f1d3d4a66..167d2d2a1 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/backupvolumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backupvolumes.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml index f2340ab59..85dfe6577 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engineimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "engineimages.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml index 61f76d172..852e6b320 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/engines.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "engines.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml index c43e6f771..b86161046 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/instancemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "instancemanagers.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml index 3998c38cc..a700fa575 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/nodes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "nodes.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml index c48f749bc..f18aa1267 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/recurringjobs.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "recurringjobs.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml index 5bd9e4b65..ca45f7891 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/replicas.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "replicas.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml index 76bff8d53..0b49f06a2 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/settings.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "settings.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml index af722d765..d2e116f3c 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/sharemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "sharemanagers.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml index 27b6d43a1..f0a97426e 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta1/volumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "volumes.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml index 8abd85710..6e315528f 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagedatasources.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backingimagedatasources.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml index f105a6798..297866c7a 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimagemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backingimagemanagers.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml index 225a9ecb4..6cc693c3f 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backingimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backingimages.longhorn.io" spec: @@ -70,9 +70,20 @@ spec: properties: checksum: type: "string" + dataEngine: + default: "v1" + enum: + - "v1" + - "v2" + type: "string" diskFileSpecMap: additionalProperties: properties: + dataEngine: + enum: + - "v1" + - "v2" + type: "string" evictionRequested: type: "boolean" type: "object" @@ -117,6 +128,11 @@ spec: diskFileStatusMap: additionalProperties: properties: + dataEngine: + enum: + - "v1" + - "v2" + type: "string" lastStateTransitionTime: type: "string" message: @@ -144,6 +160,11 @@ spec: type: "integer" uuid: type: "string" + v2FirstCopyDisk: + type: "string" + v2FirstCopyStatus: + description: "It is pending -> in-progress -> ready/failed" + type: "string" virtualSize: description: "Virtual size of image in bytes, which may be larger than physical size. Will be zero until known (e.g. while a backing image is uploading)" format: "int64" diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml index 91e68f5ed..7aec0387f 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupbackingimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backupbackingimages.longhorn.io" spec: @@ -57,6 +57,13 @@ spec: spec: description: "BackupBackingImageSpec defines the desired state of the Longhorn backing image backup" properties: + backingImage: + description: "The backing image name." + type: "string" + backupTargetName: + description: "The backup target name." + nullable: true + type: "string" labels: additionalProperties: type: "string" @@ -68,9 +75,10 @@ spec: nullable: true type: "string" userCreated: - description: "Is this CR created by user through API or UI.\nRequired" + description: "Is this CR created by user through API or UI." type: "boolean" required: + - "backingImage" - "userCreated" type: "object" status: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml index 0f0990cac..94c8a42e7 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backups.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backups.longhorn.io" spec: @@ -33,6 +33,10 @@ spec: jsonPath: ".status.snapshotCreatedAt" name: "SnapshotCreatedAt" type: "string" + - description: "The backup target name" + jsonPath: ".status.backupTargetName" + name: "BackupTarget" + type: "string" - description: "The backup state" jsonPath: ".status.state" name: "State" @@ -84,6 +88,9 @@ spec: backupCreatedAt: description: "The snapshot backup upload finished time." type: "string" + backupTargetName: + description: "The backup target name." + type: "string" compressionMethod: description: "Compression method" type: "string" diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml index eba98c0dd..9d9ebd831 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backuptargets.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backuptargets.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml index 74bc2640f..fbcf43f74 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/backupvolumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "backupvolumes.longhorn.io" spec: @@ -21,6 +21,10 @@ spec: scope: "Namespaced" versions: - additionalPrinterColumns: + - description: "The backup target name" + jsonPath: ".spec.backupTargetName" + name: "BackupTarget" + type: "string" - description: "The backup volume creation time" jsonPath: ".status.createdAt" name: "CreatedAt" @@ -53,11 +57,18 @@ spec: spec: description: "BackupVolumeSpec defines the desired state of the Longhorn backup volume" properties: + backupTargetName: + description: "The backup target name that the backup volume was synced." + nullable: true + type: "string" syncRequestedAt: description: "The time to request run sync the remote backup volume." format: "date-time" nullable: true type: "string" + volumeName: + description: "The volume name that the backup volume was used to backup." + type: "string" type: "object" status: description: "BackupVolumeStatus defines the observed state of the Longhorn backup volume" diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml index 1fc55c9a2..9c4a40786 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engineimages.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "engineimages.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml index a806c07f9..c9e05cce7 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/engines.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "engines.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml index 2d7b9ff84..5b5839b1c 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/instancemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "instancemanagers.longhorn.io" spec: @@ -85,6 +85,29 @@ spec: type: "integer" apiVersion: type: "integer" + backingImages: + additionalProperties: + properties: + currentChecksum: + type: "string" + diskUUID: + type: "string" + message: + type: "string" + name: + type: "string" + progress: + type: "integer" + size: + format: "int64" + type: "integer" + state: + type: "string" + uuid: + type: "string" + type: "object" + nullable: true + type: "object" currentState: type: "string" dataEngineStatus: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml index d8d49e305..f2901c370 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/nodes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "nodes.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml index 6c9d553b9..05a06097a 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/orphans.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "orphans.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml index 655e360b7..107a606e1 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/recurringjobs.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "recurringjobs.longhorn.io" spec: @@ -25,7 +25,7 @@ spec: jsonPath: ".spec.groups" name: "Groups" type: "string" - - description: "Should be one of \"snapshot\", \"snapshot-force-create\", \"snapshot-cleanup\", \"snapshot-delete\", \"backup\", \"backup-force-create\" or \"filesystem-trim\"" + - description: "Should be one of \"snapshot\", \"snapshot-force-create\", \"snapshot-cleanup\", \"snapshot-delete\", \"backup\", \"backup-force-create\", \"filesystem-trim\" or \"system-backup\"" jsonPath: ".spec.task" name: "Task" type: "string" @@ -86,13 +86,13 @@ spec: parameters: additionalProperties: type: "string" - description: "The parameters of the snapshot/backup.\nSupport parameters: \"full-backup-interval\"." + description: "The parameters of the snapshot/backup.\nSupport parameters: \"full-backup-interval\", \"volume-backup-policy\"." type: "object" retain: description: "The retain count of the snapshot/backup." type: "integer" task: - description: "The recurring job task.\nCan be \"snapshot\", \"snapshot-force-create\", \"snapshot-cleanup\", \"snapshot-delete\", \"backup\", \"backup-force-create\" or \"filesystem-trim\"" + description: "The recurring job task.\nCan be \"snapshot\", \"snapshot-force-create\", \"snapshot-cleanup\", \"snapshot-delete\", \"backup\", \"backup-force-create\", \"filesystem-trim\" or \"system-backup\"." enum: - "snapshot" - "snapshot-force-create" @@ -101,6 +101,7 @@ spec: - "backup" - "backup-force-create" - "filesystem-trim" + - "system-backup" type: "string" type: "object" status: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml index 0c079844b..cec918f86 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/replicas.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "replicas.longhorn.io" spec: @@ -110,6 +110,9 @@ spec: type: "string" logRequested: type: "boolean" + migrationEngineName: + description: "MigrationEngineName is indicating the migrating engine which current connected to this replica. This is only\nused for live migration of v2 data engine" + type: "string" nodeID: type: "string" rebuildRetryCount: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml index c32e36c7b..1c3959fb3 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/settings.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "settings.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml index f52940e1e..21a4d2b29 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/sharemanagers.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "sharemanagers.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml index d9260d3b8..6b0e5dd10 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/snapshots.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "snapshots.longhorn.io" spec: @@ -70,7 +70,7 @@ spec: nullable: true type: "object" volume: - description: "the volume that this snapshot belongs to.\nThis field is immutable after creation.\nRequired" + description: "the volume that this snapshot belongs to.\nThis field is immutable after creation." type: "string" required: - "volume" diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml index 51c8ea877..1ceb6ff11 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/supportbundles.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "supportbundles.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml index e999c219b..9fef9f5af 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systembackups.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "systembackups.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml index 982574bc1..ce19d678c 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/systemrestores.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "systemrestores.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml index 2e5b0be96..04b1b7245 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumeattachments.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "volumeattachments.longhorn.io" spec: diff --git a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml index 8196a5839..8cebc641d 100644 --- a/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml +++ b/crd-catalog/longhorn/longhorn/longhorn.io/v1beta2/volumes.yaml @@ -2,11 +2,11 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.1" labels: app.kubernetes.io/instance: "longhorn" app.kubernetes.io/name: "longhorn" - app.kubernetes.io/version: "v1.8.0-dev" + app.kubernetes.io/version: "v1.9.0-dev" longhorn-manager: "" name: "volumes.longhorn.io" spec: @@ -95,6 +95,9 @@ spec: - "lz4" - "gzip" type: "string" + backupTargetName: + description: "The backup target name that the volume will be backed up to or is synced." + type: "string" dataEngine: enum: - "v1" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml index 58126826b..3b0ca83fa 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/backups.yaml @@ -770,10 +770,8 @@ spec: type: "boolean" type: "object" required: - - "accessKeyIdSecretKeyRef" - "bucket" - "endpoint" - - "secretAccessKeySecretKeyRef" type: "object" volume: description: "Volume is a Kubernetes volume specification." diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml index 3734c0339..3ccf042ca 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/connections.yaml @@ -86,7 +86,7 @@ spec: description: "Params to be used in the Connection." type: "object" passwordSecretKeyRef: - description: "PasswordSecretKeyRef is a reference to the password to use for configuring the Connection.\nIf the referred Secret is labeled with \"k8s.mariadb.com/watch\", updates may be performed to the Secret in order to update the password." + description: "PasswordSecretKeyRef is a reference to the password to use for configuring the Connection.\nEither passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials.\nIf the referred Secret is labeled with \"k8s.mariadb.com/watch\", updates may be performed to the Secret in order to update the password." properties: key: type: "string" @@ -146,11 +146,17 @@ spec: serviceName: description: "ServiceName to be used in the Connection." type: "string" + tlsClientCertSecretRef: + description: "TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when checking the connection health.\nEither passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials.\nIf not provided, the client certificate provided by the referred MariaDB is used if TLS is enabled.\nIf the referred Secret is labeled with \"k8s.mariadb.com/watch\", updates may be performed to the Secret in order to update the client certificate." + properties: + name: + default: "" + type: "string" + type: "object" username: description: "Username to use for configuring the Connection." type: "string" required: - - "passwordSecretKeyRef" - "username" type: "object" status: diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml index 53d11e371..b2d6f0d5a 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml @@ -604,10 +604,8 @@ spec: type: "boolean" type: "object" required: - - "accessKeyIdSecretKeyRef" - "bucket" - "endpoint" - - "secretAccessKeySecretKeyRef" type: "object" stagingStorage: description: "StagingStorage defines the temporary storage used to keep external backups (i.e. S3) while they are being processed.\nIt defaults to an emptyDir volume, meaning that the backups will be temporarily stored in the node where the Restore Job is scheduled." @@ -1145,12 +1143,29 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" type: "object" port: - description: "Port where the agent will be listening for connections." + description: "Port where the agent will be listening for API connections." + format: "int32" + type: "integer" + probePort: + description: "Port where the agent will be listening for probe connections." format: "int32" type: "integer" readinessProbe: @@ -1195,6 +1210,19 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" @@ -1257,6 +1285,65 @@ spec: format: "int64" type: "integer" type: "object" + startupProbe: + description: "StartupProbe to be used in the Container." + properties: + exec: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core." + properties: + command: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + failureThreshold: + format: "int32" + type: "integer" + httpGet: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core." + properties: + host: + type: "string" + path: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + scheme: + description: "URIScheme identifies the scheme used for connection to a host for Get actions" + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + format: "int32" + type: "integer" + periodSeconds: + format: "int32" + type: "integer" + successThreshold: + format: "int32" + type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + timeoutSeconds: + format: "int32" + type: "integer" + type: "object" volumeMounts: description: "VolumeMounts to be used in the Container." items: @@ -1514,6 +1601,19 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" @@ -1560,6 +1660,19 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" @@ -1622,6 +1735,65 @@ spec: format: "int64" type: "integer" type: "object" + startupProbe: + description: "StartupProbe to be used in the Container." + properties: + exec: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core." + properties: + command: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + failureThreshold: + format: "int32" + type: "integer" + httpGet: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core." + properties: + host: + type: "string" + path: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + scheme: + description: "URIScheme identifies the scheme used for connection to a host for Get actions" + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + format: "int32" + type: "integer" + periodSeconds: + format: "int32" + type: "integer" + successThreshold: + format: "int32" + type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + timeoutSeconds: + format: "int32" + type: "integer" + type: "object" volumeMounts: description: "VolumeMounts to be used in the Container." items: @@ -1992,6 +2164,19 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" @@ -2955,6 +3140,94 @@ spec: - "router" type: "object" type: "array" + tls: + description: "TLS defines the PKI to be used with MaxScale." + properties: + adminCASecretRef: + description: "AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the server certificate." + properties: + name: + default: "" + type: "string" + type: "object" + adminCertIssuerRef: + description: "AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with adminCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef." + properties: + group: + description: "Group of the resource being referred to." + type: "string" + kind: + description: "Kind of the resource being referred to." + type: "string" + name: + description: "Name of the resource being referred to." + type: "string" + required: + - "name" + type: "object" + adminCertSecretRef: + description: "AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI." + properties: + name: + default: "" + type: "string" + type: "object" + enabled: + description: "Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance.\nIt is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced." + type: "boolean" + listenerCASecretRef: + description: "ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the listener certificate." + properties: + name: + default: "" + type: "string" + type: "object" + listenerCertIssuerRef: + description: "ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with listenerCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef." + properties: + group: + description: "Group of the resource being referred to." + type: "string" + kind: + description: "Kind of the resource being referred to." + type: "string" + name: + description: "Name of the resource being referred to." + type: "string" + required: + - "name" + type: "object" + listenerCertSecretRef: + description: "ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners." + properties: + name: + default: "" + type: "string" + type: "object" + replicationSSLEnabled: + description: "ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration.\nIt is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled.\nIf the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well." + type: "boolean" + serverCASecretRef: + description: "ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers.\nThe Secret should contain a 'ca.crt' key in order to establish trust.\nIf not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle." + properties: + name: + default: "" + type: "string" + type: "object" + serverCertSecretRef: + description: "ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers.\nIf not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef)." + properties: + name: + default: "" + type: "string" + type: "object" + verifyPeerCertificate: + description: "VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA.\nIt is disabled by default." + type: "boolean" + verifyPeerHost: + description: "VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host.\nIt is disabled by default." + type: "boolean" + type: "object" updateStrategy: description: "UpdateStrategy defines the update strategy for the StatefulSet object." properties: @@ -3766,6 +4039,19 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" @@ -4218,6 +4504,65 @@ spec: - "image" type: "object" type: "array" + startupProbe: + description: "StartupProbe to be used in the Container." + properties: + exec: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core." + properties: + command: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + failureThreshold: + format: "int32" + type: "integer" + httpGet: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core." + properties: + host: + type: "string" + path: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + scheme: + description: "URIScheme identifies the scheme used for connection to a host for Get actions" + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + format: "int32" + type: "integer" + periodSeconds: + format: "int32" + type: "integer" + successThreshold: + format: "int32" + type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + timeoutSeconds: + format: "int32" + type: "integer" + type: "object" storage: description: "Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB." properties: @@ -4231,11 +4576,11 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Size of the PVCs to be mounted by MariaDB. Required if not provided in 'VolumeClaimTemplate'. It superseeds the storage size specified in 'VolumeClaimTemplate'." + description: "Size of the PVCs to be mounted by MariaDB. Required if not provided in 'VolumeClaimTemplate'. It supersedes the storage size specified in 'VolumeClaimTemplate'." pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true storageClassName: - description: "StorageClassName to be used to provision the PVCS. It superseeds the 'StorageClassName' specified in 'VolumeClaimTemplate'.\nIf not provided, the default 'StorageClass' configured in the cluster is used." + description: "StorageClassName to be used to provision the PVCS. It supersedes the 'StorageClassName' specified in 'VolumeClaimTemplate'.\nIf not provided, the default 'StorageClass' configured in the cluster is used." type: "string" volumeClaimTemplate: description: "VolumeClaimTemplate provides a template to define the PVCs." @@ -4328,6 +4673,77 @@ spec: timeZone: description: "TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded." type: "string" + tls: + description: "TLS defines the PKI to be used with MariaDB." + properties: + clientCASecretRef: + description: "ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the client certificate." + properties: + name: + default: "" + type: "string" + type: "object" + clientCertIssuerRef: + description: "ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with clientCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef." + properties: + group: + description: "Group of the resource being referred to." + type: "string" + kind: + description: "Kind of the resource being referred to." + type: "string" + name: + description: "Name of the resource being referred to." + type: "string" + required: + - "name" + type: "object" + clientCertSecretRef: + description: "ClientCertSecretRef is a reference to a TLS Secret containing the client certificate.\nIt is mutually exclusive with clientCertIssuerRef." + properties: + name: + default: "" + type: "string" + type: "object" + enabled: + description: "Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance.\nIt is enabled by default." + type: "boolean" + galeraSSTEnabled: + description: "GaleraSSTEnabled determines whether Galera SST connections should use TLS.\nIt disabled by default." + type: "boolean" + required: + description: "Required specifies whether TLS must be enforced for all connections.\nUser TLS requirements take precedence over this.\nIt disabled by default." + type: "boolean" + serverCASecretRef: + description: "ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the server certificate." + properties: + name: + default: "" + type: "string" + type: "object" + serverCertIssuerRef: + description: "ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with serverCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef." + properties: + group: + description: "Group of the resource being referred to." + type: "string" + kind: + description: "Kind of the resource being referred to." + type: "string" + name: + description: "Name of the resource being referred to." + type: "string" + required: + - "name" + type: "object" + serverCertSecretRef: + description: "ServerCertSecretRef is a reference to a TLS Secret containing the server certificate.\nIt is mutually exclusive with serverCertIssuerRef." + properties: + name: + default: "" + type: "string" + type: "object" + type: "object" tolerations: description: "Tolerations to be used in the Pod." items: @@ -4446,7 +4862,7 @@ spec: type: "string" type: "object" username: - description: "Username is the initial username to be created by the operator once MariaDB is ready. It has all privileges on the initial database.\nThe initial User will have ALL PRIVILEGES in the initial Database." + description: "Username is the initial username to be created by the operator once MariaDB is ready.\nThe initial User will have ALL PRIVILEGES in the initial Database." type: "string" volumeMounts: description: "VolumeMounts to be used in the Container." @@ -4613,6 +5029,9 @@ spec: currentPrimaryPodIndex: description: "CurrentPrimaryPodIndex is the primary Pod index." type: "integer" + defaultVersion: + description: "DefaultVersion is the MariaDB version used by the operator when it cannot infer the version\nfrom spec.image. This can happen if the image uses a digest (e.g. sha256) instead\nof a version tag." + type: "string" galeraRecovery: description: "GaleraRecovery is the Galera recovery current state." properties: @@ -4670,6 +5089,76 @@ spec: type: "string" description: "ReplicationStatus is the replication current state for each Pod." type: "object" + tls: + description: "TLS aggregates the status of the certificates used by the MariaDB instance." + properties: + caBundle: + description: "CABundle is the status of the Certificate Authority bundle." + items: + description: "CertificateStatus represents the current status of a TLS certificate." + properties: + issuer: + description: "Issuer is the issuer of the current certificate." + type: "string" + notAfter: + description: "NotAfter indicates that the certificate is not valid after the given date." + format: "date-time" + type: "string" + notBefore: + description: "NotBefore indicates that the certificate is not valid before the given date." + format: "date-time" + type: "string" + subject: + description: "Subject is the subject of the current certificate." + type: "string" + required: + - "issuer" + - "subject" + type: "object" + type: "array" + clientCert: + description: "ClientCert is the status of the client certificate." + properties: + issuer: + description: "Issuer is the issuer of the current certificate." + type: "string" + notAfter: + description: "NotAfter indicates that the certificate is not valid after the given date." + format: "date-time" + type: "string" + notBefore: + description: "NotBefore indicates that the certificate is not valid before the given date." + format: "date-time" + type: "string" + subject: + description: "Subject is the subject of the current certificate." + type: "string" + required: + - "issuer" + - "subject" + type: "object" + serverCert: + description: "ServerCert is the status of the server certificate." + properties: + issuer: + description: "Issuer is the issuer of the current certificate." + type: "string" + notAfter: + description: "NotAfter indicates that the certificate is not valid after the given date." + format: "date-time" + type: "string" + notBefore: + description: "NotBefore indicates that the certificate is not valid before the given date." + format: "date-time" + type: "string" + subject: + description: "Subject is the subject of the current certificate." + type: "string" + required: + - "issuer" + - "subject" + type: "object" + type: "object" type: "object" required: - "spec" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml index 938b4caa0..98e373393 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml @@ -826,6 +826,19 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" @@ -1445,6 +1458,19 @@ spec: successThreshold: format: "int32" type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" timeoutSeconds: format: "int32" type: "integer" @@ -1603,10 +1629,157 @@ spec: - "router" type: "object" type: "array" + startupProbe: + description: "StartupProbe to be used in the Container." + properties: + exec: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core." + properties: + command: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + failureThreshold: + format: "int32" + type: "integer" + httpGet: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core." + properties: + host: + type: "string" + path: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + scheme: + description: "URIScheme identifies the scheme used for connection to a host for Get actions" + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + format: "int32" + type: "integer" + periodSeconds: + format: "int32" + type: "integer" + successThreshold: + format: "int32" + type: "integer" + tcpSocket: + description: "Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core." + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + timeoutSeconds: + format: "int32" + type: "integer" + type: "object" suspend: default: false description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" + tls: + description: "TLS defines the PKI to be used with MaxScale." + properties: + adminCASecretRef: + description: "AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the server certificate." + properties: + name: + default: "" + type: "string" + type: "object" + adminCertIssuerRef: + description: "AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with adminCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef." + properties: + group: + description: "Group of the resource being referred to." + type: "string" + kind: + description: "Kind of the resource being referred to." + type: "string" + name: + description: "Name of the resource being referred to." + type: "string" + required: + - "name" + type: "object" + adminCertSecretRef: + description: "AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI." + properties: + name: + default: "" + type: "string" + type: "object" + enabled: + description: "Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance.\nIt is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced." + type: "boolean" + listenerCASecretRef: + description: "ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners.\nOne of:\n- Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates.\n- Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided.\nIf not provided, a self-signed CA will be provisioned to issue the listener certificate." + properties: + name: + default: "" + type: "string" + type: "object" + listenerCertIssuerRef: + description: "ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster.\nIt is mutually exclusive with listenerCertSecretRef.\nBy default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef." + properties: + group: + description: "Group of the resource being referred to." + type: "string" + kind: + description: "Kind of the resource being referred to." + type: "string" + name: + description: "Name of the resource being referred to." + type: "string" + required: + - "name" + type: "object" + listenerCertSecretRef: + description: "ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners." + properties: + name: + default: "" + type: "string" + type: "object" + replicationSSLEnabled: + description: "ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration.\nIt is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled.\nIf the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well." + type: "boolean" + serverCASecretRef: + description: "ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers.\nThe Secret should contain a 'ca.crt' key in order to establish trust.\nIf not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle." + properties: + name: + default: "" + type: "string" + type: "object" + serverCertSecretRef: + description: "ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers.\nIf not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef)." + properties: + name: + default: "" + type: "string" + type: "object" + verifyPeerCertificate: + description: "VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA.\nIt is disabled by default." + type: "boolean" + verifyPeerHost: + description: "VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host.\nIt is disabled by default." + type: "boolean" + type: "object" tolerations: description: "Tolerations to be used in the Pod." items: @@ -1853,6 +2026,97 @@ spec: - "state" type: "object" type: "array" + tls: + description: "TLS aggregates the status of the certificates used by the MaxScale instance." + properties: + adminCert: + description: "AdminCert is the status of the admin certificate." + properties: + issuer: + description: "Issuer is the issuer of the current certificate." + type: "string" + notAfter: + description: "NotAfter indicates that the certificate is not valid after the given date." + format: "date-time" + type: "string" + notBefore: + description: "NotBefore indicates that the certificate is not valid before the given date." + format: "date-time" + type: "string" + subject: + description: "Subject is the subject of the current certificate." + type: "string" + required: + - "issuer" + - "subject" + type: "object" + caBundle: + description: "CABundle is the status of the Certificate Authority bundle." + items: + description: "CertificateStatus represents the current status of a TLS certificate." + properties: + issuer: + description: "Issuer is the issuer of the current certificate." + type: "string" + notAfter: + description: "NotAfter indicates that the certificate is not valid after the given date." + format: "date-time" + type: "string" + notBefore: + description: "NotBefore indicates that the certificate is not valid before the given date." + format: "date-time" + type: "string" + subject: + description: "Subject is the subject of the current certificate." + type: "string" + required: + - "issuer" + - "subject" + type: "object" + type: "array" + listenerCert: + description: "ListenerCert is the status of the listener certificate." + properties: + issuer: + description: "Issuer is the issuer of the current certificate." + type: "string" + notAfter: + description: "NotAfter indicates that the certificate is not valid after the given date." + format: "date-time" + type: "string" + notBefore: + description: "NotBefore indicates that the certificate is not valid before the given date." + format: "date-time" + type: "string" + subject: + description: "Subject is the subject of the current certificate." + type: "string" + required: + - "issuer" + - "subject" + type: "object" + serverCert: + description: "ServerCert is the status of the MariaDB server certificate." + properties: + issuer: + description: "Issuer is the issuer of the current certificate." + type: "string" + notAfter: + description: "NotAfter indicates that the certificate is not valid after the given date." + format: "date-time" + type: "string" + notBefore: + description: "NotBefore indicates that the certificate is not valid before the given date." + format: "date-time" + type: "string" + subject: + description: "Subject is the subject of the current certificate." + type: "string" + required: + - "issuer" + - "subject" + type: "object" + type: "object" type: "object" type: "object" served: true diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml index 1118403ba..e206f2f12 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/restores.yaml @@ -504,10 +504,8 @@ spec: type: "boolean" type: "object" required: - - "accessKeyIdSecretKeyRef" - "bucket" - "endpoint" - - "secretAccessKeySecretKeyRef" type: "object" securityContext: description: "SecurityContext holds security configuration that will be applied to a container." diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml index 6b7bb708f..d0525d8ea 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/sqljobs.yaml @@ -524,6 +524,20 @@ spec: timeZone: description: "TimeZone defines the timezone associated with the cron expression." type: "string" + tlsCASecretRef: + description: "TLSCACertSecretRef is a reference toa CA Secret used to establish trust when executing the SqlJob.\nIf not provided, the CA bundle provided by the referred MariaDB is used." + properties: + name: + default: "" + type: "string" + type: "object" + tlsClientCertSecretRef: + description: "TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when executing the SqlJob.\nIf not provided, the client certificate provided by the referred MariaDB is used." + properties: + name: + default: "" + type: "string" + type: "object" tolerations: description: "Tolerations to be used in the Pod." items: diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml index eb6d41319..5bf4d6f2c 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/users.yaml @@ -133,6 +133,22 @@ spec: requeueInterval: description: "RequeueInterval is used to perform requeue reconciliations." type: "string" + require: + description: "Require specifies TLS requirements for the user to connect. See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls." + properties: + issuer: + description: "Issuer indicates that the TLS certificate provided by the user must be issued by a specific issuer." + type: "string" + ssl: + description: "SSL indicates that the user must connect via TLS." + type: "boolean" + subject: + description: "Subject indicates that the TLS certificate provided by the user must have a specific subject." + type: "string" + x509: + description: "X509 indicates that the user must provide a valid x509 certificate to connect." + type: "boolean" + type: "object" retryInterval: description: "RetryInterval is the interval used to perform retries." type: "string" diff --git a/crd-catalog/mattermost/mattermost-operator/installation.mattermost.com/v1beta1/mattermosts.yaml b/crd-catalog/mattermost/mattermost-operator/installation.mattermost.com/v1beta1/mattermosts.yaml index fc3284c74..594bb042c 100644 --- a/crd-catalog/mattermost/mattermost-operator/installation.mattermost.com/v1beta1/mattermosts.yaml +++ b/crd-catalog/mattermost/mattermost-operator/installation.mattermost.com/v1beta1/mattermosts.yaml @@ -367,6 +367,13 @@ spec: ingressName: description: "IngressName defines the host to be used when creating the ingress rules.\nDeprecated: Use Spec.Ingress.Host instead." type: "string" + jobServer: + description: "JobServer defines configuration for the Mattermost job server." + properties: + dedicatedJobServer: + description: "Determines whether to create a dedicated Mattermost server deployment\nwhich is configured to run scheduled jobs. This deployment will recieve\nno user traffic and the primary Mattermost deployment will no longer be\nconfigured to run jobs." + type: "boolean" + type: "object" licenseSecret: description: "LicenseSecret is the name of the secret containing a Mattermost license." type: "string" diff --git a/crd-catalog/medik8s/self-node-remediation/self-node-remediation.medik8s.io/v1alpha1/selfnoderemediationconfigs.yaml b/crd-catalog/medik8s/self-node-remediation/self-node-remediation.medik8s.io/v1alpha1/selfnoderemediationconfigs.yaml index 93b79315f..a5ad48d8b 100644 --- a/crd-catalog/medik8s/self-node-remediation/self-node-remediation.medik8s.io/v1alpha1/selfnoderemediationconfigs.yaml +++ b/crd-catalog/medik8s/self-node-remediation/self-node-remediation.medik8s.io/v1alpha1/selfnoderemediationconfigs.yaml @@ -82,6 +82,11 @@ spec: description: "After this threshold, the node will start contacting its peers." minimum: 1.0 type: "integer" + minPeersForRemediation: + default: 1 + description: "Minimum number of peer workers/control nodes to attempt to contact before deciding if node is unhealthy or not\n\tif set to zero, no other peers will be required to be present for remediation action to occur when this\n\tnode has lost API server access. If an insufficient number of peers are found, we will not attempt to ask\n\tany peer nodes (if present) whether they see that the current node has been marked unhealthy with a\n\tSelfNodeRemediation CR" + minimum: 0.0 + type: "integer" peerApiServerTimeout: default: "5s" description: "The timeout for api-server connectivity check.\nValid time units are \"ms\", \"s\", \"m\", \"h\"." diff --git a/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml b/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml index a6ed6ddd2..2c783cbce 100644 --- a/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml +++ b/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml @@ -424,6 +424,7 @@ spec: - "preparation error" - "provisioning error" - "power management error" + - "servicing error" type: "string" goodCredentials: description: "The last credentials we were able to validate as working." @@ -661,6 +662,7 @@ spec: - "error" - "delayed" - "detached" + - "servicing" type: "string" poweredOn: description: "The currently detected power state of the host. This field may get\nbriefly out of sync with the actual state of the hardware while\nprovisioning processes are running." diff --git a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml index 49065484e..1fb7e0a2f 100644 --- a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml +++ b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml @@ -2,8 +2,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v6.0.4" + controller-gen.kubebuilder.io/version: "v0.16.5" + operator.min.io/version: "v7.0.0" name: "tenants.minio.min.io" spec: group: "minio.min.io" @@ -93,10 +93,12 @@ spec: diskURI: type: "string" fsType: + default: "ext4" type: "string" kind: type: "string" readOnly: + default: false type: "boolean" required: - "diskName" @@ -473,6 +475,13 @@ spec: required: - "path" type: "object" + image: + properties: + pullPolicy: + type: "string" + reference: + type: "string" + type: "object" iscsi: properties: chapAuthDiscovery: @@ -486,6 +495,7 @@ spec: iqn: type: "string" iscsiInterface: + default: "default" type: "string" lun: format: "int32" @@ -734,6 +744,7 @@ spec: image: type: "string" keyring: + default: "/etc/ceph/keyring" type: "string" monitors: items: @@ -741,6 +752,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" type: "string" readOnly: type: "boolean" @@ -752,6 +764,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" type: "string" required: - "image" @@ -760,6 +773,7 @@ spec: scaleIO: properties: fsType: + default: "xfs" type: "string" gateway: type: "string" @@ -777,6 +791,7 @@ spec: sslEnabled: type: "boolean" storageMode: + default: "ThinProvisioned" type: "string" storagePool: type: "string" @@ -1280,6 +1295,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -1386,6 +1402,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -1467,6 +1484,8 @@ spec: properties: name: type: "string" + request: + type: "string" required: - "name" type: "object" @@ -1584,6 +1603,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -2337,6 +2357,8 @@ spec: properties: name: type: "string" + request: + type: "string" required: - "name" type: "object" @@ -2411,6 +2433,8 @@ spec: type: "integer" type: "array" x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + type: "string" sysctls: items: properties: @@ -2653,6 +2677,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -3263,6 +3288,8 @@ spec: properties: name: type: "string" + request: + type: "string" required: - "name" type: "object" @@ -3339,6 +3366,8 @@ spec: type: "integer" type: "array" x-kubernetes-list-type: "atomic" + supplementalGroupsPolicy: + type: "string" sysctls: items: properties: @@ -3671,6 +3700,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -4019,6 +4049,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -4125,6 +4156,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -4206,6 +4238,8 @@ spec: properties: name: type: "string" + request: + type: "string" required: - "name" type: "object" @@ -4323,6 +4357,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" @@ -4447,6 +4482,8 @@ spec: properties: name: type: "string" + request: + type: "string" required: - "name" type: "object" @@ -4680,10 +4717,12 @@ spec: diskURI: type: "string" fsType: + default: "ext4" type: "string" kind: type: "string" readOnly: + default: false type: "boolean" required: - "diskName" @@ -5060,6 +5099,13 @@ spec: required: - "path" type: "object" + image: + properties: + pullPolicy: + type: "string" + reference: + type: "string" + type: "object" iscsi: properties: chapAuthDiscovery: @@ -5073,6 +5119,7 @@ spec: iqn: type: "string" iscsiInterface: + default: "default" type: "string" lun: format: "int32" @@ -5321,6 +5368,7 @@ spec: image: type: "string" keyring: + default: "/etc/ceph/keyring" type: "string" monitors: items: @@ -5328,6 +5376,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" type: "string" readOnly: type: "boolean" @@ -5339,6 +5388,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" type: "string" required: - "image" @@ -5347,6 +5397,7 @@ spec: scaleIO: properties: fsType: + default: "xfs" type: "string" gateway: type: "string" @@ -5364,6 +5415,7 @@ spec: sslEnabled: type: "boolean" storageMode: + default: "ThinProvisioned" type: "string" storagePool: type: "string" @@ -5457,6 +5509,7 @@ spec: format: "int32" type: "integer" service: + default: "" type: "string" required: - "port" diff --git a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml index a993f2ebc..4e1169567 100644 --- a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml +++ b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml @@ -2,8 +2,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v6.0.4" + controller-gen.kubebuilder.io/version: "v0.16.5" + operator.min.io/version: "v7.0.0" name: "policybindings.sts.min.io" spec: group: "sts.min.io" diff --git a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml index 580a530a0..bdb713473 100644 --- a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml +++ b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml @@ -2,8 +2,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v6.0.4" + controller-gen.kubebuilder.io/version: "v0.16.5" + operator.min.io/version: "v7.0.0" name: "policybindings.sts.min.io" spec: group: "sts.min.io" diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml index 81d340f4c..54a6642b7 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml @@ -77,63 +77,69 @@ spec: type: "string" type: "array" features: - description: "List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
\n- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting\nthe kernel debug filesystem, so the eBPF pod has to run as privileged.\nIf the `spec.agent.ebpf.privileged` parameter is not set, an error is reported.
\n- `DNSTracking`: enable the DNS tracking feature.
\n- `FlowRTT`: enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
\n- `NetworkEvents`: enable the Network events monitoring feature. This feature requires mounting\nthe kernel debug filesystem, so the eBPF pod has to run as privileged." + description: "List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
\n- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting\nthe kernel debug filesystem, so the eBPF pod has to run as privileged.\nIf the `spec.agent.ebpf.privileged` parameter is not set, an error is reported.
\n- `DNSTracking`: enable the DNS tracking feature.
\n- `FlowRTT`: enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
\n- `NetworkEvents`: enable the Network events monitoring feature. This feature requires mounting\nthe kernel debug filesystem, so the eBPF pod has to run as privileged.\n- `PacketTranslation`: enable enriching flows with packet's translation information.
\n- `EbpfManager`: allow using eBPF manager to manage netobserv ebpf programs.
\n- `UDNMapping`, to enable interfaces mapping to udn.
" items: - description: "Agent feature, can be one of:
\n- `PacketDrop`, to track packet drops.
\n- `DNSTracking`, to track specific information on DNS traffic.
\n- `FlowRTT`, to track TCP latency [Unsupported (*)].
\n- `NetworkEvents`, to track Network events.
" + description: "Agent feature, can be one of:
\n- `PacketDrop`, to track packet drops.
\n- `DNSTracking`, to track specific information on DNS traffic.
\n- `FlowRTT`, to track TCP latency [Unsupported (*)].
\n- `NetworkEvents`, to track Network events.
\n- `PacketTranslation`, to enrich flows with packets translation information.
\n- `EbpfManager`, to enable using EBPF Manager to manage netobserv ebpf programs [Developer Preview].
\n- `UDNMapping`, to enable interfaces mapping to udn [Developer Preview].
" enum: - "PacketDrop" - "DNSTracking" - "FlowRTT" - "NetworkEvents" + - "PacketTranslation" + - "EbpfManager" + - "UDNMapping" type: "string" type: "array" flowFilter: description: "`flowFilter` defines the eBPF agent configuration regarding flow filtering" properties: action: - description: "Action defines the action to perform on the flows that match the filter." + description: "`action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`." enum: - "Accept" - "Reject" type: "string" cidr: - description: "CIDR defines the IP CIDR to filter flows by.\nExample: 10.10.10.0/24 or 100:100:100:100::/64" + description: "`cidr` defines the IP CIDR to filter flows by.\nExamples: `10.10.10.0/24` or `100:100:100:100::/64`" type: "string" destPorts: anyOf: - type: "integer" - type: "string" - description: "DestPorts defines the destination ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, destPorts: 80.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, destPorts: \"80-100\".\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + description: "`destPorts` optionally defines the destination ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `destPorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `destPorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." x-kubernetes-int-or-string: true direction: - description: "Direction defines the direction to filter flows by." + description: "`direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`." enum: - "Ingress" - "Egress" type: "string" enable: - description: "Set `enable` to `true` to enable eBPF flow filtering feature." + description: "Set `enable` to `true` to enable the eBPF flow filtering feature." type: "boolean" icmpCode: - description: "ICMPCode defines the ICMP code to filter flows by." + description: "`icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by." type: "integer" icmpType: - description: "ICMPType defines the ICMP type to filter flows by." + description: "`icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by." type: "integer" + peerCIDR: + description: "`peerCIDR` defines the Peer IP CIDR to filter flows by.\nExamples: `10.10.10.0/24` or `100:100:100:100::/64`" + type: "string" peerIP: - description: "PeerIP defines the IP address to filter flows by.\nExample: 10.10.10.10" + description: "`peerIP` optionally defines the remote IP address to filter flows by.\nExample: `10.10.10.10`." type: "string" pktDrops: - description: "`pktDrops`, to filter flows with packet drops" + description: "`pktDrops` optionally filters only flows containing packet drops." type: "boolean" ports: anyOf: - type: "integer" - type: "string" - description: "Ports defines the ports to filter flows by. it can be user for either source or destination ports.\nTo filter a single port, set a single port as an integer value. For example, ports: 80.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, ports: \"80-100\".\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + description: "`ports` optionally defines the ports to filter flows by. It is used both for source and destination ports.\nTo filter a single port, set a single port as an integer value. For example, `ports: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `ports: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." x-kubernetes-int-or-string: true protocol: - description: "Protocol defines the protocol to filter flows by." + description: "`protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`." enum: - "TCP" - "UDP" @@ -141,14 +147,102 @@ spec: - "ICMPv6" - "SCTP" type: "string" + rules: + description: "`rules` defines a list of filtering rules on the eBPF Agents.\nWhen filtering is enabled, by default, flows that don't match any rule are rejected.\nTo change the default, you can define a rule that accepts everything: `{ action: \"Accept\", cidr: \"0.0.0.0/0\" }`, and then refine with rejecting rules." + items: + description: "`EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule." + properties: + action: + description: "`action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`." + enum: + - "Accept" + - "Reject" + type: "string" + cidr: + description: "`cidr` defines the IP CIDR to filter flows by.\nExamples: `10.10.10.0/24` or `100:100:100:100::/64`" + type: "string" + destPorts: + anyOf: + - type: "integer" + - type: "string" + description: "`destPorts` optionally defines the destination ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `destPorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `destPorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + x-kubernetes-int-or-string: true + direction: + description: "`direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`." + enum: + - "Ingress" + - "Egress" + type: "string" + icmpCode: + description: "`icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by." + type: "integer" + icmpType: + description: "`icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by." + type: "integer" + peerCIDR: + description: "`peerCIDR` defines the Peer IP CIDR to filter flows by.\nExamples: `10.10.10.0/24` or `100:100:100:100::/64`" + type: "string" + peerIP: + description: "`peerIP` optionally defines the remote IP address to filter flows by.\nExample: `10.10.10.10`." + type: "string" + pktDrops: + description: "`pktDrops` optionally filters only flows containing packet drops." + type: "boolean" + ports: + anyOf: + - type: "integer" + - type: "string" + description: "`ports` optionally defines the ports to filter flows by. It is used both for source and destination ports.\nTo filter a single port, set a single port as an integer value. For example, `ports: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `ports: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + x-kubernetes-int-or-string: true + protocol: + description: "`protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`." + enum: + - "TCP" + - "UDP" + - "ICMP" + - "ICMPv6" + - "SCTP" + type: "string" + sampling: + description: "`sampling` sampling rate for the matched flow" + format: "int32" + type: "integer" + sourcePorts: + anyOf: + - type: "integer" + - type: "string" + description: "`sourcePorts` optionally defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `sourcePorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + x-kubernetes-int-or-string: true + tcpFlags: + description: "`tcpFlags` optionally defines TCP flags to filter flows by.\nIn addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`." + enum: + - "SYN" + - "SYN-ACK" + - "ACK" + - "FIN" + - "RST" + - "URG" + - "ECE" + - "CWR" + - "FIN-ACK" + - "RST-ACK" + type: "string" + type: "object" + maxItems: 16 + minItems: 1 + type: "array" + sampling: + description: "`sampling` sampling rate for the matched flow" + format: "int32" + type: "integer" sourcePorts: anyOf: - type: "integer" - type: "string" - description: "SourcePorts defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, sourcePorts: 80.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, sourcePorts: \"80-100\".\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + description: "`sourcePorts` optionally defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `sourcePorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." x-kubernetes-int-or-string: true tcpFlags: - description: "`tcpFlags` defines the TCP flags to filter flows by." + description: "`tcpFlags` optionally defines TCP flags to filter flows by.\nIn addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`." enum: - "SYN" - "SYN-ACK" @@ -1334,6 +1428,24 @@ spec: description: "`env` allows passing custom environment variables to underlying components. Useful for passing\nsome very concrete performance-tuning options, such as `GOGC` and `GOMAXPROCS`, that should not be\npublicly exposed as part of the FlowCollector descriptor, as they are only useful\nin edge debug or support scenarios." type: "object" type: "object" + deduper: + description: "`deduper` allows to sample or drop flows identified as duplicates, in order to save on resource usage." + properties: + mode: + default: "Disabled" + description: "Set the Processor deduper mode (de-duplication). It comes in addition to the Agent deduper because the Agent cannot de-duplicate same flows reported from different nodes.
\n- Use `Drop` to drop every flow considered as duplicates, allowing saving more on resource usage but potentially loosing some information such as the network interfaces used from peer.
\n- Use `Sample` to randomly keep only 1 flow on 50 (by default) among the ones considered as duplicates. This is a compromise between dropping every duplicates or keeping every duplicates. This sampling action comes in addition to the Agent-based sampling. If both Agent and Processor sampling are 50, the combined sampling is 1:2500.
\n- Use `Disabled` to turn off Processor-based de-duplication.
" + enum: + - "Disabled" + - "Drop" + - "Sample" + type: "string" + sampling: + default: 50 + description: "`sampling` is the sampling rate when deduper `mode` is `Sample`." + format: "int32" + minimum: 0.0 + type: "integer" + type: "object" dropUnusedFields: default: true description: "`dropUnusedFields` [deprecated (*)] this setting is not used anymore." @@ -1342,6 +1454,53 @@ spec: default: true description: "`enableKubeProbes` is a flag to enable or disable Kubernetes liveness and readiness probes" type: "boolean" + filters: + description: "`filters` let you define custom filters to limit the amount of generated flows." + items: + description: "`FLPFilterSet` defines the desired configuration for FLP-based filtering satisfying all conditions" + properties: + allOf: + description: "`filters` is a list of matches that must be all satisfied in order to remove a flow." + items: + description: "`FLPSingleFilter` defines the desired configuration for a single FLP-based filter" + properties: + field: + description: "Name of the field to filter on\nRefer to the documentation for the list of available fields: https://docs.openshift.com/container-platform/latest/observability/network_observability/json-flows-format-reference.html." + type: "string" + matchType: + default: "Equal" + description: "Type of matching to apply" + enum: + - "Equal" + - "NotEqual" + - "Presence" + - "Absence" + - "MatchRegex" + - "NotMatchRegex" + type: "string" + value: + description: "Value to filter on. When `matchType` is `Equal` or `NotEqual`, you can use field injection with `$(SomeField)` to refer to any other field of the flow." + type: "string" + required: + - "field" + - "matchType" + type: "object" + type: "array" + outputTarget: + description: "If specified, this filters only target a single output: `Loki`, `Metrics` or `Exporters`. By default, all outputs are targeted." + enum: + - "" + - "Loki" + - "Metrics" + - "Exporters" + type: "string" + sampling: + description: "`sampling` is an optional sampling rate to apply to this filter." + format: "int32" + minimum: 0.0 + type: "integer" + type: "object" + type: "array" healthPort: default: 8080 description: "`healthPort` is a collector HTTP port in the Pod that exposes the health check API" diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml index 50551bf2e..9b3a0d511 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml @@ -666,21 +666,24 @@ spec: type: "string" type: "array" features: - description: "List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
\n- `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting\nthe kernel debug filesystem, so the eBPF agent pods have to run as privileged.\nIf the `spec.agent.ebpf.privileged` parameter is not set, an error is reported.
\n- `DNSTracking`: enable the DNS tracking feature.
\n- `FlowRTT`: enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
\n- `NetworkEvents`: enable the network events monitoring feature, such as correlating flows and network policies.\nThis feature requires mounting the kernel debug filesystem, so the eBPF agent pods have to run as privileged.\nIt requires using the OVN-Kubernetes network plugin with the Observability feature.\nIMPORTANT: This feature is available as a Developer Preview.
" + description: "List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
\n- `PacketDrop`: Enable the packets drop flows logging feature. This feature requires mounting\nthe kernel debug filesystem, so the eBPF agent pods must run as privileged.\nIf the `spec.agent.ebpf.privileged` parameter is not set, an error is reported.
\n- `DNSTracking`: Enable the DNS tracking feature.
\n- `FlowRTT`: Enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
\n- `NetworkEvents`: Enable the network events monitoring feature, such as correlating flows and network policies.\nThis feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged.\nIt requires using the OVN-Kubernetes network plugin with the Observability feature.\nIMPORTANT: This feature is available as a Technology Preview.
\n- `PacketTranslation`: Enable enriching flows with packet translation information, such as Service NAT.
\n- `EbpfManager`: [Unsupported (*)]. Use eBPF Manager to manage NetObserv eBPF programs. Pre-requisite: the eBPF Manager operator (or upstream bpfman operator) must be installed.
\n- `UDNMapping`: [Unsupported (*)]. Enable interfaces mapping to User Defined Networks (UDN).
\nThis feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged.\nIt requires using the OVN-Kubernetes network plugin with the Observability feature." items: - description: "Agent feature, can be one of:
\n- `PacketDrop`, to track packet drops.
\n- `DNSTracking`, to track specific information on DNS traffic.
\n- `FlowRTT`, to track TCP latency.
\n- `NetworkEvents`, to track network events [Developer Preview].
" + description: "Agent feature, can be one of:
\n- `PacketDrop`, to track packet drops.
\n- `DNSTracking`, to track specific information on DNS traffic.
\n- `FlowRTT`, to track TCP latency.
\n- `NetworkEvents`, to track network events [Technology Preview].
\n- `PacketTranslation`, to enrich flows with packets translation information, such as Service NAT.
\n- `EbpfManager`, to enable using eBPF Manager to manage NetObserv eBPF programs. [Unsupported (*)].
\n- `UDNMapping`, to enable interfaces mapping to UDN. [Unsupported (*)].
" enum: - "PacketDrop" - "DNSTracking" - "FlowRTT" - "NetworkEvents" + - "PacketTranslation" + - "EbpfManager" + - "UDNMapping" type: "string" type: "array" flowFilter: description: "`flowFilter` defines the eBPF agent configuration regarding flow filtering." properties: action: - description: "`action` defines the action to perform on the flows that match the filter." + description: "`action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`." enum: - "Accept" - "Reject" @@ -692,10 +695,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "`destPorts` defines the destination ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `destPorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `destPorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + description: "`destPorts` optionally defines the destination ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `destPorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `destPorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." x-kubernetes-int-or-string: true direction: - description: "`direction` defines the direction to filter flows by." + description: "`direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`." enum: - "Ingress" - "Egress" @@ -704,25 +707,28 @@ spec: description: "Set `enable` to `true` to enable the eBPF flow filtering feature." type: "boolean" icmpCode: - description: "`icmpCode`, for Internet Control Message Protocol (ICMP) traffic, defines the ICMP code to filter flows by." + description: "`icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by." type: "integer" icmpType: - description: "`icmpType`, for ICMP traffic, defines the ICMP type to filter flows by." + description: "`icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by." type: "integer" + peerCIDR: + description: "`peerCIDR` defines the Peer IP CIDR to filter flows by.\nExamples: `10.10.10.0/24` or `100:100:100:100::/64`" + type: "string" peerIP: - description: "`peerIP` defines the IP address to filter flows by.\nExample: `10.10.10.10`." + description: "`peerIP` optionally defines the remote IP address to filter flows by.\nExample: `10.10.10.10`." type: "string" pktDrops: - description: "`pktDrops` filters flows with packet drops" + description: "`pktDrops` optionally filters only flows containing packet drops." type: "boolean" ports: anyOf: - type: "integer" - type: "string" - description: "`ports` defines the ports to filter flows by. It is used both for source and destination ports.\nTo filter a single port, set a single port as an integer value. For example, `ports: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `ports: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + description: "`ports` optionally defines the ports to filter flows by. It is used both for source and destination ports.\nTo filter a single port, set a single port as an integer value. For example, `ports: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `ports: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." x-kubernetes-int-or-string: true protocol: - description: "`protocol` defines the protocol to filter flows by." + description: "`protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`." enum: - "TCP" - "UDP" @@ -730,14 +736,102 @@ spec: - "ICMPv6" - "SCTP" type: "string" + rules: + description: "`rules` defines a list of filtering rules on the eBPF Agents.\nWhen filtering is enabled, by default, flows that don't match any rule are rejected.\nTo change the default, you can define a rule that accepts everything: `{ action: \"Accept\", cidr: \"0.0.0.0/0\" }`, and then refine with rejecting rules.\n[Unsupported (*)]." + items: + description: "`EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule." + properties: + action: + description: "`action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`." + enum: + - "Accept" + - "Reject" + type: "string" + cidr: + description: "`cidr` defines the IP CIDR to filter flows by.\nExamples: `10.10.10.0/24` or `100:100:100:100::/64`" + type: "string" + destPorts: + anyOf: + - type: "integer" + - type: "string" + description: "`destPorts` optionally defines the destination ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `destPorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `destPorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + x-kubernetes-int-or-string: true + direction: + description: "`direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`." + enum: + - "Ingress" + - "Egress" + type: "string" + icmpCode: + description: "`icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by." + type: "integer" + icmpType: + description: "`icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by." + type: "integer" + peerCIDR: + description: "`peerCIDR` defines the Peer IP CIDR to filter flows by.\nExamples: `10.10.10.0/24` or `100:100:100:100::/64`" + type: "string" + peerIP: + description: "`peerIP` optionally defines the remote IP address to filter flows by.\nExample: `10.10.10.10`." + type: "string" + pktDrops: + description: "`pktDrops` optionally filters only flows containing packet drops." + type: "boolean" + ports: + anyOf: + - type: "integer" + - type: "string" + description: "`ports` optionally defines the ports to filter flows by. It is used both for source and destination ports.\nTo filter a single port, set a single port as an integer value. For example, `ports: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `ports: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + x-kubernetes-int-or-string: true + protocol: + description: "`protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`." + enum: + - "TCP" + - "UDP" + - "ICMP" + - "ICMPv6" + - "SCTP" + type: "string" + sampling: + description: "`sampling` sampling rate for the matched flows, overriding the global sampling defined at `spec.agent.ebpf.sampling`." + format: "int32" + type: "integer" + sourcePorts: + anyOf: + - type: "integer" + - type: "string" + description: "`sourcePorts` optionally defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `sourcePorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + x-kubernetes-int-or-string: true + tcpFlags: + description: "`tcpFlags` optionally defines TCP flags to filter flows by.\nIn addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`." + enum: + - "SYN" + - "SYN-ACK" + - "ACK" + - "FIN" + - "RST" + - "URG" + - "ECE" + - "CWR" + - "FIN-ACK" + - "RST-ACK" + type: "string" + type: "object" + maxItems: 16 + minItems: 1 + type: "array" + sampling: + description: "`sampling` sampling rate for the matched flows, overriding the global sampling defined at `spec.agent.ebpf.sampling`." + format: "int32" + type: "integer" sourcePorts: anyOf: - type: "integer" - type: "string" - description: "`sourcePorts` defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `sourcePorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." + description: "`sourcePorts` optionally defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example, `sourcePorts: \"80-100\"`.\nTo filter two ports, use a \"port1,port2\" in string format. For example, `ports: \"80,100\"`." x-kubernetes-int-or-string: true tcpFlags: - description: "`tcpFlags` defines the TCP flags to filter flows by." + description: "`tcpFlags` optionally defines TCP flags to filter flows by.\nIn addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`." enum: - "SYN" - "SYN-ACK" @@ -847,7 +941,7 @@ spec: description: "Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." type: "string" type: - description: "Type for the file reference: \"configmap\" or \"secret\"." + description: "Type for the file reference: `configmap` or `secret`." enum: - "configmap" - "secret" @@ -2023,7 +2117,7 @@ spec: - "Kafka" type: "string" exporters: - description: "`exporters` define additional optional exporters for custom consumption or storage." + description: "`exporters` defines additional optional exporters for custom consumption or storage." items: description: "`FlowCollectorExporter` defines an additional exporter to send enriched flows to." properties: @@ -2035,6 +2129,7 @@ spec: description: "Address of the IPFIX external receiver." type: "string" targetPort: + default: 4739 description: "Port for the IPFIX external receiver." type: "integer" transport: @@ -2071,7 +2166,7 @@ spec: description: "Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." type: "string" type: - description: "Type for the file reference: \"configmap\" or \"secret\"." + description: "Type for the file reference: `configmap` or `secret`." enum: - "configmap" - "secret" @@ -2091,7 +2186,7 @@ spec: description: "Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." type: "string" type: - description: "Type for the file reference: \"configmap\" or \"secret\"." + description: "Type for the file reference: `configmap` or `secret`." enum: - "configmap" - "secret" @@ -2223,6 +2318,7 @@ spec: description: "Address of the OpenTelemetry receiver." type: "string" targetPort: + default: 4317 description: "Port for the OpenTelemetry receiver." type: "integer" tls: @@ -2288,7 +2384,7 @@ spec: - "targetPort" type: "object" type: - description: "`type` selects the type of exporters. The available options are `Kafka` and `IPFIX`." + description: "`type` selects the type of exporters. The available options are `Kafka`, `IPFIX`, and `OpenTelemetry`." enum: - "Kafka" - "IPFIX" @@ -2322,7 +2418,7 @@ spec: description: "Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." type: "string" type: - description: "Type for the file reference: \"configmap\" or \"secret\"." + description: "Type for the file reference: `configmap` or `secret`." enum: - "configmap" - "secret" @@ -2342,7 +2438,7 @@ spec: description: "Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." type: "string" type: - description: "Type for the file reference: \"configmap\" or \"secret\"." + description: "Type for the file reference: `configmap` or `secret`." enum: - "configmap" - "secret" @@ -2798,7 +2894,7 @@ spec: type: "string" type: "array" enable: - description: "Set `enable` to `true` to deploy network policies on the namespaces used by NetObserv (main and privileged). It is disabled by default.\nThese network policies better isolate the NetObserv components to prevent undesired connections to them.\nWe recommend you either enable it, or create your own network policy for NetObserv." + description: "Set `enable` to `true` to deploy network policies on the namespaces used by NetObserv (main and privileged). It is disabled by default.\nThese network policies better isolate the NetObserv components to prevent undesired connections to them.\nTo increase the security of connections, enable this option or create your own network policy." type: "boolean" type: "object" processor: @@ -3447,7 +3543,7 @@ spec: type: "array" type: "object" secondaryNetworks: - description: "Define secondary networks to be checked for resources identification.\nTo guarantee a correct identification, indexed values must form an unique identifier across the cluster.\nIf the same index is used by several resources, those resources might be incorrectly labeled." + description: "Defines secondary networks to be checked for resources identification.\nTo guarantee a correct identification, indexed values must form an unique identifier across the cluster.\nIf the same index is used by several resources, those resources might be incorrectly labeled." items: properties: index: @@ -3473,6 +3569,71 @@ spec: default: "" description: "`clusterName` is the name of the cluster to appear in the flows data. This is useful in a multi-cluster context. When using OpenShift, leave empty to make it automatically determined." type: "string" + deduper: + description: "`deduper` allows you to sample or drop flows identified as duplicates, in order to save on resource usage.\n[Unsupported (*)]." + properties: + mode: + default: "Disabled" + description: "Set the Processor de-duplication mode. It comes in addition to the Agent-based deduplication because the Agent cannot de-duplicate same flows reported from different nodes.
\n- Use `Drop` to drop every flow considered as duplicates, allowing saving more on resource usage but potentially losing some information such as the network interfaces used from peer, or network events.
\n- Use `Sample` to randomly keep only one flow on 50, which is the default, among the ones considered as duplicates. This is a compromise between dropping every duplicate or keeping every duplicate. This sampling action comes in addition to the Agent-based sampling. If both Agent and Processor sampling values are `50`, the combined sampling is 1:2500.
\n- Use `Disabled` to turn off Processor-based de-duplication.
" + enum: + - "Disabled" + - "Drop" + - "Sample" + type: "string" + sampling: + default: 50 + description: "`sampling` is the sampling rate when deduper `mode` is `Sample`." + format: "int32" + minimum: 0.0 + type: "integer" + type: "object" + filters: + description: "`filters` lets you define custom filters to limit the amount of generated flows.\nThese filters provide more flexibility than the eBPF Agent filters (in `spec.agent.ebpf.flowFilter`), such as allowing to filter by Kubernetes namespace,\nbut with a lesser improvement in performance.\n[Unsupported (*)]." + items: + description: "`FLPFilterSet` defines the desired configuration for FLP-based filtering satisfying all conditions." + properties: + allOf: + description: "`filters` is a list of matches that must be all satisfied in order to remove a flow." + items: + description: "`FLPSingleFilter` defines the desired configuration for a single FLP-based filter." + properties: + field: + description: "Name of the field to filter on.\nRefer to the documentation for the list of available fields: https://github.com/netobserv/network-observability-operator/blob/main/docs/flows-format.adoc." + type: "string" + matchType: + default: "Equal" + description: "Type of matching to apply." + enum: + - "Equal" + - "NotEqual" + - "Presence" + - "Absence" + - "MatchRegex" + - "NotMatchRegex" + type: "string" + value: + description: "Value to filter on. When `matchType` is `Equal` or `NotEqual`, you can use field injection with `$(SomeField)` to refer to any other field of the flow." + type: "string" + required: + - "field" + - "matchType" + type: "object" + type: "array" + outputTarget: + description: "If specified, these filters only target a single output: `Loki`, `Metrics` or `Exporters`. By default, all outputs are targeted." + enum: + - "" + - "Loki" + - "Metrics" + - "Exporters" + type: "string" + sampling: + description: "`sampling` is an optional sampling rate to apply to this filter." + format: "int32" + minimum: 0.0 + type: "integer" + type: "object" + type: "array" imagePullPolicy: default: "IfNotPresent" description: "`imagePullPolicy` is the Kubernetes pull policy for the image defined above" @@ -3798,7 +3959,7 @@ spec: type: "string" logTypes: default: "Flows" - description: "`logTypes` defines the desired record types to generate. Possible values are:
\n- `Flows` (default) to export regular network flows
\n- `Conversations` to generate events for started conversations, ended conversations as well as periodic \"tick\" updates
\n- `EndedConversations` to generate only ended conversations events
\n- `All` to generate both network flows and all conversations events
" + description: "`logTypes` defines the desired record types to generate. Possible values are:
\n- `Flows` to export regular network flows. This is the default.
\n- `Conversations` to generate events for started conversations, ended conversations as well as periodic \"tick\" updates.
\n- `EndedConversations` to generate only ended conversations events.
\n- `All` to generate both network flows and all conversations events. It is not recommended due to the impact on resources footprint.
" enum: - "Flows" - "Conversations" @@ -3818,7 +3979,7 @@ spec: type: "string" type: "array" includeList: - description: "`includeList` is a list of metric names to specify which ones to generate.\nThe names correspond to the names in Prometheus without the prefix. For example,\n`namespace_egress_packets_total` shows up as `netobserv_namespace_egress_packets_total` in Prometheus.\nNote that the more metrics you add, the bigger is the impact on Prometheus workload resources.\nMetrics enabled by default are:\n`namespace_flows_total`, `node_ingress_bytes_total`, `node_egress_bytes_total`, `workload_ingress_bytes_total`,\n`workload_egress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled),\n`namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled).\nMore information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md" + description: "`includeList` is a list of metric names to specify which ones to generate.\nThe names correspond to the names in Prometheus without the prefix. For example,\n`namespace_egress_packets_total` shows up as `netobserv_namespace_egress_packets_total` in Prometheus.\nNote that the more metrics you add, the bigger is the impact on Prometheus workload resources.\nMetrics enabled by default are:\n`namespace_flows_total`, `node_ingress_bytes_total`, `node_egress_bytes_total`, `workload_ingress_bytes_total`,\n`workload_egress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled),\n`namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled),\n`namespace_network_policy_events_total` (when `NetworkEvents` feature is enabled).\nMore information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md" items: description: "Metric name. More information in https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md." enum: @@ -3849,6 +4010,9 @@ spec: - "namespace_dns_latency_seconds" - "node_dns_latency_seconds" - "workload_dns_latency_seconds" + - "node_network_policy_events_total" + - "namespace_network_policy_events_total" + - "workload_network_policy_events_total" type: "string" type: "array" server: @@ -3904,7 +4068,7 @@ spec: description: "Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.\nIf the namespace is different, the config map or the secret is copied so that it can be mounted as required." type: "string" type: - description: "Type for the file reference: \"configmap\" or \"secret\"." + description: "Type for the file reference: `configmap` or `secret`." enum: - "configmap" - "secret" @@ -4097,7 +4261,7 @@ spec: description: "`FlowCollectorStatus` defines the observed state of FlowCollector" properties: conditions: - description: "`conditions` represent the latest available observations of an object's state" + description: "`conditions` represents the latest available observations of an object's state" items: description: "Condition contains details for one aspect of the current state of this API Resource." properties: diff --git a/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml b/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml index 6651e1a8d..f412bcff4 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/appprotectdos.f5.com/v1beta1/dosprotectedresources.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "dosprotectedresources.appprotectdos.f5.com" spec: group: "appprotectdos.f5.com" diff --git a/crd-catalog/nginxinc/kubernetes-ingress/externaldns.nginx.org/v1/dnsendpoints.yaml b/crd-catalog/nginxinc/kubernetes-ingress/externaldns.nginx.org/v1/dnsendpoints.yaml index 54a449a90..31b0ddec2 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/externaldns.nginx.org/v1/dnsendpoints.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/externaldns.nginx.org/v1/dnsendpoints.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "dnsendpoints.externaldns.nginx.org" spec: group: "externaldns.nginx.org" diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/globalconfigurations.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/globalconfigurations.yaml index 939af966c..d4cfe3bad 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/globalconfigurations.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/globalconfigurations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "globalconfigurations.k8s.nginx.org" spec: group: "k8s.nginx.org" diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml index bef2c5cb2..c09c22871 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "policies.k8s.nginx.org" spec: group: "k8s.nginx.org" @@ -162,6 +162,25 @@ spec: properties: burst: type: "integer" + condition: + description: "RateLimitCondition defines a condition for a rate limit policy." + properties: + default: + type: "boolean" + jwt: + description: "JWTCondition defines a condition for a rate limit by JWT claim." + properties: + claim: + pattern: "^([^$\\s\"'])*$" + type: "string" + match: + pattern: "^([^$\\s.\"'])*$" + type: "string" + required: + - "claim" + - "match" + type: "object" + type: "object" delay: type: "integer" dryRun: diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/transportservers.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/transportservers.yaml index e8b2e948c..df59f428e 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/transportservers.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/transportservers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "transportservers.k8s.nginx.org" spec: group: "k8s.nginx.org" diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualserverroutes.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualserverroutes.yaml index 25c0c9015..01dde9cad 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualserverroutes.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualserverroutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "virtualserverroutes.k8s.nginx.org" spec: group: "k8s.nginx.org" diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualservers.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualservers.yaml index cc3215427..7a439439f 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualservers.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/virtualservers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "virtualservers.k8s.nginx.org" spec: group: "k8s.nginx.org" diff --git a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/clientsettingspolicies.yaml b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/clientsettingspolicies.yaml index d1246f045..4589c3441 100644 --- a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/clientsettingspolicies.yaml +++ b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/clientsettingspolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: gateway.networking.k8s.io/policy: "inherited" name: "clientsettingspolicies.gateway.nginx.org" diff --git a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxgateways.yaml b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxgateways.yaml index c658f348b..3d7342b99 100644 --- a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxgateways.yaml +++ b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxgateways.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "nginxgateways.gateway.nginx.org" spec: group: "gateway.nginx.org" diff --git a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml index 76f110467..6fea229f6 100644 --- a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml +++ b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/nginxproxies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "nginxproxies.gateway.nginx.org" spec: group: "gateway.nginx.org" @@ -63,6 +63,29 @@ spec: - "emerg" type: "string" type: "object" + nginxPlus: + description: "NginxPlus specifies NGINX Plus additional settings." + properties: + allowedAddresses: + description: "AllowedAddresses specifies IPAddresses or CIDR blocks to the allow list for accessing the NGINX Plus API." + items: + description: "NginxPlusAllowAddress specifies the address type and value for an NginxPlus allow address." + properties: + type: + description: "Type specifies the type of address." + enum: + - "CIDR" + - "IPAddress" + type: "string" + value: + description: "Value specifies the address value." + type: "string" + required: + - "type" + - "value" + type: "object" + type: "array" + type: "object" rewriteClientIP: description: "RewriteClientIP defines configuration for rewriting the client IP to the original client's IP." properties: @@ -78,7 +101,7 @@ spec: trustedAddresses: description: "TrustedAddresses specifies the addresses that are trusted to send correct client IP information.\nIf a request comes from a trusted address, NGINX will rewrite the client IP information,\nand forward it to the backend in the X-Forwarded-For* and X-Real-IP headers.\nIf the request does not come from a trusted address, NGINX will not rewrite the client IP information.\nTrustedAddresses only supports CIDR blocks: 192.33.21.1/24, fe80::1/64.\nTo trust all addresses (not recommended for production), set to 0.0.0.0/0.\nIf no addresses are provided, NGINX will not rewrite the client IP information.\nSets NGINX directive set_real_ip_from: https://nginx.org/en/docs/http/ngx_http_realip_module.html#set_real_ip_from\nThis field is required if mode is set." items: - description: "Address is a struct that specifies address type and value." + description: "RewriteClientIPAddress specifies the address type and value for a RewriteClientIP address." properties: type: description: "Type specifies the type of address." diff --git a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml index 5e750d65a..3da1b3351 100644 --- a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml +++ b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha1/observabilitypolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" labels: gateway.networking.k8s.io/policy: "direct" name: "observabilitypolicies.gateway.nginx.org" @@ -21,6 +21,8 @@ spec: - jsonPath: ".metadata.creationTimestamp" name: "Age" type: "date" + deprecated: true + deprecationWarning: "The 'v1alpha1' version of ObservabilityPolicy API is deprecated, please migrate to 'v1alpha2'." name: "v1alpha1" schema: openAPIV3Schema: @@ -64,11 +66,12 @@ spec: - "name" type: "object" maxItems: 16 + minItems: 1 type: "array" x-kubernetes-validations: - message: "TargetRef Kind must be: HTTPRoute or GRPCRoute" rule: "(self.exists(t, t.kind=='HTTPRoute') || self.exists(t, t.kind=='GRPCRoute'))" - - message: "TargetRef Group must be gateway.networking.k8s.io." + - message: "TargetRef Group must be gateway.networking.k8s.io" rule: "self.all(t, t.group=='gateway.networking.k8s.io')" tracing: description: "Tracing allows for enabling and configuring tracing." @@ -252,6 +255,6 @@ spec: - "spec" type: "object" served: true - storage: true + storage: false subresources: status: {} diff --git a/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha2/observabilitypolicies.yaml b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha2/observabilitypolicies.yaml new file mode 100644 index 000000000..26c9246a9 --- /dev/null +++ b/crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha2/observabilitypolicies.yaml @@ -0,0 +1,260 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.17.2" + labels: + gateway.networking.k8s.io/policy: "direct" + name: "observabilitypolicies.gateway.nginx.org" +spec: + group: "gateway.nginx.org" + names: + categories: + - "nginx-gateway-fabric" + kind: "ObservabilityPolicy" + listKind: "ObservabilityPolicyList" + plural: "observabilitypolicies" + singular: "observabilitypolicy" + scope: "Namespaced" + versions: + - additionalPrinterColumns: + - jsonPath: ".metadata.creationTimestamp" + name: "Age" + type: "date" + name: "v1alpha2" + schema: + openAPIV3Schema: + description: "ObservabilityPolicy is a Direct Attached Policy. It provides a way to configure observability settings for\nthe NGINX Gateway Fabric data plane. Used in conjunction with the NginxProxy CRD that is attached to the\nGatewayClass parametersRef." + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + description: "Spec defines the desired state of the ObservabilityPolicy." + properties: + targetRefs: + description: "TargetRefs identifies the API object(s) to apply the policy to.\nObjects must be in the same namespace as the policy.\nSupport: HTTPRoute, GRPCRoute.\n\nTargetRefs must be _distinct_. This means that the multi-part key defined by `kind` and `name` must\nbe unique across all targetRef entries in the ObservabilityPolicy." + items: + description: "LocalPolicyTargetReference identifies an API object to apply a direct or\ninherited policy to. This should be used as part of Policy resources\nthat can target Gateway API resources. For more information on how this\npolicy attachment model works, and a sample Policy resource, refer to\nthe policy attachment documentation for Gateway API." + properties: + group: + description: "Group is the group of the target resource." + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + description: "Kind is kind of the target resource." + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the target resource." + maxLength: 253 + minLength: 1 + type: "string" + required: + - "group" + - "kind" + - "name" + type: "object" + maxItems: 16 + minItems: 1 + type: "array" + x-kubernetes-validations: + - message: "TargetRef Kind must be: HTTPRoute or GRPCRoute" + rule: "(self.exists(t, t.kind=='HTTPRoute') || self.exists(t, t.kind=='GRPCRoute'))" + - message: "TargetRef Group must be gateway.networking.k8s.io" + rule: "self.all(t, t.group=='gateway.networking.k8s.io')" + - message: "TargetRef Kind and Name combination must be unique" + rule: "self.all(p1, self.exists_one(p2, (p1.name == p2.name) && (p1.kind == p2.kind)))" + tracing: + description: "Tracing allows for enabling and configuring tracing." + properties: + context: + description: "Context specifies how to propagate traceparent/tracestate headers.\nDefault: https://nginx.org/en/docs/ngx_otel_module.html#otel_trace_context" + enum: + - "extract" + - "inject" + - "propagate" + - "ignore" + type: "string" + ratio: + description: "Ratio is the percentage of traffic that should be sampled. Integer from 0 to 100.\nBy default, 100% of http requests are traced. Not applicable for parent-based tracing.\nIf ratio is set to 0, tracing is disabled." + format: "int32" + maximum: 100.0 + minimum: 0.0 + type: "integer" + spanAttributes: + description: "SpanAttributes are custom key/value attributes that are added to each span." + items: + description: "SpanAttribute is a key value pair to be added to a tracing span." + properties: + key: + description: "Key is the key for a span attribute.\nFormat: must have all '\"' escaped and must not contain any '$' or end with an unescaped '\\'" + maxLength: 255 + minLength: 1 + pattern: "^([^\"$\\\\]|\\\\[^$])*$" + type: "string" + value: + description: "Value is the value for a span attribute.\nFormat: must have all '\"' escaped and must not contain any '$' or end with an unescaped '\\'" + maxLength: 255 + minLength: 1 + pattern: "^([^\"$\\\\]|\\\\[^$])*$" + type: "string" + required: + - "key" + - "value" + type: "object" + maxItems: 64 + type: "array" + x-kubernetes-list-map-keys: + - "key" + x-kubernetes-list-type: "map" + spanName: + description: "SpanName defines the name of the Otel span. By default is the name of the location for a request.\nIf specified, applies to all locations that are created for a route.\nFormat: must have all '\"' escaped and must not contain any '$' or end with an unescaped '\\'\nExamples of invalid names: some-$value, quoted-\"value\"-name, unescaped\\" + maxLength: 255 + minLength: 1 + pattern: "^([^\"$\\\\]|\\\\[^$])*$" + type: "string" + strategy: + description: "Strategy defines if tracing is ratio-based or parent-based." + enum: + - "ratio" + - "parent" + type: "string" + required: + - "strategy" + type: "object" + x-kubernetes-validations: + - message: "ratio can only be specified if strategy is of type ratio" + rule: "!(has(self.ratio) && self.strategy != 'ratio')" + required: + - "targetRefs" + type: "object" + status: + description: "Status defines the state of the ObservabilityPolicy." + properties: + ancestors: + description: "Ancestors is a list of ancestor resources (usually Gateways) that are\nassociated with the policy, and the status of the policy with respect to\neach ancestor. When this policy attaches to a parent, the controller that\nmanages the parent and the ancestors MUST add an entry to this list when\nthe controller first sees the policy and SHOULD update the entry as\nappropriate when the relevant ancestor is modified.\n\nNote that choosing the relevant ancestor is left to the Policy designers;\nan important part of Policy design is designing the right object level at\nwhich to namespace this status.\n\nNote also that implementations MUST ONLY populate ancestor status for\nthe Ancestor resources they are responsible for. Implementations MUST\nuse the ControllerName field to uniquely identify the entries in this list\nthat they are responsible for.\n\nNote that to achieve this, the list of PolicyAncestorStatus structs\nMUST be treated as a map with a composite key, made up of the AncestorRef\nand ControllerName fields combined.\n\nA maximum of 16 ancestors will be represented in this list. An empty list\nmeans the Policy is not relevant for any ancestors.\n\nIf this slice is full, implementations MUST NOT add further entries.\nInstead they MUST consider the policy unimplementable and signal that\non any related resources such as the ancestor that would be referenced\nhere. For example, if this list was full on BackendTLSPolicy, no\nadditional Gateways would be able to reference the Service targeted by\nthe BackendTLSPolicy." + items: + description: "PolicyAncestorStatus describes the status of a route with respect to an\nassociated Ancestor.\n\nAncestors refer to objects that are either the Target of a policy or above it\nin terms of object hierarchy. For example, if a policy targets a Service, the\nPolicy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and\nthe GatewayClass. Almost always, in this hierarchy, the Gateway will be the most\nuseful object to place Policy status on, so we recommend that implementations\nSHOULD use Gateway as the PolicyAncestorStatus object unless the designers\nhave a _very_ good reason otherwise.\n\nIn the context of policy attachment, the Ancestor is used to distinguish which\nresource results in a distinct application of this policy. For example, if a policy\ntargets a Service, it may have a distinct result per attached Gateway.\n\nPolicies targeting the same resource may have different effects depending on the\nancestors of those resources. For example, different Gateways targeting the same\nService may have different capabilities, especially if they have different underlying\nimplementations.\n\nFor example, in BackendTLSPolicy, the Policy attaches to a Service that is\nused as a backend in a HTTPRoute that is itself attached to a Gateway.\nIn this case, the relevant object for status is the Gateway, and that is the\nancestor object referred to in this status.\n\nNote that a parent is also an ancestor, so for objects where the parent is the\nrelevant object for status, this struct SHOULD still be used.\n\nThis struct is intended to be used in a slice that's effectively a map,\nwith a composite key made up of the AncestorRef and the ControllerName." + properties: + ancestorRef: + description: "AncestorRef corresponds with a ParentRef in the spec that this\nPolicyAncestorStatus struct describes the status of." + properties: + group: + default: "gateway.networking.k8s.io" + description: "Group is the group of the referent.\nWhen unspecified, \"gateway.networking.k8s.io\" is inferred.\nTo set the core API group (such as for a \"Service\" kind referent),\nGroup must be explicitly set to \"\" (empty string).\n\nSupport: Core" + maxLength: 253 + pattern: "^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + kind: + default: "Gateway" + description: "Kind is kind of the referent.\n\nThere are two kinds of parent resources with \"Core\" support:\n\n* Gateway (Gateway conformance profile)\n* Service (Mesh conformance profile, ClusterIP Services only)\n\nSupport for other resources is Implementation-Specific." + maxLength: 63 + minLength: 1 + pattern: "^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$" + type: "string" + name: + description: "Name is the name of the referent.\n\nSupport: Core" + maxLength: 253 + minLength: 1 + type: "string" + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers\nto the local namespace of the Route.\n\nNote that there are specific rules for ParentRefs which cross namespace\nboundaries. Cross-namespace references are only valid if they are explicitly\nallowed by something in the namespace they are referring to. For example:\nGateway has the AllowedRoutes field, and ReferenceGrant provides a\ngeneric way to enable any other kind of cross-namespace reference.\n\n\nParentRefs from a Route to a Service in the same namespace are \"producer\"\nroutes, which apply default routing rules to inbound connections from\nany namespace to the Service.\n\nParentRefs from a Route to a Service in a different namespace are\n\"consumer\" routes, and these routing rules are only applied to outbound\nconnections originating from the same namespace as the Route, for which\nthe intended destination of the connections are a Service targeted as a\nParentRef of the Route.\n\n\nSupport: Core" + maxLength: 63 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$" + type: "string" + port: + description: "Port is the network port this Route targets. It can be interpreted\ndifferently based on the type of parent resource.\n\nWhen the parent resource is a Gateway, this targets all listeners\nlistening on the specified port that also support this kind of Route(and\nselect this Route). It's not recommended to set `Port` unless the\nnetworking behaviors specified in a Route must apply to a specific port\nas opposed to a listener(s) whose port(s) may be changed. When both Port\nand SectionName are specified, the name and port of the selected listener\nmust match both specified values.\n\n\nWhen the parent resource is a Service, this targets a specific port in the\nService spec. When both Port (experimental) and SectionName are specified,\nthe name and port of the selected port must match both specified values.\n\n\nImplementations MAY choose to support other parent resources.\nImplementations supporting other types of parent resources MUST clearly\ndocument how/if Port is interpreted.\n\nFor the purpose of status, an attachment is considered successful as\nlong as the parent resource accepts it partially. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment\nfrom the referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route,\nthe Route MUST be considered detached from the Gateway.\n\nSupport: Extended" + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" + sectionName: + description: "SectionName is the name of a section within the target resource. In the\nfollowing resources, SectionName is interpreted as the following:\n\n* Gateway: Listener name. When both Port (experimental) and SectionName\nare specified, the name and port of the selected listener must match\nboth specified values.\n* Service: Port name. When both Port (experimental) and SectionName\nare specified, the name and port of the selected listener must match\nboth specified values.\n\nImplementations MAY choose to support attaching Routes to other resources.\nIf that is the case, they MUST clearly document how SectionName is\ninterpreted.\n\nWhen unspecified (empty string), this will reference the entire resource.\nFor the purpose of status, an attachment is considered successful if at\nleast one section in the parent resource accepts it. For example, Gateway\nlisteners can restrict which Routes can attach to them by Route kind,\nnamespace, or hostname. If 1 of 2 Gateway listeners accept attachment from\nthe referencing Route, the Route MUST be considered successfully\nattached. If no Gateway listeners accept attachment from this Route, the\nRoute MUST be considered detached from the Gateway.\n\nSupport: Core" + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + type: "string" + required: + - "name" + type: "object" + conditions: + description: "Conditions describes the status of the Policy with respect to the given Ancestor." + items: + description: "Condition contains details for one aspect of the current state of this API Resource." + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase." + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + maxItems: 8 + minItems: 1 + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" + controllerName: + description: "ControllerName is a domain/path string that indicates the name of the\ncontroller that wrote this status. This corresponds with the\ncontrollerName field on GatewayClass.\n\nExample: \"example.net/gateway-controller\".\n\nThe format of this field is DOMAIN \"/\" PATH, where DOMAIN and PATH are\nvalid Kubernetes names\n(https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).\n\nControllers MUST populate this field when writing status. Controllers should ensure that\nentries to status populated with their ControllerName are cleaned up when they are no\nlonger necessary." + maxLength: 253 + minLength: 1 + pattern: "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\\/[A-Za-z0-9\\/\\-._~%!$&'()*+,;=:]+$" + type: "string" + required: + - "ancestorRef" + - "controllerName" + type: "object" + maxItems: 16 + type: "array" + required: + - "ancestors" + type: "object" + required: + - "spec" + type: "object" + served: true + storage: true + subresources: + status: {} diff --git a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml index 9d75da812..b7367c920 100644 --- a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml +++ b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/clustermanagers.yaml @@ -170,6 +170,26 @@ spec: - "feature" type: "object" type: "array" + registrationDrivers: + description: "RegistrationDrivers represent the list of hub registration drivers that contain information used by hub to initialize the hub cluster\nA RegistrationDriverHub contains details of authentication type and the hub cluster ARN" + items: + properties: + authType: + default: "csr" + description: "Type of the authentication used by hub to initialize the Hub cluster. Possible values are csr and awsirsa." + enum: + - "csr" + - "awsirsa" + type: "string" + hubClusterArn: + description: "This represents the hub cluster ARN\nExample - arn:eks:us-west-2:12345678910:cluster/hub-cluster1" + pattern: "^arn:aws:eks:([a-zA-Z0-9-]+):(\\d{12}):cluster/([a-zA-Z0-9-]+)$" + type: "string" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "authType" + x-kubernetes-list-type: "map" type: "object" registrationImagePullSpec: default: "quay.io/open-cluster-management/registration" diff --git a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml index e0b142a80..0d2e8ba57 100644 --- a/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml +++ b/crd-catalog/open-cluster-management-io/ocm/operator.open-cluster-management.io/v1/klusterlets.yaml @@ -198,10 +198,12 @@ spec: hubClusterArn: description: "The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet.\nExample - arn:eks:us-west-2:12345678910:cluster/hub-cluster1." minLength: 1 + pattern: "^arn:aws:eks:([a-zA-Z0-9-]+):(\\d{12}):cluster/([a-zA-Z0-9-]+)$" type: "string" managedClusterArn: description: "The arn of the managed cluster (ie: an EKS cluster). This will be required to generate the md5hash which will be used as a suffix to create IAM role on hub\nas well as used by kluslerlet-agent, to assume role suffixed with the md5hash, on startup.\nExample - arn:eks:us-west-2:12345678910:cluster/managed-cluster1." minLength: 1 + pattern: "^arn:aws:eks:([a-zA-Z0-9-]+):(\\d{12}):cluster/([a-zA-Z0-9-]+)$" type: "string" type: "object" type: "object" diff --git a/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha1/featureflagconfigurations.yaml b/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha1/featureflagconfigurations.yaml index 8816d8f5f..f1dcc9a7b 100644 --- a/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha1/featureflagconfigurations.yaml +++ b/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha1/featureflagconfigurations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "featureflagconfigurations.core.openfeature.dev" spec: group: "core.openfeature.dev" @@ -58,7 +58,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -107,7 +108,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -130,14 +132,14 @@ spec: nullable: true properties: credentials: - description: "ObjectReference contains enough information to let you inspect or modify the referred object.\n---\nNew uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.\n 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.\n 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular\n restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\".\n Those cannot be well described when embedded.\n 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.\n 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity\n during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple\n and the version of the actual struct is irrelevant.\n 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type\n will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.\n\n\nInstead of using this type, create a locally provided and used type that is well-focused on your reference.\nFor example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object." nullable: true properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" diff --git a/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha2/featureflagconfigurations.yaml b/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha2/featureflagconfigurations.yaml index 39a82958b..c1173c61e 100644 --- a/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha2/featureflagconfigurations.yaml +++ b/crd-catalog/open-feature/open-feature-operator/core.openfeature.dev/v1alpha2/featureflagconfigurations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "featureflagconfigurations.core.openfeature.dev" spec: group: "core.openfeature.dev" @@ -87,7 +87,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -136,7 +137,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -155,13 +157,16 @@ spec: description: "Resources defines flagd sidecar resources. Default to operator sidecar-cpu-* and sidecar-ram-* flags." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -193,14 +198,14 @@ spec: nullable: true properties: credentials: - description: "ObjectReference contains enough information to let you inspect or modify the referred object.\n---\nNew uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.\n 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.\n 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular\n restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\".\n Those cannot be well described when embedded.\n 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.\n 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity\n during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple\n and the version of the actual struct is irrelevant.\n 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type\n will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.\n\n\nInstead of using this type, create a locally provided and used type that is well-focused on your reference.\nFor example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + description: "ObjectReference contains enough information to let you inspect or modify the referred object." nullable: true properties: apiVersion: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" diff --git a/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml b/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml index 84e117274..043579e95 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/config.gatekeeper.sh/v1alpha1/configs.yaml @@ -99,7 +99,38 @@ spec: type: "object" status: description: "ConfigStatus defines the observed state of Config." + properties: + byPod: + items: + properties: + configUID: + description: "UID is a type that holds unique ID values, including UUIDs. Because we\ndon't ONLY use UUIDs, this is an alias to string. Being a type captures\nintent and helps make sure that UIDs and names do not get conflated." + type: "string" + errors: + items: + properties: + message: + type: "string" + type: + type: "string" + required: + - "message" + type: "object" + type: "array" + id: + type: "string" + observedGeneration: + format: "int64" + type: "integer" + operations: + items: + type: "string" + type: "array" + type: "object" + type: "array" type: "object" type: "object" served: true storage: true + subresources: + status: {} diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml index 3d5c49eff..09615e777 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constraintpodstatuses.yaml @@ -37,6 +37,24 @@ spec: type: "string" enforced: type: "boolean" + enforcementPointsStatus: + items: + description: "EnforcementPointStatus represents the status of a single enforcement point." + properties: + enforcementPoint: + type: "string" + message: + type: "string" + observedGeneration: + format: "int64" + type: "integer" + state: + type: "string" + required: + - "enforcementPoint" + - "state" + type: "object" + type: "array" errors: items: description: "Error represents a single error caught while adding a constraint to engine." diff --git a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml index a89bf4121..53e5a27d9 100644 --- a/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml +++ b/crd-catalog/open-policy-agent/gatekeeper/status.gatekeeper.sh/v1beta1/constrainttemplatepodstatuses.yaml @@ -60,6 +60,17 @@ spec: templateUID: description: "UID is a type that holds unique ID values, including UUIDs. Because we\ndon't ONLY use UUIDs, this is an alias to string. Being a type captures\nintent and helps make sure that UIDs and names do not get conflated." type: "string" + vapGenerationStatus: + description: "VAPGenerationStatus represents the status of VAP generation." + properties: + observedGeneration: + format: "int64" + type: "integer" + state: + type: "string" + warning: + type: "string" + type: "object" type: "object" type: "object" served: true diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml index f4e1d272e..1eb589ca4 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/instrumentations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "instrumentations.opentelemetry.io" spec: group: "opentelemetry.io" diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml index 6442c20db..774c8aef8 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opampbridges.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "opampbridges.opentelemetry.io" spec: group: "opentelemetry.io" @@ -649,6 +649,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml index 43cf7b87c..39d0614b7 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1alpha1/opentelemetrycollectors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "opentelemetrycollectors.opentelemetry.io" spec: group: "opentelemetry.io" @@ -2385,6 +2385,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -3153,6 +3155,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml index 3664b3ba7..842f27deb 100644 --- a/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml +++ b/crd-catalog/open-telemetry/opentelemetry-operator/opentelemetry.io/v1beta1/opentelemetrycollectors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "opentelemetrycollectors.opentelemetry.io" spec: group: "opentelemetry.io" @@ -2490,6 +2490,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -3282,6 +3284,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -3365,6 +3369,58 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + probeSelector: + properties: + matchExpressions: + items: + properties: + key: + type: "string" + operator: + type: "string" + values: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + scrapeConfigSelector: + properties: + matchExpressions: + items: + properties: + key: + type: "string" + operator: + type: "string" + values: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" scrapeInterval: default: "30s" format: "duration" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml index b6f760950..97ad222ae 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml @@ -55,7 +55,6 @@ spec: type: "string" valueJSON: description: "ValueJSON is a string representing a JSON object to be used in the operation. As such,\ninternal quotes must be escaped. If nonempty, Value is ignored." - format: "byte" type: "string" required: - "op" @@ -87,24 +86,43 @@ spec: conditions: description: "Conditions describes the state of the operator's reconciliation functionality." items: - description: "Condition represents the state of the operator's\nreconciliation functionality." + description: "Condition contains details for one aspect of the current state of this API Resource." properties: - lastHeartbeatTime: - format: "date-time" - type: "string" lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" type: "string" status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" type: "string" type: - description: "ConditionType is the state of the operator's reconciliation functionality." + description: "type of condition in CamelCase or in foo.example.com/CamelCase." + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" required: + - "lastTransitionTime" + - "message" + - "reason" - "status" - "type" type: "object" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml index b38a430c5..497f33cac 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml @@ -489,6 +489,9 @@ spec: type: "string" type: "object" x-kubernetes-map-type: "atomic" + discardLocalSsdOnHibernate: + description: "DiscardLocalSsdOnHibernate passes the specified value through to the GCP API to indicate\nwhether the content of any local SSDs should be preserved or discarded. See\nhttps://cloud.google.com/compute/docs/disks/local-ssd#stop_instance\nThis field is required when attempting to hibernate clusters with instances possessing\nSSDs -- e.g. those with GPUs." + type: "boolean" privateServiceConnect: description: "PrivateSericeConnect allows users to enable access to the cluster's API server using GCP\nPrivate Service Connect. It includes a forwarding rule paired with a Service Attachment\nacross GCP accounts and allows clients to connect to services using GCP internal networking\nof using public load balancers." properties: diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml index 862a04315..3baae0d85 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml @@ -366,6 +366,9 @@ spec: type: "string" type: "object" x-kubernetes-map-type: "atomic" + discardLocalSsdOnHibernate: + description: "DiscardLocalSsdOnHibernate passes the specified value through to the GCP API to indicate\nwhether the content of any local SSDs should be preserved or discarded. See\nhttps://cloud.google.com/compute/docs/disks/local-ssd#stop_instance\nThis field is required when attempting to hibernate clusters with instances possessing\nSSDs -- e.g. those with GPUs." + type: "boolean" privateServiceConnect: description: "PrivateSericeConnect allows users to enable access to the cluster's API server using GCP\nPrivate Service Connect. It includes a forwarding rule paired with a Service Attachment\nacross GCP accounts and allows clients to connect to services using GCP internal networking\nof using public load balancers." properties: diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml index 55a12011a..51ff3590c 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml @@ -206,6 +206,9 @@ spec: - "sku" - "version" type: "object" + outboundType: + description: "OutboundType is a strategy for how egress from cluster is achieved. When not specified default is \"Loadbalancer\"." + type: "string" type: description: "InstanceType defines the azure instance type.\neg. Standard_DS_V2" type: "string" @@ -249,10 +252,7 @@ spec: minimum: 16.0 type: "integer" diskType: - description: "DiskType defines the type of disk.\nThe valid values are pd-standard and pd-ssd.\nDefaulted internally to pd-ssd." - enum: - - "pd-ssd" - - "pd-standard" + description: "DiskType defines the type of disk.\nThe valid values at this time are: pd-standard, pd-ssd, local-ssd, pd-balanced, hyperdisk-balanced.\nDefaulted internally to pd-ssd." type: "string" encryptionKey: description: "EncryptionKey defines the KMS key to be used to encrypt the disk." @@ -358,7 +358,7 @@ spec: description: "OpenStack is the configuration used when installing on OpenStack." properties: additionalSecurityGroupIDs: - description: "AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, where each ID\nis presented in the format sg-xxxx." + description: "AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, where each ID\nis presented in the UUID format." items: type: "string" type: "array" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml index 7546b8057..8f8c67db5 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml @@ -72,6 +72,9 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + enablePatchTemplates: + description: "EnablePatchTemplates, if True, causes hive to honor golang text/templates in Patches[].Patch\nstrings. While the standard syntax is supported, it won't do you a whole lot of good as the\nparser does not pass a data object (i.e. there is no \"dot\" for you to use). This currently\nexists to expose a single function: {{ fromCDLabel \"some.label/key\" }} will be substituted\nwith the string value of ClusterDeployment.Labels[\"some.label/key\"]. The empty string is\ninterpolated if there are no labels, or if the indicated key does not exist. Note that the\npatch string must be valid JSON after interpolation. This may make for odd-looking quoting\nin the uninterpolated string." + type: "boolean" enableResourceTemplates: description: "EnableResourceTemplates, if True, causes hive to honor golang text/templates in Resources.\nWhile the standard syntax is supported, it won't do you a whole lot of good as the parser\ndoes not pass a data object (i.e. there is no \"dot\" for you to use). This currently exists\nto expose a single function: {{ fromCDLabel \"some.label/key\" }} will\nbe substituted with the string value of ClusterDeployment.Labels[\"some.label/key\"]. The\nempty string is interpolated if there are no labels, or if the indicated key does not exist.\nNote that this only works in values (not e.g. map keys) that are of type string." type: "boolean" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml index f1021e255..c6590b539 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml @@ -51,6 +51,9 @@ spec: type: "object" x-kubernetes-map-type: "atomic" type: "array" + enablePatchTemplates: + description: "EnablePatchTemplates, if True, causes hive to honor golang text/templates in Patches[].Patch\nstrings. While the standard syntax is supported, it won't do you a whole lot of good as the\nparser does not pass a data object (i.e. there is no \"dot\" for you to use). This currently\nexists to expose a single function: {{ fromCDLabel \"some.label/key\" }} will be substituted\nwith the string value of ClusterDeployment.Labels[\"some.label/key\"]. The empty string is\ninterpolated if there are no labels, or if the indicated key does not exist. Note that the\npatch string must be valid JSON after interpolation. This may make for odd-looking quoting\nin the uninterpolated string." + type: "boolean" enableResourceTemplates: description: "EnableResourceTemplates, if True, causes hive to honor golang text/templates in Resources.\nWhile the standard syntax is supported, it won't do you a whole lot of good as the parser\ndoes not pass a data object (i.e. there is no \"dot\" for you to use). This currently exists\nto expose a single function: {{ fromCDLabel \"some.label/key\" }} will\nbe substituted with the string value of ClusterDeployment.Labels[\"some.label/key\"]. The\nempty string is interpolated if there are no labels, or if the indicated key does not exist.\nNote that this only works in values (not e.g. map keys) that are of type string." type: "boolean" diff --git a/crd-catalog/openshift/ocm-agent-operator/ocmagent.managed.openshift.io/v1alpha1/managednotifications.yaml b/crd-catalog/openshift/ocm-agent-operator/ocmagent.managed.openshift.io/v1alpha1/managednotifications.yaml index e58bacec9..226e672cb 100644 --- a/crd-catalog/openshift/ocm-agent-operator/ocmagent.managed.openshift.io/v1alpha1/managednotifications.yaml +++ b/crd-catalog/openshift/ocm-agent-operator/ocmagent.managed.openshift.io/v1alpha1/managednotifications.yaml @@ -63,6 +63,8 @@ spec: - "Warning" - "Major" - "Critical" + - "Error" + - "Fatal" type: "string" summary: description: "The summary line of the Service Log notification" diff --git a/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodepolicies.yaml b/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodepolicies.yaml index 2ffc9aec2..d108a732b 100644 --- a/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodepolicies.yaml +++ b/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodepolicies.yaml @@ -63,6 +63,9 @@ spec: type: "string" description: "external_ids field in the Interface table in OVSDB" type: "object" + mtuRequest: + description: "mtu_request field in the Interface table in OVSDB" + type: "integer" options: additionalProperties: type: "string" diff --git a/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodestates.yaml b/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodestates.yaml index c55f94d48..3c6719d65 100644 --- a/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodestates.yaml +++ b/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworknodestates.yaml @@ -82,6 +82,9 @@ spec: type: "string" description: "external_ids field in the Interface table in OVSDB" type: "object" + mtuRequest: + description: "mtu_request field in the Interface table in OVSDB" + type: "integer" options: additionalProperties: type: "string" @@ -151,6 +154,15 @@ spec: - "pciAddress" type: "object" type: "array" + system: + properties: + rdmaMode: + description: "RDMA subsystem. Allowed value \"shared\", \"exclusive\"." + enum: + - "shared" + - "exclusive" + type: "string" + type: "object" type: "object" status: description: "SriovNetworkNodeStateStatus defines the observed state of SriovNetworkNodeState" @@ -195,6 +207,9 @@ spec: type: "string" description: "external_ids field in the Interface table in OVSDB" type: "object" + mtuRequest: + description: "mtu_request field in the Interface table in OVSDB" + type: "integer" options: additionalProperties: type: "string" @@ -299,6 +314,15 @@ spec: type: "string" syncStatus: type: "string" + system: + properties: + rdmaMode: + description: "RDMA subsystem. Allowed value \"shared\", \"exclusive\"." + enum: + - "shared" + - "exclusive" + type: "string" + type: "object" type: "object" type: "object" served: true diff --git a/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworkpoolconfigs.yaml b/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworkpoolconfigs.yaml index 3ec5cf214..293198116 100644 --- a/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworkpoolconfigs.yaml +++ b/crd-catalog/openshift/sriov-network-operator/sriovnetwork.openshift.io/v1/sriovnetworkpoolconfigs.yaml @@ -73,6 +73,12 @@ spec: description: "Name is mandatory and must be unique.\nOn Kubernetes:\nName is the name of OvsHardwareOffloadConfig\nOn OpenShift:\nName is the name of MachineConfigPool to be enabled with OVS hardware offload" type: "string" type: "object" + rdmaMode: + description: "RDMA subsystem. Allowed value \"shared\", \"exclusive\"." + enum: + - "shared" + - "exclusive" + type: "string" type: "object" status: description: "SriovNetworkPoolConfigStatus defines the observed state of SriovNetworkPoolConfig" diff --git a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml index 7be568baf..e686b0be5 100644 --- a/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml +++ b/crd-catalog/percona/everest-operator/everest.percona.com/v1alpha1/databaseclusters.yaml @@ -50,7 +50,7 @@ spec: description: "DatabaseClusterSpec defines the desired state of DatabaseCluster." properties: allowUnsafeConfiguration: - description: "AllowUnsafeConfiguration field used to ensure that the user can create configurations unfit for production use." + description: "AllowUnsafeConfiguration field used to ensure that the user can create configurations unfit for production use.\n\nDeprecated: AllowUnsafeConfiguration will not be supported in the future releases." type: "boolean" backup: description: "Backup is the backup specification" diff --git a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgbackups.yaml b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgbackups.yaml index 0881631c7..df2c9af2a 100644 --- a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgbackups.yaml +++ b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgbackups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "perconapgbackups.pgv2.percona.com" spec: group: "pgv2.percona.com" @@ -115,6 +115,7 @@ spec: - "bucket" type: "object" name: + default: "repo1" description: "The name of the repository" pattern: "^repo[1-4]" type: "string" diff --git a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml index 7a690dbf6..0429cf9da 100644 --- a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml +++ b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "perconapgclusters.pgv2.percona.com" spec: group: "pgv2.percona.com" @@ -46,6 +46,9 @@ spec: type: "object" spec: properties: + autoCreateUserSchema: + description: "Whether or not the cluster has schemas automatically created for the user\ndefined in `spec.users` for all of the databases listed for that user." + type: "boolean" backups: description: "PostgreSQL backup configuration" properties: @@ -903,6 +906,9 @@ spec: x-kubernetes-list-type: "atomic" type: "object" type: "object" + backoffLimit: + format: "int32" + type: "integer" priorityClassName: description: "Priority class name for the pgBackRest backup Job pods.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" @@ -946,6 +952,9 @@ spec: description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" + restartPolicy: + description: "RestartPolicy describes how the container should be restarted.\nOnly one of the following restart policies may be specified.\nIf none of the following policies is specified, the default one\nis RestartPolicyAlways." + type: "string" securityContext: description: "SecurityContext defines the security settings for PGBackRest pod." properties: @@ -979,6 +988,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1740,6 +1752,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1996,6 +2011,7 @@ spec: - "bucket" type: "object" name: + default: "repo1" description: "The name of the repository" pattern: "^repo[1-4]" type: "string" @@ -2735,6 +2751,7 @@ spec: description: "Priority class name for the pgBackRest restore Job pod. Changing this\nvalue causes PostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" repoName: + default: "repo1" description: "The name of the pgBackRest repo within the source PostgresCluster that contains the backups\nthat should be utilized to perform a pgBackRest restore when initializing the data source\nfor the new PostgresCluster." pattern: "^repo[1-4]" type: "string" @@ -3698,6 +3715,7 @@ spec: - "bucket" type: "object" name: + default: "repo1" description: "The name of the repository" pattern: "^repo[1-4]" type: "string" @@ -4499,6 +4517,7 @@ spec: description: "Priority class name for the pgBackRest restore Job pod. Changing this\nvalue causes PostgreSQL to restart.\nMore info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/" type: "string" repoName: + default: "repo1" description: "The name of the pgBackRest repo within the source PostgresCluster that contains the backups\nthat should be utilized to perform a pgBackRest restore when initializing the data source\nfor the new PostgresCluster." pattern: "^repo[1-4]" type: "string" @@ -4788,6 +4807,8 @@ spec: type: "boolean" pg_stat_monitor: type: "boolean" + pgvector: + type: "boolean" type: "object" custom: items: @@ -4853,8 +4874,6 @@ spec: - "azure" type: "string" type: "object" - required: - - "image" type: "object" image: description: "The image name to use for PostgreSQL containers." @@ -5751,7 +5770,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -5761,7 +5780,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5799,7 +5818,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -5809,7 +5828,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5828,7 +5847,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -5838,7 +5857,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5876,7 +5895,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -5886,7 +5905,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -5906,7 +5925,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -5920,7 +5939,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -5934,7 +5953,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -5984,7 +6003,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -6045,7 +6064,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -6059,7 +6078,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -6073,7 +6092,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -6123,7 +6142,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -6311,7 +6330,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -6325,7 +6344,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -6339,7 +6358,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -6389,7 +6408,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -6592,6 +6611,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -6818,7 +6840,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -6828,7 +6850,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -6866,7 +6888,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -6876,7 +6898,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -6895,7 +6917,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -6905,7 +6927,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -6943,7 +6965,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -6953,7 +6975,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -6973,7 +6995,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -6987,7 +7009,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -7001,7 +7023,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -7051,7 +7073,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -7112,7 +7134,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -7126,7 +7148,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -7140,7 +7162,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -7190,7 +7212,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -7378,7 +7400,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -7392,7 +7414,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -7406,7 +7428,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -7456,7 +7478,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -7966,6 +7988,7 @@ spec: description: "Switchover gives options to perform ad hoc switchovers in a PostgresCluster." properties: enabled: + default: false description: "Whether or not the operator should allow switchovers in a PostgresCluster" type: "boolean" targetInstance: @@ -8173,7 +8196,7 @@ spec: type: "integer" postgresVersion: description: "The major version of PostgreSQL installed in the PostgreSQL image" - maximum: 16.0 + maximum: 17.0 minimum: 12.0 type: "integer" proxy: @@ -9171,6 +9194,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -9397,7 +9423,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -9407,7 +9433,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -9445,7 +9471,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -9455,7 +9481,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -9474,7 +9500,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -9484,7 +9510,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -9522,7 +9548,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -9532,7 +9558,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -9552,7 +9578,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -9566,7 +9592,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -9580,7 +9606,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -9630,7 +9656,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -9691,7 +9717,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -9705,7 +9731,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -9719,7 +9745,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -9769,7 +9795,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -9957,7 +9983,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -9971,7 +9997,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -9985,7 +10011,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -10035,7 +10061,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -10352,6 +10378,8 @@ spec: pattern: "^repo[1-4]" type: "string" type: "object" + tlsOnly: + type: "boolean" unmanaged: description: "Suspends the rollout and reconciliation of changes made to the\nPostgresCluster spec." type: "boolean" @@ -10413,6 +10441,12 @@ spec: properties: host: type: "string" + installedCustomExtensions: + items: + type: "string" + type: "array" + patroniVersion: + type: "string" pgbouncer: properties: ready: @@ -10450,17 +10484,11 @@ spec: size: format: "int32" type: "integer" - required: - - "instances" - - "ready" - - "size" + version: + type: "integer" type: "object" state: type: "string" - required: - - "pgbouncer" - - "postgres" - - "state" type: "object" required: - "metadata" diff --git a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgrestores.yaml b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgrestores.yaml index c10124b34..788955e65 100644 --- a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgrestores.yaml +++ b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgrestores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "perconapgrestores.pgv2.percona.com" spec: group: "pgv2.percona.com" diff --git a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgupgrades.yaml b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgupgrades.yaml index 7d426d093..8ddd38ec5 100644 --- a/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgupgrades.yaml +++ b/crd-catalog/percona/percona-postgresql-operator/pgv2.percona.com/v2/perconapgupgrades.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "perconapgupgrades.pgv2.percona.com" spec: group: "pgv2.percona.com" @@ -763,7 +763,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -773,7 +773,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -811,7 +811,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -821,7 +821,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -840,7 +840,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -850,7 +850,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -888,7 +888,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -898,7 +898,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -918,7 +918,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -932,7 +932,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -946,7 +946,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -996,7 +996,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1057,7 +1057,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1071,7 +1071,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1085,7 +1085,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1135,7 +1135,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1323,7 +1323,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1337,7 +1337,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1351,7 +1351,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1401,7 +1401,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1569,7 +1569,7 @@ spec: type: "string" toPostgresVersion: description: "The major version of PostgreSQL to be upgraded to." - maximum: 16.0 + maximum: 17.0 minimum: 13.0 type: "integer" tolerations: diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml index e6402bdb2..1f1338d25 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbbackups.yaml @@ -94,6 +94,13 @@ spec: type: "string" error: type: "string" + filesystem: + properties: + path: + type: "string" + required: + - "path" + type: "object" lastTransition: format: "date-time" type: "string" diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml index f1b9dc3ed..8b9d90be1 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbrestores.yaml @@ -64,6 +64,13 @@ spec: type: "string" error: type: "string" + filesystem: + properties: + path: + type: "string" + required: + - "path" + type: "object" lastTransition: format: "date-time" type: "string" diff --git a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml index 124a2c192..5cda516c5 100644 --- a/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml +++ b/crd-catalog/percona/percona-server-mongodb-operator/psmdb.percona.com/v1/perconaservermongodbs.yaml @@ -49,6 +49,8 @@ spec: properties: backupOptions: properties: + numParallelCollections: + type: "integer" oplogSpanMin: type: "number" priority: @@ -82,6 +84,8 @@ spec: type: "integer" numInsertionWorkers: type: "integer" + numParallelCollections: + type: "integer" type: "object" type: "object" containerSecurityContext: @@ -201,6 +205,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -307,6 +313,13 @@ spec: required: - "credentialsSecret" type: "object" + filesystem: + properties: + path: + type: "string" + required: + - "path" + type: "object" s3: properties: bucket: @@ -387,6 +400,28 @@ spec: - "name" type: "object" type: "array" + volumeMounts: + items: + properties: + mountPath: + type: "string" + mountPropagation: + type: "string" + name: + type: "string" + readOnly: + type: "boolean" + recursiveReadOnly: + type: "string" + subPath: + type: "string" + subPathExpr: + type: "string" + required: + - "mountPath" + - "name" + type: "object" + type: "array" required: - "enabled" - "image" @@ -4194,6 +4229,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -6230,6 +6267,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -11954,6 +11993,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -13990,6 +14031,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -16768,6 +16811,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -18734,7 +18779,6 @@ spec: type: "array" required: - "name" - - "passwordSecretRef" - "roles" type: "object" type: "array" @@ -18808,14 +18852,16 @@ spec: initialized: type: "boolean" members: - items: + additionalProperties: properties: name: type: "string" - version: + state: + type: "integer" + stateStr: type: "string" type: "object" - type: "array" + type: "object" message: type: "string" ready: diff --git a/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlbackups.yaml b/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlbackups.yaml index 5a531a4d9..d28dc4a6c 100644 --- a/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlbackups.yaml +++ b/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlbackups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.16.3" name: "perconaservermysqlbackups.ps.percona.com" spec: group: "ps.percona.com" @@ -646,6 +646,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlrestores.yaml b/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlrestores.yaml index 935510d4b..0c8dcffaa 100644 --- a/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlrestores.yaml +++ b/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqlrestores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.16.3" name: "perconaservermysqlrestores.ps.percona.com" spec: group: "ps.percona.com" @@ -630,6 +630,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqls.yaml b/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqls.yaml index d3c9c679d..45177c3a7 100644 --- a/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqls.yaml +++ b/crd-catalog/percona/percona-server-mysql-operator/ps.percona.com/v1alpha1/perconaservermysqls.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.1" + controller-gen.kubebuilder.io/version: "v0.16.3" name: "perconaservermysqls.ps.percona.com" spec: group: "ps.percona.com" @@ -900,6 +900,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -1371,8 +1373,13 @@ spec: format: "int32" type: "integer" required: + - "connectTimeout" + - "idleTime" - "image" + - "readTimeout" + - "serverId" - "storage" + - "writeTimeout" type: "object" enabled: type: "boolean" @@ -2011,6 +2018,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -3100,6 +3109,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -5873,6 +5884,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -7213,6 +7226,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -8427,6 +8442,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: diff --git a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterbackups.yaml b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterbackups.yaml index fa7c1c752..d2dbcb34d 100644 --- a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterbackups.yaml +++ b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterbackups.yaml @@ -56,6 +56,9 @@ spec: type: "string" spec: properties: + activeDeadlineSeconds: + format: "int64" + type: "integer" containerOptions: properties: args: @@ -142,8 +145,14 @@ spec: type: "object" pxcCluster: type: "string" + startingDeadlineSeconds: + format: "int64" + type: "integer" storageName: type: "string" + suspendedDeadlineSeconds: + format: "int64" + type: "integer" type: "object" status: properties: @@ -199,6 +208,8 @@ spec: type: "array" destination: type: "string" + error: + type: "string" image: type: "string" lastscheduled: diff --git a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterrestores.yaml b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterrestores.yaml index 92fc82699..694f2d932 100644 --- a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterrestores.yaml +++ b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusterrestores.yaml @@ -100,6 +100,8 @@ spec: type: "array" destination: type: "string" + error: + type: "string" image: type: "string" lastscheduled: @@ -274,6 +276,8 @@ spec: type: "array" destination: type: "string" + error: + type: "string" image: type: "string" lastscheduled: diff --git a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml index 4bafa1f1e..48ea79223 100644 --- a/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml +++ b/crd-catalog/percona/percona-xtradb-cluster-operator/pxc.percona.com/v1/perconaxtradbclusters.yaml @@ -54,6 +54,9 @@ spec: type: "boolean" backup: properties: + activeDeadlineSeconds: + format: "int64" + type: "integer" allowParallel: type: "boolean" annotations: @@ -139,6 +142,9 @@ spec: type: "array" serviceAccountName: type: "string" + startingDeadlineSeconds: + format: "int64" + type: "integer" storages: additionalProperties: properties: @@ -784,6 +790,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -1074,6 +1082,9 @@ spec: type: "object" type: "object" type: "object" + suspendedDeadlineSeconds: + format: "int64" + type: "integer" type: "object" crVersion: type: "string" @@ -1945,6 +1956,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -4330,10 +4343,172 @@ spec: type: "string" imagePullPolicy: type: "string" + livenessProbes: + properties: + exec: + properties: + command: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + failureThreshold: + format: "int32" + type: "integer" + grpc: + properties: + port: + format: "int32" + type: "integer" + service: + default: "" + type: "string" + required: + - "port" + type: "object" + httpGet: + properties: + host: + type: "string" + httpHeaders: + items: + properties: + name: + type: "string" + value: + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + path: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + scheme: + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + format: "int32" + type: "integer" + periodSeconds: + format: "int32" + type: "integer" + successThreshold: + format: "int32" + type: "integer" + tcpSocket: + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + terminationGracePeriodSeconds: + format: "int64" + type: "integer" + timeoutSeconds: + format: "int32" + type: "integer" + type: "object" proxysqlParams: type: "string" pxcParams: type: "string" + readinessProbes: + properties: + exec: + properties: + command: + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + failureThreshold: + format: "int32" + type: "integer" + grpc: + properties: + port: + format: "int32" + type: "integer" + service: + default: "" + type: "string" + required: + - "port" + type: "object" + httpGet: + properties: + host: + type: "string" + httpHeaders: + items: + properties: + name: + type: "string" + value: + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + path: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + scheme: + type: "string" + required: + - "port" + type: "object" + initialDelaySeconds: + format: "int32" + type: "integer" + periodSeconds: + format: "int32" + type: "integer" + successThreshold: + format: "int32" + type: "integer" + tcpSocket: + properties: + host: + type: "string" + port: + anyOf: + - type: "integer" + - type: "string" + x-kubernetes-int-or-string: true + required: + - "port" + type: "object" + terminationGracePeriodSeconds: + format: "int64" + type: "integer" + timeoutSeconds: + format: "int32" + type: "integer" + type: "object" resources: properties: claims: @@ -5209,6 +5384,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -8097,6 +8274,8 @@ spec: runAsUser: format: "int64" type: "integer" + seLinuxChangePolicy: + type: "string" seLinuxOptions: properties: level: @@ -10229,6 +10408,34 @@ spec: versionServiceEndpoint: type: "string" type: "object" + users: + items: + properties: + dbs: + items: + type: "string" + type: "array" + grants: + items: + type: "string" + type: "array" + hosts: + items: + type: "string" + type: "array" + name: + type: "string" + passwordSecretRef: + properties: + key: + type: "string" + name: + type: "string" + type: "object" + withGrantOption: + type: "boolean" + type: "object" + type: "array" vaultSecretName: type: "string" type: "object" diff --git a/crd-catalog/project-codeflare/codeflare-operator/workload.codeflare.dev/v1beta2/appwrappers.yaml b/crd-catalog/project-codeflare/codeflare-operator/workload.codeflare.dev/v1beta2/appwrappers.yaml index ab5290868..3cb4445a0 100644 --- a/crd-catalog/project-codeflare/codeflare-operator/workload.codeflare.dev/v1beta2/appwrappers.yaml +++ b/crd-catalog/project-codeflare/codeflare-operator/workload.codeflare.dev/v1beta2/appwrappers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "appwrappers.workload.codeflare.dev" spec: group: "workload.codeflare.dev" @@ -10,6 +10,8 @@ spec: kind: "AppWrapper" listKind: "AppWrapperList" plural: "appwrappers" + shortNames: + - "aw" singular: "appwrapper" scope: "Namespaced" versions: @@ -75,6 +77,18 @@ spec: type: "string" description: "NodeSelectors to be added to the PodSpecTemplate" type: "object" + schedulingGates: + description: "SchedulingGates to be added to the PodSpecTemplate" + items: + description: "PodSchedulingGate is associated to a Pod to guard its scheduling." + properties: + name: + description: "Name of the scheduling gate.\nEach scheduling gate must have a unique name field." + type: "string" + required: + - "name" + type: "object" + type: "array" tolerations: description: "Tolerations to be added to the PodSpecTemplate" items: @@ -146,9 +160,9 @@ spec: description: "APIVersion is the APIVersion of the Component" type: "string" conditions: - description: "Conditions hold the latest available observations of the Component's current state.\n\n\nThe type of the condition could be:\n\n\n- ResourcesDeployed: The component is deployed on the cluster" + description: "Conditions hold the latest available observations of the Component's current state.\n\nThe type of the condition could be:\n\n- ResourcesDeployed: The component is deployed on the cluster" items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -177,7 +191,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -222,9 +236,9 @@ spec: type: "object" type: "array" conditions: - description: "Conditions hold the latest available observations of the AppWrapper current state.\n\n\nThe type of the condition could be:\n\n\n- QuotaReserved: The AppWrapper was admitted by Kueue and has quota allocated to it\n- ResourcesDeployed: The contained resources are deployed (or being deployed) on the cluster\n- PodsReady: All pods of the contained resources are in the Ready or Succeeded state\n- Unhealthy: One or more of the contained resources is unhealthy\n- DeletingResources: The contained resources are in the process of being deleted from the cluster" + description: "Conditions hold the latest available observations of the AppWrapper current state.\n\nThe type of the condition could be:\n\n- QuotaReserved: The AppWrapper was admitted by Kueue and has quota allocated to it\n- ResourcesDeployed: The contained resources are deployed (or being deployed) on the cluster\n- PodsReady: All pods of the contained resources are in the Ready or Succeeded state\n- Unhealthy: One or more of the contained resources is unhealthy\n- DeletingResources: The contained resources are in the process of being deleted from the cluster" items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -253,7 +267,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpconfigurations.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpconfigurations.yaml index 11e20fd59..eb8a7d145 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpconfigurations.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpconfigurations.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "bgpconfigurations.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -18,10 +20,10 @@ spec: description: "BGPConfiguration contains the configuration for any BGP routing." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -33,7 +35,7 @@ spec: format: "int32" type: "integer" bindMode: - description: "BindMode indicates whether to listen for BGP connections on all addresses (None) or only on the node's canonical IP address Node.Spec.BGP.IPvXAddress (NodeIP). Default behaviour is to listen for BGP connections on all addresses." + description: "BindMode indicates whether to listen for BGP connections on all addresses (None)\nor only on the node's canonical IP address Node.Spec.BGP.IPvXAddress (NodeIP).\nDefault behaviour is to listen for BGP connections on all addresses." type: "string" communities: description: "Communities is a list of BGP community values and their arbitrary names for tagging routes." @@ -44,7 +46,7 @@ spec: description: "Name given to community value." type: "string" value: - description: "Value must be of format `aa:nn` or `aa:nn:mm`. For standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number. For large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number. Where, `aa` is an AS Number, `nn` and `mm` are per-AS identifier." + description: "Value must be of format `aa:nn` or `aa:nn:mm`.\nFor standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number.\nFor large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number.\nWhere, `aa` is an AS Number, `nn` and `mm` are per-AS identifier." pattern: "^(\\d+):(\\d+)$|^(\\d+):(\\d+):(\\d+)$" type: "string" type: "object" @@ -63,10 +65,10 @@ spec: description: "LogSeverityScreen is the log severity above which logs are sent to the stdout. [Default: INFO]" type: "string" nodeMeshMaxRestartTime: - description: "Time to allow for software restart for node-to-mesh peerings. When specified, this is configured as the graceful restart timeout. When not specified, the BIRD default of 120s is used. This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled" + description: "Time to allow for software restart for node-to-mesh peerings. When specified, this is configured\nas the graceful restart timeout. When not specified, the BIRD default of 120s is used.\nThis field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled" type: "string" nodeMeshPassword: - description: "Optional BGP password for full node-to-mesh peerings. This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled" + description: "Optional BGP password for full node-to-mesh peerings.\nThis field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled" properties: secretKeyRef: description: "Selects a key of a secret in the node pod's namespace." @@ -76,7 +78,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -84,6 +86,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" nodeToNodeMeshEnabled: description: "NodeToNodeMeshEnabled sets whether full node to node BGP mesh is enabled. [Default: true]" @@ -97,14 +100,14 @@ spec: description: "CIDR for which properties should be advertised." type: "string" communities: - description: "Communities can be list of either community names already defined in `Specs.Communities` or community value of format `aa:nn` or `aa:nn:mm`. For standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number. For large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number. Where,`aa` is an AS Number, `nn` and `mm` are per-AS identifier." + description: "Communities can be list of either community names already defined in `Specs.Communities` or community value of format `aa:nn` or `aa:nn:mm`.\nFor standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number.\nFor large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number.\nWhere,`aa` is an AS Number, `nn` and `mm` are per-AS identifier." items: type: "string" type: "array" type: "object" type: "array" serviceClusterIPs: - description: "ServiceClusterIPs are the CIDR blocks from which service cluster IPs are allocated. If specified, Calico will advertise these blocks, as well as any cluster IPs within them." + description: "ServiceClusterIPs are the CIDR blocks from which service cluster IPs are allocated.\nIf specified, Calico will advertise these blocks, as well as any cluster IPs within them." items: description: "ServiceClusterIPBlock represents a single allowed ClusterIP CIDR block." properties: @@ -113,7 +116,7 @@ spec: type: "object" type: "array" serviceExternalIPs: - description: "ServiceExternalIPs are the CIDR blocks for Kubernetes Service External IPs. Kubernetes Service ExternalIPs will only be advertised if they are within one of these blocks." + description: "ServiceExternalIPs are the CIDR blocks for Kubernetes Service External IPs.\nKubernetes Service ExternalIPs will only be advertised if they are within one of these blocks." items: description: "ServiceExternalIPBlock represents a single allowed External IP CIDR block." properties: @@ -122,7 +125,7 @@ spec: type: "object" type: "array" serviceLoadBalancerIPs: - description: "ServiceLoadBalancerIPs are the CIDR blocks for Kubernetes Service LoadBalancer IPs. Kubernetes Service status.LoadBalancer.Ingress IPs will only be advertised if they are within one of these blocks." + description: "ServiceLoadBalancerIPs are the CIDR blocks for Kubernetes Service LoadBalancer IPs.\nKubernetes Service status.LoadBalancer.Ingress IPs will only be advertised if they are within one of these blocks." items: description: "ServiceLoadBalancerIPBlock represents a single allowed LoadBalancer IP CIDR block." properties: @@ -134,9 +137,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpfilters.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpfilters.yaml index abb464d65..eaa11ab2f 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpfilters.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgpfilters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "(devel)" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "bgpfilters.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -11,6 +11,7 @@ spec: listKind: "BGPFilterList" plural: "bgpfilters" singular: "bgpfilter" + preserveUnknownFields: false scope: "Cluster" versions: - name: "v1" @@ -18,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -160,9 +161,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgppeers.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgppeers.yaml index 20ddecb9c..83e104001 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgppeers.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/bgppeers.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "bgppeers.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,19 +39,19 @@ spec: type: "string" type: "array" keepOriginalNextHop: - description: "Option to keep the original nexthop field when routes are sent to a BGP Peer. Setting \"true\" configures the selected BGP Peers node to use the \"next hop keep;\" instead of \"next hop self;\"(default) in the specific branch of the Node on \"bird.cfg\"." + description: "Option to keep the original nexthop field when routes are sent to a BGP Peer.\nSetting \"true\" configures the selected BGP Peers node to use the \"next hop keep;\"\ninstead of \"next hop self;\"(default) in the specific branch of the Node on \"bird.cfg\"." type: "boolean" maxRestartTime: - description: "Time to allow for software restart. When specified, this is configured as the graceful restart timeout. When not specified, the BIRD default of 120s is used." + description: "Time to allow for software restart. When specified, this is configured as the graceful\nrestart timeout. When not specified, the BIRD default of 120s is used." type: "string" node: - description: "The node name identifying the Calico node instance that is targeted by this peer. If this is not set, and no nodeSelector is specified, then this BGP peer selects all nodes in the cluster." + description: "The node name identifying the Calico node instance that is targeted by this peer.\nIf this is not set, and no nodeSelector is specified, then this BGP peer selects all\nnodes in the cluster." type: "string" nodeSelector: - description: "Selector for the nodes that should have this peering. When this is set, the Node field must be empty." + description: "Selector for the nodes that should have this peering. When this is set, the Node\nfield must be empty." type: "string" numAllowedLocalASNumbers: - description: "Maximum number of local AS numbers that are allowed in the AS path for received routes. This removes BGP loop prevention and should only be used if absolutely necessary." + description: "Maximum number of local AS numbers that are allowed in the AS path for received routes.\nThis removes BGP loop prevention and should only be used if absolutely necessary." format: "int32" type: "integer" password: @@ -63,7 +65,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -71,29 +73,24 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" peerIP: - description: "The IP address of the peer followed by an optional port number to peer with. If port number is given, format should be `[]:port` or `:` for IPv4. If optional port number is not set, and this peer IP and ASNumber belongs to a calico/node with ListenPort set in BGPConfiguration, then we use that port to peer." + description: "The IP address of the peer followed by an optional port number to peer with.\nIf port number is given, format should be `[]:port` or `:` for IPv4.\nIf optional port number is not set, and this peer IP and ASNumber belongs to a calico/node\nwith ListenPort set in BGPConfiguration, then we use that port to peer." type: "string" peerSelector: - description: "Selector for the remote nodes to peer with. When this is set, the PeerIP and ASNumber fields must be empty. For each peering between the local node and selected remote nodes, we configure an IPv4 peering if both ends have NodeBGPSpec.IPv4Address specified, and an IPv6 peering if both ends have NodeBGPSpec.IPv6Address specified. The remote AS number comes from the remote node's NodeBGPSpec.ASNumber, or the global default if that is not set." + description: "Selector for the remote nodes to peer with. When this is set, the PeerIP and\nASNumber fields must be empty. For each peering between the local node and\nselected remote nodes, we configure an IPv4 peering if both ends have\nNodeBGPSpec.IPv4Address specified, and an IPv6 peering if both ends have\nNodeBGPSpec.IPv6Address specified. The remote AS number comes from the remote\nnode's NodeBGPSpec.ASNumber, or the global default if that is not set." type: "string" reachableBy: - description: "Add an exact, i.e. /32, static route toward peer IP in order to prevent route flapping. ReachableBy contains the address of the gateway which peer can be reached by." + description: "Add an exact, i.e. /32, static route toward peer IP in order to prevent route flapping.\nReachableBy contains the address of the gateway which peer can be reached by." type: "string" sourceAddress: - description: "Specifies whether and how to configure a source address for the peerings generated by this BGPPeer resource. Default value \"UseNodeIP\" means to configure the node IP as the source address. \"None\" means not to configure a source address." + description: "Specifies whether and how to configure a source address for the peerings generated by\nthis BGPPeer resource. Default value \"UseNodeIP\" means to configure the node IP as the\nsource address. \"None\" means not to configure a source address." type: "string" ttlSecurity: - description: "TTLSecurity enables the generalized TTL security mechanism (GTSM) which protects against spoofed packets by ignoring received packets with a smaller than expected TTL value. The provided value is the number of hops (edges) between the peers." + description: "TTLSecurity enables the generalized TTL security mechanism (GTSM) which protects against spoofed packets by\nignoring received packets with a smaller than expected TTL value. The provided value is the number of hops\n(edges) between the peers." type: "integer" type: "object" type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/blockaffinities.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/blockaffinities.yaml index eb36d320e..c10f67423 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/blockaffinities.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/blockaffinities.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "blockaffinities.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,12 +32,14 @@ spec: cidr: type: "string" deleted: - description: "Deleted indicates that this block affinity is being deleted. This field is a string for compatibility with older releases that mistakenly treat this field as a string." + description: "Deleted indicates that this block affinity is being deleted.\nThis field is a string for compatibility with older releases that\nmistakenly treat this field as a string." type: "string" node: type: "string" state: type: "string" + type: + type: "string" required: - "cidr" - "deleted" @@ -45,9 +49,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/caliconodestatuses.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/caliconodestatuses.yaml index 278886891..e07755758 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/caliconodestatuses.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/caliconodestatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "(devel)" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "caliconodestatuses.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -19,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,7 +30,7 @@ spec: description: "CalicoNodeStatusSpec contains the specification for a CalicoNodeStatus resource." properties: classes: - description: "Classes declares the types of information to monitor for this calico/node, and allows for selective status reporting about certain subsets of information." + description: "Classes declares the types of information to monitor for this calico/node,\nand allows for selective status reporting about certain subsets of information." items: type: "string" type: "array" @@ -38,12 +38,12 @@ spec: description: "The node name identifies the Calico node instance for node status." type: "string" updatePeriodSeconds: - description: "UpdatePeriodSeconds is the period at which CalicoNodeStatus should be updated. Set to 0 to disable CalicoNodeStatus refresh. Maximum update period is one day." + description: "UpdatePeriodSeconds is the period at which CalicoNodeStatus should be updated.\nSet to 0 to disable CalicoNodeStatus refresh. Maximum update period is one day." format: "int32" type: "integer" type: "object" status: - description: "CalicoNodeStatusStatus defines the observed state of CalicoNodeStatus. No validation needed for status since it is updated by Calico." + description: "CalicoNodeStatusStatus defines the observed state of CalicoNodeStatus.\nNo validation needed for status since it is updated by Calico." properties: agent: description: "Agent holds agent status on the node." @@ -117,7 +117,7 @@ spec: description: "State is the BGP session state." type: "string" type: - description: "Type indicates whether this peer is configured via the node-to-node mesh, or via en explicit global or per-node BGPPeer object." + description: "Type indicates whether this peer is configured via the node-to-node mesh,\nor via en explicit global or per-node BGPPeer object." type: "string" type: "object" type: "array" @@ -136,7 +136,7 @@ spec: description: "State is the BGP session state." type: "string" type: - description: "Type indicates whether this peer is configured via the node-to-node mesh, or via en explicit global or per-node BGPPeer object." + description: "Type indicates whether this peer is configured via the node-to-node mesh,\nor via en explicit global or per-node BGPPeer object." type: "string" type: "object" type: "array" @@ -147,7 +147,7 @@ spec: - "numberNotEstablishedV6" type: "object" lastUpdated: - description: "LastUpdated is a timestamp representing the server time when CalicoNodeStatus object last updated. It is represented in RFC3339 form and is in UTC." + description: "LastUpdated is a timestamp representing the server time when CalicoNodeStatus object\nlast updated. It is represented in RFC3339 form and is in UTC." format: "date-time" nullable: true type: "string" @@ -217,9 +217,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/clusterinformations.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/clusterinformations.yaml index 835dad2c5..e051622d1 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/clusterinformations.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/clusterinformations.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "clusterinformations.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -18,10 +20,10 @@ spec: description: "ClusterInformation contains the cluster specific information." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -38,7 +40,7 @@ spec: description: "ClusterType describes the type of the cluster" type: "string" datastoreReady: - description: "DatastoreReady is used during significant datastore migrations to signal to components such as Felix that it should wait before accessing the datastore." + description: "DatastoreReady is used during significant datastore migrations to signal to components\nsuch as Felix that it should wait before accessing the datastore." type: "boolean" variant: description: "Variant declares which variant of Calico should be active." @@ -47,9 +49,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml index 013eb93c6..1cafbc450 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/felixconfigurations.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "felixconfigurations.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -18,10 +20,10 @@ spec: description: "Felix Configuration contains the configuration for Felix." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -29,222 +31,274 @@ spec: description: "FelixConfigurationSpec contains the values of the Felix configuration." properties: allowIPIPPacketsFromWorkloads: - description: "AllowIPIPPacketsFromWorkloads controls whether Felix will add a rule to drop IPIP encapsulated traffic from workloads. [Default: false]" + description: "AllowIPIPPacketsFromWorkloads controls whether Felix will add a rule to drop IPIP encapsulated traffic\nfrom workloads. [Default: false]" type: "boolean" allowVXLANPacketsFromWorkloads: - description: "AllowVXLANPacketsFromWorkloads controls whether Felix will add a rule to drop VXLAN encapsulated traffic from workloads. [Default: false]" + description: "AllowVXLANPacketsFromWorkloads controls whether Felix will add a rule to drop VXLAN encapsulated traffic\nfrom workloads. [Default: false]" type: "boolean" awsSrcDstCheck: - description: "AWSSrcDstCheck controls whether Felix will try to change the \"source/dest check\" setting on the EC2 instance on which it is running. A value of \"Disable\" will try to disable the source/dest check. Disabling the check allows for sending workload traffic without encapsulation within the same AWS subnet. [Default: DoNothing]" + description: "AWSSrcDstCheck controls whether Felix will try to change the \"source/dest check\" setting on the EC2 instance\non which it is running. A value of \"Disable\" will try to disable the source/dest check. Disabling the check\nallows for sending workload traffic without encapsulation within the same AWS subnet.\n[Default: DoNothing]" enum: - "DoNothing" - "Enable" - "Disable" type: "string" bpfCTLBLogFilter: - description: "BPFCTLBLogFilter specifies, what is logged by connect time load balancer when BPFLogLevel is debug. Currently has to be specified as 'all' when BPFLogFilters is set to see CTLB logs. [Default: unset - means logs are emitted when BPFLogLevel id debug and BPFLogFilters not set.]" + description: "BPFCTLBLogFilter specifies, what is logged by connect time load balancer when BPFLogLevel is\ndebug. Currently has to be specified as 'all' when BPFLogFilters is set\nto see CTLB logs.\n[Default: unset - means logs are emitted when BPFLogLevel id debug and BPFLogFilters not set.]" type: "string" bpfConnectTimeLoadBalancing: - description: "BPFConnectTimeLoadBalancing when in BPF mode, controls whether Felix installs the connect-time load balancer. The connect-time load balancer is required for the host to be able to reach Kubernetes services and it improves the performance of pod-to-service connections.When set to TCP, connect time load balancing is available only for services with TCP ports. [Default: TCP]" + description: "BPFConnectTimeLoadBalancing when in BPF mode, controls whether Felix installs the connect-time load\nbalancer. The connect-time load balancer is required for the host to be able to reach Kubernetes services\nand it improves the performance of pod-to-service connections.When set to TCP, connect time load balancing\nis available only for services with TCP ports. [Default: TCP]" enum: - "TCP" - "Enabled" - "Disabled" type: "string" bpfConnectTimeLoadBalancingEnabled: - description: "BPFConnectTimeLoadBalancingEnabled when in BPF mode, controls whether Felix installs the connection-time load balancer. The connect-time load balancer is required for the host to be able to reach Kubernetes services and it improves the performance of pod-to-service connections. The only reason to disable it is for debugging purposes. \n Deprecated: Use BPFConnectTimeLoadBalancing [Default: true]" + description: "BPFConnectTimeLoadBalancingEnabled when in BPF mode, controls whether Felix installs the connection-time load\nbalancer. The connect-time load balancer is required for the host to be able to reach Kubernetes services\nand it improves the performance of pod-to-service connections. The only reason to disable it is for debugging\npurposes.\n\nDeprecated: Use BPFConnectTimeLoadBalancing [Default: true]" type: "boolean" bpfConntrackLogLevel: - description: "BPFConntrackLogLevel controls the log level of the BPF conntrack cleanup program, which runs periodically to clean up expired BPF conntrack entries. [Default: Off]." + description: "BPFConntrackLogLevel controls the log level of the BPF conntrack cleanup program, which runs periodically\nto clean up expired BPF conntrack entries.\n[Default: Off]." enum: - "Off" - "Debug" type: "string" bpfConntrackMode: - description: "BPFConntrackCleanupMode controls how BPF conntrack entries are cleaned up. `Auto` will use a BPF program if supported, falling back to userspace if not. `Userspace` will always use the userspace cleanup code. `BPFProgram` will always use the BPF program (failing if not supported). [Default: Auto]" + description: "BPFConntrackCleanupMode controls how BPF conntrack entries are cleaned up. `Auto` will use a BPF program if supported,\nfalling back to userspace if not. `Userspace` will always use the userspace cleanup code. `BPFProgram` will\nalways use the BPF program (failing if not supported).\n[Default: Auto]" enum: - "Auto" - "Userspace" - "BPFProgram" type: "string" + bpfConntrackTimeouts: + description: "BPFConntrackTimers overrides the default values for the specified conntrack timer if\nset. Each value can be either a duration or `Auto` to pick the value from\na Linux conntrack timeout.\n\nConfigurable timers are: CreationGracePeriod, TCPSynSent,\nTCPEstablished, TCPFinsSeen, TCPResetSeen, UDPTimeout, GenericTimeout,\nICMPTimeout.\n\nUnset values are replaced by the default values with a warning log for\nincorrect values." + properties: + creationGracePeriod: + description: " CreationGracePeriod gives a generic grace period to new connection\n before they are considered for cleanup [Default: 10s]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + genericTimeout: + description: "GenericTimeout controls how long it takes before considering this\nentry for cleanup after the connection became idle. If set to 'Auto', the\nvalue from nf_conntrack_generic_timeout is used. If nil, Calico uses its\nown default value. [Default: 10m]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + icmpTimeout: + description: "ICMPTimeout controls how long it takes before considering this\nentry for cleanup after the connection became idle. If set to 'Auto', the\nvalue from nf_conntrack_icmp_timeout is used. If nil, Calico uses its\nown default value. [Default: 5s]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + tcpEstablished: + description: "TCPEstablished controls how long it takes before considering this entry for\ncleanup after the connection became idle. If set to 'Auto', the\nvalue from nf_conntrack_tcp_timeout_established is used. If nil, Calico uses\nits own default value. [Default: 1h]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + tcpFinsSeen: + description: "TCPFinsSeen controls how long it takes before considering this entry for\ncleanup after the connection was closed gracefully. If set to 'Auto', the\nvalue from nf_conntrack_tcp_timeout_time_wait is used. If nil, Calico uses\nits own default value. [Default: Auto]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + tcpResetSeen: + description: "TCPResetSeen controls how long it takes before considering this entry for\ncleanup after the connection was aborted. If nil, Calico uses its own\ndefault value. [Default: 40s]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + tcpSynSent: + description: "TCPSynSent controls how long it takes before considering this entry for\ncleanup after the last SYN without a response. If set to 'Auto', the\nvalue from nf_conntrack_tcp_timeout_syn_sent is used. If nil, Calico uses\nits own default value. [Default: 20s]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + udpTimeout: + description: "UDPTimeout controls how long it takes before considering this entry for\ncleanup after the connection became idle. If nil, Calico uses its own\ndefault value. [Default: 60s]." + pattern: "^(([0-9]*(\\.[0-9]*)?(ms|s|h|m|us)+)+|Auto)$" + type: "string" + type: "object" bpfDSROptoutCIDRs: - description: "BPFDSROptoutCIDRs is a list of CIDRs which are excluded from DSR. That is, clients in those CIDRs will access service node ports as if BPFExternalServiceMode was set to Tunnel." + description: "BPFDSROptoutCIDRs is a list of CIDRs which are excluded from DSR. That is, clients\nin those CIDRs will access service node ports as if BPFExternalServiceMode was set to\nTunnel." items: type: "string" type: "array" bpfDataIfacePattern: - description: "BPFDataIfacePattern is a regular expression that controls which interfaces Felix should attach BPF programs to in order to catch traffic to/from the network. This needs to match the interfaces that Calico workload traffic flows over as well as any interfaces that handle incoming traffic to nodeports and services from outside the cluster. It should not match the workload interfaces (usually named cali...)." + description: "BPFDataIfacePattern is a regular expression that controls which interfaces Felix should attach BPF programs to\nin order to catch traffic to/from the network. This needs to match the interfaces that Calico workload traffic\nflows over as well as any interfaces that handle incoming traffic to nodeports and services from outside the\ncluster. It should not match the workload interfaces (usually named cali...) or any other special device managed\nby Calico itself (e.g., tunnels)." type: "string" bpfDisableGROForIfaces: - description: "BPFDisableGROForIfaces is a regular expression that controls which interfaces Felix should disable the Generic Receive Offload [GRO] option. It should not match the workload interfaces (usually named cali...)." + description: "BPFDisableGROForIfaces is a regular expression that controls which interfaces Felix should disable the\nGeneric Receive Offload [GRO] option. It should not match the workload interfaces (usually named cali...)." type: "string" bpfDisableUnprivileged: - description: "BPFDisableUnprivileged, if enabled, Felix sets the kernel.unprivileged_bpf_disabled sysctl to disable unprivileged use of BPF. This ensures that unprivileged users cannot access Calico's BPF maps and cannot insert their own BPF programs to interfere with Calico's. [Default: true]" + description: "BPFDisableUnprivileged, if enabled, Felix sets the kernel.unprivileged_bpf_disabled sysctl to disable\nunprivileged use of BPF. This ensures that unprivileged users cannot access Calico's BPF maps and\ncannot insert their own BPF programs to interfere with Calico's. [Default: true]" type: "boolean" bpfEnabled: description: "BPFEnabled, if enabled Felix will use the BPF dataplane. [Default: false]" type: "boolean" bpfEnforceRPF: - description: "BPFEnforceRPF enforce strict RPF on all host interfaces with BPF programs regardless of what is the per-interfaces or global setting. Possible values are Disabled, Strict or Loose. [Default: Loose]" + description: "BPFEnforceRPF enforce strict RPF on all host interfaces with BPF programs regardless of\nwhat is the per-interfaces or global setting. Possible values are Disabled, Strict\nor Loose. [Default: Loose]" pattern: "^(?i)(Disabled|Strict|Loose)?$" type: "string" bpfExcludeCIDRsFromNAT: - description: "BPFExcludeCIDRsFromNAT is a list of CIDRs that are to be excluded from NAT resolution so that host can handle them. A typical usecase is node local DNS cache." + description: "BPFExcludeCIDRsFromNAT is a list of CIDRs that are to be excluded from NAT\nresolution so that host can handle them. A typical usecase is node local\nDNS cache." items: type: "string" type: "array" + bpfExportBufferSizeMB: + description: "BPFExportBufferSizeMB in BPF mode, controls the buffer size used for sending BPF events to felix.\n[Default: 1]" + type: "integer" bpfExtToServiceConnmark: - description: "BPFExtToServiceConnmark in BPF mode, controls a 32bit mark that is set on connections from an external client to a local service. This mark allows us to control how packets of that connection are routed within the host and how is routing interpreted by RPF check. [Default: 0]" + description: "BPFExtToServiceConnmark in BPF mode, controls a 32bit mark that is set on connections from an\nexternal client to a local service. This mark allows us to control how packets of that\nconnection are routed within the host and how is routing interpreted by RPF check. [Default: 0]" type: "integer" bpfExternalServiceMode: - description: "BPFExternalServiceMode in BPF mode, controls how connections from outside the cluster to services (node ports and cluster IPs) are forwarded to remote workloads. If set to \"Tunnel\" then both request and response traffic is tunneled to the remote node. If set to \"DSR\", the request traffic is tunneled but the response traffic is sent directly from the remote node. In \"DSR\" mode, the remote node appears to use the IP of the ingress node; this requires a permissive L2 network. [Default: Tunnel]" + description: "BPFExternalServiceMode in BPF mode, controls how connections from outside the cluster to services (node ports\nand cluster IPs) are forwarded to remote workloads. If set to \"Tunnel\" then both request and response traffic\nis tunneled to the remote node. If set to \"DSR\", the request traffic is tunneled but the response traffic\nis sent directly from the remote node. In \"DSR\" mode, the remote node appears to use the IP of the ingress\nnode; this requires a permissive L2 network. [Default: Tunnel]" pattern: "^(?i)(Tunnel|DSR)?$" type: "string" bpfForceTrackPacketsFromIfaces: - description: "BPFForceTrackPacketsFromIfaces in BPF mode, forces traffic from these interfaces to skip Calico's iptables NOTRACK rule, allowing traffic from those interfaces to be tracked by Linux conntrack. Should only be used for interfaces that are not used for the Calico fabric. For example, a docker bridge device for non-Calico-networked containers. [Default: docker+]" + description: "BPFForceTrackPacketsFromIfaces in BPF mode, forces traffic from these interfaces\nto skip Calico's iptables NOTRACK rule, allowing traffic from those interfaces to be\ntracked by Linux conntrack. Should only be used for interfaces that are not used for\nthe Calico fabric. For example, a docker bridge device for non-Calico-networked\ncontainers. [Default: docker+]" items: type: "string" type: "array" bpfHostConntrackBypass: - description: "BPFHostConntrackBypass Controls whether to bypass Linux conntrack in BPF mode for workloads and services. [Default: true - bypass Linux conntrack]" + description: "BPFHostConntrackBypass Controls whether to bypass Linux conntrack in BPF mode for\nworkloads and services. [Default: true - bypass Linux conntrack]" type: "boolean" bpfHostNetworkedNATWithoutCTLB: - description: "BPFHostNetworkedNATWithoutCTLB when in BPF mode, controls whether Felix does a NAT without CTLB. This along with BPFConnectTimeLoadBalancing determines the CTLB behavior. [Default: Enabled]" + description: "BPFHostNetworkedNATWithoutCTLB when in BPF mode, controls whether Felix does a NAT without CTLB. This along with BPFConnectTimeLoadBalancing\ndetermines the CTLB behavior. [Default: Enabled]" enum: - "Enabled" - "Disabled" type: "string" bpfKubeProxyEndpointSlicesEnabled: - description: "BPFKubeProxyEndpointSlicesEnabled is deprecated and has no effect. BPF kube-proxy always accepts endpoint slices. This option will be removed in the next release." + description: "BPFKubeProxyEndpointSlicesEnabled is deprecated and has no effect. BPF\nkube-proxy always accepts endpoint slices. This option will be removed in\nthe next release." type: "boolean" bpfKubeProxyIptablesCleanupEnabled: - description: "BPFKubeProxyIptablesCleanupEnabled, if enabled in BPF mode, Felix will proactively clean up the upstream Kubernetes kube-proxy's iptables chains. Should only be enabled if kube-proxy is not running. [Default: true]" + description: "BPFKubeProxyIptablesCleanupEnabled, if enabled in BPF mode, Felix will proactively clean up the upstream\nKubernetes kube-proxy's iptables chains. Should only be enabled if kube-proxy is not running. [Default: true]" type: "boolean" bpfKubeProxyMinSyncPeriod: - description: "BPFKubeProxyMinSyncPeriod, in BPF mode, controls the minimum time between updates to the dataplane for Felix's embedded kube-proxy. Lower values give reduced set-up latency. Higher values reduce Felix CPU usage by batching up more work. [Default: 1s]" + description: "BPFKubeProxyMinSyncPeriod, in BPF mode, controls the minimum time between updates to the dataplane for Felix's\nembedded kube-proxy. Lower values give reduced set-up latency. Higher values reduce Felix CPU usage by\nbatching up more work. [Default: 1s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" bpfL3IfacePattern: - description: "BPFL3IfacePattern is a regular expression that allows to list tunnel devices like wireguard or vxlan (i.e., L3 devices) in addition to BPFDataIfacePattern. That is, tunnel interfaces not created by Calico, that Calico workload traffic flows over as well as any interfaces that handle incoming traffic to nodeports and services from outside the cluster." + description: "BPFL3IfacePattern is a regular expression that allows to list tunnel devices like wireguard or vxlan (i.e., L3 devices)\nin addition to BPFDataIfacePattern. That is, tunnel interfaces not created by Calico, that Calico workload traffic flows\nover as well as any interfaces that handle incoming traffic to nodeports and services from outside the cluster." type: "string" bpfLogFilters: additionalProperties: type: "string" - description: "BPFLogFilters is a map of key=values where the value is a pcap filter expression and the key is an interface name with 'all' denoting all interfaces, 'weps' all workload endpoints and 'heps' all host endpoints. \n When specified as an env var, it accepts a comma-separated list of key=values. [Default: unset - means all debug logs are emitted]" + description: "BPFLogFilters is a map of key=values where the value is\na pcap filter expression and the key is an interface name with 'all'\ndenoting all interfaces, 'weps' all workload endpoints and 'heps' all host\nendpoints.\n\nWhen specified as an env var, it accepts a comma-separated list of\nkey=values.\n[Default: unset - means all debug logs are emitted]" type: "object" bpfLogLevel: - description: "BPFLogLevel controls the log level of the BPF programs when in BPF dataplane mode. One of \"Off\", \"Info\", or \"Debug\". The logs are emitted to the BPF trace pipe, accessible with the command `tc exec bpf debug`. [Default: Off]." + description: "BPFLogLevel controls the log level of the BPF programs when in BPF dataplane mode. One of \"Off\", \"Info\", or\n\"Debug\". The logs are emitted to the BPF trace pipe, accessible with the command `tc exec bpf debug`.\n[Default: Off]." pattern: "^(?i)(Off|Info|Debug)?$" type: "string" bpfMapSizeConntrack: - description: "BPFMapSizeConntrack sets the size for the conntrack map. This map must be large enough to hold an entry for each active connection. Warning: changing the size of the conntrack map can cause disruption." + description: "BPFMapSizeConntrack sets the size for the conntrack map. This map must be large enough to hold\nan entry for each active connection. Warning: changing the size of the conntrack map can cause disruption." type: "integer" bpfMapSizeConntrackCleanupQueue: - description: "BPFMapSizeConntrackCleanupQueue sets the size for the map used to hold NAT conntrack entries that are queued for cleanup. This should be big enough to hold all the NAT entries that expire within one cleanup interval." + description: "BPFMapSizeConntrackCleanupQueue sets the size for the map used to hold NAT conntrack entries that are queued\nfor cleanup. This should be big enough to hold all the NAT entries that expire within one cleanup interval." minimum: 1.0 type: "integer" + bpfMapSizeConntrackScaling: + description: "BPFMapSizeConntrackScaling controls whether and how we scale the conntrack map size depending\non its usage. 'Disabled' make the size stay at the default or whatever is set by\nBPFMapSizeConntrack*. 'DoubleIfFull' doubles the size when the map is pretty much full even\nafter cleanups. [Default: DoubleIfFull]" + pattern: "^(?i)(Disabled|DoubleIfFull)?$" + type: "string" bpfMapSizeIPSets: - description: "BPFMapSizeIPSets sets the size for ipsets map. The IP sets map must be large enough to hold an entry for each endpoint matched by every selector in the source/destination matches in network policy. Selectors such as \"all()\" can result in large numbers of entries (one entry per endpoint in that case)." + description: "BPFMapSizeIPSets sets the size for ipsets map. The IP sets map must be large enough to hold an entry\nfor each endpoint matched by every selector in the source/destination matches in network policy. Selectors\nsuch as \"all()\" can result in large numbers of entries (one entry per endpoint in that case)." type: "integer" bpfMapSizeIfState: - description: "BPFMapSizeIfState sets the size for ifstate map. The ifstate map must be large enough to hold an entry for each device (host + workloads) on a host." + description: "BPFMapSizeIfState sets the size for ifstate map. The ifstate map must be large enough to hold an entry\nfor each device (host + workloads) on a host." type: "integer" bpfMapSizeNATAffinity: - description: "BPFMapSizeNATAffinity sets the size of the BPF map that stores the affinity of a connection (for services that enable that feature." + description: "BPFMapSizeNATAffinity sets the size of the BPF map that stores the affinity of a connection (for services that\nenable that feature." type: "integer" bpfMapSizeNATBackend: - description: "BPFMapSizeNATBackend sets the size for NAT back end map. This is the total number of endpoints. This is mostly more than the size of the number of services." + description: "BPFMapSizeNATBackend sets the size for NAT back end map.\nThis is the total number of endpoints. This is mostly\nmore than the size of the number of services." type: "integer" bpfMapSizeNATFrontend: - description: "BPFMapSizeNATFrontend sets the size for NAT front end map. FrontendMap should be large enough to hold an entry for each nodeport, external IP and each port in each service." + description: "BPFMapSizeNATFrontend sets the size for NAT front end map.\nFrontendMap should be large enough to hold an entry for each nodeport,\nexternal IP and each port in each service." + type: "integer" + bpfMapSizePerCpuConntrack: + description: "BPFMapSizePerCPUConntrack determines the size of conntrack map based on the number of CPUs. If set to a\nnon-zero value, overrides BPFMapSizeConntrack with `BPFMapSizePerCPUConntrack * (Number of CPUs)`.\nThis map must be large enough to hold an entry for each active connection. Warning: changing the size of the\nconntrack map can cause disruption." type: "integer" bpfMapSizeRoute: - description: "BPFMapSizeRoute sets the size for the routes map. The routes map should be large enough to hold one entry per workload and a handful of entries per host (enough to cover its own IPs and tunnel IPs)." + description: "BPFMapSizeRoute sets the size for the routes map. The routes map should be large enough\nto hold one entry per workload and a handful of entries per host (enough to cover its own IPs and\ntunnel IPs)." type: "integer" bpfPSNATPorts: anyOf: - type: "integer" - type: "string" - description: "BPFPSNATPorts sets the range from which we randomly pick a port if there is a source port collision. This should be within the ephemeral range as defined by RFC 6056 (1024–65535) and preferably outside the ephemeral ranges used by common operating systems. Linux uses 32768–60999, while others mostly use the IANA defined range 49152–65535. It is not necessarily a problem if this range overlaps with the operating systems. Both ends of the range are inclusive. [Default: 20000:29999]" + description: "BPFPSNATPorts sets the range from which we randomly pick a port if there is a source port\ncollision. This should be within the ephemeral range as defined by RFC 6056 (1024–65535) and\npreferably outside the ephemeral ranges used by common operating systems. Linux uses\n32768–60999, while others mostly use the IANA defined range 49152–65535. It is not necessarily\na problem if this range overlaps with the operating systems. Both ends of the range are\ninclusive. [Default: 20000:29999]" pattern: "^.*" x-kubernetes-int-or-string: true bpfPolicyDebugEnabled: - description: "BPFPolicyDebugEnabled when true, Felix records detailed information about the BPF policy programs, which can be examined with the calico-bpf command-line tool." + description: "BPFPolicyDebugEnabled when true, Felix records detailed information\nabout the BPF policy programs, which can be examined with the calico-bpf command-line tool." type: "boolean" + bpfProfiling: + description: "BPFProfiling controls profiling of BPF programs. At the monent, it can be\nDisabled or Enabled. [Default: Disabled]" + enum: + - "Enabled" + - "Disabled" + type: "string" bpfRedirectToPeer: - description: "BPFRedirectToPeer controls which whether it is allowed to forward straight to the peer side of the workload devices. It is allowed for any host L2 devices by default (L2Only), but it breaks TCP dump on the host side of workload device as it bypasses it on ingress. Value of Enabled also allows redirection from L3 host devices like IPIP tunnel or Wireguard directly to the peer side of the workload's device. This makes redirection faster, however, it breaks tools like tcpdump on the peer side. Use Enabled with caution. [Default: L2Only]" + description: "BPFRedirectToPeer controls which whether it is allowed to forward straight to the\npeer side of the workload devices. It is allowed for any host L2 devices by default\n(L2Only), but it breaks TCP dump on the host side of workload device as it bypasses\nit on ingress. Value of Enabled also allows redirection from L3 host devices like\nIPIP tunnel or Wireguard directly to the peer side of the workload's device. This\nmakes redirection faster, however, it breaks tools like tcpdump on the peer side.\nUse Enabled with caution. [Default: L2Only]" enum: - "Enabled" - "Disabled" - "L2Only" type: "string" chainInsertMode: - description: "ChainInsertMode controls whether Felix hooks the kernel's top-level iptables chains by inserting a rule at the top of the chain or by appending a rule at the bottom. insert is the safe default since it prevents Calico's rules from being bypassed. If you switch to append mode, be sure that the other rules in the chains signal acceptance by falling through to the Calico rules, otherwise the Calico policy will be bypassed. [Default: insert]" + description: "ChainInsertMode controls whether Felix hooks the kernel's top-level iptables chains by inserting a rule\nat the top of the chain or by appending a rule at the bottom. insert is the safe default since it prevents\nCalico's rules from being bypassed. If you switch to append mode, be sure that the other rules in the chains\nsignal acceptance by falling through to the Calico rules, otherwise the Calico policy will be bypassed.\n[Default: insert]" pattern: "^(?i)(Insert|Append)?$" type: "string" dataplaneDriver: - description: "DataplaneDriver filename of the external dataplane driver to use. Only used if UseInternalDataplaneDriver is set to false." + description: "DataplaneDriver filename of the external dataplane driver to use. Only used if UseInternalDataplaneDriver\nis set to false." type: "string" dataplaneWatchdogTimeout: - description: "DataplaneWatchdogTimeout is the readiness/liveness timeout used for Felix's (internal) dataplane driver. Deprecated: replaced by the generic HealthTimeoutOverrides." + description: "DataplaneWatchdogTimeout is the readiness/liveness timeout used for Felix's (internal) dataplane driver.\nDeprecated: replaced by the generic HealthTimeoutOverrides." type: "string" debugDisableLogDropping: - description: "DebugDisableLogDropping disables the dropping of log messages when the log buffer is full. This can significantly impact performance if log write-out is a bottleneck. [Default: false]" + description: "DebugDisableLogDropping disables the dropping of log messages when the log buffer is full. This can\nsignificantly impact performance if log write-out is a bottleneck. [Default: false]" type: "boolean" debugHost: - description: "DebugHost is the host IP or hostname to bind the debug port to. Only used if DebugPort is set. [Default:localhost]" + description: "DebugHost is the host IP or hostname to bind the debug port to. Only used\nif DebugPort is set. [Default:localhost]" type: "string" debugMemoryProfilePath: description: "DebugMemoryProfilePath is the path to write the memory profile to when triggered by signal." type: "string" debugPort: - description: "DebugPort if set, enables Felix's debug HTTP port, which allows memory and CPU profiles to be retrieved. The debug port is not secure, it should not be exposed to the internet." + description: "DebugPort if set, enables Felix's debug HTTP port, which allows memory and CPU profiles\nto be retrieved. The debug port is not secure, it should not be exposed to the internet." type: "integer" debugSimulateCalcGraphHangAfter: - description: "DebugSimulateCalcGraphHangAfter is used to simulate a hang in the calculation graph after the specified duration. This is useful in tests of the watchdog system only!" + description: "DebugSimulateCalcGraphHangAfter is used to simulate a hang in the calculation graph after the specified duration.\nThis is useful in tests of the watchdog system only!" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" debugSimulateDataplaneApplyDelay: - description: "DebugSimulateDataplaneApplyDelay adds an artificial delay to every dataplane operation. This is useful for simulating a heavily loaded system for test purposes only." + description: "DebugSimulateDataplaneApplyDelay adds an artificial delay to every dataplane operation. This is useful for\nsimulating a heavily loaded system for test purposes only." pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" debugSimulateDataplaneHangAfter: - description: "DebugSimulateDataplaneHangAfter is used to simulate a hang in the dataplane after the specified duration. This is useful in tests of the watchdog system only!" + description: "DebugSimulateDataplaneHangAfter is used to simulate a hang in the dataplane after the specified duration.\nThis is useful in tests of the watchdog system only!" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" defaultEndpointToHostAction: - description: "DefaultEndpointToHostAction controls what happens to traffic that goes from a workload endpoint to the host itself (after the endpoint's egress policy is applied). By default, Calico blocks traffic from workload endpoints to the host itself with an iptables \"DROP\" action. If you want to allow some or all traffic from endpoint to host, set this parameter to RETURN or ACCEPT. Use RETURN if you have your own rules in the iptables \"INPUT\" chain; Calico will insert its rules at the top of that chain, then \"RETURN\" packets to the \"INPUT\" chain once it has completed processing workload endpoint egress policy. Use ACCEPT to unconditionally accept packets from workloads after processing workload endpoint egress policy. [Default: Drop]" + description: "DefaultEndpointToHostAction controls what happens to traffic that goes from a workload endpoint to the host\nitself (after the endpoint's egress policy is applied). By default, Calico blocks traffic from workload\nendpoints to the host itself with an iptables \"DROP\" action. If you want to allow some or all traffic from\nendpoint to host, set this parameter to RETURN or ACCEPT. Use RETURN if you have your own rules in the iptables\n\"INPUT\" chain; Calico will insert its rules at the top of that chain, then \"RETURN\" packets to the \"INPUT\" chain\nonce it has completed processing workload endpoint egress policy. Use ACCEPT to unconditionally accept packets\nfrom workloads after processing workload endpoint egress policy. [Default: Drop]" pattern: "^(?i)(Drop|Accept|Return)?$" type: "string" deviceRouteProtocol: - description: "DeviceRouteProtocol controls the protocol to set on routes programmed by Felix. The protocol is an 8-bit label used to identify the owner of the route." + description: "DeviceRouteProtocol controls the protocol to set on routes programmed by Felix. The protocol is an 8-bit label\nused to identify the owner of the route." type: "integer" deviceRouteSourceAddress: - description: "DeviceRouteSourceAddress IPv4 address to set as the source hint for routes programmed by Felix. When not set the source address for local traffic from host to workload will be determined by the kernel." + description: "DeviceRouteSourceAddress IPv4 address to set as the source hint for routes programmed by Felix. When not set\nthe source address for local traffic from host to workload will be determined by the kernel." type: "string" deviceRouteSourceAddressIPv6: - description: "DeviceRouteSourceAddressIPv6 IPv6 address to set as the source hint for routes programmed by Felix. When not set the source address for local traffic from host to workload will be determined by the kernel." + description: "DeviceRouteSourceAddressIPv6 IPv6 address to set as the source hint for routes programmed by Felix. When not set\nthe source address for local traffic from host to workload will be determined by the kernel." type: "string" disableConntrackInvalidCheck: - description: "DisableConntrackInvalidCheck disables the check for invalid connections in conntrack. While the conntrack invalid check helps to detect malicious traffic, it can also cause issues with certain multi-NIC scenarios." + description: "DisableConntrackInvalidCheck disables the check for invalid connections in conntrack. While the conntrack\ninvalid check helps to detect malicious traffic, it can also cause issues with certain multi-NIC scenarios." type: "boolean" endpointReportingDelay: - description: "EndpointReportingDelay is the delay before Felix reports endpoint status to the datastore. This is only used by the OpenStack integration. [Default: 1s]" + description: "EndpointReportingDelay is the delay before Felix reports endpoint status to the datastore. This is only used\nby the OpenStack integration. [Default: 1s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" endpointReportingEnabled: - description: "EndpointReportingEnabled controls whether Felix reports endpoint status to the datastore. This is only used by the OpenStack integration. [Default: false]" + description: "EndpointReportingEnabled controls whether Felix reports endpoint status to the datastore. This is only used\nby the OpenStack integration. [Default: false]" type: "boolean" endpointStatusPathPrefix: - description: "EndpointStatusPathPrefix is the path to the directory where endpoint status will be written. Endpoint status file reporting is disabled if field is left empty. \n Chosen directory should match the directory used by the CNI plugin for PodStartupDelay. [Default: \"\"]" + description: "EndpointStatusPathPrefix is the path to the directory where endpoint status will be written. Endpoint status\nfile reporting is disabled if field is left empty.\n\nChosen directory should match the directory used by the CNI plugin for PodStartupDelay.\n[Default: /var/run/calico]" type: "string" externalNodesList: - description: "ExternalNodesCIDRList is a list of CIDR's of external, non-Calico nodes from which VXLAN/IPIP overlay traffic will be allowed. By default, external tunneled traffic is blocked to reduce attack surface." + description: "ExternalNodesCIDRList is a list of CIDR's of external, non-Calico nodes from which VXLAN/IPIP overlay traffic\nwill be allowed. By default, external tunneled traffic is blocked to reduce attack surface." items: type: "string" type: "array" failsafeInboundHostPorts: - description: "FailsafeInboundHostPorts is a list of ProtoPort struct objects including UDP/TCP/SCTP ports and CIDRs that Felix will allow incoming traffic to host endpoints on irrespective of the security policy. This is useful to avoid accidentally cutting off a host with incorrect configuration. For backwards compatibility, if the protocol is not specified, it defaults to \"tcp\". If a CIDR is not specified, it will allow traffic from all addresses. To disable all inbound host ports, use the value \"[]\". The default value allows ssh access, DHCP, BGP, etcd and the Kubernetes API. [Default: tcp:22, udp:68, tcp:179, tcp:2379, tcp:2380, tcp:5473, tcp:6443, tcp:6666, tcp:6667 ]" + description: "FailsafeInboundHostPorts is a list of ProtoPort struct objects including UDP/TCP/SCTP ports and CIDRs that Felix will\nallow incoming traffic to host endpoints on irrespective of the security policy. This is useful to avoid accidentally\ncutting off a host with incorrect configuration. For backwards compatibility, if the protocol is not specified,\nit defaults to \"tcp\". If a CIDR is not specified, it will allow traffic from all addresses. To disable all inbound host ports,\nuse the value \"[]\". The default value allows ssh access, DHCP, BGP, etcd and the Kubernetes API.\n[Default: tcp:22, udp:68, tcp:179, tcp:2379, tcp:2380, tcp:5473, tcp:6443, tcp:6666, tcp:6667 ]" items: description: "ProtoPort is combination of protocol, port, and CIDR. Protocol and port must be specified." properties: @@ -259,7 +313,7 @@ spec: type: "object" type: "array" failsafeOutboundHostPorts: - description: "FailsafeOutboundHostPorts is a list of PortProto struct objects including UDP/TCP/SCTP ports and CIDRs that Felix will allow outgoing traffic from host endpoints to irrespective of the security policy. This is useful to avoid accidentally cutting off a host with incorrect configuration. For backwards compatibility, if the protocol is not specified, it defaults to \"tcp\". If a CIDR is not specified, it will allow traffic from all addresses. To disable all outbound host ports, use the value \"[]\". The default value opens etcd's standard ports to ensure that Felix does not get cut off from etcd as well as allowing DHCP, DNS, BGP and the Kubernetes API. [Default: udp:53, udp:67, tcp:179, tcp:2379, tcp:2380, tcp:5473, tcp:6443, tcp:6666, tcp:6667 ]" + description: "FailsafeOutboundHostPorts is a list of PortProto struct objects including UDP/TCP/SCTP ports and CIDRs that Felix\nwill allow outgoing traffic from host endpoints to irrespective of the security policy. This is useful to avoid accidentally\ncutting off a host with incorrect configuration. For backwards compatibility, if the protocol is not specified, it defaults\nto \"tcp\". If a CIDR is not specified, it will allow traffic from all addresses. To disable all outbound host ports,\nuse the value \"[]\". The default value opens etcd's standard ports to ensure that Felix does not get cut off from etcd\nas well as allowing DHCP, DNS, BGP and the Kubernetes API.\n[Default: udp:53, udp:67, tcp:179, tcp:2379, tcp:2380, tcp:5473, tcp:6443, tcp:6666, tcp:6667 ]" items: description: "ProtoPort is combination of protocol, port, and CIDR. Protocol and port must be specified." properties: @@ -274,33 +328,43 @@ spec: type: "object" type: "array" featureDetectOverride: - description: "FeatureDetectOverride is used to override feature detection based on auto-detected platform capabilities. Values are specified in a comma separated list with no spaces, example; \"SNATFullyRandom=true,MASQFullyRandom=false,RestoreSupportsLock=\". A value of \"true\" or \"false\" will force enable/disable feature, empty or omitted values fall back to auto-detection." + description: "FeatureDetectOverride is used to override feature detection based on auto-detected platform\ncapabilities. Values are specified in a comma separated list with no spaces, example;\n\"SNATFullyRandom=true,MASQFullyRandom=false,RestoreSupportsLock=\". A value of \"true\" or \"false\" will\nforce enable/disable feature, empty or omitted values fall back to auto-detection." pattern: "^([a-zA-Z0-9-_]+=(true|false|),)*([a-zA-Z0-9-_]+=(true|false|))?$" type: "string" featureGates: - description: "FeatureGates is used to enable or disable tech-preview Calico features. Values are specified in a comma separated list with no spaces, example; \"BPFConnectTimeLoadBalancingWorkaround=enabled,XyZ=false\". This is used to enable features that are not fully production ready." + description: "FeatureGates is used to enable or disable tech-preview Calico features.\nValues are specified in a comma separated list with no spaces, example;\n\"BPFConnectTimeLoadBalancingWorkaround=enabled,XyZ=false\". This is\nused to enable features that are not fully production ready." pattern: "^([a-zA-Z0-9-_]+=([^=]+),)*([a-zA-Z0-9-_]+=([^=]+))?$" type: "string" floatingIPs: - description: "FloatingIPs configures whether or not Felix will program non-OpenStack floating IP addresses. (OpenStack-derived floating IPs are always programmed, regardless of this setting.)" + description: "FloatingIPs configures whether or not Felix will program non-OpenStack floating IP addresses. (OpenStack-derived\nfloating IPs are always programmed, regardless of this setting.)" enum: - "Enabled" - "Disabled" type: "string" + flowLogsCollectorDebugTrace: + description: "When FlowLogsCollectorDebugTrace is set to true, enables the logs in the collector to be\nprinted in their entirety." + type: "boolean" + flowLogsFlushInterval: + description: "FlowLogsFlushInterval configures the interval at which Felix exports flow logs." + pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" + type: "string" + flowLogsGoldmaneServer: + description: "FlowLogGoldmaneServer is the flow server endpoint to which flow data should be published." + type: "string" genericXDPEnabled: - description: "GenericXDPEnabled enables Generic XDP so network cards that don't support XDP offload or driver modes can use XDP. This is not recommended since it doesn't provide better performance than iptables. [Default: false]" + description: "GenericXDPEnabled enables Generic XDP so network cards that don't support XDP offload or driver\nmodes can use XDP. This is not recommended since it doesn't provide better performance than\niptables. [Default: false]" type: "boolean" goGCThreshold: - description: "GoGCThreshold Sets the Go runtime's garbage collection threshold. I.e. the percentage that the heap is allowed to grow before garbage collection is triggered. In general, doubling the value halves the CPU time spent doing GC, but it also doubles peak GC memory overhead. A special value of -1 can be used to disable GC entirely; this should only be used in conjunction with the GoMemoryLimitMB setting. \n This setting is overridden by the GOGC environment variable. \n [Default: 40]" + description: "GoGCThreshold Sets the Go runtime's garbage collection threshold. I.e. the percentage that the heap is\nallowed to grow before garbage collection is triggered. In general, doubling the value halves the CPU time\nspent doing GC, but it also doubles peak GC memory overhead. A special value of -1 can be used\nto disable GC entirely; this should only be used in conjunction with the GoMemoryLimitMB setting.\n\nThis setting is overridden by the GOGC environment variable.\n\n[Default: 40]" type: "integer" goMaxProcs: - description: "GoMaxProcs sets the maximum number of CPUs that the Go runtime will use concurrently. A value of -1 means \"use the system default\"; typically the number of real CPUs on the system. \n this setting is overridden by the GOMAXPROCS environment variable. \n [Default: -1]" + description: "GoMaxProcs sets the maximum number of CPUs that the Go runtime will use concurrently. A value of -1 means\n\"use the system default\"; typically the number of real CPUs on the system.\n\nthis setting is overridden by the GOMAXPROCS environment variable.\n\n[Default: -1]" type: "integer" goMemoryLimitMB: - description: "GoMemoryLimitMB sets a (soft) memory limit for the Go runtime in MB. The Go runtime will try to keep its memory usage under the limit by triggering GC as needed. To avoid thrashing, it will exceed the limit if GC starts to take more than 50% of the process's CPU time. A value of -1 disables the memory limit. \n Note that the memory limit, if used, must be considerably less than any hard resource limit set at the container or pod level. This is because felix is not the only process that must run in the container or pod. \n This setting is overridden by the GOMEMLIMIT environment variable. \n [Default: -1]" + description: "GoMemoryLimitMB sets a (soft) memory limit for the Go runtime in MB. The Go runtime will try to keep its memory\nusage under the limit by triggering GC as needed. To avoid thrashing, it will exceed the limit if GC starts to\ntake more than 50% of the process's CPU time. A value of -1 disables the memory limit.\n\nNote that the memory limit, if used, must be considerably less than any hard resource limit set at the container\nor pod level. This is because felix is not the only process that must run in the container or pod.\n\nThis setting is overridden by the GOMEMLIMIT environment variable.\n\n[Default: -1]" type: "integer" healthEnabled: - description: "HealthEnabled if set to true, enables Felix's health port, which provides readiness and liveness endpoints. [Default: false]" + description: "HealthEnabled if set to true, enables Felix's health port, which provides readiness and liveness endpoints.\n[Default: false]" type: "boolean" healthHost: description: "HealthHost is the host that the health server should bind to. [Default: localhost]" @@ -309,7 +373,7 @@ spec: description: "HealthPort is the TCP port that the health server should bind to. [Default: 9099]" type: "integer" healthTimeoutOverrides: - description: "HealthTimeoutOverrides allows the internal watchdog timeouts of individual subcomponents to be overridden. This is useful for working around \"false positive\" liveness timeouts that can occur in particularly stressful workloads or if CPU is constrained. For a list of active subcomponents, see Felix's logs." + description: "HealthTimeoutOverrides allows the internal watchdog timeouts of individual subcomponents to be\noverridden. This is useful for working around \"false positive\" liveness timeouts that can occur\nin particularly stressful workloads or if CPU is constrained. For a list of active\nsubcomponents, see Felix's logs." items: properties: name: @@ -322,78 +386,78 @@ spec: type: "object" type: "array" interfaceExclude: - description: "InterfaceExclude A comma-separated list of interface names that should be excluded when Felix is resolving host endpoints. The default value ensures that Felix ignores Kubernetes' internal `kube-ipvs0` device. If you want to exclude multiple interface names using a single value, the list supports regular expressions. For regular expressions you must wrap the value with `/`. For example having values `/^kube/,veth1` will exclude all interfaces that begin with `kube` and also the interface `veth1`. [Default: kube-ipvs0]" + description: "InterfaceExclude A comma-separated list of interface names that should be excluded when Felix is resolving\nhost endpoints. The default value ensures that Felix ignores Kubernetes' internal `kube-ipvs0` device. If you\nwant to exclude multiple interface names using a single value, the list supports regular expressions. For\nregular expressions you must wrap the value with `/`. For example having values `/^kube/,veth1` will exclude\nall interfaces that begin with `kube` and also the interface `veth1`. [Default: kube-ipvs0]" type: "string" interfacePrefix: - description: "InterfacePrefix is the interface name prefix that identifies workload endpoints and so distinguishes them from host endpoint interfaces. Note: in environments other than bare metal, the orchestrators configure this appropriately. For example our Kubernetes and Docker integrations set the 'cali' value, and our OpenStack integration sets the 'tap' value. [Default: cali]" + description: "InterfacePrefix is the interface name prefix that identifies workload endpoints and so distinguishes\nthem from host endpoint interfaces. Note: in environments other than bare metal, the orchestrators\nconfigure this appropriately. For example our Kubernetes and Docker integrations set the 'cali' value,\nand our OpenStack integration sets the 'tap' value. [Default: cali]" type: "string" interfaceRefreshInterval: - description: "InterfaceRefreshInterval is the period at which Felix rescans local interfaces to verify their state. The rescan can be disabled by setting the interval to 0." + description: "InterfaceRefreshInterval is the period at which Felix rescans local interfaces to verify their state.\nThe rescan can be disabled by setting the interval to 0." pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" ipForwarding: - description: "IPForwarding controls whether Felix sets the host sysctls to enable IP forwarding. IP forwarding is required when using Calico for workload networking. This should be disabled only on hosts where Calico is used solely for host protection. In BPF mode, due to a kernel interaction, either IPForwarding must be enabled or BPFEnforceRPF must be disabled. [Default: Enabled]" + description: "IPForwarding controls whether Felix sets the host sysctls to enable IP forwarding. IP forwarding is required\nwhen using Calico for workload networking. This should be disabled only on hosts where Calico is used solely for\nhost protection. In BPF mode, due to a kernel interaction, either IPForwarding must be enabled or BPFEnforceRPF\nmust be disabled. [Default: Enabled]" enum: - "Enabled" - "Disabled" type: "string" ipipEnabled: - description: "IPIPEnabled overrides whether Felix should configure an IPIP interface on the host. Optional as Felix determines this based on the existing IP pools. [Default: nil (unset)]" + description: "IPIPEnabled overrides whether Felix should configure an IPIP interface on the host. Optional as Felix\ndetermines this based on the existing IP pools. [Default: nil (unset)]" type: "boolean" ipipMTU: - description: "IPIPMTU controls the MTU to set on the IPIP tunnel device. Optional as Felix auto-detects the MTU based on the MTU of the host's interfaces. [Default: 0 (auto-detect)]" + description: "IPIPMTU controls the MTU to set on the IPIP tunnel device. Optional as Felix auto-detects the MTU based on the\nMTU of the host's interfaces. [Default: 0 (auto-detect)]" type: "integer" ipsetsRefreshInterval: - description: "IpsetsRefreshInterval controls the period at which Felix re-checks all IP sets to look for discrepancies. Set to 0 to disable the periodic refresh. [Default: 90s]" + description: "IpsetsRefreshInterval controls the period at which Felix re-checks all IP sets to look for discrepancies.\nSet to 0 to disable the periodic refresh. [Default: 90s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" iptablesBackend: - description: "IptablesBackend controls which backend of iptables will be used. The default is `Auto`. \n Warning: changing this on a running system can leave \"orphaned\" rules in the \"other\" backend. These should be cleaned up to avoid confusing interactions." + description: "IptablesBackend controls which backend of iptables will be used. The default is `Auto`.\n\nWarning: changing this on a running system can leave \"orphaned\" rules in the \"other\" backend. These\nshould be cleaned up to avoid confusing interactions." pattern: "^(?i)(Auto|Legacy|NFT)?$" type: "string" iptablesFilterAllowAction: - description: "IptablesFilterAllowAction controls what happens to traffic that is accepted by a Felix policy chain in the iptables filter table (which is used for \"normal\" policy). The default will immediately `Accept` the traffic. Use `Return` to send the traffic back up to the system chains for further processing." + description: "IptablesFilterAllowAction controls what happens to traffic that is accepted by a Felix policy chain in the\niptables filter table (which is used for \"normal\" policy). The default will immediately `Accept` the traffic. Use\n`Return` to send the traffic back up to the system chains for further processing." pattern: "^(?i)(Accept|Return)?$" type: "string" iptablesFilterDenyAction: - description: "IptablesFilterDenyAction controls what happens to traffic that is denied by network policy. By default Calico blocks traffic with an iptables \"DROP\" action. If you want to use \"REJECT\" action instead you can configure it in here." + description: "IptablesFilterDenyAction controls what happens to traffic that is denied by network policy. By default Calico blocks traffic\nwith an iptables \"DROP\" action. If you want to use \"REJECT\" action instead you can configure it in here." pattern: "^(?i)(Drop|Reject)?$" type: "string" iptablesLockFilePath: - description: "IptablesLockFilePath is the location of the iptables lock file. You may need to change this if the lock file is not in its standard location (for example if you have mapped it into Felix's container at a different path). [Default: /run/xtables.lock]" + description: "IptablesLockFilePath is the location of the iptables lock file. You may need to change this\nif the lock file is not in its standard location (for example if you have mapped it into Felix's\ncontainer at a different path). [Default: /run/xtables.lock]" type: "string" iptablesLockProbeInterval: - description: "IptablesLockProbeInterval when IptablesLockTimeout is enabled: the time that Felix will wait between attempts to acquire the iptables lock if it is not available. Lower values make Felix more responsive when the lock is contended, but use more CPU. [Default: 50ms]" + description: "IptablesLockProbeInterval when IptablesLockTimeout is enabled: the time that Felix will wait between\nattempts to acquire the iptables lock if it is not available. Lower values make Felix more\nresponsive when the lock is contended, but use more CPU. [Default: 50ms]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" iptablesLockTimeout: - description: "IptablesLockTimeout is the time that Felix itself will wait for the iptables lock (rather than delegating the lock handling to the `iptables` command). \n Deprecated: `iptables-restore` v1.8+ always takes the lock, so enabling this feature results in deadlock. [Default: 0s disabled]" + description: "IptablesLockTimeout is the time that Felix itself will wait for the iptables lock (rather than delegating the\nlock handling to the `iptables` command).\n\nDeprecated: `iptables-restore` v1.8+ always takes the lock, so enabling this feature results in deadlock.\n[Default: 0s disabled]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" iptablesMangleAllowAction: - description: "IptablesMangleAllowAction controls what happens to traffic that is accepted by a Felix policy chain in the iptables mangle table (which is used for \"pre-DNAT\" policy). The default will immediately `Accept` the traffic. Use `Return` to send the traffic back up to the system chains for further processing." + description: "IptablesMangleAllowAction controls what happens to traffic that is accepted by a Felix policy chain in the\niptables mangle table (which is used for \"pre-DNAT\" policy). The default will immediately `Accept` the traffic.\nUse `Return` to send the traffic back up to the system chains for further processing." pattern: "^(?i)(Accept|Return)?$" type: "string" iptablesMarkMask: - description: "IptablesMarkMask is the mask that Felix selects its IPTables Mark bits from. Should be a 32 bit hexadecimal number with at least 8 bits set, none of which clash with any other mark bits in use on the system. [Default: 0xffff0000]" + description: "IptablesMarkMask is the mask that Felix selects its IPTables Mark bits from. Should be a 32 bit hexadecimal\nnumber with at least 8 bits set, none of which clash with any other mark bits in use on the system.\n[Default: 0xffff0000]" format: "int32" type: "integer" iptablesNATOutgoingInterfaceFilter: - description: "This parameter can be used to limit the host interfaces on which Calico will apply SNAT to traffic leaving a Calico IPAM pool with \"NAT outgoing\" enabled. This can be useful if you have a main data interface, where traffic should be SNATted and a secondary device (such as the docker bridge) which is local to the host and doesn't require SNAT. This parameter uses the iptables interface matching syntax, which allows + as a wildcard. Most users will not need to set this. Example: if your data interfaces are eth0 and eth1 and you want to exclude the docker bridge, you could set this to eth+" + description: "This parameter can be used to limit the host interfaces on which Calico will apply SNAT to traffic leaving a\nCalico IPAM pool with \"NAT outgoing\" enabled. This can be useful if you have a main data interface, where\ntraffic should be SNATted and a secondary device (such as the docker bridge) which is local to the host and\ndoesn't require SNAT. This parameter uses the iptables interface matching syntax, which allows + as a\nwildcard. Most users will not need to set this. Example: if your data interfaces are eth0 and eth1 and you\nwant to exclude the docker bridge, you could set this to eth+" type: "string" iptablesPostWriteCheckInterval: - description: "IptablesPostWriteCheckInterval is the period after Felix has done a write to the dataplane that it schedules an extra read back in order to check the write was not clobbered by another process. This should only occur if another application on the system doesn't respect the iptables lock. [Default: 1s]" + description: "IptablesPostWriteCheckInterval is the period after Felix has done a write\nto the dataplane that it schedules an extra read back in order to check the write was not\nclobbered by another process. This should only occur if another application on the system\ndoesn't respect the iptables lock. [Default: 1s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" iptablesRefreshInterval: - description: "IptablesRefreshInterval is the period at which Felix re-checks the IP sets in the dataplane to ensure that no other process has accidentally broken Calico's rules. Set to 0 to disable IP sets refresh. Note: the default for this value is lower than the other refresh intervals as a workaround for a Linux kernel bug that was fixed in kernel version 4.11. If you are using v4.11 or greater you may want to set this to, a higher value to reduce Felix CPU usage. [Default: 10s]" + description: "IptablesRefreshInterval is the period at which Felix re-checks the IP sets\nin the dataplane to ensure that no other process has accidentally broken Calico's rules.\nSet to 0 to disable IP sets refresh. Note: the default for this value is lower than the\nother refresh intervals as a workaround for a Linux kernel bug that was fixed in kernel\nversion 4.11. If you are using v4.11 or greater you may want to set this to, a higher value\nto reduce Felix CPU usage. [Default: 10s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" ipv6Support: description: "IPv6Support controls whether Felix enables support for IPv6 (if supported by the in-use dataplane)." type: "boolean" kubeNodePortRanges: - description: "KubeNodePortRanges holds list of port ranges used for service node ports. Only used if felix detects kube-proxy running in ipvs mode. Felix uses these ranges to separate host and workload traffic. [Default: 30000:32767]." + description: "KubeNodePortRanges holds list of port ranges used for service node ports. Only used if felix detects kube-proxy running in ipvs mode.\nFelix uses these ranges to separate host and workload traffic. [Default: 30000:32767]." items: anyOf: - type: "integer" @@ -402,7 +466,7 @@ spec: x-kubernetes-int-or-string: true type: "array" logDebugFilenameRegex: - description: "LogDebugFilenameRegex controls which source code files have their Debug log output included in the logs. Only logs from files with names that match the given regular expression are included. The filter only applies to Debug level logs." + description: "LogDebugFilenameRegex controls which source code files have their Debug log output included in the logs.\nOnly logs from files with names that match the given regular expression are included. The filter only applies\nto Debug level logs." type: "string" logFilePath: description: "LogFilePath is the full path to the Felix log. Set to none to disable file logging. [Default: /var/log/calico/felix.log]" @@ -419,49 +483,49 @@ spec: pattern: "^(?i)(Debug|Info|Warning|Error|Fatal)?$" type: "string" logSeveritySys: - description: "LogSeveritySys is the log severity above which logs are sent to the syslog. Set to None for no logging to syslog. [Default: Info]" + description: "LogSeveritySys is the log severity above which logs are sent to the syslog. Set to None for no logging to syslog.\n[Default: Info]" pattern: "^(?i)(Debug|Info|Warning|Error|Fatal)?$" type: "string" maxIpsetSize: - description: "MaxIpsetSize is the maximum number of IP addresses that can be stored in an IP set. Not applicable if using the nftables backend." + description: "MaxIpsetSize is the maximum number of IP addresses that can be stored in an IP set. Not applicable\nif using the nftables backend." type: "integer" metadataAddr: - description: "MetadataAddr is the IP address or domain name of the server that can answer VM queries for cloud-init metadata. In OpenStack, this corresponds to the machine running nova-api (or in Ubuntu, nova-api-metadata). A value of none (case-insensitive) means that Felix should not set up any NAT rule for the metadata path. [Default: 127.0.0.1]" + description: "MetadataAddr is the IP address or domain name of the server that can answer VM queries for\ncloud-init metadata. In OpenStack, this corresponds to the machine running nova-api (or in\nUbuntu, nova-api-metadata). A value of none (case-insensitive) means that Felix should not\nset up any NAT rule for the metadata path. [Default: 127.0.0.1]" type: "string" metadataPort: - description: "MetadataPort is the port of the metadata server. This, combined with global.MetadataAddr (if not 'None'), is used to set up a NAT rule, from 169.254.169.254:80 to MetadataAddr:MetadataPort. In most cases this should not need to be changed [Default: 8775]." + description: "MetadataPort is the port of the metadata server. This, combined with global.MetadataAddr (if\nnot 'None'), is used to set up a NAT rule, from 169.254.169.254:80 to MetadataAddr:MetadataPort.\nIn most cases this should not need to be changed [Default: 8775]." type: "integer" mtuIfacePattern: - description: "MTUIfacePattern is a regular expression that controls which interfaces Felix should scan in order to calculate the host's MTU. This should not match workload interfaces (usually named cali...)." + description: "MTUIfacePattern is a regular expression that controls which interfaces Felix should scan in order\nto calculate the host's MTU.\nThis should not match workload interfaces (usually named cali...)." type: "string" natOutgoingAddress: - description: "NATOutgoingAddress specifies an address to use when performing source NAT for traffic in a natOutgoing pool that is leaving the network. By default the address used is an address on the interface the traffic is leaving on (i.e. it uses the iptables MASQUERADE target)." + description: "NATOutgoingAddress specifies an address to use when performing source NAT for traffic in a natOutgoing pool that\nis leaving the network. By default the address used is an address on the interface the traffic is leaving on\n(i.e. it uses the iptables MASQUERADE target)." type: "string" natPortRange: anyOf: - type: "integer" - type: "string" - description: "NATPortRange specifies the range of ports that is used for port mapping when doing outgoing NAT. When unset the default behavior of the network stack is used." + description: "NATPortRange specifies the range of ports that is used for port mapping when doing outgoing NAT. When unset the default behavior of the\nnetwork stack is used." pattern: "^.*" x-kubernetes-int-or-string: true netlinkTimeout: - description: "NetlinkTimeout is the timeout when talking to the kernel over the netlink protocol, used for programming routes, rules, and other kernel objects. [Default: 10s]" + description: "NetlinkTimeout is the timeout when talking to the kernel over the netlink protocol, used for programming\nroutes, rules, and other kernel objects. [Default: 10s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" nftablesFilterAllowAction: - description: "NftablesFilterAllowAction controls the nftables action that Felix uses to represent the \"allow\" policy verdict in the filter table. The default is to `ACCEPT` the traffic, which is a terminal action. Alternatively, `RETURN` can be used to return the traffic back to the top-level chain for further processing by your rules." + description: "NftablesFilterAllowAction controls the nftables action that Felix uses to represent the \"allow\" policy verdict\nin the filter table. The default is to `ACCEPT` the traffic, which is a terminal action. Alternatively,\n`RETURN` can be used to return the traffic back to the top-level chain for further processing by your rules." pattern: "^(?i)(Accept|Return)?$" type: "string" nftablesFilterDenyAction: - description: "NftablesFilterDenyAction controls what happens to traffic that is denied by network policy. By default, Calico blocks traffic with a \"drop\" action. If you want to use a \"reject\" action instead you can configure it here." + description: "NftablesFilterDenyAction controls what happens to traffic that is denied by network policy. By default, Calico\nblocks traffic with a \"drop\" action. If you want to use a \"reject\" action instead you can configure it here." pattern: "^(?i)(Drop|Reject)?$" type: "string" nftablesMangleAllowAction: - description: "NftablesMangleAllowAction controls the nftables action that Felix uses to represent the \"allow\" policy verdict in the mangle table. The default is to `ACCEPT` the traffic, which is a terminal action. Alternatively, `RETURN` can be used to return the traffic back to the top-level chain for further processing by your rules." + description: "NftablesMangleAllowAction controls the nftables action that Felix uses to represent the \"allow\" policy verdict\nin the mangle table. The default is to `ACCEPT` the traffic, which is a terminal action. Alternatively,\n`RETURN` can be used to return the traffic back to the top-level chain for further processing by your rules." pattern: "^(?i)(Accept|Return)?$" type: "string" nftablesMarkMask: - description: "NftablesMarkMask is the mask that Felix selects its nftables Mark bits from. Should be a 32 bit hexadecimal number with at least 8 bits set, none of which clash with any other mark bits in use on the system. [Default: 0xffff0000]" + description: "NftablesMarkMask is the mask that Felix selects its nftables Mark bits from. Should be a 32 bit hexadecimal\nnumber with at least 8 bits set, none of which clash with any other mark bits in use on the system.\n[Default: 0xffff0000]" format: "int32" type: "integer" nftablesMode: @@ -475,13 +539,13 @@ spec: description: "NftablesRefreshInterval controls the interval at which Felix periodically refreshes the nftables rules. [Default: 90s]" type: "string" openstackRegion: - description: "OpenstackRegion is the name of the region that a particular Felix belongs to. In a multi-region Calico/OpenStack deployment, this must be configured somehow for each Felix (here in the datamodel, or in felix.cfg or the environment on each compute node), and must match the [calico] openstack_region value configured in neutron.conf on each node. [Default: Empty]" + description: "OpenstackRegion is the name of the region that a particular Felix belongs to. In a multi-region\nCalico/OpenStack deployment, this must be configured somehow for each Felix (here in the datamodel,\nor in felix.cfg or the environment on each compute node), and must match the [calico]\nopenstack_region value configured in neutron.conf on each node. [Default: Empty]" type: "string" policySyncPathPrefix: - description: "PolicySyncPathPrefix is used to by Felix to communicate policy changes to external services, like Application layer policy. [Default: Empty]" + description: "PolicySyncPathPrefix is used to by Felix to communicate policy changes to external services,\nlike Application layer policy. [Default: Empty]" type: "string" prometheusGoMetricsEnabled: - description: "PrometheusGoMetricsEnabled disables Go runtime metrics collection, which the Prometheus client does by default, when set to false. This reduces the number of metrics reported, reducing Prometheus load. [Default: true]" + description: "PrometheusGoMetricsEnabled disables Go runtime metrics collection, which the Prometheus client does by default, when\nset to false. This reduces the number of metrics reported, reducing Prometheus load. [Default: true]" type: "boolean" prometheusMetricsEnabled: description: "PrometheusMetricsEnabled enables the Prometheus metrics server in Felix if set to true. [Default: false]" @@ -493,16 +557,16 @@ spec: description: "PrometheusMetricsPort is the TCP port that the Prometheus metrics server should bind to. [Default: 9091]" type: "integer" prometheusProcessMetricsEnabled: - description: "PrometheusProcessMetricsEnabled disables process metrics collection, which the Prometheus client does by default, when set to false. This reduces the number of metrics reported, reducing Prometheus load. [Default: true]" + description: "PrometheusProcessMetricsEnabled disables process metrics collection, which the Prometheus client does by default, when\nset to false. This reduces the number of metrics reported, reducing Prometheus load. [Default: true]" type: "boolean" prometheusWireGuardMetricsEnabled: - description: "PrometheusWireGuardMetricsEnabled disables wireguard metrics collection, which the Prometheus client does by default, when set to false. This reduces the number of metrics reported, reducing Prometheus load. [Default: true]" + description: "PrometheusWireGuardMetricsEnabled disables wireguard metrics collection, which the Prometheus client does by default, when\nset to false. This reduces the number of metrics reported, reducing Prometheus load. [Default: true]" type: "boolean" removeExternalRoutes: - description: "RemoveExternalRoutes Controls whether Felix will remove unexpected routes to workload interfaces. Felix will always clean up expected routes that use the configured DeviceRouteProtocol. To add your own routes, you must use a distinct protocol (in addition to setting this field to false)." + description: "RemoveExternalRoutes Controls whether Felix will remove unexpected routes to workload interfaces. Felix will\nalways clean up expected routes that use the configured DeviceRouteProtocol. To add your own routes, you must\nuse a distinct protocol (in addition to setting this field to false)." type: "boolean" reportingInterval: - description: "ReportingInterval is the interval at which Felix reports its status into the datastore or 0 to disable. Must be non-zero in OpenStack deployments. [Default: 30s]" + description: "ReportingInterval is the interval at which Felix reports its status into the datastore or 0 to disable.\nMust be non-zero in OpenStack deployments. [Default: 30s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" reportingTTL: @@ -510,18 +574,18 @@ spec: pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" routeRefreshInterval: - description: "RouteRefreshInterval is the period at which Felix re-checks the routes in the dataplane to ensure that no other process has accidentally broken Calico's rules. Set to 0 to disable route refresh. [Default: 90s]" + description: "RouteRefreshInterval is the period at which Felix re-checks the routes\nin the dataplane to ensure that no other process has accidentally broken Calico's rules.\nSet to 0 to disable route refresh. [Default: 90s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" routeSource: - description: "RouteSource configures where Felix gets its routing information. - WorkloadIPs: use workload endpoints to construct routes. - CalicoIPAM: the default - use IPAM data to construct routes." + description: "RouteSource configures where Felix gets its routing information.\n- WorkloadIPs: use workload endpoints to construct routes.\n- CalicoIPAM: the default - use IPAM data to construct routes." pattern: "^(?i)(WorkloadIPs|CalicoIPAM)?$" type: "string" routeSyncDisabled: - description: "RouteSyncDisabled will disable all operations performed on the route table. Set to true to run in network-policy mode only." + description: "RouteSyncDisabled will disable all operations performed on the route table. Set to true to\nrun in network-policy mode only." type: "boolean" routeTableRange: - description: "Deprecated in favor of RouteTableRanges. Calico programs additional Linux route tables for various purposes. RouteTableRange specifies the indices of the route tables that Calico should use." + description: "Deprecated in favor of RouteTableRanges.\nCalico programs additional Linux route tables for various purposes.\nRouteTableRange specifies the indices of the route tables that Calico should use." properties: max: type: "integer" @@ -532,7 +596,7 @@ spec: - "min" type: "object" routeTableRanges: - description: "Calico programs additional Linux route tables for various purposes. RouteTableRanges specifies a set of table index ranges that Calico should use. Deprecates`RouteTableRange`, overrides `RouteTableRange`." + description: "Calico programs additional Linux route tables for various purposes.\nRouteTableRanges specifies a set of table index ranges that Calico should use.\nDeprecates`RouteTableRange`, overrides `RouteTableRange`." items: properties: max: @@ -545,14 +609,14 @@ spec: type: "object" type: "array" serviceLoopPrevention: - description: "When service IP advertisement is enabled, prevent routing loops to service IPs that are not in use, by dropping or rejecting packets that do not get DNAT'd by kube-proxy. Unless set to \"Disabled\", in which case such routing loops continue to be allowed. [Default: Drop]" + description: "When service IP advertisement is enabled, prevent routing loops to service IPs that are\nnot in use, by dropping or rejecting packets that do not get DNAT'd by kube-proxy.\nUnless set to \"Disabled\", in which case such routing loops continue to be allowed.\n[Default: Drop]" pattern: "^(?i)(Drop|Reject|Disabled)?$" type: "string" sidecarAccelerationEnabled: description: "SidecarAccelerationEnabled enables experimental sidecar acceleration [Default: false]" type: "boolean" usageReportingEnabled: - description: "UsageReportingEnabled reports anonymous Calico version number and cluster size to projectcalico.org. Logs warnings returned by the usage server. For example, if a significant security vulnerability has been discovered in the version of Calico being used. [Default: true]" + description: "UsageReportingEnabled reports anonymous Calico version number and cluster size to projectcalico.org. Logs warnings returned by the usage\nserver. For example, if a significant security vulnerability has been discovered in the version of Calico being used. [Default: true]" type: "boolean" usageReportingInitialDelay: description: "UsageReportingInitialDelay controls the minimum delay before Felix makes a report. [Default: 300s]" @@ -563,22 +627,22 @@ spec: pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" useInternalDataplaneDriver: - description: "UseInternalDataplaneDriver, if true, Felix will use its internal dataplane programming logic. If false, it will launch an external dataplane driver and communicate with it over protobuf." + description: "UseInternalDataplaneDriver, if true, Felix will use its internal dataplane programming logic. If false, it\nwill launch an external dataplane driver and communicate with it over protobuf." type: "boolean" vxlanEnabled: - description: "VXLANEnabled overrides whether Felix should create the VXLAN tunnel device for IPv4 VXLAN networking. Optional as Felix determines this based on the existing IP pools. [Default: nil (unset)]" + description: "VXLANEnabled overrides whether Felix should create the VXLAN tunnel device for IPv4 VXLAN networking.\nOptional as Felix determines this based on the existing IP pools. [Default: nil (unset)]" type: "boolean" vxlanMTU: - description: "VXLANMTU is the MTU to set on the IPv4 VXLAN tunnel device. Optional as Felix auto-detects the MTU based on the MTU of the host's interfaces. [Default: 0 (auto-detect)]" + description: "VXLANMTU is the MTU to set on the IPv4 VXLAN tunnel device. Optional as Felix auto-detects the MTU based on the\nMTU of the host's interfaces. [Default: 0 (auto-detect)]" type: "integer" vxlanMTUV6: - description: "VXLANMTUV6 is the MTU to set on the IPv6 VXLAN tunnel device. Optional as Felix auto-detects the MTU based on the MTU of the host's interfaces. [Default: 0 (auto-detect)]" + description: "VXLANMTUV6 is the MTU to set on the IPv6 VXLAN tunnel device. Optional as Felix auto-detects the MTU based on the\nMTU of the host's interfaces. [Default: 0 (auto-detect)]" type: "integer" vxlanPort: description: "VXLANPort is the UDP port number to use for VXLAN traffic. [Default: 4789]" type: "integer" vxlanVNI: - description: "VXLANVNI is the VXLAN VNI to use for VXLAN traffic. You may need to change this if the default value is in use on your system. [Default: 4096]" + description: "VXLANVNI is the VXLAN VNI to use for VXLAN traffic. You may need to change this if the default value is\nin use on your system. [Default: 4096]" type: "integer" windowsManageFirewallRules: description: "WindowsManageFirewallRules configures whether or not Felix will program Windows Firewall rules (to allow inbound access to its own metrics ports). [Default: Disabled]" @@ -621,26 +685,20 @@ spec: description: "WireguardRoutingRulePriority controls the priority value to use for the Wireguard routing rule. [Default: 99]" type: "integer" wireguardThreadingEnabled: - description: "WireguardThreadingEnabled controls whether Wireguard has NAPI threading enabled. [Default: false]" + description: "WireguardThreadingEnabled controls whether Wireguard has Threaded NAPI enabled. [Default: false]\nThis increases the maximum number of packets a Wireguard interface can process.\nConsider threaded NAPI only if you have high packets per second workloads that are causing dropping packets due to a saturated `softirq` CPU core.\nThere is a [known issue](https://lore.kernel.org/netdev/CALrw=nEoT2emQ0OAYCjM1d_6Xe_kNLSZ6dhjb5FxrLFYh4kozA@mail.gmail.com/T/) with this setting\nthat may cause NAPI to get stuck holding the global `rtnl_mutex` when a peer is removed.\nWorkaround: Make sure your Linux kernel [includes this patch](https://github.com/torvalds/linux/commit/56364c910691f6d10ba88c964c9041b9ab777bd6) to unwedge NAPI." type: "boolean" workloadSourceSpoofing: - description: "WorkloadSourceSpoofing controls whether pods can use the allowedSourcePrefixes annotation to send traffic with a source IP address that is not theirs. This is disabled by default. When set to \"Any\", pods can request any prefix." + description: "WorkloadSourceSpoofing controls whether pods can use the allowedSourcePrefixes annotation to send traffic with a source IP\naddress that is not theirs. This is disabled by default. When set to \"Any\", pods can request any prefix." pattern: "^(?i)(Disabled|Any)?$" type: "string" xdpEnabled: description: "XDPEnabled enables XDP acceleration for suitable untracked incoming deny rules. [Default: true]" type: "boolean" xdpRefreshInterval: - description: "XDPRefreshInterval is the period at which Felix re-checks all XDP state to ensure that no other process has accidentally broken Calico's BPF maps or attached programs. Set to 0 to disable XDP refresh. [Default: 90s]" + description: "XDPRefreshInterval is the period at which Felix re-checks all XDP state to ensure that no\nother process has accidentally broken Calico's BPF maps or attached programs. Set to 0 to\ndisable XDP refresh. [Default: 90s]" pattern: "^([0-9]+(\\\\.[0-9]+)?(ms|s|m|h))*$" type: "string" type: "object" type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworkpolicies.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworkpolicies.yaml index 94df5ad53..7f561f99a 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworkpolicies.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworkpolicies.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "globalnetworkpolicies.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,12 +32,12 @@ spec: description: "ApplyOnForward indicates to apply the rules in this policy on forward traffic." type: "boolean" doNotTrack: - description: "DoNotTrack indicates whether packets matched by the rules in this policy should go through the data plane's connection tracking, such as Linux conntrack. If True, the rules in this policy are applied before any data plane connection tracking, and packets allowed by this policy are marked as not to be tracked." + description: "DoNotTrack indicates whether packets matched by the rules in this policy should go through\nthe data plane's connection tracking, such as Linux conntrack. If True, the rules in\nthis policy are applied before any data plane connection tracking, and packets allowed by\nthis policy are marked as not to be tracked." type: "boolean" egress: - description: "The ordered set of egress rules. Each rule contains a set of packet match criteria and a corresponding action to apply." + description: "The ordered set of egress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." items: - description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy and security Profiles reference rules - separated out as a list of rules for both ingress and egress packet matching. \n Each positive match criteria has a negated version, prefixed with \"Not\". All the match criteria within a rule must be satisfied for a packet to match. A single rule can contain the positive and negative version of a match and both must be satisfied for the rule to match." + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." properties: action: type: "string" @@ -43,10 +45,10 @@ spec: description: "Destination contains the match criteria that apply to destination entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -56,7 +58,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -65,10 +67,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -77,28 +79,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -106,14 +108,14 @@ spec: description: "HTTP contains match criteria that apply to HTTP requests." properties: methods: - description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed HTTP Methods (e.g. GET, PUT, etc.) Multiple methods are OR'd together." + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." items: type: "string" type: "array" paths: - description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed HTTP Paths. Multiple paths are OR'd together. e.g: - exact: /foo - prefix: /bar NOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." items: - description: "HTTPPath specifies an HTTP path to match. It may be either of the form: exact: : which matches the path exactly or prefix: : which matches the path prefix" + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" properties: exact: type: "string" @@ -123,17 +125,17 @@ spec: type: "array" type: "object" icmp: - description: "ICMP is an optional field that restricts the rule to apply to a specific type and code of ICMP traffic. This should only be specified if the Protocol field is set to \"ICMP\" or \"ICMPv6\"." + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" ipVersion: - description: "IPVersion is an optional field that restricts the rule to only match a specific IP version." + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." type: "integer" metadata: description: "Metadata contains additional information for this rule" @@ -148,10 +150,10 @@ spec: description: "NotICMP is the negated version of the ICMP field." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" notProtocol: @@ -165,17 +167,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Protocol is an optional field that restricts the rule to only apply to traffic of a specific IP protocol. Required if any of the EntityRules contain Ports (because ports only apply to certain protocols). \n Must be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\" or an integer in the range 1-255." + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." pattern: "^.*" x-kubernetes-int-or-string: true source: description: "Source contains the match criteria that apply to source entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -185,7 +187,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -194,10 +196,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -206,28 +208,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -236,9 +238,9 @@ spec: type: "object" type: "array" ingress: - description: "The ordered set of ingress rules. Each rule contains a set of packet match criteria and a corresponding action to apply." + description: "The ordered set of ingress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." items: - description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy and security Profiles reference rules - separated out as a list of rules for both ingress and egress packet matching. \n Each positive match criteria has a negated version, prefixed with \"Not\". All the match criteria within a rule must be satisfied for a packet to match. A single rule can contain the positive and negative version of a match and both must be satisfied for the rule to match." + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." properties: action: type: "string" @@ -246,10 +248,10 @@ spec: description: "Destination contains the match criteria that apply to destination entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -259,7 +261,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -268,10 +270,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -280,28 +282,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -309,14 +311,14 @@ spec: description: "HTTP contains match criteria that apply to HTTP requests." properties: methods: - description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed HTTP Methods (e.g. GET, PUT, etc.) Multiple methods are OR'd together." + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." items: type: "string" type: "array" paths: - description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed HTTP Paths. Multiple paths are OR'd together. e.g: - exact: /foo - prefix: /bar NOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." items: - description: "HTTPPath specifies an HTTP path to match. It may be either of the form: exact: : which matches the path exactly or prefix: : which matches the path prefix" + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" properties: exact: type: "string" @@ -326,17 +328,17 @@ spec: type: "array" type: "object" icmp: - description: "ICMP is an optional field that restricts the rule to apply to a specific type and code of ICMP traffic. This should only be specified if the Protocol field is set to \"ICMP\" or \"ICMPv6\"." + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" ipVersion: - description: "IPVersion is an optional field that restricts the rule to only match a specific IP version." + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." type: "integer" metadata: description: "Metadata contains additional information for this rule" @@ -351,10 +353,10 @@ spec: description: "NotICMP is the negated version of the ICMP field." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" notProtocol: @@ -368,17 +370,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Protocol is an optional field that restricts the rule to only apply to traffic of a specific IP protocol. Required if any of the EntityRules contain Ports (because ports only apply to certain protocols). \n Must be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\" or an integer in the range 1-255." + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." pattern: "^.*" x-kubernetes-int-or-string: true source: description: "Source contains the match criteria that apply to source entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -388,7 +390,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -397,10 +399,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -409,28 +411,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -442,10 +444,10 @@ spec: description: "NamespaceSelector is an optional field for an expression used to select a pod based on namespaces." type: "string" order: - description: "Order is an optional field that specifies the order in which the policy is applied. Policies with higher \"order\" are applied after those with lower order within the same tier. If the order is omitted, it may be considered to be \"infinite\" - i.e. the policy will be applied last. Policies with identical order will be applied in alphanumerical order based on the Policy \"Name\" within the tier." + description: "Order is an optional field that specifies the order in which the policy is applied.\nPolicies with higher \"order\" are applied after those with lower\norder within the same tier. If the order is omitted, it may be considered to be \"infinite\" - i.e. the\npolicy will be applied last. Policies with identical order will be applied in\nalphanumerical order based on the Policy \"Name\" within the tier." type: "number" performanceHints: - description: "PerformanceHints contains a list of hints to Calico's policy engine to help process the policy more efficiently. Hints never change the enforcement behaviour of the policy. \n Currently, the only available hint is \"AssumeNeededOnEveryNode\". When that hint is set on a policy, Felix will act as if the policy matches a local endpoint even if it does not. This is useful for \"preloading\" any large static policies that are known to be used on every node. If the policy is _not_ used on a particular node then the work done to preload the policy (and to maintain it) is wasted." + description: "PerformanceHints contains a list of hints to Calico's policy engine to\nhelp process the policy more efficiently. Hints never change the\nenforcement behaviour of the policy.\n\nCurrently, the only available hint is \"AssumeNeededOnEveryNode\". When\nthat hint is set on a policy, Felix will act as if the policy matches\na local endpoint even if it does not. This is useful for \"preloading\"\nany large static policies that are known to be used on every node.\nIf the policy is _not_ used on a particular node then the work\ndone to preload the policy (and to maintain it) is wasted." items: type: "string" type: "array" @@ -453,16 +455,16 @@ spec: description: "PreDNAT indicates to apply the rules in this policy before any DNAT." type: "boolean" selector: - description: "The selector is an expression used to pick out the endpoints that the policy should be applied to. \n Selector expressions follow this syntax: \n \tlabel == \"string_literal\" -> comparison, e.g. my_label == \"foo bar\" \tlabel != \"string_literal\" -> not equal; also matches if label is not present \tlabel in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is one of \"a\", \"b\", \"c\" \tlabel not in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is not one of \"a\", \"b\", \"c\" \thas(label_name) -> True if that label is present \t! expr -> negation of expr \texpr && expr -> Short-circuit and \texpr || expr -> Short-circuit or \t( expr ) -> parens for grouping \tall() or the empty selector -> matches all endpoints. \n Label names are allowed to contain alphanumerics, -, _ and /. String literals are more permissive but they do not support escape characters. \n Examples (with made-up labels): \n \ttype == \"webserver\" && deployment == \"prod\" \ttype in {\"frontend\", \"backend\"} \tdeployment != \"dev\" \t! has(label_name)" + description: "The selector is an expression used to pick out the endpoints that the policy should\nbe applied to.\n\nSelector expressions follow this syntax:\n\n\tlabel == \"string_literal\" -> comparison, e.g. my_label == \"foo bar\"\n\tlabel != \"string_literal\" -> not equal; also matches if label is not present\n\tlabel in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is one of \"a\", \"b\", \"c\"\n\tlabel not in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is not one of \"a\", \"b\", \"c\"\n\thas(label_name) -> True if that label is present\n\t! expr -> negation of expr\n\texpr && expr -> Short-circuit and\n\texpr || expr -> Short-circuit or\n\t( expr ) -> parens for grouping\n\tall() or the empty selector -> matches all endpoints.\n\nLabel names are allowed to contain alphanumerics, -, _ and /. String literals are more permissive\nbut they do not support escape characters.\n\nExamples (with made-up labels):\n\n\ttype == \"webserver\" && deployment == \"prod\"\n\ttype in {\"frontend\", \"backend\"}\n\tdeployment != \"dev\"\n\t! has(label_name)" type: "string" serviceAccountSelector: description: "ServiceAccountSelector is an optional field for an expression used to select a pod based on service accounts." type: "string" tier: - description: "The name of the tier that this policy belongs to. If this is omitted, the default tier (name is \"default\") is assumed. The specified tier must exist in order to create security policies within the tier, the \"default\" tier is created automatically if it does not exist, this means for deployments requiring only a single Tier, the tier name may be omitted on all policy management requests." + description: "The name of the tier that this policy belongs to. If this is omitted, the default\ntier (name is \"default\") is assumed. The specified tier must exist in order to create\nsecurity policies within the tier, the \"default\" tier is created automatically if it\ndoes not exist, this means for deployments requiring only a single Tier, the tier name\nmay be omitted on all policy management requests." type: "string" types: - description: "Types indicates whether this policy applies to ingress, or to egress, or to both. When not explicitly specified (and so the value on creation is empty or nil), Calico defaults Types according to what Ingress and Egress rules are present in the policy. The default is: \n - [ PolicyTypeIngress ], if there are no Egress rules (including the case where there are also no Ingress rules) \n - [ PolicyTypeEgress ], if there are Egress rules but no Ingress rules \n - [ PolicyTypeIngress, PolicyTypeEgress ], if there are both Ingress and Egress rules. \n When the policy is read back again, Types will always be one of these values, never empty or nil." + description: "Types indicates whether this policy applies to ingress, or to egress, or to both. When\nnot explicitly specified (and so the value on creation is empty or nil), Calico defaults\nTypes according to what Ingress and Egress rules are present in the policy. The\ndefault is:\n\n- [ PolicyTypeIngress ], if there are no Egress rules (including the case where there are\n also no Ingress rules)\n\n- [ PolicyTypeEgress ], if there are Egress rules but no Ingress rules\n\n- [ PolicyTypeIngress, PolicyTypeEgress ], if there are both Ingress and Egress rules.\n\nWhen the policy is read back again, Types will always be one of these values, never empty\nor nil." items: description: "PolicyType enumerates the possible values of the PolicySpec Types field." type: "string" @@ -471,9 +473,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworksets.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworksets.yaml index f6cbd3ead..7dd0da7e1 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworksets.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/globalnetworksets.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "globalnetworksets.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -15,13 +17,13 @@ spec: - name: "v1" schema: openAPIV3Schema: - description: "GlobalNetworkSet contains a set of arbitrary IP sub-networks/CIDRs that share labels to allow rules to refer to them via selectors. The labels of GlobalNetworkSet are not namespaced." + description: "GlobalNetworkSet contains a set of arbitrary IP sub-networks/CIDRs that share labels to\nallow rules to refer to them via selectors. The labels of GlobalNetworkSet are not namespaced." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,9 +39,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/hostendpoints.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/hostendpoints.yaml index 0889f8218..dcc257c52 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/hostendpoints.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/hostendpoints.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "hostendpoints.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -28,12 +30,12 @@ spec: description: "HostEndpointSpec contains the specification for a HostEndpoint resource." properties: expectedIPs: - description: "The expected IP addresses (IPv4 and IPv6) of the endpoint. If \"InterfaceName\" is not present, Calico will look for an interface matching any of the IPs in the list and apply policy to that. Note: \tWhen using the selector match criteria in an ingress or egress security Policy \tor Profile, Calico converts the selector into a set of IP addresses. For host \tendpoints, the ExpectedIPs field is used for that purpose. (If only the interface \tname is specified, Calico does not learn the IPs of the interface for use in match \tcriteria.)" + description: "The expected IP addresses (IPv4 and IPv6) of the endpoint.\nIf \"InterfaceName\" is not present, Calico will look for an interface matching any\nof the IPs in the list and apply policy to that.\nNote:\n\tWhen using the selector match criteria in an ingress or egress security Policy\n\tor Profile, Calico converts the selector into a set of IP addresses. For host\n\tendpoints, the ExpectedIPs field is used for that purpose. (If only the interface\n\tname is specified, Calico does not learn the IPs of the interface for use in match\n\tcriteria.)" items: type: "string" type: "array" interfaceName: - description: "Either \"*\", or the name of a specific Linux interface to apply policy to; or empty. \"*\" indicates that this HostEndpoint governs all traffic to, from or through the default network namespace of the host named by the \"Node\" field; entering and leaving that namespace via any interface, including those from/to non-host-networked local workloads. \n If InterfaceName is not \"*\", this HostEndpoint only governs traffic that enters or leaves the host through the specific interface named by InterfaceName, or - when InterfaceName is empty - through the specific interface that has one of the IPs in ExpectedIPs. Therefore, when InterfaceName is empty, at least one expected IP must be specified. Only external interfaces (such as \"eth0\") are supported here; it isn't possible for a HostEndpoint to protect traffic through a specific local workload interface. \n Note: Only some kinds of policy are implemented for \"*\" HostEndpoints; initially just pre-DNAT policy. Please check Calico documentation for the latest position." + description: "Either \"*\", or the name of a specific Linux interface to apply policy to; or empty. \"*\"\nindicates that this HostEndpoint governs all traffic to, from or through the default\nnetwork namespace of the host named by the \"Node\" field; entering and leaving that\nnamespace via any interface, including those from/to non-host-networked local workloads.\n\nIf InterfaceName is not \"*\", this HostEndpoint only governs traffic that enters or leaves\nthe host through the specific interface named by InterfaceName, or - when InterfaceName\nis empty - through the specific interface that has one of the IPs in ExpectedIPs.\nTherefore, when InterfaceName is empty, at least one expected IP must be specified. Only\nexternal interfaces (such as \"eth0\") are supported here; it isn't possible for a\nHostEndpoint to protect traffic through a specific local workload interface.\n\nNote: Only some kinds of policy are implemented for \"*\" HostEndpoints; initially just\npre-DNAT policy. Please check Calico documentation for the latest position." type: "string" node: description: "The node name identifying the Calico node instance." @@ -59,7 +61,7 @@ spec: type: "object" type: "array" profiles: - description: "A list of identifiers of security Profile objects that apply to this endpoint. Each profile is applied in the order that they appear in this list. Profile rules are applied after the selector-based security policy." + description: "A list of identifiers of security Profile objects that apply to this endpoint. Each\nprofile is applied in the order that they appear in this list. Profile rules are applied\nafter the selector-based security policy." items: type: "string" type: "array" @@ -67,9 +69,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamblocks.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamblocks.yaml index 341e7bf15..914266b16 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamblocks.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamblocks.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ipamblocks.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -28,16 +30,16 @@ spec: description: "IPAMBlockSpec contains the specification for an IPAMBlock resource." properties: affinity: - description: "Affinity of the block, if this block has one. If set, it will be of the form \"host:\". If not set, this block is not affine to a host." + description: "Affinity of the block, if this block has one. If set, it will be of the form\n\"host:\". If not set, this block is not affine to a host." type: "string" allocations: - description: "Array of allocations in-use within this block. nil entries mean the allocation is free. For non-nil entries at index i, the index is the ordinal of the allocation within this block and the value is the index of the associated attributes in the Attributes array." + description: "Array of allocations in-use within this block. nil entries mean the allocation is free.\nFor non-nil entries at index i, the index is the ordinal of the allocation within this block\nand the value is the index of the associated attributes in the Attributes array." items: nullable: true type: "integer" type: "array" attributes: - description: "Attributes is an array of arbitrary metadata associated with allocations in the block. To find attributes for a given allocation, use the value of the allocation's entry in the Allocations array as the index of the element in this array." + description: "Attributes is an array of arbitrary metadata associated with allocations in the block. To find\nattributes for a given allocation, use the value of the allocation's entry in the Allocations array\nas the index of the element in this array." items: properties: handle_id: @@ -52,18 +54,18 @@ spec: description: "The block's CIDR." type: "string" deleted: - description: "Deleted is an internal boolean used to workaround a limitation in the Kubernetes API whereby deletion will not return a conflict error if the block has been updated. It should not be set manually." + description: "Deleted is an internal boolean used to workaround a limitation in the Kubernetes API whereby\ndeletion will not return a conflict error if the block has been updated. It should not be set manually." type: "boolean" sequenceNumber: default: 0 - description: "We store a sequence number that is updated each time the block is written. Each allocation will also store the sequence number of the block at the time of its creation. When releasing an IP, passing the sequence number associated with the allocation allows us to protect against a race condition and ensure the IP hasn't been released and re-allocated since the release request." + description: "We store a sequence number that is updated each time the block is written.\nEach allocation will also store the sequence number of the block at the time of its creation.\nWhen releasing an IP, passing the sequence number associated with the allocation allows us\nto protect against a race condition and ensure the IP hasn't been released and re-allocated\nsince the release request." format: "int64" type: "integer" sequenceNumberForAllocation: additionalProperties: format: "int64" type: "integer" - description: "Map of allocated ordinal within the block to sequence number of the block at the time of allocation. Kubernetes does not allow numerical keys for maps, so the key is cast to a string." + description: "Map of allocated ordinal within the block to sequence number of the block at\nthe time of allocation. Kubernetes does not allow numerical keys for maps, so\nthe key is cast to a string." type: "object" strictAffinity: description: "StrictAffinity on the IPAMBlock is deprecated and no longer used by the code. Use IPAMConfig StrictAffinity instead." @@ -83,9 +85,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamconfigs.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamconfigs.yaml index 51c7c80f8..f31474955 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamconfigs.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamconfigs.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ipamconfigs.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,7 +32,7 @@ spec: autoAllocateBlocks: type: "boolean" maxBlocksPerHost: - description: "MaxBlocksPerHost, if non-zero, is the max number of blocks that can be affine to each host." + description: "MaxBlocksPerHost, if non-zero, is the max number of blocks that can be\naffine to each host." maximum: 2147483647.0 minimum: 0.0 type: "integer" @@ -43,9 +45,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamhandles.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamhandles.yaml index e111c93ee..cbe4ae5f3 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamhandles.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipamhandles.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ipamhandles.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -42,9 +44,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ippools.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ippools.yaml index 57c37ad30..93c7e2528 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ippools.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ippools.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ippools.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -28,10 +30,16 @@ spec: description: "IPPoolSpec contains the specification for an IPPool resource." properties: allowedUses: - description: "AllowedUse controls what the IP pool will be used for. If not specified or empty, defaults to [\"Tunnel\", \"Workload\"] for back-compatibility" + description: "AllowedUse controls what the IP pool will be used for. If not specified or empty, defaults to\n[\"Tunnel\", \"Workload\"] for back-compatibility" items: type: "string" type: "array" + assignmentMode: + description: "Determines the mode how IP addresses should be assigned from this pool" + enum: + - "Automatic" + - "Manual" + type: "string" blockSize: description: "The block size to use for IP address assignments from this pool. Defaults to 26 for IPv4 and 122 for IPv6." type: "integer" @@ -45,29 +53,29 @@ spec: description: "When disabled is true, Calico IPAM will not assign addresses from this pool." type: "boolean" ipip: - description: "Deprecated: this field is only used for APIv1 backwards compatibility. Setting this field is not allowed, this field is for internal use only." + description: "Deprecated: this field is only used for APIv1 backwards compatibility.\nSetting this field is not allowed, this field is for internal use only." properties: enabled: - description: "When enabled is true, ipip tunneling will be used to deliver packets to destinations within this pool." + description: "When enabled is true, ipip tunneling will be used to deliver packets to\ndestinations within this pool." type: "boolean" mode: - description: "The IPIP mode. This can be one of \"always\" or \"cross-subnet\". A mode of \"always\" will also use IPIP tunneling for routing to destination IP addresses within this pool. A mode of \"cross-subnet\" will only use IPIP tunneling when the destination node is on a different subnet to the originating node. The default value (if not specified) is \"always\"." + description: "The IPIP mode. This can be one of \"always\" or \"cross-subnet\". A mode\nof \"always\" will also use IPIP tunneling for routing to destination IP\naddresses within this pool. A mode of \"cross-subnet\" will only use IPIP\ntunneling when the destination node is on a different subnet to the\noriginating node. The default value (if not specified) is \"always\"." type: "string" type: "object" ipipMode: - description: "Contains configuration for IPIP tunneling for this pool. If not specified, then this is defaulted to \"Never\" (i.e. IPIP tunneling is disabled)." + description: "Contains configuration for IPIP tunneling for this pool. If not specified,\nthen this is defaulted to \"Never\" (i.e. IPIP tunneling is disabled)." type: "string" nat-outgoing: - description: "Deprecated: this field is only used for APIv1 backwards compatibility. Setting this field is not allowed, this field is for internal use only." + description: "Deprecated: this field is only used for APIv1 backwards compatibility.\nSetting this field is not allowed, this field is for internal use only." type: "boolean" natOutgoing: - description: "When natOutgoing is true, packets sent from Calico networked containers in this pool to destinations outside of this pool will be masqueraded." + description: "When natOutgoing is true, packets sent from Calico networked containers in\nthis pool to destinations outside of this pool will be masqueraded." type: "boolean" nodeSelector: description: "Allows IPPool to allocate for a specific node by label selector." type: "string" vxlanMode: - description: "Contains configuration for VXLAN tunneling for this pool. If not specified, then this is defaulted to \"Never\" (i.e. VXLAN tunneling is disabled)." + description: "Contains configuration for VXLAN tunneling for this pool. If not specified,\nthen this is defaulted to \"Never\" (i.e. VXLAN tunneling is disabled)." type: "string" required: - "cidr" @@ -75,9 +83,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipreservations.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipreservations.yaml index 78fda4217..06127a02a 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipreservations.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/ipreservations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "(devel)" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "ipreservations.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -19,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -38,9 +38,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/kubecontrollersconfigurations.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/kubecontrollersconfigurations.yaml index 42a8b2c55..f4ad052b4 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/kubecontrollersconfigurations.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/kubecontrollersconfigurations.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "kubecontrollersconfigurations.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -30,6 +32,12 @@ spec: controllers: description: "Controllers enables and configures individual Kubernetes controllers" properties: + loadBalancer: + description: "LoadBalancer enables and configures the LoadBalancer controller. Enabled by default, set to nil to disable." + properties: + assignIPs: + type: "string" + type: "object" namespace: description: "Namespace enables and configures the namespace controller. Enabled by default, set to nil to disable." properties: @@ -48,7 +56,7 @@ spec: type: "string" type: "object" leakGracePeriod: - description: "LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked. Set to 0 to disable IP garbage collection. [Default: 15m]" + description: "LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked.\nSet to 0 to disable IP garbage collection. [Default: 15m]" type: "string" reconcilerPeriod: description: "ReconcilerPeriod is the period to perform reconciliation with the Calico datastore. [Default: 5m]" @@ -80,7 +88,7 @@ spec: type: "object" type: "object" debugProfilePort: - description: "DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling is disabled." + description: "DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling\nis disabled." format: "int32" type: "integer" etcdV3CompactionPeriod: @@ -99,19 +107,25 @@ spec: - "controllers" type: "object" status: - description: "KubeControllersConfigurationStatus represents the status of the configuration. It's useful for admins to be able to see the actual config that was applied, which can be modified by environment variables on the kube-controllers process." + description: "KubeControllersConfigurationStatus represents the status of the configuration. It's useful for admins to\nbe able to see the actual config that was applied, which can be modified by environment variables on the\nkube-controllers process." properties: environmentVars: additionalProperties: type: "string" - description: "EnvironmentVars contains the environment variables on the kube-controllers that influenced the RunningConfig." + description: "EnvironmentVars contains the environment variables on the kube-controllers that influenced\nthe RunningConfig." type: "object" runningConfig: - description: "RunningConfig contains the effective config that is running in the kube-controllers pod, after merging the API resource with any environment variables." + description: "RunningConfig contains the effective config that is running in the kube-controllers pod, after\nmerging the API resource with any environment variables." properties: controllers: description: "Controllers enables and configures individual Kubernetes controllers" properties: + loadBalancer: + description: "LoadBalancer enables and configures the LoadBalancer controller. Enabled by default, set to nil to disable." + properties: + assignIPs: + type: "string" + type: "object" namespace: description: "Namespace enables and configures the namespace controller. Enabled by default, set to nil to disable." properties: @@ -130,7 +144,7 @@ spec: type: "string" type: "object" leakGracePeriod: - description: "LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked. Set to 0 to disable IP garbage collection. [Default: 15m]" + description: "LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked.\nSet to 0 to disable IP garbage collection. [Default: 15m]" type: "string" reconcilerPeriod: description: "ReconcilerPeriod is the period to perform reconciliation with the Calico datastore. [Default: 5m]" @@ -162,7 +176,7 @@ spec: type: "object" type: "object" debugProfilePort: - description: "DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling is disabled." + description: "DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling\nis disabled." format: "int32" type: "integer" etcdV3CompactionPeriod: @@ -184,9 +198,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networkpolicies.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networkpolicies.yaml index f2a3ef177..1b0cb4724 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networkpolicies.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networkpolicies.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "networkpolicies.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -17,19 +19,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: properties: egress: - description: "The ordered set of egress rules. Each rule contains a set of packet match criteria and a corresponding action to apply." + description: "The ordered set of egress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." items: - description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy and security Profiles reference rules - separated out as a list of rules for both ingress and egress packet matching. \n Each positive match criteria has a negated version, prefixed with \"Not\". All the match criteria within a rule must be satisfied for a packet to match. A single rule can contain the positive and negative version of a match and both must be satisfied for the rule to match." + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." properties: action: type: "string" @@ -37,10 +39,10 @@ spec: description: "Destination contains the match criteria that apply to destination entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -50,7 +52,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -59,10 +61,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -71,28 +73,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -100,14 +102,14 @@ spec: description: "HTTP contains match criteria that apply to HTTP requests." properties: methods: - description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed HTTP Methods (e.g. GET, PUT, etc.) Multiple methods are OR'd together." + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." items: type: "string" type: "array" paths: - description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed HTTP Paths. Multiple paths are OR'd together. e.g: - exact: /foo - prefix: /bar NOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." items: - description: "HTTPPath specifies an HTTP path to match. It may be either of the form: exact: : which matches the path exactly or prefix: : which matches the path prefix" + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" properties: exact: type: "string" @@ -117,17 +119,17 @@ spec: type: "array" type: "object" icmp: - description: "ICMP is an optional field that restricts the rule to apply to a specific type and code of ICMP traffic. This should only be specified if the Protocol field is set to \"ICMP\" or \"ICMPv6\"." + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" ipVersion: - description: "IPVersion is an optional field that restricts the rule to only match a specific IP version." + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." type: "integer" metadata: description: "Metadata contains additional information for this rule" @@ -142,10 +144,10 @@ spec: description: "NotICMP is the negated version of the ICMP field." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" notProtocol: @@ -159,17 +161,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Protocol is an optional field that restricts the rule to only apply to traffic of a specific IP protocol. Required if any of the EntityRules contain Ports (because ports only apply to certain protocols). \n Must be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\" or an integer in the range 1-255." + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." pattern: "^.*" x-kubernetes-int-or-string: true source: description: "Source contains the match criteria that apply to source entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -179,7 +181,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -188,10 +190,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -200,28 +202,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -230,9 +232,9 @@ spec: type: "object" type: "array" ingress: - description: "The ordered set of ingress rules. Each rule contains a set of packet match criteria and a corresponding action to apply." + description: "The ordered set of ingress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." items: - description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy and security Profiles reference rules - separated out as a list of rules for both ingress and egress packet matching. \n Each positive match criteria has a negated version, prefixed with \"Not\". All the match criteria within a rule must be satisfied for a packet to match. A single rule can contain the positive and negative version of a match and both must be satisfied for the rule to match." + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." properties: action: type: "string" @@ -240,10 +242,10 @@ spec: description: "Destination contains the match criteria that apply to destination entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -253,7 +255,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -262,10 +264,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -274,28 +276,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -303,14 +305,14 @@ spec: description: "HTTP contains match criteria that apply to HTTP requests." properties: methods: - description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed HTTP Methods (e.g. GET, PUT, etc.) Multiple methods are OR'd together." + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." items: type: "string" type: "array" paths: - description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed HTTP Paths. Multiple paths are OR'd together. e.g: - exact: /foo - prefix: /bar NOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." items: - description: "HTTPPath specifies an HTTP path to match. It may be either of the form: exact: : which matches the path exactly or prefix: : which matches the path prefix" + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" properties: exact: type: "string" @@ -320,17 +322,17 @@ spec: type: "array" type: "object" icmp: - description: "ICMP is an optional field that restricts the rule to apply to a specific type and code of ICMP traffic. This should only be specified if the Protocol field is set to \"ICMP\" or \"ICMPv6\"." + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" ipVersion: - description: "IPVersion is an optional field that restricts the rule to only match a specific IP version." + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." type: "integer" metadata: description: "Metadata contains additional information for this rule" @@ -345,10 +347,10 @@ spec: description: "NotICMP is the negated version of the ICMP field." properties: code: - description: "Match on a specific ICMP code. If specified, the Type value must also be specified. This is a technical limitation imposed by the kernel's iptables firewall, which Calico uses to enforce the rule." + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." type: "integer" type: - description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request (i.e. pings)." + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." type: "integer" type: "object" notProtocol: @@ -362,17 +364,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Protocol is an optional field that restricts the rule to only apply to traffic of a specific IP protocol. Required if any of the EntityRules contain Ports (because ports only apply to certain protocols). \n Must be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\" or an integer in the range 1-255." + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." pattern: "^.*" x-kubernetes-int-or-string: true source: description: "Source contains the match criteria that apply to source entity." properties: namespaceSelector: - description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic that originates from (or terminates at) endpoints within the selected namespaces will be matched. When both NamespaceSelector and another selector are defined on the same rule, then only workload endpoints that are matched by both selectors will be selected by the rule. \n For NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting only workload endpoints in the same namespace as the NetworkPolicy. \n For NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting only GlobalNetworkSet or HostEndpoint. \n For GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload endpoints across all namespaces." + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." type: "string" nets: - description: "Nets is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) IP addresses in any of the given subnets." + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." items: type: "string" type: "array" @@ -382,7 +384,7 @@ spec: type: "string" type: "array" notPorts: - description: "NotPorts is the negated version of the Ports field. Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -391,10 +393,10 @@ spec: x-kubernetes-int-or-string: true type: "array" notSelector: - description: "NotSelector is the negated version of the Selector field. See Selector field for subtleties with negated selectors." + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." type: "string" ports: - description: "Ports is an optional field that restricts the rule to only apply to traffic that has a source (destination) port that matches one of these ranges/values. This value is a list of integers or strings that represent ranges of ports. \n Since only some protocols have ports, if any ports are specified it requires the Protocol match in the Rule to be set to \"TCP\" or \"UDP\"." + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." items: anyOf: - type: "integer" @@ -403,28 +405,28 @@ spec: x-kubernetes-int-or-string: true type: "array" selector: - description: "Selector is an optional field that contains a selector expression (see Policy for sample syntax). Only traffic that originates from (terminates at) endpoints matching the selector will be matched. \n Note that: in addition to the negated version of the Selector (see NotSelector below), the selector expression syntax itself supports negation. The two types of negation are subtly different. One negates the set of matched endpoints, the other negates the whole match: \n \tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled \tendpoints that do not have the label \"my_label\". \n \tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled \tendpoints that do have the label \"my_label\". \n The effect is that the latter will accept packets from non-Calico sources whereas the former is limited to packets from Calico-controlled endpoints." + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." type: "string" serviceAccounts: - description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a matching service account." + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." properties: names: - description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account whose name is in the list." + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." items: type: "string" type: "array" selector: - description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from (or terminates at) a pod running as a service account that matches the given label selector. If both Names and Selector are specified then they are AND'ed." + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." type: "string" type: "object" services: - description: "Services is an optional field that contains options for matching Kubernetes Services. If specified, only traffic that originates from or terminates at endpoints within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets, NotNets or ServiceAccounts. \n Ports and NotPorts can only be specified with Services on ingress rules." + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." properties: name: description: "Name specifies the name of a Kubernetes Service to match." type: "string" namespace: - description: "Namespace specifies the namespace of the given Service. If left empty, the rule will match within this policy's namespace." + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." type: "string" type: "object" type: "object" @@ -433,24 +435,24 @@ spec: type: "object" type: "array" order: - description: "Order is an optional field that specifies the order in which the policy is applied. Policies with higher \"order\" are applied after those with lower order within the same tier. If the order is omitted, it may be considered to be \"infinite\" - i.e. the policy will be applied last. Policies with identical order will be applied in alphanumerical order based on the Policy \"Name\" within the tier." + description: "Order is an optional field that specifies the order in which the policy is applied.\nPolicies with higher \"order\" are applied after those with lower\norder within the same tier. If the order is omitted, it may be considered to be \"infinite\" - i.e. the\npolicy will be applied last. Policies with identical order will be applied in\nalphanumerical order based on the Policy \"Name\" within the tier." type: "number" performanceHints: - description: "PerformanceHints contains a list of hints to Calico's policy engine to help process the policy more efficiently. Hints never change the enforcement behaviour of the policy. \n Currently, the only available hint is \"AssumeNeededOnEveryNode\". When that hint is set on a policy, Felix will act as if the policy matches a local endpoint even if it does not. This is useful for \"preloading\" any large static policies that are known to be used on every node. If the policy is _not_ used on a particular node then the work done to preload the policy (and to maintain it) is wasted." + description: "PerformanceHints contains a list of hints to Calico's policy engine to\nhelp process the policy more efficiently. Hints never change the\nenforcement behaviour of the policy.\n\nCurrently, the only available hint is \"AssumeNeededOnEveryNode\". When\nthat hint is set on a policy, Felix will act as if the policy matches\na local endpoint even if it does not. This is useful for \"preloading\"\nany large static policies that are known to be used on every node.\nIf the policy is _not_ used on a particular node then the work\ndone to preload the policy (and to maintain it) is wasted." items: type: "string" type: "array" selector: - description: "The selector is an expression used to pick out the endpoints that the policy should be applied to. \n Selector expressions follow this syntax: \n \tlabel == \"string_literal\" -> comparison, e.g. my_label == \"foo bar\" \tlabel != \"string_literal\" -> not equal; also matches if label is not present \tlabel in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is one of \"a\", \"b\", \"c\" \tlabel not in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is not one of \"a\", \"b\", \"c\" \thas(label_name) -> True if that label is present \t! expr -> negation of expr \texpr && expr -> Short-circuit and \texpr || expr -> Short-circuit or \t( expr ) -> parens for grouping \tall() or the empty selector -> matches all endpoints. \n Label names are allowed to contain alphanumerics, -, _ and /. String literals are more permissive but they do not support escape characters. \n Examples (with made-up labels): \n \ttype == \"webserver\" && deployment == \"prod\" \ttype in {\"frontend\", \"backend\"} \tdeployment != \"dev\" \t! has(label_name)" + description: "The selector is an expression used to pick out the endpoints that the policy should\nbe applied to.\n\nSelector expressions follow this syntax:\n\n\tlabel == \"string_literal\" -> comparison, e.g. my_label == \"foo bar\"\n\tlabel != \"string_literal\" -> not equal; also matches if label is not present\n\tlabel in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is one of \"a\", \"b\", \"c\"\n\tlabel not in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is not one of \"a\", \"b\", \"c\"\n\thas(label_name) -> True if that label is present\n\t! expr -> negation of expr\n\texpr && expr -> Short-circuit and\n\texpr || expr -> Short-circuit or\n\t( expr ) -> parens for grouping\n\tall() or the empty selector -> matches all endpoints.\n\nLabel names are allowed to contain alphanumerics, -, _ and /. String literals are more permissive\nbut they do not support escape characters.\n\nExamples (with made-up labels):\n\n\ttype == \"webserver\" && deployment == \"prod\"\n\ttype in {\"frontend\", \"backend\"}\n\tdeployment != \"dev\"\n\t! has(label_name)" type: "string" serviceAccountSelector: description: "ServiceAccountSelector is an optional field for an expression used to select a pod based on service accounts." type: "string" tier: - description: "The name of the tier that this policy belongs to. If this is omitted, the default tier (name is \"default\") is assumed. The specified tier must exist in order to create security policies within the tier, the \"default\" tier is created automatically if it does not exist, this means for deployments requiring only a single Tier, the tier name may be omitted on all policy management requests." + description: "The name of the tier that this policy belongs to. If this is omitted, the default\ntier (name is \"default\") is assumed. The specified tier must exist in order to create\nsecurity policies within the tier, the \"default\" tier is created automatically if it\ndoes not exist, this means for deployments requiring only a single Tier, the tier name\nmay be omitted on all policy management requests." type: "string" types: - description: "Types indicates whether this policy applies to ingress, or to egress, or to both. When not explicitly specified (and so the value on creation is empty or nil), Calico defaults Types according to what Ingress and Egress are present in the policy. The default is: \n - [ PolicyTypeIngress ], if there are no Egress rules (including the case where there are also no Ingress rules) \n - [ PolicyTypeEgress ], if there are Egress rules but no Ingress rules \n - [ PolicyTypeIngress, PolicyTypeEgress ], if there are both Ingress and Egress rules. \n When the policy is read back again, Types will always be one of these values, never empty or nil." + description: "Types indicates whether this policy applies to ingress, or to egress, or to both. When\nnot explicitly specified (and so the value on creation is empty or nil), Calico defaults\nTypes according to what Ingress and Egress are present in the policy. The\ndefault is:\n\n- [ PolicyTypeIngress ], if there are no Egress rules (including the case where there are\n also no Ingress rules)\n\n- [ PolicyTypeEgress ], if there are Egress rules but no Ingress rules\n\n- [ PolicyTypeIngress, PolicyTypeEgress ], if there are both Ingress and Egress rules.\n\nWhen the policy is read back again, Types will always be one of these values, never empty\nor nil." items: description: "PolicyType enumerates the possible values of the PolicySpec Types field." type: "string" @@ -459,9 +461,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networksets.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networksets.yaml index df297c453..28438d7fe 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networksets.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/networksets.yaml @@ -1,6 +1,8 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" name: "networksets.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -18,10 +20,10 @@ spec: description: "NetworkSet is the Namespaced-equivalent of the GlobalNetworkSet." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -37,9 +39,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedglobalnetworkpolicies.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedglobalnetworkpolicies.yaml new file mode 100644 index 000000000..b527976ce --- /dev/null +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedglobalnetworkpolicies.yaml @@ -0,0 +1,478 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" + name: "stagedglobalnetworkpolicies.crd.projectcalico.org" +spec: + group: "crd.projectcalico.org" + names: + kind: "StagedGlobalNetworkPolicy" + listKind: "StagedGlobalNetworkPolicyList" + plural: "stagedglobalnetworkpolicies" + singular: "stagedglobalnetworkpolicy" + preserveUnknownFields: false + scope: "Cluster" + versions: + - name: "v1" + schema: + openAPIV3Schema: + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + properties: + applyOnForward: + description: "ApplyOnForward indicates to apply the rules in this policy on forward traffic." + type: "boolean" + doNotTrack: + description: "DoNotTrack indicates whether packets matched by the rules in this policy should go through\nthe data plane's connection tracking, such as Linux conntrack. If True, the rules in\nthis policy are applied before any data plane connection tracking, and packets allowed by\nthis policy are marked as not to be tracked." + type: "boolean" + egress: + description: "The ordered set of egress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." + items: + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." + properties: + action: + type: "string" + destination: + description: "Destination contains the match criteria that apply to destination entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + http: + description: "HTTP contains match criteria that apply to HTTP requests." + properties: + methods: + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." + items: + type: "string" + type: "array" + paths: + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + items: + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" + properties: + exact: + type: "string" + prefix: + type: "string" + type: "object" + type: "array" + type: "object" + icmp: + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + ipVersion: + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." + type: "integer" + metadata: + description: "Metadata contains additional information for this rule" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is a set of key value pairs that give extra information about the rule" + type: "object" + type: "object" + notICMP: + description: "NotICMP is the negated version of the ICMP field." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + notProtocol: + anyOf: + - type: "integer" + - type: "string" + description: "NotProtocol is the negated version of the Protocol field." + pattern: "^.*" + x-kubernetes-int-or-string: true + protocol: + anyOf: + - type: "integer" + - type: "string" + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." + pattern: "^.*" + x-kubernetes-int-or-string: true + source: + description: "Source contains the match criteria that apply to source entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + required: + - "action" + type: "object" + type: "array" + ingress: + description: "The ordered set of ingress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." + items: + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." + properties: + action: + type: "string" + destination: + description: "Destination contains the match criteria that apply to destination entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + http: + description: "HTTP contains match criteria that apply to HTTP requests." + properties: + methods: + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." + items: + type: "string" + type: "array" + paths: + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + items: + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" + properties: + exact: + type: "string" + prefix: + type: "string" + type: "object" + type: "array" + type: "object" + icmp: + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + ipVersion: + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." + type: "integer" + metadata: + description: "Metadata contains additional information for this rule" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is a set of key value pairs that give extra information about the rule" + type: "object" + type: "object" + notICMP: + description: "NotICMP is the negated version of the ICMP field." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + notProtocol: + anyOf: + - type: "integer" + - type: "string" + description: "NotProtocol is the negated version of the Protocol field." + pattern: "^.*" + x-kubernetes-int-or-string: true + protocol: + anyOf: + - type: "integer" + - type: "string" + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." + pattern: "^.*" + x-kubernetes-int-or-string: true + source: + description: "Source contains the match criteria that apply to source entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + required: + - "action" + type: "object" + type: "array" + namespaceSelector: + description: "NamespaceSelector is an optional field for an expression used to select a pod based on namespaces." + type: "string" + order: + description: "Order is an optional field that specifies the order in which the policy is applied.\nPolicies with higher \"order\" are applied after those with lower\norder within the same tier. If the order is omitted, it may be considered to be \"infinite\" - i.e. the\npolicy will be applied last. Policies with identical order will be applied in\nalphanumerical order based on the Policy \"Name\" within the tier." + type: "number" + performanceHints: + description: "PerformanceHints contains a list of hints to Calico's policy engine to\nhelp process the policy more efficiently. Hints never change the\nenforcement behaviour of the policy.\n\nCurrently, the only available hint is \"AssumeNeededOnEveryNode\". When\nthat hint is set on a policy, Felix will act as if the policy matches\na local endpoint even if it does not. This is useful for \"preloading\"\nany large static policies that are known to be used on every node.\nIf the policy is _not_ used on a particular node then the work\ndone to preload the policy (and to maintain it) is wasted." + items: + type: "string" + type: "array" + preDNAT: + description: "PreDNAT indicates to apply the rules in this policy before any DNAT." + type: "boolean" + selector: + description: "The selector is an expression used to pick pick out the endpoints that the policy should\nbe applied to.\n\nSelector expressions follow this syntax:\n\n\tlabel == \"string_literal\" -> comparison, e.g. my_label == \"foo bar\"\n\tlabel != \"string_literal\" -> not equal; also matches if label is not present\n\tlabel in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is one of \"a\", \"b\", \"c\"\n\tlabel not in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is not one of \"a\", \"b\", \"c\"\n\thas(label_name) -> True if that label is present\n\t! expr -> negation of expr\n\texpr && expr -> Short-circuit and\n\texpr || expr -> Short-circuit or\n\t( expr ) -> parens for grouping\n\tall() or the empty selector -> matches all endpoints.\n\nLabel names are allowed to contain alphanumerics, -, _ and /. String literals are more permissive\nbut they do not support escape characters.\n\nExamples (with made-up labels):\n\n\ttype == \"webserver\" && deployment == \"prod\"\n\ttype in {\"frontend\", \"backend\"}\n\tdeployment != \"dev\"\n\t! has(label_name)" + type: "string" + serviceAccountSelector: + description: "ServiceAccountSelector is an optional field for an expression used to select a pod based on service accounts." + type: "string" + stagedAction: + description: "The staged action. If this is omitted, the default is Set." + type: "string" + tier: + description: "The name of the tier that this policy belongs to. If this is omitted, the default\ntier (name is \"default\") is assumed. The specified tier must exist in order to create\nsecurity policies within the tier, the \"default\" tier is created automatically if it\ndoes not exist, this means for deployments requiring only a single Tier, the tier name\nmay be omitted on all policy management requests." + type: "string" + types: + description: "Types indicates whether this policy applies to ingress, or to egress, or to both. When\nnot explicitly specified (and so the value on creation is empty or nil), Calico defaults\nTypes according to what Ingress and Egress rules are present in the policy. The\ndefault is:\n\n- [ PolicyTypeIngress ], if there are no Egress rules (including the case where there are\n also no Ingress rules)\n\n- [ PolicyTypeEgress ], if there are Egress rules but no Ingress rules\n\n- [ PolicyTypeIngress, PolicyTypeEgress ], if there are both Ingress and Egress rules.\n\nWhen the policy is read back again, Types will always be one of these values, never empty\nor nil." + items: + description: "PolicyType enumerates the possible values of the PolicySpec Types field." + type: "string" + type: "array" + type: "object" + type: "object" + served: true + storage: true diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedkubernetesnetworkpolicies.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedkubernetesnetworkpolicies.yaml new file mode 100644 index 000000000..37b2cc5b7 --- /dev/null +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedkubernetesnetworkpolicies.yaml @@ -0,0 +1,310 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" + name: "stagedkubernetesnetworkpolicies.crd.projectcalico.org" +spec: + group: "crd.projectcalico.org" + names: + kind: "StagedKubernetesNetworkPolicy" + listKind: "StagedKubernetesNetworkPolicyList" + plural: "stagedkubernetesnetworkpolicies" + singular: "stagedkubernetesnetworkpolicy" + preserveUnknownFields: false + scope: "Namespaced" + versions: + - name: "v1" + schema: + openAPIV3Schema: + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + properties: + egress: + description: "List of egress rules to be applied to the selected pods. Outgoing traffic is\nallowed if there are no NetworkPolicies selecting the pod (and cluster policy\notherwise allows the traffic), OR if the traffic matches at least one egress rule\nacross all of the NetworkPolicy objects whose podSelector matches the pod. If\nthis field is empty then this NetworkPolicy limits all outgoing traffic (and serves\nsolely to ensure that the pods it selects are isolated by default).\nThis field is beta-level in 1.8" + items: + description: "NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods\nmatched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to.\nThis type is beta-level in 1.8" + properties: + ports: + description: "ports is a list of destination ports for outgoing traffic.\nEach item in this list is combined using a logical OR. If this field is\nempty or missing, this rule matches all ports (traffic not restricted by port).\nIf this field is present and contains at least one item, then this rule allows\ntraffic only if the traffic matches at least one port in the list." + items: + description: "NetworkPolicyPort describes a port to allow traffic on" + properties: + endPort: + description: "endPort indicates that the range of ports from port to endPort if set, inclusive,\nshould be allowed by the policy. This field cannot be defined if the port field\nis not defined or if the port field is defined as a named (string) port.\nThe endPort must be equal or greater than port." + format: "int32" + type: "integer" + port: + anyOf: + - type: "integer" + - type: "string" + description: "port represents the port on the given protocol. This can either be a numerical or named\nport on a pod. If this field is not provided, this matches all port names and\nnumbers.\nIf present, only traffic on the specified protocol AND port will be matched." + x-kubernetes-int-or-string: true + protocol: + description: "protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." + type: "string" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + to: + description: "to is a list of destinations for outgoing traffic of pods selected for this rule.\nItems in this list are combined using a logical OR operation. If this field is\nempty or missing, this rule matches all destinations (traffic not restricted by\ndestination). If this field is present and contains at least one item, this rule\nallows traffic only if the traffic matches at least one item in the to list." + items: + description: "NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of\nfields are allowed" + properties: + ipBlock: + description: "ipBlock defines policy on a particular IPBlock. If this field is set then\nneither of the other fields can be." + properties: + cidr: + description: "cidr is a string representing the IPBlock\nValid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"" + type: "string" + except: + description: "except is a slice of CIDRs that should not be included within an IPBlock\nValid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"\nExcept values will be rejected if they are outside the cidr range" + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "cidr" + type: "object" + namespaceSelector: + description: "namespaceSelector selects namespaces using cluster-scoped labels. This field follows\nstandard label selector semantics; if present but empty, it selects all namespaces.\n\nIf podSelector is also set, then the NetworkPolicyPeer as a whole selects\nthe pods matching podSelector in the namespaces selected by namespaceSelector.\nOtherwise it selects all pods in the namespaces selected by namespaceSelector." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + podSelector: + description: "podSelector is a label selector which selects pods. This field follows standard label\nselector semantics; if present but empty, it selects all pods.\n\nIf namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects\nthe pods matching podSelector in the Namespaces selected by NamespaceSelector.\nOtherwise it selects the pods matching podSelector in the policy's own namespace." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + type: "array" + ingress: + description: "List of ingress rules to be applied to the selected pods. Traffic is allowed to\na pod if there are no NetworkPolicies selecting the pod\n(and cluster policy otherwise allows the traffic), OR if the traffic source is\nthe pod's local node, OR if the traffic matches at least one ingress rule\nacross all of the NetworkPolicy objects whose podSelector matches the pod. If\nthis field is empty then this NetworkPolicy does not allow any traffic (and serves\nsolely to ensure that the pods it selects are isolated by default)" + items: + description: "NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods\nmatched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from." + properties: + from: + description: "from is a list of sources which should be able to access the pods selected for this rule.\nItems in this list are combined using a logical OR operation. If this field is\nempty or missing, this rule matches all sources (traffic not restricted by\nsource). If this field is present and contains at least one item, this rule\nallows traffic only if the traffic matches at least one item in the from list." + items: + description: "NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of\nfields are allowed" + properties: + ipBlock: + description: "ipBlock defines policy on a particular IPBlock. If this field is set then\nneither of the other fields can be." + properties: + cidr: + description: "cidr is a string representing the IPBlock\nValid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"" + type: "string" + except: + description: "except is a slice of CIDRs that should not be included within an IPBlock\nValid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"\nExcept values will be rejected if they are outside the cidr range" + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "cidr" + type: "object" + namespaceSelector: + description: "namespaceSelector selects namespaces using cluster-scoped labels. This field follows\nstandard label selector semantics; if present but empty, it selects all namespaces.\n\nIf podSelector is also set, then the NetworkPolicyPeer as a whole selects\nthe pods matching podSelector in the namespaces selected by namespaceSelector.\nOtherwise it selects all pods in the namespaces selected by namespaceSelector." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + podSelector: + description: "podSelector is a label selector which selects pods. This field follows standard label\nselector semantics; if present but empty, it selects all pods.\n\nIf namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects\nthe pods matching podSelector in the Namespaces selected by NamespaceSelector.\nOtherwise it selects the pods matching podSelector in the policy's own namespace." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + ports: + description: "ports is a list of ports which should be made accessible on the pods selected for\nthis rule. Each item in this list is combined using a logical OR. If this field is\nempty or missing, this rule matches all ports (traffic not restricted by port).\nIf this field is present and contains at least one item, then this rule allows\ntraffic only if the traffic matches at least one port in the list." + items: + description: "NetworkPolicyPort describes a port to allow traffic on" + properties: + endPort: + description: "endPort indicates that the range of ports from port to endPort if set, inclusive,\nshould be allowed by the policy. This field cannot be defined if the port field\nis not defined or if the port field is defined as a named (string) port.\nThe endPort must be equal or greater than port." + format: "int32" + type: "integer" + port: + anyOf: + - type: "integer" + - type: "string" + description: "port represents the port on the given protocol. This can either be a numerical or named\nport on a pod. If this field is not provided, this matches all port names and\nnumbers.\nIf present, only traffic on the specified protocol AND port will be matched." + x-kubernetes-int-or-string: true + protocol: + description: "protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match.\nIf not specified, this field defaults to TCP." + type: "string" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + type: "array" + podSelector: + description: "Selects the pods to which this NetworkPolicy object applies. The array of\ningress rules is applied to any pods selected by this field. Multiple network\npolicies can select the same set of pods. In this case, the ingress rules for\neach are combined additively. This field is NOT optional and follows standard\nlabel selector semantics. An empty podSelector matches all pods in this\nnamespace." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + policyTypes: + description: "List of rule types that the NetworkPolicy relates to.\nValid options are Ingress, Egress, or Ingress,Egress.\nIf this field is not specified, it will default based on the existence of Ingress or Egress rules;\npolicies that contain an Egress section are assumed to affect Egress, and all policies\n(whether or not they contain an Ingress section) are assumed to affect Ingress.\nIf you want to write an egress-only policy, you must explicitly specify policyTypes [ \"Egress\" ].\nLikewise, if you want to write a policy that specifies that no egress is allowed,\nyou must specify a policyTypes value that include \"Egress\" (since such a policy would not include\nan Egress section and would otherwise default to just [ \"Ingress\" ]).\nThis field is beta-level in 1.8" + items: + description: "PolicyType string describes the NetworkPolicy type\nThis type is beta-level in 1.8" + type: "string" + type: "array" + stagedAction: + description: "The staged action. If this is omitted, the default is Set." + type: "string" + type: "object" + type: "object" + served: true + storage: true diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagednetworkpolicies.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagednetworkpolicies.yaml new file mode 100644 index 000000000..6c932641f --- /dev/null +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagednetworkpolicies.yaml @@ -0,0 +1,466 @@ +apiVersion: "apiextensions.k8s.io/v1" +kind: "CustomResourceDefinition" +metadata: + annotations: + controller-gen.kubebuilder.io/version: "v0.16.5" + name: "stagednetworkpolicies.crd.projectcalico.org" +spec: + group: "crd.projectcalico.org" + names: + kind: "StagedNetworkPolicy" + listKind: "StagedNetworkPolicyList" + plural: "stagednetworkpolicies" + singular: "stagednetworkpolicy" + preserveUnknownFields: false + scope: "Namespaced" + versions: + - name: "v1" + schema: + openAPIV3Schema: + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: "string" + kind: + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: "string" + metadata: + type: "object" + spec: + properties: + egress: + description: "The ordered set of egress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." + items: + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." + properties: + action: + type: "string" + destination: + description: "Destination contains the match criteria that apply to destination entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + http: + description: "HTTP contains match criteria that apply to HTTP requests." + properties: + methods: + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." + items: + type: "string" + type: "array" + paths: + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + items: + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" + properties: + exact: + type: "string" + prefix: + type: "string" + type: "object" + type: "array" + type: "object" + icmp: + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + ipVersion: + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." + type: "integer" + metadata: + description: "Metadata contains additional information for this rule" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is a set of key value pairs that give extra information about the rule" + type: "object" + type: "object" + notICMP: + description: "NotICMP is the negated version of the ICMP field." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + notProtocol: + anyOf: + - type: "integer" + - type: "string" + description: "NotProtocol is the negated version of the Protocol field." + pattern: "^.*" + x-kubernetes-int-or-string: true + protocol: + anyOf: + - type: "integer" + - type: "string" + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." + pattern: "^.*" + x-kubernetes-int-or-string: true + source: + description: "Source contains the match criteria that apply to source entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + required: + - "action" + type: "object" + type: "array" + ingress: + description: "The ordered set of ingress rules. Each rule contains a set of packet match criteria and\na corresponding action to apply." + items: + description: "A Rule encapsulates a set of match criteria and an action. Both selector-based security Policy\nand security Profiles reference rules - separated out as a list of rules for both\ningress and egress packet matching.\n\nEach positive match criteria has a negated version, prefixed with \"Not\". All the match\ncriteria within a rule must be satisfied for a packet to match. A single rule can contain\nthe positive and negative version of a match and both must be satisfied for the rule to match." + properties: + action: + type: "string" + destination: + description: "Destination contains the match criteria that apply to destination entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + http: + description: "HTTP contains match criteria that apply to HTTP requests." + properties: + methods: + description: "Methods is an optional field that restricts the rule to apply only to HTTP requests that use one of the listed\nHTTP Methods (e.g. GET, PUT, etc.)\nMultiple methods are OR'd together." + items: + type: "string" + type: "array" + paths: + description: "Paths is an optional field that restricts the rule to apply to HTTP requests that use one of the listed\nHTTP Paths.\nMultiple paths are OR'd together.\ne.g:\n- exact: /foo\n- prefix: /bar\nNOTE: Each entry may ONLY specify either a `exact` or a `prefix` match. The validator will check for it." + items: + description: "HTTPPath specifies an HTTP path to match. It may be either of the form:\nexact: : which matches the path exactly or\nprefix: : which matches the path prefix" + properties: + exact: + type: "string" + prefix: + type: "string" + type: "object" + type: "array" + type: "object" + icmp: + description: "ICMP is an optional field that restricts the rule to apply to a specific type and\ncode of ICMP traffic. This should only be specified if the Protocol field is set to\n\"ICMP\" or \"ICMPv6\"." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + ipVersion: + description: "IPVersion is an optional field that restricts the rule to only match a specific IP\nversion." + type: "integer" + metadata: + description: "Metadata contains additional information for this rule" + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations is a set of key value pairs that give extra information about the rule" + type: "object" + type: "object" + notICMP: + description: "NotICMP is the negated version of the ICMP field." + properties: + code: + description: "Match on a specific ICMP code. If specified, the Type value must also be specified.\nThis is a technical limitation imposed by the kernel's iptables firewall, which\nCalico uses to enforce the rule." + type: "integer" + type: + description: "Match on a specific ICMP type. For example a value of 8 refers to ICMP Echo Request\n(i.e. pings)." + type: "integer" + type: "object" + notProtocol: + anyOf: + - type: "integer" + - type: "string" + description: "NotProtocol is the negated version of the Protocol field." + pattern: "^.*" + x-kubernetes-int-or-string: true + protocol: + anyOf: + - type: "integer" + - type: "string" + description: "Protocol is an optional field that restricts the rule to only apply to traffic of\na specific IP protocol. Required if any of the EntityRules contain Ports\n(because ports only apply to certain protocols).\n\nMust be one of these string values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"\nor an integer in the range 1-255." + pattern: "^.*" + x-kubernetes-int-or-string: true + source: + description: "Source contains the match criteria that apply to source entity." + properties: + namespaceSelector: + description: "NamespaceSelector is an optional field that contains a selector expression. Only traffic\nthat originates from (or terminates at) endpoints within the selected namespaces will be\nmatched. When both NamespaceSelector and another selector are defined on the same rule, then only\nworkload endpoints that are matched by both selectors will be selected by the rule.\n\nFor NetworkPolicy, an empty NamespaceSelector implies that the Selector is limited to selecting\nonly workload endpoints in the same namespace as the NetworkPolicy.\n\nFor NetworkPolicy, `global()` NamespaceSelector implies that the Selector is limited to selecting\nonly GlobalNetworkSet or HostEndpoint.\n\nFor GlobalNetworkPolicy, an empty NamespaceSelector implies the Selector applies to workload\nendpoints across all namespaces." + type: "string" + nets: + description: "Nets is an optional field that restricts the rule to only apply to traffic that\noriginates from (or terminates at) IP addresses in any of the given subnets." + items: + type: "string" + type: "array" + notNets: + description: "NotNets is the negated version of the Nets field." + items: + type: "string" + type: "array" + notPorts: + description: "NotPorts is the negated version of the Ports field.\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + notSelector: + description: "NotSelector is the negated version of the Selector field. See Selector field for\nsubtleties with negated selectors." + type: "string" + ports: + description: "Ports is an optional field that restricts the rule to only apply to traffic that has a\nsource (destination) port that matches one of these ranges/values. This value is a\nlist of integers or strings that represent ranges of ports.\n\nSince only some protocols have ports, if any ports are specified it requires the\nProtocol match in the Rule to be set to \"TCP\" or \"UDP\"." + items: + anyOf: + - type: "integer" + - type: "string" + pattern: "^.*" + x-kubernetes-int-or-string: true + type: "array" + selector: + description: "Selector is an optional field that contains a selector expression (see Policy for\nsample syntax). Only traffic that originates from (terminates at) endpoints matching\nthe selector will be matched.\n\nNote that: in addition to the negated version of the Selector (see NotSelector below), the\nselector expression syntax itself supports negation. The two types of negation are subtly\ndifferent. One negates the set of matched endpoints, the other negates the whole match:\n\n\tSelector = \"!has(my_label)\" matches packets that are from other Calico-controlled\n\tendpoints that do not have the label \"my_label\".\n\n\tNotSelector = \"has(my_label)\" matches packets that are not from Calico-controlled\n\tendpoints that do have the label \"my_label\".\n\nThe effect is that the latter will accept packets from non-Calico sources whereas the\nformer is limited to packets from Calico-controlled endpoints." + type: "string" + serviceAccounts: + description: "ServiceAccounts is an optional field that restricts the rule to only apply to traffic that originates from (or\nterminates at) a pod running as a matching service account." + properties: + names: + description: "Names is an optional field that restricts the rule to only apply to traffic that originates from (or terminates\nat) a pod running as a service account whose name is in the list." + items: + type: "string" + type: "array" + selector: + description: "Selector is an optional field that restricts the rule to only apply to traffic that originates from\n(or terminates at) a pod running as a service account that matches the given label selector.\nIf both Names and Selector are specified then they are AND'ed." + type: "string" + type: "object" + services: + description: "Services is an optional field that contains options for matching Kubernetes Services.\nIf specified, only traffic that originates from or terminates at endpoints within the selected\nservice(s) will be matched, and only to/from each endpoint's port.\n\nServices cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, Nets,\nNotNets or ServiceAccounts.\n\nPorts and NotPorts can only be specified with Services on ingress rules." + properties: + name: + description: "Name specifies the name of a Kubernetes Service to match." + type: "string" + namespace: + description: "Namespace specifies the namespace of the given Service. If left empty, the rule\nwill match within this policy's namespace." + type: "string" + type: "object" + type: "object" + required: + - "action" + type: "object" + type: "array" + order: + description: "Order is an optional field that specifies the order in which the policy is applied.\nPolicies with higher \"order\" are applied after those with lower\norder within the same tier. If the order is omitted, it may be considered to be \"infinite\" - i.e. the\npolicy will be applied last. Policies with identical order will be applied in\nalphanumerical order based on the Policy \"Name\" within the tier." + type: "number" + performanceHints: + description: "PerformanceHints contains a list of hints to Calico's policy engine to\nhelp process the policy more efficiently. Hints never change the\nenforcement behaviour of the policy.\n\nCurrently, the only available hint is \"AssumeNeededOnEveryNode\". When\nthat hint is set on a policy, Felix will act as if the policy matches\na local endpoint even if it does not. This is useful for \"preloading\"\nany large static policies that are known to be used on every node.\nIf the policy is _not_ used on a particular node then the work\ndone to preload the policy (and to maintain it) is wasted." + items: + type: "string" + type: "array" + selector: + description: "The selector is an expression used to pick pick out the endpoints that the policy should\nbe applied to.\n\nSelector expressions follow this syntax:\n\n\tlabel == \"string_literal\" -> comparison, e.g. my_label == \"foo bar\"\n\tlabel != \"string_literal\" -> not equal; also matches if label is not present\n\tlabel in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is one of \"a\", \"b\", \"c\"\n\tlabel not in { \"a\", \"b\", \"c\", ... } -> true if the value of label X is not one of \"a\", \"b\", \"c\"\n\thas(label_name) -> True if that label is present\n\t! expr -> negation of expr\n\texpr && expr -> Short-circuit and\n\texpr || expr -> Short-circuit or\n\t( expr ) -> parens for grouping\n\tall() or the empty selector -> matches all endpoints.\n\nLabel names are allowed to contain alphanumerics, -, _ and /. String literals are more permissive\nbut they do not support escape characters.\n\nExamples (with made-up labels):\n\n\ttype == \"webserver\" && deployment == \"prod\"\n\ttype in {\"frontend\", \"backend\"}\n\tdeployment != \"dev\"\n\t! has(label_name)" + type: "string" + serviceAccountSelector: + description: "ServiceAccountSelector is an optional field for an expression used to select a pod based on service accounts." + type: "string" + stagedAction: + description: "The staged action. If this is omitted, the default is Set." + type: "string" + tier: + description: "The name of the tier that this policy belongs to. If this is omitted, the default\ntier (name is \"default\") is assumed. The specified tier must exist in order to create\nsecurity policies within the tier, the \"default\" tier is created automatically if it\ndoes not exist, this means for deployments requiring only a single Tier, the tier name\nmay be omitted on all policy management requests." + type: "string" + types: + description: "Types indicates whether this policy applies to ingress, or to egress, or to both. When\nnot explicitly specified (and so the value on creation is empty or nil), Calico defaults\nTypes according to what Ingress and Egress are present in the policy. The\ndefault is:\n\n- [ PolicyTypeIngress ], if there are no Egress rules (including the case where there are\n also no Ingress rules)\n\n- [ PolicyTypeEgress ], if there are Egress rules but no Ingress rules\n\n- [ PolicyTypeIngress, PolicyTypeEgress ], if there are both Ingress and Egress rules.\n\nWhen the policy is read back again, Types will always be one of these values, never empty\nor nil." + items: + description: "PolicyType enumerates the possible values of the PolicySpec Types field." + type: "string" + type: "array" + type: "object" + type: "object" + served: true + storage: true diff --git a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/tiers.yaml b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/tiers.yaml index fe5d04021..dce1e7146 100644 --- a/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/tiers.yaml +++ b/crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/tiers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "(devel)" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "tiers.crd.projectcalico.org" spec: group: "crd.projectcalico.org" @@ -11,6 +11,7 @@ spec: listKind: "TierList" plural: "tiers" singular: "tier" + preserveUnknownFields: false scope: "Cluster" versions: - name: "v1" @@ -18,10 +19,10 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -29,21 +30,15 @@ spec: description: "TierSpec contains the specification for a security policy tier resource." properties: defaultAction: - description: "DefaultAction specifies the action applied to workloads selected by a policy in the tier, but not rule matched the workload's traffic. [Default: Deny]" + description: "DefaultAction specifies the action applied to workloads selected by a policy in the tier,\nbut not rule matched the workload's traffic.\n[Default: Deny]" enum: - "Pass" - "Deny" type: "string" order: - description: "Order is an optional field that specifies the order in which the tier is applied. Tiers with higher \"order\" are applied after those with lower order. If the order is omitted, it may be considered to be \"infinite\" - i.e. the tier will be applied last. Tiers with identical order will be applied in alphanumerical order based on the Tier \"Name\"." + description: "Order is an optional field that specifies the order in which the tier is applied.\nTiers with higher \"order\" are applied after those with lower order. If the order\nis omitted, it may be considered to be \"infinite\" - i.e. the tier will be applied\nlast. Tiers with identical order will be applied in alphanumerical order based\non the Tier \"Name\"." type: "number" type: "object" type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1/httpproxies.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1/httpproxies.yaml index 0cdba8c4d..540e98c0b 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1/httpproxies.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1/httpproxies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "httpproxies.projectcontour.io" spec: group: "projectcontour.io" @@ -730,6 +730,10 @@ spec: enum: - 301 - 302 + - 303 + - 307 + - 308 + format: "int32" type: "integer" type: "object" responseHeadersPolicy: @@ -779,18 +783,21 @@ spec: type: "integer" type: "array" retryOn: - description: "RetryOn specifies the conditions on which to retry a request.\nSupported [HTTP conditions](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on):\n- `5xx`\n- `gateway-error`\n- `reset`\n- `connect-failure`\n- `retriable-4xx`\n- `refused-stream`\n- `retriable-status-codes`\n- `retriable-headers`\nSupported [gRPC conditions](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on):\n- `cancelled`\n- `deadline-exceeded`\n- `internal`\n- `resource-exhausted`\n- `unavailable`" + description: "RetryOn specifies the conditions on which to retry a request.\nSupported [HTTP conditions](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on):\n- `5xx`\n- `gateway-error`\n- `reset`\n- `reset-before-request`\n- `connect-failure`\n- `envoy-ratelimited`\n- `retriable-4xx`\n- `refused-stream`\n- `retriable-status-codes`\n- `retriable-headers`\n- `http3-post-connect-failure`\nSupported [gRPC conditions](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on):\n- `cancelled`\n- `deadline-exceeded`\n- `internal`\n- `resource-exhausted`\n- `unavailable`" items: description: "RetryOn is a string type alias with validation to ensure that the value is valid." enum: - "5xx" - "gateway-error" - "reset" + - "reset-before-request" - "connect-failure" + - "envoy-ratelimited" - "retriable-4xx" - "refused-stream" - "retriable-status-codes" - "retriable-headers" + - "http3-post-connect-failure" - "cancelled" - "deadline-exceeded" - "internal" @@ -1879,6 +1886,7 @@ spec: ports: description: "Ports is a list of records of service ports\nIf used, every port defined in the service should have an entry in it" items: + description: "PortStatus represents the error condition of a service port" properties: error: description: "Error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase." diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1/tlscertificatedelegations.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1/tlscertificatedelegations.yaml index 9b2807309..7b2abff0e 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1/tlscertificatedelegations.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1/tlscertificatedelegations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "tlscertificatedelegations.projectcontour.io" spec: group: "projectcontour.io" diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml index 3913c5583..01eeba84c 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourconfigurations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "contourconfigurations.projectcontour.io" spec: group: "projectcontour.io" @@ -288,6 +288,9 @@ spec: description: "XffNumTrustedHops defines the number of additional ingress proxy hops from the\nright side of the x-forwarded-for HTTP header to trust when determining the origin\nclient’s IP address.\nSee https://www.envoyproxy.io/docs/envoy/v1.17.0/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto?highlight=xff_num_trusted_hops\nfor more information.\nContour's default is 0." format: "int32" type: "integer" + stripTrailingHostDot: + description: "EnvoyStripTrailingHostDot defines if trailing dot of the host should be removed from host/authority header\nbefore any processing of request by HTTP filters or routing. This\naffects the upstream host header. Without setting this option to true, incoming\nrequests with host example.com. will not match against route with domains\nmatch set to example.com.\nSee https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto?highlight=strip_trailing_host_dot\nfor more information.\nContour's default is false." + type: "boolean" type: "object" service: description: "Service holds Envoy service parameters for setting Ingress status.\nContour's default is { namespace: \"projectcontour\", name: \"envoy\" }." @@ -718,9 +721,6 @@ spec: description: "Client key filename." type: "string" type: "object" - type: - description: "Defines the XDSServer to use for `contour serve`.\nValues: `envoy` (default), `contour (deprecated)`.\nOther values will produce an error.\nDeprecated: this field will be removed in a future release when\nthe `contour` xDS server implementation is removed." - type: "string" type: "object" type: "object" status: diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml index c10728b49..64ef639d0 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/contourdeployments.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "contourdeployments.projectcontour.io" spec: group: "projectcontour.io" @@ -285,7 +285,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -304,7 +304,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -331,7 +331,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -347,7 +347,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -380,7 +380,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -441,7 +441,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -694,7 +694,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -723,7 +723,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -733,7 +733,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -752,7 +752,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -767,7 +767,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -888,7 +888,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -900,7 +900,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1118,7 +1118,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -1143,7 +1143,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -1186,7 +1186,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -1267,7 +1267,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1292,7 +1292,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -1688,6 +1688,9 @@ spec: description: "XffNumTrustedHops defines the number of additional ingress proxy hops from the\nright side of the x-forwarded-for HTTP header to trust when determining the origin\nclient’s IP address.\nSee https://www.envoyproxy.io/docs/envoy/v1.17.0/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto?highlight=xff_num_trusted_hops\nfor more information.\nContour's default is 0." format: "int32" type: "integer" + stripTrailingHostDot: + description: "EnvoyStripTrailingHostDot defines if trailing dot of the host should be removed from host/authority header\nbefore any processing of request by HTTP filters or routing. This\naffects the upstream host header. Without setting this option to true, incoming\nrequests with host example.com. will not match against route with domains\nmatch set to example.com.\nSee https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto?highlight=strip_trailing_host_dot\nfor more information.\nContour's default is false." + type: "boolean" type: "object" service: description: "Service holds Envoy service parameters for setting Ingress status.\nContour's default is { namespace: \"projectcontour\", name: \"envoy\" }." @@ -2118,9 +2121,6 @@ spec: description: "Client key filename." type: "string" type: "object" - type: - description: "Defines the XDSServer to use for `contour serve`.\nValues: `envoy` (default), `contour (deprecated)`.\nOther values will produce an error.\nDeprecated: this field will be removed in a future release when\nthe `contour` xDS server implementation is removed." - type: "string" type: "object" type: "object" type: "object" diff --git a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml index f638ecc9d..d4cd70909 100644 --- a/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml +++ b/crd-catalog/projectcontour/contour/projectcontour.io/v1alpha1/extensionservices.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.4" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "extensionservices.projectcontour.io" spec: group: "projectcontour.io" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml index f2560442a..5650a79a5 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "alertmanagers.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -1528,7 +1528,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1538,7 +1538,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1576,7 +1576,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1586,7 +1586,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1605,7 +1605,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1615,7 +1615,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1653,7 +1653,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1663,7 +1663,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1683,7 +1683,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1697,7 +1697,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1711,7 +1711,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1761,7 +1761,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1822,7 +1822,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1836,7 +1836,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1850,7 +1850,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1900,7 +1900,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2088,7 +2088,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2102,7 +2102,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2116,7 +2116,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2166,7 +2166,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2518,7 +2518,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2528,7 +2528,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2566,7 +2566,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2576,7 +2576,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2595,7 +2595,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2605,7 +2605,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2643,7 +2643,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2653,7 +2653,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2673,7 +2673,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2687,7 +2687,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2701,7 +2701,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2751,7 +2751,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2812,7 +2812,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2826,7 +2826,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2840,7 +2840,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2890,7 +2890,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3078,7 +3078,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3092,7 +3092,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3106,7 +3106,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3156,7 +3156,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3285,6 +3285,16 @@ spec: paused: description: "If set to true all actions on the underlying managed objects are not\ngoint to be performed, except for delete actions." type: "boolean" + persistentVolumeClaimRetentionPolicy: + description: "The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet.\nThe default behavior is all PVCs are retained.\nThis is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26.\nIt requires enabling the StatefulSetAutoDeletePVC feature gate." + properties: + whenDeleted: + description: "WhenDeleted specifies what happens to PVCs created from StatefulSet\nVolumeClaimTemplates when the StatefulSet is deleted. The default policy\nof `Retain` causes PVCs to not be affected by StatefulSet deletion. The\n`Delete` policy causes those PVCs to be deleted." + type: "string" + whenScaled: + description: "WhenScaled specifies what happens to PVCs created from StatefulSet\nVolumeClaimTemplates when the StatefulSet is scaled down. The default\npolicy of `Retain` causes PVCs to not be affected by a scaledown. The\n`Delete` policy causes the associated PVCs for any excess pods above\nthe replica count to be deleted." + type: "string" + type: "object" podMetadata: description: "PodMetadata configures labels and annotations which are propagated to the Alertmanager pods.\n\nThe following items are reserved and cannot be overridden:\n* \"alertmanager\" label, set to the name of the Alertmanager instance.\n* \"app.kubernetes.io/instance\" label, set to the name of the Alertmanager instance.\n* \"app.kubernetes.io/managed-by\" label, set to \"prometheus-operator\".\n* \"app.kubernetes.io/name\" label, set to \"alertmanager\".\n* \"app.kubernetes.io/version\" label, set to the Alertmanager version.\n* \"kubectl.kubernetes.io/default-container\" annotation, set to \"alertmanager\"." properties: @@ -3399,6 +3409,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3474,6 +3487,10 @@ spec: serviceAccountName: description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nPrometheus Pods." type: "string" + serviceName: + description: "The name of the service name used by the underlying StatefulSet(s) as the governing service.\nIf defined, the Service must be created before the Alertmanager resource in the same namespace and it must define a selector that matches the pod labels.\nIf empty, the operator will create and manage a headless service named `alertmanager-operated` for Alermanager resources.\nWhen deploying multiple Alertmanager resources in the same namespace, it is recommended to specify a different value for each.\nSee https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details." + minLength: 1 + type: "string" sha: description: "SHA of Alertmanager container image to be deployed. Defaults to the value of `version`.\nSimilar to a tag, but the SHA explicitly deploys an immutable container image.\nVersion and Tag are ignored if SHA is set.\nDeprecated: use 'image' instead. The image digest can be specified as part of the image URL." type: "string" @@ -3816,9 +3833,10 @@ spec: description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"Resizing\" that means the underlying\npersistent volume is being resized." type: "string" status: + description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required" type: "string" type: - description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" + description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about" type: "string" required: - "status" @@ -3985,7 +4003,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -4004,7 +4022,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -4031,7 +4049,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -4047,7 +4065,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -4080,7 +4098,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -4141,7 +4159,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -4394,7 +4412,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -4423,7 +4441,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -4433,7 +4451,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4452,7 +4470,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -4467,7 +4485,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -4588,7 +4606,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4600,7 +4618,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4818,7 +4836,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -4843,7 +4861,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -4886,7 +4904,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -4967,7 +4985,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4992,7 +5010,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5061,7 +5079,7 @@ spec: description: "Defines the TLS parameters for HTTPS." properties: cert: - description: "Contains the TLS certificate for the server." + description: "Secret or ConfigMap containing the TLS certificate for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `certFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -5099,21 +5117,21 @@ spec: x-kubernetes-map-type: "atomic" type: "object" certFile: - description: "Path to the TLS certificate file in the Prometheus container for the server.\nMutually exclusive with `cert`." + description: "Path to the TLS certificate file in the container for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `cert`." type: "string" cipherSuites: - description: "List of supported cipher suites for TLS versions up to TLS 1.2. If empty,\nGo default cipher suites are used. Available cipher suites are documented\nin the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants" + description: "List of supported cipher suites for TLS versions up to TLS 1.2.\n\nIf not defined, the Go default cipher suites are used.\nAvailable cipher suites are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#pkg-constants" items: type: "string" type: "array" clientAuthType: - description: "Server policy for client authentication. Maps to ClientAuth Policies.\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" + description: "The server policy for client TLS authentication.\n\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" type: "string" clientCAFile: - description: "Path to the CA certificate file for client certificate authentication to the server.\nMutually exclusive with `client_ca`." + description: "Path to the CA certificate file for client certificate authentication to\nthe server.\n\nIt is mutually exclusive with `client_ca`." type: "string" client_ca: - description: "Contains the CA certificate for client certificate authentication to the server." + description: "Secret or ConfigMap containing the CA certificate for client certificate\nauthentication to the server.\n\nIt is mutually exclusive with `clientCAFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -5151,15 +5169,15 @@ spec: x-kubernetes-map-type: "atomic" type: "object" curvePreferences: - description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder. Available curves are documented in the go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" + description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder.\n\nAvailable curves are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" items: type: "string" type: "array" keyFile: - description: "Path to the TLS key file in the Prometheus container for the server.\nMutually exclusive with `keySecret`." + description: "Path to the TLS private key file in the container for the web server.\n\nIf defined, either `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keySecret`." type: "string" keySecret: - description: "Secret containing the TLS key for the server." + description: "Secret containing the TLS private key for the web server.\n\nEither `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keyFile`." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -5176,13 +5194,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" maxVersion: - description: "Maximum TLS version that is acceptable. Defaults to TLS13." + description: "Maximum TLS version that is acceptable." type: "string" minVersion: - description: "Minimum TLS version that is acceptable. Defaults to TLS12." + description: "Minimum TLS version that is acceptable." type: "string" preferServerCipherSuites: - description: "Controls whether the server selects the\nclient's most preferred cipher suite, or the server's most preferred\ncipher suite. If true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." + description: "Controls whether the server selects the client's most preferred cipher\nsuite, or the server's most preferred cipher suite.\n\nIf true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." type: "boolean" type: "object" type: "object" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml index ebfa2eb02..526dcb017 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "podmonitors.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -44,6 +44,15 @@ spec: description: "When defined, bodySizeLimit specifies a job level limit on the size\nof uncompressed response body that will be accepted by Prometheus.\n\nIt requires Prometheus >= v2.28.0." pattern: "(^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$" type: "string" + fallbackScrapeProtocol: + description: "The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.\n\nIt requires Prometheus >= v3.0.0." + enum: + - "PrometheusProto" + - "OpenMetricsText0.0.1" + - "OpenMetricsText1.0.0" + - "PrometheusText0.0.4" + - "PrometheusText1.0.0" + type: "string" jobLabel: description: "The label to use to retrieve the job name from.\n`jobLabel` selects the label from the associated Kubernetes `Pod`\nobject which will be used as the `job` label for all metrics.\n\nFor example if `jobLabel` is set to `foo` and the Kubernetes `Pod`\nobject is labeled with `foo: bar`, then Prometheus adds the `job=\"bar\"`\nlabel to all ingested metrics.\n\nIf the value of this field is empty, the `job` label of the metrics\ndefaults to the namespace and name of the PodMonitor object (e.g. `/`)." type: "string" @@ -486,8 +495,14 @@ spec: description: "HTTP path from which to scrape for metrics.\n\nIf empty, Prometheus uses the default value (e.g. `/metrics`)." type: "string" port: - description: "Name of the Pod port which this endpoint refers to.\n\nIt takes precedence over `targetPort`." + description: "The `Pod` port name which exposes the endpoint.\n\nIt takes precedence over the `portNumber` and `targetPort` fields." type: "string" + portNumber: + description: "The `Pod` port number which exposes the endpoint." + format: "int32" + maximum: 65535.0 + minimum: 1.0 + type: "integer" proxyUrl: description: "`proxyURL` configures the HTTP Proxy URL (e.g.\n\"http://proxyserver:2195\") to go through when scraping the target." type: "string" @@ -555,14 +570,14 @@ spec: - "https" type: "string" scrapeTimeout: - description: "Timeout after which Prometheus considers the scrape to be failed.\n\nIf empty, Prometheus uses the global scrape timeout unless it is less\nthan the target's scrape interval value in which the latter is used." + description: "Timeout after which Prometheus considers the scrape to be failed.\n\nIf empty, Prometheus uses the global scrape timeout unless it is less\nthan the target's scrape interval value in which the latter is used.\nThe value cannot be greater than the scrape interval otherwise the operator will reject the resource." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" targetPort: anyOf: - type: "integer" - type: "string" - description: "Name or number of the target port of the `Pod` object behind the Service, the\nport must be specified with container port property.\n\nDeprecated: use 'port' instead." + description: "Name or number of the target port of the `Pod` object behind the Service, the\nport must be specified with container port property.\n\nDeprecated: use 'port' or 'portNumber' instead." x-kubernetes-int-or-string: true tlsConfig: description: "TLS configuration to use when scraping the target." @@ -707,12 +722,13 @@ spec: scrapeProtocols: description: "`scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0." items: - description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`" + description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`\n* `PrometheusText1.0.0`" enum: - "PrometheusProto" - "OpenMetricsText0.0.1" - "OpenMetricsText1.0.0" - "PrometheusText0.0.4" + - "PrometheusText1.0.0" type: "string" type: "array" x-kubernetes-list-type: "set" @@ -749,6 +765,12 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + selectorMechanism: + description: "Mechanism used to select the endpoints to scrape.\nBy default, the selection process relies on relabel configurations to filter the discovered targets.\nAlternatively, you can opt in for role selectors, which may offer better efficiency in large clusters.\nWhich strategy is best for your use case needs to be carefully evaluated.\n\nIt requires Prometheus >= v2.17.0." + enum: + - "RelabelConfig" + - "RoleSelector" + type: "string" targetLimit: description: "`targetLimit` defines a limit on the number of scraped targets that will\nbe accepted." format: "int64" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml index a262e74c8..52c7cd426 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "probes.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -112,6 +112,15 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + fallbackScrapeProtocol: + description: "The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.\n\nIt requires Prometheus >= v3.0.0." + enum: + - "PrometheusProto" + - "OpenMetricsText0.0.1" + - "OpenMetricsText1.0.0" + - "PrometheusText0.0.4" + - "PrometheusText1.0.0" + type: "string" interval: description: "Interval at which targets are probed using the configured prober.\nIf not specified Prometheus' global scrape interval is used." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" @@ -471,17 +480,18 @@ spec: scrapeProtocols: description: "`scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0." items: - description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`" + description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`\n* `PrometheusText1.0.0`" enum: - "PrometheusProto" - "OpenMetricsText0.0.1" - "OpenMetricsText1.0.0" - "PrometheusText0.0.4" + - "PrometheusText1.0.0" type: "string" type: "array" x-kubernetes-list-type: "set" scrapeTimeout: - description: "Timeout for scraping metrics from the Prometheus exporter.\nIf not specified, the Prometheus global scrape timeout is used." + description: "Timeout for scraping metrics from the Prometheus exporter.\nIf not specified, the Prometheus global scrape timeout is used.\nThe value cannot be greater than the scrape interval otherwise the operator will reject the resource." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" targetLimit: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml index fdf21fa7c..2f29ae99b 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "prometheuses.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -747,7 +747,12 @@ spec: type: "object" type: "array" apiVersion: - description: "Version of the Alertmanager API that Prometheus uses to send alerts.\nIt can be \"v1\" or \"v2\"." + description: "Version of the Alertmanager API that Prometheus uses to send alerts.\nIt can be \"V1\" or \"V2\".\nThe field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported." + enum: + - "v1" + - "V1" + - "v2" + - "V2" type: "string" authorization: description: "Authorization section for Alertmanager.\n\nCannot be set at the same time as `basicAuth`, `bearerTokenFile` or `sigv4`." @@ -825,6 +830,9 @@ spec: description: "Namespace of the Endpoints object.\n\nIf not set, the object will be discovered in the namespace of the\nPrometheus object." minLength: 1 type: "string" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "string" pathPrefix: description: "Prefix for the HTTP path alerts are pushed to." type: "string" @@ -834,6 +842,36 @@ spec: - type: "string" description: "Port on which the Alertmanager API is exposed." x-kubernetes-int-or-string: true + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use." + pattern: "^http(s)?://.+$" + type: "string" relabelings: description: "Relabel configuration applied to the discovered Alertmanagers." items: @@ -1467,7 +1505,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1477,7 +1515,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1515,7 +1553,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1525,7 +1563,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1544,7 +1582,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1554,7 +1592,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1592,7 +1630,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1602,7 +1640,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1622,7 +1660,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1636,7 +1674,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1650,7 +1688,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1700,7 +1738,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1761,7 +1799,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1775,7 +1813,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1789,7 +1827,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1839,7 +1877,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2027,7 +2065,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2041,7 +2079,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2055,7 +2093,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2105,7 +2143,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2204,7 +2242,7 @@ spec: type: "object" type: "array" disableCompaction: - description: "When true, the Prometheus compaction is disabled." + description: "When true, the Prometheus compaction is disabled.\nWhen `spec.thanos.objectStorageConfig` or `spec.objectStorageConfigFile` are defined, the operator automatically\ndisables block compaction to avoid race conditions during block uploads (as the Thanos documentation recommends)." type: "boolean" dnsConfig: description: "Defines the DNS configuration for the pods." @@ -2261,6 +2299,9 @@ spec: type: "string" type: "array" x-kubernetes-list-type: "set" + enableOTLPReceiver: + description: "Enable Prometheus to be used as a receiver for the OTLP Metrics protocol.\n\nNote that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined.\n\nIt requires Prometheus >= v2.47.0." + type: "boolean" enableRemoteWriteReceiver: description: "Enable Prometheus to be used as a receiver for the Prometheus remote\nwrite protocol.\n\nWARNING: This is not considered an efficient way of ingesting samples.\nUse it with caution for specific low-volume use cases.\nIt is not suitable for replacing the ingestion via scraping and turning\nPrometheus into a push-based metrics collection system.\nFor more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver\n\nIt requires Prometheus >= v2.33.0." type: "boolean" @@ -2552,7 +2593,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2562,7 +2603,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2600,7 +2641,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2610,7 +2651,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2629,7 +2670,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2639,7 +2680,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2677,7 +2718,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2687,7 +2728,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2707,7 +2748,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2721,7 +2762,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2735,7 +2776,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2785,7 +2826,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2846,7 +2887,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2860,7 +2901,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2874,7 +2915,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2924,7 +2965,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3112,7 +3153,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -3126,7 +3167,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -3140,7 +3181,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -3190,7 +3231,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -3332,6 +3373,12 @@ spec: description: "Minimum number of seconds for which a newly created Pod should be ready\nwithout any of its container crashing for it to be considered available.\nDefaults to 0 (pod will be considered available as soon as it is ready)\n\nThis is an alpha field from kubernetes 1.22 until 1.24 which requires\nenabling the StatefulSetMinReadySeconds feature gate." format: "int32" type: "integer" + nameValidationScheme: + description: "Specifies the validation scheme for metric and label names." + enum: + - "UTF8" + - "Legacy" + type: "string" nodeSelector: additionalProperties: type: "string" @@ -3340,6 +3387,9 @@ spec: otlp: description: "Settings related to the OTLP receiver feature.\nIt requires Prometheus >= v2.55.0." properties: + keepIdentifyingResourceAttributes: + description: "Enables adding `service.name`, `service.namespace` and `service.instance.id`\nresource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels.\n\nIt requires Prometheus >= v3.1.0." + type: "boolean" promoteResourceAttributes: description: "List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none." items: @@ -3348,6 +3398,12 @@ spec: minItems: 1 type: "array" x-kubernetes-list-type: "set" + translationStrategy: + description: "Configures how the OTLP receiver endpoint translates the incoming metrics.\n\nIt requires Prometheus >= v3.0.0." + enum: + - "NoUTF8EscapingWithSuffixes" + - "UnderscoreEscapingWithSuffixes" + type: "string" type: "object" overrideHonorLabels: description: "When true, Prometheus resolves label conflicts by renaming the labels in the scraped data\n to “exported_” for all targets created from ServiceMonitor, PodMonitor and\nScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.\nIn practice,`overrideHonorLaels:true` enforces `honorLabels:false`\nfor all ServiceMonitor, PodMonitor and ScrapeConfig objects." @@ -4549,6 +4605,9 @@ spec: description: "Timeout for requests to the remote write endpoint." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" + roundRobinDNS: + description: "When enabled:\n - The remote-write mechanism will resolve the hostname via DNS.\n - It will randomly select one of the resolved IP addresses and connect to it.\n\nWhen disabled (default behavior):\n - The Go standard library will handle hostname resolution.\n - It will attempt connections to each resolved IP address sequentially.\n\nNote: The connection timeout applies to the entire resolution and connection process.\n If disabled, the timeout is distributed across all connection attempts.\n\nIt requires Prometheus >= v3.1.0." + type: "boolean" sendExemplars: description: "Enables sending of exemplars over remote write. Note that\nexemplar-storage itself must be enabled using the `spec.enableFeatures`\noption for exemplars to be scraped in the first place.\n\nIt requires Prometheus >= v2.27.0." type: "boolean" @@ -4974,9 +5033,45 @@ spec: description: "When set to true, Prometheus attaches node metadata to the discovered\ntargets.\n\nThe Prometheus service account must have the `list` and `watch`\npermissions on the `Nodes` objects." type: "boolean" type: "object" + authorization: + description: "Authorization section for the ScrapeClass.\nIt will only apply if the scrape resource doesn't specify any Authorization." + properties: + credentials: + description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + credentialsFile: + description: "File to read a secret from, mutually exclusive with `credentials`." + type: "string" + type: + description: "Defines the authentication type. The value is case-insensitive.\n\n\"Basic\" is not a supported value.\n\nDefault: \"Bearer\"" + type: "string" + type: "object" default: description: "Default indicates that the scrape applies to all scrape objects that\ndon't configure an explicit scrape class name.\n\nOnly one scrape class can be set as the default." type: "boolean" + fallbackScrapeProtocol: + description: "The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.\nIt will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol\n\nIt requires Prometheus >= v3.0.0." + enum: + - "PrometheusProto" + - "OpenMetricsText0.0.1" + - "OpenMetricsText1.0.0" + - "PrometheusText0.0.4" + - "PrometheusText1.0.0" + type: "string" metricRelabelings: description: "MetricRelabelings configures the relabeling rules to apply to all samples before ingestion.\n\nThe Operator adds the scrape class metric relabelings defined here.\nThen the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs.\nThen the Operator adds namespace enforcement relabeling rule, specified in '.spec.enforcedNamespaceLabel'.\n\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" items: @@ -5296,25 +5391,30 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + scrapeFailureLogFile: + description: "File to which scrape failures are logged.\nReloading the configuration will reopen the file.\n\nIf the filename has an empty path, e.g. 'file.log', The Prometheus Pods\nwill mount the file into an emptyDir volume at `/var/log/prometheus`.\nIf a full path is provided, e.g. '/var/log/prometheus/file.log', you\nmust mount a volume in the specified directory and it must be writable.\nIt requires Prometheus >= v2.55.0." + minLength: 1 + type: "string" scrapeInterval: default: "30s" description: "Interval between consecutive scrapes.\n\nDefault: \"30s\"" pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" scrapeProtocols: - description: "The protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0." + description: "The protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0.\n\n`PrometheusText1.0.0` requires Prometheus >= v3.0.0." items: - description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`" + description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`\n* `PrometheusText1.0.0`" enum: - "PrometheusProto" - "OpenMetricsText0.0.1" - "OpenMetricsText1.0.0" - "PrometheusText0.0.4" + - "PrometheusText1.0.0" type: "string" type: "array" x-kubernetes-list-type: "set" scrapeTimeout: - description: "Number of seconds to wait until a scrape request times out." + description: "Number of seconds to wait until a scrape request times out.\nThe value cannot be greater than the scrape interval otherwise the operator will reject the resource." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" secrets: @@ -5356,6 +5456,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -5503,11 +5606,15 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + serviceName: + description: "The name of the service name used by the underlying StatefulSet(s) as the governing service.\nIf defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels.\nIf empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources,\nor `prometheus-agent-operated` for PrometheusAgent resources.\nWhen deploying multiple Prometheus/PrometheusAgent resources in the same namespace, it is recommended to specify a different value for each.\nSee https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details." + minLength: 1 + type: "string" sha: description: "Deprecated: use 'spec.image' instead. The image's digest can be specified as part of the image name." type: "string" shards: - description: "Number of shards to distribute targets onto. `spec.replicas`\nmultiplied by `spec.shards` is the total number of Pods created.\n\nNote that scaling down shards will not reshard data onto remaining\ninstances, it must be manually moved. Increasing shards will not reshard\ndata either but it will continue to be available from the same\ninstances. To query globally, use Thanos sidecar and Thanos querier or\nremote write data to a central location.\n\nSharding is performed on the content of the `__address__` target meta-label\nfor PodMonitors and ServiceMonitors and `__param_target__` for Probes.\n\nDefault: 1" + description: "Number of shards to distribute the scraped targets onto.\n\n`spec.replicas` multiplied by `spec.shards` is the total number of Pods\nbeing created.\n\nWhen not defined, the operator assumes only one shard.\n\nNote that scaling down shards will not reshard data onto the remaining\ninstances, it must be manually moved. Increasing shards will not reshard\ndata either but it will continue to be available from the same\ninstances. To query globally, use either\n* Thanos sidecar + querier for query federation and Thanos Ruler for rules.\n* Remote-write to send metrics to a central location.\n\nBy default, the sharding of targets is performed on:\n* The `__address__` target's metadata label for PodMonitor,\nServiceMonitor and ScrapeConfig resources.\n* The `__param_target__` label for Probe resources.\n\nUsers can define their own sharding implementation by setting the\n`__tmp_hash` label during the target discovery with relabeling\nconfiguration (either in the monitoring resources or via scrape class)." format: "int32" type: "integer" storage: @@ -5849,9 +5956,10 @@ spec: description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"Resizing\" that means the underlying\npersistent volume is being resized." type: "string" status: + description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required" type: "string" type: - description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" + description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about" type: "string" required: - "status" @@ -6522,7 +6630,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -6541,7 +6649,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -6568,7 +6676,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -6584,7 +6692,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -6617,7 +6725,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -6678,7 +6786,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -6931,7 +7039,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -6960,7 +7068,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -6970,7 +7078,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -6989,7 +7097,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -7004,7 +7112,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -7125,7 +7233,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -7137,7 +7245,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -7355,7 +7463,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -7380,7 +7488,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -7423,7 +7531,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -7504,7 +7612,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -7529,7 +7637,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -7601,7 +7709,7 @@ spec: description: "Defines the TLS parameters for HTTPS." properties: cert: - description: "Contains the TLS certificate for the server." + description: "Secret or ConfigMap containing the TLS certificate for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `certFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -7639,21 +7747,21 @@ spec: x-kubernetes-map-type: "atomic" type: "object" certFile: - description: "Path to the TLS certificate file in the Prometheus container for the server.\nMutually exclusive with `cert`." + description: "Path to the TLS certificate file in the container for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `cert`." type: "string" cipherSuites: - description: "List of supported cipher suites for TLS versions up to TLS 1.2. If empty,\nGo default cipher suites are used. Available cipher suites are documented\nin the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants" + description: "List of supported cipher suites for TLS versions up to TLS 1.2.\n\nIf not defined, the Go default cipher suites are used.\nAvailable cipher suites are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#pkg-constants" items: type: "string" type: "array" clientAuthType: - description: "Server policy for client authentication. Maps to ClientAuth Policies.\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" + description: "The server policy for client TLS authentication.\n\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" type: "string" clientCAFile: - description: "Path to the CA certificate file for client certificate authentication to the server.\nMutually exclusive with `client_ca`." + description: "Path to the CA certificate file for client certificate authentication to\nthe server.\n\nIt is mutually exclusive with `client_ca`." type: "string" client_ca: - description: "Contains the CA certificate for client certificate authentication to the server." + description: "Secret or ConfigMap containing the CA certificate for client certificate\nauthentication to the server.\n\nIt is mutually exclusive with `clientCAFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -7691,15 +7799,15 @@ spec: x-kubernetes-map-type: "atomic" type: "object" curvePreferences: - description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder. Available curves are documented in the go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" + description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder.\n\nAvailable curves are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" items: type: "string" type: "array" keyFile: - description: "Path to the TLS key file in the Prometheus container for the server.\nMutually exclusive with `keySecret`." + description: "Path to the TLS private key file in the container for the web server.\n\nIf defined, either `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keySecret`." type: "string" keySecret: - description: "Secret containing the TLS key for the server." + description: "Secret containing the TLS private key for the web server.\n\nEither `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keyFile`." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -7716,13 +7824,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" maxVersion: - description: "Maximum TLS version that is acceptable. Defaults to TLS13." + description: "Maximum TLS version that is acceptable." type: "string" minVersion: - description: "Minimum TLS version that is acceptable. Defaults to TLS12." + description: "Minimum TLS version that is acceptable." type: "string" preferServerCipherSuites: - description: "Controls whether the server selects the\nclient's most preferred cipher suite, or the server's most preferred\ncipher suite. If true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." + description: "Controls whether the server selects the client's most preferred cipher\nsuite, or the server's most preferred cipher suite.\n\nIf true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." type: "boolean" type: "object" type: "object" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml index 3c78b20cb..3ba5052ef 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheusrules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "prometheusrules.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -42,6 +42,11 @@ spec: description: "Interval determines how often rules in the group are evaluated." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" + labels: + additionalProperties: + type: "string" + description: "Labels to add or overwrite before storing the result for its rules.\nThe labels defined at the rule level take precedence.\n\nIt requires Prometheus >= 3.0.0.\nThe field is ignored for Thanos Ruler." + type: "object" limit: description: "Limit the number of alerts an alerting rule and series a recording\nrule can produce.\nLimit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24." type: "integer" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml index 1ee960e33..7a180e111 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "servicemonitors.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -516,7 +516,7 @@ spec: - "https" type: "string" scrapeTimeout: - description: "Timeout after which Prometheus considers the scrape to be failed.\n\nIf empty, Prometheus uses the global scrape timeout unless it is less\nthan the target's scrape interval value in which the latter is used." + description: "Timeout after which Prometheus considers the scrape to be failed.\n\nIf empty, Prometheus uses the global scrape timeout unless it is less\nthan the target's scrape interval value in which the latter is used.\nThe value cannot be greater than the scrape interval otherwise the operator will reject the resource." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" targetPort: @@ -658,6 +658,15 @@ spec: type: "boolean" type: "object" type: "array" + fallbackScrapeProtocol: + description: "The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.\n\nIt requires Prometheus >= v3.0.0." + enum: + - "PrometheusProto" + - "OpenMetricsText0.0.1" + - "OpenMetricsText1.0.0" + - "PrometheusText0.0.4" + - "PrometheusText1.0.0" + type: "string" jobLabel: description: "`jobLabel` selects the label from the associated Kubernetes `Service`\nobject which will be used as the `job` label for all metrics.\n\nFor example if `jobLabel` is set to `foo` and the Kubernetes `Service`\nobject is labeled with `foo: bar`, then Prometheus adds the `job=\"bar\"`\nlabel to all ingested metrics.\n\nIf the value of this field is empty or if the label doesn't exist for\nthe given Service, the `job` label of the metrics defaults to the name\nof the associated Kubernetes `Service`." type: "string" @@ -719,12 +728,13 @@ spec: scrapeProtocols: description: "`scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0." items: - description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`" + description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`\n* `PrometheusText1.0.0`" enum: - "PrometheusProto" - "OpenMetricsText0.0.1" - "OpenMetricsText1.0.0" - "PrometheusText0.0.4" + - "PrometheusText1.0.0" type: "string" type: "array" x-kubernetes-list-type: "set" @@ -761,6 +771,12 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + selectorMechanism: + description: "Mechanism used to select the endpoints to scrape.\nBy default, the selection process relies on relabel configurations to filter the discovered targets.\nAlternatively, you can opt in for role selectors, which may offer better efficiency in large clusters.\nWhich strategy is best for your use case needs to be carefully evaluated.\n\nIt requires Prometheus >= v2.17.0." + enum: + - "RelabelConfig" + - "RoleSelector" + type: "string" targetLabels: description: "`targetLabels` defines the labels which are transferred from the\nassociated Kubernetes `Service` object onto the ingested metrics." items: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml index da967dc37..4b2277b11 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/thanosrulers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "thanosrulers.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -631,7 +631,7 @@ spec: type: "object" type: "object" alertDropLabels: - description: "AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts.\nThe replica label `thanos_ruler_replica` will always be dropped in alerts." + description: "Configures the label names which should be dropped in Thanos Ruler\nalerts.\n\nThe replica label `thanos_ruler_replica` will always be dropped from the alerts." items: type: "string" type: "array" @@ -639,10 +639,10 @@ spec: description: "The external Query URL the Thanos Ruler will set in the 'Source' field\nof all alerts.\nMaps to the '--alert.query-url' CLI arg." type: "string" alertRelabelConfigFile: - description: "AlertRelabelConfigFile specifies the path of the alert relabeling configuration file.\nWhen used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence." + description: "Configures the path to the alert relabeling configuration file.\n\nAlert relabel configuration must have the form as specified in the\nofficial Prometheus documentation:\nhttps://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs\n\nThe operator performs no validation of the configuration file.\n\nThis field takes precedence over `alertRelabelConfig`." type: "string" alertRelabelConfigs: - description: "AlertRelabelConfigs configures alert relabeling in ThanosRuler.\nAlert relabel configurations must have the form as specified in the official Prometheus documentation:\nhttps://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs\nAlternative to AlertRelabelConfigFile, and lower order priority." + description: "Configures alert relabeling in Thanos Ruler.\n\nAlert relabel configuration must have the form as specified in the\nofficial Prometheus documentation:\nhttps://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs\n\nThe operator performs no validation of the configuration.\n\n`alertRelabelConfigFile` takes precedence over this field." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -659,7 +659,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" alertmanagersConfig: - description: "Define configuration for connecting to alertmanager. Only available with thanos v0.10.0\nand higher. Maps to the `alertmanagers.config` arg." + description: "Configures the list of Alertmanager endpoints to send alerts to.\n\nThe configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager.\n\nIt requires Thanos >= v0.10.0.\n\nThe operator performs no validation of the configuration.\n\nThis field takes precedence over `alertmanagersUrl`." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -676,7 +676,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" alertmanagersUrl: - description: "Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher,\nAlertManagersConfig should be used instead. Note: this field will be ignored\nif AlertManagersConfig is specified.\nMaps to the `alertmanagers.url` arg." + description: "Configures the list of Alertmanager endpoints to send alerts to.\n\nFor Thanos >= v0.10.0, it is recommended to use `alertmanagersConfig` instead.\n\n`alertmanagersConfig` takes precedence over this field." items: type: "string" type: "array" @@ -834,7 +834,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -844,7 +844,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -882,7 +882,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -892,7 +892,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -911,7 +911,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -921,7 +921,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -959,7 +959,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -969,7 +969,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -989,7 +989,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1003,7 +1003,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1017,7 +1017,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1067,7 +1067,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1128,7 +1128,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1142,7 +1142,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1156,7 +1156,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1206,7 +1206,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1394,7 +1394,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1408,7 +1408,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1422,7 +1422,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1472,7 +1472,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1984,7 +1984,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1994,7 +1994,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2032,7 +2032,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2042,7 +2042,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2061,7 +2061,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2071,7 +2071,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2109,7 +2109,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2119,7 +2119,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2139,7 +2139,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2153,7 +2153,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2167,7 +2167,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2217,7 +2217,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2278,7 +2278,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2292,7 +2292,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2306,7 +2306,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2356,7 +2356,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2544,7 +2544,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2558,7 +2558,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2572,7 +2572,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2622,7 +2622,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2723,7 +2723,7 @@ spec: labels: additionalProperties: type: "string" - description: "Labels configure the external label pairs to ThanosRuler. A default replica label\n`thanos_ruler_replica` will be always added as a label with the value of the pod's name and it will be dropped in the alerts." + description: "Configures the external label pairs of the ThanosRuler resource.\n\nA default replica label `thanos_ruler_replica` will be always added as a\nlabel with the value of the pod's name." type: "object" listenLocal: description: "ListenLocal makes the Thanos ruler listen on loopback, so that it\ndoes not bind against the Pod IP." @@ -2754,7 +2754,7 @@ spec: description: "Define which Nodes the Pods are scheduled on." type: "object" objectStorageConfig: - description: "ObjectStorageConfig configures object storage in Thanos.\nAlternative to ObjectStorageConfigFile, and lower order priority." + description: "Configures object storage.\n\nThe configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage\n\nThe operator performs no validation of the configuration.\n\n`objectStorageConfigFile` takes precedence over this field." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -2771,7 +2771,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" objectStorageConfigFile: - description: "ObjectStorageConfigFile specifies the path of the object storage configuration file.\nWhen used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence." + description: "Configures the path of the object storage configuration file.\n\nThe configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage\n\nThe operator performs no validation of the configuration file.\n\nThis field takes precedence over `objectStorageConfig`." type: "string" paused: description: "When a ThanosRuler deployment is paused, no actions except for deletion\nwill be performed on the underlying objects." @@ -2817,7 +2817,7 @@ spec: type: "object" type: "array" queryConfig: - description: "Define configuration for connecting to thanos query instances.\nIf this is defined, the QueryEndpoints field will be ignored.\nMaps to the `query.config` CLI argument.\nOnly available with thanos v0.11.0 and higher." + description: "Configures the list of Thanos Query endpoints from which to query metrics.\n\nThe configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api\n\nIt requires Thanos >= v0.11.0.\n\nThe operator performs no validation of the configuration.\n\nThis field takes precedence over `queryEndpoints`." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -2834,7 +2834,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" queryEndpoints: - description: "QueryEndpoints defines Thanos querier endpoints from which to query metrics.\nMaps to the --query flag of thanos ruler." + description: "Configures the list of Thanos Query endpoints from which to query metrics.\n\nFor Thanos >= v0.11.0, it is recommended to use `queryConfig` instead.\n\n`queryConfig` takes precedence over this field." items: type: "string" type: "array" @@ -2924,7 +2924,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" ruleSelector: - description: "A label selector to select which PrometheusRules to mount for alerting and\nrecording." + description: "PrometheusRule objects to be selected for rule evaluation. An empty\nlabel selector matches all objects. A null label selector matches no\nobjects." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2989,6 +2989,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3064,6 +3067,10 @@ spec: serviceAccountName: description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nThanos Ruler Pods." type: "string" + serviceName: + description: "The name of the service name used by the underlying StatefulSet(s) as the governing service.\nIf defined, the Service must be created before the ThanosRuler resource in the same namespace and it must define a selector that matches the pod labels.\nIf empty, the operator will create and manage a headless service named `thanos-ruler-operated` for ThanosRuler resources.\nWhen deploying multiple ThanosRuler resources in the same namespace, it is recommended to specify a different value for each.\nSee https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details." + minLength: 1 + type: "string" storage: description: "Storage spec to specify how storage shall be used." properties: @@ -3403,9 +3410,10 @@ spec: description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"Resizing\" that means the underlying\npersistent volume is being resized." type: "string" status: + description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required" type: "string" type: - description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" + description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about" type: "string" required: - "status" @@ -3530,7 +3538,7 @@ spec: type: "object" type: "array" tracingConfig: - description: "TracingConfig configures tracing in Thanos.\n\n`tracingConfigFile` takes precedence over this field.\n\nThis is an *experimental feature*, it may change in any upcoming release\nin a breaking way." + description: "Configures tracing.\n\nThe configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration\n\nThis is an *experimental feature*, it may change in any upcoming release\nin a breaking way.\n\nThe operator performs no validation of the configuration.\n\n`tracingConfigFile` takes precedence over this field." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -3547,7 +3555,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" tracingConfigFile: - description: "TracingConfig specifies the path of the tracing configuration file.\n\nThis field takes precedence over `tracingConfig`.\n\nThis is an *experimental feature*, it may change in any upcoming release\nin a breaking way." + description: "Configures the path of the tracing configuration file.\n\nThe configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration\n\nThis is an *experimental feature*, it may change in any upcoming release\nin a breaking way.\n\nThe operator performs no validation of the configuration file.\n\nThis field takes precedence over `tracingConfig`." type: "string" version: description: "Version of Thanos to be deployed." @@ -3589,7 +3597,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -3608,7 +3616,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -3635,7 +3643,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -3651,7 +3659,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -3684,7 +3692,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -3745,7 +3753,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -3998,7 +4006,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -4027,7 +4035,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -4037,7 +4045,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -4056,7 +4064,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -4071,7 +4079,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -4192,7 +4200,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4204,7 +4212,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4422,7 +4430,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -4447,7 +4455,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -4490,7 +4498,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -4571,7 +4579,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4596,7 +4604,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -4657,7 +4665,7 @@ spec: description: "Defines the TLS parameters for HTTPS." properties: cert: - description: "Contains the TLS certificate for the server." + description: "Secret or ConfigMap containing the TLS certificate for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `certFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -4695,21 +4703,21 @@ spec: x-kubernetes-map-type: "atomic" type: "object" certFile: - description: "Path to the TLS certificate file in the Prometheus container for the server.\nMutually exclusive with `cert`." + description: "Path to the TLS certificate file in the container for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `cert`." type: "string" cipherSuites: - description: "List of supported cipher suites for TLS versions up to TLS 1.2. If empty,\nGo default cipher suites are used. Available cipher suites are documented\nin the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants" + description: "List of supported cipher suites for TLS versions up to TLS 1.2.\n\nIf not defined, the Go default cipher suites are used.\nAvailable cipher suites are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#pkg-constants" items: type: "string" type: "array" clientAuthType: - description: "Server policy for client authentication. Maps to ClientAuth Policies.\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" + description: "The server policy for client TLS authentication.\n\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" type: "string" clientCAFile: - description: "Path to the CA certificate file for client certificate authentication to the server.\nMutually exclusive with `client_ca`." + description: "Path to the CA certificate file for client certificate authentication to\nthe server.\n\nIt is mutually exclusive with `client_ca`." type: "string" client_ca: - description: "Contains the CA certificate for client certificate authentication to the server." + description: "Secret or ConfigMap containing the CA certificate for client certificate\nauthentication to the server.\n\nIt is mutually exclusive with `clientCAFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -4747,15 +4755,15 @@ spec: x-kubernetes-map-type: "atomic" type: "object" curvePreferences: - description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder. Available curves are documented in the go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" + description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder.\n\nAvailable curves are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" items: type: "string" type: "array" keyFile: - description: "Path to the TLS key file in the Prometheus container for the server.\nMutually exclusive with `keySecret`." + description: "Path to the TLS private key file in the container for the web server.\n\nIf defined, either `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keySecret`." type: "string" keySecret: - description: "Secret containing the TLS key for the server." + description: "Secret containing the TLS private key for the web server.\n\nEither `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keyFile`." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -4772,13 +4780,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" maxVersion: - description: "Maximum TLS version that is acceptable. Defaults to TLS13." + description: "Maximum TLS version that is acceptable." type: "string" minVersion: - description: "Minimum TLS version that is acceptable. Defaults to TLS12." + description: "Minimum TLS version that is acceptable." type: "string" preferServerCipherSuites: - description: "Controls whether the server selects the\nclient's most preferred cipher suite, or the server's most preferred\ncipher suite. If true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." + description: "Controls whether the server selects the client's most preferred cipher\nsuite, or the server's most preferred cipher suite.\n\nIf true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." type: "boolean" type: "object" type: "object" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml index 2fbd53a0a..d31135775 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "alertmanagerconfigs.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -541,6 +541,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -1233,6 +1236,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -1788,6 +1794,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -2340,6 +2349,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -2899,6 +2911,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -3527,6 +3542,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -4038,6 +4056,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -4607,6 +4628,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -5140,6 +5164,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -5633,6 +5660,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -6119,6 +6149,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -6646,6 +6679,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml index c3679ab3d..dbc5dcca3 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "prometheusagents.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -1027,7 +1027,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1037,7 +1037,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1075,7 +1075,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1085,7 +1085,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1104,7 +1104,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1114,7 +1114,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1152,7 +1152,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1162,7 +1162,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1182,7 +1182,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1196,7 +1196,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1210,7 +1210,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1260,7 +1260,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1321,7 +1321,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1335,7 +1335,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1349,7 +1349,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1399,7 +1399,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1587,7 +1587,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1601,7 +1601,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1615,7 +1615,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1665,7 +1665,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1815,6 +1815,9 @@ spec: type: "string" type: "array" x-kubernetes-list-type: "set" + enableOTLPReceiver: + description: "Enable Prometheus to be used as a receiver for the OTLP Metrics protocol.\n\nNote that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined.\n\nIt requires Prometheus >= v2.47.0." + type: "boolean" enableRemoteWriteReceiver: description: "Enable Prometheus to be used as a receiver for the Prometheus remote\nwrite protocol.\n\nWARNING: This is not considered an efficient way of ingesting samples.\nUse it with caution for specific low-volume use cases.\nIt is not suitable for replacing the ingestion via scraping and turning\nPrometheus into a push-based metrics collection system.\nFor more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver\n\nIt requires Prometheus >= v2.33.0." type: "boolean" @@ -2093,7 +2096,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2103,7 +2106,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2141,7 +2144,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2151,7 +2154,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2170,7 +2173,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2180,7 +2183,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2218,7 +2221,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -2228,7 +2231,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2248,7 +2251,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2262,7 +2265,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2276,7 +2279,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2326,7 +2329,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2387,7 +2390,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2401,7 +2404,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2415,7 +2418,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2465,7 +2468,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2653,7 +2656,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -2667,7 +2670,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -2681,7 +2684,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -2731,7 +2734,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2874,11 +2877,17 @@ spec: format: "int32" type: "integer" mode: - description: "Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s).\nFor now this field has no effect.\n\n(Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled." + description: "Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s).\n\n(Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled." enum: - "StatefulSet" - "DaemonSet" type: "string" + nameValidationScheme: + description: "Specifies the validation scheme for metric and label names." + enum: + - "UTF8" + - "Legacy" + type: "string" nodeSelector: additionalProperties: type: "string" @@ -2887,6 +2896,9 @@ spec: otlp: description: "Settings related to the OTLP receiver feature.\nIt requires Prometheus >= v2.55.0." properties: + keepIdentifyingResourceAttributes: + description: "Enables adding `service.name`, `service.namespace` and `service.instance.id`\nresource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels.\n\nIt requires Prometheus >= v3.1.0." + type: "boolean" promoteResourceAttributes: description: "List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none." items: @@ -2895,6 +2907,12 @@ spec: minItems: 1 type: "array" x-kubernetes-list-type: "set" + translationStrategy: + description: "Configures how the OTLP receiver endpoint translates the incoming metrics.\n\nIt requires Prometheus >= v3.0.0." + enum: + - "NoUTF8EscapingWithSuffixes" + - "UnderscoreEscapingWithSuffixes" + type: "string" type: "object" overrideHonorLabels: description: "When true, Prometheus resolves label conflicts by renaming the labels in the scraped data\n to “exported_” for all targets created from ServiceMonitor, PodMonitor and\nScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.\nIn practice,`overrideHonorLaels:true` enforces `honorLabels:false`\nfor all ServiceMonitor, PodMonitor and ScrapeConfig objects." @@ -3558,6 +3576,9 @@ spec: description: "Timeout for requests to the remote write endpoint." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" + roundRobinDNS: + description: "When enabled:\n - The remote-write mechanism will resolve the hostname via DNS.\n - It will randomly select one of the resolved IP addresses and connect to it.\n\nWhen disabled (default behavior):\n - The Go standard library will handle hostname resolution.\n - It will attempt connections to each resolved IP address sequentially.\n\nNote: The connection timeout applies to the entire resolution and connection process.\n If disabled, the timeout is distributed across all connection attempts.\n\nIt requires Prometheus >= v3.1.0." + type: "boolean" sendExemplars: description: "Enables sending of exemplars over remote write. Note that\nexemplar-storage itself must be enabled using the `spec.enableFeatures`\noption for exemplars to be scraped in the first place.\n\nIt requires Prometheus >= v2.27.0." type: "boolean" @@ -3864,6 +3885,15 @@ spec: routePrefix: description: "The route prefix Prometheus registers HTTP handlers for.\n\nThis is useful when using `spec.externalURL`, and a proxy is rewriting\nHTTP routes of a request, and the actual ExternalURL is still true, but\nthe server serves requests under a different route prefix. For example\nfor use with `kubectl proxy`." type: "string" + runtime: + description: "RuntimeConfig configures the values for the Prometheus process behavior" + properties: + goGC: + description: "The Go garbage collection target percentage. Lowering this number may increase the CPU usage.\nSee: https://tip.golang.org/doc/gc-guide#GOGC" + format: "int32" + minimum: -1.0 + type: "integer" + type: "object" sampleLimit: description: "SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.\nOnly valid in Prometheus versions 2.45.0 and newer.\n\nNote that the global limit only applies to scrape objects that don't specify an explicit limit value.\nIf you want to enforce a maximum limit for all scrape objects, refer to enforcedSampleLimit." format: "int64" @@ -3879,9 +3909,45 @@ spec: description: "When set to true, Prometheus attaches node metadata to the discovered\ntargets.\n\nThe Prometheus service account must have the `list` and `watch`\npermissions on the `Nodes` objects." type: "boolean" type: "object" + authorization: + description: "Authorization section for the ScrapeClass.\nIt will only apply if the scrape resource doesn't specify any Authorization." + properties: + credentials: + description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + credentialsFile: + description: "File to read a secret from, mutually exclusive with `credentials`." + type: "string" + type: + description: "Defines the authentication type. The value is case-insensitive.\n\n\"Basic\" is not a supported value.\n\nDefault: \"Bearer\"" + type: "string" + type: "object" default: description: "Default indicates that the scrape applies to all scrape objects that\ndon't configure an explicit scrape class name.\n\nOnly one scrape class can be set as the default." type: "boolean" + fallbackScrapeProtocol: + description: "The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.\nIt will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol\n\nIt requires Prometheus >= v3.0.0." + enum: + - "PrometheusProto" + - "OpenMetricsText0.0.1" + - "OpenMetricsText1.0.0" + - "PrometheusText0.0.4" + - "PrometheusText1.0.0" + type: "string" metricRelabelings: description: "MetricRelabelings configures the relabeling rules to apply to all samples before ingestion.\n\nThe Operator adds the scrape class metric relabelings defined here.\nThen the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs.\nThen the Operator adds namespace enforcement relabeling rule, specified in '.spec.enforcedNamespaceLabel'.\n\nMore info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs" items: @@ -4201,25 +4267,30 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + scrapeFailureLogFile: + description: "File to which scrape failures are logged.\nReloading the configuration will reopen the file.\n\nIf the filename has an empty path, e.g. 'file.log', The Prometheus Pods\nwill mount the file into an emptyDir volume at `/var/log/prometheus`.\nIf a full path is provided, e.g. '/var/log/prometheus/file.log', you\nmust mount a volume in the specified directory and it must be writable.\nIt requires Prometheus >= v2.55.0." + minLength: 1 + type: "string" scrapeInterval: default: "30s" description: "Interval between consecutive scrapes.\n\nDefault: \"30s\"" pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" scrapeProtocols: - description: "The protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0." + description: "The protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0.\n\n`PrometheusText1.0.0` requires Prometheus >= v3.0.0." items: - description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`" + description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`\n* `PrometheusText1.0.0`" enum: - "PrometheusProto" - "OpenMetricsText0.0.1" - "OpenMetricsText1.0.0" - "PrometheusText0.0.4" + - "PrometheusText1.0.0" type: "string" type: "array" x-kubernetes-list-type: "set" scrapeTimeout: - description: "Number of seconds to wait until a scrape request times out." + description: "Number of seconds to wait until a scrape request times out.\nThe value cannot be greater than the scrape interval otherwise the operator will reject the resource." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" secrets: @@ -4261,6 +4332,9 @@ spec: description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" + seLinuxChangePolicy: + description: "seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.\nIt has no effect on nodes that do not support SELinux or to volumes does not support SELinux.\nValid values are \"MountOption\" and \"Recursive\".\n\n\"Recursive\" means relabeling of all files on all Pod volumes by the container runtime.\nThis may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.\n\n\"MountOption\" mounts all eligible Pod volumes with `-o context` mount option.\nThis requires all Pods that share the same volume to use the same SELinux label.\nIt is not possible to share the same volume among privileged and unprivileged Pods.\nEligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes\nwhose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their\nCSIDriver instance. Other volumes are always re-labelled recursively.\n\"MountOption\" value is allowed only when SELinuxMount feature gate is enabled.\n\nIf not specified and SELinuxMount feature gate is enabled, \"MountOption\" is used.\nIf not specified and SELinuxMount feature gate is disabled, \"MountOption\" is used for ReadWriteOncePod volumes\nand \"Recursive\" for all other volumes.\n\nThis field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.\n\nAll Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" seLinuxOptions: description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -4408,8 +4482,12 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + serviceName: + description: "The name of the service name used by the underlying StatefulSet(s) as the governing service.\nIf defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels.\nIf empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources,\nor `prometheus-agent-operated` for PrometheusAgent resources.\nWhen deploying multiple Prometheus/PrometheusAgent resources in the same namespace, it is recommended to specify a different value for each.\nSee https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details." + minLength: 1 + type: "string" shards: - description: "Number of shards to distribute targets onto. `spec.replicas`\nmultiplied by `spec.shards` is the total number of Pods created.\n\nNote that scaling down shards will not reshard data onto remaining\ninstances, it must be manually moved. Increasing shards will not reshard\ndata either but it will continue to be available from the same\ninstances. To query globally, use Thanos sidecar and Thanos querier or\nremote write data to a central location.\n\nSharding is performed on the content of the `__address__` target meta-label\nfor PodMonitors and ServiceMonitors and `__param_target__` for Probes.\n\nDefault: 1" + description: "Number of shards to distribute the scraped targets onto.\n\n`spec.replicas` multiplied by `spec.shards` is the total number of Pods\nbeing created.\n\nWhen not defined, the operator assumes only one shard.\n\nNote that scaling down shards will not reshard data onto the remaining\ninstances, it must be manually moved. Increasing shards will not reshard\ndata either but it will continue to be available from the same\ninstances. To query globally, use either\n* Thanos sidecar + querier for query federation and Thanos Ruler for rules.\n* Remote-write to send metrics to a central location.\n\nBy default, the sharding of targets is performed on:\n* The `__address__` target's metadata label for PodMonitor,\nServiceMonitor and ScrapeConfig resources.\n* The `__param_target__` label for Probe resources.\n\nUsers can define their own sharding implementation by setting the\n`__tmp_hash` label during the target discovery with relabeling\nconfiguration (either in the monitoring resources or via scrape class)." format: "int32" type: "integer" storage: @@ -4751,9 +4829,10 @@ spec: description: "reason is a unique, this should be a short, machine understandable string that gives the reason\nfor condition's last transition. If it reports \"Resizing\" that means the underlying\npersistent volume is being resized." type: "string" status: + description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required" type: "string" type: - description: "PersistentVolumeClaimConditionType defines the condition of PV claim.\nValid values are:\n - \"Resizing\", \"FileSystemResizePending\"\n\nIf RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected:\n - \"ControllerResizeError\", \"NodeResizeError\"\n\nIf VolumeAttributesClass feature gate is enabled, then following additional values can be expected:\n - \"ModifyVolumeError\", \"ModifyingVolume\"" + description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about" type: "string" required: - "status" @@ -5102,7 +5181,7 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" @@ -5121,7 +5200,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -5148,7 +5227,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -5164,7 +5243,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -5197,7 +5276,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -5258,7 +5337,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -5511,7 +5590,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -5540,7 +5619,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -5550,7 +5629,7 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -5569,7 +5648,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -5584,7 +5663,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -5705,7 +5784,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5717,7 +5796,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -5935,7 +6014,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -5960,7 +6039,7 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" @@ -6003,7 +6082,7 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: default: "xfs" @@ -6084,7 +6163,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -6109,7 +6188,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -6181,7 +6260,7 @@ spec: description: "Defines the TLS parameters for HTTPS." properties: cert: - description: "Contains the TLS certificate for the server." + description: "Secret or ConfigMap containing the TLS certificate for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `certFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -6219,21 +6298,21 @@ spec: x-kubernetes-map-type: "atomic" type: "object" certFile: - description: "Path to the TLS certificate file in the Prometheus container for the server.\nMutually exclusive with `cert`." + description: "Path to the TLS certificate file in the container for the web server.\n\nEither `keySecret` or `keyFile` must be defined.\n\nIt is mutually exclusive with `cert`." type: "string" cipherSuites: - description: "List of supported cipher suites for TLS versions up to TLS 1.2. If empty,\nGo default cipher suites are used. Available cipher suites are documented\nin the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants" + description: "List of supported cipher suites for TLS versions up to TLS 1.2.\n\nIf not defined, the Go default cipher suites are used.\nAvailable cipher suites are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#pkg-constants" items: type: "string" type: "array" clientAuthType: - description: "Server policy for client authentication. Maps to ClientAuth Policies.\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" + description: "The server policy for client TLS authentication.\n\nFor more detail on clientAuth options:\nhttps://golang.org/pkg/crypto/tls/#ClientAuthType" type: "string" clientCAFile: - description: "Path to the CA certificate file for client certificate authentication to the server.\nMutually exclusive with `client_ca`." + description: "Path to the CA certificate file for client certificate authentication to\nthe server.\n\nIt is mutually exclusive with `client_ca`." type: "string" client_ca: - description: "Contains the CA certificate for client certificate authentication to the server." + description: "Secret or ConfigMap containing the CA certificate for client certificate\nauthentication to the server.\n\nIt is mutually exclusive with `clientCAFile`." properties: configMap: description: "ConfigMap containing data to use for the targets." @@ -6271,15 +6350,15 @@ spec: x-kubernetes-map-type: "atomic" type: "object" curvePreferences: - description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder. Available curves are documented in the go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" + description: "Elliptic curves that will be used in an ECDHE handshake, in preference\norder.\n\nAvailable curves are documented in the Go documentation:\nhttps://golang.org/pkg/crypto/tls/#CurveID" items: type: "string" type: "array" keyFile: - description: "Path to the TLS key file in the Prometheus container for the server.\nMutually exclusive with `keySecret`." + description: "Path to the TLS private key file in the container for the web server.\n\nIf defined, either `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keySecret`." type: "string" keySecret: - description: "Secret containing the TLS key for the server." + description: "Secret containing the TLS private key for the web server.\n\nEither `cert` or `certFile` must be defined.\n\nIt is mutually exclusive with `keyFile`." properties: key: description: "The key of the secret to select from. Must be a valid secret key." @@ -6296,13 +6375,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" maxVersion: - description: "Maximum TLS version that is acceptable. Defaults to TLS13." + description: "Maximum TLS version that is acceptable." type: "string" minVersion: - description: "Minimum TLS version that is acceptable. Defaults to TLS12." + description: "Minimum TLS version that is acceptable." type: "string" preferServerCipherSuites: - description: "Controls whether the server selects the\nclient's most preferred cipher suite, or the server's most preferred\ncipher suite. If true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." + description: "Controls whether the server selects the client's most preferred cipher\nsuite, or the server's most preferred cipher suite.\n\nIf true then the server's preference, as expressed in\nthe order of elements in cipherSuites, is used." type: "boolean" type: "object" type: "object" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml index ffe5a1d17..85df96608 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "scrapeconfigs.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -69,8 +69,71 @@ spec: - "ManagedIdentity" - "SDK" type: "string" + authorization: + description: "Authorization header configuration to authenticate against the target HTTP endpoint.\nCannot be set at the same time as `oAuth2`, or `basicAuth`." + properties: + credentials: + description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: + description: "Defines the authentication type. The value is case-insensitive.\n\n\"Basic\" is not a supported value.\n\nDefault: \"Bearer\"" + type: "string" + type: "object" + basicAuth: + description: "BasicAuth information to authenticate against the target HTTP endpoint.\nMore info: https://prometheus.io/docs/operating/configuration/#endpoints\nCannot be set at the same time as `authorization`, or `oAuth2`." + properties: + password: + description: "`password` specifies a key of a Secret containing the password for\nauthentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + username: + description: "`username` specifies a key of a Secret containing the username for\nauthentication." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" clientID: description: "Optional client ID. Only required with the OAuth authentication method." + minLength: 1 type: "string" clientSecret: description: "Optional client secret. Only required with the OAuth authentication method." @@ -89,18 +152,291 @@ spec: - "key" type: "object" x-kubernetes-map-type: "atomic" + enableHTTP2: + description: "Whether to enable HTTP2." + type: "boolean" environment: description: "The Azure environment." + minLength: 1 + type: "string" + followRedirects: + description: "Configure whether HTTP requests follow HTTP 3xx redirects." + type: "boolean" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "string" + oauth2: + description: "Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.\nCannot be set at the same time as `authorization`, or `basicAuth`." + properties: + clientId: + description: "`clientId` specifies a key of a Secret or ConfigMap containing the\nOAuth2 client's ID." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + clientSecret: + description: "`clientSecret` specifies a key of a Secret containing the OAuth2\nclient's secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + endpointParams: + additionalProperties: + type: "string" + description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." + type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use." + pattern: "^http(s)?://.+$" + type: "string" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" port: description: "The port to scrape metrics from. If using the public IP address, this must\ninstead be specified in the relabeling rule." + format: "int32" + maximum: 65535.0 + minimum: 0.0 type: "integer" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use." + pattern: "^http(s)?://.+$" + type: "string" refreshInterval: description: "RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" resourceGroup: - description: "Optional resource group name. Limits discovery to this resource group." + description: "Optional resource group name. Limits discovery to this resource group.\nRequires Prometheus v2.35.0 and above" + minLength: 1 type: "string" subscriptionID: description: "The subscription ID. Always required." @@ -108,7 +444,127 @@ spec: type: "string" tenantID: description: "Optional tenant ID. Only required with the OAuth authentication method." + minLength: 1 type: "string" + tlsConfig: + description: "TLS configuration applying to the target HTTP endpoint." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" required: - "subscriptionID" type: "object" @@ -160,7 +616,7 @@ spec: description: "Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul.\nIf unset, Prometheus uses its default value." type: "boolean" authorization: - description: "Authorization header configuration to authenticate against the Consul Server." + description: "Optional Authorization header configuration to authenticate against the Consul Server.\nCannot be set at the same time as `basicAuth`, or `oauth2`." properties: credentials: description: "Selects a key of a Secret in the namespace that contains the credentials for authentication." @@ -184,7 +640,7 @@ spec: type: "string" type: "object" basicAuth: - description: "BasicAuth information to authenticate against the Consul Server.\nMore info: https://prometheus.io/docs/operating/configuration/#endpoints" + description: "Optional BasicAuth information to authenticate against the Consul Server.\nMore info: https://prometheus.io/docs/operating/configuration/#endpoints\nCannot be set at the same time as `authorization`, or `oauth2`." properties: password: description: "`password` specifies a key of a Secret containing the password for\nauthentication." @@ -223,15 +679,21 @@ spec: type: "object" datacenter: description: "Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter." + minLength: 1 type: "string" enableHTTP2: description: "Whether to enable HTTP2.\nIf unset, Prometheus uses its default value." type: "boolean" + filter: + description: "Filter expression used to filter the catalog results.\nSee https://www.consul.io/api-docs/catalog#list-services\nIt requires Prometheus >= 3.0.0." + minLength: 1 + type: "string" followRedirects: description: "Configure whether HTTP requests follow HTTP 3xx redirects.\nIf unset, Prometheus uses its default value." type: "boolean" namespace: - description: "Namespaces are only supported in Consul Enterprise." + description: "Namespaces are only supported in Consul Enterprise.\n\nIt requires Prometheus >= 2.28.0." + minLength: 1 type: "string" noProxy: description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." @@ -239,11 +701,11 @@ spec: nodeMeta: additionalProperties: type: "string" - description: "Node metadata key/value pairs to filter nodes for a given service." + description: "Node metadata key/value pairs to filter nodes for a given service.\nStarting with Consul 1.14, it is recommended to use `filter` with the `NodeMeta` selector instead." type: "object" x-kubernetes-map-type: "atomic" oauth2: - description: "Optional OAuth 2.0 configuration." + description: "Optional OAuth2.0 configuration.\nCannot be set at the same time as `basicAuth`, or `authorization`." properties: clientId: description: "`clientId` specifies a key of a Secret or ConfigMap containing the\nOAuth2 client's ID." @@ -473,6 +935,11 @@ spec: type: "object" partition: description: "Admin Partitions are only supported in Consul Enterprise." + minLength: 1 + type: "string" + pathPrefix: + description: "Prefix for URIs for when consul is behind an API gateway (reverse proxy).\n\nIt requires Prometheus >= 2.45.0." + minLength: 1 type: "string" proxyConnectHeader: additionalProperties: @@ -515,7 +982,7 @@ spec: - "HTTPS" type: "string" server: - description: "A valid string consisting of a hostname or IP followed by an optional port number." + description: "Consul server address. A valid string consisting of a hostname or IP followed by an optional port number." minLength: 1 type: "string" services: @@ -523,18 +990,19 @@ spec: items: type: "string" type: "array" - x-kubernetes-list-type: "atomic" + x-kubernetes-list-type: "set" tagSeparator: description: "The string by which Consul tags are joined into the tag label.\nIf unset, Prometheus uses its default value." + minLength: 1 type: "string" tags: - description: "An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list." + description: "An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list.\nStarting with Consul 1.14, it is recommended to use `filter` with the `ServiceTags` selector instead." items: type: "string" type: "array" - x-kubernetes-list-type: "atomic" + x-kubernetes-list-type: "set" tlsConfig: - description: "TLS Config" + description: "TLS configuration to connect to the Consul API." properties: ca: description: "Certificate authority used when verifying server certificates." @@ -942,6 +1410,9 @@ spec: type: "object" port: description: "The port to scrape metrics from." + format: "int32" + maximum: 65535.0 + minimum: 0.0 type: "integer" proxyConnectHeader: additionalProperties: @@ -2380,6 +2851,9 @@ spec: enableCompression: description: "When false, Prometheus will request uncompressed response from the scraped target.\n\nIt requires Prometheus >= v2.49.0.\n\nIf unset, Prometheus uses true by default." type: "boolean" + enableHTTP2: + description: "Whether to enable HTTP2." + type: "boolean" eurekaSDConfigs: description: "EurekaSDConfigs defines a list of Eureka service discovery configurations." items: @@ -2846,6 +3320,15 @@ spec: - "server" type: "object" type: "array" + fallbackScrapeProtocol: + description: "The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.\n\nIt requires Prometheus >= v3.0.0." + enum: + - "PrometheusProto" + - "OpenMetricsText0.0.1" + - "OpenMetricsText1.0.0" + - "PrometheusText0.0.4" + - "PrometheusText1.0.0" + type: "string" fileSDConfigs: description: "FileSDConfigs defines a list of file service discovery configurations." items: @@ -2875,9 +3358,13 @@ spec: properties: filter: description: "Filter can be used optionally to filter the instance list by other criteria\nSyntax of this filter is described in the filter query parameter section:\nhttps://cloud.google.com/compute/docs/reference/latest/instances/list" + minLength: 1 type: "string" port: description: "The port to scrape metrics from. If using the public IP address, this must\ninstead be specified in the relabeling rule." + format: "int32" + maximum: 65535.0 + minimum: 0.0 type: "integer" project: description: "The Google Cloud Project ID" @@ -2889,6 +3376,7 @@ spec: type: "string" tagSeparator: description: "The tag separator is used to separate the tags on concatenation" + minLength: 1 type: "string" zone: description: "The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs." @@ -3887,6 +4375,235 @@ spec: noProxy: description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "string" + oauth2: + description: "Configure whether to enable OAuth2." + properties: + clientId: + description: "`clientId` specifies a key of a Secret or ConfigMap containing the\nOAuth2 client's ID." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + clientSecret: + description: "`clientSecret` specifies a key of a Secret containing the OAuth2\nclient's secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + endpointParams: + additionalProperties: + type: "string" + description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." + type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use." + pattern: "^http(s)?://.+$" + type: "string" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" port: description: "Port to scrape the metrics from." format: "int32" @@ -6805,6 +7522,7 @@ spec: type: "string" applicationCredentialName: description: "The ApplicationCredentialID or ApplicationCredentialName fields are\nrequired if using an application credential to authenticate. Some providers\nallow you to create an application credential to authenticate rather than a\npassword." + minLength: 1 type: "string" applicationCredentialSecret: description: "The applicationCredentialSecret field is required if using an application\ncredential to authenticate." @@ -6835,12 +7553,15 @@ spec: type: "string" domainID: description: "DomainID" + minLength: 1 type: "string" domainName: description: "At most one of domainId and domainName must be provided if using username\nwith Identity V3. Otherwise, either are optional." + minLength: 1 type: "string" identityEndpoint: description: "IdentityEndpoint specifies the HTTP endpoint that is required to work with\nthe Identity API of the appropriate version." + pattern: "^http(s)?:\\/\\/.+$" type: "string" password: description: "Password for the Identity V2 and V3 APIs. Consult with your provider's\ncontrol panel to discover your account's preferred method of authentication." @@ -6861,12 +7582,17 @@ spec: x-kubernetes-map-type: "atomic" port: description: "The port to scrape metrics from. If using the public IP address, this must\ninstead be specified in the relabeling rule." + format: "int32" + maximum: 65535.0 + minimum: 0.0 type: "integer" projectID: description: " ProjectID" + minLength: 1 type: "string" projectName: description: "The ProjectId and ProjectName fields are optional for the Identity V2 API.\nSome providers allow you to specify a ProjectName instead of the ProjectId.\nSome require both. Your provider's authentication policies will determine\nhow these fields influence authentication." + minLength: 1 type: "string" refreshInterval: description: "Refresh interval to re-read the instance list." @@ -6877,12 +7603,13 @@ spec: minLength: 1 type: "string" role: - description: "The OpenStack role of entities that should be discovered." + description: "The OpenStack role of entities that should be discovered.\n\nNote: The `LoadBalancer` role requires Prometheus >= v3.2.0." enum: - "Instance" - "instance" - "Hypervisor" - "hypervisor" + - "LoadBalancer" type: "string" tlsConfig: description: "TLS configuration applying to the target HTTP endpoint." @@ -7005,9 +7732,11 @@ spec: type: "object" userid: description: "UserID" + minLength: 1 type: "string" username: description: "Username is required if using Identity V2 API. Consult with your provider's\ncontrol panel to discover your account's username.\nIn Identity V3, either userid or a combination of username\nand domainId or domainName are needed" + minLength: 1 type: "string" required: - "region" @@ -7914,18 +8643,19 @@ spec: scrapeProtocols: description: "The protocols to negotiate during a scrape. It tells clients the\nprotocols supported by Prometheus in order of preference (from most to least preferred).\n\nIf unset, Prometheus uses its default value.\n\nIt requires Prometheus >= v2.49.0." items: - description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`" + description: "ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.\nSupported values are:\n* `OpenMetricsText0.0.1`\n* `OpenMetricsText1.0.0`\n* `PrometheusProto`\n* `PrometheusText0.0.4`\n* `PrometheusText1.0.0`" enum: - "PrometheusProto" - "OpenMetricsText0.0.1" - "OpenMetricsText1.0.0" - "PrometheusText0.0.4" + - "PrometheusText1.0.0" type: "string" minItems: 1 type: "array" x-kubernetes-list-type: "set" scrapeTimeout: - description: "ScrapeTimeout is the number of seconds to wait until a scrape request times out." + description: "ScrapeTimeout is the number of seconds to wait until a scrape request times out.\nThe value cannot be greater than the scrape interval otherwise the operator will reject the resource." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" staticConfigs: diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml index c8aace24f..7de3b7db9 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.16.5" + controller-gen.kubebuilder.io/version: "v0.17.2" name: "alertmanagerconfigs.monitoring.coreos.com" spec: group: "monitoring.coreos.com" @@ -461,6 +461,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -1147,6 +1150,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -1698,6 +1704,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -2251,6 +2260,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -2804,6 +2816,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -3424,6 +3439,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -3933,6 +3951,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -4498,6 +4519,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -5027,6 +5051,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -5518,6 +5545,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -6002,6 +6032,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" @@ -6523,6 +6556,9 @@ spec: proxyFromEnvironment: description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\n\nIt requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0." type: "boolean" + proxyURL: + description: "Optional proxy URL.\n\nIf defined, this field takes precedence over `proxyUrl`." + type: "string" proxyUrl: description: "`proxyURL` defines the HTTP proxy server to use." pattern: "^http(s)?://.+$" diff --git a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulpbackups.yaml b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulpbackups.yaml index 30f5e3616..90faee551 100644 --- a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulpbackups.yaml +++ b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulpbackups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "pulpbackups.repo-manager.pulpproject.org" spec: group: "repo-manager.pulpproject.org" @@ -212,13 +212,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -317,13 +317,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -421,13 +421,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -526,13 +526,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -628,7 +628,7 @@ spec: type: "string" conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -657,7 +657,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulprestores.yaml b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulprestores.yaml index ac4442245..1e532775e 100644 --- a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulprestores.yaml +++ b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulprestores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "pulprestores.repo-manager.pulpproject.org" spec: group: "repo-manager.pulpproject.org" @@ -61,7 +61,7 @@ spec: properties: conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -90,7 +90,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml index a5653df9b..40469db6e 100644 --- a/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml +++ b/crd-catalog/pulp/pulp-operator/repo-manager.pulpproject.org/v1beta2/pulps.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "pulps.repo-manager.pulpproject.org" spec: group: "repo-manager.pulpproject.org" @@ -57,7 +57,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -107,7 +107,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -128,13 +128,16 @@ spec: description: "Resource requirements for pulpcore aux container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -356,13 +359,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -461,13 +464,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -565,13 +568,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -670,13 +673,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -757,7 +760,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -807,7 +810,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -854,7 +857,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -904,7 +907,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -925,13 +928,16 @@ spec: description: "Resource requirements for pulpcore aux container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -984,7 +990,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1117,7 +1124,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" unhealthyPodEvictionPolicy: - description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." + description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." type: "string" type: "object" readinessProbe: @@ -1145,7 +1152,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1235,13 +1243,16 @@ spec: description: "Resource requirements for the pulp api container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1272,7 +1283,7 @@ spec: description: "The deployment strategy to use to replace existing pods with new ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate." properties: maxSurge: anyOf: @@ -1353,7 +1364,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" @@ -1363,14 +1374,14 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." @@ -1568,13 +1579,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1673,13 +1684,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1777,13 +1788,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1882,13 +1893,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1979,7 +1990,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2091,7 +2103,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2180,13 +2193,16 @@ spec: description: "Resource requirements for the Redis container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2220,7 +2236,7 @@ spec: description: "The deployment strategy to use to replace existing pods with new ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate." properties: maxSurge: anyOf: @@ -2457,13 +2473,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2562,13 +2578,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2666,13 +2682,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2771,13 +2787,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2858,7 +2874,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2908,7 +2924,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2955,7 +2971,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3005,7 +3021,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3026,13 +3042,16 @@ spec: description: "Resource requirements for pulpcore aux container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -3085,7 +3104,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3218,7 +3238,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" unhealthyPodEvictionPolicy: - description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." + description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." type: "string" type: "object" readinessProbe: @@ -3246,7 +3266,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -3336,13 +3357,16 @@ spec: description: "Resource requirements for the pulp-content container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -3373,7 +3397,7 @@ spec: description: "The deployment strategy to use to replace existing pods with new ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate." properties: maxSurge: anyOf: @@ -3454,7 +3478,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" @@ -3464,14 +3488,14 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." @@ -3672,13 +3696,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3777,13 +3801,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3881,13 +3905,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3986,13 +4010,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4074,7 +4098,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -4182,13 +4207,16 @@ spec: description: "Resource requirements for the database container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4252,7 +4280,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -4508,7 +4537,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4558,7 +4587,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4579,13 +4608,16 @@ spec: description: "Resource requirements for pulpcore aux container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4707,7 +4739,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4757,7 +4789,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -4778,13 +4810,16 @@ spec: description: "Resource requirements for pulpcore aux container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4847,13 +4882,16 @@ spec: description: "Resource requirements for the sidecar container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4914,7 +4952,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -4964,7 +5002,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5003,7 +5041,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5136,7 +5175,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" unhealthyPodEvictionPolicy: - description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." + description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." type: "string" type: "object" readinessProbe: @@ -5164,7 +5203,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -5254,13 +5294,16 @@ spec: description: "Resource requirements for the pulp-web container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -5296,7 +5339,7 @@ spec: description: "The deployment strategy to use to replace existing pods with new ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate." properties: maxSurge: anyOf: @@ -5507,13 +5550,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5612,13 +5655,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5716,13 +5759,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5821,13 +5864,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5908,7 +5951,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -5958,7 +6001,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -5997,7 +6040,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -6047,7 +6090,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -6068,13 +6111,16 @@ spec: description: "Resource requirements for pulpcore aux container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -6127,7 +6173,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -6260,7 +6307,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" unhealthyPodEvictionPolicy: - description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." + description: "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods\nshould be considered for eviction. Current implementation considers healthy pods,\nas pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow.\nIf no policy is specified, the default behavior will be used,\nwhich corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"),\nbut not yet healthy can be evicted only if the guarded application is not\ndisrupted (status.currentHealthy is at least equal to status.desiredHealthy).\nHealthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"),\nbut not yet healthy are considered disrupted and can be evicted regardless\nof whether the criteria in a PDB is met. This means perspective running\npods of a disrupted application might not get a chance to become healthy.\nHealthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future.\nClients making eviction decisions should disallow eviction of unhealthy pods\nif they encounter an unrecognized policy in this field.\n\nThis field is beta-level. The eviction API uses this field when\nthe feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default)." type: "string" type: "object" readinessProbe: @@ -6288,7 +6335,8 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -6378,13 +6426,16 @@ spec: description: "Resource requirements for the pulp-api container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -6415,7 +6466,7 @@ spec: description: "The deployment strategy to use to replace existing pods with new ones." properties: rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." + description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate." properties: maxSurge: anyOf: @@ -6496,7 +6547,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" @@ -6506,14 +6557,14 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." @@ -6542,7 +6593,7 @@ spec: type: "string" conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -6571,7 +6622,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/rancher/system-upgrade-controller/upgrade.cattle.io/v1/plans.yaml b/crd-catalog/rancher/system-upgrade-controller/upgrade.cattle.io/v1/plans.yaml index be15136db..ddde39357 100644 --- a/crd-catalog/rancher/system-upgrade-controller/upgrade.cattle.io/v1/plans.yaml +++ b/crd-catalog/rancher/system-upgrade-controller/upgrade.cattle.io/v1/plans.yaml @@ -130,6 +130,9 @@ spec: nullable: true type: "object" type: "object" + postCompleteDelay: + nullable: true + type: "string" prepare: nullable: true properties: @@ -613,6 +616,25 @@ spec: version: nullable: true type: "string" + window: + nullable: true + properties: + days: + items: + nullable: true + type: "string" + nullable: true + type: "array" + endTime: + nullable: true + type: "string" + startTime: + nullable: true + type: "string" + timeZone: + nullable: true + type: "string" + type: "object" required: - "upgrade" type: "object" diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml index ee3623b6a..3fcf004cd 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayclusters.yaml @@ -295,6 +295,135 @@ spec: type: "object" enableInTreeAutoscaling: type: "boolean" + gcsFaultToleranceOptions: + properties: + externalStorageNamespace: + type: "string" + redisAddress: + type: "string" + redisPassword: + properties: + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + properties: + apiVersion: + type: "string" + fieldPath: + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + properties: + containerName: + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + redisUsername: + properties: + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + properties: + apiVersion: + type: "string" + fieldPath: + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + properties: + containerName: + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + required: + - "redisAddress" + type: "object" headGroupSpec: properties: enableIngress: @@ -4106,6 +4235,13 @@ spec: additionalProperties: type: "string" type: "object" + managedBy: + type: "string" + x-kubernetes-validations: + - message: "the managedBy field is immutable" + rule: "self == oldSelf" + - message: "the managedBy field value must be either 'ray.io/kuberay-operator' or 'kueue.x-k8s.io/multikueue'" + rule: "self in ['ray.io/kuberay-operator', 'kueue.x-k8s.io/multikueue']" rayVersion: type: "string" suspend: @@ -4115,6 +4251,9 @@ spec: properties: groupName: type: "string" + idleTimeoutSeconds: + format: "int32" + type: "integer" maxReplicas: default: 2147483647 format: "int32" @@ -4142,6 +4281,8 @@ spec: type: "string" type: "array" type: "object" + suspend: + type: "boolean" template: properties: metadata: diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml index cf745a1a3..ae98f250a 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayjobs.yaml @@ -57,6 +57,11 @@ spec: additionalProperties: type: "string" type: "object" + deletionPolicy: + type: "string" + x-kubernetes-validations: + - message: "the deletionPolicy field value must be either 'DeleteCluster', 'DeleteWorkers', 'DeleteSelf', or 'DeleteNone'" + rule: "self in ['DeleteCluster', 'DeleteWorkers', 'DeleteSelf', 'DeleteNone']" entrypoint: type: "string" entrypointNumCpus: @@ -67,6 +72,13 @@ spec: type: "string" jobId: type: "string" + managedBy: + type: "string" + x-kubernetes-validations: + - message: "the managedBy field is immutable" + rule: "self == oldSelf" + - message: "the managedBy field value must be either 'ray.io/kuberay-operator' or 'kueue.x-k8s.io/multikueue'" + rule: "self in ['ray.io/kuberay-operator', 'kueue.x-k8s.io/multikueue']" metadata: additionalProperties: type: "string" @@ -307,6 +319,135 @@ spec: type: "object" enableInTreeAutoscaling: type: "boolean" + gcsFaultToleranceOptions: + properties: + externalStorageNamespace: + type: "string" + redisAddress: + type: "string" + redisPassword: + properties: + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + properties: + apiVersion: + type: "string" + fieldPath: + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + properties: + containerName: + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + redisUsername: + properties: + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + properties: + apiVersion: + type: "string" + fieldPath: + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + properties: + containerName: + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + required: + - "redisAddress" + type: "object" headGroupSpec: properties: enableIngress: @@ -4118,6 +4259,13 @@ spec: additionalProperties: type: "string" type: "object" + managedBy: + type: "string" + x-kubernetes-validations: + - message: "the managedBy field is immutable" + rule: "self == oldSelf" + - message: "the managedBy field value must be either 'ray.io/kuberay-operator' or 'kueue.x-k8s.io/multikueue'" + rule: "self in ['ray.io/kuberay-operator', 'kueue.x-k8s.io/multikueue']" rayVersion: type: "string" suspend: @@ -4127,6 +4275,9 @@ spec: properties: groupName: type: "string" + idleTimeoutSeconds: + format: "int32" + type: "integer" maxReplicas: default: 2147483647 format: "int32" @@ -4154,6 +4305,8 @@ spec: type: "string" type: "array" type: "object" + suspend: + type: "boolean" template: properties: metadata: diff --git a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml index 0d1d10c8f..1bfebb89b 100644 --- a/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml +++ b/crd-catalog/ray-project/kuberay/ray.io/v1/rayservices.yaml @@ -37,6 +37,8 @@ spec: deploymentUnhealthySecondThreshold: format: "int32" type: "integer" + excludeHeadPodFromServeSvc: + type: "boolean" rayClusterConfig: properties: autoscalerOptions: @@ -273,6 +275,135 @@ spec: type: "object" enableInTreeAutoscaling: type: "boolean" + gcsFaultToleranceOptions: + properties: + externalStorageNamespace: + type: "string" + redisAddress: + type: "string" + redisPassword: + properties: + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + properties: + apiVersion: + type: "string" + fieldPath: + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + properties: + containerName: + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + redisUsername: + properties: + value: + type: "string" + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + fieldRef: + properties: + apiVersion: + type: "string" + fieldPath: + type: "string" + required: + - "fieldPath" + type: "object" + x-kubernetes-map-type: "atomic" + resourceFieldRef: + properties: + containerName: + type: "string" + divisor: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + resource: + type: "string" + required: + - "resource" + type: "object" + x-kubernetes-map-type: "atomic" + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + required: + - "redisAddress" + type: "object" headGroupSpec: properties: enableIngress: @@ -4084,6 +4215,13 @@ spec: additionalProperties: type: "string" type: "object" + managedBy: + type: "string" + x-kubernetes-validations: + - message: "the managedBy field is immutable" + rule: "self == oldSelf" + - message: "the managedBy field value must be either 'ray.io/kuberay-operator' or 'kueue.x-k8s.io/multikueue'" + rule: "self in ['ray.io/kuberay-operator', 'kueue.x-k8s.io/multikueue']" rayVersion: type: "string" suspend: @@ -4093,6 +4231,9 @@ spec: properties: groupName: type: "string" + idleTimeoutSeconds: + format: "int32" + type: "integer" maxReplicas: default: 2147483647 format: "int32" @@ -4120,6 +4261,8 @@ spec: type: "string" type: "array" type: "object" + suspend: + type: "boolean" template: properties: metadata: @@ -7929,6 +8072,11 @@ spec: serviceUnhealthySecondThreshold: format: "int32" type: "integer" + upgradeStrategy: + properties: + type: + type: "string" + type: "object" type: "object" status: properties: @@ -7937,17 +8085,11 @@ spec: applicationStatuses: additionalProperties: properties: - healthLastUpdateTime: - format: "date-time" - type: "string" message: type: "string" serveDeploymentStatuses: additionalProperties: properties: - healthLastUpdateTime: - format: "date-time" - type: "string" message: type: "string" status: @@ -8073,6 +8215,45 @@ spec: type: "object" type: "object" type: "object" + conditions: + items: + properties: + lastTransitionTime: + format: "date-time" + type: "string" + message: + maxLength: 32768 + type: "string" + observedGeneration: + format: "int64" + minimum: 0.0 + type: "integer" + reason: + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" lastUpdateTime: format: "date-time" type: "string" @@ -8087,17 +8268,11 @@ spec: applicationStatuses: additionalProperties: properties: - healthLastUpdateTime: - format: "date-time" - type: "string" message: type: "string" serveDeploymentStatuses: additionalProperties: properties: - healthLastUpdateTime: - format: "date-time" - type: "string" message: type: "string" status: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml index 391e5472a..03c5e9e92 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephblockpools.yaml @@ -353,6 +353,9 @@ spec: phase: description: "ConditionType represent a resource's status" type: "string" + poolID: + description: "optional" + type: "integer" snapshotScheduleStatus: description: "SnapshotScheduleStatusSpec is the status of the snapshot schedule" properties: diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml index 4e1ccb11f..edb372754 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephclusters.yaml @@ -292,7 +292,7 @@ spec: description: "Probe describes a health check to be performed against a container to determine whether it is\nalive or ready to receive traffic." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -306,7 +306,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -320,7 +320,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -370,7 +370,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -406,7 +406,7 @@ spec: description: "Probe describes a health check to be performed against a container to determine whether it is\nalive or ready to receive traffic." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -420,7 +420,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -434,7 +434,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -484,7 +484,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1887,6 +1887,14 @@ spec: minimum: 0.0 nullable: true type: "number" + migration: + description: "Migration handles the OSD migration" + properties: + confirmation: + description: "A user confirmation to migrate the OSDs. It destroys each OSD one at a time, cleans up the backing disk\nand prepares OSD with same ID on that disk" + pattern: "^$|^yes-really-migrate-osds$" + type: "string" + type: "object" nearFullRatio: description: "NearFullRatio is the ratio at which the cluster is considered nearly full and will raise a ceph health warning. Default is 0.85." maximum: 1.0 @@ -3680,6 +3688,12 @@ spec: osd: description: "OSDStatus represents OSD status of the ceph Cluster" properties: + migrationStatus: + description: "MigrationStatus status represents the current status of any OSD migration." + properties: + pending: + type: "integer" + type: "object" storeType: additionalProperties: type: "integer" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml index cfa040a13..ea7593ee5 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephfilesystems.yaml @@ -303,6 +303,9 @@ spec: type: "object" type: "array" type: "object" + name: + description: "Name of the pool" + type: "string" parameters: additionalProperties: type: "string" @@ -420,7 +423,7 @@ spec: description: "Probe describes a health check to be performed against a container to determine whether it is\nalive or ready to receive traffic." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -434,7 +437,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -448,7 +451,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -498,7 +501,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1087,7 +1090,7 @@ spec: description: "Probe describes a health check to be performed against a container to determine whether it is\nalive or ready to receive traffic." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1101,7 +1104,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1115,7 +1118,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1165,7 +1168,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1241,6 +1244,9 @@ spec: preserveFilesystemOnDelete: description: "Preserve the fs in the cluster on CephFilesystem CR deletion. Setting this to true automatically implies PreservePoolsOnDelete is true." type: "boolean" + preservePoolNames: + description: "Preserve pool names as specified" + type: "boolean" preservePoolsOnDelete: description: "Preserve pools on filesystem deletion" type: "boolean" diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml index fd26b4d45..bd8803796 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephnfses.yaml @@ -1144,7 +1144,7 @@ spec: description: "Probe describes a health check to be performed against a container to determine whether it is\nalive or ready to receive traffic." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1158,7 +1158,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1172,7 +1172,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1222,7 +1222,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml index 64551044e..9368d8564 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml @@ -562,6 +562,51 @@ spec: nullable: true type: "object" x-kubernetes-preserve-unknown-fields: true + opsLogSidecar: + description: "Enable enhanced operation Logs for S3 in a sidecar named ops-log" + nullable: true + properties: + resources: + description: "Resources represents the way to specify resource requirements for the ops-log sidecar" + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + type: "object" placement: nullable: true properties: @@ -1122,6 +1167,18 @@ spec: type: "object" type: "object" x-kubernetes-preserve-unknown-fields: true + rgwCommandFlags: + additionalProperties: + type: "string" + description: "RgwCommandFlags sets Ceph RGW config values for the gateway clients that serve this object\nstore. Values are modified at RGW startup, resulting in RGW pod restarts.\nThis feature is intended for advanced users. It allows breaking configurations to be easily\napplied. Use with caution." + nullable: true + type: "object" + rgwConfig: + additionalProperties: + type: "string" + description: "RgwConfig sets Ceph RGW config values for the gateway clients that serve this object store.\nValues are modified at runtime without RGW restart.\nThis feature is intended for advanced users. It allows breaking configurations to be easily\napplied. Use with caution." + nullable: true + type: "object" securePort: description: "The port the rgw service will be listening on (https)" format: "int32" @@ -1158,7 +1215,7 @@ spec: description: "Probe describes a health check to be performed against a container to determine whether it is\nalive or ready to receive traffic." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1172,7 +1229,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1186,7 +1243,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1236,7 +1293,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1270,7 +1327,7 @@ spec: description: "Probe describes a health check to be performed against a container to determine whether it is\nalive or ready to receive traffic." properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1284,7 +1341,7 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." @@ -1298,7 +1355,7 @@ spec: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1348,7 +1405,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1579,6 +1636,21 @@ spec: protocols: description: "The protocol specification" properties: + enableAPIs: + description: "Represents RGW 'rgw_enable_apis' config option. See: https://docs.ceph.com/en/reef/radosgw/config-ref/#confval-rgw_enable_apis\nIf no value provided then all APIs will be enabled: s3, s3website, swift, swift_auth, admin, sts, iam, notifications\nIf enabled APIs are set, all remaining APIs will be disabled.\nThis option overrides S3.Enabled value." + items: + enum: + - "s3" + - "s3website" + - "swift" + - "swift_auth" + - "admin" + - "sts" + - "iam" + - "notifications" + type: "string" + nullable: true + type: "array" s3: description: "The spec for S3" nullable: true @@ -1588,7 +1660,7 @@ spec: nullable: true type: "boolean" enabled: - description: "Whether to enable S3. This defaults to true (even if protocols.s3 is not present in the CRD). This maintains backwards compatibility – by default S3 is enabled." + description: "Deprecated: use protocol.enableAPIs instead.\nWhether to enable S3. This defaults to true (even if protocols.s3 is not present in the CRD). This maintains backwards compatibility – by default S3 is enabled." nullable: true type: "boolean" type: "object" diff --git a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1/scyllaclusters.yaml b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1/scyllaclusters.yaml index 2e54e3fc6..0df6ed328 100644 --- a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1/scyllaclusters.yaml +++ b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1/scyllaclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "scyllaclusters.scylla.scylladb.com" spec: group: "scylla.scylladb.com" @@ -41,10 +41,10 @@ spec: description: "ScyllaCluster defines a Scylla cluster." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -63,13 +63,13 @@ spec: description: "alternator designates this cluster an Alternator cluster." properties: insecureDisableAuthorization: - description: "insecureDisableAuthorization disables Alternator authorization. If not specified, the authorization is enabled. For backwards compatibility the authorization is disabled when this field is not specified and a manual port is used." + description: "insecureDisableAuthorization disables Alternator authorization.\nIf not specified, the authorization is enabled.\nFor backwards compatibility the authorization is disabled when this field is not specified\nand a manual port is used." type: "boolean" insecureEnableHTTP: description: "insecureEnableHTTP enables serving Alternator traffic also on insecure HTTP port." type: "boolean" port: - description: "port is the port number used to bind the Alternator API. Deprecated: `port` is deprecated and may be ignored in the future. Please make sure to avoid using hostNetworking and work with standard Kubernetes concepts like Services." + description: "port is the port number used to bind the Alternator API.\nDeprecated: `port` is deprecated and may be ignored in the future.\nPlease make sure to avoid using hostNetworking and work with standard Kubernetes concepts like Services." format: "int32" type: "integer" servingCertificate: @@ -113,27 +113,27 @@ spec: description: "automaticOrphanedNodeCleanup controls if automatic orphan node cleanup should be performed." type: "boolean" backups: - description: "backups specifies backup tasks in Scylla Manager. When Scylla Manager is not installed, these will be ignored." + description: "backups specifies backup tasks in Scylla Manager.\nWhen Scylla Manager is not installed, these will be ignored." items: properties: cron: description: "cron specifies the task schedule as a cron expression. It supports an extended syntax including @monthly, @weekly, @daily, @midnight, @hourly, @every X[h|m|s]." type: "string" dc: - description: "dc is a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs to include or exclude from backup." + description: "dc is a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs\nto include or exclude from backup." items: type: "string" type: "array" interval: - description: "interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s. Deprecated: please use cron instead." + description: "interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s.\nDeprecated: please use cron instead." type: "string" keyspace: - description: "keyspace is a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair." + description: "keyspace is a list of keyspace/tables glob patterns,\ne.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair." items: type: "string" type: "array" location: - description: "location is a list of backup locations in the format [:]: ex. s3:my-bucket. The : part is optional and is only needed when different datacenters are being used to upload data to different locations. must be an alphanumeric string and may contain a dash and or a dot, but other characters are forbidden. The only supported storage at the moment are s3 and gcs." + description: "location is a list of backup locations in the format [:]: ex. s3:my-bucket.\nThe : part is optional and is only needed when different datacenters are being used to upload data\nto different locations. must be an alphanumeric string and may contain a dash and or a dot,\nbut other characters are forbidden.\nThe only supported storage at the moment are s3 and gcs." items: type: "string" type: "array" @@ -146,7 +146,7 @@ spec: format: "int64" type: "integer" rateLimit: - description: "rateLimit is a list of megabytes (MiB) per second rate limits expressed in the format [:]. The : part is optional and only needed when different datacenters need different upload limits. Set to 0 for no limit (default 100)." + description: "rateLimit is a list of megabytes (MiB) per second rate limits expressed in the format [:].\nThe : part is optional and only needed when different datacenters need different upload limits.\nSet to 0 for no limit (default 100)." items: type: "string" type: "array" @@ -156,25 +156,25 @@ spec: format: "int64" type: "integer" snapshotParallel: - description: "snapshotParallel is a list of snapshot parallelism limits in the format [:]. The : part is optional and allows for specifying different limits in selected datacenters. If The : part is not set, the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1) and n nodes in all the other datacenters." + description: "snapshotParallel is a list of snapshot parallelism limits in the format [:].\nThe : part is optional and allows for specifying different limits in selected datacenters.\nIf The : part is not set, the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1)\nand n nodes in all the other datacenters." items: type: "string" type: "array" startDate: - description: "startDate specifies the task start date expressed in the RFC3339 format or now[+duration], e.g. now+3d2h10m, valid units are d, h, m, s." + description: "startDate specifies the task start date expressed in the RFC3339 format or now[+duration],\ne.g. now+3d2h10m, valid units are d, h, m, s." type: "string" timezone: description: "timezone specifies the timezone of cron field." type: "string" uploadParallel: - description: "uploadParallel is a list of upload parallelism limits in the format [:]. The : part is optional and allows for specifying different limits in selected datacenters. If The : part is not set the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1) and n nodes in all the other datacenters." + description: "uploadParallel is a list of upload parallelism limits in the format [:].\nThe : part is optional and allows for specifying different limits in selected datacenters.\nIf The : part is not set the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1)\nand n nodes in all the other datacenters." items: type: "string" type: "array" type: "object" type: "array" cpuset: - description: "cpuset determines if the cluster will use cpu-pinning. Deprecated: `cpuset` is deprecated. It is now treated as if it is always set to true regardless of its value." + description: "cpuset determines if the cluster will use cpu-pinning.\nDeprecated: `cpuset` is deprecated. It is now treated as if it is always set to true regardless of its value." type: "boolean" datacenter: description: "datacenter holds a specification of a datacenter." @@ -195,12 +195,15 @@ spec: description: "agentResources specify the resources for the Agent container." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." type: "string" required: - "name" @@ -216,7 +219,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -225,7 +228,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" agentVolumeMounts: @@ -234,28 +237,49 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" - "name" type: "object" type: "array" + exposeOptions: + description: "exposeOptions specifies rack-specific parameters related to exposing ScyllaDBDatacenter backends." + properties: + nodeService: + description: "nodeService controls properties of Service dedicated for each ScyllaDBDatacenter node in given rack." + properties: + annotations: + additionalProperties: + type: "string" + description: "annotations is a custom key value map that gets merged with managed object annotations." + type: "object" + labels: + additionalProperties: + type: "string" + description: "labels is a custom key value map that gets merged with managed object labels." + type: "object" + type: "object" + type: "object" members: description: "members is the number of Scylla instances in this rack." format: "int32" @@ -270,9 +294,9 @@ spec: description: "nodeAffinity describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -280,45 +304,49 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -330,59 +358,65 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -392,7 +426,7 @@ spec: description: "podAffinity describes pod affinity scheduling rules." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -400,92 +434,97 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -493,103 +532,110 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "podAntiAffinity describes pod anti-affinity scheduling rules." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -597,92 +643,97 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -690,118 +741,125 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" tolerations: - description: "tolerations allow the pod to tolerate any taint that matches the triple using the matching operator." + description: "tolerations allow the pod to tolerate any taint that matches the triple \nusing the matching operator." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -810,12 +868,15 @@ spec: description: "resources the Scylla container will use." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." type: "string" required: - "name" @@ -831,7 +892,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -840,7 +901,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" scyllaAgentConfig: @@ -856,7 +917,7 @@ spec: description: "capacity describes the requested size of each persistent volume." type: "string" metadata: - description: "metadata controls shared metadata for the volume claim for this rack. At this point, the values are applied only for the initial claim and are not reconciled during its lifetime. Note that this may get fixed in the future and this behaviour shouldn't be relied on in any way." + description: "metadata controls shared metadata for the volume claim for this rack.\nAt this point, the values are applied only for the initial claim and are not reconciled during its lifetime.\nNote that this may get fixed in the future and this behaviour shouldn't be relied on in any way." properties: annotations: additionalProperties: @@ -879,22 +940,25 @@ spec: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -907,26 +971,26 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -938,23 +1002,25 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + default: "ext4" + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + default: false + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -967,55 +1033,58 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -1024,11 +1093,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -1036,19 +1105,21 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1056,29 +1127,30 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -1087,7 +1159,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -1096,7 +1168,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1109,14 +1181,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1139,43 +1211,45 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -1189,10 +1263,10 @@ spec: type: "object" x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -1201,14 +1275,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -1217,7 +1291,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1226,7 +1300,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -1235,39 +1309,41 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -1281,34 +1357,36 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -1316,13 +1394,14 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1330,39 +1409,39 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -1374,35 +1453,45 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -1411,39 +1500,42 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + default: "default" + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -1451,41 +1543,41 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -1494,13 +1586,13 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -1512,59 +1604,61 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -1573,7 +1667,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -1581,19 +1675,21 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -1609,7 +1705,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1622,14 +1718,14 @@ spec: type: "object" x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1652,12 +1748,13 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -1665,19 +1762,21 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -1688,38 +1787,39 @@ spec: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -1729,48 +1829,54 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + default: "/etc/ceph/keyring" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + default: "rbd" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + default: "admin" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + default: "xfs" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -1779,13 +1885,14 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1793,7 +1900,8 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + default: "ThinProvisioned" + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -1802,7 +1910,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -1810,14 +1918,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -1825,53 +1933,55 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -1896,12 +2006,12 @@ spec: description: "developerMode determines if the cluster runs in developer-mode." type: "boolean" dnsDomains: - description: "dnsDomains is a list of DNS domains this cluster is reachable by. These domains are used when setting up the infrastructure, like certificates. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." + description: "dnsDomains is a list of DNS domains this cluster is reachable by.\nThese domains are used when setting up the infrastructure, like certificates.\nEXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." items: type: "string" type: "array" exposeOptions: - description: "exposeOptions specifies options for exposing ScyllaCluster services. This field is immutable. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." + description: "exposeOptions specifies options for exposing ScyllaCluster services.\nThis field is immutable.\nEXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." properties: broadcastOptions: description: "BroadcastOptions defines how ScyllaDB node publishes its IP address to other nodes and clients." @@ -1909,7 +2019,7 @@ spec: clients: default: type: "ServiceClusterIP" - description: "clients specifies options related to the address that is broadcasted for communication with clients. This field controls the `broadcast_rpc_address` value in ScyllaDB config." + description: "clients specifies options related to the address that is broadcasted for communication with clients.\nThis field controls the `broadcast_rpc_address` value in ScyllaDB config." properties: podIP: description: "podIP holds options related to Pod IP address." @@ -1926,7 +2036,7 @@ spec: nodes: default: type: "ServiceClusterIP" - description: "nodes specifies options related to the address that is broadcasted for communication with other nodes. This field controls the `broadcast_address` value in ScyllaDB config." + description: "nodes specifies options related to the address that is broadcasted for communication with other nodes.\nThis field controls the `broadcast_address` value in ScyllaDB config." properties: podIP: description: "podIP holds options related to Pod IP address." @@ -1942,10 +2052,10 @@ spec: type: "object" type: "object" cql: - description: "cql specifies expose options for CQL SSL backend. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." + description: "cql specifies expose options for CQL SSL backend.\nEXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." properties: ingress: - description: "ingress is an Ingress configuration options. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." + description: "ingress is an Ingress configuration options.\nEXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." properties: annotations: additionalProperties: @@ -1953,10 +2063,10 @@ spec: description: "annotations is a custom key value map that gets merged with managed object annotations." type: "object" disabled: - description: "disabled controls if Ingress object creation is disabled. Unless disabled, there is an Ingress objects created for every Scylla node. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." + description: "disabled controls if Ingress object creation is disabled.\nUnless disabled, there is an Ingress objects created for every Scylla node.\nEXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." type: "boolean" ingressClassName: - description: "ingressClassName specifies Ingress class name. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." + description: "ingressClassName specifies Ingress class name.\nEXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." type: "string" labels: additionalProperties: @@ -1971,7 +2081,7 @@ spec: description: "nodeService controls properties of Service dedicated for each ScyllaCluster node." properties: allocateLoadBalancerNodePorts: - description: "allocateLoadBalancerNodePorts controls value of service.spec.allocateLoadBalancerNodePorts of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field." + description: "allocateLoadBalancerNodePorts controls value of service.spec.allocateLoadBalancerNodePorts of each node Service.\nCheck Kubernetes corev1.Service documentation about semantic of this field." type: "boolean" annotations: additionalProperties: @@ -1979,10 +2089,10 @@ spec: description: "annotations is a custom key value map that gets merged with managed object annotations." type: "object" externalTrafficPolicy: - description: "externalTrafficPolicy controls value of service.spec.externalTrafficPolicy of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field." + description: "externalTrafficPolicy controls value of service.spec.externalTrafficPolicy of each node Service.\nCheck Kubernetes corev1.Service documentation about semantic of this field." type: "string" internalTrafficPolicy: - description: "internalTrafficPolicy controls value of service.spec.internalTrafficPolicy of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field." + description: "internalTrafficPolicy controls value of service.spec.internalTrafficPolicy of each node Service.\nCheck Kubernetes corev1.Service documentation about semantic of this field." type: "string" labels: additionalProperties: @@ -1990,7 +2100,7 @@ spec: description: "labels is a custom key value map that gets merged with managed object labels." type: "object" loadBalancerClass: - description: "loadBalancerClass controls value of service.spec.loadBalancerClass of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field." + description: "loadBalancerClass controls value of service.spec.loadBalancerClass of each node Service.\nCheck Kubernetes corev1.Service documentation about semantic of this field." type: "string" type: description: "type is the Kubernetes Service type." @@ -2012,30 +2122,31 @@ spec: properties: failureStrategy: default: "Retry" - description: "failureStrategy specifies which logic is executed when upgrade failure happens. Currently only Retry is supported." + description: "failureStrategy specifies which logic is executed when upgrade failure happens.\nCurrently only Retry is supported." type: "string" pollInterval: default: "1s" - description: "pollInterval specifies how often upgrade logic polls on state updates. Increasing this value should lower number of requests sent to apiserver, but it may affect overall time spent during upgrade. DEPRECATED." + description: "pollInterval specifies how often upgrade logic polls on state updates.\nIncreasing this value should lower number of requests sent to apiserver, but it may affect\noverall time spent during upgrade.\nDEPRECATED." type: "string" type: "object" imagePullSecrets: - description: "imagePullSecrets is an optional list of references to secrets in the same namespace used for pulling Scylla and Agent images." + description: "imagePullSecrets is an optional list of references to secrets in the same namespace\nused for pulling Scylla and Agent images." items: - description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" minReadySeconds: - description: "minReadySeconds is the minimum number of seconds for which a newly created ScyllaDB node should be ready for it to be considered available. When used to control load balanced traffic, this can give the load balancer in front of a node enough time to notice that the node is ready and start forwarding traffic in time. Because it all depends on timing, the order is not guaranteed and, if possible, you should use readinessGates instead. If not provided, Operator will determine this value." + description: "minReadySeconds is the minimum number of seconds for which a newly created ScyllaDB node should be ready\nfor it to be considered available.\nWhen used to control load balanced traffic, this can give the load balancer in front of a node enough time to\nnotice that the node is ready and start forwarding traffic in time. Because it all depends on timing, the order\nis not guaranteed and, if possible, you should use readinessGates instead.\nIf not provided, Operator will determine this value." format: "int32" type: "integer" minTerminationGracePeriodSeconds: - description: "minTerminationGracePeriodSeconds specifies minimum duration in seconds to wait before every drained node is terminated. This gives time to potential load balancer in front of a node to notice that node is not ready anymore and stop forwarding new requests. This applies only when node is terminated gracefully. If not provided, Operator will determine this value. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." + description: "minTerminationGracePeriodSeconds specifies minimum duration in seconds to wait before every drained node is\nterminated. This gives time to potential load balancer in front of a node to notice that node is not ready anymore\nand stop forwarding new requests.\nThis applies only when node is terminated gracefully.\nIf not provided, Operator will determine this value.\nEXPERIMENTAL. Do not rely on any particular behaviour controlled by this field." format: "int32" type: "integer" network: @@ -2045,7 +2156,7 @@ spec: description: "dnsPolicy defines how a pod's DNS will be configured." type: "string" hostNetworking: - description: "hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP. Deprecated: `hostNetworking` is deprecated and may be ignored in the future." + description: "hostNetworking determines if scylla uses the host's network namespace. Setting this option\navoids going through Kubernetes SDN and exposes scylla on node's IP.\nDeprecated: `hostNetworking` is deprecated and may be ignored in the future." type: "boolean" type: "object" podMetadata: @@ -2063,7 +2174,7 @@ spec: type: "object" type: "object" readinessGates: - description: "readinessGates specifies custom readiness gates that will be evaluated for every ScyllaDB Pod readiness. It's projected into every ScyllaDB Pod as its readinessGate. Refer to upstream documentation to learn more about readiness gates." + description: "readinessGates specifies custom readiness gates that will be evaluated for every ScyllaDB Pod readiness.\nIt's projected into every ScyllaDB Pod as its readinessGate. Refer to upstream documentation to learn more\nabout readiness gates." items: description: "PodReadinessGate contains the reference to a pod condition" properties: @@ -2075,14 +2186,14 @@ spec: type: "object" type: "array" repairs: - description: "repairs specify repair tasks in Scylla Manager. When Scylla Manager is not installed, these will be ignored." + description: "repairs specify repair tasks in Scylla Manager.\nWhen Scylla Manager is not installed, these will be ignored." items: properties: cron: description: "cron specifies the task schedule as a cron expression. It supports an extended syntax including @monthly, @weekly, @daily, @midnight, @hourly, @every X[h|m|s]." type: "string" dc: - description: "dc is a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs to include or exclude from backup." + description: "dc is a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs\nto include or exclude from backup." items: type: "string" type: "array" @@ -2094,13 +2205,13 @@ spec: type: "string" intensity: default: "1" - description: "intensity indicates how many token ranges (per shard) to repair in a single Scylla repair job. By default this is 1. If you set it to 0 the number of token ranges is adjusted to the maximum supported by node (see max_repair_ranges_in_parallel in Scylla logs). Valid values are 0 and integers >= 1. Higher values will result in increased cluster load and slightly faster repairs. Changing the intensity impacts repair granularity if you need to resume it, the higher the value the more work on resume. For Scylla clusters that *do not support row-level repair*, intensity can be a decimal between (0,1). In that case it specifies percent of shards that can be repaired in parallel on a repair master node. For Scylla clusters that are row-level repair enabled, setting intensity below 1 has the same effect as setting intensity 1." + description: "intensity indicates how many token ranges (per shard) to repair in a single Scylla repair job. By default this is 1.\nIf you set it to 0 the number of token ranges is adjusted to the maximum supported by node (see max_repair_ranges_in_parallel in Scylla logs).\nValid values are 0 and integers >= 1. Higher values will result in increased cluster load and slightly faster repairs.\nChanging the intensity impacts repair granularity if you need to resume it, the higher the value the more work on resume.\nFor Scylla clusters that *do not support row-level repair*, intensity can be a decimal between (0,1).\nIn that case it specifies percent of shards that can be repaired in parallel on a repair master node.\nFor Scylla clusters that are row-level repair enabled, setting intensity below 1 has the same effect as setting intensity 1." type: "string" interval: - description: "interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s. Deprecated: please use cron instead." + description: "interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s.\nDeprecated: please use cron instead." type: "string" keyspace: - description: "keyspace is a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair." + description: "keyspace is a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*'\nused to include or exclude keyspaces from repair." items: type: "string" type: "array" @@ -2114,15 +2225,15 @@ spec: type: "integer" parallel: default: 0 - description: "parallel is the maximum number of Scylla repair jobs that can run at the same time (on different token ranges and replicas). Each node can take part in at most one repair at any given moment. By default the maximum possible parallelism is used. The effective parallelism depends on a keyspace replication factor (RF) and the number of nodes. The formula to calculate it is as follows: number of nodes / RF, ex. for 6 node cluster with RF=3 the maximum parallelism is 2." + description: "parallel is the maximum number of Scylla repair jobs that can run at the same time (on different token ranges and replicas).\nEach node can take part in at most one repair at any given moment. By default the maximum possible parallelism is used.\nThe effective parallelism depends on a keyspace replication factor (RF) and the number of nodes.\nThe formula to calculate it is as follows: number of nodes / RF, ex. for 6 node cluster with RF=3 the maximum parallelism is 2." format: "int64" type: "integer" smallTableThreshold: default: "1GiB" - description: "smallTableThreshold enable small table optimization for tables of size lower than given threshold. Supported units [B, MiB, GiB, TiB]." + description: "smallTableThreshold enable small table optimization for tables of size lower than given threshold.\nSupported units [B, MiB, GiB, TiB]." type: "string" startDate: - description: "startDate specifies the task start date expressed in the RFC3339 format or now[+duration], e.g. now+3d2h10m, valid units are d, h, m, s." + description: "startDate specifies the task start date expressed in the RFC3339 format or now[+duration],\ne.g. now+3d2h10m, valid units are d, h, m, s." type: "string" timezone: description: "timezone specifies the timezone of cron field." @@ -2134,10 +2245,10 @@ spec: description: "repository is the image repository to pull the Scylla image from." type: "string" scyllaArgs: - description: "scyllaArgs will be appended to Scylla binary during startup. This is supported from 4.2.0 Scylla version." + description: "scyllaArgs will be appended to Scylla binary during startup.\nThis is supported from 4.2.0 Scylla version." type: "string" sysctls: - description: "sysctls holds the sysctl properties to be applied during initialization given as a list of key=value pairs. Example: fs.aio-max-nr=232323" + description: "sysctls holds the sysctl properties to be applied during initialization given as a list of key=value pairs.\nExample: fs.aio-max-nr=232323" items: type: "string" type: "array" @@ -2160,7 +2271,7 @@ spec: description: "cron reflects the task schedule as a cron expression." type: "string" dc: - description: "dc reflects a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs to include or exclude from backup." + description: "dc reflects a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs\nto include or exclude from backup." items: type: "string" type: "array" @@ -2174,7 +2285,7 @@ spec: description: "interval reflects a task schedule interval." type: "string" keyspace: - description: "keyspace reflects a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair." + description: "keyspace reflects a list of keyspace/tables glob patterns,\ne.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair." items: type: "string" type: "array" @@ -2223,25 +2334,25 @@ spec: type: "object" type: "array" conditions: - description: "conditions hold conditions describing ScyllaCluster state. To determine whether a cluster rollout is finished, look for Available=True,Progressing=False,Degraded=False." + description: "conditions hold conditions describing ScyllaCluster state.\nTo determine whether a cluster rollout is finished, look for Available=True,Progressing=False,Degraded=False." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -2254,7 +2365,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -2274,7 +2385,7 @@ spec: format: "int32" type: "integer" observedGeneration: - description: "observedGeneration is the most recent generation observed for this ScyllaCluster. It corresponds to the ScyllaCluster's generation, which is updated on mutation by the API Server." + description: "observedGeneration is the most recent generation observed for this ScyllaCluster. It corresponds to the\nScyllaCluster's generation, which is updated on mutation by the API Server." format: "int64" type: "integer" rackCount: @@ -2313,10 +2424,10 @@ spec: replace_address_first_boot: additionalProperties: type: "string" - description: "replace_address_first_boot holds addresses which should be replaced by new nodes. DEPRECATED: since Scylla Operator 1.10 it's only used for deprecated replace node procedure (ScyllaDB OS <5.2, Enterprise <2023.1). With Scylla Operator 1.11+ this field may be empty." + description: "replace_address_first_boot holds addresses which should be replaced by new nodes.\nDEPRECATED: since Scylla Operator 1.10 it's only used for deprecated replace node procedure (ScyllaDB OS <5.2, Enterprise <2023.1).\n With Scylla Operator 1.11+ this field may be empty." type: "object" stale: - description: "stale indicates if the current rack status is collected for a previous generation. stale should eventually become false when the appropriate controller writes a fresh status." + description: "stale indicates if the current rack status is collected for a previous generation.\nstale should eventually become false when the appropriate controller writes a fresh status." type: "boolean" updatedMembers: description: "updatedMembers is the number of members matching the current spec." @@ -2340,7 +2451,7 @@ spec: description: "cron reflects the task schedule as a cron expression." type: "string" dc: - description: "dc reflects a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs to include or exclude from repair." + description: "dc reflects a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs\nto include or exclude from repair." items: type: "string" type: "array" @@ -2363,7 +2474,7 @@ spec: description: "interval reflects a task schedule interval." type: "string" keyspace: - description: "keyspace reflects a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair." + description: "keyspace reflects a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*'\nused to include or exclude keyspaces from repair." items: type: "string" type: "array" @@ -2398,10 +2509,10 @@ spec: description: "upgrade reflects state of ongoing upgrade procedure." properties: currentNode: - description: "currentNode node under upgrade. DEPRECATED." + description: "currentNode node under upgrade.\nDEPRECATED." type: "string" currentRack: - description: "currentRack rack under upgrade. DEPRECATED." + description: "currentRack rack under upgrade.\nDEPRECATED." type: "string" dataSnapshotTag: description: "dataSnapshotTag is the snapshot tag of data keyspaces." diff --git a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml index aaffaa77f..4cf74b821 100644 --- a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml +++ b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/nodeconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "nodeconfigs.scylla.scylladb.com" spec: group: "scylla.scylladb.com" @@ -31,17 +31,17 @@ spec: openAPIV3Schema: properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: properties: disableOptimizations: - description: "disableOptimizations controls if nodes matching placement requirements are going to be optimized. Turning off optimizations on already optimized Nodes does not revert changes." + description: "disableOptimizations controls if nodes matching placement requirements\nare going to be optimized. Turning off optimizations on already optimized\nNodes does not revert changes." type: "boolean" localDiskSetup: description: "localDiskSetup contains options of automatic local disk setup." @@ -91,10 +91,10 @@ spec: description: "fsType specifies the filesystem on the device." type: "string" mountPoint: - description: "mountPoint is a path where the device should be mounted at. If the mountPoint is a symlink, the mount will be set up for the target." + description: "mountPoint is a path where the device should be mounted at.\nIf the mountPoint is a symlink, the mount will be set up for the target." type: "string" unsupportedOptions: - description: "unsupportedOptions is a list of mount options used during device mounting. unsupported in this field name means that we won't support all the available options passed down using this field." + description: "unsupportedOptions is a list of mount options used during device mounting.\nunsupported in this field name means that we won't support all the available options passed down using this field." items: type: "string" type: "array" @@ -138,9 +138,9 @@ spec: description: "Describes node affinity scheduling rules for the pod." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." properties: preference: description: "A node selector term, associated with the corresponding weight." @@ -148,45 +148,49 @@ spec: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -198,59 +202,65 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: nodeSelectorTerms: description: "Required. A list of node selector terms. The terms are ORed." items: - description: "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." properties: matchExpressions: description: "A list of node selector requirements by node's labels." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: - description: "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." properties: key: description: "The label key that the selector applies to." type: "string" operator: - description: "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." type: "string" values: - description: "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch." + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -260,7 +270,7 @@ spec: description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -268,92 +278,97 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -361,103 +376,110 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." properties: preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred." + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." items: description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" properties: @@ -465,92 +487,97 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" weight: - description: "weight associated with matching the corresponding podAffinityTerm, in the range 1-100." + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." format: "int32" type: "integer" required: @@ -558,124 +585,131 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied." + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: - description: "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running" + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" namespaceSelector: - description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces." + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" x-kubernetes-map-type: "atomic" namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed." + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" required: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" nodeSelector: additionalProperties: type: "string" - description: "nodeSelector is a selector which must be true for the NodeConfig Pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node." + description: "nodeSelector is a selector which must be true for the NodeConfig Pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node." type: "object" tolerations: description: "tolerations is a group of tolerations NodeConfig Pods are going to have." items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -699,7 +733,7 @@ spec: description: "message is a human-readable message indicating details about the transition." type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" diff --git a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/scyllaoperatorconfigs.yaml b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/scyllaoperatorconfigs.yaml index caa039405..24ed4fda8 100644 --- a/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/scyllaoperatorconfigs.yaml +++ b/crd-catalog/scylladb/scylla-operator/scylla.scylladb.com/v1alpha1/scyllaoperatorconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.11.3" + controller-gen.kubebuilder.io/version: "v0.17.1" name: "scyllaoperatorconfigs.scylla.scylladb.com" spec: group: "scylla.scylladb.com" @@ -23,27 +23,30 @@ spec: description: "ScyllaOperatorConfig describes the Scylla Operator configuration." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: description: "spec defines the desired state of the operator." properties: + configuredClusterDomain: + description: "configuredClusterDomain allows users to set the configured Kubernetes cluster domain explicitly, instead of letting Scylla Operator automatically discover it." + type: "string" scyllaUtilsImage: description: "scyllaUtilsImage is a ScyllaDB image used for running ScyllaDB utilities." type: "string" unsupportedBashToolsImageOverride: - description: "unsupportedBashToolsImageOverride allows to adjust a generic Bash image with extra tools used by the operator for auxiliary purposes. Setting this field renders your cluster unsupported. Use at your own risk." + description: "unsupportedBashToolsImageOverride allows to adjust a generic Bash image with extra tools used by the operator\nfor auxiliary purposes.\nSetting this field renders your cluster unsupported. Use at your own risk." type: "string" unsupportedGrafanaImageOverride: - description: "unsupportedGrafanaImageOverride allows to adjust Grafana image used by the operator for testing, dev or emergencies. Setting this field renders your cluster unsupported. Use at your own risk." + description: "unsupportedGrafanaImageOverride allows to adjust Grafana image used by the operator\nfor testing, dev or emergencies.\nSetting this field renders your cluster unsupported. Use at your own risk." type: "string" unsupportedPrometheusVersionOverride: - description: "unsupportedPrometheusVersionOverride allows to adjust Prometheus version used by the operator for testing, dev or emergencies. Setting this field renders your cluster unsupported. Use at your own risk." + description: "unsupportedPrometheusVersionOverride allows to adjust Prometheus version used by the operator\nfor testing, dev or emergencies.\nSetting this field renders your cluster unsupported. Use at your own risk." type: "string" type: "object" status: @@ -52,11 +55,58 @@ spec: bashToolsImage: description: "bashToolsImage is a generic Bash image with extra tools used by the operator for auxiliary purposes." type: "string" + clusterDomain: + description: "clusterDomain is the Kubernetes cluster domain used by the Scylla Operator." + type: "string" + conditions: + description: "conditions hold conditions describing ScyllaOperatorConfig state." + items: + description: "Condition contains details for one aspect of the current state of this API Resource." + properties: + lastTransitionTime: + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + format: "date-time" + type: "string" + message: + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." + maxLength: 32768 + type: "string" + observedGeneration: + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." + format: "int64" + minimum: 0.0 + type: "integer" + reason: + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." + maxLength: 1024 + minLength: 1 + pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" + type: "string" + status: + description: "status of the condition, one of True, False, Unknown." + enum: + - "True" + - "False" + - "Unknown" + type: "string" + type: + description: "type of condition in CamelCase or in foo.example.com/CamelCase." + maxLength: 316 + pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" + type: "string" + required: + - "lastTransitionTime" + - "message" + - "reason" + - "status" + - "type" + type: "object" + type: "array" grafanaImage: description: "grafanaImage is the image used by the operator to create a Grafana instance." type: "string" observedGeneration: - description: "observedGeneration is the most recent generation observed for this ScyllaOperatorConfig. It corresponds to the ScyllaOperatorConfig's generation, which is updated on mutation by the API Server." + description: "observedGeneration is the most recent generation observed for this ScyllaOperatorConfig. It corresponds to the\nScyllaOperatorConfig's generation, which is updated on mutation by the API Server." format: "int64" type: "integer" prometheusVersion: diff --git a/crd-catalog/shipwright-io/operator/operator.shipwright.io/v1alpha1/shipwrightbuilds.yaml b/crd-catalog/shipwright-io/operator/operator.shipwright.io/v1alpha1/shipwrightbuilds.yaml index 43f4e57b1..85a789910 100644 --- a/crd-catalog/shipwright-io/operator/operator.shipwright.io/v1alpha1/shipwrightbuilds.yaml +++ b/crd-catalog/shipwright-io/operator/operator.shipwright.io/v1alpha1/shipwrightbuilds.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.8.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "shipwrightbuilds.operator.shipwright.io" spec: group: "operator.shipwright.io" @@ -19,10 +19,10 @@ spec: description: "ShipwrightBuild represents the deployment of Shipwright's build controller on a Kubernetes cluster." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -39,23 +39,23 @@ spec: conditions: description: "Conditions holds the latest available observations of a resource's current state." items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: lastTransitionTime: - description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." + description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." format: "date-time" type: "string" message: - description: "message is a human readable message indicating details about the transition. This may be an empty string." + description: "message is a human readable message indicating details about the transition.\nThis may be an empty string." maxLength: 32768 type: "string" observedGeneration: - description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance." + description: "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance." format: "int64" minimum: 0.0 type: "integer" reason: - description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty." + description: "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty." maxLength: 1024 minLength: 1 pattern: "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$" @@ -68,7 +68,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -86,9 +86,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/solo-io/gloo/enterprise.gloo.solo.io/v1/authconfigs.yaml b/crd-catalog/solo-io/gloo/enterprise.gloo.solo.io/v1/authconfigs.yaml index a6b1a69c4..66ad5af9c 100644 --- a/crd-catalog/solo-io/gloo/enterprise.gloo.solo.io/v1/authconfigs.yaml +++ b/crd-catalog/solo-io/gloo/enterprise.gloo.solo.io/v1/authconfigs.yaml @@ -5,6 +5,9 @@ metadata: spec: group: "enterprise.gloo.solo.io" names: + categories: + - "solo-io" + - "gloo-gateway" kind: "AuthConfig" listKind: "AuthConfigList" plural: "authconfigs" @@ -966,6 +969,33 @@ spec: required: - "config" type: "object" + portalAuth: + properties: + apiKeyHeader: + type: "string" + cacheDuration: + type: "string" + redisOptions: + properties: + db: + format: "int32" + type: "integer" + host: + type: "string" + poolSize: + format: "int32" + type: "integer" + socketType: + type: "string" + x-kubernetes-int-or-string: true + tlsCertMountPath: + type: "string" + type: "object" + requestTimeout: + type: "string" + url: + type: "string" + type: "object" type: "object" type: "array" failOnRedirect: diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml index e0e16d2ea..a75b83a22 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gateway.solo.io" names: + categories: + - "gloo-gateway" kind: "Gateway" listKind: "GatewayList" plural: "gateways" @@ -1060,6 +1062,27 @@ spec: type: "string" type: "object" type: "array" + metadataForTags: + items: + properties: + defaultValue: + type: "string" + kind: + type: "string" + x-kubernetes-int-or-string: true + tag: + type: "string" + value: + properties: + key: + type: "string" + namespace: + type: "string" + nestedFieldDelimiter: + type: "string" + type: "object" + type: "object" + type: "array" openCensusConfig: properties: grpcAddress: @@ -1132,12 +1155,21 @@ spec: namespace: type: "string" type: "object" + grpcService: + properties: + authority: + type: "string" + type: "object" + serviceName: + type: "string" type: "object" requestHeadersForTags: items: nullable: true type: "string" type: "array" + spawnUpstreamSpan: + type: "boolean" tracePercentages: properties: clientSamplePercentage: @@ -1738,6 +1770,27 @@ spec: type: "string" type: "object" type: "array" + metadataForTags: + items: + properties: + defaultValue: + type: "string" + kind: + type: "string" + x-kubernetes-int-or-string: true + tag: + type: "string" + value: + properties: + key: + type: "string" + namespace: + type: "string" + nestedFieldDelimiter: + type: "string" + type: "object" + type: "object" + type: "array" openCensusConfig: properties: grpcAddress: @@ -1810,12 +1863,21 @@ spec: namespace: type: "string" type: "object" + grpcService: + properties: + authority: + type: "string" + type: "object" + serviceName: + type: "string" type: "object" requestHeadersForTags: items: nullable: true type: "string" type: "array" + spawnUpstreamSpan: + type: "boolean" tracePercentages: properties: clientSamplePercentage: @@ -3082,6 +3144,27 @@ spec: type: "string" type: "object" type: "array" + metadataForTags: + items: + properties: + defaultValue: + type: "string" + kind: + type: "string" + x-kubernetes-int-or-string: true + tag: + type: "string" + value: + properties: + key: + type: "string" + namespace: + type: "string" + nestedFieldDelimiter: + type: "string" + type: "object" + type: "object" + type: "array" openCensusConfig: properties: grpcAddress: @@ -3154,12 +3237,21 @@ spec: namespace: type: "string" type: "object" + grpcService: + properties: + authority: + type: "string" + type: "object" + serviceName: + type: "string" type: "object" requestHeadersForTags: items: nullable: true type: "string" type: "array" + spawnUpstreamSpan: + type: "boolean" tracePercentages: properties: clientSamplePercentage: @@ -3869,6 +3961,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -4209,6 +4309,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4326,6 +4434,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4463,6 +4579,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4640,6 +4764,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4757,6 +4889,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4894,6 +5034,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5063,6 +5211,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5180,6 +5336,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5317,6 +5481,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5442,6 +5614,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5559,6 +5739,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5749,6 +5937,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -6277,6 +6473,9 @@ spec: x-kubernetes-int-or-string: true type: "object" type: "array" + tcpStats: + nullable: true + type: "boolean" type: "object" proxyNames: items: @@ -6538,6 +6737,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -6878,6 +7085,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -6995,6 +7210,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7132,6 +7355,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7309,6 +7540,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7426,6 +7665,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7563,6 +7810,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7732,6 +7987,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7849,6 +8112,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7986,6 +8257,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -8111,6 +8390,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -8228,6 +8515,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -8418,6 +8713,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml index d83978239..9dec4d9c9 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gateway.solo.io" names: + categories: + - "gloo-gateway" kind: "MatchableHttpGateway" listKind: "MatchableHttpGatewayList" plural: "httpgateways" @@ -1054,6 +1056,27 @@ spec: type: "string" type: "object" type: "array" + metadataForTags: + items: + properties: + defaultValue: + type: "string" + kind: + type: "string" + x-kubernetes-int-or-string: true + tag: + type: "string" + value: + properties: + key: + type: "string" + namespace: + type: "string" + nestedFieldDelimiter: + type: "string" + type: "object" + type: "object" + type: "array" openCensusConfig: properties: grpcAddress: @@ -1126,12 +1149,21 @@ spec: namespace: type: "string" type: "object" + grpcService: + properties: + authority: + type: "string" + type: "object" + serviceName: + type: "string" type: "object" requestHeadersForTags: items: nullable: true type: "string" type: "array" + spawnUpstreamSpan: + type: "boolean" tracePercentages: properties: clientSamplePercentage: diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml index f5d4c1610..e1a46ed30 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routeoptions.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gateway.solo.io" names: + categories: + - "gloo-gateway" kind: "RouteOption" listKind: "RouteOptionList" plural: "routeoptions" @@ -270,6 +272,8 @@ spec: type: "boolean" type: "object" type: "object" + distanceThreshold: + type: "number" embedding: properties: azureOpenai: @@ -1856,6 +1860,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1973,6 +1985,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2110,6 +2130,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2287,6 +2315,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2404,6 +2440,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2541,6 +2585,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2710,6 +2762,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2827,6 +2887,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2964,6 +3032,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -3111,6 +3187,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -3228,6 +3312,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml index 9143bd918..01bf0267b 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/routetables.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gateway.solo.io" names: + categories: + - "gloo-gateway" kind: "RouteTable" listKind: "RouteTableList" plural: "routetables" @@ -380,6 +382,8 @@ spec: type: "boolean" type: "object" type: "object" + distanceThreshold: + type: "number" embedding: properties: azureOpenai: @@ -1966,6 +1970,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2083,6 +2095,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2220,6 +2240,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2397,6 +2425,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2514,6 +2550,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2651,6 +2695,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2820,6 +2872,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2937,6 +2997,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -3074,6 +3142,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -3221,6 +3297,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -3338,6 +3422,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -3660,6 +3752,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -4000,6 +4100,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4117,6 +4225,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4254,6 +4370,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4431,6 +4555,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4548,6 +4680,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4685,6 +4825,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4854,6 +5002,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -4971,6 +5127,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5108,6 +5272,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5233,6 +5405,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5350,6 +5530,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5540,6 +5728,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualhostoptions.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualhostoptions.yaml index 9171bd084..a7e7065f5 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualhostoptions.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualhostoptions.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gateway.solo.io" names: + categories: + - "gloo-gateway" kind: "VirtualHostOption" listKind: "VirtualHostOptionList" plural: "virtualhostoptions" @@ -1512,6 +1514,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1629,6 +1639,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1766,6 +1784,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1943,6 +1969,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2060,6 +2094,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2197,6 +2239,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2366,6 +2416,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2483,6 +2541,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2620,6 +2686,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2759,6 +2833,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2876,6 +2958,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml index 700bc49bd..1f9c7490f 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/virtualservices.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gateway.solo.io" names: + categories: + - "gloo-gateway" kind: "VirtualService" listKind: "VirtualServiceList" plural: "virtualservices" @@ -1602,6 +1604,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1719,6 +1729,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1856,6 +1874,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2033,6 +2059,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2150,6 +2184,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2287,6 +2329,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2456,6 +2506,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2573,6 +2631,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2710,6 +2776,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2849,6 +2923,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -2966,6 +3048,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -3399,6 +3489,8 @@ spec: type: "boolean" type: "object" type: "object" + distanceThreshold: + type: "number" embedding: properties: azureOpenai: @@ -4985,6 +5077,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5102,6 +5202,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5239,6 +5347,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5416,6 +5532,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5533,6 +5657,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5670,6 +5802,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5839,6 +5979,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -5956,6 +6104,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -6093,6 +6249,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -6240,6 +6404,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -6357,6 +6529,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -6679,6 +6859,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -7019,6 +7207,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7136,6 +7332,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7273,6 +7477,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7450,6 +7662,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7567,6 +7787,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7704,6 +7932,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7873,6 +8109,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -7990,6 +8234,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -8127,6 +8379,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -8252,6 +8512,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -8369,6 +8637,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -8559,6 +8835,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" diff --git a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/proxies.yaml b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/proxies.yaml index 974e22ff7..af3234739 100644 --- a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/proxies.yaml +++ b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/proxies.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gloo.solo.io" names: + categories: + - "gloo-gateway" kind: "Proxy" listKind: "ProxyList" plural: "proxies" @@ -456,6 +458,9 @@ spec: x-kubernetes-int-or-string: true type: "object" type: "array" + tcpStats: + nullable: true + type: "boolean" type: "object" routeOptions: properties: diff --git a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/settings.yaml b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/settings.yaml index 143ba5ccf..35ad86bdc 100644 --- a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/settings.yaml +++ b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/settings.yaml @@ -7,6 +7,8 @@ metadata: spec: group: "gloo.solo.io" names: + categories: + - "gloo-gateway" kind: "Settings" listKind: "SettingsList" plural: "settings" diff --git a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreamgroups.yaml b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreamgroups.yaml index 6db914ab6..153a9d830 100644 --- a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreamgroups.yaml +++ b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreamgroups.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gloo.solo.io" names: + categories: + - "gloo-gateway" kind: "UpstreamGroup" listKind: "UpstreamGroupList" plural: "upstreamgroups" @@ -192,6 +194,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -532,6 +542,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -649,6 +667,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -786,6 +812,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -963,6 +997,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1080,6 +1122,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1217,6 +1267,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1386,6 +1444,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1503,6 +1569,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1640,6 +1714,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1765,6 +1847,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: @@ -1882,6 +1972,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" xsltTransformation: properties: diff --git a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml index 922e9c8e3..4638f68fd 100644 --- a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml +++ b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml @@ -5,6 +5,8 @@ metadata: spec: group: "gloo.solo.io" names: + categories: + - "gloo-gateway" kind: "Upstream" listKind: "UpstreamList" plural: "upstreams" @@ -42,6 +44,9 @@ spec: properties: host: type: "string" + hostname: + nullable: true + type: "string" port: maximum: 4294967295.0 minimum: 0.0 @@ -116,6 +121,9 @@ spec: properties: host: type: "string" + hostname: + nullable: true + type: "string" port: maximum: 4294967295.0 minimum: 0.0 @@ -152,6 +160,9 @@ spec: properties: host: type: "string" + hostname: + nullable: true + type: "string" port: maximum: 4294967295.0 minimum: 0.0 @@ -226,6 +237,9 @@ spec: properties: host: type: "string" + hostname: + nullable: true + type: "string" port: maximum: 4294967295.0 minimum: 0.0 @@ -254,6 +268,9 @@ spec: properties: host: type: "string" + hostname: + nullable: true + type: "string" port: maximum: 4294967295.0 minimum: 0.0 @@ -317,6 +334,9 @@ spec: properties: host: type: "string" + hostname: + nullable: true + type: "string" port: maximum: 4294967295.0 minimum: 0.0 @@ -742,6 +762,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -1400,6 +1428,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -1766,6 +1802,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" @@ -2081,6 +2125,14 @@ spec: x-kubernetes-int-or-string: true passthrough: type: "object" + spanTransformer: + properties: + name: + properties: + text: + type: "string" + type: "object" + type: "object" type: "object" type: "object" type: "object" diff --git a/crd-catalog/solo-io/gloo/graphql.gloo.solo.io/v1beta1/graphqlapis.yaml b/crd-catalog/solo-io/gloo/graphql.gloo.solo.io/v1beta1/graphqlapis.yaml index 2894db266..e340565e8 100644 --- a/crd-catalog/solo-io/gloo/graphql.gloo.solo.io/v1beta1/graphqlapis.yaml +++ b/crd-catalog/solo-io/gloo/graphql.gloo.solo.io/v1beta1/graphqlapis.yaml @@ -5,6 +5,9 @@ metadata: spec: group: "graphql.gloo.solo.io" names: + categories: + - "solo-io" + - "gloo-gateway" kind: "GraphQLApi" listKind: "GraphQLApiList" plural: "graphqlapis" diff --git a/crd-catalog/stackabletech/airflow-operator/airflow.stackable.tech/v1alpha1/airflowclusters.yaml b/crd-catalog/stackabletech/airflow-operator/airflow.stackable.tech/v1alpha1/airflowclusters.yaml index f98e61769..4d7e70d38 100644 --- a/crd-catalog/stackabletech/airflow-operator/airflow.stackable.tech/v1alpha1/airflowclusters.yaml +++ b/crd-catalog/stackabletech/airflow-operator/airflow.stackable.tech/v1alpha1/airflowclusters.yaml @@ -483,6 +483,42 @@ spec: - "authenticationClass" type: "object" type: "array" + authorization: + description: "Authorization options. Learn more in the [Airflow authorization usage guide](https://docs.stackable.tech/home/nightly/airflow/usage-guide/security#_authorization)." + nullable: true + properties: + opa: + description: "Configure the OPA stacklet [discovery ConfigMap](https://docs.stackable.tech/home/nightly/concepts/service_discovery) and the name of the Rego package containing your authorization rules. Consult the [OPA authorization documentation](https://docs.stackable.tech/home/nightly/concepts/opa) to learn how to deploy Rego authorization rules with OPA." + nullable: true + properties: + cache: + default: + entryTimeToLive: "30s" + maxEntries: 10000 + description: "Least Recently Used (LRU) cache with per-entry time-to-live (TTL) value." + properties: + entryTimeToLive: + default: "30s" + description: "Time to live per entry" + type: "string" + maxEntries: + default: 10000 + description: "Maximum number of entries in the cache; If this threshold is reached then the least recently used item is removed." + format: "uint32" + minimum: 0.0 + type: "integer" + type: "object" + configMapName: + description: "The [discovery ConfigMap](https://docs.stackable.tech/home/nightly/concepts/service_discovery) for the OPA stacklet that should be used for authorization requests." + type: "string" + package: + description: "The name of the Rego package containing the Rego rules for the product." + nullable: true + type: "string" + required: + - "configMapName" + type: "object" + type: "object" credentialsSecret: description: "The name of the Secret object containing the admin user credentials and database connection details. Read the [getting started guide first steps](https://docs.stackable.tech/home/nightly/airflow/getting_started/first_steps) to find out more." type: "string" @@ -590,7 +626,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -617,7 +653,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: diff --git a/crd-catalog/stackabletech/druid-operator/druid.stackable.tech/v1alpha1/druidclusters.yaml b/crd-catalog/stackabletech/druid-operator/druid.stackable.tech/v1alpha1/druidclusters.yaml index daf257cde..734fca233 100644 --- a/crd-catalog/stackabletech/druid-operator/druid.stackable.tech/v1alpha1/druidclusters.yaml +++ b/crd-catalog/stackabletech/druid-operator/druid.stackable.tech/v1alpha1/druidclusters.yaml @@ -153,6 +153,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -366,6 +370,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -980,6 +988,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1193,6 +1205,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1391,6 +1407,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1635,6 +1655,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1745,7 +1769,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -1772,7 +1796,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -1909,6 +1933,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -2122,6 +2150,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -2320,6 +2352,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -2533,6 +2569,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: diff --git a/crd-catalog/stackabletech/hbase-operator/hbase.stackable.tech/v1alpha1/hbaseclusters.yaml b/crd-catalog/stackabletech/hbase-operator/hbase.stackable.tech/v1alpha1/hbaseclusters.yaml index 36c6ad794..de3ef5c20 100644 --- a/crd-catalog/stackabletech/hbase-operator/hbase.stackable.tech/v1alpha1/hbaseclusters.yaml +++ b/crd-catalog/stackabletech/hbase-operator/hbase.stackable.tech/v1alpha1/hbaseclusters.yaml @@ -112,7 +112,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -139,7 +139,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -193,9 +193,6 @@ spec: description: "Time period Pods have to gracefully shut down, e.g. `30m`, `1h` or `2d`. Consult the operator documentation for details." nullable: true type: "string" - hbaseOpts: - nullable: true - type: "string" hbaseRootdir: nullable: true type: "string" @@ -283,6 +280,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -336,6 +337,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -411,9 +438,6 @@ spec: description: "Time period Pods have to gracefully shut down, e.g. `30m`, `1h` or `2d`. Consult the operator documentation for details." nullable: true type: "string" - hbaseOpts: - nullable: true - type: "string" hbaseRootdir: nullable: true type: "string" @@ -501,6 +525,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -554,6 +582,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -615,9 +669,6 @@ spec: description: "Time period Pods have to gracefully shut down, e.g. `30m`, `1h` or `2d`. Consult the operator documentation for details." nullable: true type: "string" - hbaseOpts: - nullable: true - type: "string" hbaseRootdir: nullable: true type: "string" @@ -705,6 +756,38 @@ spec: nullable: true type: "boolean" type: "object" + regionMover: + default: + ack: null + maxThreads: null + runBeforeShutdown: null + description: "Before terminating a region server pod, the RegionMover tool can be invoked to transfer local regions to other servers. This may cause a lot of network traffic in the Kubernetes cluster if the entire HBase stacklet is being restarted. The operator will compute a timeout period for the region move that will not exceed the graceful shutdown timeout." + properties: + ack: + description: "If enabled (default), the region mover will confirm that regions are available on the source as well as the target pods before and after the move." + nullable: true + type: "boolean" + additionalMoverOptions: + default: [] + description: "Additional options to pass to the region mover." + items: + type: "string" + type: "array" + maxThreads: + description: "Maximum number of threads to use for moving regions." + format: "uint16" + minimum: 0.0 + nullable: true + type: "integer" + runBeforeShutdown: + description: "Move local regions to other servers before terminating a region server's pod." + nullable: true + type: "boolean" + type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -758,6 +841,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -833,9 +942,6 @@ spec: description: "Time period Pods have to gracefully shut down, e.g. `30m`, `1h` or `2d`. Consult the operator documentation for details." nullable: true type: "string" - hbaseOpts: - nullable: true - type: "string" hbaseRootdir: nullable: true type: "string" @@ -923,6 +1029,38 @@ spec: nullable: true type: "boolean" type: "object" + regionMover: + default: + ack: null + maxThreads: null + runBeforeShutdown: null + description: "Before terminating a region server pod, the RegionMover tool can be invoked to transfer local regions to other servers. This may cause a lot of network traffic in the Kubernetes cluster if the entire HBase stacklet is being restarted. The operator will compute a timeout period for the region move that will not exceed the graceful shutdown timeout." + properties: + ack: + description: "If enabled (default), the region mover will confirm that regions are available on the source as well as the target pods before and after the move." + nullable: true + type: "boolean" + additionalMoverOptions: + default: [] + description: "Additional options to pass to the region mover." + items: + type: "string" + type: "array" + maxThreads: + description: "Maximum number of threads to use for moving regions." + format: "uint16" + minimum: 0.0 + nullable: true + type: "integer" + runBeforeShutdown: + description: "Move local regions to other servers before terminating a region server's pod." + nullable: true + type: "boolean" + type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -976,6 +1114,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -1037,9 +1201,6 @@ spec: description: "Time period Pods have to gracefully shut down, e.g. `30m`, `1h` or `2d`. Consult the operator documentation for details." nullable: true type: "string" - hbaseOpts: - nullable: true - type: "string" hbaseRootdir: nullable: true type: "string" @@ -1127,6 +1288,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1180,6 +1345,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -1255,9 +1446,6 @@ spec: description: "Time period Pods have to gracefully shut down, e.g. `30m`, `1h` or `2d`. Consult the operator documentation for details." nullable: true type: "string" - hbaseOpts: - nullable: true - type: "string" hbaseRootdir: nullable: true type: "string" @@ -1345,6 +1533,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1398,6 +1590,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." diff --git a/crd-catalog/stackabletech/hdfs-operator/hdfs.stackable.tech/v1alpha1/hdfsclusters.yaml b/crd-catalog/stackabletech/hdfs-operator/hdfs.stackable.tech/v1alpha1/hdfsclusters.yaml index b6cee9c20..acab90807 100644 --- a/crd-catalog/stackabletech/hdfs-operator/hdfs.stackable.tech/v1alpha1/hdfsclusters.yaml +++ b/crd-catalog/stackabletech/hdfs-operator/hdfs.stackable.tech/v1alpha1/hdfsclusters.yaml @@ -257,6 +257,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -365,6 +369,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -529,6 +559,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -637,6 +671,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -662,7 +722,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -689,7 +749,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -828,6 +888,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -927,6 +991,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -1087,6 +1177,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1186,6 +1280,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -1336,6 +1456,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1435,6 +1559,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -1599,6 +1749,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1698,6 +1852,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." diff --git a/crd-catalog/stackabletech/hive-operator/hive.stackable.tech/v1alpha1/hiveclusters.yaml b/crd-catalog/stackabletech/hive-operator/hive.stackable.tech/v1alpha1/hiveclusters.yaml index 116c27dc5..b949139a0 100644 --- a/crd-catalog/stackabletech/hive-operator/hive.stackable.tech/v1alpha1/hiveclusters.yaml +++ b/crd-catalog/stackabletech/hive-operator/hive.stackable.tech/v1alpha1/hiveclusters.yaml @@ -225,7 +225,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -252,7 +252,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -494,6 +494,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -757,6 +783,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." diff --git a/crd-catalog/stackabletech/kafka-operator/kafka.stackable.tech/v1alpha1/kafkaclusters.yaml b/crd-catalog/stackabletech/kafka-operator/kafka.stackable.tech/v1alpha1/kafkaclusters.yaml index 05c28c05a..9982649e4 100644 --- a/crd-catalog/stackabletech/kafka-operator/kafka.stackable.tech/v1alpha1/kafkaclusters.yaml +++ b/crd-catalog/stackabletech/kafka-operator/kafka.stackable.tech/v1alpha1/kafkaclusters.yaml @@ -162,6 +162,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -261,6 +265,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -428,6 +458,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -527,6 +561,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -543,7 +603,7 @@ spec: - "roleGroups" type: "object" clusterConfig: - description: "Kafka settings that affect all roles and role groups. The settings in the `clusterConfig` are cluster wide settings that do not need to be configurable at role or role group level." + description: "Kafka settings that affect all roles and role groups.\n\nThe settings in the `clusterConfig` are cluster wide settings that do not need to be configurable at role or role group level." properties: authentication: default: [] @@ -551,7 +611,7 @@ spec: items: properties: authenticationClass: - description: "The AuthenticationClass to use.\n\n## TLS provider\n\nOnly affects client connections. This setting controls: - If clients need to authenticate themselves against the broker via TLS - Which ca.crt to use when validating the provided client certs\n\nThis will override the server TLS settings (if set) in `spec.clusterConfig.tls.serverSecretClass`." + description: "The AuthenticationClass to use.\n\n## TLS provider\n\nOnly affects client connections. This setting controls: - If clients need to authenticate themselves against the broker via TLS - Which ca.crt to use when validating the provided client certs\n\nThis will override the server TLS settings (if set) in `spec.clusterConfig.tls.serverSecretClass`.\n\n## Kerberos provider\n\nThis affects client connections and also requires TLS for encryption. This setting is used to reference an `AuthenticationClass` and in turn, a `SecretClass` that is used to create keytabs." type: "string" required: - "authenticationClass" @@ -629,7 +689,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -656,7 +716,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: diff --git a/crd-catalog/stackabletech/nifi-operator/nifi.stackable.tech/v1alpha1/nificlusters.yaml b/crd-catalog/stackabletech/nifi-operator/nifi.stackable.tech/v1alpha1/nificlusters.yaml index 156337f4f..bed74e3be 100644 --- a/crd-catalog/stackabletech/nifi-operator/nifi.stackable.tech/v1alpha1/nificlusters.yaml +++ b/crd-catalog/stackabletech/nifi-operator/nifi.stackable.tech/v1alpha1/nificlusters.yaml @@ -19,7 +19,7 @@ spec: name: "v1alpha1" schema: openAPIV3Schema: - description: "Auto-generated derived type for NifiSpec via `CustomResource`" + description: "Auto-generated derived type for NifiClusterSpec via `CustomResource`" properties: spec: description: "A NiFi cluster stacklet. This resource is managed by the Stackable operator for Apache NiFi. Find more information on how to use it and the resources that the operator generates in the [operator documentation](https://docs.stackable.tech/home/nightly/nifi/)." @@ -173,7 +173,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -200,7 +200,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -338,6 +338,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -622,6 +626,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -781,6 +811,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. Please note that this can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -1065,6 +1099,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." diff --git a/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml b/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml index 21143bbbf..1a9d4f453 100644 --- a/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml +++ b/crd-catalog/stackabletech/opa-operator/opa.stackable.tech/v1alpha1/opaclusters.yaml @@ -58,6 +58,12 @@ spec: experimentalActiveDirectory: description: "Backend that fetches user information from Active Directory" properties: + additionalGroupAttributeFilters: + additionalProperties: + type: "string" + default: {} + description: "Attributes that groups must have to be returned.\n\nThese fields will be spliced into an LDAP Search Query, so wildcards can be used, but characters with a special meaning in LDAP will need to be escaped." + type: "object" baseDistinguishedName: description: "The root Distinguished Name (DN) where users and groups are located." type: "string" @@ -249,7 +255,7 @@ spec: description: "The OPA image to use" properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -276,7 +282,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: diff --git a/crd-catalog/stackabletech/secret-operator/secrets.stackable.tech/v1alpha1/secretclasses.yaml b/crd-catalog/stackabletech/secret-operator/secrets.stackable.tech/v1alpha1/secretclasses.yaml index a28c07cd1..3b6e125e8 100644 --- a/crd-catalog/stackabletech/secret-operator/secrets.stackable.tech/v1alpha1/secretclasses.yaml +++ b/crd-catalog/stackabletech/secret-operator/secrets.stackable.tech/v1alpha1/secretclasses.yaml @@ -117,6 +117,28 @@ spec: - "kind" - "name" type: "object" + keyGeneration: + default: + rsa: + length: 2048 + description: "The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured." + oneOf: + - required: + - "rsa" + properties: + rsa: + properties: + length: + description: "The amount of bits used for generating the RSA keypair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits." + enum: + - 2048 + - 3072 + - 4096 + type: "integer" + required: + - "length" + type: "object" + type: "object" required: - "issuer" type: "object" diff --git a/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkapplications.yaml b/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkapplications.yaml index eacc448fd..7848fd8ef 100644 --- a/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkapplications.yaml +++ b/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkapplications.yaml @@ -11,7 +11,7 @@ spec: kind: "SparkApplication" plural: "sparkapplications" shortNames: - - "sc" + - "sparkapp" singular: "sparkapplication" scope: "Namespaced" versions: @@ -189,6 +189,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -459,6 +463,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -545,6 +553,10 @@ spec: config: default: {} properties: + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -898,7 +910,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -925,7 +937,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: diff --git a/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkhistoryservers.yaml b/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkhistoryservers.yaml index b4b0ee64c..6120330b2 100644 --- a/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkhistoryservers.yaml +++ b/crd-catalog/stackabletech/spark-k8s-operator/spark.stackable.tech/v1alpha1/sparkhistoryservers.yaml @@ -11,7 +11,7 @@ spec: kind: "SparkHistoryServer" plural: "sparkhistoryservers" shortNames: - - "shs" + - "sparkhist" singular: "sparkhistoryserver" scope: "Namespaced" versions: @@ -48,7 +48,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -75,7 +75,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -360,6 +360,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -571,6 +575,10 @@ spec: nullable: true type: "boolean" type: "object" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: diff --git a/crd-catalog/stackabletech/superset-operator/superset.stackable.tech/v1alpha1/supersetclusters.yaml b/crd-catalog/stackabletech/superset-operator/superset.stackable.tech/v1alpha1/supersetclusters.yaml index 01dc15302..cdfbb1442 100644 --- a/crd-catalog/stackabletech/superset-operator/superset.stackable.tech/v1alpha1/supersetclusters.yaml +++ b/crd-catalog/stackabletech/superset-operator/superset.stackable.tech/v1alpha1/supersetclusters.yaml @@ -70,6 +70,43 @@ spec: - "authenticationClass" type: "object" type: "array" + authorization: + description: "Authorization options for Superset.\n\nCurrently only role assignment is supported. This means that roles are assigned to users in OPA but, due to the way Superset is implemented, the database also needs to be updated to reflect these assignments. Therefore, user roles and permissions must already exist in the Superset database before they can be assigned to a user. Warning: Any user roles assigned with the Superset UI are discarded." + nullable: true + properties: + roleMappingFromOpa: + description: "Configure the OPA stacklet [discovery ConfigMap](https://docs.stackable.tech/home/nightly/concepts/service_discovery) and the name of the Rego package containing your authorization rules. Consult the [OPA authorization documentation](https://docs.stackable.tech/home/nightly/concepts/opa) to learn how to deploy Rego authorization rules with OPA." + properties: + cache: + default: + entryTimeToLive: "30s" + maxEntries: 10000 + description: "Configuration for an Superset internal cache for calls to OPA" + properties: + entryTimeToLive: + default: "30s" + description: "Time to live per entry" + type: "string" + maxEntries: + default: 10000 + description: "Maximum number of entries in the cache; If this threshold is reached then the least recently used item is removed." + format: "uint32" + minimum: 0.0 + type: "integer" + type: "object" + configMapName: + description: "The [discovery ConfigMap](https://docs.stackable.tech/home/nightly/concepts/service_discovery) for the OPA stacklet that should be used for authorization requests." + type: "string" + package: + description: "The name of the Rego package containing the Rego rules for the product." + nullable: true + type: "string" + required: + - "configMapName" + type: "object" + required: + - "roleMappingFromOpa" + type: "object" clusterOperation: default: reconciliationPaused: false @@ -117,7 +154,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -144,7 +181,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: diff --git a/crd-catalog/stackabletech/trino-operator/trino.stackable.tech/v1alpha1/trinoclusters.yaml b/crd-catalog/stackabletech/trino-operator/trino.stackable.tech/v1alpha1/trinoclusters.yaml index 4444a74ab..ebb7b1287 100644 --- a/crd-catalog/stackabletech/trino-operator/trino.stackable.tech/v1alpha1/trinoclusters.yaml +++ b/crd-catalog/stackabletech/trino-operator/trino.stackable.tech/v1alpha1/trinoclusters.yaml @@ -287,6 +287,10 @@ spec: queryMaxMemoryPerNode: nullable: true type: "string" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.\n\nDefaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers." + nullable: true + type: "string" resources: default: cpu: @@ -386,6 +390,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -551,6 +581,10 @@ spec: queryMaxMemoryPerNode: nullable: true type: "string" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.\n\nDefaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers." + nullable: true + type: "string" resources: default: cpu: @@ -650,6 +684,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -675,7 +735,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -702,7 +762,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -846,6 +906,10 @@ spec: queryMaxMemoryPerNode: nullable: true type: "string" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.\n\nDefaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers." + nullable: true + type: "string" resources: default: cpu: @@ -945,6 +1009,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -1110,6 +1200,10 @@ spec: queryMaxMemoryPerNode: nullable: true type: "string" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.\n\nDefaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers." + nullable: true + type: "string" resources: default: cpu: @@ -1209,6 +1303,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." diff --git a/crd-catalog/stackabletech/zookeeper-operator/zookeeper.stackable.tech/v1alpha1/zookeeperclusters.yaml b/crd-catalog/stackabletech/zookeeper-operator/zookeeper.stackable.tech/v1alpha1/zookeeperclusters.yaml index 9851ec9bb..f863f6b1a 100644 --- a/crd-catalog/stackabletech/zookeeper-operator/zookeeper.stackable.tech/v1alpha1/zookeeperclusters.yaml +++ b/crd-catalog/stackabletech/zookeeper-operator/zookeeper.stackable.tech/v1alpha1/zookeeperclusters.yaml @@ -99,7 +99,7 @@ spec: description: "Specify which image to use, the easiest way is to only configure the `productVersion`. You can also configure a custom image registry to pull from, as well as completely custom images.\n\nConsult the [Product image selection documentation](https://docs.stackable.tech/home/nightly/concepts/product_image_selection) for details." properties: custom: - description: "Overwrite the docker image. Specify the full docker image name, e.g. `docker.stackable.tech/stackable/superset:1.4.1-stackable2.1.0`" + description: "Overwrite the docker image. Specify the full docker image name, e.g. `oci.stackable.tech/sdp/superset:1.4.1-stackable2.1.0`" type: "string" productVersion: description: "Version of the product, e.g. `1.4.1`." @@ -126,7 +126,7 @@ spec: nullable: true type: "array" repo: - description: "Name of the docker repo, e.g. `docker.stackable.tech/stackable`" + description: "Name of the docker repo, e.g. `oci.stackable.tech/sdp`" nullable: true type: "string" stackableVersion: @@ -274,6 +274,10 @@ spec: minimum: 0.0 nullable: true type: "integer" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -383,6 +387,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." @@ -552,6 +582,10 @@ spec: minimum: 0.0 nullable: true type: "integer" + requestedSecretLifetime: + description: "Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate." + nullable: true + type: "string" resources: default: cpu: @@ -661,6 +695,32 @@ spec: default: {} description: "`envOverrides` configure environment variables to be set in the Pods. It is a map from strings to strings - environment variables and the value to set. Read the [environment variable overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#env-overrides) for more information and consult the operator specific usage guide to find out about the product specific environment variables that are available." type: "object" + jvmArgumentOverrides: + default: + add: [] + remove: [] + removeRegex: [] + description: "Allows overriding JVM arguments. Please read on the [JVM argument overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#jvm-argument-overrides) for details on the usage." + properties: + add: + default: [] + description: "JVM arguments to be added" + items: + type: "string" + type: "array" + remove: + default: [] + description: "JVM arguments to be removed by exact match" + items: + type: "string" + type: "array" + removeRegex: + default: [] + description: "JVM arguments matching any of this regexes will be removed" + items: + type: "string" + type: "array" + type: "object" podOverrides: default: {} description: "In the `podOverrides` property you can define a [PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) to override any property that can be set on a Kubernetes Pod. Read the [Pod overrides documentation](https://docs.stackable.tech/home/nightly/concepts/overrides#pod-overrides) for more information." diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml index 00097ec9f..bd00520aa 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkabridges.yaml @@ -1325,6 +1325,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -1350,6 +1351,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml index e1d21f830..cc09c30f6 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkaconnects.yaml @@ -234,7 +234,7 @@ spec: description: "Configures where should the newly built image be stored. Required." properties: additionalKanikoOptions: - description: "Configures additional options which will be passed to the Kaniko executor when building the new Connect image. Allowed options are: --customPlatform, --insecure, --insecure-pull, --insecure-registry, --log-format, --log-timestamp, --registry-mirror, --reproducible, --single-snapshot, --skip-tls-verify, --skip-tls-verify-pull, --skip-tls-verify-registry, --verbosity, --snapshotMode, --use-new-run. These options will be used only on Kubernetes where the Kaniko executor is used. They will be ignored on OpenShift. The options are described in the link:https://github.com/GoogleContainerTools/kaniko[Kaniko GitHub repository^]. Changing this field does not trigger new build of the Kafka Connect image." + description: "Configures additional options which will be passed to the Kaniko executor when building the new Connect image. Allowed options are: --customPlatform, --custom-platform, --insecure, --insecure-pull, --insecure-registry, --log-format, --log-timestamp, --registry-mirror, --reproducible, --single-snapshot, --skip-tls-verify, --skip-tls-verify-pull, --skip-tls-verify-registry, --verbosity, --snapshotMode, --use-new-run, --registry-certificate, --registry-client-cert. These options will be used only on Kubernetes where the Kaniko executor is used. They will be ignored on OpenShift. The options are described in the link:https://github.com/GoogleContainerTools/kaniko[Kaniko GitHub repository^]. Changing this field does not trigger new build of the Kafka Connect image." items: type: "string" type: "array" @@ -1363,6 +1363,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -1388,6 +1389,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: @@ -2343,6 +2363,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -2368,6 +2389,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml index 46cecbd67..eb626b724 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormaker2s.yaml @@ -1497,6 +1497,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -1522,6 +1523,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: @@ -2477,6 +2497,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -2502,6 +2523,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml index 5cd5e2d24..3aeec3f67 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkamirrormakers.yaml @@ -1376,6 +1376,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -1401,6 +1402,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkanodepools.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkanodepools.yaml index ca23bf77b..6c947d287 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkanodepools.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkanodepools.yaml @@ -3,6 +3,7 @@ kind: "CustomResourceDefinition" metadata: labels: app: "strimzi" + component: "kafkanodepools.kafka.strimzi.io-crd" strimzi.io/crd-install: "true" name: "kafkanodepools.kafka.strimzi.io" spec: @@ -1095,6 +1096,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -1120,6 +1122,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkarebalances.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkarebalances.yaml index 2954510b6..12bbf6f49 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkarebalances.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkarebalances.yaml @@ -75,12 +75,29 @@ spec: type: "string" type: "array" mode: - description: "Mode to run the rebalancing. The supported modes are `full`, `add-brokers`, `remove-brokers`.\nIf not specified, the `full` mode is used by default. \n\n* `full` mode runs the rebalancing across all the brokers in the cluster.\n* `add-brokers` mode can be used after scaling up the cluster to move some replicas to the newly added brokers.\n* `remove-brokers` mode can be used before scaling down the cluster to move replicas out of the brokers to be removed.\n" + description: "Mode to run the rebalancing. The supported modes are `full`, `add-brokers`, `remove-brokers`.\nIf not specified, the `full` mode is used by default. \n\n* `full` mode runs the rebalancing across all the brokers in the cluster.\n* `add-brokers` mode can be used after scaling up the cluster to move some replicas to the newly added brokers.\n* `remove-brokers` mode can be used before scaling down the cluster to move replicas out of the brokers to be removed.\n* `remove-disks` mode can be used to move data across the volumes within the same broker\n." enum: - "full" - "add-brokers" - "remove-brokers" + - "remove-disks" type: "string" + moveReplicasOffVolumes: + description: "List of brokers and their corresponding volumes from which replicas need to be moved." + items: + properties: + brokerId: + description: "ID of the broker that contains the disk from which you want to move the partition replicas." + type: "integer" + volumeIds: + description: "IDs of the disks from which the partition replicas need to be moved." + items: + type: "integer" + minItems: 1 + type: "array" + type: "object" + minItems: 1 + type: "array" rebalanceDisk: description: "Enables intra-broker disk balancing, which balances disk space utilization between disks on the same broker. Only applies to Kafka deployments that use JBOD storage with multiple disks. When enabled, inter-broker balancing is disabled. Default is false." type: "boolean" diff --git a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml index 36238ba96..d638ceeed 100644 --- a/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml +++ b/crd-catalog/strimzi/strimzi-kafka-operator/kafka.strimzi.io/v1beta2/kafkas.yaml @@ -1089,6 +1089,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -1114,6 +1115,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: @@ -1999,6 +2019,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -2024,6 +2045,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: @@ -3770,6 +3810,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -3795,6 +3836,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: @@ -4241,6 +4301,9 @@ spec: advertisedHostTemplate: description: "Configures the template for generating the advertised hostnames of the individual brokers. Valid placeholders that you can use in the template are `{nodeId}` and `{nodePodName}`." type: "string" + allocateLoadBalancerNodePorts: + description: "Configures whether to allocate NodePort automatically for the `Service` with type `LoadBalancer`.\nThis is a one to one with the `spec.allocateLoadBalancerNodePorts` configuration in the `Service` type\nFor `loadbalancer` listeners only." + type: "boolean" bootstrap: description: "Bootstrap configuration." properties: @@ -5819,6 +5882,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -5844,6 +5908,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: @@ -6783,6 +6866,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -6808,6 +6892,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: @@ -7764,6 +7867,7 @@ spec: oneOf: - properties: configMap: {} + csi: {} emptyDir: {} persistentVolumeClaim: {} secret: {} @@ -7789,6 +7893,25 @@ spec: optional: type: "boolean" type: "object" + csi: + description: "CSIVolumeSource object to use to populate the volume." + properties: + driver: + type: "string" + fsType: + type: "string" + nodePublishSecretRef: + properties: + name: + type: "string" + type: "object" + readOnly: + type: "boolean" + volumeAttributes: + additionalProperties: + type: "string" + type: "object" + type: "object" emptyDir: description: "EmptyDir to use to populate the volume." properties: diff --git a/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/brokers.yaml b/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/brokers.yaml index c9e482c2b..67d1af8bf 100644 --- a/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/brokers.yaml +++ b/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/brokers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.12.1" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "brokers.submariner.io" spec: group: "submariner.io" @@ -19,10 +19,10 @@ spec: description: "Broker is the Schema for the brokers API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" diff --git a/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/servicediscoveries.yaml b/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/servicediscoveries.yaml index 41a2e3387..50c99c399 100644 --- a/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/servicediscoveries.yaml +++ b/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/servicediscoveries.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.12.1" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "servicediscoveries.submariner.io" spec: group: "submariner.io" @@ -19,10 +19,10 @@ spec: description: "ServiceDiscovery is the Schema for the servicediscoveries API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -81,23 +81,23 @@ spec: type: "string" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" diff --git a/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/submariners.yaml b/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/submariners.yaml index 749944e9c..e3ba77597 100644 --- a/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/submariners.yaml +++ b/crd-catalog/submariner-io/submariner-operator/submariner.io/v1alpha1/submariners.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.12.1" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "submariners.submariner.io" spec: group: "submariner.io" @@ -19,10 +19,10 @@ spec: description: "Submariner is the Schema for the submariners API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -103,7 +103,7 @@ spec: type: "integer" type: "object" coreDNSCustomConfig: - description: "Name of the custom CoreDNS configmap to configure forwarding to Lighthouse. It should be in / format where is optional and defaults to kube-system." + description: "Name of the custom CoreDNS configmap to configure forwarding to Lighthouse.\nIt should be in / format where is optional and defaults to kube-system." properties: configMapName: description: "Name of the custom CoreDNS configmap." @@ -127,6 +127,9 @@ spec: haltOnCertificateError: description: "Halt on certificate error (so the pod gets restarted)." type: "boolean" + hostedCluster: + description: "Is the cluster a hosted cluster." + type: "boolean" imageOverrides: additionalProperties: type: "string" @@ -156,23 +159,23 @@ spec: type: "boolean" tolerations: items: - description: "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator ." + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." properties: effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." type: "string" key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys." + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." type: "string" operator: - description: "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category." + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." type: "string" tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system." + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." format: "int64" type: "integer" value: - description: "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string." + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." type: "string" type: "object" type: "array" @@ -228,7 +231,7 @@ spec: type: "boolean" nonReadyContainerStates: items: - description: "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting." + description: "ContainerState holds a possible state of container.\nOnly one of its members may be specified.\nIf none of them is specified, the default one is ContainerStateWaiting." properties: running: description: "Details about a running container" @@ -285,7 +288,7 @@ spec: description: "DaemonSetStatus represents the current status of a daemon set." properties: collisionCount: - description: "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision." + description: "Count of hash collisions for the DaemonSet. The DaemonSet controller\nuses this field as a collision avoidance mechanism when it needs to\ncreate the name for the newest ControllerRevision." format: "int32" type: "integer" conditions: @@ -314,28 +317,31 @@ spec: - "type" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" currentNumberScheduled: - description: "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The number of nodes that are running at least 1\ndaemon pod and are supposed to run the daemon pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" desiredNumberScheduled: - description: "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The total number of nodes that should be running the daemon\npod (including nodes correctly running the daemon pod).\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" numberAvailable: - description: "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)" + description: "The number of nodes that should be running the\ndaemon pod and have one or more of the daemon pod running and\navailable (ready for at least spec.minReadySeconds)" format: "int32" type: "integer" numberMisscheduled: - description: "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The number of nodes that are running the daemon pod, but are\nnot supposed to run the daemon pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" numberReady: - description: "numberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running with a Ready Condition." + description: "numberReady is the number of nodes that should be running the daemon pod and have one\nor more of the daemon pod running with a Ready Condition." format: "int32" type: "integer" numberUnavailable: - description: "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)" + description: "The number of nodes that should be running the\ndaemon pod and have none of the daemon pod running and available\n(ready for at least spec.minReadySeconds)" format: "int32" type: "integer" observedGeneration: @@ -377,14 +383,32 @@ spec: minLength: 1 type: "string" healthCheckIP: + description: "Deprecated: Get/SetHealthCheckIP() or, if necessary, HealthCheckIPs" type: "string" + healthCheckIPs: + items: + type: "string" + maxItems: 2 + type: "array" hostname: type: "string" nat_enabled: type: "boolean" + privateIPs: + items: + type: "string" + maxItems: 2 + type: "array" private_ip: + description: "Deprecated: Use Get/SetPrivateIP() or, if necessary, PrivateIPs" type: "string" + publicIPs: + items: + type: "string" + maxItems: 2 + type: "array" public_ip: + description: "Deprecated: Set/SetPublicIP() or, if necessary, PublicIPs" type: "string" subnets: items: @@ -396,12 +420,10 @@ spec: - "cluster_id" - "hostname" - "nat_enabled" - - "private_ip" - - "public_ip" - "subnets" type: "object" latencyRTT: - description: "LatencySpec describes the round trip time information for a packet between the gateway pods of two clusters." + description: "LatencySpec describes the round trip time information for a packet\nbetween the gateway pods of two clusters." properties: average: type: "string" @@ -445,14 +467,32 @@ spec: minLength: 1 type: "string" healthCheckIP: + description: "Deprecated: Get/SetHealthCheckIP() or, if necessary, HealthCheckIPs" type: "string" + healthCheckIPs: + items: + type: "string" + maxItems: 2 + type: "array" hostname: type: "string" nat_enabled: type: "boolean" + privateIPs: + items: + type: "string" + maxItems: 2 + type: "array" private_ip: + description: "Deprecated: Use Get/SetPrivateIP() or, if necessary, PrivateIPs" type: "string" + publicIPs: + items: + type: "string" + maxItems: 2 + type: "array" public_ip: + description: "Deprecated: Set/SetPublicIP() or, if necessary, PublicIPs" type: "string" subnets: items: @@ -464,8 +504,6 @@ spec: - "cluster_id" - "hostname" - "nat_enabled" - - "private_ip" - - "public_ip" - "subnets" type: "object" statusFailure: @@ -492,7 +530,7 @@ spec: type: "boolean" nonReadyContainerStates: items: - description: "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting." + description: "ContainerState holds a possible state of container.\nOnly one of its members may be specified.\nIf none of them is specified, the default one is ContainerStateWaiting." properties: running: description: "Details about a running container" @@ -549,7 +587,7 @@ spec: description: "DaemonSetStatus represents the current status of a daemon set." properties: collisionCount: - description: "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision." + description: "Count of hash collisions for the DaemonSet. The DaemonSet controller\nuses this field as a collision avoidance mechanism when it needs to\ncreate the name for the newest ControllerRevision." format: "int32" type: "integer" conditions: @@ -578,28 +616,31 @@ spec: - "type" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" currentNumberScheduled: - description: "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The number of nodes that are running at least 1\ndaemon pod and are supposed to run the daemon pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" desiredNumberScheduled: - description: "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The total number of nodes that should be running the daemon\npod (including nodes correctly running the daemon pod).\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" numberAvailable: - description: "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)" + description: "The number of nodes that should be running the\ndaemon pod and have one or more of the daemon pod running and\navailable (ready for at least spec.minReadySeconds)" format: "int32" type: "integer" numberMisscheduled: - description: "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The number of nodes that are running the daemon pod, but are\nnot supposed to run the daemon pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" numberReady: - description: "numberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running with a Ready Condition." + description: "numberReady is the number of nodes that should be running the daemon pod and have one\nor more of the daemon pod running with a Ready Condition." format: "int32" type: "integer" numberUnavailable: - description: "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)" + description: "The number of nodes that should be running the\ndaemon pod and have none of the daemon pod running and available\n(ready for at least spec.minReadySeconds)" format: "int32" type: "integer" observedGeneration: @@ -619,6 +660,9 @@ spec: required: - "mismatchedContainerImages" type: "object" + hostedCluster: + description: "Is the cluster a hosted cluster." + type: "boolean" loadBalancerStatus: description: "The status of the load balancer DaemonSet." properties: @@ -626,22 +670,26 @@ spec: description: "LoadBalancerStatus represents the status of a load-balancer." properties: ingress: - description: "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points." + description: "Ingress is a list containing ingress points for the load-balancer.\nTraffic intended for the service should be sent to these ingress points." items: - description: "LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point." + description: "LoadBalancerIngress represents the status of a load-balancer ingress point:\ntraffic intended for the service should be sent to an ingress point." properties: hostname: - description: "Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)" + description: "Hostname is set for load-balancer ingress points that are DNS based\n(typically AWS load-balancers)" type: "string" ip: - description: "IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)" + description: "IP is set for load-balancer ingress points that are IP based\n(typically GCE or OpenStack load-balancers)" + type: "string" + ipMode: + description: "IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified.\nSetting this to \"VIP\" indicates that traffic is delivered to the node with\nthe destination set to the load-balancer's IP and port.\nSetting this to \"Proxy\" indicates that traffic is delivered to the node or pod with\nthe destination set to the node's IP and node port or the pod's IP and port.\nService implementations may use this information to adjust traffic routing." type: "string" ports: - description: "Ports is a list of records of service ports If used, every port defined in the service should have an entry in it" + description: "Ports is a list of records of service ports\nIf used, every port defined in the service should have an entry in it" items: + description: "PortStatus represents the error condition of a service port" properties: error: - description: "Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "Error is to record the problem with the service port\nThe format of the error shall comply with the following rules:\n- built-in error values shall be specified in this file and those shall use\n CamelCase names\n- cloud provider specific error values must have names that comply with the\n format foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" @@ -650,10 +698,10 @@ spec: format: "int32" type: "integer" protocol: - default: "TCP" - description: "Protocol is the protocol of the service port of which status is recorded here The supported values are: \"TCP\", \"UDP\", \"SCTP\"" + description: "Protocol is the protocol of the service port of which status is recorded here\nThe supported values are: \"TCP\", \"UDP\", \"SCTP\"" type: "string" required: + - "error" - "port" - "protocol" type: "object" @@ -661,6 +709,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" natEnabled: @@ -678,7 +727,7 @@ spec: type: "boolean" nonReadyContainerStates: items: - description: "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting." + description: "ContainerState holds a possible state of container.\nOnly one of its members may be specified.\nIf none of them is specified, the default one is ContainerStateWaiting." properties: running: description: "Details about a running container" @@ -735,7 +784,7 @@ spec: description: "DaemonSetStatus represents the current status of a daemon set." properties: collisionCount: - description: "Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision." + description: "Count of hash collisions for the DaemonSet. The DaemonSet controller\nuses this field as a collision avoidance mechanism when it needs to\ncreate the name for the newest ControllerRevision." format: "int32" type: "integer" conditions: @@ -764,28 +813,31 @@ spec: - "type" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "type" + x-kubernetes-list-type: "map" currentNumberScheduled: - description: "The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The number of nodes that are running at least 1\ndaemon pod and are supposed to run the daemon pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" desiredNumberScheduled: - description: "The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The total number of nodes that should be running the daemon\npod (including nodes correctly running the daemon pod).\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" numberAvailable: - description: "The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)" + description: "The number of nodes that should be running the\ndaemon pod and have one or more of the daemon pod running and\navailable (ready for at least spec.minReadySeconds)" format: "int32" type: "integer" numberMisscheduled: - description: "The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + description: "The number of nodes that are running the daemon pod, but are\nnot supposed to run the daemon pod.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" format: "int32" type: "integer" numberReady: - description: "numberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running with a Ready Condition." + description: "numberReady is the number of nodes that should be running the daemon pod and have one\nor more of the daemon pod running with a Ready Condition." format: "int32" type: "integer" numberUnavailable: - description: "The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)" + description: "The number of nodes that should be running the\ndaemon pod and have none of the daemon pod running and available\n(ready for at least spec.minReadySeconds)" format: "int32" type: "integer" observedGeneration: diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/apiservers.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/apiservers.yaml index ae04750d4..934ac56e2 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/apiservers.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/apiservers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "apiservers.operator.tigera.io" spec: group: "operator.tigera.io" @@ -255,13 +255,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -360,13 +360,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -464,13 +464,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -569,13 +569,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -652,6 +652,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -703,6 +706,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -738,6 +744,9 @@ spec: type: "string" description: "NodeSelector is the API server pod's scheduling constraints.\nIf specified, each of the key/value pairs are added to the API server Deployment nodeSelector provided\nthe key does not already exist in the object's nodeSelector.\nIf used in conjunction with ControlPlaneNodeSelector, that nodeSelector is set on the API server Deployment\nand each of this field's key/value pairs are added to the API server Deployment nodeSelector provided\nthe key does not already exist in the object's nodeSelector.\nIf omitted, the API server Deployment will use its default value for nodeSelector.\nWARNING: Please note that this field will modify the default API server Deployment nodeSelector." type: "object" + priorityClassName: + description: "PriorityClassName allows to specify a PriorityClass resource to be used." + type: "string" tolerations: description: "Tolerations is the API server pod's tolerations.\nIf specified, this overrides any tolerations that may be set on the API server Deployment.\nIf omitted, the API server Deployment will use its default value for tolerations.\nWARNING: Please note that this field will override the default API server Deployment tolerations." items: @@ -835,6 +844,37 @@ spec: type: "object" type: "object" type: "object" + logging: + properties: + apiServer: + properties: + logSeverity: + default: "Info" + description: "LogSeverity defines log level for APIServer container." + enum: + - "Fatal" + - "Error" + - "Warn" + - "Info" + - "Debug" + - "Trace" + type: "string" + type: "object" + queryServer: + properties: + logSeverity: + default: "Info" + description: "LogSeverity defines log level for QueryServer container." + enum: + - "Fatal" + - "Error" + - "Warn" + - "Info" + - "Debug" + - "Trace" + type: "string" + type: "object" + type: "object" type: "object" status: description: "Most recently observed status for the Tigera API server." @@ -842,7 +882,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -871,7 +911,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/applicationlayers.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/applicationlayers.yaml index 276858783..62f91286e 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/applicationlayers.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/applicationlayers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "applicationlayers.operator.tigera.io" spec: group: "operator.tigera.io" @@ -85,6 +85,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -134,6 +137,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -205,7 +211,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -234,7 +240,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/authentications.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/authentications.yaml index 8b89b37b9..0c14a0928 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/authentications.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/authentications.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "authentications.operator.tigera.io" spec: group: "operator.tigera.io" @@ -62,6 +62,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -113,6 +116,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -276,6 +282,8 @@ spec: usernamePrefix: description: "If specified, UsernamePrefix is prepended to each user obtained from the identity provider. Note that\nKibana does not support a user prefix, so this prefix is removed from Kubernetes User when translating log access\nClusterRoleBindings into Elastic." type: "string" + required: + - "managerDomain" type: "object" status: description: "AuthenticationStatus defines the observed state of Authentication" @@ -283,7 +291,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -312,7 +320,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/compliances.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/compliances.yaml index 77ca538f7..7ec3c3b3d 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/compliances.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/compliances.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "compliances.operator.tigera.io" spec: group: "operator.tigera.io" @@ -62,6 +62,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -113,6 +116,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -180,6 +186,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -231,6 +240,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -295,6 +307,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -346,6 +361,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -412,6 +430,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -463,6 +484,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -530,6 +554,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -581,6 +608,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -622,7 +652,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -651,7 +681,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/egressgateways.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/egressgateways.yaml index 64aa8c667..f5e09a9e8 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/egressgateways.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/egressgateways.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "egressgateways.operator.tigera.io" spec: group: "operator.tigera.io" @@ -124,14 +124,14 @@ spec: type: "array" logSeverity: default: "Info" - description: "LogSeverity defines the logging level of the Egress Gateway.\nDefault: Info" + description: "LogSeverity defines the logging level of the Egress Gateway." enum: - - "Trace" - - "Debug" - - "Info" - - "Warn" - - "Error" - "Fatal" + - "Error" + - "Warn" + - "Info" + - "Debug" + - "Trace" type: "string" replicas: default: 1 @@ -340,13 +340,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -445,13 +445,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -549,13 +549,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -654,13 +654,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -735,6 +735,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -786,6 +789,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -933,7 +939,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -962,7 +968,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/imagesets.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/imagesets.yaml index 96f611d6a..fc2b0f1a3 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/imagesets.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/imagesets.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "imagesets.operator.tigera.io" spec: group: "operator.tigera.io" @@ -37,7 +37,7 @@ spec: description: "Digest is the image identifier that will be used for the Image.\nThe field should not include a leading `@` and must be prefixed with `sha256:`." type: "string" image: - description: "Image is an image that the operator deploys and instead of using the built in tag\nthe operator will use the Digest for the image identifier.\nThe value should be the image name without registry or tag or digest.\nFor the image `docker.io/calico/node:v3.17.1` it should be represented as `calico/node`" + description: "Image is an image that the operator deploys and instead of using the built in tag\nthe operator will use the Digest for the image identifier.\nThe value should be the *original* image name without registry or tag or digest.\nFor the image `docker.io/calico/node:v3.17.1` it should be represented as `calico/node`\nThe \"Installation\" spec allows defining custom image registries, paths or prefixes.\nEven for custom images such as example.com/custompath/customprefix-calico-node:v3.17.1,\nthis value should still be `calico/node`." type: "string" required: - "digest" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml index 840adaf64..3f68b30dd 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/installations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "installations.operator.tigera.io" spec: group: "operator.tigera.io" @@ -29,6 +29,17 @@ spec: spec: description: "Specification of the desired state for the Calico or Calico Enterprise installation." properties: + azure: + description: "Azure is used to configure azure provider specific options." + properties: + policyMode: + default: "Default" + description: "PolicyMode determines whether the \"control-plane\" label is applied to namespaces. It offers two options: Default and Manual.\nThe Default option adds the \"control-plane\" label to the required namespaces.\nThe Manual option does not apply the \"control-plane\" label to any namespace.\nDefault: Default" + enum: + - "Default" + - "Manual" + type: "string" + type: "object" calicoKubeControllersDeployment: description: "CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in\nconjunction with the deprecated ComponentResources, then these overrides take precedence." properties: @@ -255,13 +266,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -360,13 +371,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -464,13 +475,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -569,13 +580,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -651,6 +662,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -743,6 +757,9 @@ spec: items: type: "string" type: "array" + assignmentMode: + description: "AssignmentMode determines if IP addresses from this pool should be assigned automatically or on request only" + type: "string" blockSize: description: "BlockSize specifies the CIDR prefex length to use when allocating per-node IP blocks from\nthe main IP pool CIDR.\nDefault: 26 (IPv4), 122 (IPv6)" format: "int32" @@ -1107,13 +1124,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1212,13 +1229,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1316,13 +1333,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1421,13 +1438,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1502,6 +1519,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1558,6 +1578,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1846,13 +1869,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -1951,13 +1974,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2055,13 +2078,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2160,13 +2183,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2241,6 +2264,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2297,6 +2323,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -2585,13 +2614,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2690,13 +2719,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2794,13 +2823,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2899,13 +2928,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -2980,6 +3009,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -3129,6 +3161,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -3418,13 +3453,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3523,13 +3558,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3627,13 +3662,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3732,13 +3767,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -3815,6 +3850,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -3899,7 +3937,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3945,8 +3983,8 @@ spec: enum: - "Error" - "Warning" - - "Debug" - "Info" + - "Debug" type: "string" type: "object" type: "object" @@ -3958,7 +3996,7 @@ spec: description: "NodeUpdateStrategy can be used to customize the desired update strategy, such as the MaxUnavailable\nfield." properties: rollingUpdate: - description: "Rolling update config params. Present only if type = \"RollingUpdate\".\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be. Same as Deployment `strategy.rollingUpdate`.\nSee https://github.com/kubernetes/kubernetes/issues/35345" + description: "Rolling update config params. Present only if type = \"RollingUpdate\"." properties: maxSurge: anyOf: @@ -3980,6 +4018,19 @@ spec: nonPrivileged: description: "NonPrivileged configures Calico to be run in non-privileged containers as non-root users where possible." type: "string" + proxy: + description: "Proxy is used to configure the HTTP(S) proxy settings that will be applied to Tigera containers that connect\nto destinations outside the cluster. It is expected that NO_PROXY is configured such that destinations within\nthe cluster (including the API server) are exempt from proxying." + properties: + httpProxy: + description: "HTTPProxy defines the value of the HTTP_PROXY environment variable that will be set on Tigera containers that connect to\ndestinations outside the cluster." + type: "string" + httpsProxy: + description: "HTTPSProxy defines the value of the HTTPS_PROXY environment variable that will be set on Tigera containers that connect to\ndestinations outside the cluster." + type: "string" + noProxy: + description: "NoProxy defines the value of the NO_PROXY environment variable that will be set on Tigera containers that connect to\ndestinations outside the cluster. This value must be set such that destinations within the scope of the cluster, including\nthe Kubernetes API server, are exempt from being proxied." + type: "string" + type: "object" registry: description: "Registry is the default Docker registry used for component Docker images.\nIf specified then the given value must end with a slash character (`/`) and all images will be pulled from this registry.\nIf not specified then the default registries will be used. A special case value, UseDefault, is\nsupported to explicitly specify the default registries will be used.\nImage format:\n `/:`\nThis option allows configuring the `` portion of the above format." type: "string" @@ -4369,13 +4420,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4474,13 +4525,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4578,13 +4629,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4683,13 +4734,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -4764,6 +4815,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4815,6 +4869,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -4991,6 +5048,17 @@ spec: computed: description: "Computed is the final installation including overlaid resources." properties: + azure: + description: "Azure is used to configure azure provider specific options." + properties: + policyMode: + default: "Default" + description: "PolicyMode determines whether the \"control-plane\" label is applied to namespaces. It offers two options: Default and Manual.\nThe Default option adds the \"control-plane\" label to the required namespaces.\nThe Manual option does not apply the \"control-plane\" label to any namespace.\nDefault: Default" + enum: + - "Default" + - "Manual" + type: "string" + type: "object" calicoKubeControllersDeployment: description: "CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in\nconjunction with the deprecated ComponentResources, then these overrides take precedence." properties: @@ -5217,13 +5285,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5322,13 +5390,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5426,13 +5494,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5531,13 +5599,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -5613,6 +5681,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -5705,6 +5776,9 @@ spec: items: type: "string" type: "array" + assignmentMode: + description: "AssignmentMode determines if IP addresses from this pool should be assigned automatically or on request only" + type: "string" blockSize: description: "BlockSize specifies the CIDR prefex length to use when allocating per-node IP blocks from\nthe main IP pool CIDR.\nDefault: 26 (IPv4), 122 (IPv6)" format: "int32" @@ -6069,13 +6143,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6174,13 +6248,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6278,13 +6352,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6383,13 +6457,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6464,6 +6538,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -6520,6 +6597,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -6808,13 +6888,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -6913,13 +6993,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -7017,13 +7097,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -7122,13 +7202,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -7203,6 +7283,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -7259,6 +7342,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -7547,13 +7633,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -7652,13 +7738,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -7756,13 +7842,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -7861,13 +7947,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -7942,6 +8028,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -8091,6 +8180,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -8380,13 +8472,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8485,13 +8577,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8589,13 +8681,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8694,13 +8786,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -8777,6 +8869,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -8861,7 +8956,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -8907,8 +9002,8 @@ spec: enum: - "Error" - "Warning" - - "Debug" - "Info" + - "Debug" type: "string" type: "object" type: "object" @@ -8920,7 +9015,7 @@ spec: description: "NodeUpdateStrategy can be used to customize the desired update strategy, such as the MaxUnavailable\nfield." properties: rollingUpdate: - description: "Rolling update config params. Present only if type = \"RollingUpdate\".\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be. Same as Deployment `strategy.rollingUpdate`.\nSee https://github.com/kubernetes/kubernetes/issues/35345" + description: "Rolling update config params. Present only if type = \"RollingUpdate\"." properties: maxSurge: anyOf: @@ -8942,6 +9037,19 @@ spec: nonPrivileged: description: "NonPrivileged configures Calico to be run in non-privileged containers as non-root users where possible." type: "string" + proxy: + description: "Proxy is used to configure the HTTP(S) proxy settings that will be applied to Tigera containers that connect\nto destinations outside the cluster. It is expected that NO_PROXY is configured such that destinations within\nthe cluster (including the API server) are exempt from proxying." + properties: + httpProxy: + description: "HTTPProxy defines the value of the HTTP_PROXY environment variable that will be set on Tigera containers that connect to\ndestinations outside the cluster." + type: "string" + httpsProxy: + description: "HTTPSProxy defines the value of the HTTPS_PROXY environment variable that will be set on Tigera containers that connect to\ndestinations outside the cluster." + type: "string" + noProxy: + description: "NoProxy defines the value of the NO_PROXY environment variable that will be set on Tigera containers that connect to\ndestinations outside the cluster. This value must be set such that destinations within the scope of the cluster, including\nthe Kubernetes API server, are exempt from being proxied." + type: "string" + type: "object" registry: description: "Registry is the default Docker registry used for component Docker images.\nIf specified then the given value must end with a slash character (`/`) and all images will be pulled from this registry.\nIf not specified then the default registries will be used. A special case value, UseDefault, is\nsupported to explicitly specify the default registries will be used.\nImage format:\n `/:`\nThis option allows configuring the `` portion of the above format." type: "string" @@ -9331,13 +9439,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9436,13 +9544,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9540,13 +9648,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9645,13 +9753,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -9726,6 +9834,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -9777,6 +9888,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -9947,7 +10061,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -9976,7 +10090,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/intrusiondetections.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/intrusiondetections.yaml index a2981db50..2be0839cb 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/intrusiondetections.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/intrusiondetections.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "intrusiondetections.operator.tigera.io" spec: group: "operator.tigera.io" @@ -57,6 +57,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -123,6 +126,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -193,6 +199,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -244,6 +253,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -285,7 +297,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -314,7 +326,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/logcollectors.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/logcollectors.yaml index 1fbb0c2f1..11a046e23 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/logcollectors.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/logcollectors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "logcollectors.operator.tigera.io" spec: group: "operator.tigera.io" @@ -153,6 +153,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -204,6 +207,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -271,6 +277,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -322,6 +331,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -366,7 +378,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -395,7 +407,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/logstorages.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/logstorages.yaml index 7716daea8..3d07ab007 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/logstorages.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/logstorages.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "logstorages.operator.tigera.io" spec: group: "operator.tigera.io" @@ -50,6 +50,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -119,6 +122,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -168,6 +174,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -235,6 +244,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -286,6 +298,133 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + type: "object" + type: "object" + type: "object" + type: "object" + esGatewayDeployment: + description: "ESGatewayDeployment configures the es-gateway Deployment." + properties: + spec: + description: "Spec is the specification of the es-gateway Deployment." + properties: + template: + description: "Template describes the es-gateway Deployment pod that will be created." + properties: + spec: + description: "Spec is the es-gateway Deployment's PodSpec." + properties: + containers: + description: "Containers is a list of es-gateway containers.\nIf specified, this overrides the specified es-gateway Deployment containers.\nIf omitted, the es-gateway Deployment will use its default values for its containers." + items: + description: "ESGatewayDeploymentContainer is a es-gateway Deployment container." + properties: + name: + description: "Name is an enum which identifies the es-gateway Deployment container by name.\nSupported values are: tigera-secure-es-gateway" + enum: + - "tigera-secure-es-gateway" + type: "string" + resources: + description: "Resources allows customization of limits and requests for compute resources such as cpu and memory.\nIf specified, this overrides the named es-gateway Deployment container's resources.\nIf omitted, the es-gateway Deployment will use its default value for this container's resources." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" + required: + - "name" + type: "object" + type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" + limits: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + requests: + additionalProperties: + anyOf: + - type: "integer" + - type: "string" + pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + type: "object" + type: "object" + required: + - "name" + type: "object" + type: "array" + initContainers: + description: "InitContainers is a list of es-gateway init containers.\nIf specified, this overrides the specified es-gateway Deployment init containers.\nIf omitted, the es-gateway Deployment will use its default values for its init containers." + items: + description: "ESGatewayDeploymentInitContainer is a es-gateway Deployment init container." + properties: + name: + description: "Name is an enum which identifies the es-gateway Deployment init container by name.\nSupported values are: tigera-secure-elasticsearch-cert-key-cert-provisioner" + enum: + - "tigera-secure-elasticsearch-cert-key-cert-provisioner" + type: "string" + resources: + description: "Resources allows customization of limits and requests for compute resources such as cpu and memory.\nIf specified, this overrides the named es-gateway Deployment init container's resources.\nIf omitted, the es-gateway Deployment will use its default value for this init container's resources." + properties: + claims: + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\nThis field is immutable. It can only be set for containers." + items: + description: "ResourceClaim references one entry in PodSpec.ResourceClaims." + properties: + name: + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." + type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -361,6 +500,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -412,6 +554,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -479,6 +624,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -531,6 +679,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -607,6 +758,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -672,7 +826,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -701,7 +855,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusterconnections.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusterconnections.yaml index 109f1a0d3..e6e1a30d0 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusterconnections.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusterconnections.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "managementclusterconnections.operator.tigera.io" spec: group: "operator.tigera.io" @@ -62,6 +62,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -111,6 +114,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -165,7 +171,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -194,7 +200,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusters.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusters.yaml index 3ac18cee2..0da5a24da 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusters.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/managementclusters.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "managementclusters.operator.tigera.io" spec: group: "operator.tigera.io" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/managers.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/managers.yaml index 927d30e32..1ef9deebc 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/managers.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/managers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "managers.operator.tigera.io" spec: group: "operator.tigera.io" @@ -65,6 +65,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -118,6 +121,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -159,7 +165,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -188,7 +194,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/monitors.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/monitors.yaml index 762a58259..0b7ed2c79 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/monitors.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/monitors.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "monitors.operator.tigera.io" spec: group: "operator.tigera.io" @@ -46,6 +46,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -96,7 +99,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -281,6 +284,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -322,6 +328,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -358,7 +367,7 @@ spec: conditions: description: "Conditions represents the latest observed set of conditions for the component. A component may be one or more of\nReady, Progressing, Degraded or other customer types." items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -387,7 +396,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/policyrecommendations.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/policyrecommendations.yaml index dae2ba83c..316729d0b 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/policyrecommendations.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/policyrecommendations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "policyrecommendations.operator.tigera.io" spec: group: "operator.tigera.io" @@ -62,6 +62,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -113,6 +116,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml index 5d164f79e..72a37abc8 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/tenants.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "tenants.operator.tigera.io" spec: group: "operator.tigera.io" @@ -65,6 +65,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -338,13 +341,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -443,13 +446,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -547,13 +550,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -652,13 +655,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -734,6 +737,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -862,6 +868,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -914,6 +923,9 @@ spec: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -952,6 +964,7 @@ spec: description: "Name is a human readable name for this tenant." type: "string" required: + - "id" - "indices" type: "object" status: diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/tigerastatuses.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/tigerastatuses.yaml index eb8de6b63..4638b7e82 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/tigerastatuses.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/tigerastatuses.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "tigerastatuses.operator.tigera.io" spec: group: "operator.tigera.io" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/tlspassthroughroutes.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/tlspassthroughroutes.yaml index 7c6f96301..c82d7e755 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/tlspassthroughroutes.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/tlspassthroughroutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "tlspassthroughroutes.operator.tigera.io" spec: group: "operator.tigera.io" diff --git a/crd-catalog/tigera/operator/operator.tigera.io/v1/tlsterminatedroutes.yaml b/crd-catalog/tigera/operator/operator.tigera.io/v1/tlsterminatedroutes.yaml index d75a7db32..d8f0963c9 100644 --- a/crd-catalog/tigera/operator/operator.tigera.io/v1/tlsterminatedroutes.yaml +++ b/crd-catalog/tigera/operator/operator.tigera.io/v1/tlsterminatedroutes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "tlsterminatedroutes.operator.tigera.io" spec: group: "operator.tigera.io" @@ -35,7 +35,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -55,7 +55,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -72,7 +72,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -105,6 +105,7 @@ spec: description: "Unauthenticated says whether the request should go through authentication. This is only applicable if the Target\nis UI." type: "boolean" required: + - "caBundle" - "destination" - "pathMatch" - "target" diff --git a/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachines.yaml b/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachines.yaml index eff3d3b8c..e4770babb 100644 --- a/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachines.yaml +++ b/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachines.yaml @@ -56,14 +56,14 @@ spec: description: "BootOptions are options that control the booting of Hardware." properties: bootMode: - description: "BootMode is the type of booting that will be done." + description: "BootMode is the type of booting that will be done.\nMust be one of \"none\", \"netboot\", or \"iso\"." enum: - "none" - "netboot" - "iso" type: "string" isoURL: - description: "ISOURL is the URL of the ISO that will be one-time booted.\nWhen this field is set, the controller will create a job.bmc.tinkerbell.org object\nfor getting the associated hardware into a CDROM booting state.\nA HardwareRef that contains a spec.BmcRef must be provided." + description: "ISOURL is the URL of the ISO that will be one-time booted.\nA HardwareRef that contains a spec.BmcRef must be provided.\n\nThe format of the ISOURL must be http://$IP:$Port/iso/hook.iso\nThe name of the ISO file must have the .iso extension, but the name can be anything.\nThe $IP and $Port should generally point to the IP and Port of the Smee server\nas this is where the ISO patching endpoint lives.\nThe controller will append the MAC address of the hardware in the ISO URL\nright before the iso file name in the URL.\nMAC address is then used to retrieve hardware specific information such as\nIPAM info, custom kernel cmd line args and populate the worker ID for the tink worker/agent.\nFor ex. the above format would be replaced to http://$IP:$Port/iso//hook.iso" format: "url" type: "string" type: "object" diff --git a/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachinetemplates.yaml b/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachinetemplates.yaml index 1eecb48a6..42251e36b 100644 --- a/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachinetemplates.yaml +++ b/crd-catalog/tinkerbell/cluster-api-provider-tinkerbell/infrastructure.cluster.x-k8s.io/v1beta1/tinkerbellmachinetemplates.yaml @@ -41,14 +41,14 @@ spec: description: "BootOptions are options that control the booting of Hardware." properties: bootMode: - description: "BootMode is the type of booting that will be done." + description: "BootMode is the type of booting that will be done.\nMust be one of \"none\", \"netboot\", or \"iso\"." enum: - "none" - "netboot" - "iso" type: "string" isoURL: - description: "ISOURL is the URL of the ISO that will be one-time booted.\nWhen this field is set, the controller will create a job.bmc.tinkerbell.org object\nfor getting the associated hardware into a CDROM booting state.\nA HardwareRef that contains a spec.BmcRef must be provided." + description: "ISOURL is the URL of the ISO that will be one-time booted.\nA HardwareRef that contains a spec.BmcRef must be provided.\n\nThe format of the ISOURL must be http://$IP:$Port/iso/hook.iso\nThe name of the ISO file must have the .iso extension, but the name can be anything.\nThe $IP and $Port should generally point to the IP and Port of the Smee server\nas this is where the ISO patching endpoint lives.\nThe controller will append the MAC address of the hardware in the ISO URL\nright before the iso file name in the URL.\nMAC address is then used to retrieve hardware specific information such as\nIPAM info, custom kernel cmd line args and populate the worker ID for the tink worker/agent.\nFor ex. the above format would be replaced to http://$IP:$Port/iso//hook.iso" format: "url" type: "string" type: "object" diff --git a/crd-catalog/tinkerbell/rufio/bmc.tinkerbell.org/v1alpha1/machines.yaml b/crd-catalog/tinkerbell/rufio/bmc.tinkerbell.org/v1alpha1/machines.yaml index db4cfc479..3f48924f5 100644 --- a/crd-catalog/tinkerbell/rufio/bmc.tinkerbell.org/v1alpha1/machines.yaml +++ b/crd-catalog/tinkerbell/rufio/bmc.tinkerbell.org/v1alpha1/machines.yaml @@ -3,6 +3,9 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.16.4" + labels: + clusterctl.cluster.x-k8s.io: "" + clusterctl.cluster.x-k8s.io/move: "" name: "machines.bmc.tinkerbell.org" spec: group: "bmc.tinkerbell.org" diff --git a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml index 580eaeec1..f640c602f 100644 --- a/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml +++ b/crd-catalog/tinkerbell/tink/tinkerbell.org/v1alpha1/hardware.yaml @@ -3,6 +3,9 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.16.3" + labels: + clusterctl.cluster.x-k8s.io: "" + clusterctl.cluster.x-k8s.io/move: "" name: "hardware.tinkerbell.org" spec: group: "tinkerbell.org" diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutes.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutes.yaml index d7b1b4707..576aaacd6 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutes.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutes.yaml @@ -30,7 +30,7 @@ spec: description: "IngressRouteSpec defines the desired state of IngressRoute." properties: entryPoints: - description: "EntryPoints defines the list of entry point names to bind to.\nEntry points have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/\nDefault: all." + description: "EntryPoints defines the list of entry point names to bind to.\nEntry points have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/\nDefault: all." items: type: "string" type: "array" @@ -45,10 +45,10 @@ spec: - "Rule" type: "string" match: - description: "Match defines the router's rule.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule" + description: "Match defines the router's rule.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rule" type: "string" middlewares: - description: "Middlewares defines the list of references to Middleware resources.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware" + description: "Middlewares defines the list of references to Middleware resources.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-middleware" items: description: "MiddlewareRef is a reference to a Middleware resource." properties: @@ -62,8 +62,18 @@ spec: - "name" type: "object" type: "array" + observability: + description: "Observability defines the observability configuration for a router.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#observability" + properties: + accessLogs: + type: "boolean" + metrics: + type: "boolean" + tracing: + type: "boolean" + type: "object" priority: - description: "Priority defines the router's priority.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority" + description: "Priority defines the router's priority.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#priority" type: "integer" services: description: "Services defines the list of Service.\nIt can contain any combination of TraefikService and/or reference to a Kubernetes Service." @@ -156,7 +166,7 @@ spec: description: "ServersTransport defines the name of ServersTransport resource to use.\nIt allows to configure the transport between Traefik and your servers.\nCan only be used on a Kubernetes Service." type: "string" sticky: - description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions" + description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions" properties: cookie: description: "Cookie defines the sticky cookie configuration." @@ -192,20 +202,20 @@ spec: type: "object" type: "array" syntax: - description: "Syntax defines the router's rule syntax.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax" + description: "Syntax defines the router's rule syntax.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rulesyntax" type: "string" required: - "match" type: "object" type: "array" tls: - description: "TLS defines the TLS configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls" + description: "TLS defines the TLS configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls" properties: certResolver: - description: "CertResolver defines the name of the certificate resolver to use.\nCert resolvers have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers" + description: "CertResolver defines the name of the certificate resolver to use.\nCert resolvers have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/https/acme/#certificate-resolvers" type: "string" domains: - description: "Domains defines the list of domains that will be used to issue certificates.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains" + description: "Domains defines the list of domains that will be used to issue certificates.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#domains" items: description: "Domain holds a domain name with SANs." properties: @@ -220,13 +230,13 @@ spec: type: "object" type: "array" options: - description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.\nIf not defined, the `default` TLSOption is used.\nMore info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options" + description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.\nIf not defined, the `default` TLSOption is used.\nMore info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options" properties: name: - description: "Name defines the name of the referenced TLSOption.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption" + description: "Name defines the name of the referenced TLSOption.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsoption" type: "string" namespace: - description: "Namespace defines the namespace of the referenced TLSOption.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption" + description: "Namespace defines the namespace of the referenced TLSOption.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsoption" type: "string" required: - "name" @@ -238,10 +248,10 @@ spec: description: "Store defines the reference to the TLSStore, that will be used to store certificates.\nPlease note that only `default` TLSStore can be used." properties: name: - description: "Name defines the name of the referenced TLSStore.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore" + description: "Name defines the name of the referenced TLSStore.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsstore" type: "string" namespace: - description: "Namespace defines the namespace of the referenced TLSStore.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore" + description: "Namespace defines the namespace of the referenced TLSStore.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsstore" type: "string" required: - "name" diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutetcps.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutetcps.yaml index 09ab13442..71556d798 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutetcps.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressroutetcps.yaml @@ -30,7 +30,7 @@ spec: description: "IngressRouteTCPSpec defines the desired state of IngressRouteTCP." properties: entryPoints: - description: "EntryPoints defines the list of entry point names to bind to.\nEntry points have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/\nDefault: all." + description: "EntryPoints defines the list of entry point names to bind to.\nEntry points have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/\nDefault: all." items: type: "string" type: "array" @@ -40,7 +40,7 @@ spec: description: "RouteTCP holds the TCP route configuration." properties: match: - description: "Match defines the router's rule.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1" + description: "Match defines the router's rule.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rule_1" type: "string" middlewares: description: "Middlewares defines the list of references to MiddlewareTCP resources." @@ -58,7 +58,7 @@ spec: type: "object" type: "array" priority: - description: "Priority defines the router's priority.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1" + description: "Priority defines the router's priority.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#priority_1" type: "integer" services: description: "Services defines the list of TCP services." @@ -84,7 +84,7 @@ spec: description: "Port defines the port of a Kubernetes Service.\nThis can be a reference to a named port." x-kubernetes-int-or-string: true proxyProtocol: - description: "ProxyProtocol defines the PROXY protocol configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol" + description: "ProxyProtocol defines the PROXY protocol configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#proxy-protocol" properties: version: description: "Version defines the PROXY Protocol version to use." @@ -108,20 +108,20 @@ spec: type: "object" type: "array" syntax: - description: "Syntax defines the router's rule syntax.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1" + description: "Syntax defines the router's rule syntax.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rulesyntax_1" type: "string" required: - "match" type: "object" type: "array" tls: - description: "TLS defines the TLS configuration on a layer 4 / TCP Route.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1" + description: "TLS defines the TLS configuration on a layer 4 / TCP Route.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls_1" properties: certResolver: - description: "CertResolver defines the name of the certificate resolver to use.\nCert resolvers have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers" + description: "CertResolver defines the name of the certificate resolver to use.\nCert resolvers have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/https/acme/#certificate-resolvers" type: "string" domains: - description: "Domains defines the list of domains that will be used to issue certificates.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains" + description: "Domains defines the list of domains that will be used to issue certificates.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/routers/#domains" items: description: "Domain holds a domain name with SANs." properties: @@ -136,7 +136,7 @@ spec: type: "object" type: "array" options: - description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.\nIf not defined, the `default` TLSOption is used.\nMore info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options" + description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.\nIf not defined, the `default` TLSOption is used.\nMore info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options" properties: name: description: "Name defines the name of the referenced Traefik resource." diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressrouteudps.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressrouteudps.yaml index 7d3f7d918..653a1bf8e 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressrouteudps.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/ingressrouteudps.yaml @@ -30,7 +30,7 @@ spec: description: "IngressRouteUDPSpec defines the desired state of a IngressRouteUDP." properties: entryPoints: - description: "EntryPoints defines the list of entry point names to bind to.\nEntry points have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/\nDefault: all." + description: "EntryPoints defines the list of entry point names to bind to.\nEntry points have to be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/\nDefault: all." items: type: "string" type: "array" diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml index 2154b9f52..0b3c8aad6 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml @@ -16,7 +16,7 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "Middleware is the CRD implementation of a Traefik Middleware.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/" + description: "Middleware is the CRD implementation of a Traefik Middleware.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/overview/" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -30,17 +30,17 @@ spec: description: "MiddlewareSpec defines the desired state of a Middleware." properties: addPrefix: - description: "AddPrefix holds the add prefix middleware configuration.\nThis middleware updates the path of a request before forwarding it.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/" + description: "AddPrefix holds the add prefix middleware configuration.\nThis middleware updates the path of a request before forwarding it.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/addprefix/" properties: prefix: description: "Prefix is the string to add before the current path in the requested URL.\nIt should include a leading slash (/)." type: "string" type: "object" basicAuth: - description: "BasicAuth holds the basic auth middleware configuration.\nThis middleware restricts access to your services to known users.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/" + description: "BasicAuth holds the basic auth middleware configuration.\nThis middleware restricts access to your services to known users.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/" properties: headerField: - description: "HeaderField defines a header field to store the authenticated user.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield" + description: "HeaderField defines a header field to store the authenticated user.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield" type: "string" realm: description: "Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.\nDefault: traefik." @@ -53,7 +53,7 @@ spec: type: "string" type: "object" buffering: - description: "Buffering holds the buffering middleware configuration.\nThis middleware retries or limits the size of requests that can be forwarded to backends.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes" + description: "Buffering holds the buffering middleware configuration.\nThis middleware retries or limits the size of requests that can be forwarded to backends.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/buffering/#maxrequestbodybytes" properties: maxRequestBodyBytes: description: "MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).\nIf the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.\nDefault: 0 (no maximum)." @@ -72,11 +72,11 @@ spec: format: "int64" type: "integer" retryExpression: - description: "RetryExpression defines the retry conditions.\nIt is a logical combination of functions with operators AND (&&) and OR (||).\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression" + description: "RetryExpression defines the retry conditions.\nIt is a logical combination of functions with operators AND (&&) and OR (||).\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/buffering/#retryexpression" type: "string" type: "object" chain: - description: "Chain holds the configuration of the chain middleware.\nThis middleware enables to define reusable combinations of other pieces of middleware.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/" + description: "Chain holds the configuration of the chain middleware.\nThis middleware enables to define reusable combinations of other pieces of middleware.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/chain/" properties: middlewares: description: "Middlewares is the list of MiddlewareRef which composes the chain." @@ -123,7 +123,7 @@ spec: type: "integer" type: "object" compress: - description: "Compress holds the compress middleware configuration.\nThis middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/" + description: "Compress holds the compress middleware configuration.\nThis middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/compress/" properties: defaultEncoding: description: "DefaultEncoding specifies the default encoding if the `Accept-Encoding` header is not in the request or contains a wildcard (`*`)." @@ -155,10 +155,10 @@ spec: type: "boolean" type: "object" digestAuth: - description: "DigestAuth holds the digest auth middleware configuration.\nThis middleware restricts access to your services to known users.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/" + description: "DigestAuth holds the digest auth middleware configuration.\nThis middleware restricts access to your services to known users.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/digestauth/" properties: headerField: - description: "HeaderField defines a header field to store the authenticated user.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield" + description: "HeaderField defines a header field to store the authenticated user.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/basicauth/#headerfield" type: "string" realm: description: "Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.\nDefault: traefik." @@ -171,13 +171,13 @@ spec: type: "string" type: "object" errors: - description: "ErrorPage holds the custom error middleware configuration.\nThis middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/" + description: "ErrorPage holds the custom error middleware configuration.\nThis middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/" properties: query: description: "Query defines the URL for the error page (hosted by service).\nThe {status} variable can be used in order to insert the status code in the URL." type: "string" service: - description: "Service defines the reference to a Kubernetes Service that will serve the error page.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service" + description: "Service defines the reference to a Kubernetes Service that will serve the error page.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/errorpages/#service" properties: healthCheck: description: "Healthcheck defines health checks for ExternalName services." @@ -265,7 +265,7 @@ spec: description: "ServersTransport defines the name of ServersTransport resource to use.\nIt allows to configure the transport between Traefik and your servers.\nCan only be used on a Kubernetes Service." type: "string" sticky: - description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions" + description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions" properties: cookie: description: "Cookie defines the sticky cookie configuration." @@ -306,7 +306,7 @@ spec: type: "array" type: "object" forwardAuth: - description: "ForwardAuth holds the forward auth middleware configuration.\nThis middleware delegates the request authentication to a Service.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/" + description: "ForwardAuth holds the forward auth middleware configuration.\nThis middleware delegates the request authentication to a Service.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/" properties: addAuthCookiesToResponse: description: "AddAuthCookiesToResponse defines the list of cookies to copy from the authentication server response to the response." @@ -327,8 +327,24 @@ spec: type: "string" type: "array" authResponseHeadersRegex: - description: "AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex" + description: "AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/#authresponseheadersregex" type: "string" + forwardBody: + description: "ForwardBody defines whether to send the request body to the authentication server." + type: "boolean" + headerField: + description: "HeaderField defines a header field to store the authenticated user.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/forwardauth/#headerfield" + type: "string" + maxBodySize: + description: "MaxBodySize defines the maximum body size in bytes allowed to be forwarded to the authentication server." + format: "int64" + type: "integer" + preserveLocationHeader: + description: "PreserveLocationHeader defines whether to forward the Location header to the client as is or prefix it with the domain name of the authentication server." + type: "boolean" + preserveRequestMethod: + description: "PreserveRequestMethod defines whether to preserve the original request method while forwarding the request to the authentication server." + type: "boolean" tls: description: "TLS defines the configuration used to secure the connection to the authentication server." properties: @@ -359,7 +375,7 @@ spec: type: "array" type: "object" headers: - description: "Headers holds the headers middleware configuration.\nThis middleware manages the requests and responses headers.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders" + description: "Headers holds the headers middleware configuration.\nThis middleware manages the requests and responses headers.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/headers/#customrequestheaders" properties: accessControlAllowCredentials: description: "AccessControlAllowCredentials defines whether the request can include user credentials." @@ -484,17 +500,17 @@ spec: type: "integer" type: "object" inFlightReq: - description: "InFlightReq holds the in-flight request middleware configuration.\nThis middleware limits the number of requests being processed and served concurrently.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/" + description: "InFlightReq holds the in-flight request middleware configuration.\nThis middleware limits the number of requests being processed and served concurrently.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/" properties: amount: description: "Amount defines the maximum amount of allowed simultaneous in-flight request.\nThe middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy)." format: "int64" type: "integer" sourceCriterion: - description: "SourceCriterion defines what criterion is used to group requests as originating from a common source.\nIf several strategies are defined at the same time, an error will be raised.\nIf none are set, the default is to use the requestHost.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion" + description: "SourceCriterion defines what criterion is used to group requests as originating from a common source.\nIf several strategies are defined at the same time, an error will be raised.\nIf none are set, the default is to use the requestHost.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/inflightreq/#sourcecriterion" properties: ipStrategy: - description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy" + description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy" properties: depth: description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right)." @@ -517,10 +533,10 @@ spec: type: "object" type: "object" ipAllowList: - description: "IPAllowList holds the IP allowlist middleware configuration.\nThis middleware limits allowed requests based on the client IP.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/" + description: "IPAllowList holds the IP allowlist middleware configuration.\nThis middleware limits allowed requests based on the client IP.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/" properties: ipStrategy: - description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy" + description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy" properties: depth: description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right)." @@ -547,7 +563,7 @@ spec: description: "Deprecated: please use IPAllowList instead." properties: ipStrategy: - description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy" + description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy" properties: depth: description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right)." @@ -568,7 +584,7 @@ spec: type: "array" type: "object" passTLSClientCert: - description: "PassTLSClientCert holds the pass TLS client cert middleware configuration.\nThis middleware adds the selected data from the passed client TLS certificate to a header.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/" + description: "PassTLSClientCert holds the pass TLS client cert middleware configuration.\nThis middleware adds the selected data from the passed client TLS certificate to a header.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/passtlsclientcert/" properties: info: description: "Info selects the specific client certificate details you want to add to the X-Forwarded-Tls-Client-Cert-Info header." @@ -649,7 +665,7 @@ spec: description: "Plugin defines the middleware plugin configuration.\nMore info: https://doc.traefik.io/traefik/plugins/" type: "object" rateLimit: - description: "RateLimit holds the rate limit configuration.\nThis middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/" + description: "RateLimit holds the rate limit configuration.\nThis middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ratelimit/" properties: average: description: "Average is the maximum rate, by default in requests/s, allowed for the given source.\nIt defaults to 0, which means no rate limiting.\nThe rate is actually defined by dividing Average by Period. So for a rate below 1req/s,\none needs to define a Period larger than a second." @@ -669,7 +685,7 @@ spec: description: "SourceCriterion defines what criterion is used to group requests as originating from a common source.\nIf several strategies are defined at the same time, an error will be raised.\nIf none are set, the default is to use the request's remote address field (as an ipStrategy)." properties: ipStrategy: - description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy" + description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/ipallowlist/#ipstrategy" properties: depth: description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right)." @@ -692,7 +708,7 @@ spec: type: "object" type: "object" redirectRegex: - description: "RedirectRegex holds the redirect regex middleware configuration.\nThis middleware redirects a request using regex matching and replacement.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex" + description: "RedirectRegex holds the redirect regex middleware configuration.\nThis middleware redirects a request using regex matching and replacement.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectregex/#regex" properties: permanent: description: "Permanent defines whether the redirection is permanent (301)." @@ -705,7 +721,7 @@ spec: type: "string" type: "object" redirectScheme: - description: "RedirectScheme holds the redirect scheme middleware configuration.\nThis middleware redirects requests from a scheme/port to another.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/" + description: "RedirectScheme holds the redirect scheme middleware configuration.\nThis middleware redirects requests from a scheme/port to another.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/redirectscheme/" properties: permanent: description: "Permanent defines whether the redirection is permanent (301)." @@ -718,14 +734,14 @@ spec: type: "string" type: "object" replacePath: - description: "ReplacePath holds the replace path middleware configuration.\nThis middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/" + description: "ReplacePath holds the replace path middleware configuration.\nThis middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepath/" properties: path: description: "Path defines the path to use as replacement in the request URL." type: "string" type: "object" replacePathRegex: - description: "ReplacePathRegex holds the replace path regex middleware configuration.\nThis middleware replaces the path of a URL using regex matching and replacement.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/" + description: "ReplacePathRegex holds the replace path regex middleware configuration.\nThis middleware replaces the path of a URL using regex matching and replacement.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/replacepathregex/" properties: regex: description: "Regex defines the regular expression used to match and capture the path from the request URL." @@ -735,7 +751,7 @@ spec: type: "string" type: "object" retry: - description: "Retry holds the retry middleware configuration.\nThis middleware reissues requests a given number of times to a backend server if that server does not reply.\nAs soon as the server answers, the middleware stops retrying, regardless of the response status.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/" + description: "Retry holds the retry middleware configuration.\nThis middleware reissues requests a given number of times to a backend server if that server does not reply.\nAs soon as the server answers, the middleware stops retrying, regardless of the response status.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/retry/" properties: attempts: description: "Attempts defines how many times the request should be retried." @@ -748,7 +764,7 @@ spec: x-kubernetes-int-or-string: true type: "object" stripPrefix: - description: "StripPrefix holds the strip prefix middleware configuration.\nThis middleware removes the specified prefixes from the URL path.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/" + description: "StripPrefix holds the strip prefix middleware configuration.\nThis middleware removes the specified prefixes from the URL path.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefix/" properties: forceSlash: description: "Deprecated: ForceSlash option is deprecated, please remove any usage of this option.\nForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.\nDefault: true." @@ -760,7 +776,7 @@ spec: type: "array" type: "object" stripPrefixRegex: - description: "StripPrefixRegex holds the strip prefix regex middleware configuration.\nThis middleware removes the matching prefixes from the URL path.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/" + description: "StripPrefixRegex holds the strip prefix regex middleware configuration.\nThis middleware removes the matching prefixes from the URL path.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/http/stripprefixregex/" properties: regex: description: "Regex defines the regular expression to match the path prefix from the request URL." diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewaretcps.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewaretcps.yaml index 324607d69..fa4e86a81 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewaretcps.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewaretcps.yaml @@ -16,7 +16,7 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/" + description: "MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/overview/" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -38,7 +38,7 @@ spec: type: "integer" type: "object" ipAllowList: - description: "IPAllowList defines the IPAllowList middleware configuration.\nThis middleware accepts/refuses connections based on the client IP.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/" + description: "IPAllowList defines the IPAllowList middleware configuration.\nThis middleware accepts/refuses connections based on the client IP.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipallowlist/" properties: sourceRange: description: "SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation)." @@ -47,7 +47,7 @@ spec: type: "array" type: "object" ipWhiteList: - description: "IPWhiteList defines the IPWhiteList middleware configuration.\nThis middleware accepts/refuses connections based on the client IP.\nDeprecated: please use IPAllowList instead.\nMore info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/" + description: "IPWhiteList defines the IPWhiteList middleware configuration.\nThis middleware accepts/refuses connections based on the client IP.\nDeprecated: please use IPAllowList instead.\nMore info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipwhitelist/" properties: sourceRange: description: "SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation)." diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransports.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransports.yaml index 27491c4a4..951a8ff5e 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransports.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransports.yaml @@ -16,7 +16,7 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "ServersTransport is the CRD implementation of a ServersTransport.\nIf no serversTransport is specified, the default@internal will be used.\nThe default@internal serversTransport is created from the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1" + description: "ServersTransport is the CRD implementation of a ServersTransport.\nIf no serversTransport is specified, the default@internal will be used.\nThe default@internal serversTransport is created from the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#serverstransport_1" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransporttcps.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransporttcps.yaml index 377d2a5b6..ddd1d1431 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransporttcps.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/serverstransporttcps.yaml @@ -16,7 +16,7 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "ServersTransportTCP is the CRD implementation of a TCPServersTransport.\nIf no tcpServersTransport is specified, a default one named default@internal will be used.\nThe default@internal tcpServersTransport can be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3" + description: "ServersTransportTCP is the CRD implementation of a TCPServersTransport.\nIf no tcpServersTransport is specified, a default one named default@internal will be used.\nThe default@internal tcpServersTransport can be configured in the static configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#serverstransport_3" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsoptions.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsoptions.yaml index 7e927c618..69e0ecdc5 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsoptions.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsoptions.yaml @@ -16,7 +16,7 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.\nMore info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options" + description: "TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.\nMore info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -30,12 +30,12 @@ spec: description: "TLSOptionSpec defines the desired state of a TLSOption." properties: alpnProtocols: - description: "ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.\nMore info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols" + description: "ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.\nMore info: https://doc.traefik.io/traefik/v3.3/https/tls/#alpn-protocols" items: type: "string" type: "array" cipherSuites: - description: "CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.\nMore info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites" + description: "CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.\nMore info: https://doc.traefik.io/traefik/v3.3/https/tls/#cipher-suites" items: type: "string" type: "array" @@ -58,7 +58,7 @@ spec: type: "array" type: "object" curvePreferences: - description: "CurvePreferences defines the preferred elliptic curves in a specific order.\nMore info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences" + description: "CurvePreferences defines the preferred elliptic curves in a specific order.\nMore info: https://doc.traefik.io/traefik/v3.3/https/tls/#curve-preferences" items: type: "string" type: "array" diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsstores.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsstores.yaml index 9909eda84..eead8e446 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsstores.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/tlsstores.yaml @@ -16,7 +16,7 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "TLSStore is the CRD implementation of a Traefik TLS Store.\nFor the time being, only the TLSStore named default is supported.\nThis means that you cannot have two stores that are named default in different Kubernetes namespaces.\nMore info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores" + description: "TLSStore is the CRD implementation of a Traefik TLS Store.\nFor the time being, only the TLSStore named default is supported.\nThis means that you cannot have two stores that are named default in different Kubernetes namespaces.\nMore info: https://doc.traefik.io/traefik/v3.3/https/tls/#certificates-stores" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/traefikservices.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/traefikservices.yaml index 4d99ea395..c501bba78 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/traefikservices.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/traefikservices.yaml @@ -16,7 +16,7 @@ spec: - name: "v1alpha1" schema: openAPIV3Schema: - description: "TraefikService is the CRD implementation of a Traefik Service.\nTraefikService object allows to:\n- Apply weight to Services on load-balancing\n- Mirror traffic on services\nMore info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice" + description: "TraefikService is the CRD implementation of a Traefik Service.\nTraefikService object allows to:\n- Apply weight to Services on load-balancing\n- Mirror traffic on services\nMore info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-traefikservice" properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -184,7 +184,7 @@ spec: description: "ServersTransport defines the name of ServersTransport resource to use.\nIt allows to configure the transport between Traefik and your servers.\nCan only be used on a Kubernetes Service." type: "string" sticky: - description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions" + description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions" properties: cookie: description: "Cookie defines the sticky cookie configuration." @@ -254,7 +254,7 @@ spec: description: "ServersTransport defines the name of ServersTransport resource to use.\nIt allows to configure the transport between Traefik and your servers.\nCan only be used on a Kubernetes Service." type: "string" sticky: - description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions" + description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions" properties: cookie: description: "Cookie defines the sticky cookie configuration." @@ -382,7 +382,7 @@ spec: description: "ServersTransport defines the name of ServersTransport resource to use.\nIt allows to configure the transport between Traefik and your servers.\nCan only be used on a Kubernetes Service." type: "string" sticky: - description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions" + description: "Sticky defines the sticky sessions configuration.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions" properties: cookie: description: "Cookie defines the sticky cookie configuration." @@ -418,7 +418,7 @@ spec: type: "object" type: "array" sticky: - description: "Sticky defines whether sticky sessions are enabled.\nMore info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing" + description: "Sticky defines whether sticky sessions are enabled.\nMore info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#stickiness-and-load-balancing" properties: cookie: description: "Cookie defines the sticky cookie configuration." diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/backuprepositories.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/backuprepositories.yaml index 249159bac..f52250cee 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/backuprepositories.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/backuprepositories.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "backuprepositories.velero.io" spec: group: "velero.io" @@ -70,7 +70,7 @@ spec: description: "BackupRepositoryStatus is the current status of a BackupRepository." properties: lastMaintenanceTime: - description: "LastMaintenanceTime is the last time maintenance was run." + description: "LastMaintenanceTime is the last time repo maintenance succeeded." format: "date-time" nullable: true type: "string" @@ -84,6 +84,31 @@ spec: - "Ready" - "NotReady" type: "string" + recentMaintenance: + description: "RecentMaintenance is status of the recent repo maintenance." + items: + properties: + completeTimestamp: + description: "CompleteTimestamp is the completion time of the repo maintenance." + format: "date-time" + nullable: true + type: "string" + message: + description: "Message is a message about the current status of the repo maintenance." + type: "string" + result: + description: "Result is the result of the repo maintenance." + enum: + - "Succeeded" + - "Failed" + type: "string" + startTimestamp: + description: "StartTimestamp is the start time of the repo maintenance." + format: "date-time" + nullable: true + type: "string" + type: "object" + type: "array" type: "object" type: "object" served: true diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/backups.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/backups.yaml index 837924409..a091520f1 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/backups.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/backups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "backups.velero.io" spec: group: "velero.io" @@ -40,7 +40,7 @@ spec: nullable: true type: "boolean" defaultVolumesToRestic: - description: "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead." + description: "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead." nullable: true type: "boolean" excludedClusterScopedResources: diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/backupstoragelocations.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/backupstoragelocations.yaml index a4ed227bd..5d31dbff6 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/backupstoragelocations.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/backupstoragelocations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "backupstoragelocations.velero.io" spec: group: "velero.io" @@ -70,7 +70,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -113,13 +113,13 @@ spec: description: "BackupStorageLocationStatus defines the observed state of BackupStorageLocation" properties: accessMode: - description: "AccessMode is an unused field.\n\n\nDeprecated: there is now an AccessMode field on the Spec and this field\nwill be removed entirely as of v2.0." + description: "AccessMode is an unused field.\n\nDeprecated: there is now an AccessMode field on the Spec and this field\nwill be removed entirely as of v2.0." enum: - "ReadOnly" - "ReadWrite" type: "string" lastSyncedRevision: - description: "LastSyncedRevision is the value of the `metadata/revision` file in the backup\nstorage location the last time the BSL's contents were synced into the cluster.\n\n\nDeprecated: this field is no longer updated or used for detecting changes to\nthe location's contents and will be removed entirely in v2.0." + description: "LastSyncedRevision is the value of the `metadata/revision` file in the backup\nstorage location the last time the BSL's contents were synced into the cluster.\n\nDeprecated: this field is no longer updated or used for detecting changes to\nthe location's contents and will be removed entirely in v2.0." type: "string" lastSyncedTime: description: "LastSyncedTime is the last time the contents of the location were synced into\nthe cluster." diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/deletebackuprequests.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/deletebackuprequests.yaml index 9369cf071..454d5fb3e 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/deletebackuprequests.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/deletebackuprequests.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "deletebackuprequests.velero.io" spec: group: "velero.io" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/downloadrequests.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/downloadrequests.yaml index 5e8211748..db355b6b2 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/downloadrequests.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/downloadrequests.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "downloadrequests.velero.io" spec: group: "velero.io" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumebackups.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumebackups.yaml index 567c463f2..16ff4c814 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumebackups.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumebackups.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "podvolumebackups.velero.io" spec: group: "velero.io" @@ -73,7 +73,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumerestores.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumerestores.yaml index 232c2ae2e..2dad932df 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumerestores.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/podvolumerestores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "podvolumerestores.velero.io" spec: group: "velero.io" @@ -72,7 +72,7 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object." type: "string" kind: description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml index abe22edca..777f5c39b 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/restores.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "restores.velero.io" spec: group: "velero.io" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/schedules.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/schedules.yaml index 2b5f9e04f..24b4c2665 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/schedules.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/schedules.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "schedules.velero.io" spec: group: "velero.io" @@ -71,7 +71,7 @@ spec: nullable: true type: "boolean" defaultVolumesToRestic: - description: "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead." + description: "DefaultVolumesToRestic specifies whether restic should be used to take a\nbackup of all pod volumes by default.\n\nDeprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead." nullable: true type: "boolean" excludedClusterScopedResources: diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/serverstatusrequests.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/serverstatusrequests.yaml index af99761c1..5523202b1 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/serverstatusrequests.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/serverstatusrequests.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "serverstatusrequests.velero.io" spec: group: "velero.io" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v1/volumesnapshotlocations.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v1/volumesnapshotlocations.yaml index ca0183476..2bfe56110 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v1/volumesnapshotlocations.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v1/volumesnapshotlocations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "volumesnapshotlocations.velero.io" spec: group: "velero.io" @@ -44,7 +44,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datadownloads.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datadownloads.yaml index 5671e2359..946272ec8 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datadownloads.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datadownloads.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "datadownloads.velero.io" spec: group: "velero.io" @@ -74,6 +74,13 @@ spec: datamover: description: "DataMover specifies the data mover to be used by the backup.\nIf DataMover is \"\" or \"velero\", the built-in data mover will be used." type: "string" + nodeOS: + description: "NodeOS is OS of the node where the DataDownload is processed." + enum: + - "auto" + - "linux" + - "windows" + type: "string" operationTimeout: description: "OperationTimeout specifies the time used to wait internal operations,\nbefore returning error as timeout." type: "string" @@ -110,6 +117,14 @@ spec: status: description: "DataDownloadStatus is the current status of a DataDownload." properties: + acceptedByNode: + description: "Node is name of the node where the DataUpload is prepared." + type: "string" + acceptedTimestamp: + description: "AcceptedTimestamp records the time the DataUpload is to be prepared.\nThe server's time is used for AcceptedTimestamp" + format: "date-time" + nullable: true + type: "string" completionTimestamp: description: "CompletionTimestamp records the time a restore was completed.\nCompletion time is recorded even on failed restores.\nThe server's time is used for CompletionTimestamps" format: "date-time" diff --git a/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datauploads.yaml b/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datauploads.yaml index ebd7705f2..f6462fd17 100644 --- a/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datauploads.yaml +++ b/crd-catalog/vmware-tanzu/velero/velero.io/v2alpha1/datauploads.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.16.5" name: "datauploads.velero.io" spec: group: "velero.io" @@ -114,6 +114,14 @@ spec: status: description: "DataUploadStatus is the current status of a DataUpload." properties: + acceptedByNode: + description: "AcceptedByNode is name of the node where the DataUpload is prepared." + type: "string" + acceptedTimestamp: + description: "AcceptedTimestamp records the time the DataUpload is to be prepared.\nThe server's time is used for AcceptedTimestamp" + format: "date-time" + nullable: true + type: "string" completionTimestamp: description: "CompletionTimestamp records the time a backup was completed.\nCompletion time is recorded even on failed backups.\nCompletion time is recorded before uploading the backup object.\nThe server's time is used for CompletionTimestamps" format: "date-time" @@ -131,6 +139,13 @@ spec: node: description: "Node is name of the node where the DataUpload is processed." type: "string" + nodeOS: + description: "NodeOS is OS of the node where the DataUpload is processed." + enum: + - "auto" + - "linux" + - "windows" + type: "string" path: description: "Path is the full path of the snapshot volume being backed up." type: "string" diff --git a/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml b/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml index 7a7ec6e97..b39e8d07f 100644 --- a/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml +++ b/crd-catalog/volcano-sh/volcano/batch.volcano.sh/v1alpha1/jobs.yaml @@ -46,6 +46,7 @@ spec: spec: properties: maxRetry: + default: 3 format: "int32" type: "integer" minAvailable: @@ -67,9 +68,33 @@ spec: action: type: "string" event: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" events: items: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" type: "array" exitCode: @@ -113,9 +138,33 @@ spec: action: type: "string" event: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" events: items: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" type: "array" exitCode: @@ -3756,6 +3805,11 @@ spec: type: "object" type: "object" topologyPolicy: + enum: + - "none" + - "best-effort" + - "restricted" + - "single-numa-node" type: "string" type: "object" type: "array" diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml index 49099ba8e..c0efa9061 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobflows.yaml @@ -57,6 +57,8 @@ spec: path: type: "string" port: + maximum: 65535.0 + minimum: 0.0 type: "integer" taskName: type: "string" @@ -75,6 +77,8 @@ spec: items: properties: port: + maximum: 65535.0 + minimum: 0.0 type: "integer" taskName: type: "string" @@ -89,12 +93,16 @@ spec: type: "array" type: "object" name: + minLength: 1 type: "string" required: - "name" type: "object" type: "array" jobRetainPolicy: + enum: + - "retain" + - "delete" type: "string" type: "object" status: diff --git a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml index 0a8c17b1b..3825582eb 100644 --- a/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml +++ b/crd-catalog/volcano-sh/volcano/flow.volcano.sh/v1alpha1/jobtemplates.yaml @@ -28,6 +28,7 @@ spec: spec: properties: maxRetry: + default: 3 format: "int32" type: "integer" minAvailable: @@ -49,9 +50,33 @@ spec: action: type: "string" event: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" events: items: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" type: "array" exitCode: @@ -95,9 +120,33 @@ spec: action: type: "string" event: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" events: items: + enum: + - "*" + - "PodPending" + - "PodRunning" + - "PodFailed" + - "PodEvicted" + - "Unknown" + - "TaskCompleted" + - "OutOfSync" + - "CommandIssued" + - "JobUpdated" + - "TaskFailed" type: "string" type: "array" exitCode: @@ -3738,6 +3787,11 @@ spec: type: "object" type: "object" topologyPolicy: + enum: + - "none" + - "best-effort" + - "restricted" + - "single-numa-node" type: "string" type: "object" type: "array" diff --git a/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml b/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml index 757d1e8bd..2dc4cb724 100644 --- a/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml +++ b/crd-catalog/volcano-sh/volcano/nodeinfo.volcano.sh/v1alpha1/numatopologies.yaml @@ -36,10 +36,13 @@ spec: description: "CPUInfo is the cpu topology detail" properties: core: + minimum: 0.0 type: "integer" numa: + minimum: 0.0 type: "integer" socket: + minimum: 0.0 type: "integer" type: "object" description: "Specifies the cpu topology info\nKey is cpu id" diff --git a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml index f157cb2af..d69262819 100644 --- a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml +++ b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha1/terraforms.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "terraforms.infra.contrib.fluxcd.io" spec: group: "infra.contrib.fluxcd.io" @@ -456,13 +456,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -561,13 +561,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -665,13 +665,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -770,13 +770,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -852,7 +852,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -902,7 +902,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -926,7 +926,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -941,7 +941,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -992,7 +992,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1042,7 +1042,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1069,7 +1069,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1084,7 +1084,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1107,7 +1107,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1117,7 +1117,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1155,7 +1155,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1165,7 +1165,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1184,7 +1184,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1194,7 +1194,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1232,7 +1232,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1242,7 +1242,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1262,7 +1262,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1276,20 +1276,21 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1339,7 +1340,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1400,7 +1401,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1414,20 +1415,21 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1477,7 +1479,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1521,13 +1523,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1597,7 +1602,7 @@ spec: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1636,7 +1641,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1662,7 +1667,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1676,20 +1681,21 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1739,7 +1745,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1814,7 +1820,7 @@ spec: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." @@ -1883,7 +1889,7 @@ spec: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." @@ -1902,10 +1908,10 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -1921,7 +1927,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -1933,12 +1939,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -1946,7 +1954,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -1962,7 +1970,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -1984,7 +1992,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -1995,7 +2003,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -2008,7 +2016,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2048,7 +2056,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2056,7 +2064,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -2069,7 +2077,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2157,10 +2165,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -2269,7 +2277,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -2286,7 +2294,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -2309,7 +2317,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -2330,7 +2338,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2338,7 +2346,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -2348,10 +2356,10 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -2367,7 +2375,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -2382,7 +2390,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -2398,7 +2406,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -2409,6 +2417,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -2419,7 +2437,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -2428,6 +2446,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -2448,7 +2467,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2492,7 +2511,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2504,7 +2523,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2526,12 +2545,12 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." @@ -2607,7 +2626,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2694,7 +2713,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -2722,7 +2741,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -2747,15 +2766,16 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -2765,6 +2785,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -2775,11 +2796,12 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -2787,9 +2809,10 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -2806,7 +2829,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2814,6 +2837,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -2866,7 +2890,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2879,7 +2903,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2891,7 +2915,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2967,14 +2991,14 @@ spec: properties: forceUnlock: default: "no" - description: "ForceUnlock a Terraform state if it has become locked for any reason. Defaults to `no`.\n\n\nThis is an Enum and has the expected values of:\n\n\n- auto\n- yes\n- no\n\n\nWARNING: Only use `auto` in the cases where you are absolutely certain that\nno other system is using this state, you could otherwise end up in a bad place\nSee https://www.terraform.io/language/state/locking#force-unlock for more\ninformation on the terraform state lock and force unlock." + description: "ForceUnlock a Terraform state if it has become locked for any reason. Defaults to `no`.\n\nThis is an Enum and has the expected values of:\n\n- auto\n- yes\n- no\n\nWARNING: Only use `auto` in the cases where you are absolutely certain that\nno other system is using this state, you could otherwise end up in a bad place\nSee https://www.terraform.io/language/state/locking#force-unlock for more\ninformation on the terraform state lock and force unlock." enum: - "yes" - "no" - "auto" type: "string" lockIdentifier: - description: "LockIdentifier holds the Identifier required by Terraform to unlock the state\nif it ever gets into a locked state.\n\n\nYou'll need to put the Lock Identifier in here while setting ForceUnlock to\neither `yes` or `auto`.\n\n\nLeave this empty to do nothing, set this to the value of the `Lock Info: ID: [value]`,\ne.g. `f2ab685b-f84d-ac0b-a125-378a22877e8d`, to force unlock the state." + description: "LockIdentifier holds the Identifier required by Terraform to unlock the state\nif it ever gets into a locked state.\n\nYou'll need to put the Lock Identifier in here while setting ForceUnlock to\neither `yes` or `auto`.\n\nLeave this empty to do nothing, set this to the value of the `Lock Info: ID: [value]`,\ne.g. `f2ab685b-f84d-ac0b-a125-378a22877e8d`, to force unlock the state." type: "string" type: "object" values: @@ -3000,7 +3024,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3050,7 +3074,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3115,6 +3139,7 @@ spec: type: "string" required: - "stage" + - "testExpression" - "url" type: "object" type: "array" @@ -3148,7 +3173,7 @@ spec: type: "array" conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -3177,7 +3202,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml index d98b3182a..2e6a81f71 100644 --- a/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml +++ b/crd-catalog/weaveworks/tf-controller/infra.contrib.fluxcd.io/v1alpha2/terraforms.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "v0.17.0" name: "terraforms.infra.contrib.fluxcd.io" spec: group: "infra.contrib.fluxcd.io" @@ -482,13 +482,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -587,13 +587,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -691,13 +691,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -796,13 +796,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default)." items: type: "string" type: "array" @@ -878,7 +878,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -928,7 +928,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -952,7 +952,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -967,7 +967,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1036,7 +1036,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1086,7 +1086,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1113,7 +1113,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1128,7 +1128,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1151,7 +1151,7 @@ spec: description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1161,7 +1161,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1199,7 +1199,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1209,7 +1209,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1228,7 +1228,7 @@ spec: description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1238,7 +1238,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1276,7 +1276,7 @@ spec: - "port" type: "object" sleep: - description: "Sleep represents the duration that the container should sleep before being terminated." + description: "Sleep represents a duration that the container should sleep." properties: seconds: description: "Seconds is the number of seconds to sleep." @@ -1286,7 +1286,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor backward compatibility. There is no validation of this field and\nlifecycle hooks will fail at runtime when it is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1306,7 +1306,7 @@ spec: description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1320,20 +1320,21 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1383,7 +1384,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1444,7 +1445,7 @@ spec: description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1458,20 +1459,21 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1521,7 +1523,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1565,13 +1567,16 @@ spec: description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1641,7 +1646,7 @@ spec: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1680,7 +1685,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -1706,7 +1711,7 @@ spec: description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: - description: "Exec specifies the action to take." + description: "Exec specifies a command to execute in the container." properties: command: description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." @@ -1720,20 +1725,21 @@ spec: format: "int32" type: "integer" grpc: - description: "GRPC specifies an action involving a GRPC port." + description: "GRPC specifies a GRPC HealthCheckRequest." properties: port: description: "Port number of the gRPC service. Number must be in the range 1 to 65535." format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." + default: "" + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" type: "object" httpGet: - description: "HTTPGet specifies the http request to perform." + description: "HTTPGet specifies an HTTP GET request to perform." properties: host: description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." @@ -1783,7 +1789,7 @@ spec: format: "int32" type: "integer" tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." + description: "TCPSocket specifies a connection to a TCP port." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1858,7 +1864,7 @@ spec: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." @@ -1893,13 +1899,16 @@ spec: description: "Set Resources for the Runner Pod container" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" + request: + description: "Request is the name chosen for a request in the referenced claim.\nIf empty, everything from the claim is made available, otherwise\nonly the result of this request." + type: "string" required: - "name" type: "object" @@ -1966,7 +1975,7 @@ spec: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2005,7 +2014,7 @@ spec: description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" @@ -2068,7 +2077,7 @@ spec: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" recursiveReadOnly: - description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\nIf this field is not specified, it is treated as an equivalent of Disabled." type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." @@ -2087,10 +2096,10 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree\nawsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." @@ -2106,7 +2115,7 @@ spec: - "volumeID" type: "object" azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." + description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.\nDeprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type\nare redirected to the disk.csi.azure.com CSI driver." properties: cachingMode: description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." @@ -2118,12 +2127,14 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: + default: "ext4" description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: + default: false description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: @@ -2131,7 +2142,7 @@ spec: - "diskURI" type: "object" azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." + description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod.\nDeprecated: AzureFile is deprecated. All operations for the in-tree azureFile type\nare redirected to the file.csi.azure.com CSI driver." properties: readOnly: description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." @@ -2147,7 +2158,7 @@ spec: - "shareName" type: "object" cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime.\nDeprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported." properties: monitors: description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" @@ -2169,7 +2180,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2180,7 +2191,7 @@ spec: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nDeprecated: Cinder is deprecated. All operations for the in-tree cinder type\nare redirected to the cinder.csi.openstack.org CSI driver.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" @@ -2193,7 +2204,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2233,7 +2244,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2241,7 +2252,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." + description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers." properties: driver: description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." @@ -2254,7 +2265,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2342,10 +2353,10 @@ spec: x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\nRequired, must not be nil." properties: metadata: description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." @@ -2454,7 +2465,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default)." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -2471,7 +2482,7 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" lun: description: "lun is Optional: FC target lun number" @@ -2494,7 +2505,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin.\nDeprecated: FlexVolume is deprecated. Consider using a CSIDriver instead." properties: driver: description: "driver is the name of the driver to use for this volume." @@ -2515,7 +2526,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2523,7 +2534,7 @@ spec: - "driver" type: "object" flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" + description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running.\nDeprecated: Flocker is deprecated and the in-tree flocker type is no longer supported." properties: datasetName: description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" @@ -2533,10 +2544,10 @@ spec: type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nDeprecated: GCEPersistentDisk is deprecated. All operations for the in-tree\ngcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" partition: description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" @@ -2552,7 +2563,7 @@ spec: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDeprecated: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." @@ -2567,7 +2578,7 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nDeprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" @@ -2583,7 +2594,7 @@ spec: - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" properties: path: description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" @@ -2594,6 +2605,16 @@ spec: required: - "path" type: "object" + image: + description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + properties: + pullPolicy: + description: "Policy for pulling OCI objects. Possible values are:\nAlways: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\nNever: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\nIfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise." + type: "string" + reference: + description: "Required: Image or artifact reference to be used.\nBehaves in the same way as pod.spec.containers[*].image.\nPull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." + type: "string" + type: "object" iscsi: description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: @@ -2604,7 +2625,7 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi" type: "string" initiatorName: description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." @@ -2613,6 +2634,7 @@ spec: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: + default: "default" description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: @@ -2633,7 +2655,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2677,7 +2699,7 @@ spec: - "claimName" type: "object" photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" + description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine.\nDeprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2689,7 +2711,7 @@ spec: - "pdID" type: "object" portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" + description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on." properties: fsType: description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -2711,12 +2733,12 @@ spec: format: "int32" type: "integer" sources: - description: "sources is the list of volume projections" + description: "sources is the list of volume projections. Each entry in this list\nhandles one source." items: - description: "Projection that may be projected along with other supported volume types" + description: "Projection that may be projected along with other supported volume types.\nExactly one of these fields must be set." properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." @@ -2792,7 +2814,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -2879,7 +2901,7 @@ spec: x-kubernetes-list-type: "atomic" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -2907,7 +2929,7 @@ spec: x-kubernetes-list-type: "atomic" type: "object" quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" + description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime.\nDeprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported." properties: group: description: "group to map volume access to\nDefault is no group" @@ -2932,15 +2954,16 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nDeprecated: RBD is deprecated and the in-tree rbd type is no longer supported.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd" type: "string" image: description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: + default: "/etc/ceph/keyring" description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: @@ -2950,6 +2973,7 @@ spec: type: "array" x-kubernetes-list-type: "atomic" pool: + default: "rbd" description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: @@ -2960,11 +2984,12 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" user: + default: "admin" description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: @@ -2972,9 +2997,10 @@ spec: - "monitors" type: "object" scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." + description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.\nDeprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported." properties: fsType: + default: "xfs" description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: @@ -2991,7 +3017,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -2999,6 +3025,7 @@ spec: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: + default: "ThinProvisioned" description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: @@ -3051,7 +3078,7 @@ spec: type: "string" type: "object" storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." + description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.\nDeprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported." properties: fsType: description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -3064,7 +3091,7 @@ spec: properties: name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3076,7 +3103,7 @@ spec: type: "string" type: "object" vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" + description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine.\nDeprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type\nare redirected to the csi.vsphere.vmware.com CSI driver." properties: fsType: description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." @@ -3157,20 +3184,24 @@ spec: properties: forceUnlock: default: "no" - description: "ForceUnlock a Terraform state if it has become locked for any reason. Defaults to `no`.\n\n\nThis is an Enum and has the expected values of:\n\n\n- auto\n- yes\n- no\n\n\nWARNING: Only use `auto` in the cases where you are absolutely certain that\nno other system is using this state, you could otherwise end up in a bad place\nSee https://www.terraform.io/language/state/locking#force-unlock for more\ninformation on the terraform state lock and force unlock." + description: "ForceUnlock a Terraform state if it has become locked for any reason. Defaults to `no`.\n\nThis is an Enum and has the expected values of:\n\n- auto\n- yes\n- no\n\nWARNING: Only use `auto` in the cases where you are absolutely certain that\nno other system is using this state, you could otherwise end up in a bad place\nSee https://www.terraform.io/language/state/locking#force-unlock for more\ninformation on the terraform state lock and force unlock." enum: - "yes" - "no" - "auto" type: "string" lockIdentifier: - description: "LockIdentifier holds the Identifier required by Terraform to unlock the state\nif it ever gets into a locked state.\n\n\nYou'll need to put the Lock Identifier in here while setting ForceUnlock to\neither `yes` or `auto`.\n\n\nLeave this empty to do nothing, set this to the value of the `Lock Info: ID: [value]`,\ne.g. `f2ab685b-f84d-ac0b-a125-378a22877e8d`, to force unlock the state." + description: "LockIdentifier holds the Identifier required by Terraform to unlock the state\nif it ever gets into a locked state.\n\nYou'll need to put the Lock Identifier in here while setting ForceUnlock to\neither `yes` or `auto`.\n\nLeave this empty to do nothing, set this to the value of the `Lock Info: ID: [value]`,\ne.g. `f2ab685b-f84d-ac0b-a125-378a22877e8d`, to force unlock the state." type: "string" lockTimeout: default: "0s" - description: "LockTimeout is a Duration string that instructs Terraform to retry acquiring a lock for the specified period of\ntime before returning an error. The duration syntax is a number followed by a time unit letter, such as `3s` for\nthree seconds.\n\n\nDefaults to `0s` which will behave as though `LockTimeout` was not set" + description: "LockTimeout is a Duration string that instructs Terraform to retry acquiring a lock for the specified period of\ntime before returning an error. The duration syntax is a number followed by a time unit letter, such as `3s` for\nthree seconds.\n\nDefaults to `0s` which will behave as though `LockTimeout` was not set" type: "string" type: "object" + upgradeOnInit: + default: true + description: "UpgradeOnInit configures to upgrade modules and providers on initialization of a stack" + type: "boolean" values: description: "Values map to the Terraform variable \"values\", which is an object of arbitrary values.\nIt is a convenient way to pass values to Terraform resources without having to define\na variable for each value. To use this feature, your Terraform file must define the variable \"values\"." x-kubernetes-preserve-unknown-fields: true @@ -3194,7 +3225,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -3244,7 +3275,7 @@ spec: type: "string" name: default: "" - description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -3309,6 +3340,7 @@ spec: type: "string" required: - "stage" + - "testExpression" - "url" type: "object" type: "array" @@ -3354,7 +3386,7 @@ spec: type: "array" conditions: items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect of the current state of this API Resource." properties: lastTransitionTime: description: "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable." @@ -3383,7 +3415,7 @@ spec: - "Unknown" type: "string" type: - description: "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" + description: "type of condition in CamelCase or in foo.example.com/CamelCase." maxLength: 316 pattern: "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$" type: "string" diff --git a/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/operatorconfigurations.yaml b/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/operatorconfigurations.yaml index b3f12be59..c883b9c8c 100644 --- a/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/operatorconfigurations.yaml +++ b/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/operatorconfigurations.yaml @@ -127,7 +127,7 @@ spec: type: "boolean" type: "object" docker_image: - default: "ghcr.io/zalando/spilo-16:3.3-p1" + default: "ghcr.io/zalando/spilo-17:4.0-p2" type: "string" enable_crd_registration: default: true @@ -479,10 +479,10 @@ spec: type: "string" type: "array" minimal_major_version: - default: "12" + default: "13" type: "string" target_major_version: - default: "16" + default: "17" type: "string" type: "object" max_instances: diff --git a/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/postgresqls.yaml b/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/postgresqls.yaml index b9a0f7d17..b3d772d2a 100644 --- a/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/postgresqls.yaml +++ b/crd-catalog/zalando/postgres-operator/acid.zalan.do/v1/postgresqls.yaml @@ -356,11 +356,11 @@ spec: type: "object" version: enum: - - "12" - "13" - "14" - "15" - "16" + - "17" type: "string" required: - "version" @@ -470,6 +470,9 @@ spec: type: "string" batchSize: type: "integer" + cpu: + pattern: "^(\\d+m|\\d+(\\.\\d{1,3})?)$" + type: "string" database: type: "string" enableRecovery: @@ -478,6 +481,9 @@ spec: additionalProperties: type: "string" type: "object" + memory: + pattern: "^(\\d+(e\\d+)?|\\d+(\\.\\d+)?(e\\d+)?[EPTGMK]i?)$" + type: "string" tables: additionalProperties: properties: @@ -485,6 +491,8 @@ spec: type: "string" idColumn: type: "string" + ignoreRecovery: + type: "boolean" payloadColumn: type: "string" recoveryEventType: diff --git a/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs b/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs index 808da0b10..9671cc904 100644 --- a/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs +++ b/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs @@ -293,14 +293,14 @@ pub enum ChallengeSolverDns01AzureDnsEnvironment { /// If set, ClientID, ClientSecret and TenantID must not be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ChallengeSolverDns01AzureDnsManagedIdentity { - /// client ID of the managed identity, can not be used at the same time as resourceID + /// client ID of the managed identity, cannot be used at the same time as resourceID #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientID")] pub client_id: Option, - /// resource ID of the managed identity, can not be used at the same time as clientID + /// resource ID of the managed identity, cannot be used at the same time as clientID /// Cannot be used for Azure Managed Service Identity #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceID")] pub resource_id: Option, - /// tenant ID of the managed identity, can not be used at the same time as resourceID + /// tenant ID of the managed identity, cannot be used at the same time as resourceID #[serde(default, skip_serializing_if = "Option::is_none", rename = "tenantID")] pub tenant_id: Option, } diff --git a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorities.rs b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorities.rs index 5bd378e36..1a52d27f3 100644 --- a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorities.rs +++ b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorities.rs @@ -51,10 +51,9 @@ pub struct CertificateAuthoritySpec { /// and security compliance of Amazon Web Services Private CA private keys (https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys). #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyStorageSecurityStandard")] pub key_storage_security_standard: Option, - /// Contains information to enable Online Certificate Status Protocol (OCSP) - /// support, to enable a certificate revocation list (CRL), to enable both, or - /// to enable neither. The default is for both certificate validation mechanisms - /// to be disabled. + /// Contains information to enable support for Online Certificate Status Protocol + /// (OCSP), certificate revocation list (CRL), both protocols, or neither. By + /// default, both certificate validation mechanisms are disabled. /// /// The following requirements apply to revocation configurations. /// @@ -333,10 +332,9 @@ pub struct CertificateAuthorityCertificateAuthorityConfigurationSubjectCustomAtt pub value: Option, } -/// Contains information to enable Online Certificate Status Protocol (OCSP) -/// support, to enable a certificate revocation list (CRL), to enable both, or -/// to enable neither. The default is for both certificate validation mechanisms -/// to be disabled. +/// Contains information to enable support for Online Certificate Status Protocol +/// (OCSP), certificate revocation list (CRL), both protocols, or neither. By +/// default, both certificate validation mechanisms are disabled. /// /// The following requirements apply to revocation configurations. /// @@ -365,13 +363,15 @@ pub struct CertificateAuthorityRevocationConfiguration { /// by setting the Enabled parameter to true. Your private CA writes CRLs to /// an S3 bucket that you specify in the S3BucketName parameter. You can hide /// the name of your bucket by specifying a value for the CustomCname parameter. - /// Your private CA copies the CNAME or the S3 bucket name to the CRL Distribution - /// Points extension of each certificate it issues. Your S3 bucket policy must - /// give write permission to Amazon Web Services Private CA. + /// Your private CA by default copies the CNAME or the S3 bucket name to the + /// CRL Distribution Points extension of each certificate it issues. If you want + /// to configure this default behavior to be something different, you can set + /// the CrlDistributionPointExtensionConfiguration parameter. Your S3 bucket + /// policy must give write permission to Amazon Web Services Private CA. /// /// Amazon Web Services Private CA assets that are stored in Amazon S3 can be /// protected with encryption. For more information, see Encrypting Your CRLs - /// (https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#crl-encryption). + /// (https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#crl-encryption). /// /// Your private CA uses the value in the ExpirationInDays parameter to calculate /// the nextUpdate field in the CRL. The CRL is refreshed prior to a certificate's @@ -436,13 +436,15 @@ pub struct CertificateAuthorityRevocationConfiguration { /// by setting the Enabled parameter to true. Your private CA writes CRLs to /// an S3 bucket that you specify in the S3BucketName parameter. You can hide /// the name of your bucket by specifying a value for the CustomCname parameter. -/// Your private CA copies the CNAME or the S3 bucket name to the CRL Distribution -/// Points extension of each certificate it issues. Your S3 bucket policy must -/// give write permission to Amazon Web Services Private CA. +/// Your private CA by default copies the CNAME or the S3 bucket name to the +/// CRL Distribution Points extension of each certificate it issues. If you want +/// to configure this default behavior to be something different, you can set +/// the CrlDistributionPointExtensionConfiguration parameter. Your S3 bucket +/// policy must give write permission to Amazon Web Services Private CA. /// /// Amazon Web Services Private CA assets that are stored in Amazon S3 can be /// protected with encryption. For more information, see Encrypting Your CRLs -/// (https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#crl-encryption). +/// (https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#crl-encryption). /// /// Your private CA uses the value in the ExpirationInDays parameter to calculate /// the nextUpdate field in the CRL. The CRL is refreshed prior to a certificate's @@ -543,7 +545,7 @@ pub struct CertificateAuthorityStatus { /// CA certificate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateSigningRequest")] pub certificate_signing_request: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs index c39b61664..4c6439f6e 100644 --- a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs +++ b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs @@ -125,7 +125,7 @@ pub struct CertificateAuthorityActivationStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs index 0c10c3d1e..3ae7218f3 100644 --- a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs +++ b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs @@ -511,7 +511,7 @@ pub struct CertificateStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha3/clusterresourcesets.rs b/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha3/clusterresourcesets.rs index 761092d7b..a27aea73c 100644 --- a/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha3/clusterresourcesets.rs +++ b/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha3/clusterresourcesets.rs @@ -20,7 +20,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterResourceSetSpec { - /// Label selector for Clusters. The Clusters that are + /// clusterSelector is the label selector for Clusters. The Clusters that are /// selected by this will be the ones affected by this ClusterResourceSet. /// It must match the Cluster labels. This field is immutable. #[serde(rename = "clusterSelector")] @@ -33,7 +33,7 @@ pub struct ClusterResourceSetSpec { pub strategy: Option, } -/// Label selector for Clusters. The Clusters that are +/// clusterSelector is the label selector for Clusters. The Clusters that are /// selected by this will be the ones affected by this ClusterResourceSet. /// It must match the Cluster labels. This field is immutable. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha4/clusterresourcesets.rs b/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha4/clusterresourcesets.rs index c1675cd46..95b619cdb 100644 --- a/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha4/clusterresourcesets.rs +++ b/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1alpha4/clusterresourcesets.rs @@ -20,7 +20,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterResourceSetSpec { - /// Label selector for Clusters. The Clusters that are + /// clusterSelector is the label selector for Clusters. The Clusters that are /// selected by this will be the ones affected by this ClusterResourceSet. /// It must match the Cluster labels. This field is immutable. /// Label selector cannot be empty. @@ -34,7 +34,7 @@ pub struct ClusterResourceSetSpec { pub strategy: Option, } -/// Label selector for Clusters. The Clusters that are +/// clusterSelector is the label selector for Clusters. The Clusters that are /// selected by this will be the ones affected by this ClusterResourceSet. /// It must match the Cluster labels. This field is immutable. /// Label selector cannot be empty. diff --git a/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1beta1/clusterresourcesets.rs b/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1beta1/clusterresourcesets.rs index 5b03303e9..11bb7c2ee 100644 --- a/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1beta1/clusterresourcesets.rs +++ b/kube-custom-resources-rs/src/addons_cluster_x_k8s_io/v1beta1/clusterresourcesets.rs @@ -20,7 +20,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterResourceSetSpec { - /// Label selector for Clusters. The Clusters that are + /// clusterSelector is the label selector for Clusters. The Clusters that are /// selected by this will be the ones affected by this ClusterResourceSet. /// It must match the Cluster labels. This field is immutable. /// Label selector cannot be empty. @@ -34,7 +34,7 @@ pub struct ClusterResourceSetSpec { pub strategy: Option, } -/// Label selector for Clusters. The Clusters that are +/// clusterSelector is the label selector for Clusters. The Clusters that are /// selected by this will be the ones affected by this ClusterResourceSet. /// It must match the Cluster labels. This field is immutable. /// Label selector cannot be empty. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/awsiamconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/awsiamconfigs.rs index 8755f5970..0fa762c7f 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/awsiamconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/awsiamconfigs.rs @@ -20,7 +20,8 @@ pub struct AWSIamConfigSpec { /// AWSRegion defines a region in an AWS partition #[serde(rename = "awsRegion")] pub aws_region: String, - /// BackendMode defines multiple backends for aws-iam-authenticator server The server searches for mappings in order + /// BackendMode defines multiple backends for aws-iam-authenticator server + /// The server searches for mappings in order #[serde(rename = "backendMode")] pub backend_mode: Vec, #[serde(default, skip_serializing_if = "Option::is_none", rename = "mapRoles")] diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs index 247003ec0..17160ddaa 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs @@ -48,6 +48,8 @@ pub struct BundlesVersionsBundles { #[serde(rename = "eksD")] pub eks_d: BundlesVersionsBundlesEksD, pub eksa: BundlesVersionsBundlesEksa, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endOfStandardSupport")] + pub end_of_standard_support: Option, #[serde(rename = "etcdadmBootstrap")] pub etcdadm_bootstrap: BundlesVersionsBundlesEtcdadmBootstrap, #[serde(rename = "etcdadmController")] @@ -2881,6 +2883,8 @@ pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackHook { pub bootkit: BundlesVersionsBundlesTinkerbellTinkerbellStackHookBootkit, pub docker: BundlesVersionsBundlesTinkerbellTinkerbellStackHookDocker, pub initramfs: BundlesVersionsBundlesTinkerbellTinkerbellStackHookInitramfs, + /// HookArch defines the Tinkerbell hook architecture-specific artifacts. + pub iso: BundlesVersionsBundlesTinkerbellTinkerbellStackHookIso, pub kernel: BundlesVersionsBundlesTinkerbellTinkerbellStackHookKernel, pub vmlinuz: BundlesVersionsBundlesTinkerbellTinkerbellStackHookVmlinuz, } @@ -3033,6 +3037,93 @@ pub enum BundlesVersionsBundlesTinkerbellTinkerbellStackHookInitramfsArmOs { Windows, } +/// HookArch defines the Tinkerbell hook architecture-specific artifacts. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackHookIso { + /// Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity. + pub amd: BundlesVersionsBundlesTinkerbellTinkerbellStackHookIsoAmd, + /// Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity. + pub arm: BundlesVersionsBundlesTinkerbellTinkerbellStackHookIsoArm, +} + +/// Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackHookIsoAmd { + /// Architectures of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub arch: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub description: Option, + /// The asset name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Operating system of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub os: Option, + /// Name of the OS like ubuntu, bottlerocket + #[serde(default, skip_serializing_if = "Option::is_none", rename = "osName")] + pub os_name: Option, + /// The sha256 of the asset, only applies for 'file' store + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sha256: Option, + /// The sha512 of the asset, only applies for 'file' store + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sha512: Option, + /// The URI where the asset is located + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uri: Option, +} + +/// Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BundlesVersionsBundlesTinkerbellTinkerbellStackHookIsoAmdOs { + #[serde(rename = "linux")] + Linux, + #[serde(rename = "darwin")] + Darwin, + #[serde(rename = "windows")] + Windows, +} + +/// Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackHookIsoArm { + /// Architectures of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub arch: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub description: Option, + /// The asset name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Operating system of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub os: Option, + /// Name of the OS like ubuntu, bottlerocket + #[serde(default, skip_serializing_if = "Option::is_none", rename = "osName")] + pub os_name: Option, + /// The sha256 of the asset, only applies for 'file' store + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sha256: Option, + /// The sha512 of the asset, only applies for 'file' store + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sha512: Option, + /// The URI where the asset is located + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uri: Option, +} + +/// Archive represents an archive asset (e.g. tarball) along with its OS/architecture metadata, and checksums for file integrity. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BundlesVersionsBundlesTinkerbellTinkerbellStackHookIsoArmOs { + #[serde(rename = "linux")] + Linux, + #[serde(rename = "darwin")] + Darwin, + #[serde(rename = "windows")] + Windows, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackHookKernel { /// Architectures of the asset diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackdatacenterconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackdatacenterconfigs.rs index c847192f3..f2a590f66 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackdatacenterconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackdatacenterconfigs.rs @@ -18,19 +18,25 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct CloudStackDatacenterConfigSpec { - /// Account typically represents a customer of the service provider or a department in a large organization. Multiple users can exist in an account, and all CloudStack resources belong to an account. Accounts have users and users have credentials to operate on resources within that account. If an account name is provided, a domain must also be provided. Deprecated: Please use AvailabilityZones instead + /// Account typically represents a customer of the service provider or a department in a large organization. Multiple users can exist in an account, and all CloudStack resources belong to an account. Accounts have users and users have credentials to operate on resources within that account. If an account name is provided, a domain must also be provided. + /// Deprecated: Please use AvailabilityZones instead #[serde(default, skip_serializing_if = "Option::is_none")] pub account: Option, /// AvailabilityZones list of different partitions to distribute VMs across - corresponds to a list of CAPI failure domains #[serde(default, skip_serializing_if = "Option::is_none", rename = "availabilityZones")] pub availability_zones: Option>, - /// Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains This field is considered as a fully qualified domain name which is the same as the domain path without "ROOT/" prefix. For example, if "foo" is specified then a domain with "ROOT/foo" domain path is picked. The value "ROOT" is a special case that points to "the" ROOT domain of the CloudStack. That is, a domain with a path "ROOT/ROOT" is not allowed. Deprecated: Please use AvailabilityZones instead + /// Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains + /// This field is considered as a fully qualified domain name which is the same as the domain path without "ROOT/" prefix. For example, if "foo" is specified then a domain with "ROOT/foo" domain path is picked. + /// The value "ROOT" is a special case that points to "the" ROOT domain of the CloudStack. That is, a domain with a path "ROOT/ROOT" is not allowed. + /// Deprecated: Please use AvailabilityZones instead #[serde(default, skip_serializing_if = "Option::is_none")] pub domain: Option, - /// CloudStack Management API endpoint's IP. It is added to VM's noproxy list Deprecated: Please use AvailabilityZones instead + /// CloudStack Management API endpoint's IP. It is added to VM's noproxy list + /// Deprecated: Please use AvailabilityZones instead #[serde(default, skip_serializing_if = "Option::is_none", rename = "managementApiEndpoint")] pub management_api_endpoint: Option, - /// Zones is a list of one or more zones that are managed by a single CloudStack management endpoint. Deprecated: Please use AvailabilityZones instead + /// Zones is a list of one or more zones that are managed by a single CloudStack management endpoint. + /// Deprecated: Please use AvailabilityZones instead #[serde(default, skip_serializing_if = "Option::is_none")] pub zones: Option>, } @@ -44,7 +50,9 @@ pub struct CloudStackDatacenterConfigAvailabilityZones { /// CredentialRef is used to reference a secret in the eksa-system namespace #[serde(rename = "credentialsRef")] pub credentials_ref: String, - /// Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains This field is considered as a fully qualified domain name which is the same as the domain path without "ROOT/" prefix. For example, if "foo" is specified then a domain with "ROOT/foo" domain path is picked. The value "ROOT" is a special case that points to "the" ROOT domain of the CloudStack. That is, a domain with a path "ROOT/ROOT" is not allowed. + /// Domain contains a grouping of accounts. Domains usually contain multiple accounts that have some logical relationship to each other and a set of delegated administrators with some authority over the domain and its subdomains + /// This field is considered as a fully qualified domain name which is the same as the domain path without "ROOT/" prefix. For example, if "foo" is specified then a domain with "ROOT/foo" domain path is picked. + /// The value "ROOT" is a special case that points to "the" ROOT domain of the CloudStack. That is, a domain with a path "ROOT/ROOT" is not allowed. pub domain: String, /// CloudStack Management API endpoint's IP. It is added to VM's noproxy list #[serde(rename = "managementApiEndpoint")] @@ -63,11 +71,13 @@ pub struct CloudStackDatacenterConfigAvailabilityZonesZone { pub id: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name In multiple-zones situation, only 'Shared' network is supported. + /// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name + /// In multiple-zones situation, only 'Shared' network is supported. pub network: CloudStackDatacenterConfigAvailabilityZonesZoneNetwork, } -/// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name In multiple-zones situation, only 'Shared' network is supported. +/// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name +/// In multiple-zones situation, only 'Shared' network is supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CloudStackDatacenterConfigAvailabilityZonesZoneNetwork { /// Id of a resource in the CloudStack environment. Mutually exclusive with Name @@ -86,11 +96,13 @@ pub struct CloudStackDatacenterConfigZones { pub id: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name In multiple-zones situation, only 'Shared' network is supported. + /// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name + /// In multiple-zones situation, only 'Shared' network is supported. pub network: CloudStackDatacenterConfigZonesNetwork, } -/// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name In multiple-zones situation, only 'Shared' network is supported. +/// Network is the name or UUID of the CloudStack network in which clusters should be created. It can either be an isolated or shared network. If it doesn’t already exist in CloudStack, it’ll automatically be created by CAPC as an isolated network. It can either be specified as a UUID or name +/// In multiple-zones situation, only 'Shared' network is supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CloudStackDatacenterConfigZonesNetwork { /// Id of a resource in the CloudStack environment. Mutually exclusive with Name @@ -104,7 +116,8 @@ pub struct CloudStackDatacenterConfigZonesNetwork { /// CloudStackDatacenterConfigStatus defines the observed state of CloudStackDatacenterConfig. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CloudStackDatacenterConfigStatus { - /// FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message. + /// FailureMessage indicates that there is a fatal problem reconciling the + /// state, and will be set to a descriptive error message. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, /// ObservedGeneration is the latest generation observed by the controller. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackmachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackmachineconfigs.rs index d590cca87..043cbcab0 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackmachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/cloudstackmachineconfigs.rs @@ -19,32 +19,49 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct CloudStackMachineConfigSpec { - /// Defaults to `no`. Can be `pro` or `anti`. If set to `pro` or `anti`, will create an affinity group per machine set of the corresponding type + /// Defaults to `no`. Can be `pro` or `anti`. If set to `pro` or `anti`, will create an affinity + /// group per machine set of the corresponding type #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// AffinityGroupIds allows users to pass in a list of UUIDs for previously-created Affinity Groups. Any VM’s created with this spec will be added to the affinity group, which will dictate which physical host(s) they can be placed on. Affinity groups can be type “affinity” or “anti-affinity” in CloudStack. If they are type “anti-affinity”, all VM’s in the group must be on separate physical hosts for high availability. If they are type “affinity”, all VM’s in the group must be on the same physical host for improved performance + /// AffinityGroupIds allows users to pass in a list of UUIDs for previously-created Affinity + /// Groups. Any VM’s created with this spec will be added to the affinity group, which will + /// dictate which physical host(s) they can be placed on. Affinity groups can be type “affinity” + /// or “anti-affinity” in CloudStack. If they are type “anti-affinity”, all VM’s in the group + /// must be on separate physical hosts for high availability. If they are type “affinity”, all + /// VM’s in the group must be on the same physical host for improved performance #[serde(default, skip_serializing_if = "Option::is_none", rename = "affinityGroupIds")] pub affinity_group_ids: Option>, - /// ComputeOffering refers to a compute offering which has been previously registered in CloudStack. It represents a VM’s instance size including number of CPU’s, memory, and CPU speed. It can either be specified as a UUID or name + /// ComputeOffering refers to a compute offering which has been previously registered in + /// CloudStack. It represents a VM’s instance size including number of CPU’s, memory, and CPU + /// speed. It can either be specified as a UUID or name #[serde(rename = "computeOffering")] pub compute_offering: CloudStackMachineConfigComputeOffering, - /// DiskOffering refers to a disk offering which has been previously registered in CloudStack. It represents a disk offering with pre-defined size or custom specified disk size. It can either be specified as a UUID or name + /// DiskOffering refers to a disk offering which has been previously registered in CloudStack. + /// It represents a disk offering with pre-defined size or custom specified disk size. It can + /// either be specified as a UUID or name #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskOffering")] pub disk_offering: Option, /// Symlinks create soft symbolic links folders. One use case is to use data disk to store logs #[serde(default, skip_serializing_if = "Option::is_none")] pub symlinks: Option>, - /// Template refers to a VM image template which has been previously registered in CloudStack. It can either be specified as a UUID or name. When using a template name it must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. + /// Template refers to a VM image template which has been previously registered in CloudStack. + /// It can either be specified as a UUID or name. + /// When using a template name it must include the Kubernetes version(s). For example, + /// a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. pub template: CloudStackMachineConfigTemplate, - /// UserCustomDetails allows users to pass in non-standard key value inputs, outside those defined [here](https://github.com/shapeblue/cloudstack/blob/main/api/src/main/java/com/cloud/vm/VmDetailConstants.java) + /// UserCustomDetails allows users to pass in non-standard key value inputs, outside those + /// defined [here](https://github.com/shapeblue/cloudstack/blob/main/api/src/main/java/com/cloud/vm/VmDetailConstants.java) #[serde(default, skip_serializing_if = "Option::is_none", rename = "userCustomDetails")] pub user_custom_details: Option>, - /// Users consists of an array of objects containing the username, as well as a list of their public keys. These users will be authorized to ssh into the machines + /// Users consists of an array of objects containing the username, as well as a list of their + /// public keys. These users will be authorized to ssh into the machines #[serde(default, skip_serializing_if = "Option::is_none")] pub users: Option>, } -/// ComputeOffering refers to a compute offering which has been previously registered in CloudStack. It represents a VM’s instance size including number of CPU’s, memory, and CPU speed. It can either be specified as a UUID or name +/// ComputeOffering refers to a compute offering which has been previously registered in +/// CloudStack. It represents a VM’s instance size including number of CPU’s, memory, and CPU +/// speed. It can either be specified as a UUID or name #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CloudStackMachineConfigComputeOffering { /// Id of a resource in the CloudStack environment. Mutually exclusive with Name @@ -55,7 +72,9 @@ pub struct CloudStackMachineConfigComputeOffering { pub name: Option, } -/// DiskOffering refers to a disk offering which has been previously registered in CloudStack. It represents a disk offering with pre-defined size or custom specified disk size. It can either be specified as a UUID or name +/// DiskOffering refers to a disk offering which has been previously registered in CloudStack. +/// It represents a disk offering with pre-defined size or custom specified disk size. It can +/// either be specified as a UUID or name #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CloudStackMachineConfigDiskOffering { /// disk size in GB, > 0 for customized disk offering; = 0 for non-customized disk offering @@ -78,7 +97,10 @@ pub struct CloudStackMachineConfigDiskOffering { pub name: Option, } -/// Template refers to a VM image template which has been previously registered in CloudStack. It can either be specified as a UUID or name. When using a template name it must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. +/// Template refers to a VM image template which has been previously registered in CloudStack. +/// It can either be specified as a UUID or name. +/// When using a template name it must include the Kubernetes version(s). For example, +/// a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CloudStackMachineConfigTemplate { /// Id of a resource in the CloudStack environment. Mutually exclusive with Name @@ -100,7 +122,8 @@ pub struct CloudStackMachineConfigUsers { /// CloudStackMachineConfigStatus defines the observed state of CloudStackMachineConfig. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CloudStackMachineConfigStatus { - /// FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message. + /// FailureMessage indicates that there is a fatal problem reconciling the + /// state, and will be set to a descriptive error message. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, /// SpecValid is set to true if cloudstackmachineconfig is validated. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/clusters.rs index 1cba7c726..126d8d182 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/clusters.rs @@ -21,7 +21,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterSpec { - /// BundlesRef contains a reference to the Bundles containing the desired dependencies for the cluster. DEPRECATED: Use EksaVersion instead. + /// BundlesRef contains a reference to the Bundles containing the desired dependencies for the cluster. + /// DEPRECATED: Use EksaVersion instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bundlesRef")] pub bundles_ref: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNetwork")] @@ -44,7 +45,10 @@ pub struct ClusterSpec { pub identity_provider_refs: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesVersion")] pub kubernetes_version: Option, - /// MachineHealthCheck allows to configure timeouts for machine health checks. Machine Health Checks are responsible for remediating unhealthy Machines. Configuring these values will decide how long to wait to remediate unhealthy machine or determine health of nodes' machines. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "licenseToken")] + pub license_token: Option, + /// MachineHealthCheck allows to configure timeouts for machine health checks. Machine Health Checks are responsible for remediating unhealthy Machines. + /// Configuring these values will decide how long to wait to remediate unhealthy machine or determine health of nodes' machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineHealthCheck")] pub machine_health_check: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "managementCluster")] @@ -63,7 +67,8 @@ pub struct ClusterSpec { pub worker_node_group_configurations: Option>, } -/// BundlesRef contains a reference to the Bundles containing the desired dependencies for the cluster. DEPRECATED: Use EksaVersion instead. +/// BundlesRef contains a reference to the Bundles containing the desired dependencies for the cluster. +/// DEPRECATED: Use EksaVersion instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterBundlesRef { /// APIVersion refers to the Bundles APIVersion @@ -87,7 +92,8 @@ pub struct ClusterClusterNetwork { pub dns: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option, - /// Comma-separated list of CIDR blocks to use for pod and service subnets. Defaults to 192.168.0.0/16 for pod subnet. + /// Comma-separated list of CIDR blocks to use for pod and service subnets. + /// Defaults to 192.168.0.0/16 for pod subnet. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -111,19 +117,30 @@ pub struct ClusterClusterNetworkCniConfigCilium { /// EgressMasquaradeInterfaces determines which network interfaces are used for masquerading. Accepted values are a valid interface name or interface prefix. #[serde(default, skip_serializing_if = "Option::is_none", rename = "egressMasqueradeInterfaces")] pub egress_masquerade_interfaces: Option, - /// IPv4NativeRoutingCIDR specifies the CIDR to use when RoutingMode is set to direct. When specified, Cilium assumes networking for this CIDR is preconfigured and hands traffic destined for that range to the Linux network stack without applying any SNAT. If this is not set autoDirectNodeRoutes will be set to true + /// IPv4NativeRoutingCIDR specifies the CIDR to use when RoutingMode is set to direct. + /// When specified, Cilium assumes networking for this CIDR is preconfigured and + /// hands traffic destined for that range to the Linux network stack without + /// applying any SNAT. + /// If this is not set autoDirectNodeRoutes will be set to true #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv4NativeRoutingCIDR")] pub ipv4_native_routing_cidr: Option, - /// IPv6NativeRoutingCIDR specifies the IPv6 CIDR to use when RoutingMode is set to direct. When specified, Cilium assumes networking for this CIDR is preconfigured and hands traffic destined for that range to the Linux network stack without applying any SNAT. If this is not set autoDirectNodeRoutes will be set to true + /// IPv6NativeRoutingCIDR specifies the IPv6 CIDR to use when RoutingMode is set to direct. + /// When specified, Cilium assumes networking for this CIDR is preconfigured and + /// hands traffic destined for that range to the Linux network stack without + /// applying any SNAT. + /// If this is not set autoDirectNodeRoutes will be set to true #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6NativeRoutingCIDR")] pub ipv6_native_routing_cidr: Option, /// PolicyEnforcementMode determines communication allowed between pods. Accepted values are default, always, never. #[serde(default, skip_serializing_if = "Option::is_none", rename = "policyEnforcementMode")] pub policy_enforcement_mode: Option, - /// RoutingMode indicates the routing tunnel mode to use for Cilium. Accepted values are overlay (geneve tunnel with overlay) or direct (tunneling disabled with direct routing) Defaults to overlay. + /// RoutingMode indicates the routing tunnel mode to use for Cilium. Accepted values are overlay (geneve tunnel with overlay) + /// or direct (tunneling disabled with direct routing) + /// Defaults to overlay. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routingMode")] pub routing_mode: Option, - /// SkipUpgrade indicicates that Cilium maintenance should be skipped during upgrades. This can be used when operators wish to self manage the Cilium installation. + /// SkipUpgrade indicicates that Cilium maintenance should be skipped during upgrades. This can + /// be used when operators wish to self manage the Cilium installation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipUpgrade")] pub skip_upgrade: Option, } @@ -155,7 +172,8 @@ pub struct ClusterClusterNetworkNodes { pub cidr_mask_size: Option, } -/// Comma-separated list of CIDR blocks to use for pod and service subnets. Defaults to 192.168.0.0/16 for pod subnet. +/// Comma-separated list of CIDR blocks to use for pod and service subnets. +/// Defaults to 192.168.0.0/16 for pod subnet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetworkPods { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrBlocks")] @@ -173,7 +191,8 @@ pub struct ClusterControlPlaneConfiguration { /// APIServerExtraArgs defines the flags to configure for the API server. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerExtraArgs")] pub api_server_extra_args: Option>, - /// CertSANs is a slice of domain names or IPs to be added as Subject Name Alternatives of the Kube API Servers Certificate. + /// CertSANs is a slice of domain names or IPs to be added as Subject Name Alternatives of the + /// Kube API Servers Certificate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSans")] pub cert_sans: Option>, /// Count defines the number of desired control plane nodes. Defaults to 1. @@ -194,13 +213,15 @@ pub struct ClusterControlPlaneConfiguration { /// MachineHealthCheck is a control-plane level override for the timeouts and maxUnhealthy specified in the top-level MHC configuration. If not configured, the defaults in the top-level MHC configuration are used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineHealthCheck")] pub machine_health_check: Option, - /// SkipLoadBalancerDeployment skip deploying control plane load balancer. Make sure your infrastructure can handle control plane load balancing when you set this field to true. + /// SkipLoadBalancerDeployment skip deploying control plane load balancer. + /// Make sure your infrastructure can handle control plane load balancing when you set this field to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLoadBalancerDeployment")] pub skip_load_balancer_deployment: Option, /// Taints define the set of taints to be applied on control plane nodes #[serde(default, skip_serializing_if = "Option::is_none")] pub taints: Option>, - /// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades and related parameters/knobs + /// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades + /// and related parameters/knobs #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeRolloutStrategy")] pub upgrade_rollout_strategy: Option, } @@ -235,14 +256,18 @@ pub struct ClusterControlPlaneConfigurationMachineHealthCheck { pub unhealthy_machine_timeout: Option, } -/// The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. +/// The node this Taint is attached to has the "effect" on +/// any pod that does not tolerate the Taint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterControlPlaneConfigurationTaints { - /// Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + /// Required. The effect of the taint on pods + /// that do not tolerate the taint. + /// Valid effects are NoSchedule, PreferNoSchedule and NoExecute. pub effect: String, /// Required. The taint key to be applied to a node. pub key: String, - /// TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + /// TimeAdded represents the time at which the taint was added. + /// It is only written for NoExecute taints. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeAdded")] pub time_added: Option, /// The taint value corresponding to the taint key. @@ -250,7 +275,8 @@ pub struct ClusterControlPlaneConfigurationTaints { pub value: Option, } -/// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades and related parameters/knobs +/// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades +/// and related parameters/knobs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterControlPlaneConfigurationUpgradeRolloutStrategy { /// ControlPlaneRollingUpdateParams is API for rolling update strategy knobs. @@ -284,7 +310,8 @@ pub struct ClusterEtcdEncryption { pub resources: Vec, } -/// EtcdEncryptionProvider defines the configuration for ETCD encryption providers. Currently only KMS provider is supported. +/// EtcdEncryptionProvider defines the configuration for ETCD encryption providers. +/// Currently only KMS provider is supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterEtcdEncryptionProviders { /// KMS defines the configuration for KMS Encryption provider. @@ -294,7 +321,8 @@ pub struct ClusterEtcdEncryptionProviders { /// KMS defines the configuration for KMS Encryption provider. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterEtcdEncryptionProvidersKms { - /// CacheSize defines the maximum number of encrypted objects to be cached in memory. The default value is 1000. You can set this to a negative value to disable caching. + /// CacheSize defines the maximum number of encrypted objects to be cached in memory. The default value is 1000. + /// You can set this to a negative value to disable caching. #[serde(default, skip_serializing_if = "Option::is_none")] pub cachesize: Option, /// Name defines the name of KMS plugin to be used. @@ -342,7 +370,8 @@ pub struct ClusterIdentityProviderRefs { pub name: Option, } -/// MachineHealthCheck allows to configure timeouts for machine health checks. Machine Health Checks are responsible for remediating unhealthy Machines. Configuring these values will decide how long to wait to remediate unhealthy machine or determine health of nodes' machines. +/// MachineHealthCheck allows to configure timeouts for machine health checks. Machine Health Checks are responsible for remediating unhealthy Machines. +/// Configuring these values will decide how long to wait to remediate unhealthy machine or determine health of nodes' machines. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterMachineHealthCheck { /// MaxUnhealthy is used to configure the maximum number of unhealthy machines in machine health checks. This setting applies to both control plane and worker machines. If the number of unhealthy machines exceeds the limit set by maxUnhealthy, further remediation will not be performed. If not configured, the default value is set to "100%" for controlplane machines and "40%" for worker machines. @@ -477,10 +506,12 @@ pub struct ClusterRegistryMirrorConfiguration { /// Endpoint defines the registry mirror endpoint to use for pulling images #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, - /// InsecureSkipVerify skips the registry certificate verification. Only use this solution for isolated testing or in a tightly controlled, air-gapped environment. + /// InsecureSkipVerify skips the registry certificate verification. + /// Only use this solution for isolated testing or in a tightly controlled, air-gapped environment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, - /// OCINamespaces defines the mapping from an upstream registry to a local namespace where upstream artifacts are placed into + /// OCINamespaces defines the mapping from an upstream registry to a local namespace where upstream + /// artifacts are placed into #[serde(default, skip_serializing_if = "Option::is_none", rename = "ociNamespaces")] pub oci_namespaces: Option>, /// Port defines the port exposed for registry mirror endpoint @@ -505,6 +536,9 @@ pub struct ClusterWorkerNodeGroupConfigurations { /// Count defines the number of desired worker nodes. Defaults to 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub count: Option, + /// FailureDomains is the optional list of failure domains to distribute worker nodes across the infrastructure. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] + pub failure_domains: Option>, /// KubeletConfiguration is a struct that exposes the Kubelet settings for the user to set on worker nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeletConfiguration")] pub kubelet_configuration: Option>, @@ -526,7 +560,8 @@ pub struct ClusterWorkerNodeGroupConfigurations { /// Taints define the set of taints to be applied on worker nodes #[serde(default, skip_serializing_if = "Option::is_none")] pub taints: Option>, - /// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades and related parameters/knobs + /// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades + /// and related parameters/knobs #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeRolloutStrategy")] pub upgrade_rollout_strategy: Option, } @@ -565,14 +600,18 @@ pub struct ClusterWorkerNodeGroupConfigurationsMachineHealthCheck { pub unhealthy_machine_timeout: Option, } -/// The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. +/// The node this Taint is attached to has the "effect" on +/// any pod that does not tolerate the Taint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterWorkerNodeGroupConfigurationsTaints { - /// Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + /// Required. The effect of the taint on pods + /// that do not tolerate the taint. + /// Valid effects are NoSchedule, PreferNoSchedule and NoExecute. pub effect: String, /// Required. The taint key to be applied to a node. pub key: String, - /// TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + /// TimeAdded represents the time at which the taint was added. + /// It is only written for NoExecute taints. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeAdded")] pub time_added: Option, /// The taint value corresponding to the taint key. @@ -580,7 +619,8 @@ pub struct ClusterWorkerNodeGroupConfigurationsTaints { pub value: Option, } -/// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades and related parameters/knobs +/// UpgradeRolloutStrategy determines the rollout strategy to use for rolling upgrades +/// and related parameters/knobs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterWorkerNodeGroupConfigurationsUpgradeRolloutStrategy { /// WorkerNodesRollingUpdateParams is API for rolling update strategy knobs. @@ -603,7 +643,12 @@ pub struct ClusterWorkerNodeGroupConfigurationsUpgradeRolloutStrategyRollingUpda /// ClusterStatus defines the observed state of Cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterStatus { - /// ChildrenReconciledGeneration represents the sum of the .metadata.generation for all the linked objects for the cluster, observed the last time the cluster was successfully reconciled. NOTE: This field was added for internal use and we do not provide guarantees to its behavior if changed externally. Its meaning and implementation are subject to change in the future. + /// ChildrenReconciledGeneration represents the sum of the .metadata.generation + /// for all the linked objects for the cluster, observed the last time the + /// cluster was successfully reconciled. + /// NOTE: This field was added for internal use and we do not provide guarantees + /// to its behavior if changed externally. Its meaning and implementation are + /// subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "childrenReconciledGeneration")] pub children_reconciled_generation: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -614,13 +659,19 @@ pub struct ClusterStatus { /// Descriptive message about a fatal problem while reconciling a cluster #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, - /// Machine readable value about a terminal problem while reconciling the cluster set at the same time as failureMessage + /// Machine readable value about a terminal problem while reconciling the cluster + /// set at the same time as failureMessage #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureReason")] pub failure_reason: Option, /// ObservedGeneration is the latest generation observed by the controller. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, - /// ReconciledGeneration represents the .metadata.generation the last time the cluster was successfully reconciled. It is the latest generation observed by the controller. NOTE: This field was added for internal use and we do not provide guarantees to its behavior if changed externally. Its meaning and implementation are subject to change in the future. + /// ReconciledGeneration represents the .metadata.generation the last time the + /// cluster was successfully reconciled. It is the latest generation observed + /// by the controller. + /// NOTE: This field was added for internal use and we do not provide guarantees + /// to its behavior if changed externally. Its meaning and implementation are + /// subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconciledGeneration")] pub reconciled_generation: Option, } diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs index f39fc339b..589228909 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/controlplaneupgrades.rs @@ -22,7 +22,11 @@ pub struct ControlPlaneUpgradeSpec { /// ControlPlane is a reference to the KubeadmControlPlane object to upgrade. #[serde(rename = "controlPlane")] pub control_plane: ObjectReference, - /// ControlPlaneSpecData contains base64 encoded KCP spec that's used to update the statuses of CAPI objects once the control plane upgrade is done. This field is needed so that we have a static copy of the control plane spec in case it gets modified after the ControlPlaneUpgrade was created, as ControlPlane is a reference to the object in real time. + /// ControlPlaneSpecData contains base64 encoded KCP spec that's used to update + /// the statuses of CAPI objects once the control plane upgrade is done. + /// This field is needed so that we have a static copy of the control plane spec + /// in case it gets modified after the ControlPlaneUpgrade was created, + /// as ControlPlane is a reference to the object in real time. #[serde(rename = "controlPlaneSpecData")] pub control_plane_spec_data: String, /// EtcdVersion refers to the version of ETCD to upgrade to. @@ -42,22 +46,33 @@ pub struct ControlPlaneUpgradeControlPlane { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs index 101bcd8e3..58fe64439 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/machinedeploymentupgrades.rs @@ -39,22 +39,33 @@ pub struct MachineDeploymentUpgradeMachineDeployment { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nodeupgrades.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nodeupgrades.rs index ca1f303c2..c1428e702 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nodeupgrades.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nodeupgrades.rs @@ -20,10 +20,12 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct NodeUpgradeSpec { - /// EtcdVersion refers to the version of ETCD to upgrade to. This field is optional and only gets used for control plane nodes. + /// EtcdVersion refers to the version of ETCD to upgrade to. + /// This field is optional and only gets used for control plane nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "etcdVersion")] pub etcd_version: Option, - /// FirstNodeToBeUpgraded signifies that the Node is the first node to be upgraded. This flag is only valid for control plane nodes and ignored for worker nodes. + /// FirstNodeToBeUpgraded signifies that the Node is the first node to be upgraded. + /// This flag is only valid for control plane nodes and ignored for worker nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "firstNodeToBeUpgraded")] pub first_node_to_be_upgraded: Option, /// KubernetesVersion refers to the Kubernetes version to upgrade the node to. @@ -39,22 +41,33 @@ pub struct NodeUpgradeMachine { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } @@ -62,10 +75,12 @@ pub struct NodeUpgradeMachine { /// NodeUpgradeStatus defines the observed state of NodeUpgrade. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeUpgradeStatus { - /// Completed denotes that the upgrader has completed running all the operations and the node is successfully upgraded. + /// Completed denotes that the upgrader has completed running all the operations + /// and the node is successfully upgraded. #[serde(default, skip_serializing_if = "Option::is_none")] pub completed: Option, - /// Conditions defines current state of the NodeUpgrade, including the state of init containers, that facilitate the upgrade. + /// Conditions defines current state of the NodeUpgrade, + /// including the state of init containers, that facilitate the upgrade. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration is the latest generation observed by the controller. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixdatacenterconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixdatacenterconfigs.rs index 850594447..39557ddca 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixdatacenterconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixdatacenterconfigs.rs @@ -17,10 +17,17 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct NutanixDatacenterConfigSpec { - /// AdditionalTrustBundle is the optional PEM-encoded certificate bundle for users that configured their Prism Central with certificates from non-publicly trusted CAs + /// AdditionalTrustBundle is the optional PEM-encoded certificate bundle for + /// users that configured their Prism Central with certificates from non-publicly + /// trusted CAs #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalTrustBundle")] pub additional_trust_bundle: Option, - /// CredentialRef is the reference to the secret name that contains the credentials for the Nutanix Prism Central. The namespace for the secret is assumed to be a constant i.e. eksa-system. + /// CcmExcludeIPs is the optional list of IP addresses that should be excluded from the CCM IP pool for nodes. + /// List should be valid IP addresses and IP address ranges. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ccmExcludeNodeIPs")] + pub ccm_exclude_node_i_ps: Option>, + /// CredentialRef is the reference to the secret name that contains the credentials + /// for the Nutanix Prism Central. The namespace for the secret is assumed to be a constant i.e. eksa-system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "credentialRef")] pub credential_ref: Option, /// Endpoint is the Endpoint of Nutanix Prism Central @@ -28,14 +35,21 @@ pub struct NutanixDatacenterConfigSpec { /// FailureDomains is the optional list of failure domains for the Nutanix Datacenter. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] pub failure_domains: Option>, - /// Insecure is the optional flag to skip TLS verification. Nutanix Prism Central installation by default ships with a self-signed certificate that will fail TLS verification because the certificate is not issued by a public CA and does not have the IP SANs with the Prism Central endpoint. To accommodate the scenario where the user has not changed the default Certificate that ships with Prism Central, we allow the user to skip TLS verification. This is not recommended for production use. + /// Insecure is the optional flag to skip TLS verification. Nutanix Prism + /// Central installation by default ships with a self-signed certificate + /// that will fail TLS verification because the certificate is not issued by + /// a public CA and does not have the IP SANs with the Prism Central endpoint. + /// To accommodate the scenario where the user has not changed the default + /// Certificate that ships with Prism Central, we allow the user to skip TLS + /// verification. This is not recommended for production use. #[serde(default, skip_serializing_if = "Option::is_none")] pub insecure: Option, /// Port is the Port of Nutanix Prism Central pub port: i64, } -/// CredentialRef is the reference to the secret name that contains the credentials for the Nutanix Prism Central. The namespace for the secret is assumed to be a constant i.e. eksa-system. +/// CredentialRef is the reference to the secret name that contains the credentials +/// for the Nutanix Prism Central. The namespace for the secret is assumed to be a constant i.e. eksa-system. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NutanixDatacenterConfigCredentialRef { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -45,16 +59,17 @@ pub struct NutanixDatacenterConfigCredentialRef { } /// NutanixDatacenterFailureDomain defines the failure domain for the Nutanix Datacenter. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct NutanixDatacenterConfigFailureDomains { /// Cluster is the Prism Element cluster name or uuid that is connected to the Prism Central. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cluster: Option, - /// Name is the unique name of the failure domain. Name must be between 1 and 64 characters long. It must consist of only lower case alphanumeric characters and hyphens (-). It must start and end with an alphanumeric character. + pub cluster: NutanixDatacenterConfigFailureDomainsCluster, + /// Name is the unique name of the failure domain. + /// Name must be between 1 and 64 characters long. + /// It must consist of only lower case alphanumeric characters and hyphens (-). + /// It must start and end with an alphanumeric character. pub name: String, /// Subnets holds the list of subnets identifiers cluster's network subnets. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub subnets: Option>, + pub subnets: Vec, /// Worker Machine Groups holds the list of worker machine group names that will use this failure domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workerMachineGroups")] pub worker_machine_groups: Option>, diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixmachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixmachineconfigs.rs index 6c0b4a5d1..58f2dde00 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixmachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/nutanixmachineconfigs.rs @@ -20,27 +20,41 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct NutanixMachineConfigSpec { - /// additionalCategories is a list of optional categories to be added to the VM. Categories must be created in Prism Central before they can be used. + /// additionalCategories is a list of optional categories to be added to the VM. + /// Categories must be created in Prism Central before they can be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalCategories")] pub additional_categories: Option>, - /// cluster is to identify the cluster (the Prism Element under management of the Prism Central), in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the prism_central API. + /// cluster is to identify the cluster (the Prism Element under management + /// of the Prism Central), in which the Machine's VM will be created. + /// The cluster identifier (uuid or name) can be obtained from the Prism Central console + /// or using the prism_central API. pub cluster: NutanixMachineConfigCluster, /// List of GPU devices that should be added to the VMs. #[serde(default, skip_serializing_if = "Option::is_none")] pub gpus: Option>, - /// image is to identify the OS image uploaded to the Prism Central (PC) The image identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. It must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. + /// image is to identify the OS image uploaded to the Prism Central (PC) + /// The image identifier (uuid or name) can be obtained from the Prism Central console + /// or using the Prism Central API. + /// It must include the Kubernetes version(s). For example, a template used for + /// Kubernetes 1.27 could be ubuntu-2204-1.27. pub image: NutanixMachineConfigImage, - /// memorySize is the memory size (in Quantity format) of the VM The minimum memorySize is 2Gi bytes + /// memorySize is the memory size (in Quantity format) of the VM + /// The minimum memorySize is 2Gi bytes #[serde(rename = "memorySize")] pub memory_size: IntOrString, #[serde(rename = "osFamily")] pub os_family: String, - /// Project is an optional property that specifies the Prism Central project so that machine resources can be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. + /// Project is an optional property that specifies the Prism Central project so that machine resources + /// can be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console + /// or using the Prism Central API. #[serde(default, skip_serializing_if = "Option::is_none")] pub project: Option, - /// subnet is to identify the cluster's network subnet to use for the Machine's VM The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. + /// subnet is to identify the cluster's network subnet to use for the Machine's VM + /// The cluster identifier (uuid or name) can be obtained from the Prism Central console + /// or using the Prism Central API. pub subnet: NutanixMachineConfigSubnet, - /// systemDiskSize is size (in Quantity format) of the system disk of the VM The minimum systemDiskSize is 20Gi bytes + /// systemDiskSize is size (in Quantity format) of the system disk of the VM + /// The minimum systemDiskSize is 20Gi bytes #[serde(rename = "systemDiskSize")] pub system_disk_size: IntOrString, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -57,14 +71,15 @@ pub struct NutanixMachineConfigSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NutanixMachineConfigAdditionalCategories { /// key is the Key of the category in the Prism Central. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, + pub key: String, /// value is the category value linked to the key in the Prism Central. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub value: String, } -/// cluster is to identify the cluster (the Prism Element under management of the Prism Central), in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the prism_central API. +/// cluster is to identify the cluster (the Prism Element under management +/// of the Prism Central), in which the Machine's VM will be created. +/// The cluster identifier (uuid or name) can be obtained from the Prism Central console +/// or using the prism_central API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct NutanixMachineConfigCluster { /// name is the resource name in the PC @@ -78,7 +93,10 @@ pub struct NutanixMachineConfigCluster { pub uuid: Option, } -/// cluster is to identify the cluster (the Prism Element under management of the Prism Central), in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the prism_central API. +/// cluster is to identify the cluster (the Prism Element under management +/// of the Prism Central), in which the Machine's VM will be created. +/// The cluster identifier (uuid or name) can be obtained from the Prism Central console +/// or using the prism_central API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum NutanixMachineConfigClusterType { #[serde(rename = "uuid")] @@ -110,7 +128,11 @@ pub enum NutanixMachineConfigGpusType { Name, } -/// image is to identify the OS image uploaded to the Prism Central (PC) The image identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. It must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. +/// image is to identify the OS image uploaded to the Prism Central (PC) +/// The image identifier (uuid or name) can be obtained from the Prism Central console +/// or using the Prism Central API. +/// It must include the Kubernetes version(s). For example, a template used for +/// Kubernetes 1.27 could be ubuntu-2204-1.27. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct NutanixMachineConfigImage { /// name is the resource name in the PC @@ -124,7 +146,11 @@ pub struct NutanixMachineConfigImage { pub uuid: Option, } -/// image is to identify the OS image uploaded to the Prism Central (PC) The image identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. It must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. +/// image is to identify the OS image uploaded to the Prism Central (PC) +/// The image identifier (uuid or name) can be obtained from the Prism Central console +/// or using the Prism Central API. +/// It must include the Kubernetes version(s). For example, a template used for +/// Kubernetes 1.27 could be ubuntu-2204-1.27. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum NutanixMachineConfigImageType { #[serde(rename = "uuid")] @@ -133,7 +159,9 @@ pub enum NutanixMachineConfigImageType { Name, } -/// Project is an optional property that specifies the Prism Central project so that machine resources can be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. +/// Project is an optional property that specifies the Prism Central project so that machine resources +/// can be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console +/// or using the Prism Central API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct NutanixMachineConfigProject { /// name is the resource name in the PC @@ -147,7 +175,9 @@ pub struct NutanixMachineConfigProject { pub uuid: Option, } -/// Project is an optional property that specifies the Prism Central project so that machine resources can be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. +/// Project is an optional property that specifies the Prism Central project so that machine resources +/// can be linked to it. The project identifier (uuid or name) can be obtained from the Prism Central console +/// or using the Prism Central API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum NutanixMachineConfigProjectType { #[serde(rename = "uuid")] @@ -156,7 +186,9 @@ pub enum NutanixMachineConfigProjectType { Name, } -/// subnet is to identify the cluster's network subnet to use for the Machine's VM The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. +/// subnet is to identify the cluster's network subnet to use for the Machine's VM +/// The cluster identifier (uuid or name) can be obtained from the Prism Central console +/// or using the Prism Central API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct NutanixMachineConfigSubnet { /// name is the resource name in the PC @@ -170,7 +202,9 @@ pub struct NutanixMachineConfigSubnet { pub uuid: Option, } -/// subnet is to identify the cluster's network subnet to use for the Machine's VM The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the Prism Central API. +/// subnet is to identify the cluster's network subnet to use for the Machine's VM +/// The cluster identifier (uuid or name) can be obtained from the Prism Central console +/// or using the Prism Central API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum NutanixMachineConfigSubnetType { #[serde(rename = "uuid")] @@ -190,7 +224,8 @@ pub struct NutanixMachineConfigUsers { /// NutanixMachineConfigStatus defines the observed state of NutanixMachineConfig. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NutanixMachineConfigStatus { - /// Addresses contains the Nutanix VM associated addresses. Address type is one of Hostname, ExternalIP, InternalIP, ExternalDNS, InternalDNS + /// Addresses contains the Nutanix VM associated addresses. + /// Address type is one of Hostname, ExternalIP, InternalIP, ExternalDNS, InternalDNS #[serde(default, skip_serializing_if = "Option::is_none")] pub addresses: Option>, /// Conditions defines current service state of the NutanixMachine. @@ -223,22 +258,33 @@ pub struct NutanixMachineConfigStatusNodeRef { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs index 894c6b233..5a252a80f 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/snowmachineconfigs.rs @@ -39,10 +39,12 @@ pub struct SnowMachineConfigSpec { /// NonRootVolumes provides the configuration options for the non root storage volumes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nonRootVolumes")] pub non_root_volumes: Option>, - /// OSFamily is the node instance OS. Valid values: "bottlerocket" and "ubuntu". + /// OSFamily is the node instance OS. + /// Valid values: "bottlerocket" and "ubuntu". #[serde(default, skip_serializing_if = "Option::is_none", rename = "osFamily")] pub os_family: Option, - /// PhysicalNetworkConnector is the physical network connector type to use for creating direct network interfaces (DNI). Valid values: "SFP_PLUS" (default), "QSFP" and "RJ45". + /// PhysicalNetworkConnector is the physical network connector type to use for creating direct network interfaces (DNI). + /// Valid values: "SFP_PLUS" (default), "QSFP" and "RJ45". #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalNetworkConnector")] pub physical_network_connector: Option, /// SSHKeyName is the name of the ssh key defined in the aws snow key pairs, to attach to the instance. @@ -56,7 +58,8 @@ pub struct SnowMachineConfigContainersVolume { /// Device name #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, - /// Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). + /// Size specifies size (in Gi) of the storage device. + /// Must be greater than the image snapshot size or 8 (whichever is greater). pub size: i64, /// Type is the type of the volume (sbp1 for capacity-optimized HDD, sbg1 performance-optimized SSD, default is sbp1) #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] @@ -75,7 +78,8 @@ pub enum SnowMachineConfigContainersVolumeType { /// HostOSConfiguration provides OS specific configurations for the machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SnowMachineConfigHostOsConfiguration { - /// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket. + /// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. + /// These settings only take effect when the `osFamily` is bottlerocket. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bottlerocketConfiguration")] pub bottlerocket_configuration: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "certBundles")] @@ -85,7 +89,8 @@ pub struct SnowMachineConfigHostOsConfiguration { pub ntp_configuration: Option, } -/// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket. +/// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. +/// These settings only take effect when the `osFamily` is bottlerocket. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SnowMachineConfigHostOsConfigurationBottlerocketConfiguration { /// Boot defines the boot settings for bottlerocket. @@ -123,13 +128,16 @@ pub struct SnowMachineConfigHostOsConfigurationBottlerocketConfigurationKubernet /// ClusterDNSIPs defines IP addresses of the DNS servers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNSIPs")] pub cluster_dnsi_ps: Option>, - /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains + /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers + /// to search this domain before the host’s search domains #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDomain")] pub cluster_domain: Option, - /// ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container + /// ContainerLogMaxFiles specifies the maximum number of container log + /// files that can be present for a container #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxFiles")] pub container_log_max_files: Option, - /// ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated + /// ContainerLogMaxSize is a quantity defining the maximum size of + /// the container log file before it is rotated #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxSize")] pub container_log_max_size: Option, /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits @@ -138,7 +146,8 @@ pub struct SnowMachineConfigHostOsConfigurationBottlerocketConfigurationKubernet /// CPUManagerPolicy is the name of the policy to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicy")] pub cpu_manager_policy: Option, - /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies + /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to + /// fine tune the behaviour of the cpu manager policies #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicyOptions")] pub cpu_manager_policy_options: Option>, /// CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager. @@ -153,16 +162,19 @@ pub struct SnowMachineConfigHostOsConfigurationBottlerocketConfigurationKubernet /// EvictionHard is a map of signal names to quantities that defines hard eviction thresholds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] pub eviction_hard: Option>, - /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. + /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use + /// when terminating pods in response to a soft eviction threshold being met. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] pub eviction_max_pod_grace_period: Option, /// EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] pub eviction_soft: Option>, - /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal. + /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods + /// for each soft eviction signal. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] pub eviction_soft_grace_period: Option>, - /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. + /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage + /// collection is always run. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] pub image_gc_high_threshold_percent: Option, /// ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. @@ -174,7 +186,8 @@ pub struct SnowMachineConfigHostOsConfigurationBottlerocketConfigurationKubernet /// KubeAPIQPS is the QPS to use while talking with kubernetes apiserver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] pub kube_apiqps: Option, - /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components + /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources + /// reserved for kubernetes system components #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] pub kube_reserved: Option>, /// MaxPods defines the maximum number of pods that can run on a node. @@ -195,19 +208,23 @@ pub struct SnowMachineConfigHostOsConfigurationBottlerocketConfigurationKubernet /// RegistryPullQPS is the limit of registry pulls per second. #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryPullQPS")] pub registry_pull_qps: Option, - /// ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown. + /// ShutdownGracePeriod specifies the total duration that the node should delay + /// the shutdown and total grace period for pod termination during a node shutdown. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriod")] pub shutdown_grace_period: Option, - /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. + /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate + /// critical pods during a node shutdown. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriodCriticalPods")] pub shutdown_grace_period_critical_pods: Option, - /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components. + /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe + /// resources reserved for non-kubernetes components. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] pub system_reserved: Option>, /// TopologyManagerPolicy is the name of the topology manager policy to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerPolicy")] pub topology_manager_policy: Option, - /// TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate. + /// TopologyManagerScope represents the scope of topology hint generation + /// that topology manager requests and hint providers generate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerScope")] pub topology_manager_scope: Option, } @@ -245,7 +262,8 @@ pub struct SnowMachineConfigNetworkDirectNetworkInterfaces { /// Index is the index number of DNI used to clarify the position in the list. Usually starts with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub index: Option, - /// IPPool contains a reference to a snow ip pool which provides a range of ip addresses. When specified, an ip address selected from the pool is allocated to this DNI. + /// IPPool contains a reference to a snow ip pool which provides a range of ip addresses. + /// When specified, an ip address selected from the pool is allocated to this DNI. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipPoolRef")] pub ip_pool_ref: Option, /// Primary indicates whether the DNI is primary or not. @@ -256,7 +274,8 @@ pub struct SnowMachineConfigNetworkDirectNetworkInterfaces { pub vlan_id: Option, } -/// IPPool contains a reference to a snow ip pool which provides a range of ip addresses. When specified, an ip address selected from the pool is allocated to this DNI. +/// IPPool contains a reference to a snow ip pool which provides a range of ip addresses. +/// When specified, an ip address selected from the pool is allocated to this DNI. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SnowMachineConfigNetworkDirectNetworkInterfacesIpPoolRef { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -265,20 +284,21 @@ pub struct SnowMachineConfigNetworkDirectNetworkInterfacesIpPoolRef { pub name: Option, } -/// Volume encapsulates the configuration options for the storage device TODO: Trim the fields that do not apply for Snow. +/// Volume encapsulates the configuration options for the storage device #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SnowMachineConfigNonRootVolumes { /// Device name #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, - /// Size specifies size (in Gi) of the storage device. Must be greater than the image snapshot size or 8 (whichever is greater). + /// Size specifies size (in Gi) of the storage device. + /// Must be greater than the image snapshot size or 8 (whichever is greater). pub size: i64, /// Type is the type of the volume (sbp1 for capacity-optimized HDD, sbg1 performance-optimized SSD, default is sbp1) #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// Volume encapsulates the configuration options for the storage device TODO: Trim the fields that do not apply for Snow. +/// Volume encapsulates the configuration options for the storage device #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum SnowMachineConfigNonRootVolumesType { #[serde(rename = "sbp1")] @@ -290,7 +310,8 @@ pub enum SnowMachineConfigNonRootVolumesType { /// SnowMachineConfigStatus defines the observed state of SnowMachineConfig. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SnowMachineConfigStatus { - /// FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message. + /// FailureMessage indicates that there is a fatal problem reconciling the + /// state, and will be set to a descriptive error message. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, /// SpecValid is set to true if vspheredatacenterconfig is validated. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbelldatacenterconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbelldatacenterconfigs.rs index 2b8b2d873..26a765a44 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbelldatacenterconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbelldatacenterconfigs.rs @@ -20,13 +20,27 @@ pub struct TinkerbellDatacenterConfigSpec { /// HookImagesURLPath can be used to override the default Hook images path to pull from a local server. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hookImagesURLPath")] pub hook_images_url_path: Option, + /// HookIsoURL is the URL of ISO image that will be used to provision the hardware + /// during one time boot process. + /// It can be used to override the default Hook OS ISO image to pull from a local server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hookIsoURL")] + pub hook_iso_url: Option, + /// IsoBoot can be used to indicate that the hardware should boot using an ISO. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "isoBoot")] + pub iso_boot: Option, /// LoadBalancerInterface can be used to configure a load balancer interface for the Tinkerbell stack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerInterface")] pub load_balancer_interface: Option, - /// OSImageURL can be used to override the default OS image path to pull from a local server. OSImageURL is a URL to the OS image used during provisioning. To perform modular upgrades the OSImageURL must be specified on the TinkerbellMachineConfig objects. You cannot specify an OSImageURL on the TinkerbellDatacenterConfig and TinkerbellMachineConfigs simultaneously. It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could be http://localhost:8080/ubuntu-2204-1.27.tgz + /// OSImageURL can be used to override the default OS image path to pull from a local server. + /// OSImageURL is a URL to the OS image used during provisioning. To perform modular upgrades + /// the OSImageURL must be specified on the TinkerbellMachineConfig objects. You cannot specify + /// an OSImageURL on the TinkerbellDatacenterConfig and TinkerbellMachineConfigs simultaneously. + /// It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could + /// be http://localhost:8080/ubuntu-2204-1.27.tgz #[serde(default, skip_serializing_if = "Option::is_none", rename = "osImageURL")] pub os_image_url: Option, - /// SkipLoadBalancerDeployment when set to "true" can be used to skip deploying a load balancer to expose Tinkerbell stack. Users will need to deploy and configure a load balancer manually after the cluster is created. + /// SkipLoadBalancerDeployment when set to "true" can be used to skip deploying a load balancer to expose Tinkerbell stack. + /// Users will need to deploy and configure a load balancer manually after the cluster is created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLoadBalancerDeployment")] pub skip_load_balancer_deployment: Option, /// TinkerbellIP is used to configure a VIP for hosting the Tinkerbell services. @@ -34,8 +48,9 @@ pub struct TinkerbellDatacenterConfigSpec { pub tinkerbell_ip: String, } -/// TinkerbellDatacenterConfigStatus defines the observed state of TinkerbellDatacenterConfig -/// Important: Run "make generate" to regenerate code after modifying this file. +/// TinkerbellDatacenterConfigStatus defines the observed state of TinkerbellDatacenterConfig +/// +/// Important: Run "make generate" to regenerate code after modifying this file. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TinkerbellDatacenterConfigStatus { } diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs index ae26cbef3..06bb1777e 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/tinkerbellmachineconfigs.rs @@ -26,7 +26,10 @@ pub struct TinkerbellMachineConfigSpec { pub host_os_configuration: Option, #[serde(rename = "osFamily")] pub os_family: String, - /// OSImageURL can be used to override the default OS image path to pull from a local server. OSImageURL is a URL to the OS image used during provisioning. It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could be http://localhost:8080/ubuntu-2204-1.27.tgz + /// OSImageURL can be used to override the default OS image path to pull from a local server. + /// OSImageURL is a URL to the OS image used during provisioning. It must include + /// the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could + /// be http://localhost:8080/ubuntu-2204-1.27.tgz #[serde(default, skip_serializing_if = "Option::is_none", rename = "osImageURL")] pub os_image_url: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateRef")] @@ -38,7 +41,8 @@ pub struct TinkerbellMachineConfigSpec { /// HostOSConfiguration defines the configuration settings on the host OS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TinkerbellMachineConfigHostOsConfiguration { - /// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket. + /// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. + /// These settings only take effect when the `osFamily` is bottlerocket. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bottlerocketConfiguration")] pub bottlerocket_configuration: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "certBundles")] @@ -48,7 +52,8 @@ pub struct TinkerbellMachineConfigHostOsConfiguration { pub ntp_configuration: Option, } -/// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket. +/// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. +/// These settings only take effect when the `osFamily` is bottlerocket. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TinkerbellMachineConfigHostOsConfigurationBottlerocketConfiguration { /// Boot defines the boot settings for bottlerocket. @@ -86,13 +91,16 @@ pub struct TinkerbellMachineConfigHostOsConfigurationBottlerocketConfigurationKu /// ClusterDNSIPs defines IP addresses of the DNS servers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNSIPs")] pub cluster_dnsi_ps: Option>, - /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains + /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers + /// to search this domain before the host’s search domains #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDomain")] pub cluster_domain: Option, - /// ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container + /// ContainerLogMaxFiles specifies the maximum number of container log + /// files that can be present for a container #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxFiles")] pub container_log_max_files: Option, - /// ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated + /// ContainerLogMaxSize is a quantity defining the maximum size of + /// the container log file before it is rotated #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxSize")] pub container_log_max_size: Option, /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits @@ -101,7 +109,8 @@ pub struct TinkerbellMachineConfigHostOsConfigurationBottlerocketConfigurationKu /// CPUManagerPolicy is the name of the policy to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicy")] pub cpu_manager_policy: Option, - /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies + /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to + /// fine tune the behaviour of the cpu manager policies #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicyOptions")] pub cpu_manager_policy_options: Option>, /// CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager. @@ -116,16 +125,19 @@ pub struct TinkerbellMachineConfigHostOsConfigurationBottlerocketConfigurationKu /// EvictionHard is a map of signal names to quantities that defines hard eviction thresholds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] pub eviction_hard: Option>, - /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. + /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use + /// when terminating pods in response to a soft eviction threshold being met. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] pub eviction_max_pod_grace_period: Option, /// EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] pub eviction_soft: Option>, - /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal. + /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods + /// for each soft eviction signal. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] pub eviction_soft_grace_period: Option>, - /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. + /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage + /// collection is always run. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] pub image_gc_high_threshold_percent: Option, /// ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. @@ -137,7 +149,8 @@ pub struct TinkerbellMachineConfigHostOsConfigurationBottlerocketConfigurationKu /// KubeAPIQPS is the QPS to use while talking with kubernetes apiserver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] pub kube_apiqps: Option, - /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components + /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources + /// reserved for kubernetes system components #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] pub kube_reserved: Option>, /// MaxPods defines the maximum number of pods that can run on a node. @@ -158,19 +171,23 @@ pub struct TinkerbellMachineConfigHostOsConfigurationBottlerocketConfigurationKu /// RegistryPullQPS is the limit of registry pulls per second. #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryPullQPS")] pub registry_pull_qps: Option, - /// ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown. + /// ShutdownGracePeriod specifies the total duration that the node should delay + /// the shutdown and total grace period for pod termination during a node shutdown. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriod")] pub shutdown_grace_period: Option, - /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. + /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate + /// critical pods during a node shutdown. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriodCriticalPods")] pub shutdown_grace_period_critical_pods: Option, - /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components. + /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe + /// resources reserved for non-kubernetes components. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] pub system_reserved: Option>, /// TopologyManagerPolicy is the name of the topology manager policy to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerPolicy")] pub topology_manager_policy: Option, - /// TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate. + /// TopologyManagerScope represents the scope of topology hint generation + /// that topology manager requests and hint providers generate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerScope")] pub topology_manager_scope: Option, } diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheredatacenterconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheredatacenterconfigs.rs index fdacafff0..d43fb10ef 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheredatacenterconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheredatacenterconfigs.rs @@ -19,16 +19,38 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct VSphereDatacenterConfigSpec { pub datacenter: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] + pub failure_domains: Option>, pub insecure: bool, pub network: String, pub server: String, pub thumbprint: String, } +/// FailureDomain defines the list of failure domains to spread the VMs across. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereDatacenterConfigFailureDomains { + /// ComputeCluster is the name or inventory path of the computecluster in which the VM is created/located + #[serde(rename = "computeCluster")] + pub compute_cluster: String, + /// Datastore is the name or inventory path of the datastore in which the VM is created/located + pub datastore: String, + /// Folder is the name or inventory path of the folder in which the the VM is created/located + pub folder: String, + /// Name is used as a unique identifier for each failure domain. + pub name: String, + /// Network is the name or inventory path of the network which will be added to the VM + pub network: String, + /// ResourcePool is the name or inventory path of the resource pool in which the VM is created/located + #[serde(rename = "resourcePool")] + pub resource_pool: String, +} + /// VSphereDatacenterConfigStatus defines the observed state of VSphereDatacenterConfig. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VSphereDatacenterConfigStatus { - /// FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message. + /// FailureMessage indicates that there is a fatal problem reconciling the + /// state, and will be set to a descriptive error message. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, /// ObservedGeneration is the latest generation observed by the controller. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs index d115c63de..630f75895 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/vspheremachineconfigs.rs @@ -40,7 +40,8 @@ pub struct VSphereMachineConfigSpec { pub storage_policy_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, - /// Template field is the template to use for provisioning the VM. It must include the Kubernetes version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. + /// Template field is the template to use for provisioning the VM. It must include the Kubernetes + /// version(s). For example, a template used for Kubernetes 1.27 could be ubuntu-2204-1.27. #[serde(default, skip_serializing_if = "Option::is_none")] pub template: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -59,7 +60,8 @@ pub enum VSphereMachineConfigCloneMode { /// HostOSConfiguration defines the configuration settings on the host OS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VSphereMachineConfigHostOsConfiguration { - /// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket. + /// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. + /// These settings only take effect when the `osFamily` is bottlerocket. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bottlerocketConfiguration")] pub bottlerocket_configuration: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "certBundles")] @@ -69,7 +71,8 @@ pub struct VSphereMachineConfigHostOsConfiguration { pub ntp_configuration: Option, } -/// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. These settings only take effect when the `osFamily` is bottlerocket. +/// BottlerocketConfiguration defines the Bottlerocket configuration on the host OS. +/// These settings only take effect when the `osFamily` is bottlerocket. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VSphereMachineConfigHostOsConfigurationBottlerocketConfiguration { /// Boot defines the boot settings for bottlerocket. @@ -107,13 +110,16 @@ pub struct VSphereMachineConfigHostOsConfigurationBottlerocketConfigurationKuber /// ClusterDNSIPs defines IP addresses of the DNS servers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDNSIPs")] pub cluster_dnsi_ps: Option>, - /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers to search this domain before the host’s search domains + /// ClusterDomain defines the DNS domain for the cluster, allowing all Kubernetes-run containers + /// to search this domain before the host’s search domains #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDomain")] pub cluster_domain: Option, - /// ContainerLogMaxFiles specifies the maximum number of container log files that can be present for a container + /// ContainerLogMaxFiles specifies the maximum number of container log + /// files that can be present for a container #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxFiles")] pub container_log_max_files: Option, - /// ContainerLogMaxSize is a quantity defining the maximum size of the container log file before it is rotated + /// ContainerLogMaxSize is a quantity defining the maximum size of + /// the container log file before it is rotated #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerLogMaxSize")] pub container_log_max_size: Option, /// CPUCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits @@ -122,7 +128,8 @@ pub struct VSphereMachineConfigHostOsConfigurationBottlerocketConfigurationKuber /// CPUManagerPolicy is the name of the policy to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicy")] pub cpu_manager_policy: Option, - /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to fine tune the behaviour of the cpu manager policies + /// CPUManagerPolicyOptions is a set of key=value which allows to set extra options to + /// fine tune the behaviour of the cpu manager policies #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuManagerPolicyOptions")] pub cpu_manager_policy_options: Option>, /// CPUManagerReconcilePeriod is the reconciliation period for the CPU Manager. @@ -137,16 +144,19 @@ pub struct VSphereMachineConfigHostOsConfigurationBottlerocketConfigurationKuber /// EvictionHard is a map of signal names to quantities that defines hard eviction thresholds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionHard")] pub eviction_hard: Option>, - /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. + /// EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use + /// when terminating pods in response to a soft eviction threshold being met. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionMaxPodGracePeriod")] pub eviction_max_pod_grace_period: Option, /// EvictionSoft is a map of signal names to quantities that defines soft eviction thresholds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoft")] pub eviction_soft: Option>, - /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods for each soft eviction signal. + /// EvictionSoftGracePeriod is a map of signal names to quantities that defines grace periods + /// for each soft eviction signal. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionSoftGracePeriod")] pub eviction_soft_grace_period: Option>, - /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. + /// ImageGCHighThresholdPercent is the percent of disk usage after which image garbage + /// collection is always run. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageGCHighThresholdPercent")] pub image_gc_high_threshold_percent: Option, /// ImageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. @@ -158,7 +168,8 @@ pub struct VSphereMachineConfigHostOsConfigurationBottlerocketConfigurationKuber /// KubeAPIQPS is the QPS to use while talking with kubernetes apiserver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeAPIQPS")] pub kube_apiqps: Option, - /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for kubernetes system components + /// KubeReserved is a set of ResourceName=ResourceQuantity pairs that describe resources + /// reserved for kubernetes system components #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeReserved")] pub kube_reserved: Option>, /// MaxPods defines the maximum number of pods that can run on a node. @@ -179,19 +190,23 @@ pub struct VSphereMachineConfigHostOsConfigurationBottlerocketConfigurationKuber /// RegistryPullQPS is the limit of registry pulls per second. #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryPullQPS")] pub registry_pull_qps: Option, - /// ShutdownGracePeriod specifies the total duration that the node should delay the shutdown and total grace period for pod termination during a node shutdown. + /// ShutdownGracePeriod specifies the total duration that the node should delay + /// the shutdown and total grace period for pod termination during a node shutdown. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriod")] pub shutdown_grace_period: Option, - /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate critical pods during a node shutdown. + /// ShutdownGracePeriodCriticalPods specifies the duration used to terminate + /// critical pods during a node shutdown. #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownGracePeriodCriticalPods")] pub shutdown_grace_period_critical_pods: Option, - /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe resources reserved for non-kubernetes components. + /// SystemReserved is a set of ResourceName=ResourceQuantity pairs that describe + /// resources reserved for non-kubernetes components. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemReserved")] pub system_reserved: Option>, /// TopologyManagerPolicy is the name of the topology manager policy to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerPolicy")] pub topology_manager_policy: Option, - /// TopologyManagerScope represents the scope of topology hint generation that topology manager requests and hint providers generate. + /// TopologyManagerScope represents the scope of topology hint generation + /// that topology manager requests and hint providers generate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyManagerScope")] pub topology_manager_scope: Option, } diff --git a/kube-custom-resources-rs/src/api_clever_cloud_com/mod.rs b/kube-custom-resources-rs/src/api_clever_cloud_com/mod.rs index 517ec8539..5a1e26059 100644 --- a/kube-custom-resources-rs/src/api_clever_cloud_com/mod.rs +++ b/kube-custom-resources-rs/src/api_clever_cloud_com/mod.rs @@ -1,2 +1,3 @@ pub mod v1; +pub mod v1alpha1; pub mod v1beta1; diff --git a/kube-custom-resources-rs/src/api_clever_cloud_com/v1/mysqls.rs b/kube-custom-resources-rs/src/api_clever_cloud_com/v1/mysqls.rs index 9d1f5ada8..528c1b893 100644 --- a/kube-custom-resources-rs/src/api_clever_cloud_com/v1/mysqls.rs +++ b/kube-custom-resources-rs/src/api_clever_cloud_com/v1/mysqls.rs @@ -40,6 +40,8 @@ pub enum MySqlOptionsVersion { r#_57, #[serde(rename = "80")] r#_80, + #[serde(rename = "84")] + r#_84, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/api_clever_cloud_com/v1/postgresqls.rs b/kube-custom-resources-rs/src/api_clever_cloud_com/v1/postgresqls.rs index b164d2f32..0046d0841 100644 --- a/kube-custom-resources-rs/src/api_clever_cloud_com/v1/postgresqls.rs +++ b/kube-custom-resources-rs/src/api_clever_cloud_com/v1/postgresqls.rs @@ -36,16 +36,18 @@ pub struct PostgreSqlOptions { #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum PostgreSqlOptionsVersion { - #[serde(rename = "14")] - r#_14, - #[serde(rename = "13")] - r#_13, - #[serde(rename = "12")] - r#_12, - #[serde(rename = "11")] - r#_11, #[serde(rename = "10")] r#_10, + #[serde(rename = "11")] + r#_11, + #[serde(rename = "12")] + r#_12, + #[serde(rename = "13")] + r#_13, + #[serde(rename = "14")] + r#_14, + #[serde(rename = "15")] + r#_15, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/api_clever_cloud_com/v1/redis.rs b/kube-custom-resources-rs/src/api_clever_cloud_com/v1/redis.rs index bb7627b66..3252fb543 100644 --- a/kube-custom-resources-rs/src/api_clever_cloud_com/v1/redis.rs +++ b/kube-custom-resources-rs/src/api_clever_cloud_com/v1/redis.rs @@ -40,6 +40,8 @@ pub enum RedisOptionsVersion { r#_626, #[serde(rename = "704")] r#_704, + #[serde(rename = "724")] + r#_724, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/kvs.rs b/kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/kvs.rs new file mode 100644 index 000000000..c7b6be851 --- /dev/null +++ b/kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/kvs.rs @@ -0,0 +1,34 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/CleverCloud/clever-operator/api.clever-cloud.com/v1alpha1/kvs.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; +} +use self::prelude::*; + +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "api.clever-cloud.com", version = "v1alpha1", kind = "KV", plural = "kvs")] +#[kube(namespaced)] +#[kube(status = "KVStatus")] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct KVSpec { + pub instance: KVInstance, + pub organisation: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KVInstance { + pub region: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KVStatus { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub addon: Option, +} + diff --git a/kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/mod.rs b/kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/mod.rs new file mode 100644 index 000000000..ae0d5c3b7 --- /dev/null +++ b/kube-custom-resources-rs/src/api_clever_cloud_com/v1alpha1/mod.rs @@ -0,0 +1 @@ +pub mod kvs; diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/apis.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/apis.rs index 05e113206..42afcff1b 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/apis.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/apis.rs @@ -22,45 +22,85 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct APISpec { + /// An API key selection expression. Supported only for WebSocket APIs. See API + /// Key Selection Expressions (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions). #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKeySelectionExpression")] pub api_key_selection_expression: Option, + /// Specifies how to interpret the base path of the API during import. Valid + /// values are ignore, prepend, and split. The default value is ignore. To learn + /// more, see Set the OpenAPI basePath Property (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api-basePath.html). + /// Supported only for HTTP APIs. #[serde(default, skip_serializing_if = "Option::is_none")] pub basepath: Option, + /// The OpenAPI definition. Supported only for HTTP APIs. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Represents a CORS configuration. Supported only for HTTP APIs. See Configuring - /// CORS (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) + /// A CORS configuration. Supported only for HTTP APIs. See Configuring CORS + /// (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) /// for more information. #[serde(default, skip_serializing_if = "Option::is_none", rename = "corsConfiguration")] pub cors_configuration: Option, + /// This property is part of quick create. It specifies the credentials required + /// for the integration, if any. For a Lambda integration, three options are + /// available. To specify an IAM Role for API Gateway to assume, use the role's + /// Amazon Resource Name (ARN). To require that the caller's identity be passed + /// through from the request, specify arn:aws:iam::*:user/*. To use resource-based + /// permissions on supported AWS services, specify null. Currently, this property + /// is not used for HTTP integrations. Supported only for HTTP APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "credentialsARN")] pub credentials_arn: Option, + /// The description of the API. #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, + /// Specifies whether clients can invoke your API by using the default execute-api + /// endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com + /// endpoint. To require that clients use a custom domain name to invoke your + /// API, disable the default endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableExecuteAPIEndpoint")] pub disable_execute_api_endpoint: Option, + /// Avoid validating models when creating a deployment. Supported only for WebSocket + /// APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableSchemaValidation")] pub disable_schema_validation: Option, + /// Specifies whether to rollback the API creation when a warning is encountered. + /// By default, API creation continues if a warning is encountered. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failOnWarnings")] pub fail_on_warnings: Option, + /// The name of the API. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// The API protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protocolType")] pub protocol_type: Option, + /// This property is part of quick create. If you don't specify a routeKey, a + /// default route of $default is created. The $default route acts as a catch-all + /// for any request made to your API, for a particular stage. The $default route + /// key can't be modified. You can add routes after creating the API, and you + /// can update the route keys of additional routes. Supported only for HTTP APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeKey")] pub route_key: Option, + /// The route selection expression for the API. For HTTP APIs, the routeSelectionExpression + /// must be ${request.method} ${request.path}. If not provided, this will be + /// the default for HTTP APIs. This property is required for WebSocket APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeSelectionExpression")] pub route_selection_expression: Option, + /// The collection of tags. Each tag element is associated with a given resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, + /// This property is part of quick create. Quick create produces an API with + /// an integration, a default catch-all route, and a default stage which is configured + /// to automatically deploy changes. For HTTP integrations, specify a fully qualified + /// URL. For Lambda integrations, specify a function ARN. The type of the integration + /// will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs. #[serde(default, skip_serializing_if = "Option::is_none")] pub target: Option, + /// A version identifier for the API. #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } -/// Represents a CORS configuration. Supported only for HTTP APIs. See Configuring -/// CORS (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) +/// A CORS configuration. Supported only for HTTP APIs. See Configuring CORS +/// (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) /// for more information. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APICorsConfiguration { @@ -91,22 +131,35 @@ pub struct APIStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, + /// The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. + /// The stage name is typically appended to this URI to form a complete path + /// to a deployed API stage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiEndpoint")] pub api_endpoint: Option, + /// Specifies whether an API is managed by API Gateway. You can't update or delete + /// a managed API by using API Gateway. A managed API can be deleted only through + /// the tooling or service that created it. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGatewayManaged")] pub api_gateway_managed: Option, + /// The API ID. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiID")] pub api_id: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// The timestamp when the API was created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "createdDate")] pub created_date: Option, + /// The validation information during API import. This may include particular + /// properties of your OpenAPI definition which are ignored during import. Supported + /// only for HTTP APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "importInfo")] pub import_info: Option>, + /// The warning messages reported when failonwarnings is turned on during API + /// import. #[serde(default, skip_serializing_if = "Option::is_none")] pub warnings: Option>, } diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs index c451dbb8c..adc5234a1 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs @@ -21,6 +21,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct AuthorizerSpec { + /// The API identifier. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiID")] pub api_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -32,26 +33,76 @@ pub struct AuthorizerSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiRef")] pub api_ref: Option, + /// Specifies the required credentials as an IAM role for API Gateway to invoke + /// the authorizer. To specify an IAM role for API Gateway to assume, use the + /// role's Amazon Resource Name (ARN). To use resource-based permissions on the + /// Lambda function, don't specify this parameter. Supported only for REQUEST + /// authorizers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizerCredentialsARN")] pub authorizer_credentials_arn: Option, + /// Specifies the format of the payload sent to an HTTP API Lambda authorizer. + /// Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. + /// To learn more, see Working with AWS Lambda authorizers for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizerPayloadFormatVersion")] pub authorizer_payload_format_version: Option, + /// The time to live (TTL) for cached authorizer results, in seconds. If it equals + /// 0, authorization caching is disabled. If it is greater than 0, API Gateway + /// caches authorizer responses. The maximum value is 3600, or 1 hour. Supported + /// only for HTTP API Lambda authorizers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizerResultTTLInSeconds")] pub authorizer_result_ttl_in_seconds: Option, + /// The authorizer type. Specify REQUEST for a Lambda function using incoming + /// request parameters. Specify JWT to use JSON Web Tokens (supported only for + /// HTTP APIs). #[serde(rename = "authorizerType")] pub authorizer_type: String, + /// The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, + /// this must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. + /// In general, the URI has this form: arn:aws:apigateway:{region}:lambda:path/{service_api} + /// , where {region} is the same as the region hosting the Lambda function, path + /// indicates that the remaining substring in the URI should be treated as the + /// path to the resource, including the initial /. For Lambda functions, this + /// is usually of the form /2015-03-31/functions/[FunctionARN]/invocations. Supported + /// only for REQUEST authorizers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizerURI")] pub authorizer_uri: Option, + /// Specifies whether a Lambda authorizer returns a response in a simple format. + /// By default, a Lambda authorizer must return an IAM policy. If enabled, the + /// Lambda authorizer can return a boolean value instead of an IAM policy. Supported + /// only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers + /// for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html) #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableSimpleResponses")] pub enable_simple_responses: Option, + /// The identity source for which authorization is requested. + /// + /// For a REQUEST authorizer, this is optional. The value is a set of one or + /// more mapping expressions of the specified request parameters. The identity + /// source can be headers, query string parameters, stage variables, and context + /// parameters. For example, if an Auth header and a Name query string parameter + /// are defined as identity sources, this value is route.request.header.Auth, + /// route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection + /// expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. + /// These parameters are used to perform runtime validation for Lambda-based + /// authorizers by verifying all of the identity-related request parameters are + /// present in the request, not null, and non-empty. Only when this is true does + /// the authorizer invoke the authorizer Lambda function. Otherwise, it returns + /// a 401 Unauthorized response without calling the Lambda function. For HTTP + /// APIs, identity sources are also used as the cache key when caching is enabled. + /// To learn more, see Working with AWS Lambda authorizers for HTTP APIs (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html). + /// + /// For JWT, a single entry that specifies where to extract the JSON Web Token + /// (JWT) from inbound requests. Currently only header-based and query parameter-based + /// selections are supported, for example $request.header.Authorization. #[serde(rename = "identitySource")] pub identity_source: Vec, + /// This parameter is not used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "identityValidationExpression")] pub identity_validation_expression: Option, /// Represents the configuration of a JWT authorizer. Required for the JWT authorizer /// type. Supported only for HTTP APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jwtConfiguration")] pub jwt_configuration: Option, + /// The name of the authorizer. pub name: String, } @@ -99,9 +150,10 @@ pub struct AuthorizerStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, + /// The authorizer identifier. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizerID")] pub authorizer_id: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs index b00c8c1c1..52b6245c3 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs @@ -22,6 +22,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct DeploymentSpec { + /// The API identifier. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiID")] pub api_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -33,8 +34,10 @@ pub struct DeploymentSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiRef")] pub api_ref: Option, + /// The description for the deployment resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, + /// The name of the Stage resource for the Deployment resource to create. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stageName")] pub stage_name: Option, } @@ -72,20 +75,25 @@ pub struct DeploymentStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, + /// Specifies whether a deployment was automatically released. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoDeployed")] pub auto_deployed: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// The date and time when the Deployment resource was created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "createdDate")] pub created_date: Option, + /// The identifier for the deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentID")] pub deployment_id: Option, + /// The status of the deployment: PENDING, FAILED, or SUCCEEDED. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentStatus")] pub deployment_status: Option, + /// May contain additional feedback on the status of an API deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentStatusMessage")] pub deployment_status_message: Option, } diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs index 6f6138a86..8b034b745 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs @@ -22,8 +22,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct RouteSpec { + /// The API identifier. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiID")] pub api_id: Option, + /// Specifies whether an API key is required for the route. Supported only for + /// WebSocket APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKeyRequired")] pub api_key_required: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -35,10 +38,19 @@ pub struct RouteSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiRef")] pub api_ref: Option, + /// The authorization scopes supported by this route. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationScopes")] pub authorization_scopes: Option>, + /// The authorization type for the route. For WebSocket APIs, valid values are + /// NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for + /// using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, + /// JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and + /// CUSTOM for using a Lambda authorizer. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationType")] pub authorization_type: Option, + /// The identifier of the Authorizer resource to be associated with this route. + /// The authorizer identifier is generated by API Gateway when you created the + /// authorizer. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizerID")] pub authorizer_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -50,18 +62,27 @@ pub struct RouteSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizerRef")] pub authorizer_ref: Option, + /// The model selection expression for the route. Supported only for WebSocket + /// APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "modelSelectionExpression")] pub model_selection_expression: Option, + /// The operation name for the route. #[serde(default, skip_serializing_if = "Option::is_none", rename = "operationName")] pub operation_name: Option, + /// The request models for the route. Supported only for WebSocket APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestModels")] pub request_models: Option>, + /// The request parameters for the route. Supported only for WebSocket APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestParameters")] pub request_parameters: Option>, + /// The route key for the route. #[serde(rename = "routeKey")] pub route_key: String, + /// The route response selection expression for the route. Supported only for + /// WebSocket APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeResponseSelectionExpression")] pub route_response_selection_expression: Option, + /// The target for the route. #[serde(default, skip_serializing_if = "Option::is_none")] pub target: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -125,6 +146,7 @@ pub struct RouteAuthorizerRefFrom { pub namespace: Option, } +/// The request parameters for the route. Supported only for WebSocket APIs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RouteRequestParameters { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -164,14 +186,18 @@ pub struct RouteStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, + /// Specifies whether a route is managed by API Gateway. If you created an API + /// using quick create, the $default route is managed by API Gateway. You can't + /// modify the $default route key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGatewayManaged")] pub api_gateway_managed: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// The route ID. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeID")] pub route_id: Option, } diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs index 7460d1dc5..93245e617 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs @@ -22,9 +22,10 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct StageSpec { - /// Settings for logging access in a stage. + /// Settings for logging access in this stage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessLogSettings")] pub access_log_settings: Option, + /// The API identifier. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiID")] pub api_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -36,13 +37,18 @@ pub struct StageSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiRef")] pub api_ref: Option, + /// Specifies whether updates to an API automatically trigger a new deployment. + /// The default value is false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoDeploy")] pub auto_deploy: Option, + /// The identifier of a client certificate for a Stage. Supported only for WebSocket + /// APIs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCertificateID")] pub client_certificate_id: Option, - /// Represents a collection of route settings. + /// The default route settings for the stage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultRouteSettings")] pub default_route_settings: Option, + /// The deployment identifier of the API stage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentID")] pub deployment_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -54,19 +60,25 @@ pub struct StageSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentRef")] pub deployment_ref: Option, + /// The description for the API stage. #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, + /// Route settings for the stage, by routeKey. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeSettings")] pub route_settings: Option>, + /// The name of the stage. #[serde(rename = "stageName")] pub stage_name: String, + /// A map that defines the stage variables for a Stage. Variable names can have + /// alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stageVariables")] pub stage_variables: Option>, + /// The collection of tags. Each tag element is associated with a given resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, } -/// Settings for logging access in a stage. +/// Settings for logging access in this stage. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StageAccessLogSettings { /// Represents an Amazon Resource Name (ARN). @@ -102,7 +114,7 @@ pub struct StageApiRefFrom { pub namespace: Option, } -/// Represents a collection of route settings. +/// The default route settings for the stage. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StageDefaultRouteSettings { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataTraceEnabled")] @@ -143,6 +155,7 @@ pub struct StageDeploymentRefFrom { pub namespace: Option, } +/// Route settings for the stage, by routeKey. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StageRouteSettings { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataTraceEnabled")] @@ -166,18 +179,25 @@ pub struct StageStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, + /// Specifies whether a stage is managed by API Gateway. If you created an API + /// using quick create, the $default stage is managed by API Gateway. You can't + /// modify the $default stage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGatewayManaged")] pub api_gateway_managed: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// The timestamp when the stage was created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "createdDate")] pub created_date: Option, + /// Describes the status of the last deployment of a stage. Supported only for + /// stages with autoDeploy enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastDeploymentStatusMessage")] pub last_deployment_status_message: Option, + /// The timestamp when the stage was last updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastUpdatedDate")] pub last_updated_date: Option, } diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/vpclinks.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/vpclinks.rs index eedf32dc5..ddda2af8a 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/vpclinks.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/vpclinks.rs @@ -22,11 +22,15 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct VPCLinkSpec { + /// The name of the VPC link. pub name: String, + /// A list of security group IDs for the VPC link. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIDs")] pub security_group_i_ds: Option>, + /// A list of subnet IDs to include in the VPC link. #[serde(rename = "subnetIDs")] pub subnet_i_ds: Vec, + /// A list of tags. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, } @@ -39,20 +43,25 @@ pub struct VPCLinkStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// The timestamp when the VPC link was created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "createdDate")] pub created_date: Option, + /// The ID of the VPC link. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcLinkID")] pub vpc_link_id: Option, + /// The status of the VPC link. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcLinkStatus")] pub vpc_link_status: Option, + /// A message summarizing the cause of the status of the VPC link. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcLinkStatusMessage")] pub vpc_link_status_message: Option, + /// The version of the VPC link. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcLinkVersion")] pub vpc_link_version: Option, } diff --git a/kube-custom-resources-rs/src/app_redislabs_com/v1/redisenterpriseclusters.rs b/kube-custom-resources-rs/src/app_redislabs_com/v1/redisenterpriseclusters.rs index 88862db40..c96e5d313 100644 --- a/kube-custom-resources-rs/src/app_redislabs_com/v1/redisenterpriseclusters.rs +++ b/kube-custom-resources-rs/src/app_redislabs_com/v1/redisenterpriseclusters.rs @@ -162,6 +162,9 @@ pub struct RedisEnterpriseClusterSpec { /// Whether databases will turn on RESP3 compatibility upon database upgrade. Note - Deleting this property after explicitly setting its value shall have no effect. Please view the corresponding field in RS doc for more info. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resp3Default")] pub resp3_default: Option, + /// the security configuration that will be applied to RS pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, /// Name of the service account to use #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, @@ -435,6 +438,9 @@ pub struct RedisEnterpriseClusterLdap { /// The maximum TTL of cached entries. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheTTLSeconds")] pub cache_ttl_seconds: Option, + /// The connection timeout to the LDAP server when authenticating a user, in seconds + #[serde(default, skip_serializing_if = "Option::is_none", rename = "directoryTimeoutSeconds")] + pub directory_timeout_seconds: Option, /// Whether to enable LDAP for control plane access. Disabled by default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledForControlPlane")] pub enabled_for_control_plane: Option, @@ -3218,6 +3224,21 @@ pub enum RedisEnterpriseClusterRedisUpgradePolicy { Latest, } +/// the security configuration that will be applied to RS pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RedisEnterpriseClusterSecurityContext { + /// Whether RS containers has a read-only root filesystem and what is the policy. some mandatory paths are still writable so RS can work properly. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystemPolicy")] + pub read_only_root_filesystem_policy: Option, +} + +/// Whether RS containers has a read-only root filesystem and what is the policy. some mandatory paths are still writable so RS can work properly. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RedisEnterpriseClusterSecurityContextReadOnlyRootFilesystemPolicy { + /// Whether RS containers has a read-only root filesystem. Default is false. + pub enabled: bool, +} + /// Customization options for operator-managed service resources created for Redis Enterprise clusters and databases #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseClusterServices { @@ -6753,6 +6774,9 @@ pub struct RedisEnterpriseClusterStatus { /// Versions of open source databases bundled by Redis Enterprise Software - please note that in order to use a specific version it should be supported by the ‘upgradePolicy’ - ‘major’ or ‘latest’ according to the desired version (major/minor) #[serde(default, skip_serializing_if = "Option::is_none", rename = "bundledDatabaseVersions")] pub bundled_database_versions: Option>, + /// Stores information about cluster certificates and their update process. In Active-Active databases, this is used to detect updates to the certificates, and trigger synchronization across the participating clusters. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificatesStatus")] + pub certificates_status: Option, /// The ingressOrRouteSpec/ActiveActive spec method that exist #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressOrRouteMethodStatus")] pub ingress_or_route_method_status: Option, @@ -6786,6 +6810,17 @@ pub struct RedisEnterpriseClusterStatusBundledDatabaseVersions { pub version: String, } +/// Stores information about cluster certificates and their update process. In Active-Active databases, this is used to detect updates to the certificates, and trigger synchronization across the participating clusters. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RedisEnterpriseClusterStatusCertificatesStatus { + /// Generation stores the version of the cluster's Proxy and Syncer certificate secrets. In Active-Active databases, when a user updates the proxy or syncer certificate, a crdb-update command needs to be triggered to avoid potential sync issues. This helps the REAADB controller detect a change in a certificate and trigger a crdb-update. The version of the cluster's Proxy certificate secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub generation: Option, + /// The status of the cluster's certificates update + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseClusterStatusLicenseStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "activationDate")] diff --git a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseactiveactivedatabases.rs b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseactiveactivedatabases.rs index f636d5fd2..9adc09a95 100644 --- a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseactiveactivedatabases.rs +++ b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseactiveactivedatabases.rs @@ -35,7 +35,7 @@ pub struct RedisEnterpriseActiveActiveDatabaseGlobalConfigurations { /// Connection/ association to the Active-Active database. #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeActive")] pub active_active: Option, - /// Settings for database alerts + /// Settings for database alerts. Note - Alert settings are not supported for Active-Active database. #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertSettings")] pub alert_settings: Option, /// Target for automatic database backups. @@ -86,7 +86,7 @@ pub struct RedisEnterpriseActiveActiveDatabaseGlobalConfigurations { /// Connection to Redis Enterprise Cluster #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisEnterpriseCluster")] pub redis_enterprise_cluster: Option, - /// Redis OSS version. Version can be specified via prefix, or via channels - for existing databases - Upgrade Redis OSS version. For new databases - the version which the database will be created with. If set to 'major' - will always upgrade to the most recent major Redis version. If set to 'latest' - will always upgrade to the most recent Redis version. Depends on 'redisUpgradePolicy' - if you want to set the value to 'latest' for some databases, you must set redisUpgradePolicy on the cluster before. Possible values are 'major' or 'latest' When using upgrade - make sure to backup the database before. This value is used only for database type 'redis' + /// Redis OSS version. Version can be specified via prefix, or via channels - for existing databases - Upgrade Redis OSS version. For new databases - the version which the database will be created with. If set to 'major' - will always upgrade to the most recent major Redis version. If set to 'latest' - will always upgrade to the most recent Redis version. Depends on 'redisUpgradePolicy' - if you want to set the value to 'latest' for some databases, you must set redisUpgradePolicy on the cluster before. Possible values are 'major' or 'latest' When using upgrade - make sure to backup the database before. This value is used only for database type 'redis'. Note - Specifying Redis version is currently not supported for Active-Active database. #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisVersion")] pub redis_version: Option, /// What databases to replicate from @@ -134,7 +134,7 @@ pub struct RedisEnterpriseActiveActiveDatabaseGlobalConfigurationsActiveActive { pub participating_cluster_name: String, } -/// Settings for database alerts +/// Settings for database alerts. Note - Alert settings are not supported for Active-Active database. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseActiveActiveDatabaseGlobalConfigurationsAlertSettings { /// Periodic backup has been delayed for longer than specified threshold value [minutes] @@ -524,6 +524,9 @@ pub struct RedisEnterpriseActiveActiveDatabaseRedisEnterpriseCluster { /// RedisEnterpriseActiveActiveDatabaseStatus defines the observed state of RedisEnterpriseActiveActiveDatabase #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseActiveActiveDatabaseStatus { + /// Versions of the cluster's Proxy and Syncer certificates. In Active-Active databases, these are used to detect updates to the certificates, and trigger synchronization across the participating clusters. . + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterCertificatesGeneration")] + pub cluster_certificates_generation: Option, /// The active-active database corresponding GUID. #[serde(default, skip_serializing_if = "Option::is_none")] pub guid: Option, diff --git a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseclusters.rs b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseclusters.rs index 806803c7d..b9b007080 100644 --- a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseclusters.rs +++ b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseclusters.rs @@ -117,6 +117,8 @@ pub struct RedisEnterpriseClusterSpec { pub redis_upgrade_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "resp3Default")] pub resp3_default: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -336,6 +338,8 @@ pub struct RedisEnterpriseClusterLdap { pub ca_certificate_secret_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheTTLSeconds")] pub cache_ttl_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "directoryTimeoutSeconds")] + pub directory_timeout_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledForControlPlane")] pub enabled_for_control_plane: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledForDataPlane")] @@ -3049,6 +3053,17 @@ pub enum RedisEnterpriseClusterRedisUpgradePolicy { Latest, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RedisEnterpriseClusterSecurityContext { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystemPolicy")] + pub read_only_root_filesystem_policy: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RedisEnterpriseClusterSecurityContextReadOnlyRootFilesystemPolicy { + pub enabled: bool, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseClusterServices { #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiService")] @@ -6543,6 +6558,8 @@ pub struct RedisEnterpriseClusterVolumesVsphereVolume { pub struct RedisEnterpriseClusterStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "bundledDatabaseVersions")] pub bundled_database_versions: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificatesStatus")] + pub certificates_status: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressOrRouteMethodStatus")] pub ingress_or_route_method_status: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "licenseStatus")] @@ -6572,6 +6589,14 @@ pub struct RedisEnterpriseClusterStatusBundledDatabaseVersions { pub version: String, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RedisEnterpriseClusterStatusCertificatesStatus { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub generation: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseClusterStatusLicenseStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "activationDate")] diff --git a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterprisedatabases.rs b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterprisedatabases.rs index 21d6c805f..0733cb8f1 100644 --- a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterprisedatabases.rs +++ b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterprisedatabases.rs @@ -55,7 +55,7 @@ pub struct RedisEnterpriseDatabaseSpec { /// memory size of database. use formats like 100MB, 0.1GB. minimum value in 100MB. When redis on flash (RoF) is enabled, this value refers to RAM+Flash memory, and it must not be below 1GB. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memorySize")] pub memory_size: Option, - /// List of modules associated with database. Note - For Active-Active databases this feature is currently in preview. For this feature to take effect for Active-Active databases, set a boolean environment variable with the name "ENABLE_ALPHA_FEATURES" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map. + /// List of modules associated with database. Note - For Active-Active databases this feature is currently in preview. For this feature to take effect for Active-Active databases, set a boolean environment variable with the name "ENABLE_ALPHA_FEATURES" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map. Note - if you do not want to upgrade to the latest version you must set upgradeSpec -> upgradeModulesToLatest to false. if you specify a version and do not set the upgradeModulesToLatest it can result errors in the operator. in addition, the option to specify specific version is Deprecated and will be deleted in next releases. #[serde(default, skip_serializing_if = "Option::is_none", rename = "modulesList")] pub modules_list: Option>, /// OSS Cluster mode option. Note that not all client libraries support OSS cluster mode. @@ -387,7 +387,7 @@ pub struct RedisEnterpriseDatabaseModulesList { pub config: Option, /// The module's name e.g "ft" for redissearch pub name: String, - /// Module's semantic version e.g "1.6.12" - optional only in REDB, must be set in REAADB + /// DEPRECATED - Module's semantic version e.g "1.6.12" - optional only in REDB, must be set in REAADB #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } @@ -482,7 +482,7 @@ pub enum RedisEnterpriseDatabaseType { /// Specifications for DB upgrade. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseDatabaseUpgradeSpec { - /// Upgrades the modules to the latest version that supportes the DB version during a DB upgrade action, to upgrade the DB version view the 'redisVersion' field. Notes - All modules must be without specifing the version. in addition, This field is currently not supported for Active-Active databases. + /// DEPRECATED Upgrades the modules to the latest version that supports the DB version during a DB upgrade action, to upgrade the DB version view the 'redisVersion' field. Notes - All modules must be without specifying the version. in addition, This field is currently not supported for Active-Active databases. The default is true #[serde(rename = "upgradeModulesToLatest")] pub upgrade_modules_to_latest: bool, } diff --git a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseremoteclusters.rs b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseremoteclusters.rs index 1c087b4d5..de51ce25e 100644 --- a/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseremoteclusters.rs +++ b/kube-custom-resources-rs/src/app_redislabs_com/v1alpha1/redisenterpriseremoteclusters.rs @@ -20,6 +20,9 @@ pub struct RedisEnterpriseRemoteClusterSpec { /// The URL of the cluster, will be used for the active-active database URL. #[serde(rename = "apiFqdnUrl")] pub api_fqdn_url: String, + /// The port number of the cluster's URL used for connectivity/sync + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiPort")] + pub api_port: Option, /// The database URL suffix, will be used for the active-active database replication endpoint and replication endpoint SNI. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbFqdnSuffix")] pub db_fqdn_suffix: Option, @@ -36,6 +39,9 @@ pub struct RedisEnterpriseRemoteClusterSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RedisEnterpriseRemoteClusterStatus { + /// The observed secret resource version. Used for internal purposes only. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalObservedSecretResourceVersion")] + pub internal_observed_secret_resource_version: Option, /// Indicates whether this object represents a local or a remote cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub local: Option, diff --git a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs index 89907340e..0b375486b 100644 --- a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs +++ b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/agentpools.rs @@ -152,9 +152,11 @@ pub struct AgentPoolAgentDeploymentSpec { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, - /// NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - /// the scheduler simply schedules this pod onto that node, assuming that it fits resource - /// requirements. + /// NodeName indicates in which node this pod is scheduled. + /// If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. + /// Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. + /// This field should not be used to express a desire for the pod to be scheduled on a specific node. + /// https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] pub node_name: Option, /// NodeSelector is a selector which must be true for the pod to fit on a node. @@ -165,11 +167,9 @@ pub struct AgentPoolAgentDeploymentSpec { /// Specifies the OS of the containers in the pod. /// Some pod and container fields are restricted if this is set. /// - /// /// If the OS field is set to linux, the following fields must be unset: /// -securityContext.windowsOptions /// - /// /// If the OS field is set to windows, following fields must be unset: /// - spec.hostPID /// - spec.hostIPC @@ -184,6 +184,7 @@ pub struct AgentPoolAgentDeploymentSpec { /// - spec.securityContext.runAsUser /// - spec.securityContext.runAsGroup /// - spec.securityContext.supplementalGroups + /// - spec.securityContext.supplementalGroupsPolicy /// - spec.containers[*].securityContext.appArmorProfile /// - spec.containers[*].securityContext.seLinuxOptions /// - spec.containers[*].securityContext.seccompProfile @@ -236,11 +237,9 @@ pub struct AgentPoolAgentDeploymentSpec { /// will be made available to those containers which consume them /// by name. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaims")] pub resource_claims: Option>, @@ -265,7 +264,6 @@ pub struct AgentPoolAgentDeploymentSpec { /// If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the /// scheduler will not attempt to schedule the pod. /// - /// /// SchedulingGates can only be set at pod creation time, and be removed only afterwards. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingGates")] pub scheduling_gates: Option>, @@ -529,7 +527,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAffinityPreferredDuringSchedul /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -540,7 +538,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAffinityPreferredDuringSchedul /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -650,7 +648,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAffinityRequiredDuringScheduli /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -661,7 +659,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAffinityRequiredDuringScheduli /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -802,7 +800,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAntiAffinityPreferredDuringSch /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -813,7 +811,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAntiAffinityPreferredDuringSch /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -923,7 +921,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAntiAffinityRequiredDuringSche /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -934,7 +932,7 @@ pub struct AgentPoolAgentDeploymentSpecAffinityPodAntiAffinityRequiredDuringSche /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1240,9 +1238,7 @@ pub struct AgentPoolAgentDeploymentSpecContainersEnvValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1285,9 +1281,7 @@ pub struct AgentPoolAgentDeploymentSpecContainersEnvValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1316,9 +1310,7 @@ pub struct AgentPoolAgentDeploymentSpecContainersEnvFromConfigMapRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1333,9 +1325,7 @@ pub struct AgentPoolAgentDeploymentSpecContainersEnvFromSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1620,7 +1610,6 @@ pub struct AgentPoolAgentDeploymentSpecContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -1771,7 +1760,6 @@ pub struct AgentPoolAgentDeploymentSpecContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -1843,11 +1831,9 @@ pub struct AgentPoolAgentDeploymentSpecContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1870,6 +1856,11 @@ pub struct AgentPoolAgentDeploymentSpecContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -1903,7 +1894,7 @@ pub struct AgentPoolAgentDeploymentSpecContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2026,7 +2017,6 @@ pub struct AgentPoolAgentDeploymentSpecContainersSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2138,7 +2128,6 @@ pub struct AgentPoolAgentDeploymentSpecContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2223,10 +2212,8 @@ pub struct AgentPoolAgentDeploymentSpecContainersVolumeMounts { /// RecursiveReadOnly specifies whether read-only mounts should be handled /// recursively. /// - /// /// If ReadOnly is false, this field has no meaning and must be unspecified. /// - /// /// If ReadOnly is true, and this field is set to Disabled, the mount is not made /// recursively read-only. If this field is set to IfPossible, the mount is made /// recursively read-only, if it is supported by the container runtime. If this @@ -2234,11 +2221,9 @@ pub struct AgentPoolAgentDeploymentSpecContainersVolumeMounts { /// supported by the container runtime, otherwise the pod will not be started and /// an error will be generated to indicate the reason. /// - /// /// If this field is set to IfPossible or Enabled, MountPropagation must be set to /// None (or be unspecified, which defaults to None). /// - /// /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, @@ -2293,7 +2278,6 @@ pub struct AgentPoolAgentDeploymentSpecDnsConfigOptions { /// removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the /// Pod to exceed its resource allocation. /// -/// /// To add an ephemeral container, use the ephemeralcontainers subresource of an existing /// Pod. Ephemeral containers may not be removed or restarted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2394,7 +2378,6 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainers { /// The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. /// If not set then the ephemeral container uses the namespaces configured in the Pod spec. /// - /// /// The container runtime must implement support for this feature. If the runtime does not /// support namespace targeting then the result of setting this field is undefined. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetContainerName")] @@ -2485,9 +2468,7 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersEnvValueFromConfigMapK /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2530,9 +2511,7 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersEnvValueFromSecretKeyR /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2561,9 +2540,7 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersEnvFromConfigMapRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2578,9 +2555,7 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersEnvFromSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2861,7 +2836,6 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3009,7 +2983,6 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3080,11 +3053,9 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -3107,6 +3078,11 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Optional: SecurityContext defines the security options the ephemeral container should be run with. @@ -3139,7 +3115,7 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -3262,7 +3238,6 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersSecurityContextSeccomp /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3368,7 +3343,6 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3453,10 +3427,8 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersVolumeMounts { /// RecursiveReadOnly specifies whether read-only mounts should be handled /// recursively. /// - /// /// If ReadOnly is false, this field has no meaning and must be unspecified. /// - /// /// If ReadOnly is true, and this field is set to Disabled, the mount is not made /// recursively read-only. If this field is set to IfPossible, the mount is made /// recursively read-only, if it is supported by the container runtime. If this @@ -3464,11 +3436,9 @@ pub struct AgentPoolAgentDeploymentSpecEphemeralContainersVolumeMounts { /// supported by the container runtime, otherwise the pod will not be started and /// an error will be generated to indicate the reason. /// - /// /// If this field is set to IfPossible or Enabled, MountPropagation must be set to /// None (or be unspecified, which defaults to None). /// - /// /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, @@ -3503,9 +3473,7 @@ pub struct AgentPoolAgentDeploymentSpecImagePullSecrets { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3726,9 +3694,7 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersEnvValueFromConfigMapKeyRef /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3771,9 +3737,7 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersEnvValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3802,9 +3766,7 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersEnvFromConfigMapRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3819,9 +3781,7 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersEnvFromSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -4106,7 +4066,6 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4257,7 +4216,6 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4329,11 +4287,9 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -4356,6 +4312,11 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -4389,7 +4350,7 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -4512,7 +4473,6 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersSecurityContextSeccompProfi /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -4624,7 +4584,6 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4709,10 +4668,8 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersVolumeMounts { /// RecursiveReadOnly specifies whether read-only mounts should be handled /// recursively. /// - /// /// If ReadOnly is false, this field has no meaning and must be unspecified. /// - /// /// If ReadOnly is true, and this field is set to Disabled, the mount is not made /// recursively read-only. If this field is set to IfPossible, the mount is made /// recursively read-only, if it is supported by the container runtime. If this @@ -4720,11 +4677,9 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersVolumeMounts { /// supported by the container runtime, otherwise the pod will not be started and /// an error will be generated to indicate the reason. /// - /// /// If this field is set to IfPossible or Enabled, MountPropagation must be set to /// None (or be unspecified, which defaults to None). /// - /// /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, @@ -4743,11 +4698,9 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersVolumeMounts { /// Specifies the OS of the containers in the pod. /// Some pod and container fields are restricted if this is set. /// -/// /// If the OS field is set to linux, the following fields must be unset: /// -securityContext.windowsOptions /// -/// /// If the OS field is set to windows, following fields must be unset: /// - spec.hostPID /// - spec.hostIPC @@ -4762,6 +4715,7 @@ pub struct AgentPoolAgentDeploymentSpecInitContainersVolumeMounts { /// - spec.securityContext.runAsUser /// - spec.securityContext.runAsGroup /// - spec.securityContext.supplementalGroups +/// - spec.securityContext.supplementalGroupsPolicy /// - spec.containers[*].securityContext.appArmorProfile /// - spec.containers[*].securityContext.seLinuxOptions /// - spec.containers[*].securityContext.seccompProfile @@ -4789,7 +4743,10 @@ pub struct AgentPoolAgentDeploymentSpecReadinessGates { pub condition_type: String, } -/// PodResourceClaim references exactly one ResourceClaim through a ClaimSource. +/// PodResourceClaim references exactly one ResourceClaim, either directly +/// or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim +/// for the pod. +/// /// It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. /// Containers that need access to the ResourceClaim reference it with this name. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -4797,32 +4754,28 @@ pub struct AgentPoolAgentDeploymentSpecResourceClaims { /// Name uniquely identifies this resource claim inside the pod. /// This must be a DNS_LABEL. pub name: String, - /// Source describes where to find the ResourceClaim. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source: Option, -} - -/// Source describes where to find the ResourceClaim. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AgentPoolAgentDeploymentSpecResourceClaimsSource { /// ResourceClaimName is the name of a ResourceClaim object in the same /// namespace as this pod. + /// + /// Exactly one of ResourceClaimName and ResourceClaimTemplateName must + /// be set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimName")] pub resource_claim_name: Option, /// ResourceClaimTemplateName is the name of a ResourceClaimTemplate /// object in the same namespace as this pod. /// - /// /// The template will be used to create a new ResourceClaim, which will /// be bound to this pod. When this pod is deleted, the ResourceClaim /// will also be deleted. The pod name and resource name, along with a /// generated component, will be used to form a unique name for the /// ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. /// - /// /// This field is immutable and no changes will be made to the /// corresponding ResourceClaim by the control plane after creating the /// ResourceClaim. + /// + /// Exactly one of ResourceClaimName and ResourceClaimTemplateName must + /// be set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimTemplateName")] pub resource_claim_template_name: Option, } @@ -4847,12 +4800,10 @@ pub struct AgentPoolAgentDeploymentSpecSecurityContext { /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -4902,15 +4853,24 @@ pub struct AgentPoolAgentDeploymentSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -4978,7 +4938,6 @@ pub struct AgentPoolAgentDeploymentSpecSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -5070,7 +5029,6 @@ pub struct AgentPoolAgentDeploymentSpecTopologySpreadConstraints { /// Keys that don't exist in the incoming pod labels will /// be ignored. A null or empty list means only match against labelSelector. /// - /// /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, @@ -5104,7 +5062,6 @@ pub struct AgentPoolAgentDeploymentSpecTopologySpreadConstraints { /// Valid values are integers greater than 0. /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. /// - /// /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same /// labelSelector spread as 2/2/2: /// | zone1 | zone2 | zone3 | @@ -5120,7 +5077,6 @@ pub struct AgentPoolAgentDeploymentSpecTopologySpreadConstraints { /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. /// - /// /// If this value is nil, the behavior is equivalent to the Honor policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] @@ -5131,7 +5087,6 @@ pub struct AgentPoolAgentDeploymentSpecTopologySpreadConstraints { /// has a toleration, are included. /// - Ignore: node taints are ignored. All nodes are included. /// - /// /// If this value is nil, the behavior is equivalent to the Ignore policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] @@ -5240,7 +5195,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumes { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -5251,17 +5205,14 @@ pub struct AgentPoolAgentDeploymentSpecVolumes { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5296,11 +5247,24 @@ pub struct AgentPoolAgentDeploymentSpecVolumes { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -5359,7 +5323,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesAwsElasticBlockStore { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -5455,9 +5418,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesCephfsSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5495,9 +5456,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesCinderSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5527,9 +5486,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesConfigMap { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5596,9 +5553,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesCsiNodePublishSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5692,7 +5647,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesEmptyDir { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -5703,17 +5657,14 @@ pub struct AgentPoolAgentDeploymentSpecVolumesEmptyDir { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -5726,7 +5677,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -5736,11 +5686,9 @@ pub struct AgentPoolAgentDeploymentSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -5754,7 +5702,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -5764,11 +5711,9 @@ pub struct AgentPoolAgentDeploymentSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AgentPoolAgentDeploymentSpecVolumesEphemeralVolumeClaimTemplate { @@ -5861,7 +5806,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesEphemeralVolumeClaimTemplateSpec { /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -5990,7 +5935,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -6047,9 +5991,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesFlexVolumeSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6075,7 +6017,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesGcePersistentDisk { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -6137,9 +6078,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesGlusterfs { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AgentPoolAgentDeploymentSpecVolumesHostPath { /// path of the directory on the host. @@ -6153,6 +6091,39 @@ pub struct AgentPoolAgentDeploymentSpecVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AgentPoolAgentDeploymentSpecVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -6168,7 +6139,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -6208,9 +6178,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesIscsiSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6288,25 +6256,24 @@ pub struct AgentPoolAgentDeploymentSpecVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AgentPoolAgentDeploymentSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// - /// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// - /// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// - /// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -6331,14 +6298,11 @@ pub struct AgentPoolAgentDeploymentSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// -/// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// -/// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// -/// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -6421,9 +6385,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesProjectedSourcesConfigMap { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6522,9 +6484,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesProjectedSourcesSecret { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -6609,7 +6569,6 @@ pub struct AgentPoolAgentDeploymentSpecVolumesRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -6656,9 +6615,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesRbdSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6711,9 +6668,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesScaleIoSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6807,9 +6762,7 @@ pub struct AgentPoolAgentDeploymentSpecVolumesStorageosSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6917,9 +6870,7 @@ pub struct AgentPoolTokenSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/modules.rs b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/modules.rs index 24630bf41..360349532 100644 --- a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/modules.rs +++ b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/modules.rs @@ -88,9 +88,7 @@ pub struct ModuleTokenSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs index 198cec0da..e8ef1ccd6 100644 --- a/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs +++ b/kube-custom-resources-rs/src/app_terraform_io/v1alpha2/workspaces.rs @@ -128,6 +128,11 @@ pub struct WorkspaceSpec { pub terraform_version: Option, /// API Token to be used for API calls. pub token: WorkspaceToken, + /// HCP Terraform variable sets let you reuse variables in an efficient and centralized way. + /// More information + /// - https://developer.hashicorp.com/terraform/tutorials/cloud/cloud-multiple-variable-sets + #[serde(default, skip_serializing_if = "Option::is_none", rename = "variableSets")] + pub variable_sets: Option>, /// Settings for the workspace's VCS repository, enabling the UI/VCS-driven run workflow. /// Omit this argument to utilize the CLI-driven and API-driven workflows, where runs are not driven by webhooks on your VCS provider. /// More information: @@ -216,9 +221,7 @@ pub struct WorkspaceEnvironmentVariablesValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -235,9 +238,7 @@ pub struct WorkspaceEnvironmentVariablesValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -521,9 +522,7 @@ pub struct WorkspaceTerraformVariablesValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -540,9 +539,7 @@ pub struct WorkspaceTerraformVariablesValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -567,9 +564,7 @@ pub struct WorkspaceTokenSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -577,6 +572,21 @@ pub struct WorkspaceTokenSecretKeyRef { pub optional: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct WorkspaceVariableSets { + /// ID of the variable set. + /// Must match pattern: `varset-[a-zA-Z0-9]+$` + /// More information: + /// - https://developer.hashicorp.com/terraform/tutorials/cloud/cloud-multiple-variable-sets + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + /// Name of the variable set. + /// More information: + /// - https://developer.hashicorp.com/terraform/tutorials/cloud/cloud-multiple-variable-sets + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// Settings for the workspace's VCS repository, enabling the UI/VCS-driven run workflow. /// Omit this argument to utilize the CLI-driven and API-driven workflows, where runs are not driven by webhooks on your VCS provider. /// More information: @@ -630,6 +640,9 @@ pub struct WorkspaceStatus { /// Workspace last update timestamp. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateAt")] pub update_at: Option, + /// Variable Sets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "variableSet")] + pub variable_set: Option>, /// Workspace variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub variables: Option>, @@ -669,6 +682,14 @@ pub struct WorkspaceStatusRunStatus { pub status: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct WorkspaceStatusVariableSet { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkspaceStatusVariables { /// Category of the variable. diff --git a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/accesslogpolicies.rs b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/accesslogpolicies.rs index 793b35625..9111dc0f0 100644 --- a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/accesslogpolicies.rs +++ b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/accesslogpolicies.rs @@ -19,18 +19,22 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct AccessLogPolicySpec { - /// The Amazon Resource Name (ARN) of the destination that will store access logs. Supported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stream ARNs. - /// Changes to this value results in replacement of the VPC Lattice Access Log Subscription. + /// The Amazon Resource Name (ARN) of the destination that will store access logs. + /// Supported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stream ARNs. + /// + /// Changes to this value results in replacement of the VPC Lattice Access Log Subscription. #[serde(rename = "destinationArn")] pub destination_arn: String, - /// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. - /// This field is following the guidelines of Kubernetes Gateway API policy attachment. + /// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. + /// + /// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[serde(rename = "targetRef")] pub target_ref: AccessLogPolicyTargetRef, } -/// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. -/// This field is following the guidelines of Kubernetes Gateway API policy attachment. +/// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. +/// +/// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AccessLogPolicyTargetRef { /// Group is the group of the target resource. @@ -39,7 +43,10 @@ pub struct AccessLogPolicyTargetRef { pub kind: String, /// Name is the name of the target resource. pub name: String, - /// Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy. + /// Namespace is the namespace of the referent. When unspecified, the local + /// namespace is inferred. Even when policy targets a resource in a different + /// namespace, it MUST only apply to traffic originating from the same + /// namespace as the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -47,10 +54,17 @@ pub struct AccessLogPolicyTargetRef { /// Status defines the current state of AccessLogPolicy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AccessLogPolicyStatus { - /// Conditions describe the current conditions of the AccessLogPolicy. - /// Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe AccessLogPolicy state. - /// Known condition types are: - /// * "Accepted" * "Ready" + /// Conditions describe the current conditions of the AccessLogPolicy. + /// + /// Implementations should prefer to express Policy conditions + /// using the `PolicyConditionType` and `PolicyConditionReason` + /// constants so that operators and tools can converge on a common + /// vocabulary to describe AccessLogPolicy state. + /// + /// Known condition types are: + /// + /// * "Accepted" + /// * "Ready" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, } diff --git a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/iamauthpolicies.rs b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/iamauthpolicies.rs index 0f721767b..31304c330 100644 --- a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/iamauthpolicies.rs +++ b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/iamauthpolicies.rs @@ -10,7 +10,9 @@ mod prelude { } use self::prelude::*; -/// IAMAuthPolicySpec defines the desired state of IAMAuthPolicy. When the controller handles IAMAuthPolicy creation, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to AWS_IAM and attach this policy. When the controller handles IAMAuthPolicy deletion, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to NONE and detach this policy. +/// IAMAuthPolicySpec defines the desired state of IAMAuthPolicy. +/// When the controller handles IAMAuthPolicy creation, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to AWS_IAM and attach this policy. +/// When the controller handles IAMAuthPolicy deletion, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to NONE and detach this policy. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "application-networking.k8s.aws", version = "v1alpha1", kind = "IAMAuthPolicy", plural = "iamauthpolicies")] #[kube(namespaced)] @@ -21,14 +23,16 @@ use self::prelude::*; pub struct IAMAuthPolicySpec { /// IAM auth policy content. It is a JSON string that uses the same syntax as AWS IAM policies. Please check the VPC Lattice documentation to get [the common elements in an auth policy](https://docs.aws.amazon.com/vpc-lattice/latest/ug/auth-policies.html#auth-policies-common-elements) pub policy: String, - /// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. - /// This field is following the guidelines of Kubernetes Gateway API policy attachment. + /// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. + /// + /// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[serde(rename = "targetRef")] pub target_ref: IAMAuthPolicyTargetRef, } -/// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. -/// This field is following the guidelines of Kubernetes Gateway API policy attachment. +/// TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. +/// +/// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IAMAuthPolicyTargetRef { /// Group is the group of the target resource. @@ -37,7 +41,10 @@ pub struct IAMAuthPolicyTargetRef { pub kind: String, /// Name is the name of the target resource. pub name: String, - /// Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy. + /// Namespace is the namespace of the referent. When unspecified, the local + /// namespace is inferred. Even when policy targets a resource in a different + /// namespace, it MUST only apply to traffic originating from the same + /// namespace as the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -45,10 +52,17 @@ pub struct IAMAuthPolicyTargetRef { /// Status defines the current state of IAMAuthPolicy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IAMAuthPolicyStatus { - /// Conditions describe the current conditions of the IAMAuthPolicy. - /// Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe IAMAuthPolicy state. - /// Known condition types are: - /// * "Accepted" * "Ready" + /// Conditions describe the current conditions of the IAMAuthPolicy. + /// + /// Implementations should prefer to express Policy conditions + /// using the `PolicyConditionType` and `PolicyConditionReason` + /// constants so that operators and tools can converge on a common + /// vocabulary to describe IAMAuthPolicy state. + /// + /// Known condition types are: + /// + /// * "Accepted" + /// * "Ready" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, } diff --git a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceexports.rs b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceexports.rs index 39e5cd16c..c9e390d31 100644 --- a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceexports.rs +++ b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceexports.rs @@ -10,7 +10,10 @@ mod prelude { } use self::prelude::*; -/// status describes the current state of an exported service. Service configuration comes from the Service that had the same name and namespace as this ServiceExport. Populated by the multi-cluster service implementation's controller. +/// status describes the current state of an exported service. +/// Service configuration comes from the Service that had the same +/// name and namespace as this ServiceExport. +/// Populated by the multi-cluster service implementation's controller. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceExportStatus { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceimports.rs b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceimports.rs index 812b9a1f4..c39b1a211 100644 --- a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceimports.rs +++ b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/serviceimports.rs @@ -20,13 +20,19 @@ pub struct ServiceImportSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub ips: Option>, pub ports: Vec, - /// Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. Ignored when type is Headless More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// Supports "ClientIP" and "None". Used to maintain session affinity. + /// Enable client IP based session affinity. + /// Must be ClientIP or None. + /// Defaults to None. + /// Ignored when type is Headless + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] pub session_affinity: Option, /// sessionAffinityConfig contains session affinity configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] pub session_affinity_config: Option, - /// type defines the type of this service. Must be ClusterSetIP or Headless. + /// type defines the type of this service. + /// Must be ClusterSetIP or Headless. #[serde(rename = "type")] pub r#type: ServiceImportType, } @@ -34,15 +40,26 @@ pub struct ServiceImportSpec { /// ServicePort represents the port on which the service is exposed #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceImportPorts { - /// The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and http://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. Field can be enabled with ServiceAppProtocol feature gate. + /// The application protocol for this port. + /// This field follows standard Kubernetes label syntax. + /// Un-prefixed names are reserved for IANA standard service names (as per + /// RFC-6335 and http://www.iana.org/assignments/service-names). + /// Non-standard protocols should use prefixed names such as + /// mycompany.com/my-custom-protocol. + /// Field can be enabled with ServiceAppProtocol feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The port that will be exposed by this service. pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } @@ -58,7 +75,9 @@ pub struct ServiceImportSessionAffinityConfig { /// clientIP contains the configurations of Client IP based session affinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceImportSessionAffinityConfigClientIp { - /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). + /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. + /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + /// Default value is 10800(for 3 hours). #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -71,10 +90,12 @@ pub enum ServiceImportType { Headless, } -/// status contains information about the exported services that form the multi-cluster service referenced by this ServiceImport. +/// status contains information about the exported services that form +/// the multi-cluster service referenced by this ServiceImport. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceImportStatus { - /// clusters is the list of exporting clusters from which this service was derived. + /// clusters is the list of exporting clusters from which this service + /// was derived. #[serde(default, skip_serializing_if = "Option::is_none")] pub clusters: Option>, } @@ -82,7 +103,8 @@ pub struct ServiceImportStatus { /// ClusterStatus contains service configuration mapped to a specific source cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceImportStatusClusters { - /// cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS label. + /// cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS + /// label. pub cluster: String, } diff --git a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/targetgrouppolicies.rs b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/targetgrouppolicies.rs index a8705218f..4d1ef2fef 100644 --- a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/targetgrouppolicies.rs +++ b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/targetgrouppolicies.rs @@ -19,26 +19,33 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct TargetGroupPolicySpec { - /// The health check configuration. - /// Changes to this value will update VPC Lattice resource in place. + /// The health check configuration. + /// + /// Changes to this value will update VPC Lattice resource in place. #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheck")] pub health_check: Option, - /// The protocol to use for routing traffic to the targets. Supported values are HTTP (default), HTTPS and TCP. - /// Changes to this value results in a replacement of VPC Lattice target group. + /// The protocol to use for routing traffic to the targets. Supported values are HTTP (default), HTTPS and TCP. + /// + /// Changes to this value results in a replacement of VPC Lattice target group. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// The protocol version to use. Supported values are HTTP1 (default) and HTTP2. When a policy Protocol is TCP, you should not set this field. Otherwise, the whole TargetGroupPolicy will not take effect. When a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2. - /// Changes to this value results in a replacement of VPC Lattice target group. + /// The protocol version to use. Supported values are HTTP1 (default) and HTTP2. + /// When a policy Protocol is TCP, you should not set this field. Otherwise, the whole TargetGroupPolicy will not take effect. + /// When a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2. + /// + /// Changes to this value results in a replacement of VPC Lattice target group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protocolVersion")] pub protocol_version: Option, - /// TargetRef points to the kubernetes Service resource that will have this policy attached. - /// This field is following the guidelines of Kubernetes Gateway API policy attachment. + /// TargetRef points to the kubernetes Service resource that will have this policy attached. + /// + /// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[serde(rename = "targetRef")] pub target_ref: TargetGroupPolicyTargetRef, } -/// The health check configuration. -/// Changes to this value will update VPC Lattice resource in place. +/// The health check configuration. +/// +/// Changes to this value will update VPC Lattice resource in place. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TargetGroupPolicyHealthCheck { /// Indicates whether health checking is enabled. @@ -53,7 +60,8 @@ pub struct TargetGroupPolicyHealthCheck { /// The destination for health checks on the targets. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// The port used when performing health checks on targets. If not specified, health check defaults to the port that a target receives traffic on. + /// The port used when performing health checks on targets. If not specified, health check defaults to the + /// port that a target receives traffic on. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// The protocol used when performing health checks on targets. @@ -73,8 +81,9 @@ pub struct TargetGroupPolicyHealthCheck { pub unhealthy_threshold_count: Option, } -/// The health check configuration. -/// Changes to this value will update VPC Lattice resource in place. +/// The health check configuration. +/// +/// Changes to this value will update VPC Lattice resource in place. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum TargetGroupPolicyHealthCheckProtocol { #[serde(rename = "HTTP")] @@ -83,8 +92,9 @@ pub enum TargetGroupPolicyHealthCheckProtocol { Https, } -/// The health check configuration. -/// Changes to this value will update VPC Lattice resource in place. +/// The health check configuration. +/// +/// Changes to this value will update VPC Lattice resource in place. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum TargetGroupPolicyHealthCheckProtocolVersion { #[serde(rename = "HTTP1")] @@ -93,8 +103,9 @@ pub enum TargetGroupPolicyHealthCheckProtocolVersion { Http2, } -/// TargetRef points to the kubernetes Service resource that will have this policy attached. -/// This field is following the guidelines of Kubernetes Gateway API policy attachment. +/// TargetRef points to the kubernetes Service resource that will have this policy attached. +/// +/// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TargetGroupPolicyTargetRef { /// Group is the group of the target resource. @@ -103,7 +114,10 @@ pub struct TargetGroupPolicyTargetRef { pub kind: String, /// Name is the name of the target resource. pub name: String, - /// Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy. + /// Namespace is the namespace of the referent. When unspecified, the local + /// namespace is inferred. Even when policy targets a resource in a different + /// namespace, it MUST only apply to traffic originating from the same + /// namespace as the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -111,10 +125,17 @@ pub struct TargetGroupPolicyTargetRef { /// Status defines the current state of TargetGroupPolicy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TargetGroupPolicyStatus { - /// Conditions describe the current conditions of the TargetGroup. - /// Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe TargetGroup state. - /// Known condition types are: - /// * "Accepted" * "Ready" + /// Conditions describe the current conditions of the TargetGroup. + /// + /// Implementations should prefer to express Policy conditions + /// using the `PolicyConditionType` and `PolicyConditionReason` + /// constants so that operators and tools can converge on a common + /// vocabulary to describe TargetGroup state. + /// + /// Known condition types are: + /// + /// * "Accepted" + /// * "Ready" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, } diff --git a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/vpcassociationpolicies.rs b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/vpcassociationpolicies.rs index 6a7c9051d..d38f61f54 100644 --- a/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/vpcassociationpolicies.rs +++ b/kube-custom-resources-rs/src/application_networking_k8s_aws/v1alpha1/vpcassociationpolicies.rs @@ -19,22 +19,27 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct VpcAssociationPolicySpec { - /// AssociateWithVpc indicates whether the VpcServiceNetworkAssociation should be created for the current VPC of k8s cluster. - /// This value will be considered true by default. + /// AssociateWithVpc indicates whether the VpcServiceNetworkAssociation should be created for the current VPC of k8s cluster. + /// + /// This value will be considered true by default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "associateWithVpc")] pub associate_with_vpc: Option, - /// SecurityGroupIds defines the security groups enforced on the VpcServiceNetworkAssociation. Security groups does not take effect if AssociateWithVpc is set to false. - /// For more details, please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html + /// SecurityGroupIds defines the security groups enforced on the VpcServiceNetworkAssociation. + /// Security groups does not take effect if AssociateWithVpc is set to false. + /// + /// For more details, please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIds")] pub security_group_ids: Option>, - /// TargetRef points to the kubernetes Gateway resource that will have this policy attached. - /// This field is following the guidelines of Kubernetes Gateway API policy attachment. + /// TargetRef points to the kubernetes Gateway resource that will have this policy attached. + /// + /// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[serde(rename = "targetRef")] pub target_ref: VpcAssociationPolicyTargetRef, } -/// TargetRef points to the kubernetes Gateway resource that will have this policy attached. -/// This field is following the guidelines of Kubernetes Gateway API policy attachment. +/// TargetRef points to the kubernetes Gateway resource that will have this policy attached. +/// +/// This field is following the guidelines of Kubernetes Gateway API policy attachment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VpcAssociationPolicyTargetRef { /// Group is the group of the target resource. @@ -43,7 +48,10 @@ pub struct VpcAssociationPolicyTargetRef { pub kind: String, /// Name is the name of the target resource. pub name: String, - /// Namespace is the namespace of the referent. When unspecified, the local namespace is inferred. Even when policy targets a resource in a different namespace, it MUST only apply to traffic originating from the same namespace as the policy. + /// Namespace is the namespace of the referent. When unspecified, the local + /// namespace is inferred. Even when policy targets a resource in a different + /// namespace, it MUST only apply to traffic originating from the same + /// namespace as the policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -51,10 +59,16 @@ pub struct VpcAssociationPolicyTargetRef { /// VpcAssociationPolicyStatus defines the observed state of VpcAssociationPolicy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VpcAssociationPolicyStatus { - /// Conditions describe the current conditions of the VpcAssociationPolicy. - /// Implementations should prefer to express Policy conditions using the `PolicyConditionType` and `PolicyConditionReason` constants so that operators and tools can converge on a common vocabulary to describe VpcAssociationPolicy state. - /// Known condition types are: - /// * "Accepted" + /// Conditions describe the current conditions of the VpcAssociationPolicy. + /// + /// Implementations should prefer to express Policy conditions + /// using the `PolicyConditionType` and `PolicyConditionReason` + /// constants so that operators and tools can converge on a common + /// vocabulary to describe VpcAssociationPolicy state. + /// + /// Known condition types are: + /// + /// * "Accepted" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, } diff --git a/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalabletargets.rs b/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalabletargets.rs index f90c913d1..316c8799c 100644 --- a/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalabletargets.rs +++ b/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalabletargets.rs @@ -27,11 +27,11 @@ pub struct ScalableTargetSpec { /// when registering a new scalable target. /// /// Although you can specify a large maximum capacity, note that service quotas - /// may impose lower limits. Each service has its own default quotas for the + /// might impose lower limits. Each service has its own default quotas for the /// maximum capacity of the resource. If you want to specify a higher limit, /// you can request an increase. For more information, consult the documentation /// for that service. For information about the default quotas for each service, - /// see Service Endpoints and Quotas (https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html) + /// see Service endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html) /// in the Amazon Web Services General Reference. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxCapacity")] pub max_capacity: Option, @@ -40,17 +40,43 @@ pub struct ScalableTargetSpec { /// the minimum capacity limit in response to changing demand. This property /// is required when registering a new scalable target. /// - /// For certain resources, the minimum value allowed is 0. This includes Lambda - /// provisioned concurrency, Spot Fleet, ECS services, Aurora DB clusters, EMR - /// clusters, and custom resources. For all other resources, the minimum value - /// allowed is 1. + /// For the following resources, the minimum value allowed is 0. + /// + /// * AppStream 2.0 fleets + /// + /// * Aurora DB clusters + /// + /// * ECS services + /// + /// * EMR clusters + /// + /// * Lambda provisioned concurrency + /// + /// * SageMaker endpoint variants + /// + /// * SageMaker inference components + /// + /// * SageMaker serverless endpoint provisioned concurrency + /// + /// * Spot Fleets + /// + /// * custom resources + /// + /// It's strongly recommended that you specify a value greater than 0. A value + /// greater than 0 means that data points are continuously reported to CloudWatch + /// that scaling policies can use to scale on a metric like average CPU utilization. + /// + /// For all other resources, the minimum allowed value depends on the type of + /// resource that you are using. If you provide a value that is lower than what + /// a resource can accept, an error occurs. In which case, the error message + /// will provide the minimum value that the resource can accept. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minCapacity")] pub min_capacity: Option, /// The identifier of the resource that is associated with the scalable target. /// This string consists of the resource type and unique identifier. /// /// * ECS service - The resource type is service and the unique identifier - /// is the cluster name and service name. Example: service/default/sample-webapp. + /// is the cluster name and service name. Example: service/my-cluster/my-service. /// /// * Spot Fleet - The resource type is spot-fleet-request and the unique /// identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. @@ -100,6 +126,15 @@ pub struct ScalableTargetSpec { /// /// * Neptune cluster - The resource type is cluster and the unique identifier /// is the cluster name. Example: cluster:mycluster. + /// + /// * SageMaker serverless endpoint - The resource type is variant and the + /// unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. + /// + /// * SageMaker inference component - The resource type is inference-component + /// and the unique identifier is the resource ID. Example: inference-component/my-inference-component. + /// + /// * Pool of WorkSpaces - The resource type is workspacespool and the unique + /// identifier is the pool ID. Example: workspacespool/wspool-123456. #[serde(rename = "resourceID")] pub resource_id: String, /// This parameter is required for services that do not support service-linked @@ -108,13 +143,13 @@ pub struct ScalableTargetSpec { /// /// If the service supports service-linked roles, Application Auto Scaling uses /// a service-linked role, which it creates if it does not yet exist. For more - /// information, see Application Auto Scaling IAM roles (https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles). + /// information, see How Application Auto Scaling works with IAM (https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleARN")] pub role_arn: Option, /// The scalable dimension associated with the scalable target. This string consists /// of the service namespace, resource type, and scaling property. /// - /// * ecs:service:DesiredCount - The desired task count of an ECS service. + /// * ecs:service:DesiredCount - The task count of an ECS service. /// /// * elasticmapreduce:instancegroup:InstanceCount - The instance count of /// an EMR Instance Group. @@ -122,8 +157,7 @@ pub struct ScalableTargetSpec { /// * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot /// Fleet. /// - /// * appstream:fleet:DesiredCapacity - The desired capacity of an AppStream - /// 2.0 fleet. + /// * appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet. /// /// * dynamodb:table:ReadCapacityUnits - The provisioned read capacity for /// a DynamoDB table. @@ -142,7 +176,7 @@ pub struct ScalableTargetSpec { /// edition. /// /// * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances - /// for an SageMaker model endpoint variant. + /// for a SageMaker model endpoint variant. /// /// * custom-resource:ResourceType:Property - The scalable dimension for a /// custom resource provided by your own application or service. @@ -174,6 +208,15 @@ pub struct ScalableTargetSpec { /// /// * neptune:cluster:ReadReplicaCount - The count of read replicas in an /// Amazon Neptune DB cluster. + /// + /// * sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency + /// for a SageMaker serverless endpoint. + /// + /// * sagemaker:inference-component:DesiredCopyCount - The number of copies + /// across an endpoint for a SageMaker inference component. + /// + /// * workspaces:workspacespool:DesiredUserSessions - The number of user sessions + /// for the WorkSpaces in the pool. #[serde(rename = "scalableDimension")] pub scalable_dimension: String, /// The namespace of the Amazon Web Services service that provides the resource. @@ -197,7 +240,7 @@ pub struct ScalableTargetSpec { /// * For ScheduledScalingSuspended, while a suspension is in effect, all /// scaling activities that involve scheduled actions are suspended. /// - /// For more information, see Suspending and resuming scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) + /// For more information, see Suspend and resume scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) /// in the Application Auto Scaling User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "suspendedState")] pub suspended_state: Option, @@ -219,7 +262,7 @@ pub struct ScalableTargetSpec { /// * For ScheduledScalingSuspended, while a suspension is in effect, all /// scaling activities that involve scheduled actions are suspended. /// -/// For more information, see Suspending and resuming scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) +/// For more information, see Suspend and resume scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) /// in the Application Auto Scaling User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScalableTargetSuspendedState { @@ -239,7 +282,7 @@ pub struct ScalableTargetStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalingpolicies.rs b/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalingpolicies.rs index 19390cbb2..1d6649e19 100644 --- a/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalingpolicies.rs +++ b/kube-custom-resources-rs/src/applicationautoscaling_services_k8s_aws/v1alpha1/scalingpolicies.rs @@ -15,7 +15,8 @@ use self::prelude::*; /// Represents a scaling policy to use with Application Auto Scaling. /// /// For more information about configuring scaling policies for a specific service, -/// see Getting started with Application Auto Scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/getting-started.html) +/// see Amazon Web Services services that you can use with Application Auto Scaling +/// (https://docs.aws.amazon.com/autoscaling/application/userguide/integrated-services-list.html) /// in the Application Auto Scaling User Guide. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "applicationautoscaling.services.k8s.aws", version = "v1alpha1", kind = "ScalingPolicy", plural = "scalingpolicies")] @@ -26,14 +27,18 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct ScalingPolicySpec { /// The name of the scaling policy. + /// + /// You cannot change the name of a scaling policy, but you can delete the original + /// scaling policy and create a new scaling policy with the same settings and + /// a different name. #[serde(rename = "policyName")] pub policy_name: String, - /// The policy type. This parameter is required if you are creating a scaling - /// policy. + /// The scaling policy type. This parameter is required if you are creating a + /// scaling policy. /// /// The following policy types are supported: /// - /// TargetTrackingScaling—Not supported for Amazon EMR + /// TargetTrackingScaling—Not supported for Amazon EMR. /// /// StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon /// Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune. @@ -47,7 +52,7 @@ pub struct ScalingPolicySpec { /// consists of the resource type and unique identifier. /// /// * ECS service - The resource type is service and the unique identifier - /// is the cluster name and service name. Example: service/default/sample-webapp. + /// is the cluster name and service name. Example: service/my-cluster/my-service. /// /// * Spot Fleet - The resource type is spot-fleet-request and the unique /// identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. @@ -97,12 +102,21 @@ pub struct ScalingPolicySpec { /// /// * Neptune cluster - The resource type is cluster and the unique identifier /// is the cluster name. Example: cluster:mycluster. + /// + /// * SageMaker serverless endpoint - The resource type is variant and the + /// unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. + /// + /// * SageMaker inference component - The resource type is inference-component + /// and the unique identifier is the resource ID. Example: inference-component/my-inference-component. + /// + /// * Pool of WorkSpaces - The resource type is workspacespool and the unique + /// identifier is the pool ID. Example: workspacespool/wspool-123456. #[serde(rename = "resourceID")] pub resource_id: String, /// The scalable dimension. This string consists of the service namespace, resource /// type, and scaling property. /// - /// * ecs:service:DesiredCount - The desired task count of an ECS service. + /// * ecs:service:DesiredCount - The task count of an ECS service. /// /// * elasticmapreduce:instancegroup:InstanceCount - The instance count of /// an EMR Instance Group. @@ -110,8 +124,7 @@ pub struct ScalingPolicySpec { /// * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot /// Fleet. /// - /// * appstream:fleet:DesiredCapacity - The desired capacity of an AppStream - /// 2.0 fleet. + /// * appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet. /// /// * dynamodb:table:ReadCapacityUnits - The provisioned read capacity for /// a DynamoDB table. @@ -130,7 +143,7 @@ pub struct ScalingPolicySpec { /// edition. /// /// * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances - /// for an SageMaker model endpoint variant. + /// for a SageMaker model endpoint variant. /// /// * custom-resource:ResourceType:Property - The scalable dimension for a /// custom resource provided by your own application or service. @@ -162,6 +175,15 @@ pub struct ScalingPolicySpec { /// /// * neptune:cluster:ReadReplicaCount - The count of read replicas in an /// Amazon Neptune DB cluster. + /// + /// * sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency + /// for a SageMaker serverless endpoint. + /// + /// * sagemaker:inference-component:DesiredCopyCount - The number of copies + /// across an endpoint for a SageMaker inference component. + /// + /// * workspaces:workspacespool:DesiredUserSessions - The number of user sessions + /// for the WorkSpaces in the pool. #[serde(rename = "scalableDimension")] pub scalable_dimension: String, /// The namespace of the Amazon Web Services service that provides the resource. @@ -210,11 +232,11 @@ pub struct ScalingPolicyStepScalingPolicyConfiguration { /// For the following examples, suppose that you have an alarm with a breach /// threshold of 50: /// -/// * To trigger the adjustment when the metric is greater than or equal to -/// 50 and less than 60, specify a lower bound of 0 and an upper bound of -/// 10. +/// * To initiate the adjustment when the metric is greater than or equal +/// to 50 and less than 60, specify a lower bound of 0 and an upper bound +/// of 10. /// -/// * To trigger the adjustment when the metric is greater than 40 and less +/// * To initiate the adjustment when the metric is greater than 40 and less /// than or equal to 50, specify a lower bound of -10 and an upper bound of /// 0. /// @@ -252,7 +274,7 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfiguration { /// policy to use with Application Auto Scaling. /// /// For information about the available metrics for a service, see Amazon Web - /// Services Services That Publish CloudWatch Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) + /// Services services that publish CloudWatch metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) /// in the Amazon CloudWatch User Guide. /// /// To create your customized metric specification: @@ -260,7 +282,7 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfiguration { /// * Add values for each required parameter from CloudWatch. You can use /// an existing metric, or a new metric that you create. To use your own metric, /// you must first publish the metric to CloudWatch. For more information, - /// see Publish Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) + /// see Publish custom metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) /// in the Amazon CloudWatch User Guide. /// /// * Choose a metric that changes proportionally with capacity. The value @@ -268,7 +290,9 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfiguration { /// number of capacity units. That is, the value of the metric should decrease /// when capacity increases, and increase when capacity decreases. /// - /// For more information about CloudWatch, see Amazon CloudWatch Concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html). + /// For more information about the CloudWatch terminology below, see Amazon CloudWatch + /// concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) + /// in the Amazon CloudWatch User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customizedMetricSpecification")] pub customized_metric_specification: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableScaleIn")] @@ -276,10 +300,8 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfiguration { /// Represents a predefined metric for a target tracking scaling policy to use /// with Application Auto Scaling. /// - /// Only the Amazon Web Services that you're using send metrics to Amazon CloudWatch. - /// To determine whether a desired metric already exists by looking up its namespace - /// and dimension using the CloudWatch metrics dashboard in the console, follow - /// the procedure in Building dashboards with CloudWatch (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html) + /// For more information, Predefined metrics for target tracking scaling policies + /// (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html#predefined-metrics) /// in the Application Auto Scaling User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "predefinedMetricSpecification")] pub predefined_metric_specification: Option, @@ -295,7 +317,7 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfiguration { /// policy to use with Application Auto Scaling. /// /// For information about the available metrics for a service, see Amazon Web -/// Services Services That Publish CloudWatch Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) +/// Services services that publish CloudWatch metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) /// in the Amazon CloudWatch User Guide. /// /// To create your customized metric specification: @@ -303,7 +325,7 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfiguration { /// * Add values for each required parameter from CloudWatch. You can use /// an existing metric, or a new metric that you create. To use your own metric, /// you must first publish the metric to CloudWatch. For more information, -/// see Publish Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) +/// see Publish custom metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) /// in the Amazon CloudWatch User Guide. /// /// * Choose a metric that changes proportionally with capacity. The value @@ -311,7 +333,9 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfiguration { /// number of capacity units. That is, the value of the metric should decrease /// when capacity increases, and increase when capacity decreases. /// -/// For more information about CloudWatch, see Amazon CloudWatch Concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html). +/// For more information about the CloudWatch terminology below, see Amazon CloudWatch +/// concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) +/// in the Amazon CloudWatch User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScalingPolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -338,10 +362,8 @@ pub struct ScalingPolicyTargetTrackingScalingPolicyConfigurationCustomizedMetric /// Represents a predefined metric for a target tracking scaling policy to use /// with Application Auto Scaling. /// -/// Only the Amazon Web Services that you're using send metrics to Amazon CloudWatch. -/// To determine whether a desired metric already exists by looking up its namespace -/// and dimension using the CloudWatch metrics dashboard in the console, follow -/// the procedure in Building dashboards with CloudWatch (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html) +/// For more information, Predefined metrics for target tracking scaling policies +/// (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html#predefined-metrics) /// in the Application Auto Scaling User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScalingPolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification { @@ -362,7 +384,7 @@ pub struct ScalingPolicyStatus { /// The CloudWatch alarms created for the target tracking scaling policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub alarms: Option>, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apicasts.rs b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apicasts.rs index af07376aa..68da69b9c 100644 --- a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apicasts.rs +++ b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apicasts.rs @@ -21,13 +21,17 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct APIcastSpec { - /// Secret reference to a Kubernetes Secret containing the admin portal endpoint URL. The Secret must be located in the same namespace. + /// Secret reference to a Kubernetes Secret containing the admin portal + /// endpoint URL. The Secret must be located in the same namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminPortalCredentialsRef")] pub admin_portal_credentials_ref: Option, - /// AllProxy specifies a HTTP(S) proxy to be used for connecting to services if a protocol-specific proxy is not specified. Authentication is not supported. Format is ://: + /// AllProxy specifies a HTTP(S) proxy to be used for connecting to services if + /// a protocol-specific proxy is not specified. Authentication is not supported. + /// Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "allProxy")] pub all_proxy: Option, - /// The period (in seconds) that the APIcast configuration will be stored in APIcast's cache. + /// The period (in seconds) that the APIcast configuration will be stored in + /// APIcast's cache. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheConfigurationSeconds")] pub cache_configuration_seconds: Option, /// CacheMaxTime indicates the maximum time to be cached. If cache-control header is not set, the time to be cached will be the defined one. @@ -45,19 +49,27 @@ pub struct APIcastSpec { /// CustomPolicies specifies an array of defined custome policies to be loaded #[serde(default, skip_serializing_if = "Option::is_none", rename = "customPolicies")] pub custom_policies: Option>, - /// DeploymentEnvironment is the environment for which the configuration will be downloaded from 3scale (Staging or Production), when using APIcast. The value will also be used in the header X-3scale-User-Agent in the authorize/report requests made to 3scale Service Management API. It is used by 3scale for statistics. + /// DeploymentEnvironment is the environment for which the configuration will + /// be downloaded from 3scale (Staging or Production), when using APIcast. + /// The value will also be used in the header X-3scale-User-Agent in the + /// authorize/report requests made to 3scale Service Management API. It is + /// used by 3scale for statistics. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentEnvironment")] pub deployment_environment: Option, - /// DNSResolverAddress can be used to specify a custom DNS resolver address to be used by OpenResty. + /// DNSResolverAddress can be used to specify a custom DNS resolver address + /// to be used by OpenResty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsResolverAddress")] pub dns_resolver_address: Option, - /// Secret reference to a Kubernetes secret containing the gateway configuration. The Secret must be located in the same namespace. + /// Secret reference to a Kubernetes secret containing the gateway + /// configuration. The Secret must be located in the same namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "embeddedConfigurationSecretRef")] pub embedded_configuration_secret_ref: Option, - /// EnabledServices can be used to specify a list of service IDs used to filter the configured services. + /// EnabledServices can be used to specify a list of service IDs used to + /// filter the configured services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledServices")] pub enabled_services: Option>, - /// ExposedHost is the domain name used for external access. By default no external access is configured. + /// ExposedHost is the domain name used for external access. By default no + /// external access is configured. #[serde(default, skip_serializing_if = "Option::is_none", rename = "exposedHost")] pub exposed_host: Option, /// ExtendedMetrics enables additional information on Prometheus metrics; some labels will be used with specific information that will provide more in-depth details about APIcast. @@ -66,7 +78,8 @@ pub struct APIcastSpec { /// Enables/disables HPA #[serde(default, skip_serializing_if = "Option::is_none")] pub hpa: Option, - /// HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. Authentication is not supported. Format is ://: + /// HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. + /// Authentication is not supported. Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpProxy")] pub http_proxy: Option, /// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. @@ -75,13 +88,16 @@ pub struct APIcastSpec { /// HttpsPort controls on which port APIcast should start listening for HTTPS connections. If this clashes with HTTP port it will be used only for HTTPS. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsPort")] pub https_port: Option, - /// HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. Authentication is not supported. Format is ://: + /// HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. + /// Authentication is not supported. Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsProxy")] pub https_proxy: Option, /// HTTPSVerifyDepth defines the maximum length of the client certificate chain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsVerifyDepth")] pub https_verify_depth: Option, - /// Image allows overriding the default APIcast gateway container image. This setting should only be used for dev/testing purposes. Setting this disables automated upgrades of the image. + /// Image allows overriding the default APIcast gateway container image. + /// This setting should only be used for dev/testing purposes. Setting + /// this disables automated upgrades of the image. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, /// LoadServicesWhenNeeded makes the configurations to be loaded lazily. APIcast will only load the ones configured for the host specified in the host header of the request. @@ -90,10 +106,14 @@ pub struct APIcastSpec { /// LogLevel controls the log level of APIcast's OpenResty logs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLevel")] pub log_level: Option, - /// ManagementAPIScope controls APIcast Management API scope. The Management API is powerful and can control the APIcast configuration. debug level should only be enabled for debugging purposes. + /// ManagementAPIScope controls APIcast Management API scope. The Management + /// API is powerful and can control the APIcast configuration. debug level + /// should only be enabled for debugging purposes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "managementAPIScope")] pub management_api_scope: Option, - /// NoProxy specifies a comma-separated list of hostnames and domain names for which the requests should not be proxied. Setting to a single * character, which matches all hosts, effectively disables the proxy. + /// NoProxy specifies a comma-separated list of hostnames and domain + /// names for which the requests should not be proxied. Setting to a single + /// * character, which matches all hosts, effectively disables the proxy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, /// OidcLogLevel allows to set the log level for the logs related to OpenID Connect integration. @@ -102,25 +122,32 @@ pub struct APIcastSpec { /// OpenSSLPeerVerificationEnabled controls OpenSSL peer verification. #[serde(default, skip_serializing_if = "Option::is_none", rename = "openSSLPeerVerificationEnabled")] pub open_ssl_peer_verification_enabled: Option, - /// OpenTelemetry contains the gateway instrumentation configuration with APIcast. + /// OpenTelemetry contains the gateway instrumentation configuration + /// with APIcast. #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTelemetry")] pub open_telemetry: Option, - /// OpenTracingSpec contains the OpenTracing integration configuration with APIcast. Deprecated + /// OpenTracingSpec contains the OpenTracing integration configuration + /// with APIcast. + /// Deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTracing")] pub open_tracing: Option, - /// PathRoutingEnabled can be used to enable APIcast's path-based routing in addition to to the default host-based routing. + /// PathRoutingEnabled can be used to enable APIcast's path-based routing + /// in addition to to the default host-based routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pathRoutingEnabled")] pub path_routing_enabled: Option, /// Number of replicas of the APIcast Deployment. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Resources can be used to set custom compute Kubernetes Resource Requirements for the APIcast deployment. + /// Resources can be used to set custom compute Kubernetes Resource + /// Requirements for the APIcast deployment. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// ResponseCodesIncluded can be set to log the response codes of the responses in Apisonator, so they can then be visualized in the 3scale admin portal. + /// ResponseCodesIncluded can be set to log the response codes of the responses + /// in Apisonator, so they can then be visualized in the 3scale admin portal. #[serde(default, skip_serializing_if = "Option::is_none", rename = "responseCodesIncluded")] pub response_codes_included: Option, - /// Kubernetes Service Account name to be used for the APIcast Deployment. The Service Account must exist beforehand. + /// Kubernetes Service Account name to be used for the APIcast Deployment. The + /// Service Account must exist beforehand. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, /// ServiceCacheSize specifies the number of services that APICast can store in the internal cache @@ -143,10 +170,13 @@ pub struct APIcastSpec { pub workers: Option, } -/// Secret reference to a Kubernetes Secret containing the admin portal endpoint URL. The Secret must be located in the same namespace. +/// Secret reference to a Kubernetes Secret containing the admin portal +/// endpoint URL. The Secret must be located in the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastAdminPortalCredentialsRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -163,15 +193,19 @@ pub enum APIcastConfigurationLoadMode { /// CustomEnvironmentSpec contains or has reference to an APIcast custom environment #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastCustomEnvironments { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(rename = "secretRef")] pub secret_ref: APIcastCustomEnvironmentsSecretRef, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastCustomEnvironmentsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -191,20 +225,26 @@ pub struct APIcastCustomPolicies { /// SecretRef specifies the secret holding the custom policy metadata and lua code #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastCustomPoliciesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// Secret reference to a Kubernetes secret containing the gateway configuration. The Secret must be located in the same namespace. +/// Secret reference to a Kubernetes secret containing the gateway +/// configuration. The Secret must be located in the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastEmbeddedConfigurationSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// ExposedHost is the domain name used for external access. By default no external access is configured. +/// ExposedHost is the domain name used for external access. By default no +/// external access is configured. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastExposedHost { pub host: String, @@ -215,10 +255,17 @@ pub struct APIcastExposedHost { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastExposedHostTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -226,7 +273,9 @@ pub struct APIcastExposedHostTls { /// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastHttpsCertificateSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -286,62 +335,92 @@ pub enum APIcastOidcLogLevel { Emerg, } -/// OpenTelemetry contains the gateway instrumentation configuration with APIcast. +/// OpenTelemetry contains the gateway instrumentation configuration +/// with APIcast. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastOpenTelemetry { - /// Enabled controls whether OpenTelemetry integration with APIcast is enabled. By default it is not enabled. + /// Enabled controls whether OpenTelemetry integration with APIcast is enabled. + /// By default it is not enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// TracingConfigSecretKey contains the key of the secret to select the configuration from. if unspecified, the first secret key in lexicographical order will be selected. + /// TracingConfigSecretKey contains the key of the secret to select the configuration from. + /// if unspecified, the first secret key in lexicographical order will be selected. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretKey")] pub tracing_config_secret_key: Option, - /// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx + /// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. + /// The configuration file specification is defined in the Nginx instrumentation library repo + /// https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretRef")] pub tracing_config_secret_ref: Option, } -/// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx +/// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. +/// The configuration file specification is defined in the Nginx instrumentation library repo +/// https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastOpenTelemetryTracingConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// OpenTracingSpec contains the OpenTracing integration configuration with APIcast. Deprecated +/// OpenTracingSpec contains the OpenTracing integration configuration +/// with APIcast. +/// Deprecated #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastOpenTracing { - /// Enabled controls whether OpenTracing integration with APIcast is enabled. By default it is not enabled. + /// Enabled controls whether OpenTracing integration with APIcast is enabled. + /// By default it is not enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// TracingConfigSecretRef contains a Secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified. + /// TracingConfigSecretRef contains a Secret reference the OpenTracing configuration. + /// Each supported tracing library provides a default configuration file + /// that is used if TracingConfig is not specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretRef")] pub tracing_config_secret_ref: Option, - /// TracingLibrary controls which OpenTracing library is loaded. At the moment the only supported tracer is `jaeger`. If not set, `jaeger` will be used. + /// TracingLibrary controls which OpenTracing library is loaded. At the moment + /// the only supported tracer is `jaeger`. If not set, `jaeger` will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingLibrary")] pub tracing_library: Option, } -/// TracingConfigSecretRef contains a Secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified. +/// TracingConfigSecretRef contains a Secret reference the OpenTracing configuration. +/// Each supported tracing library provides a default configuration file +/// that is used if TracingConfig is not specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastOpenTracingTracingConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// Resources can be used to set custom compute Kubernetes Resource Requirements for the APIcast deployment. +/// Resources can be used to set custom compute Kubernetes Resource +/// Requirements for the APIcast deployment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -349,7 +428,9 @@ pub struct APIcastResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -385,7 +466,8 @@ pub enum APIcastUpstreamRetryCases { /// APIcastStatus defines the observed state of APIcast. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIcastStatus { - /// Represents the observations of a foo's current state. Known .status.conditions.type are: "Available" + /// Represents the observations of a foo's current state. + /// Known .status.conditions.type are: "Available" #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// The image being used in the APIcast deployment. diff --git a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerbackups.rs b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerbackups.rs index 3788385f5..68769ff34 100644 --- a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerbackups.rs +++ b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerbackups.rs @@ -35,21 +35,27 @@ pub struct APIManagerBackupBackupDestination { /// PersistentVolumeClaim as backup data destination configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackupBackupDestinationPersistentVolumeClaim { - /// Resources configuration for the backup data PersistentVolumeClaim. Ignored when VolumeName field is set + /// Resources configuration for the backup data PersistentVolumeClaim. + /// Ignored when VolumeName field is set #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// Storage class to be used by the PersistentVolumeClaim. Ignored when VolumeName field is set + /// Storage class to be used by the PersistentVolumeClaim. Ignored + /// when VolumeName field is set #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClass")] pub storage_class: Option, - /// Name of an existing PersistentVolume to be bound to the backup data PersistentVolumeClaim + /// Name of an existing PersistentVolume to be bound to the + /// backup data PersistentVolumeClaim #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// Resources configuration for the backup data PersistentVolumeClaim. Ignored when VolumeName field is set +/// Resources configuration for the backup data PersistentVolumeClaim. +/// Ignored when VolumeName field is set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackupBackupDestinationPersistentVolumeClaimResources { - /// Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Storage Resource requests to be used on the PersistentVolumeClaim. + /// To learn more about resource requests see: + /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: IntOrString, } @@ -59,7 +65,8 @@ pub struct APIManagerBackupStatus { /// Name of the APIManager from which the backup has been performed #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiManagerSourceName")] pub api_manager_source_name: Option, - /// Name of the backup data PersistentVolumeClaim. Only set when PersistentVolumeClaim is used as the backup data destination + /// Name of the backup data PersistentVolumeClaim. Only set when + /// PersistentVolumeClaim is used as the backup data destination #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupPersistentVolumeClaimName")] pub backup_persistent_volume_claim_name: Option, /// Set to true when backup has been completed @@ -68,7 +75,9 @@ pub struct APIManagerBackupStatus { /// Backup completion time. It is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "completionTime")] pub completion_time: Option, - /// Set to true when main steps have been completed. At this point backup still cannot be considered fully completed due to some remaining post-backup tasks are pending (cleanup, ...) + /// Set to true when main steps have been completed. At this point + /// backup still cannot be considered fully completed due to some remaining + /// post-backup tasks are pending (cleanup, ...) #[serde(default, skip_serializing_if = "Option::is_none", rename = "mainStepsCompleted")] pub main_steps_completed: Option, /// Backup start time. It is represented in RFC3339 form and is in UTC. diff --git a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerrestores.rs b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerrestores.rs index 1155a8dd0..52a51361e 100644 --- a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerrestores.rs +++ b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagerrestores.rs @@ -18,12 +18,16 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct APIManagerRestoreSpec { - /// APIManagerRestoreSource defines the backup data restore source configurability. It is a union type. Only one of the fields can be set + /// APIManagerRestoreSource defines the backup data restore source + /// configurability. It is a union type. Only one of the fields can be + /// set #[serde(rename = "restoreSource")] pub restore_source: APIManagerRestoreRestoreSource, } -/// APIManagerRestoreSource defines the backup data restore source configurability. It is a union type. Only one of the fields can be set +/// APIManagerRestoreSource defines the backup data restore source +/// configurability. It is a union type. Only one of the fields can be +/// set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerRestoreRestoreSource { /// Restore data soure configuration @@ -34,18 +38,22 @@ pub struct APIManagerRestoreRestoreSource { /// Restore data soure configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerRestoreRestoreSourcePersistentVolumeClaim { - /// PersistentVolumeClaim source of an existing PersistentVolumeClaim. See + /// PersistentVolumeClaim source of an existing PersistentVolumeClaim. + /// See #[serde(rename = "claimSource")] pub claim_source: APIManagerRestoreRestoreSourcePersistentVolumeClaimClaimSource, } -/// PersistentVolumeClaim source of an existing PersistentVolumeClaim. See +/// PersistentVolumeClaim source of an existing PersistentVolumeClaim. +/// See #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerRestoreRestoreSourcePersistentVolumeClaimClaimSource { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -62,7 +70,9 @@ pub struct APIManagerRestoreStatus { /// Restore completion time. It is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "completionTime")] pub completion_time: Option, - /// Set to true when main steps have been completed. At this point restore still cannot be considered fully completed due to some remaining post-backup tasks are pending (cleanup, ...) + /// Set to true when main steps have been completed. At this point + /// restore still cannot be considered fully completed due to some remaining + /// post-backup tasks are pending (cleanup, ...) #[serde(default, skip_serializing_if = "Option::is_none", rename = "mainStepsCompleted")] pub main_steps_completed: Option, /// Restore start time. It is represented in RFC3339 form and is in UTC. @@ -73,7 +83,9 @@ pub struct APIManagerRestoreStatus { /// Name of the APIManager to be restored #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerRestoreStatusApiManagerToRestoreRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs index 60472719e..81e6f7c57 100644 --- a/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs +++ b/kube-custom-resources-rs/src/apps_3scale_net/v1alpha1/apimanagers.rs @@ -73,7 +73,9 @@ pub struct APIManagerApicastProductionSpec { /// Affinity is a group of affinity scheduling rules. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// AllProxy specifies a HTTP(S) proxy to be used for connecting to services if a protocol-specific proxy is not specified. Authentication is not supported. Format is ://: + /// AllProxy specifies a HTTP(S) proxy to be used for connecting to services if + /// a protocol-specific proxy is not specified. Authentication is not supported. + /// Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "allProxy")] pub all_proxy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -87,16 +89,21 @@ pub struct APIManagerApicastProductionSpec { /// Hpa specifies an array of defined HPA values #[serde(default, skip_serializing_if = "Option::is_none")] pub hpa: Option, - /// HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. Authentication is not supported. Format is ://: + /// HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. + /// Authentication is not supported. Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpProxy")] pub http_proxy: Option, - /// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. + /// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. + /// Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsCertificateSecretRef")] pub https_certificate_secret_ref: Option, - /// HttpsPort controls on which port APIcast should start listening for HTTPS connections. If this clashes with HTTP port it will be used only for HTTPS. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. + /// HttpsPort controls on which port APIcast should start listening for HTTPS connections. + /// If this clashes with HTTP port it will be used only for HTTPS. + /// Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsPort")] pub https_port: Option, - /// HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. Authentication is not supported. Format is ://: + /// HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. + /// Authentication is not supported. Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsProxy")] pub https_proxy: Option, /// HTTPSVerifyDepth defines the maximum length of the client certificate chain. @@ -106,13 +113,18 @@ pub struct APIManagerApicastProductionSpec { pub labels: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLevel")] pub log_level: Option, - /// NoProxy specifies a comma-separated list of hostnames and domain names for which the requests should not be proxied. Setting to a single * character, which matches all hosts, effectively disables the proxy. + /// NoProxy specifies a comma-separated list of hostnames and domain + /// names for which the requests should not be proxied. Setting to a single + /// * character, which matches all hosts, effectively disables the proxy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, - /// OpenTelemetry contains the gateway instrumentation configuration with APIcast. + /// OpenTelemetry contains the gateway instrumentation configuration + /// with APIcast. #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTelemetry")] pub open_telemetry: Option, - /// OpenTracing contains the OpenTracing integration configuration with APIcast in the production environment. Deprecated + /// OpenTracing contains the OpenTracing integration configuration + /// with APIcast in the production environment. + /// Deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTracing")] pub open_tracing: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] @@ -150,15 +162,28 @@ pub struct APIManagerApicastProductionSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -178,31 +203,47 @@ pub struct APIManagerApicastProductionSpecAffinityNodeAffinityPreferredDuringSch pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -210,7 +251,9 @@ pub struct APIManagerApicastProductionSpecAffinityNodeAffinityRequiredDuringSche pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -221,26 +264,38 @@ pub struct APIManagerApicastProductionSpecAffinityNodeAffinityRequiredDuringSche pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -248,10 +303,24 @@ pub struct APIManagerApicastProductionSpecAffinityNodeAffinityRequiredDuringSche /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -262,144 +331,244 @@ pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -407,10 +576,24 @@ pub struct APIManagerApicastProductionSpecAffinityPodAffinityRequiredDuringSched /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -421,144 +604,244 @@ pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuring /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -566,15 +849,19 @@ pub struct APIManagerApicastProductionSpecAffinityPodAntiAffinityRequiredDuringS /// CustomEnvironmentSpec contains or has reference to an APIcast custom environment #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecCustomEnvironments { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(rename = "secretRef")] pub secret_ref: APIManagerApicastProductionSpecCustomEnvironmentsSecretRef, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecCustomEnvironmentsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -594,15 +881,20 @@ pub struct APIManagerApicastProductionSpecCustomPolicies { /// SecretRef specifies the secret holding the custom policy metadata and lua code #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecCustomPoliciesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. +/// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. +/// Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecHttpsCertificateSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -627,46 +919,65 @@ pub enum APIManagerApicastProductionSpecLogLevel { Emerg, } -/// OpenTelemetry contains the gateway instrumentation configuration with APIcast. +/// OpenTelemetry contains the gateway instrumentation configuration +/// with APIcast. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecOpenTelemetry { - /// Enabled controls whether OpenTelemetry integration with APIcast is enabled. By default it is not enabled. + /// Enabled controls whether OpenTelemetry integration with APIcast is enabled. + /// By default it is not enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// TracingConfigSecretKey contains the key of the secret to select the configuration from. if unspecified, the first secret key in lexicographical order will be selected. + /// TracingConfigSecretKey contains the key of the secret to select the configuration from. + /// if unspecified, the first secret key in lexicographical order will be selected. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretKey")] pub tracing_config_secret_key: Option, - /// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx + /// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. + /// The configuration file specification is defined in the Nginx instrumentation library repo + /// https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretRef")] pub tracing_config_secret_ref: Option, } -/// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx +/// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. +/// The configuration file specification is defined in the Nginx instrumentation library repo +/// https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecOpenTelemetryTracingConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// OpenTracing contains the OpenTracing integration configuration with APIcast in the production environment. Deprecated +/// OpenTracing contains the OpenTracing integration configuration +/// with APIcast in the production environment. +/// Deprecated #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecOpenTracing { - /// Enabled controls whether OpenTracing integration with APIcast is enabled. By default it is not enabled. + /// Enabled controls whether OpenTracing integration with APIcast is enabled. + /// By default it is not enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified. + /// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. + /// Each supported tracing library provides a default configuration file + /// that is used if TracingConfig is not specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretRef")] pub tracing_config_secret_ref: Option, - /// TracingLibrary controls which OpenTracing library is loaded. At the moment the only supported tracer is `jaeger`. If not set, `jaeger` will be used. + /// TracingLibrary controls which OpenTracing library is loaded. At the moment + /// the only supported tracer is `jaeger`. If not set, `jaeger` will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingLibrary")] pub tracing_library: Option, } -/// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified. +/// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. +/// Each supported tracing library provides a default configuration file +/// that is used if TracingConfig is not specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecOpenTracingTracingConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -674,15 +985,25 @@ pub struct APIManagerApicastProductionSpecOpenTracingTracingConfigSecretRef { /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -690,26 +1011,38 @@ pub struct APIManagerApicastProductionSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -717,56 +1050,151 @@ pub struct APIManagerApicastProductionSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastProductionSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -776,7 +1204,9 @@ pub struct APIManagerApicastStagingSpec { /// Affinity is a group of affinity scheduling rules. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// AllProxy specifies a HTTP(S) proxy to be used for connecting to services if a protocol-specific proxy is not specified. Authentication is not supported. Format is ://: + /// AllProxy specifies a HTTP(S) proxy to be used for connecting to services if + /// a protocol-specific proxy is not specified. Authentication is not supported. + /// Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "allProxy")] pub all_proxy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -787,16 +1217,21 @@ pub struct APIManagerApicastStagingSpec { /// CustomPolicies specifies an array of defined custome policies to be loaded #[serde(default, skip_serializing_if = "Option::is_none", rename = "customPolicies")] pub custom_policies: Option>, - /// HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. Authentication is not supported. Format is ://: + /// HTTPProxy specifies a HTTP(S) Proxy to be used for connecting to HTTP services. + /// Authentication is not supported. Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpProxy")] pub http_proxy: Option, - /// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. + /// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. + /// Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsCertificateSecretRef")] pub https_certificate_secret_ref: Option, - /// HttpsPort controls on which port APIcast should start listening for HTTPS connections. If this clashes with HTTP port it will be used only for HTTPS. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. + /// HttpsPort controls on which port APIcast should start listening for HTTPS connections. + /// If this clashes with HTTP port it will be used only for HTTPS. + /// Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsPort")] pub https_port: Option, - /// HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. Authentication is not supported. Format is ://: + /// HTTPSProxy specifies a HTTP(S) Proxy to be used for connecting to HTTPS services. + /// Authentication is not supported. Format is ://: #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsProxy")] pub https_proxy: Option, /// HTTPSVerifyDepth defines the maximum length of the client certificate chain. @@ -806,13 +1241,18 @@ pub struct APIManagerApicastStagingSpec { pub labels: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLevel")] pub log_level: Option, - /// NoProxy specifies a comma-separated list of hostnames and domain names for which the requests should not be proxied. Setting to a single * character, which matches all hosts, effectively disables the proxy. + /// NoProxy specifies a comma-separated list of hostnames and domain + /// names for which the requests should not be proxied. Setting to a single + /// * character, which matches all hosts, effectively disables the proxy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, - /// OpenTelemetry contains the gateway instrumentation configuration with APIcast. + /// OpenTelemetry contains the gateway instrumentation configuration + /// with APIcast. #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTelemetry")] pub open_telemetry: Option, - /// OpenTracing contains the OpenTracing integration configuration with APIcast in the staging environment. Deprecated + /// OpenTracing contains the OpenTracing integration configuration + /// with APIcast in the staging environment. + /// Deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTracing")] pub open_tracing: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] @@ -848,15 +1288,28 @@ pub struct APIManagerApicastStagingSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -876,31 +1329,47 @@ pub struct APIManagerApicastStagingSpecAffinityNodeAffinityPreferredDuringSchedu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -908,7 +1377,9 @@ pub struct APIManagerApicastStagingSpecAffinityNodeAffinityRequiredDuringSchedul pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -919,26 +1390,38 @@ pub struct APIManagerApicastStagingSpecAffinityNodeAffinityRequiredDuringSchedul pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -946,10 +1429,24 @@ pub struct APIManagerApicastStagingSpecAffinityNodeAffinityRequiredDuringSchedul /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -960,144 +1457,244 @@ pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedul /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1105,10 +1702,24 @@ pub struct APIManagerApicastStagingSpecAffinityPodAffinityRequiredDuringScheduli /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1119,144 +1730,244 @@ pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSch /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1264,15 +1975,19 @@ pub struct APIManagerApicastStagingSpecAffinityPodAntiAffinityRequiredDuringSche /// CustomEnvironmentSpec contains or has reference to an APIcast custom environment #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecCustomEnvironments { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(rename = "secretRef")] pub secret_ref: APIManagerApicastStagingSpecCustomEnvironmentsSecretRef, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecCustomEnvironmentsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1292,15 +2007,20 @@ pub struct APIManagerApicastStagingSpecCustomPolicies { /// SecretRef specifies the secret holding the custom policy metadata and lua code #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecCustomPoliciesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. +/// HTTPSCertificateSecretRef references secret containing the X.509 certificate in the PEM format and the X.509 certificate secret key. +/// Enable TLS at APIcast pod level setting either `httpsPort` or `httpsCertificateSecretRef` fields or both. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecHttpsCertificateSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1325,46 +2045,65 @@ pub enum APIManagerApicastStagingSpecLogLevel { Emerg, } -/// OpenTelemetry contains the gateway instrumentation configuration with APIcast. +/// OpenTelemetry contains the gateway instrumentation configuration +/// with APIcast. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecOpenTelemetry { - /// Enabled controls whether OpenTelemetry integration with APIcast is enabled. By default it is not enabled. + /// Enabled controls whether OpenTelemetry integration with APIcast is enabled. + /// By default it is not enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// TracingConfigSecretKey contains the key of the secret to select the configuration from. if unspecified, the first secret key in lexicographical order will be selected. + /// TracingConfigSecretKey contains the key of the secret to select the configuration from. + /// if unspecified, the first secret key in lexicographical order will be selected. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretKey")] pub tracing_config_secret_key: Option, - /// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx + /// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. + /// The configuration file specification is defined in the Nginx instrumentation library repo + /// https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretRef")] pub tracing_config_secret_ref: Option, } -/// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. The configuration file specification is defined in the Nginx instrumentation library repo https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx +/// TracingConfigSecretRef contains a Secret reference the Opentelemetry configuration. +/// The configuration file specification is defined in the Nginx instrumentation library repo +/// https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecOpenTelemetryTracingConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// OpenTracing contains the OpenTracing integration configuration with APIcast in the staging environment. Deprecated +/// OpenTracing contains the OpenTracing integration configuration +/// with APIcast in the staging environment. +/// Deprecated #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecOpenTracing { - /// Enabled controls whether OpenTracing integration with APIcast is enabled. By default it is not enabled. + /// Enabled controls whether OpenTracing integration with APIcast is enabled. + /// By default it is not enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified. + /// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. + /// Each supported tracing library provides a default configuration file + /// that is used if TracingConfig is not specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigSecretRef")] pub tracing_config_secret_ref: Option, - /// TracingLibrary controls which OpenTracing library is loaded. At the moment the only supported tracer is `jaeger`. If not set, `jaeger` will be used. + /// TracingLibrary controls which OpenTracing library is loaded. At the moment + /// the only supported tracer is `jaeger`. If not set, `jaeger` will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingLibrary")] pub tracing_library: Option, } -/// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. Each supported tracing library provides a default configuration file that is used if TracingConfig is not specified. +/// TracingConfigSecretRef contains a secret reference the OpenTracing configuration. +/// Each supported tracing library provides a default configuration file +/// that is used if TracingConfig is not specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecOpenTracingTracingConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1372,15 +2111,25 @@ pub struct APIManagerApicastStagingSpecOpenTracingTracingConfigSecretRef { /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1388,26 +2137,38 @@ pub struct APIManagerApicastStagingSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1415,56 +2176,151 @@ pub struct APIManagerApicastStagingSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerApicastStagingSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1540,15 +2396,28 @@ pub struct APIManagerBackendCronSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -1568,31 +2437,47 @@ pub struct APIManagerBackendCronSpecAffinityNodeAffinityPreferredDuringSchedulin pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -1600,7 +2485,9 @@ pub struct APIManagerBackendCronSpecAffinityNodeAffinityRequiredDuringScheduling pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -1611,26 +2498,38 @@ pub struct APIManagerBackendCronSpecAffinityNodeAffinityRequiredDuringScheduling pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1638,10 +2537,24 @@ pub struct APIManagerBackendCronSpecAffinityNodeAffinityRequiredDuringScheduling /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1652,144 +2565,244 @@ pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1797,10 +2810,24 @@ pub struct APIManagerBackendCronSpecAffinityPodAffinityRequiredDuringSchedulingI /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1811,144 +2838,244 @@ pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1956,15 +3083,25 @@ pub struct APIManagerBackendCronSpecAffinityPodAntiAffinityRequiredDuringSchedul /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1972,26 +3109,38 @@ pub struct APIManagerBackendCronSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1999,56 +3148,151 @@ pub struct APIManagerBackendCronSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendCronSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2095,15 +3339,28 @@ pub struct APIManagerBackendListenerSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -2123,31 +3380,47 @@ pub struct APIManagerBackendListenerSpecAffinityNodeAffinityPreferredDuringSched pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -2155,7 +3428,9 @@ pub struct APIManagerBackendListenerSpecAffinityNodeAffinityRequiredDuringSchedu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -2166,26 +3441,38 @@ pub struct APIManagerBackendListenerSpecAffinityNodeAffinityRequiredDuringSchedu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2193,10 +3480,24 @@ pub struct APIManagerBackendListenerSpecAffinityNodeAffinityRequiredDuringSchedu /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -2207,144 +3508,244 @@ pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2352,10 +3753,24 @@ pub struct APIManagerBackendListenerSpecAffinityPodAffinityRequiredDuringSchedul /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -2366,144 +3781,244 @@ pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSc /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2511,15 +4026,25 @@ pub struct APIManagerBackendListenerSpecAffinityPodAntiAffinityRequiredDuringSch /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -2527,26 +4052,38 @@ pub struct APIManagerBackendListenerSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2554,56 +4091,151 @@ pub struct APIManagerBackendListenerSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendListenerSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2625,15 +4257,28 @@ pub struct APIManagerBackendRedisAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -2653,31 +4298,47 @@ pub struct APIManagerBackendRedisAffinityNodeAffinityPreferredDuringSchedulingIg pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -2685,7 +4346,9 @@ pub struct APIManagerBackendRedisAffinityNodeAffinityRequiredDuringSchedulingIgn pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -2696,26 +4359,38 @@ pub struct APIManagerBackendRedisAffinityNodeAffinityRequiredDuringSchedulingIgn pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2723,10 +4398,24 @@ pub struct APIManagerBackendRedisAffinityNodeAffinityRequiredDuringSchedulingIgn /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -2737,144 +4426,244 @@ pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgn /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2882,10 +4671,24 @@ pub struct APIManagerBackendRedisAffinityPodAffinityRequiredDuringSchedulingIgno /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -2896,144 +4699,244 @@ pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulin /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3047,15 +4950,25 @@ pub struct APIManagerBackendRedisPersistentVolumeClaim { /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3063,26 +4976,38 @@ pub struct APIManagerBackendRedisResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3090,56 +5015,151 @@ pub struct APIManagerBackendRedisTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendRedisTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3186,15 +5206,28 @@ pub struct APIManagerBackendWorkerSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -3214,31 +5247,47 @@ pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityPreferredDuringSchedul pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -3246,7 +5295,9 @@ pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityRequiredDuringScheduli pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -3257,26 +5308,38 @@ pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityRequiredDuringScheduli pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3284,10 +5347,24 @@ pub struct APIManagerBackendWorkerSpecAffinityNodeAffinityRequiredDuringScheduli /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -3298,144 +5375,244 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3443,10 +5620,24 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAffinityRequiredDuringSchedulin /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -3457,144 +5648,244 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3602,15 +5893,25 @@ pub struct APIManagerBackendWorkerSpecAffinityPodAntiAffinityRequiredDuringSched /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3618,26 +5919,38 @@ pub struct APIManagerBackendWorkerSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3645,56 +5958,151 @@ pub struct APIManagerBackendWorkerSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerBackendWorkerSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3737,10 +6145,13 @@ pub struct APIManagerHighAvailability { pub external_zync_database_enabled: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerImagePullSecrets { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3814,6 +6225,8 @@ pub struct APIManagerSystem { /// Deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "sphinxSpec")] pub sphinx_spec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemDatabaseTLSEnabled")] + pub system_database_tls_enabled: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3861,15 +6274,28 @@ pub struct APIManagerSystemAppSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -3889,31 +6315,47 @@ pub struct APIManagerSystemAppSpecAffinityNodeAffinityPreferredDuringSchedulingI pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -3921,7 +6363,9 @@ pub struct APIManagerSystemAppSpecAffinityNodeAffinityRequiredDuringSchedulingIg pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -3932,26 +6376,38 @@ pub struct APIManagerSystemAppSpecAffinityNodeAffinityRequiredDuringSchedulingIg pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3959,10 +6415,24 @@ pub struct APIManagerSystemAppSpecAffinityNodeAffinityRequiredDuringSchedulingIg /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -3973,144 +6443,244 @@ pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIg /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4118,10 +6688,24 @@ pub struct APIManagerSystemAppSpecAffinityPodAffinityRequiredDuringSchedulingIgn /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -4132,144 +6716,244 @@ pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4277,15 +6961,25 @@ pub struct APIManagerSystemAppSpecAffinityPodAntiAffinityRequiredDuringSchedulin /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecDeveloperContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4293,22 +6987,34 @@ pub struct APIManagerSystemAppSpecDeveloperContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecDeveloperContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecMasterContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4316,22 +7022,34 @@ pub struct APIManagerSystemAppSpecMasterContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecMasterContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecProviderContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4339,26 +7057,38 @@ pub struct APIManagerSystemAppSpecProviderContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecProviderContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4366,56 +7096,151 @@ pub struct APIManagerSystemAppSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemAppSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4471,15 +7296,28 @@ pub struct APIManagerSystemDatabaseMysqlAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -4499,31 +7337,47 @@ pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityPreferredDuringSched pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -4531,7 +7385,9 @@ pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityRequiredDuringSchedu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -4542,26 +7398,38 @@ pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityRequiredDuringSchedu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4569,10 +7437,24 @@ pub struct APIManagerSystemDatabaseMysqlAffinityNodeAffinityRequiredDuringSchedu /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -4583,144 +7465,244 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4728,10 +7710,24 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAffinityRequiredDuringSchedul /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -4742,151 +7738,252 @@ pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSc /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlPersistentVolumeClaim { - /// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set + /// Resources represents the minimum resources the volume should have. + /// Ignored when VolumeName field is set #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] @@ -4896,25 +7993,38 @@ pub struct APIManagerSystemDatabaseMysqlPersistentVolumeClaim { pub volume_name: Option, } -/// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set +/// Resources represents the minimum resources the volume should have. +/// Ignored when VolumeName field is set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlPersistentVolumeClaimResources { - /// Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Storage Resource requests to be used on the PersistentVolumeClaim. + /// To learn more about resource requests see: + /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: IntOrString, } /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4922,26 +8032,38 @@ pub struct APIManagerSystemDatabaseMysqlResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4949,56 +8071,151 @@ pub struct APIManagerSystemDatabaseMysqlTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabaseMysqlTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5044,15 +8261,28 @@ pub struct APIManagerSystemDatabasePostgresqlAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -5072,31 +8302,47 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityPreferredDuring pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -5104,7 +8350,9 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityRequiredDuringS pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -5115,26 +8363,38 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityRequiredDuringS pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5142,10 +8402,24 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityNodeAffinityRequiredDuringS /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -5156,144 +8430,244 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringS /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5301,10 +8675,24 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAffinityRequiredDuringSc /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -5315,151 +8703,252 @@ pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDur /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlPersistentVolumeClaim { - /// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set + /// Resources represents the minimum resources the volume should have. + /// Ignored when VolumeName field is set #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] @@ -5469,25 +8958,38 @@ pub struct APIManagerSystemDatabasePostgresqlPersistentVolumeClaim { pub volume_name: Option, } -/// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set +/// Resources represents the minimum resources the volume should have. +/// Ignored when VolumeName field is set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlPersistentVolumeClaimResources { - /// Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Storage Resource requests to be used on the PersistentVolumeClaim. + /// To learn more about resource requests see: + /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: IntOrString, } /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -5495,26 +8997,38 @@ pub struct APIManagerSystemDatabasePostgresqlResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5522,56 +9036,151 @@ pub struct APIManagerSystemDatabasePostgresqlTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemDatabasePostgresqlTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5605,7 +9214,9 @@ pub struct APIManagerSystemFileStorageAmazonSimpleStorageService { /// Deprecated #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemFileStorageAmazonSimpleStorageServiceAwsCredentialsSecret { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5613,7 +9224,8 @@ pub struct APIManagerSystemFileStorageAmazonSimpleStorageServiceAwsCredentialsSe /// Union type. Only one of the fields can be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemFileStoragePersistentVolumeClaim { - /// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set + /// Resources represents the minimum resources the volume should have. + /// Ignored when VolumeName field is set #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] @@ -5623,16 +9235,20 @@ pub struct APIManagerSystemFileStoragePersistentVolumeClaim { pub volume_name: Option, } -/// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set +/// Resources represents the minimum resources the volume should have. +/// Ignored when VolumeName field is set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemFileStoragePersistentVolumeClaimResources { - /// Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Storage Resource requests to be used on the PersistentVolumeClaim. + /// To learn more about resource requests see: + /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: IntOrString, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemFileStorageSimpleStorageService { - /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + /// LocalObjectReference contains enough information to let you locate the + /// referenced object inside the same namespace. #[serde(rename = "configurationSecretRef")] pub configuration_secret_ref: APIManagerSystemFileStorageSimpleStorageServiceConfigurationSecretRef, /// STS authentication spec @@ -5640,10 +9256,13 @@ pub struct APIManagerSystemFileStorageSimpleStorageService { pub sts: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemFileStorageSimpleStorageServiceConfigurationSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5676,15 +9295,28 @@ pub struct APIManagerSystemMemcachedAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -5704,31 +9336,47 @@ pub struct APIManagerSystemMemcachedAffinityNodeAffinityPreferredDuringSchedulin pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -5736,7 +9384,9 @@ pub struct APIManagerSystemMemcachedAffinityNodeAffinityRequiredDuringScheduling pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -5747,26 +9397,38 @@ pub struct APIManagerSystemMemcachedAffinityNodeAffinityRequiredDuringScheduling pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5774,10 +9436,24 @@ pub struct APIManagerSystemMemcachedAffinityNodeAffinityRequiredDuringScheduling /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -5788,144 +9464,244 @@ pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5933,10 +9709,24 @@ pub struct APIManagerSystemMemcachedAffinityPodAffinityRequiredDuringSchedulingI /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -5947,144 +9737,244 @@ pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6092,15 +9982,25 @@ pub struct APIManagerSystemMemcachedAffinityPodAntiAffinityRequiredDuringSchedul /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -6108,26 +10008,38 @@ pub struct APIManagerSystemMemcachedResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -6135,56 +10047,151 @@ pub struct APIManagerSystemMemcachedTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemMemcachedTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6206,15 +10213,28 @@ pub struct APIManagerSystemRedisAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -6234,31 +10254,47 @@ pub struct APIManagerSystemRedisAffinityNodeAffinityPreferredDuringSchedulingIgn pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -6266,7 +10302,9 @@ pub struct APIManagerSystemRedisAffinityNodeAffinityRequiredDuringSchedulingIgno pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -6277,26 +10315,38 @@ pub struct APIManagerSystemRedisAffinityNodeAffinityRequiredDuringSchedulingIgno pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6304,10 +10354,24 @@ pub struct APIManagerSystemRedisAffinityNodeAffinityRequiredDuringSchedulingIgno /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -6318,144 +10382,244 @@ pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgno /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6463,10 +10627,24 @@ pub struct APIManagerSystemRedisAffinityPodAffinityRequiredDuringSchedulingIgnor /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -6477,144 +10655,244 @@ pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6628,15 +10906,25 @@ pub struct APIManagerSystemRedisPersistentVolumeClaim { /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -6644,26 +10932,38 @@ pub struct APIManagerSystemRedisResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -6671,56 +10971,151 @@ pub struct APIManagerSystemRedisTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemRedisTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6766,15 +11161,28 @@ pub struct APIManagerSystemSearchdSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -6794,31 +11202,47 @@ pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityPreferredDuringSchedul pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -6826,7 +11250,9 @@ pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityRequiredDuringScheduli pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -6837,26 +11263,38 @@ pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityRequiredDuringScheduli pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6864,10 +11302,24 @@ pub struct APIManagerSystemSearchdSpecAffinityNodeAffinityRequiredDuringScheduli /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -6878,144 +11330,244 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7023,10 +11575,24 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAffinityRequiredDuringSchedulin /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -7037,151 +11603,252 @@ pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecPersistentVolumeClaim { - /// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set + /// Resources represents the minimum resources the volume should have. + /// Ignored when VolumeName field is set #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] @@ -7191,25 +11858,38 @@ pub struct APIManagerSystemSearchdSpecPersistentVolumeClaim { pub volume_name: Option, } -/// Resources represents the minimum resources the volume should have. Ignored when VolumeName field is set +/// Resources represents the minimum resources the volume should have. +/// Ignored when VolumeName field is set #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecPersistentVolumeClaimResources { - /// Storage Resource requests to be used on the PersistentVolumeClaim. To learn more about resource requests see: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Storage Resource requests to be used on the PersistentVolumeClaim. + /// To learn more about resource requests see: + /// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ pub requests: IntOrString, } /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -7217,26 +11897,38 @@ pub struct APIManagerSystemSearchdSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7244,56 +11936,151 @@ pub struct APIManagerSystemSearchdSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSearchdSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7337,15 +12124,28 @@ pub struct APIManagerSystemSidekiqSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -7365,31 +12165,47 @@ pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityPreferredDuringSchedul pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -7397,7 +12213,9 @@ pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityRequiredDuringScheduli pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -7408,26 +12226,38 @@ pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityRequiredDuringScheduli pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7435,10 +12265,24 @@ pub struct APIManagerSystemSidekiqSpecAffinityNodeAffinityRequiredDuringScheduli /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -7449,144 +12293,244 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringScheduli /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7594,10 +12538,24 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAffinityRequiredDuringSchedulin /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -7608,144 +12566,244 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSche /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7753,15 +12811,25 @@ pub struct APIManagerSystemSidekiqSpecAffinityPodAntiAffinityRequiredDuringSched /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -7769,26 +12837,38 @@ pub struct APIManagerSystemSidekiqSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7796,56 +12876,151 @@ pub struct APIManagerSystemSidekiqSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSidekiqSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7884,15 +13059,28 @@ pub struct APIManagerSystemSphinxSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -7912,31 +13100,47 @@ pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityPreferredDuringScheduli pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -7944,7 +13148,9 @@ pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityRequiredDuringSchedulin pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -7955,26 +13161,38 @@ pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityRequiredDuringSchedulin pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7982,10 +13200,24 @@ pub struct APIManagerSystemSphinxSpecAffinityNodeAffinityRequiredDuringSchedulin /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -7996,144 +13228,244 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulin /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8141,10 +13473,24 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAffinityRequiredDuringScheduling /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -8155,144 +13501,244 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSched /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8300,15 +13746,25 @@ pub struct APIManagerSystemSphinxSpecAffinityPodAntiAffinityRequiredDuringSchedu /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -8316,26 +13772,38 @@ pub struct APIManagerSystemSphinxSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -8343,56 +13811,151 @@ pub struct APIManagerSystemSphinxSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerSystemSphinxSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8418,11 +13981,15 @@ pub struct APIManagerZync { #[serde(default, skip_serializing_if = "Option::is_none", rename = "databaseTopologySpreadConstraints")] pub database_topology_spread_constraints: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "postgreSQLImage")] pub postgre_sql_image: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "queSpec")] pub que_spec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "zyncDatabaseTLSEnabled")] + pub zync_database_tls_enabled: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -8464,15 +14031,28 @@ pub struct APIManagerZyncAppSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -8492,31 +14072,47 @@ pub struct APIManagerZyncAppSpecAffinityNodeAffinityPreferredDuringSchedulingIgn pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -8524,7 +14120,9 @@ pub struct APIManagerZyncAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgno pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -8535,26 +14133,38 @@ pub struct APIManagerZyncAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgno pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8562,10 +14172,24 @@ pub struct APIManagerZyncAppSpecAffinityNodeAffinityRequiredDuringSchedulingIgno /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -8576,144 +14200,244 @@ pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgno /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8721,10 +14445,24 @@ pub struct APIManagerZyncAppSpecAffinityPodAffinityRequiredDuringSchedulingIgnor /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -8735,144 +14473,244 @@ pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8880,15 +14718,25 @@ pub struct APIManagerZyncAppSpecAffinityPodAntiAffinityRequiredDuringSchedulingI /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -8896,26 +14744,38 @@ pub struct APIManagerZyncAppSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -8923,56 +14783,151 @@ pub struct APIManagerZyncAppSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncAppSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8994,15 +14949,28 @@ pub struct APIManagerZyncDatabaseAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -9022,31 +14990,47 @@ pub struct APIManagerZyncDatabaseAffinityNodeAffinityPreferredDuringSchedulingIg pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -9054,7 +15038,9 @@ pub struct APIManagerZyncDatabaseAffinityNodeAffinityRequiredDuringSchedulingIgn pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -9065,26 +15051,38 @@ pub struct APIManagerZyncDatabaseAffinityNodeAffinityRequiredDuringSchedulingIgn pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9092,10 +15090,24 @@ pub struct APIManagerZyncDatabaseAffinityNodeAffinityRequiredDuringSchedulingIgn /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -9106,144 +15118,244 @@ pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgn /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9251,10 +15363,24 @@ pub struct APIManagerZyncDatabaseAffinityPodAffinityRequiredDuringSchedulingIgno /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -9265,144 +15391,244 @@ pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulin /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9410,15 +15636,25 @@ pub struct APIManagerZyncDatabaseAffinityPodAntiAffinityRequiredDuringScheduling /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -9426,26 +15662,38 @@ pub struct APIManagerZyncDatabaseResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -9453,56 +15701,151 @@ pub struct APIManagerZyncDatabaseTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncDatabaseTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9546,15 +15889,28 @@ pub struct APIManagerZyncQueSpecAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -9574,31 +15930,47 @@ pub struct APIManagerZyncQueSpecAffinityNodeAffinityPreferredDuringSchedulingIgn pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -9606,7 +15978,9 @@ pub struct APIManagerZyncQueSpecAffinityNodeAffinityRequiredDuringSchedulingIgno pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -9617,26 +15991,38 @@ pub struct APIManagerZyncQueSpecAffinityNodeAffinityRequiredDuringSchedulingIgno pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9644,10 +16030,24 @@ pub struct APIManagerZyncQueSpecAffinityNodeAffinityRequiredDuringSchedulingIgno /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -9658,144 +16058,244 @@ pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgno /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9803,10 +16303,24 @@ pub struct APIManagerZyncQueSpecAffinityPodAffinityRequiredDuringSchedulingIgnor /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -9817,144 +16331,244 @@ pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringScheduling /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9962,15 +16576,25 @@ pub struct APIManagerZyncQueSpecAffinityPodAntiAffinityRequiredDuringSchedulingI /// ResourceRequirements describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -9978,26 +16602,38 @@ pub struct APIManagerZyncQueSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -10005,56 +16641,151 @@ pub struct APIManagerZyncQueSpecTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerZyncQueSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -10062,7 +16793,8 @@ pub struct APIManagerZyncQueSpecTopologySpreadConstraintsLabelSelectorMatchExpre /// APIManagerStatus defines the observed state of APIManager #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIManagerStatus { - /// Current state of the APIManager resource. Conditions represent the latest available observations of an object's state + /// Current state of the APIManager resource. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// APIManager Deployments diff --git a/kube-custom-resources-rs/src/apps_emqx_io/v2beta1/emqxes.rs b/kube-custom-resources-rs/src/apps_emqx_io/v2beta1/emqxes.rs index a537360a2..374ae15e1 100644 --- a/kube-custom-resources-rs/src/apps_emqx_io/v2beta1/emqxes.rs +++ b/kube-custom-resources-rs/src/apps_emqx_io/v2beta1/emqxes.rs @@ -141,6 +141,10 @@ pub struct EMQXCoreTemplateSpec { pub lifecycle: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] + pub max_unavailable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] + pub min_available: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] pub node_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] @@ -3193,6 +3197,10 @@ pub struct EMQXReplicantTemplateSpec { pub lifecycle: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] + pub max_unavailable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] + pub min_available: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] pub node_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] diff --git a/kube-custom-resources-rs/src/apps_gitlab_com/v1beta1/gitlabs.rs b/kube-custom-resources-rs/src/apps_gitlab_com/v1beta1/gitlabs.rs index f356033fd..561570cad 100644 --- a/kube-custom-resources-rs/src/apps_gitlab_com/v1beta1/gitlabs.rs +++ b/kube-custom-resources-rs/src/apps_gitlab_com/v1beta1/gitlabs.rs @@ -36,7 +36,8 @@ pub struct GitLabChart { pub version: Option, } -/// Most recently observed status of the GitLab instance. It is read-only to the user. +/// Most recently observed status of the GitLab instance. +/// It is read-only to the user. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GitLabStatus { pub conditions: Vec, diff --git a/kube-custom-resources-rs/src/apps_gitlab_com/v1beta2/runners.rs b/kube-custom-resources-rs/src/apps_gitlab_com/v1beta2/runners.rs index a5107cbb3..04bb52704 100644 --- a/kube-custom-resources-rs/src/apps_gitlab_com/v1beta2/runners.rs +++ b/kube-custom-resources-rs/src/apps_gitlab_com/v1beta2/runners.rs @@ -51,6 +51,9 @@ pub struct RunnerSpec { /// containing the user provided config.toml #[serde(default, skip_serializing_if = "Option::is_none")] pub config: Option, + /// The maximum duration a TLS keepalive connection to the GitLab server should remain open before reconnecting. The default value is `15m` for 15 minutes. If set to `0` or lower, the connection persists as long as possible. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionMaxAge")] + pub connection_max_age: Option, /// Accepts configmap name. Provides user mechanism to inject environment /// variables in the GitLab Runner pod via the key value pairs in the ConfigMap #[serde(default, skip_serializing_if = "Option::is_none")] @@ -76,9 +79,22 @@ pub struct RunnerSpec { /// This is set to a default of 30s by operator if not set #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, + /// Option to set the metrics listen address for the runner. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenAddr")] + pub listen_addr: Option, /// Specify whether the runner should be locked to a specific project. Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none")] pub locked: Option, + /// Specifies the log format. Options are `runner`, `text`, and `json`. The default value is `runner`, which contains ANSI escape codes for coloring. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logFormat")] + pub log_format: Option, + /// Option to set the log level for the runner. + /// Valid values are "debug", "info", "warn", "error", "fatal", "panic" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLevel")] + pub log_level: Option, + /// If specified, overrides the namespace where job pods are created + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSpec")] pub pod_spec: Option>, /// Specify whether the runner should only run protected branches. Defaults to false. @@ -96,10 +112,17 @@ pub struct RunnerSpec { /// object store as GitLab Runner Cache #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, + /// Enables tracking of all system level errors to Sentry. + /// If not specified, error tracking with Sentry will be disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sentryDsn")] + pub sentry_dsn: Option, /// allow user to override service account /// used by GitLab Runner #[serde(default, skip_serializing_if = "Option::is_none")] pub serviceaccount: Option, + /// Number of seconds until the forceful shutdown operation times out and exits the process. The default value is `30`. If set to `0` or lower, the default value is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shutdownTimeout")] + pub shutdown_timeout: Option, /// List of comma separated tags to be applied to the runner /// More info: https://docs.gitlab.com/ee/ci/runners/#use-tags-to-limit-the-number-of-jobs-using-the-runner #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/clusters.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/clusters.rs index 4d6ef745a..a0001742c 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/clusters.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/clusters.rs @@ -119,12 +119,21 @@ pub struct ClusterSpec { /// Specifies the backup configuration of the Cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterBackup { + /// Specifies the backup method to use, if not set, use the first continuous method. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "continuousMethod")] + pub continuous_method: Option, /// The cron expression for the schedule. The timezone is in UTC. See https://en.wikipedia.org/wiki/Cron. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronExpression")] pub cron_expression: Option, /// Specifies whether automated backup is enabled for the Cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// Specifies whether to enable incremental backup. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "incrementalBackupEnabled")] + pub incremental_backup_enabled: Option, + /// The cron expression for the incremental backup schedule. The timezone is in UTC. See https://en.wikipedia.org/wiki/Cron. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "incrementalCronExpression")] + pub incremental_cron_expression: Option, /// Specifies the backup method to use, as defined in backupPolicy. pub method: String, /// Specifies whether to enable point-in-time recovery. @@ -196,6 +205,9 @@ pub struct ClusterComponentSpecs { /// These environment variables will be placed after the environment variables declared in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Provides fine-grained control over the spec update process of all instances. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceUpdateStrategy")] + pub instance_update_strategy: Option, /// Allows for the customization of configuration values for each instance within a Component. /// An instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps). /// While instances typically share a common configuration as defined in the ClusterComponentSpec, @@ -248,8 +260,6 @@ pub struct ClusterComponentSpecs { /// /// Setting instances to offline allows for a controlled scale-in process, preserving their data and maintaining /// ordinal consistency within the Cluster. - /// Note that offline instances and their associated resources, such as PVCs, are not automatically deleted. - /// The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineInstances")] pub offline_instances: Option>, /// Controls the concurrency of pods during initial scale up, when replacing pods on nodes, @@ -281,19 +291,16 @@ pub struct ClusterComponentSpecs { /// with other Kubernetes resources, such as modifying Pod labels or sending events. /// /// - /// Defaults: - /// To perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions. - /// The service account will be bound to a default role named "kubeblocks-cluster-pod-role" which is installed together with KubeBlocks. - /// If not specified, KubeBlocks automatically assigns a default ServiceAccount named "kb-{cluster.name}" + /// If not specified, KubeBlocks automatically creates a default ServiceAccount named + /// "kb-{componentdefinition.name}", bound to a role with rules defined in ComponentDefinition's + /// `policyRules` field. If needed (currently this means if any lifecycleAction is enabled), + /// it will also be bound to a default role named + /// "kubeblocks-cluster-pod-role", which is installed together with KubeBlocks. + /// If multiple components use the same ComponentDefinition, they will share one ServiceAccount. /// /// - /// Future Changes: - /// Future versions might change the default ServiceAccount creation strategy to one per Component, - /// potentially revising the naming to "kb-{cluster.name}-{component.name}". - /// - /// - /// Users can override the automatic ServiceAccount assignment by explicitly setting the name of - /// an existed ServiceAccount in this field. + /// If the field is not empty, the specified ServiceAccount will be used, and KubeBlocks will not + /// create a ServiceAccount. But KubeBlocks does create RoleBindings for the specified ServiceAccount. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, /// Defines a list of ServiceRef for a Component, enabling access to both external services and @@ -332,7 +339,7 @@ pub struct ClusterComponentSpecs { /// If no version is specified, the latest available version will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceVersion")] pub service_version: Option, - /// Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients. + /// Overrides services defined in referenced ComponentDefinition. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, /// Stop the Component. @@ -362,15 +369,37 @@ pub struct ClusterComponentSpecs { pub volumes: Option>, } -/// ClusterComponentConfig represents a config with its source bound. +/// ClusterComponentConfig represents a configuration for a component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsConfigs { /// ConfigMap source for the config. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// ExternalManaged indicates whether the configuration is managed by an external system. + /// When set to true, the controller will use the user-provided template and reconfigure action, + /// ignoring the default template and update behavior. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalManaged")] + pub external_managed: Option, /// The name of the config. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// The custom reconfigure action to reload the service configuration whenever changes to this config are detected. + /// + /// + /// The container executing this action has access to following variables: + /// + /// + /// - KB_CONFIG_FILES_CREATED: file1,file2... + /// - KB_CONFIG_FILES_REMOVED: file1,file2... + /// - KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2... + /// + /// + /// Note: This field is immutable once it has been set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reconfigure: Option, + /// Variables are key-value pairs for dynamic configuration values that can be provided by the user. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub variables: Option>, } /// ConfigMap source for the config. @@ -424,6 +453,273 @@ pub struct ClusterComponentSpecsConfigsConfigMapItems { pub path: String, } +/// The custom reconfigure action to reload the service configuration whenever changes to this config are detected. +/// +/// +/// The container executing this action has access to following variables: +/// +/// +/// - KB_CONFIG_FILES_CREATED: file1,file2... +/// - KB_CONFIG_FILES_REMOVED: file1,file2... +/// - KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2... +/// +/// +/// Note: This field is immutable once it has been set. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigure { + /// Defines the command to run. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Specifies the state that the cluster must reach before the Action is executed. + /// Currently, this is only applicable to the `postProvision` action. + /// + /// + /// The conditions are as follows: + /// + /// + /// - `Immediately`: Executed right after the Component object is created. + /// The readiness of the Component and its resources is not guaranteed at this stage. + /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated + /// runtime resources (e.g. Pods) are in a ready state. + /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. + /// This process does not affect the readiness state of the Component or the Cluster. + /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. + /// This execution does not alter the Component or the Cluster's state of readiness. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] + pub pre_condition: Option, + /// Defines the strategy to be taken when retrying the Action after a failure. + /// + /// + /// It specifies the conditions under which the Action should be retried and the limits to apply, + /// such as the maximum number of retries and backoff strategy. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] + pub retry_policy: Option, + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Specifies the name of the container within the same pod whose resources will be shared with the action. + /// This allows the action to utilize the specified container's resources without executing within it. + /// + /// + /// The name must match one of the containers defined in `componentDefinition.spec.runtime`. + /// + /// + /// The resources that can be shared are included: + /// + /// + /// - volume mounts + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// All actions with same image will share the same container. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// If not specified, the Action will be executed in the pod where the Action is triggered, such as the pod + /// to be removed or added; or a random pod if the Action is triggered at the component level, such as + /// post-provision or pre-terminate of the component. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureExecEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureExecEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureExecEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureExecEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterComponentSpecsConfigsReconfigureExecTargetPodSelector { + Any, + All, + Role, + Ordinal, +} + +/// Defines the strategy to be taken when retrying the Action after a failure. +/// +/// +/// It specifies the conditions under which the Action should be retried and the limits to apply, +/// such as the maximum number of retries and backoff strategy. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsConfigsReconfigureRetryPolicy { + /// Defines the maximum number of retry attempts that should be made for a given Action. + /// This value is set to 0 by default, indicating that no retries will be made. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] + pub max_retries: Option, + /// Indicates the duration of time to wait between each retry attempt. + /// This value is set to 0 by default, indicating that there will be no delay between retry attempts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")] + pub retry_interval: Option, +} + /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsEnv { @@ -520,6 +816,45 @@ pub struct ClusterComponentSpecsEnvValueFromSecretKeyRef { pub optional: Option, } +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsInstanceUpdateStrategy { + /// Specifies how the rolling update should be applied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] + pub rolling_update: Option, + /// Indicates the type of the update strategy. + /// Default is RollingUpdate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Specifies how the rolling update should be applied. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsInstanceUpdateStrategyRollingUpdate { + /// The maximum number of instances that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. The field applies to all instances. That means if there is any unavailable pod, + /// it will be counted towards MaxUnavailable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] + pub max_unavailable: Option, + /// Indicates the number of instances that should be updated during a rolling update. + /// The remaining instances will remain untouched. This is helpful in defining how many instances + /// should participate in the update process. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. + /// The default value is ComponentSpec.Replicas (i.e., update all instances). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, +} + +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterComponentSpecsInstanceUpdateStrategyType { + RollingUpdate, + OnDelete, +} + /// InstanceTemplate allows customization of individual replica configurations in a Component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstances { @@ -531,9 +866,6 @@ pub struct ClusterComponentSpecsInstances { /// Add new or override existing envs. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// Specifies an override for the first container's image in the Pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, /// Specifies a map of key-value pairs that will be merged into the Pod's existing labels. /// Values for existing keys will be overwritten, and new keys will be added. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -543,6 +875,16 @@ pub struct ClusterComponentSpecsInstances { /// using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. /// The specified name overrides any default naming conventions or patterns. pub name: String, + /// Specifies the desired Ordinals of this InstanceTemplate. + /// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. + /// + /// + /// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, + /// then the instance names generated under this InstanceTemplate would be + /// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and + /// $(cluster.name)-$(component.name)-$(template.name)-7 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ordinals: Option, /// Specifies the number of instances (Pods) to create from this InstanceTemplate. /// This field allows setting how many replicated instances of the Component, /// with the specific overrides in the InstanceTemplate, are created. @@ -556,18 +898,6 @@ pub struct ClusterComponentSpecsInstances { /// Specifies the scheduling policy for the Component. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingPolicy")] pub scheduling_policy: Option, - /// Defines VolumeClaimTemplates to override. - /// Add new or override existing volume claim templates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplates")] - pub volume_claim_templates: Option>, - /// Defines VolumeMounts to override. - /// Add new or override existing volume mounts of the first container in the Pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - /// Defines Volumes to override. - /// Add new or override existing volumes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, } /// EnvVar represents an environment variable present in a Container. @@ -666,6 +996,30 @@ pub struct ClusterComponentSpecsInstancesEnvValueFromSecretKeyRef { pub optional: Option, } +/// Specifies the desired Ordinals of this InstanceTemplate. +/// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. +/// +/// +/// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, +/// then the instance names generated under this InstanceTemplate would be +/// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and +/// $(cluster.name)-$(component.name)-$(template.name)-7 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsInstancesOrdinals { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub discrete: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ranges: Option>, +} + +/// Range represents a range with a start and an end value. +/// It is used to define a continuous segment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsInstancesOrdinalsRanges { + pub end: i32, + pub start: i32, +} + /// Specifies an override for the resource requirements of the first container in the Pod. /// This field allows for customizing resource allocation (CPU, memory, etc.) for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1624,60 +1978,67 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyTopologySpreadConstrain pub values: Option>, } +/// Specifies the configuration for the TLS certificates issuer. +/// It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. +/// The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. +/// Required when TLS is enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumeClaimTemplates { - /// Refers to the name of a volumeMount defined in either: - /// - /// - /// - `componentDefinition.spec.runtime.containers[*].volumeMounts` - /// - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated) +pub struct ClusterComponentSpecsIssuer { + /// The issuer for TLS certificates. + /// It only allows two enum values: `KubeBlocks` and `UserProvided`. /// /// - /// The value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array. + /// - `KubeBlocks` indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used. + /// - `UserProvided` means that the user is responsible for providing their own CA, Cert, and Key. + /// In this case, the user-provided CA certificate, server certificate, and private key will be used + /// for TLS communication. pub name: String, - /// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume - /// with the mount name specified in the `name` field. - /// - /// - /// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification - /// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, + /// SecretRef is the reference to the secret that contains user-provided certificates. + /// It is required when the issuer is set to `UserProvided`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, } -/// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume -/// with the mount name specified in the `name` field. -/// -/// -/// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification -/// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. +/// SecretRef is the reference to the secret that contains user-provided certificates. +/// It is required when the issuer is set to `UserProvided`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumeClaimTemplatesSpec { - /// Contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// Represents the minimum resources the volume should have. - /// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that - /// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. +pub struct ClusterComponentSpecsIssuerSecretRef { + /// Key of CA cert in Secret + pub ca: String, + /// Key of Cert in Secret + pub cert: String, + /// Key of TLS private key in Secret + pub key: String, + /// Name of the Secret that contains user-provided certificates. + pub name: String, + /// The namespace where the secret is located. + /// If not provided, the secret is assumed to be in the same namespace as the Cluster object. #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// The name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// Defines what type of volume is required by the claim, either Block or Filesystem. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, + pub namespace: Option, } -/// Represents the minimum resources the volume should have. -/// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that -/// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. +/// ClusterComponentSpec defines the specification of a Component within a Cluster. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterComponentSpecsPodUpdatePolicy { + StrictInPlace, + PreferInPlace, +} + +/// Specifies the resources required by the Component. +/// It allows defining the CPU, memory requirements and limits for the Component's containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumeClaimTemplatesSpecResources { +pub struct ClusterComponentSpecsResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1690,789 +2051,458 @@ pub struct ClusterComponentSpecsInstancesVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// VolumeMount describes a mounting of a Volume within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumeMounts { - /// Path within the container at which the volume should be mounted. Must - /// not contain ':'. - #[serde(rename = "mountPath")] - pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host - /// to container and the other way around. - /// When not set, MountPropagationNone is used. - /// This field is beta in 1.10. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - /// This must match the Name of a Volume. +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. - /// Defaults to "" (volume's root). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. - /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - /// Defaults to "" (volume's root). - /// SubPathExpr and SubPath are mutually exclusive. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, } -/// Volume represents a named volume in a pod that may be accessed by any container in the pod. +/// Specifies the scheduling policy for the Component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] - pub aws_elastic_block_store: Option, - /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] - pub azure_disk: Option, - /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] - pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cinder: Option, - /// configMap represents a configMap that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +pub struct ClusterComponentSpecsSchedulingPolicy { + /// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. #[serde(default, skip_serializing_if = "Option::is_none")] - pub csi: Option, - /// downwardAPI represents downward API about the pod that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] - pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. - /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - /// and deleted when the pod is removed. - /// - /// - /// Use this if: - /// a) the volume is only needed while the pod runs, - /// b) features of normal volumes like restoring from snapshot or capacity - /// tracking are needed, - /// c) the storage driver is specified through a storage class, and - /// d) the storage driver supports dynamic volume provisioning through - /// a PersistentVolumeClaim (see EphemeralVolumeSource for more - /// information on the connection between this volume type - /// and PersistentVolumeClaim). - /// - /// - /// Use PersistentVolumeClaim or one of the vendor-specific - /// APIs for volumes that persist for longer than the lifecycle - /// of an individual pod. + pub affinity: Option, + /// NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, + /// the scheduler simply schedules this Pod onto that node, assuming that it fits resource + /// requirements. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] + pub node_name: Option, + /// NodeSelector is a selector which must be true for the Pod to fit on a node. + /// Selector which must match a node's labels for the Pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// If specified, the Pod will be dispatched by specified scheduler. + /// If not specified, the Pod will be dispatched by default scheduler. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] + pub scheduler_name: Option, + /// Allows Pods to be scheduled onto nodes with matching taints. + /// Each toleration in the array allows the Pod to tolerate node taints based on + /// specified `key`, `value`, `effect`, and `operator`. /// /// - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - /// be used that way - see the documentation of the driver for - /// more information. + /// - The `key`, `value`, and `effect` identify the taint that the toleration matches. + /// - The `operator` determines how the toleration matches the taint. /// /// - /// A pod can use both types of ephemeral volumes and - /// persistent volumes at the same time. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ephemeral: Option, - /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub fc: Option, - /// flexVolume represents a generic volume resource that is - /// provisioned/attached using an exec based plugin. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] - pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] - pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - /// into the Pod's container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] - pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host - /// machine that is directly exposed to the container. This is generally - /// used for system agents or other privileged things that are allowed - /// to see the host machine. Most containers will NOT need this. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] - pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://examples.k8s.io/volumes/iscsi/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub iscsi: Option, - /// name of the volume. - /// Must be a DNS_LABEL and unique within the pod. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a - /// PersistentVolumeClaim in the same namespace. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] - pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] - pub portworx_volume: Option, - /// projected items for all in one resources secrets, configmaps, and downward API - #[serde(default, skip_serializing_if = "Option::is_none")] - pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/rbd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rbd: Option, - /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] - pub scale_io: Option, - /// secret represents a secret that should populate this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. #[serde(default, skip_serializing_if = "Option::is_none")] - pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] - pub vsphere_volume: Option, + pub tolerations: Option>, + /// TopologySpreadConstraints describes how a group of Pods ought to spread across topology + /// domains. Scheduler will schedule Pods in a way which abides by the constraints. + /// All topologySpreadConstraints are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] + pub topology_spread_constraints: Option>, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(rename = "volumeID")] - pub volume_id: String, +pub struct ClusterComponentSpecsSchedulingPolicyAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, } -/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesAzureDisk { - /// cachingMode is the Host Caching mode: None, Read Only, Read Write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] - pub caching_mode: Option, - /// diskName is the Name of the data disk in the blob storage - #[serde(rename = "diskName")] - pub disk_name: String, - /// diskURI is the URI of data disk in the blob storage - #[serde(rename = "diskURI")] - pub disk_uri: String, - /// fsType is Filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, } -/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretName is the name of secret that contains Azure Storage Account Name and Key - #[serde(rename = "secretName")] - pub secret_name: String, - /// shareName is the azure share Name - #[serde(rename = "shareName")] - pub share_name: String, +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - pub monitors: Vec, - /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] - pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. -/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesCephfsSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub values: Option>, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. -/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesCinder { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect - /// to OpenStack. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(rename = "volumeID")] - pub volume_id: String, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, } -/// secretRef is optional: points to a secret object containing parameters used to connect -/// to OpenStack. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesCinderSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, } -/// configMap represents a configMap that should populate this volume +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, } -/// Maps a string key to a path within a volume. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesConfigMapItems { - /// key is the key to project. +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, + pub values: Option>, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. - /// Consult with your admin for the correct name as registered in the cluster. - pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". - /// If not provided, the empty value is passed to the associated CSI driver - /// which will determine the default filesystem to apply. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing - /// sensitive information to pass to the CSI driver to complete the CSI - /// NodePublishVolume and NodeUnpublishVolume calls. - /// This field is optional, and may be empty if no secret is required. If the - /// secret object contains more than one secret, all secret references are passed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] - pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. - /// Defaults to false (read/write). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI - /// driver. Consult your driver's documentation for supported values. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] - pub volume_attributes: Option>, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing -/// sensitive information to pass to the CSI driver to complete the CSI -/// NodePublishVolume and NodeUnpublishVolume calls. -/// This field is optional, and may be empty if no secret is required. If the -/// secret object contains more than one secret, all secret references are passed. +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesCsiNodePublishSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, } -/// downwardAPI represents downward API about the pod that should populate this volume +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a - /// Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Items is a list of downward API volume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, } -/// DownwardAPIVolumeFile represents information to create the file containing the pod field +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. - /// The default is "" which means to use the node's default medium. - /// Must be an empty string (default) or Memory. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. - /// The size limit is also applicable for memory medium. - /// The maximum usage on memory medium EmptyDir would be the minimum value between - /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. - /// The default is nil which means that the limit is undefined. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] - pub size_limit: Option, + pub values: Option>, } -/// ephemeral represents a volume that is handled by a cluster storage driver. -/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, -/// and deleted when the pod is removed. -/// -/// -/// Use this if: -/// a) the volume is only needed while the pod runs, -/// b) features of normal volumes like restoring from snapshot or capacity -/// tracking are needed, -/// c) the storage driver is specified through a storage class, and -/// d) the storage driver supports dynamic volume provisioning through -/// a PersistentVolumeClaim (see EphemeralVolumeSource for more -/// information on the connection between this volume type -/// and PersistentVolumeClaim). -/// -/// -/// Use PersistentVolumeClaim or one of the vendor-specific -/// APIs for volumes that persist for longer than the lifecycle -/// of an individual pod. -/// -/// -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to -/// be used that way - see the documentation of the driver for -/// more information. -/// -/// -/// A pod can use both types of ephemeral volumes and -/// persistent volumes at the same time. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. - /// The pod in which this EphemeralVolumeSource is embedded will be the - /// owner of the PVC, i.e. the PVC will be deleted together with the - /// pod. The name of the PVC will be `-` where - /// `` is the name from the `PodSpec.Volumes` array - /// entry. Pod validation will reject the pod if the concatenated name - /// is not valid for a PVC (for example, too long). - /// - /// - /// An existing PVC with that name that is not owned by the pod - /// will *not* be used for the pod to avoid using an unrelated - /// volume by mistake. Starting the pod is then blocked until - /// the unrelated PVC is removed. If such a pre-created PVC is - /// meant to be used by the pod, the PVC has to updated with an - /// owner reference to the pod once the pod exists. Normally - /// this should not be necessary, but it may be useful when - /// manually reconstructing a broken cluster. - /// - /// - /// This field is read-only and no changes will be made by Kubernetes - /// to the PVC after it has been created. - /// - /// - /// Required, must not be nil. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] - pub volume_claim_template: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// Will be used to create a stand-alone PVC to provision the volume. -/// The pod in which this EphemeralVolumeSource is embedded will be the -/// owner of the PVC, i.e. the PVC will be deleted together with the -/// pod. The name of the PVC will be `-` where -/// `` is the name from the `PodSpec.Volumes` array -/// entry. Pod validation will reject the pod if the concatenated name -/// is not valid for a PVC (for example, too long). -/// -/// -/// An existing PVC with that name that is not owned by the pod -/// will *not* be used for the pod to avoid using an unrelated -/// volume by mistake. Starting the pod is then blocked until -/// the unrelated PVC is removed. If such a pre-created PVC is -/// meant to be used by the pod, the PVC has to updated with an -/// owner reference to the pod once the pod exists. Normally -/// this should not be necessary, but it may be useful when -/// manually reconstructing a broken cluster. -/// -/// -/// This field is read-only and no changes will be made by Kubernetes -/// to the PVC after it has been created. -/// -/// -/// Required, must not be nil. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC - /// when creating it. No other fields are allowed and will be rejected during - /// validation. +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is - /// copied unchanged into the PVC that gets created from this - /// template. The same fields as in a PersistentVolumeClaim - /// are also valid here. - pub spec: ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpec, + pub values: Option>, } -/// May contain labels and annotations that will be copied into the PVC -/// when creating it. No other fields are allowed and will be rejected during -/// validation. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub finalizers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// The specification for the PersistentVolumeClaim. The entire content is -/// copied unchanged into the PVC that gets created from this -/// template. The same fields as in a PersistentVolumeClaim -/// are also valid here. +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// dataSource field can be used to specify either: - /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - /// * An existing PVC (PersistentVolumeClaim) - /// If the provisioner or an external controller can support the specified data source, - /// it will create a new volume based on the contents of the specified data source. - /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - /// volume is desired. This may be any object from a non-empty API group (non - /// core object) or a PersistentVolumeClaim object. - /// When this field is specified, volume binding will only succeed if the type of - /// the specified object matches some installed volume populator or dynamic - /// provisioner. - /// This field will replace the functionality of the dataSource field and as such - /// if both fields are non-empty, they must have the same value. For backwards - /// compatibility, when namespace isn't specified in dataSourceRef, - /// both fields (dataSource and dataSourceRef) will be set to the same - /// value automatically if one of them is empty and the other is non-empty. - /// When namespace is specified in dataSourceRef, - /// dataSource isn't set to the same value and must be empty. - /// There are three important differences between dataSource and dataSourceRef: - /// * While dataSource only allows two specific types of objects, dataSourceRef - /// allows any non-core object, as well as PersistentVolumeClaim objects. - /// * While dataSource ignores disallowed values (dropping them), dataSourceRef - /// preserves all values, and generates an error if a disallowed value is - /// specified. - /// * While dataSource only allows local objects, dataSourceRef allows objects - /// in any namespaces. - /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. - /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - /// that are lower than previous value but must still be higher than capacity recorded in the - /// status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// selector is a label query over volumes to consider for binding. +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - /// If specified, the CSI driver will create or update the volume with the attributes defined - /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - /// will be set by the persistentvolume controller if it exists. - /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] - pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. - /// Value of Filesystem is implied when not included in claim spec. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// dataSource field can be used to specify either: -/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) -/// * An existing PVC (PersistentVolumeClaim) -/// If the provisioner or an external controller can support the specified data source, -/// it will create a new volume based on the contents of the specified data source. -/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, -/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. -/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty -/// volume is desired. This may be any object from a non-empty API group (non -/// core object) or a PersistentVolumeClaim object. -/// When this field is specified, volume binding will only succeed if the type of -/// the specified object matches some installed volume populator or dynamic -/// provisioner. -/// This field will replace the functionality of the dataSource field and as such -/// if both fields are non-empty, they must have the same value. For backwards -/// compatibility, when namespace isn't specified in dataSourceRef, -/// both fields (dataSource and dataSourceRef) will be set to the same -/// value automatically if one of them is empty and the other is non-empty. -/// When namespace is specified in dataSourceRef, -/// dataSource isn't set to the same value and must be empty. -/// There are three important differences between dataSource and dataSourceRef: -/// * While dataSource only allows two specific types of objects, dataSourceRef -/// allows any non-core object, as well as PersistentVolumeClaim objects. -/// * While dataSource ignores disallowed values (dropping them), dataSourceRef -/// preserves all values, and generates an error if a disallowed value is -/// specified. -/// * While dataSource only allows local objects, dataSourceRef allows objects -/// in any namespaces. -/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, - /// Namespace is the namespace of resource being referenced - /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// resources represents the minimum resources the volume should have. -/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements -/// that are lower than previous value but must still be higher than capacity recorded in the -/// status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, + pub values: Option>, } -/// selector is a label query over volumes to consider for binding. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -2483,7 +2513,7 @@ pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpec /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -2497,395 +2527,221 @@ pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpec pub values: Option>, } -/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesFc { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// lun is Optional: FC target lun number - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// targetWWNs is Optional: FC target worldwide names (WWNs) - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] - pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) - /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub wwids: Option>, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, } -/// flexVolume represents a generic volume resource that is -/// provisioned/attached using an exec based plugin. +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesFlexVolume { - /// driver is the name of the driver to use for this volume. - pub driver: String, - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// options is Optional: this field holds extra command options if any. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing - /// sensitive information to pass to the plugin scripts. This may be - /// empty if no secret object is specified. If the secret object - /// contains more than one secret, all secrets are passed to the plugin - /// scripts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, } -/// secretRef is Optional: secretRef is reference to the secret object containing -/// sensitive information to pass to the plugin scripts. This may be -/// empty if no secret object is specified. If the secret object -/// contains more than one secret, all secrets are passed to the plugin -/// scripts. +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesFlexVolumeSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - /// should be considered as deprecated - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] - pub dataset_name: Option, - /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] - pub dataset_uuid: Option, + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(rename = "pdName")] - pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -/// into the Pod's container. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesGitRepo { - /// directory is the target directory name. - /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - /// git repository. Otherwise, if specified, the volume will contain the git repository in - /// the subdirectory with the given name. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub directory: Option, - /// repository is the URL - pub repository: String, - /// revision is the commit hash for the specified revision. +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub revision: Option, + pub values: Option>, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub endpoints: String, - /// path is the Glusterfs volume path. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// hostPath represents a pre-existing file or directory on the host -/// machine that is directly exposed to the container. This is generally -/// used for system agents or other privileged things that are allowed -/// to see the host machine. Most containers will NOT need this. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesHostPath { - /// path of the directory on the host. - /// If the path is a symlink, it will follow the link to the real path. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - pub path: String, - /// type for HostPath Volume - /// Defaults to "" - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, } -/// iscsi represents an ISCSI Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://examples.k8s.io/volumes/iscsi/README.md +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesIscsi { - /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] - pub chap_auth_discovery: Option, - /// chapAuthSession defines whether support iSCSI Session CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] - pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. - /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - /// : will be created for the connection. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] - pub initiator_name: Option, - /// iqn is the target iSCSI Qualified Name. - pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. - /// Defaults to 'default' (tcp). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] - pub iscsi_interface: Option, - /// lun represents iSCSI Target Lun number. - pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is the CHAP Secret for iSCSI target and initiator authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(rename = "targetPortal")] - pub target_portal: String, -} - -/// secretRef is the CHAP Secret for iSCSI target and initiator authentication -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesIscsiSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// nfs represents an NFS mount on the host that shares a pod's lifetime -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesNfs { - /// path that is exported by the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// server is the hostname or IP address of the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub server: String, -} - -/// persistentVolumeClaimVolumeSource represents a reference to a -/// PersistentVolumeClaim in the same namespace. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(rename = "claimName")] - pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. - /// Default false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// pdID is the ID that identifies Photon Controller persistent disk - #[serde(rename = "pdID")] - pub pd_id: String, -} - -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesPortworxVolume { - /// fSType represents the filesystem type to mount - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID uniquely identifies a Portworx volume - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// projected items for all in one resources secrets, configmaps, and downward API -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// sources is the list of volume projections - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sources: Option>, -} - -/// Projection that may be projected along with other supported volume types -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSources { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field - /// of ClusterTrustBundle objects in an auto-updating file. - /// - /// - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// - /// - /// ClusterTrustBundle objects can either be selected by name, or by the - /// combination of signer name and a label selector. - /// - /// - /// Kubelet performs aggressive normalization of the PEM contents written - /// into the pod filesystem. Esoteric PEM features such as inter-block - /// comments and block headers are stripped. Certificates are deduplicated. - /// The ordering of certificates within the file is arbitrary, and Kubelet - /// may change the order over time. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] - pub cluster_trust_bundle: Option, - /// configMap information about the configMap data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// downwardAPI information about the downwardAPI data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// secret information about the secret data to project - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// serviceAccountToken is information about the serviceAccountToken data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] - pub service_account_token: Option, -} - -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field -/// of ClusterTrustBundle objects in an auto-updating file. -/// -/// -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// -/// -/// ClusterTrustBundle objects can either be selected by name, or by the -/// combination of signer name and a label selector. -/// -/// -/// Kubelet performs aggressive normalization of the PEM contents written -/// into the pod filesystem. Esoteric PEM features such as inter-block -/// comments and block headers are stripped. Certificates are deduplicated. -/// The ordering of certificates within the file is arbitrary, and Kubelet -/// may change the order over time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has - /// effect if signerName is set. Mutually-exclusive with name. If unset, - /// interpreted as "match nothing". If set but empty, interpreted as "match - /// everything". +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive - /// with signerName and labelSelector. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) - /// aren't available. If using name, then the named ClusterTrustBundle is - /// allowed not to exist. If using signerName, then the combination of - /// signerName and labelSelector is allowed to match zero - /// ClusterTrustBundles. + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// Relative path from the volume root to write the bundle. - pub path: String, - /// Select all ClusterTrustBundles that match this signer name. - /// Mutually-exclusive with name. The contents of all selected - /// ClusterTrustBundles will be unified and deduplicated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] - pub signer_name: Option, + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// Select all ClusterTrustBundles that match this label selector. Only has -/// effect if signerName is set. Mutually-exclusive with name. If unset, -/// interpreted as "match nothing". If set but empty, interpreted as "match -/// everything". +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -2896,7 +2752,7 @@ pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBund /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -2910,1390 +2766,1292 @@ pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBund pub values: Option>, } -/// configMap information about the configMap data to project +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// Maps a string key to a path within a volume. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesConfigMapItems { - /// key is the key to project. +pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, + pub values: Option>, } -/// downwardAPI information about the downwardAPI data to project +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesDownwardApi { - /// Items is a list of DownwardAPIVolume file +pub struct ClusterComponentSpecsSchedulingPolicyTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, + pub value: Option, } -/// DownwardAPIVolumeFile represents information to create the file containing the pod field +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, +pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. + #[serde(rename = "maxSkew")] + pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] + pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] + pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] + pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. + #[serde(rename = "topologyKey")] + pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. + #[serde(rename = "whenUnsatisfiable")] + pub when_unsatisfiable: String, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, +pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraintsLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" +pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, + pub values: Option>, } -/// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterComponentSpecsServiceRefs { + /// Specifies the name of the KubeBlocks Cluster being referenced. + /// This is used when services from another KubeBlocks Cluster are consumed. + /// + /// + /// By default, the referenced KubeBlocks Cluster's `clusterDefinition.spec.connectionCredential` + /// will be utilized to bind to the current Component. This credential should include: + /// `endpoint`, `port`, `username`, and `password`. + /// + /// + /// Note: + /// + /// + /// - The `ServiceKind` and `ServiceVersion` specified in the service reference within the + /// ClusterDefinition are not validated when using this approach. + /// - If both `cluster` and `serviceDescriptor` are present, `cluster` will take precedence. + /// + /// + /// Deprecated since v0.9 since `clusterDefinition.spec.connectionCredential` is deprecated, + /// use `clusterServiceSelector` instead. + /// This field is maintained for backward compatibility and its use is discouraged. + /// Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional field specify whether the Secret or its key must be defined + pub cluster: Option, + /// References a service provided by another KubeBlocks Cluster. + /// It specifies the ClusterService and the account credentials needed for access. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterServiceSelector")] + pub cluster_service_selector: Option, + /// Specifies the identifier of the service reference declaration. + /// It corresponds to the serviceRefDeclaration name defined in either: + /// + /// + /// - `componentDefinition.spec.serviceRefDeclarations[*].name` + /// - `clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name` (deprecated) + pub name: String, + /// Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object. + /// If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the current + /// Cluster by default. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, + pub namespace: Option, + /// Specifies the name of the ServiceDescriptor object that describes a service provided by external sources. + /// + /// + /// When referencing a service provided by external sources, a ServiceDescriptor object is required to establish + /// the service binding. + /// The `serviceDescriptor.spec.serviceKind` and `serviceDescriptor.spec.serviceVersion` should match the serviceKind + /// and serviceVersion declared in the definition. + /// + /// + /// If both `cluster` and `serviceDescriptor` are specified, the `cluster` takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDescriptor")] + pub service_descriptor: Option, } -/// Maps a string key to a path within a volume. +/// References a service provided by another KubeBlocks Cluster. +/// It specifies the ClusterService and the account credentials needed for access. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. +pub struct ClusterComponentSpecsServiceRefsClusterServiceSelector { + /// The name of the Cluster being referenced. + pub cluster: String, + /// Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster. + /// The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` + /// of the Component providing the service in the referenced Cluster. #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, + pub credential: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podFQDNs")] + pub pod_fqd_ns: Option, + /// Identifies a ClusterService from the list of Services defined in `cluster.spec.services` of the referenced Cluster. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, } -/// serviceAccountToken is information about the serviceAccountToken data to project +/// Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster. +/// The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` +/// of the Component providing the service in the referenced Cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token - /// must identify itself with an identifier specified in the audience of the - /// token, and otherwise should reject the token. The audience defaults to the - /// identifier of the apiserver. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service - /// account token. As the token approaches expiration, the kubelet volume - /// plugin will proactively rotate the service account token. The kubelet will - /// start trying to rotate the token if the token is older than 80 percent of - /// its time to live or if the token is older than 24 hours.Defaults to 1 hour - /// and must be at least 10 minutes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] - pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the - /// token into. - pub path: String, +pub struct ClusterComponentSpecsServiceRefsClusterServiceSelectorCredential { + /// The name of the Component where the credential resides in. + pub component: String, + /// The name of the credential (SystemAccount) to reference. + pub name: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesQuobyte { - /// group to map volume access to - /// Default is no group - #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services - /// specified as a string as host:port pair (multiple entries are separated with commas) - /// which acts as the central registry for volumes - pub registry: String, - /// tenant owning the given Quobyte volume in the Backend - /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tenant: Option, - /// user to map volume access to - /// Defaults to serivceaccount user +pub struct ClusterComponentSpecsServiceRefsClusterServiceSelectorPodFqdNs { + /// The name of the Component where the pods reside in. + pub component: String, + /// The role of the pods to reference. #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, - /// volume is a string that references an already created Quobyte volume by name. - pub volume: String, + pub role: Option, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/rbd/README.md +/// Identifies a ClusterService from the list of Services defined in `cluster.spec.services` of the referenced Cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// image is the rados image name. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub image: String, - /// keyring is the path to key ring for RBDUser. - /// Default is /etc/ceph/keyring. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keyring: Option, - /// monitors is a collection of Ceph monitors. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub monitors: Vec, - /// pool is the rados pool name. - /// Default is rbd. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +pub struct ClusterComponentSpecsServiceRefsClusterServiceSelectorService { + /// The name of the Component where the Service resides in. + /// + /// + /// It is required when referencing a Component's Service. #[serde(default, skip_serializing_if = "Option::is_none")] - pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided - /// overrides keyring. - /// Default is nil. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is the rados user name. - /// Default is admin. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + pub component: Option, + /// The port name of the Service to be referenced. + /// + /// + /// If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first. + /// + /// + /// If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, + /// and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, + pub port: Option, + /// The name of the Service to be referenced. + /// + /// + /// Leave it empty to reference the default Service. Set it to "headless" to reference the default headless Service. + /// + /// + /// If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, + /// and the resolved value will be presented in the following format: service1.name,service2.name... + pub service: String, } -/// secretRef is name of the authentication secret for RBDUser. If provided -/// overrides keyring. -/// Default is nil. -/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesRbdSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterComponentSpecsServices { + /// If ServiceType is LoadBalancer, cloud provider related parameters can be put here. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub annotations: Option>, + /// References the ComponentService name defined in the `componentDefinition.spec.services[*].name`. + pub name: String, + /// Indicates whether to generate individual Services for each Pod. + /// If set to true, a separate Service will be created for each Pod in the Cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podService")] + pub pod_service: Option, + /// Determines how the Service is exposed. Valid options are `ClusterIP`, `NodePort`, and `LoadBalancer`. + /// + /// + /// - `ClusterIP` allocates a Cluster-internal IP address for load-balancing to endpoints. + /// Endpoints are determined by the selector or if that is not specified, + /// they are determined by manual construction of an Endpoints object or EndpointSlice objects. + /// - `NodePort` builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the ClusterIP. + /// - `LoadBalancer` builds on NodePort and creates an external load-balancer (if supported in the current cloud) + /// which routes to the same endpoints as the ClusterIP. + /// + /// + /// Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for ClusterComponentService. + /// + /// + /// For more info, see: + /// https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] + pub service_type: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterComponentSpecsServicesServiceType { + #[serde(rename = "ClusterIP")] + ClusterIp, + NodePort, + LoadBalancer, } -/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesScaleIo { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". - /// Default is "xfs". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// gateway is the host address of the ScaleIO API Gateway. - pub gateway: String, - /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] - pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other - /// sensitive information. If this is not provided, Login operation will fail. - #[serde(rename = "secretRef")] - pub secret_ref: ClusterComponentSpecsInstancesVolumesScaleIoSecretRef, - /// sslEnabled Flag enable/disable SSL communication with Gateway, default false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] - pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - /// Default is ThinProvisioned. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] - pub storage_mode: Option, - /// storagePool is the ScaleIO Storage Pool associated with the protection domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] - pub storage_pool: Option, - /// system is the name of the storage system as configured in ScaleIO. - pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system - /// that is associated with this volume source. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// secretRef references to the secret for ScaleIO user and other -/// sensitive information. If this is not provided, Login operation will fail. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesScaleIoSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterComponentSpecsSystemAccounts { + /// Specifies whether the system account is disabled. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub disabled: Option, + /// The name of the system account. + pub name: String, + /// Specifies the policy for generating the account's password. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordConfig")] + pub password_config: Option, + /// Refers to the secret from which data will be copied to create the new account. + /// + /// + /// For user-specified passwords, the maximum length is limited to 64 bytes. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, } -/// secret represents a secret that should populate this volume. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// Specifies the policy for generating the account's password. +/// +/// +/// This field is immutable once set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values - /// for mode bits. Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// optional field specify whether the Secret or its keys must be defined +pub struct ClusterComponentSpecsSystemAccountsPasswordConfig { + /// The length of the password. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. + pub length: Option, + /// The case of the letters in the password. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "letterCase")] + pub letter_case: Option, + /// The number of digits in the password. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "numDigits")] + pub num_digits: Option, + /// The number of symbols in the password. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "numSymbols")] + pub num_symbols: Option, + /// Seed to generate the account's password. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, + pub seed: Option, } -/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesStorageos { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API - /// credentials. If not specified, default values will be attempted. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume - /// names are only unique within a namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no - /// namespace is specified then the Pod's namespace will be used. This allows the - /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - /// Set VolumeName to any name to override the default behaviour. - /// Set to "default" if you are not using namespaces within StorageOS. - /// Namespaces that do not pre-exist within StorageOS will be created. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] - pub volume_namespace: Option, +/// Specifies the policy for generating the account's password. +/// +/// +/// This field is immutable once set. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterComponentSpecsSystemAccountsPasswordConfigLetterCase { + LowerCases, + UpperCases, + MixedCases, } -/// secretRef specifies the secret to use for obtaining the StorageOS API -/// credentials. If not specified, default values will be attempted. +/// Refers to the secret from which data will be copied to create the new account. +/// +/// +/// For user-specified passwords, the maximum length is limited to 64 bytes. +/// +/// +/// This field is immutable once set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesStorageosSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterComponentSpecsSystemAccountsSecretRef { + /// The unique identifier of the secret. + pub name: String, + /// The namespace where the secret is located. + pub namespace: String, + /// The key in the secret data that contains the password. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesVsphereVolume { - /// fsType is filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] - pub storage_policy_id: Option, - /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] - pub storage_policy_name: Option, - /// volumePath is the path that identifies vSphere volume vmdk - #[serde(rename = "volumePath")] - pub volume_path: String, + pub password: Option, } -/// Specifies the configuration for the TLS certificates issuer. -/// It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. -/// The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. -/// Required when TLS is enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsIssuer { - /// The issuer for TLS certificates. - /// It only allows two enum values: `KubeBlocks` and `UserProvided`. +pub struct ClusterComponentSpecsVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, + /// Refers to the name of a volumeMount defined in either: /// /// - /// - `KubeBlocks` indicates that the self-signed TLS certificates generated by the KubeBlocks Operator will be used. - /// - `UserProvided` means that the user is responsible for providing their own CA, Cert, and Key. - /// In this case, the user-provided CA certificate, server certificate, and private key will be used - /// for TLS communication. - pub name: String, - /// SecretRef is the reference to the secret that contains user-provided certificates. - /// It is required when the issuer is set to `UserProvided`. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// SecretRef is the reference to the secret that contains user-provided certificates. -/// It is required when the issuer is set to `UserProvided`. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsIssuerSecretRef { - /// Key of CA cert in Secret - pub ca: String, - /// Key of Cert in Secret - pub cert: String, - /// Key of TLS private key in Secret - pub key: String, - /// Name of the Secret that contains user-provided certificates. - pub name: String, -} - -/// ClusterComponentSpec defines the specification of a Component within a Cluster. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterComponentSpecsPodUpdatePolicy { - StrictInPlace, - PreferInPlace, -} - -/// Specifies the resources required by the Component. -/// It allows defining the CPU, memory requirements and limits for the Component's containers. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. + /// - `componentDefinition.spec.runtime.containers[*].volumeMounts` + /// - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated) /// /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. + /// The value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array. + pub name: String, + /// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume + /// with the mount name specified in the `name` field. /// /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification + /// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, + pub spec: Option, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - -/// Specifies the scheduling policy for the Component. +/// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume +/// with the mount name specified in the `name` field. +/// +/// +/// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification +/// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicy { - /// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. +pub struct ClusterComponentSpecsVolumeClaimTemplatesSpec { + /// Contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] + pub access_modes: Option>, + /// Represents the minimum resources the volume should have. + /// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that + /// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[serde(default, skip_serializing_if = "Option::is_none")] - pub affinity: Option, - /// NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, - /// the scheduler simply schedules this Pod onto that node, assuming that it fits resource - /// requirements. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] - pub node_name: Option, - /// NodeSelector is a selector which must be true for the Pod to fit on a node. - /// Selector which must match a node's labels for the Pod to be scheduled on that node. - /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] - pub node_selector: Option>, - /// If specified, the Pod will be dispatched by specified scheduler. - /// If not specified, the Pod will be dispatched by default scheduler. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] - pub scheduler_name: Option, - /// Allows Pods to be scheduled onto nodes with matching taints. - /// Each toleration in the array allows the Pod to tolerate node taints based on - /// specified `key`, `value`, `effect`, and `operator`. - /// - /// - /// - The `key`, `value`, and `effect` identify the taint that the toleration matches. - /// - The `operator` determines how the toleration matches the taint. + pub resources: Option, + /// The name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] + pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. /// /// - /// Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tolerations: Option>, - /// TopologySpreadConstraints describes how a group of Pods ought to spread across topology - /// domains. Scheduler will schedule Pods in a way which abides by the constraints. - /// All topologySpreadConstraints are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] - pub topology_spread_constraints: Option>, -} - -/// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinity { - /// Describes node affinity scheduling rules for the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] - pub node_affinity: Option, - /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] - pub pod_affinity: Option, - /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] - pub pod_anti_affinity: Option, -} - -/// Describes node affinity scheduling rules for the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node matches the corresponding matchExpressions; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to an update), the system - /// may or may not try to eventually evict the pod from its node. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option, -} - -/// An empty preferred scheduling term matches all objects with implicit weight 0 -/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// A node selector term, associated with the corresponding weight. - pub preference: ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, - /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - pub weight: i32, -} - -/// A node selector term, associated with the corresponding weight. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { - /// A list of node selector requirements by node's labels. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, + /// Defines what type of volume is required by the claim, either Block or Filesystem. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] + pub volume_mode: Option, } -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. +/// Represents the minimum resources the volume should have. +/// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that +/// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. +pub struct ClusterComponentSpecsVolumeClaimTemplatesSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// If the affinity requirements specified by this field are not met at -/// scheduling time, the pod will not be scheduled onto the node. -/// If the affinity requirements specified by this field cease to be met -/// at some point during pod execution (e.g. due to an update), the system -/// may or may not try to eventually evict the pod from its node. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// Required. A list of node selector terms. The terms are ORed. - #[serde(rename = "nodeSelectorTerms")] - pub node_selector_terms: Vec, -} - -/// A null or empty node selector term matches no objects. The requirements of -/// them are ANDed. -/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { - /// A list of node selector requirements by node's labels. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, + pub requests: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. +/// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. +pub struct ClusterComponentSpecsVolumes { + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] + pub aws_elastic_block_store: Option, + /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] + pub azure_disk: Option, + /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] + pub azure_file: Option, + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. + pub cephfs: Option, + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to a pod label update), the - /// system may or may not try to eventually evict the pod from its node. - /// When there are multiple elements, the lists of nodes corresponding to each - /// podAffinityTerm are intersected, i.e. all terms must be satisfied. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, - /// in the range 1-100. - pub weight: i32, + pub cinder: Option, + /// configMap represents a configMap that should populate this volume + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, + /// downwardAPI represents downward API about the pod that should populate this volume + #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] + pub downward_api: Option, + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] + pub empty_dir: Option, + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ephemeral: Option, + /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub fc: Option, + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] + pub flex_volume: Option, + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + #[serde(default, skip_serializing_if = "Option::is_none")] + pub flocker: Option, + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] + pub gce_persistent_disk: Option, + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] + pub git_repo: Option, + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md + #[serde(default, skip_serializing_if = "Option::is_none")] + pub glusterfs: Option, + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] + pub host_path: Option, + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md + #[serde(default, skip_serializing_if = "Option::is_none")] + pub iscsi: Option, + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + pub name: String, + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + #[serde(default, skip_serializing_if = "Option::is_none")] + pub nfs: Option, + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] + pub persistent_volume_claim: Option, + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] + pub photon_persistent_disk: Option, + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] + pub portworx_volume: Option, + /// projected items for all in one resources secrets, configmaps, and downward API + #[serde(default, skip_serializing_if = "Option::is_none")] + pub projected: Option, + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + #[serde(default, skip_serializing_if = "Option::is_none")] + pub quobyte: Option, + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rbd: Option, + /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] + pub scale_io: Option, + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, + /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub storageos: Option, + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] + pub vsphere_volume: Option, } -/// Required. A pod affinity term, associated with the corresponding weight. +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". +pub struct ClusterComponentSpecsVolumesAwsElasticBlockStore { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, + pub partition: Option, + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + #[serde(rename = "volumeID")] + pub volume_id: String, } -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. +/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterComponentSpecsVolumesAzureDisk { + /// cachingMode is the Host Caching mode: None, Read Only, Read Write. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] + pub caching_mode: Option, + /// diskName is the Name of the data disk in the blob storage + #[serde(rename = "diskName")] + pub disk_name: String, + /// diskURI is the URI of data disk in the blob storage + #[serde(rename = "diskURI")] + pub disk_uri: String, + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterComponentSpecsVolumesAzureFile { + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretName is the name of secret that contains Azure Storage Account Name and Key + #[serde(rename = "secretName")] + pub secret_name: String, + /// shareName is the azure share Name + #[serde(rename = "shareName")] + pub share_name: String, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterComponentSpecsVolumesCephfs { + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + pub monitors: Vec, + /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, + pub path: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] + pub secret_file: Option, + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, } -/// Defines a set of pods (namely those matching the labelSelector -/// relative to the given namespace(s)) that this pod should be -/// co-located (affinity) or not co-located (anti-affinity) with, -/// where co-located is defined as running on a node whose value of -/// the label with key matches that of any node on which -/// a pod of the set of pods is running +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". +pub struct ClusterComponentSpecsVolumesCephfsSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, + pub name: Option, } -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterComponentSpecsVolumesCinder { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md + #[serde(rename = "volumeID")] + pub volume_id: String, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterComponentSpecsVolumesCinderSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, + pub name: Option, } -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. +/// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterComponentSpecsVolumesConfigMap { + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] + pub default_mode: Option, + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. +pub struct ClusterComponentSpecsVolumesConfigMapItems { + /// key is the key to project. pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the anti-affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling anti-affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the anti-affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to a pod label update), the - /// system may or may not try to eventually evict the pod from its node. - /// When there are multiple elements, the lists of nodes corresponding to each - /// podAffinityTerm are intersected, i.e. all terms must be satisfied. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, + pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. + pub path: String, } -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, - /// in the range 1-100. - pub weight: i32, +pub struct ClusterComponentSpecsVolumesCsi { + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. + pub driver: String, + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, } -/// Required. A pod affinity term, associated with the corresponding weight. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". +pub struct ClusterComponentSpecsVolumesCsiNodePublishSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, + pub name: Option, } -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. +/// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterComponentSpecsVolumesDownwardApi { + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] + pub default_mode: Option, + /// Items is a list of downward API volume file + #[serde(default, skip_serializing_if = "Option::is_none")] + pub items: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterComponentSpecsVolumesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, + pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' + pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, } -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterComponentSpecsVolumesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterComponentSpecsVolumesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, + pub divisor: Option, + /// Required: resource to select + pub resource: String, } -/// Defines a set of pods (namely those matching the labelSelector -/// relative to the given namespace(s)) that this pod should be -/// co-located (affinity) or not co-located (anti-affinity) with, -/// where co-located is defined as running on a node whose value of -/// the label with key matches that of any node on which -/// a pod of the set of pods is running +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". +pub struct ClusterComponentSpecsVolumesEmptyDir { + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, + pub medium: Option, + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] + pub size_limit: Option, } -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterComponentSpecsVolumesEphemeral { + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] + pub volume_claim_template: Option, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplate { + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, + pub metadata: Option, + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. + pub spec: ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpec, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// The pod this Toleration is attached to tolerates any taint that matches -/// the triple using the matching operator . -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. - /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + pub annotations: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] - pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. - /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + pub finalizers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - /// Operator represents a key's relationship to the value. - /// Valid operators are Exists and Equal. Defaults to Equal. - /// Exists is equivalent to wildcard for value, so that a pod can - /// tolerate all taints of a particular category. + pub labels: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] - pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be - /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - /// it is not set, which means tolerate the taint forever (do not evict). Zero and - /// negative values will be treated as 0 (evict immediately) by the system. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] - pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. - /// If the operator is Exists, the value should be empty, otherwise just a regular string. + pub name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub namespace: Option, } -/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. - /// Pods that match this label selector are counted to determine the number of pods - /// in their corresponding topology domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which - /// spreading will be calculated. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are ANDed with labelSelector - /// to select the group of existing pods over which spreading will be calculated - /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// MatchLabelKeys cannot be set when LabelSelector isn't set. - /// Keys that don't exist in the incoming pod labels will - /// be ignored. A null or empty list means only match against labelSelector. - /// - /// - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. - /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference - /// between the number of matching pods in the target topology and the global minimum. - /// The global minimum is the minimum number of matching pods in an eligible domain - /// or zero if the number of eligible domains is less than MinDomains. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 2/2/1: - /// In this case, the global minimum is 1. - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P | - /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; - /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) - /// violate MaxSkew(1). - /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. - /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence - /// to topologies that satisfy it. - /// It's a required field. Default value is 1 and 0 is not allowed. - #[serde(rename = "maxSkew")] - pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. - /// When the number of eligible domains with matching topology keys is less than minDomains, - /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. - /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, - /// this value has no effect on scheduling. - /// As a result, when the number of eligible domains is less than minDomains, - /// scheduler won't schedule more than maxSkew Pods to those domains. - /// If value is nil, the constraint behaves as if MinDomains is equal to 1. - /// Valid values are integers greater than 0. - /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// - /// - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same - /// labelSelector spread as 2/2/2: - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P P | - /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. - /// In this situation, new pod with the same labelSelector cannot be scheduled, - /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, - /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] - pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector - /// when calculating pod topology spread skew. Options are: - /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// - /// - /// If this value is nil, the behavior is equivalent to the Honor policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] - pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating - /// pod topology spread skew. Options are: - /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod - /// has a toleration, are included. - /// - Ignore: node taints are ignored. All nodes are included. - /// - /// - /// If this value is nil, the behavior is equivalent to the Ignore policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] - pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key - /// and identical values are considered to be in the same topology. - /// We consider each as a "bucket", and try to put balanced number - /// of pods into each bucket. - /// We define a domain as a particular instance of a topology. - /// Also, we define an eligible domain as a domain whose nodes meet the requirements of - /// nodeAffinityPolicy and nodeTaintsPolicy. - /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. - /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. - /// It's a required field. - #[serde(rename = "topologyKey")] - pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy - /// the spread constraint. - /// - DoNotSchedule (default) tells the scheduler not to schedule it. - /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, - /// but giving higher precedence to topologies that would help reduce the - /// skew. - /// A constraint is considered "Unsatisfiable" for an incoming pod - /// if and only if every possible node assignment for that pod would violate - /// "MaxSkew" on some topology. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 3/1/1: - /// | zone1 | zone2 | zone3 | - /// | P P P | P | P | - /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled - /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies - /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler - /// won't make it *more* imbalanced. - /// It's a required field. - #[serde(rename = "whenUnsatisfiable")] - pub when_unsatisfiable: String, +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] + pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] + pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] + pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, + /// selector is a label query over volumes to consider for binding. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] + pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] + pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, } -/// LabelSelector is used to find matching pods. -/// Pods that match this label selector are counted to determine the number of pods -/// in their corresponding topology domain. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraintsLabelSelector { +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, +} + +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// selector is a label query over volumes to consider for binding. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -4304,7 +4062,7 @@ pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraintsLabelSe /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { +pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -4318,3487 +4076,750 @@ pub struct ClusterComponentSpecsSchedulingPolicyTopologySpreadConstraintsLabelSe pub values: Option>, } +/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsServiceRefs { - /// Specifies the name of the KubeBlocks Cluster being referenced. - /// This is used when services from another KubeBlocks Cluster are consumed. - /// - /// - /// By default, the referenced KubeBlocks Cluster's `clusterDefinition.spec.connectionCredential` - /// will be utilized to bind to the current Component. This credential should include: - /// `endpoint`, `port`, `username`, and `password`. - /// - /// - /// Note: - /// - /// - /// - The `ServiceKind` and `ServiceVersion` specified in the service reference within the - /// ClusterDefinition are not validated when using this approach. - /// - If both `cluster` and `serviceDescriptor` are present, `cluster` will take precedence. - /// - /// - /// Deprecated since v0.9 since `clusterDefinition.spec.connectionCredential` is deprecated, - /// use `clusterServiceSelector` instead. - /// This field is maintained for backward compatibility and its use is discouraged. - /// Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. +pub struct ClusterComponentSpecsVolumesFc { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] - pub cluster: Option, - /// References a service provided by another KubeBlocks Cluster. - /// It specifies the ClusterService and the account credentials needed for access. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterServiceSelector")] - pub cluster_service_selector: Option, - /// Specifies the identifier of the service reference declaration. - /// It corresponds to the serviceRefDeclaration name defined in either: - /// - /// - /// - `componentDefinition.spec.serviceRefDeclarations[*].name` - /// - `clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name` (deprecated) - pub name: String, - /// Specifies the namespace of the referenced Cluster or the namespace of the referenced ServiceDescriptor object. - /// If not provided, the referenced Cluster and ServiceDescriptor will be searched in the namespace of the current - /// Cluster by default. + pub lun: Option, + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// targetWWNs is Optional: FC target worldwide names (WWNs) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] + pub target_ww_ns: Option>, + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, - /// Specifies the name of the ServiceDescriptor object that describes a service provided by external sources. - /// - /// - /// When referencing a service provided by external sources, a ServiceDescriptor object is required to establish - /// the service binding. - /// The `serviceDescriptor.spec.serviceKind` and `serviceDescriptor.spec.serviceVersion` should match the serviceKind - /// and serviceVersion declared in the definition. - /// - /// - /// If both `cluster` and `serviceDescriptor` are specified, the `cluster` takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDescriptor")] - pub service_descriptor: Option, + pub wwids: Option>, } -/// References a service provided by another KubeBlocks Cluster. -/// It specifies the ClusterService and the account credentials needed for access. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsServiceRefsClusterServiceSelector { - /// The name of the Cluster being referenced. - pub cluster: String, - /// Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster. - /// The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` - /// of the Component providing the service in the referenced Cluster. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub credential: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podFQDNs")] - pub pod_fqd_ns: Option, - /// Identifies a ClusterService from the list of Services defined in `cluster.spec.services` of the referenced Cluster. +pub struct ClusterComponentSpecsVolumesFlexVolume { + /// driver is the name of the driver to use for this volume. + pub driver: String, + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, + pub options: Option>, + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, } -/// Specifies the SystemAccount to authenticate and establish a connection with the referenced Cluster. -/// The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` -/// of the Component providing the service in the referenced Cluster. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsServiceRefsClusterServiceSelectorCredential { - /// The name of the Component where the credential resides in. - pub component: String, - /// The name of the credential (SystemAccount) to reference. - pub name: String, +pub struct ClusterComponentSpecsVolumesFlexVolumeSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, } +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsServiceRefsClusterServiceSelectorPodFqdNs { - /// The name of the Component where the pods reside in. - pub component: String, - /// The role of the pods to reference. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, +pub struct ClusterComponentSpecsVolumesFlocker { + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated + #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] + pub dataset_name: Option, + /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset + #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] + pub dataset_uuid: Option, } -/// Identifies a ClusterService from the list of Services defined in `cluster.spec.services` of the referenced Cluster. +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsServiceRefsClusterServiceSelectorService { - /// The name of the Component where the Service resides in. - /// - /// - /// It is required when referencing a Component's Service. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub component: Option, - /// The port name of the Service to be referenced. - /// - /// - /// If there is a non-zero node-port exist for the matched Service port, the node-port will be selected first. - /// - /// - /// If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, - /// and the resolved value will be presented in the following format: service1.name:port1,service2.name:port2... +pub struct ClusterComponentSpecsVolumesGcePersistentDisk { + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// The name of the Service to be referenced. - /// - /// - /// Leave it empty to reference the default Service. Set it to "headless" to reference the default headless Service. - /// - /// - /// If the referenced Service is of pod-service type (a Service per Pod), there will be multiple Service objects matched, - /// and the resolved value will be presented in the following format: service1.name,service2.name... - pub service: String, + pub partition: Option, + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + #[serde(rename = "pdName")] + pub pd_name: String, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, } +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsServices { - /// If ServiceType is LoadBalancer, cloud provider related parameters can be put here. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. +pub struct ClusterComponentSpecsVolumesGitRepo { + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - /// References the ComponentService name defined in the `componentDefinition.spec.services[*].name`. - pub name: String, - /// Indicates whether to generate individual Services for each Pod. - /// If set to true, a separate Service will be created for each Pod in the Cluster. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podService")] - pub pod_service: Option, - /// Determines how the Service is exposed. Valid options are `ClusterIP`, `NodePort`, and `LoadBalancer`. - /// - /// - /// - `ClusterIP` allocates a Cluster-internal IP address for load-balancing to endpoints. - /// Endpoints are determined by the selector or if that is not specified, - /// they are determined by manual construction of an Endpoints object or EndpointSlice objects. - /// - `NodePort` builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the ClusterIP. - /// - `LoadBalancer` builds on NodePort and creates an external load-balancer (if supported in the current cloud) - /// which routes to the same endpoints as the ClusterIP. - /// - /// - /// Note: although K8s Service type allows the 'ExternalName' type, it is not a valid option for ClusterComponentService. - /// - /// - /// For more info, see: - /// https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] - pub service_type: Option, + pub directory: Option, + /// repository is the URL + pub repository: String, + /// revision is the commit hash for the specified revision. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub revision: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterComponentSpecsServicesServiceType { - #[serde(rename = "ClusterIP")] - ClusterIp, - NodePort, - LoadBalancer, +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesGlusterfs { + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + pub endpoints: String, + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + pub path: String, + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, } +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSystemAccounts { - /// The name of the system account. - pub name: String, - /// Specifies the policy for generating the account's password. - /// - /// - /// This field is immutable once set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordConfig")] - pub password_config: Option, - /// Refers to the secret from which data will be copied to create the new account. - /// - /// - /// This field is immutable once set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// Specifies the policy for generating the account's password. -/// -/// -/// This field is immutable once set. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSystemAccountsPasswordConfig { - /// The length of the password. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub length: Option, - /// The case of the letters in the password. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "letterCase")] - pub letter_case: Option, - /// The number of digits in the password. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "numDigits")] - pub num_digits: Option, - /// The number of symbols in the password. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "numSymbols")] - pub num_symbols: Option, - /// Seed to generate the account's password. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub seed: Option, -} - -/// Specifies the policy for generating the account's password. -/// -/// -/// This field is immutable once set. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterComponentSpecsSystemAccountsPasswordConfigLetterCase { - LowerCases, - UpperCases, - MixedCases, -} - -/// Refers to the secret from which data will be copied to create the new account. -/// -/// -/// This field is immutable once set. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsSystemAccountsSecretRef { - /// The unique identifier of the secret. - pub name: String, - /// The namespace where the secret is located. - pub namespace: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumeClaimTemplates { - /// Refers to the name of a volumeMount defined in either: - /// - /// - /// - `componentDefinition.spec.runtime.containers[*].volumeMounts` - /// - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated) - /// - /// - /// The value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array. - pub name: String, - /// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume - /// with the mount name specified in the `name` field. - /// - /// - /// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification - /// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, +pub struct ClusterComponentSpecsVolumesHostPath { + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + pub path: String, + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, } -/// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume -/// with the mount name specified in the `name` field. -/// -/// -/// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification -/// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumeClaimTemplatesSpec { - /// Contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// Represents the minimum resources the volume should have. - /// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that - /// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. +pub struct ClusterComponentSpecsVolumesIscsi { + /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] + pub chap_auth_discovery: Option, + /// chapAuthSession defines whether support iSCSI Session CHAP authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] + pub chap_auth_session: Option, + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] + pub initiator_name: Option, + /// iqn is the target iSCSI Qualified Name. + pub iqn: String, + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] + pub iscsi_interface: Option, + /// lun represents iSCSI Target Lun number. + pub lun: i32, + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// The name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// Defines what type of volume is required by the claim, either Block or Filesystem. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, + pub portals: Option>, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretRef is the CHAP Secret for iSCSI target and initiator authentication + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). + #[serde(rename = "targetPortal")] + pub target_portal: String, } -/// Represents the minimum resources the volume should have. -/// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that -/// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. +/// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumeClaimTemplatesSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +pub struct ClusterComponentSpecsVolumesIscsiSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, + pub name: Option, } - -/// Volume represents a named volume in a pod that may be accessed by any container in the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] - pub aws_elastic_block_store: Option, - /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] - pub azure_disk: Option, - /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] - pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cinder: Option, - /// configMap represents a configMap that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub csi: Option, - /// downwardAPI represents downward API about the pod that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] - pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. - /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - /// and deleted when the pod is removed. - /// - /// - /// Use this if: - /// a) the volume is only needed while the pod runs, - /// b) features of normal volumes like restoring from snapshot or capacity - /// tracking are needed, - /// c) the storage driver is specified through a storage class, and - /// d) the storage driver supports dynamic volume provisioning through - /// a PersistentVolumeClaim (see EphemeralVolumeSource for more - /// information on the connection between this volume type - /// and PersistentVolumeClaim). - /// - /// - /// Use PersistentVolumeClaim or one of the vendor-specific - /// APIs for volumes that persist for longer than the lifecycle - /// of an individual pod. - /// - /// - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - /// be used that way - see the documentation of the driver for - /// more information. - /// - /// - /// A pod can use both types of ephemeral volumes and - /// persistent volumes at the same time. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ephemeral: Option, - /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub fc: Option, - /// flexVolume represents a generic volume resource that is - /// provisioned/attached using an exec based plugin. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] - pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] - pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - /// into the Pod's container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] - pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host - /// machine that is directly exposed to the container. This is generally - /// used for system agents or other privileged things that are allowed - /// to see the host machine. Most containers will NOT need this. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] - pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://examples.k8s.io/volumes/iscsi/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub iscsi: Option, - /// name of the volume. - /// Must be a DNS_LABEL and unique within the pod. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a - /// PersistentVolumeClaim in the same namespace. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] - pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] - pub portworx_volume: Option, - /// projected items for all in one resources secrets, configmaps, and downward API - #[serde(default, skip_serializing_if = "Option::is_none")] - pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/rbd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rbd: Option, - /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] - pub scale_io: Option, - /// secret represents a secret that should populate this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] - pub vsphere_volume: Option, -} - -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesAzureDisk { - /// cachingMode is the Host Caching mode: None, Read Only, Read Write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] - pub caching_mode: Option, - /// diskName is the Name of the data disk in the blob storage - #[serde(rename = "diskName")] - pub disk_name: String, - /// diskURI is the URI of data disk in the blob storage - #[serde(rename = "diskURI")] - pub disk_uri: String, - /// fsType is Filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretName is the name of secret that contains Azure Storage Account Name and Key - #[serde(rename = "secretName")] - pub secret_name: String, - /// shareName is the azure share Name - #[serde(rename = "shareName")] - pub share_name: String, -} - -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - pub monitors: Vec, - /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] - pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. -/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesCephfsSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// cinder represents a cinder volume attached and mounted on kubelets host machine. -/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesCinder { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect - /// to OpenStack. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// secretRef is optional: points to a secret object containing parameters used to connect -/// to OpenStack. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesCinderSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// configMap represents a configMap that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. - /// Consult with your admin for the correct name as registered in the cluster. - pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". - /// If not provided, the empty value is passed to the associated CSI driver - /// which will determine the default filesystem to apply. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing - /// sensitive information to pass to the CSI driver to complete the CSI - /// NodePublishVolume and NodeUnpublishVolume calls. - /// This field is optional, and may be empty if no secret is required. If the - /// secret object contains more than one secret, all secret references are passed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] - pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. - /// Defaults to false (read/write). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI - /// driver. Consult your driver's documentation for supported values. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] - pub volume_attributes: Option>, -} - -/// nodePublishSecretRef is a reference to the secret object containing -/// sensitive information to pass to the CSI driver to complete the CSI -/// NodePublishVolume and NodeUnpublishVolume calls. -/// This field is optional, and may be empty if no secret is required. If the -/// secret object contains more than one secret, all secret references are passed. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesCsiNodePublishSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// downwardAPI represents downward API about the pod that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a - /// Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Items is a list of downward API volume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// emptyDir represents a temporary directory that shares a pod's lifetime. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. - /// The default is "" which means to use the node's default medium. - /// Must be an empty string (default) or Memory. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none")] - pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. - /// The size limit is also applicable for memory medium. - /// The maximum usage on memory medium EmptyDir would be the minimum value between - /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. - /// The default is nil which means that the limit is undefined. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] - pub size_limit: Option, -} - -/// ephemeral represents a volume that is handled by a cluster storage driver. -/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, -/// and deleted when the pod is removed. -/// -/// -/// Use this if: -/// a) the volume is only needed while the pod runs, -/// b) features of normal volumes like restoring from snapshot or capacity -/// tracking are needed, -/// c) the storage driver is specified through a storage class, and -/// d) the storage driver supports dynamic volume provisioning through -/// a PersistentVolumeClaim (see EphemeralVolumeSource for more -/// information on the connection between this volume type -/// and PersistentVolumeClaim). -/// -/// -/// Use PersistentVolumeClaim or one of the vendor-specific -/// APIs for volumes that persist for longer than the lifecycle -/// of an individual pod. -/// -/// -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to -/// be used that way - see the documentation of the driver for -/// more information. -/// -/// -/// A pod can use both types of ephemeral volumes and -/// persistent volumes at the same time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. - /// The pod in which this EphemeralVolumeSource is embedded will be the - /// owner of the PVC, i.e. the PVC will be deleted together with the - /// pod. The name of the PVC will be `-` where - /// `` is the name from the `PodSpec.Volumes` array - /// entry. Pod validation will reject the pod if the concatenated name - /// is not valid for a PVC (for example, too long). - /// - /// - /// An existing PVC with that name that is not owned by the pod - /// will *not* be used for the pod to avoid using an unrelated - /// volume by mistake. Starting the pod is then blocked until - /// the unrelated PVC is removed. If such a pre-created PVC is - /// meant to be used by the pod, the PVC has to updated with an - /// owner reference to the pod once the pod exists. Normally - /// this should not be necessary, but it may be useful when - /// manually reconstructing a broken cluster. - /// - /// - /// This field is read-only and no changes will be made by Kubernetes - /// to the PVC after it has been created. - /// - /// - /// Required, must not be nil. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] - pub volume_claim_template: Option, -} - -/// Will be used to create a stand-alone PVC to provision the volume. -/// The pod in which this EphemeralVolumeSource is embedded will be the -/// owner of the PVC, i.e. the PVC will be deleted together with the -/// pod. The name of the PVC will be `-` where -/// `` is the name from the `PodSpec.Volumes` array -/// entry. Pod validation will reject the pod if the concatenated name -/// is not valid for a PVC (for example, too long). -/// -/// -/// An existing PVC with that name that is not owned by the pod -/// will *not* be used for the pod to avoid using an unrelated -/// volume by mistake. Starting the pod is then blocked until -/// the unrelated PVC is removed. If such a pre-created PVC is -/// meant to be used by the pod, the PVC has to updated with an -/// owner reference to the pod once the pod exists. Normally -/// this should not be necessary, but it may be useful when -/// manually reconstructing a broken cluster. -/// -/// -/// This field is read-only and no changes will be made by Kubernetes -/// to the PVC after it has been created. -/// -/// -/// Required, must not be nil. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC - /// when creating it. No other fields are allowed and will be rejected during - /// validation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is - /// copied unchanged into the PVC that gets created from this - /// template. The same fields as in a PersistentVolumeClaim - /// are also valid here. - pub spec: ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpec, -} - -/// May contain labels and annotations that will be copied into the PVC -/// when creating it. No other fields are allowed and will be rejected during -/// validation. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub finalizers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// The specification for the PersistentVolumeClaim. The entire content is -/// copied unchanged into the PVC that gets created from this -/// template. The same fields as in a PersistentVolumeClaim -/// are also valid here. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// dataSource field can be used to specify either: - /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - /// * An existing PVC (PersistentVolumeClaim) - /// If the provisioner or an external controller can support the specified data source, - /// it will create a new volume based on the contents of the specified data source. - /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - /// volume is desired. This may be any object from a non-empty API group (non - /// core object) or a PersistentVolumeClaim object. - /// When this field is specified, volume binding will only succeed if the type of - /// the specified object matches some installed volume populator or dynamic - /// provisioner. - /// This field will replace the functionality of the dataSource field and as such - /// if both fields are non-empty, they must have the same value. For backwards - /// compatibility, when namespace isn't specified in dataSourceRef, - /// both fields (dataSource and dataSourceRef) will be set to the same - /// value automatically if one of them is empty and the other is non-empty. - /// When namespace is specified in dataSourceRef, - /// dataSource isn't set to the same value and must be empty. - /// There are three important differences between dataSource and dataSourceRef: - /// * While dataSource only allows two specific types of objects, dataSourceRef - /// allows any non-core object, as well as PersistentVolumeClaim objects. - /// * While dataSource ignores disallowed values (dropping them), dataSourceRef - /// preserves all values, and generates an error if a disallowed value is - /// specified. - /// * While dataSource only allows local objects, dataSourceRef allows objects - /// in any namespaces. - /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. - /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - /// that are lower than previous value but must still be higher than capacity recorded in the - /// status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// selector is a label query over volumes to consider for binding. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - /// If specified, the CSI driver will create or update the volume with the attributes defined - /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - /// will be set by the persistentvolume controller if it exists. - /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] - pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. - /// Value of Filesystem is implied when not included in claim spec. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// dataSource field can be used to specify either: -/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) -/// * An existing PVC (PersistentVolumeClaim) -/// If the provisioner or an external controller can support the specified data source, -/// it will create a new volume based on the contents of the specified data source. -/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, -/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. -/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty -/// volume is desired. This may be any object from a non-empty API group (non -/// core object) or a PersistentVolumeClaim object. -/// When this field is specified, volume binding will only succeed if the type of -/// the specified object matches some installed volume populator or dynamic -/// provisioner. -/// This field will replace the functionality of the dataSource field and as such -/// if both fields are non-empty, they must have the same value. For backwards -/// compatibility, when namespace isn't specified in dataSourceRef, -/// both fields (dataSource and dataSourceRef) will be set to the same -/// value automatically if one of them is empty and the other is non-empty. -/// When namespace is specified in dataSourceRef, -/// dataSource isn't set to the same value and must be empty. -/// There are three important differences between dataSource and dataSourceRef: -/// * While dataSource only allows two specific types of objects, dataSourceRef -/// allows any non-core object, as well as PersistentVolumeClaim objects. -/// * While dataSource ignores disallowed values (dropping them), dataSourceRef -/// preserves all values, and generates an error if a disallowed value is -/// specified. -/// * While dataSource only allows local objects, dataSourceRef allows objects -/// in any namespaces. -/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, - /// Namespace is the namespace of resource being referenced - /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// resources represents the minimum resources the volume should have. -/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements -/// that are lower than previous value but must still be higher than capacity recorded in the -/// status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// selector is a label query over volumes to consider for binding. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesFc { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// lun is Optional: FC target lun number - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// targetWWNs is Optional: FC target worldwide names (WWNs) - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] - pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) - /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub wwids: Option>, -} - -/// flexVolume represents a generic volume resource that is -/// provisioned/attached using an exec based plugin. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesFlexVolume { - /// driver is the name of the driver to use for this volume. - pub driver: String, - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// options is Optional: this field holds extra command options if any. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing - /// sensitive information to pass to the plugin scripts. This may be - /// empty if no secret object is specified. If the secret object - /// contains more than one secret, all secrets are passed to the plugin - /// scripts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// secretRef is Optional: secretRef is reference to the secret object containing -/// sensitive information to pass to the plugin scripts. This may be -/// empty if no secret object is specified. If the secret object -/// contains more than one secret, all secrets are passed to the plugin -/// scripts. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesFlexVolumeSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - /// should be considered as deprecated - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] - pub dataset_name: Option, - /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] - pub dataset_uuid: Option, -} - -/// gcePersistentDisk represents a GCE Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(rename = "pdName")] - pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -/// into the Pod's container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesGitRepo { - /// directory is the target directory name. - /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - /// git repository. Otherwise, if specified, the volume will contain the git repository in - /// the subdirectory with the given name. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub directory: Option, - /// repository is the URL - pub repository: String, - /// revision is the commit hash for the specified revision. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub revision: Option, -} - -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/glusterfs/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub endpoints: String, - /// path is the Glusterfs volume path. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// hostPath represents a pre-existing file or directory on the host -/// machine that is directly exposed to the container. This is generally -/// used for system agents or other privileged things that are allowed -/// to see the host machine. Most containers will NOT need this. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesHostPath { - /// path of the directory on the host. - /// If the path is a symlink, it will follow the link to the real path. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - pub path: String, - /// type for HostPath Volume - /// Defaults to "" - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// iscsi represents an ISCSI Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://examples.k8s.io/volumes/iscsi/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesIscsi { - /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] - pub chap_auth_discovery: Option, - /// chapAuthSession defines whether support iSCSI Session CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] - pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. - /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - /// : will be created for the connection. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] - pub initiator_name: Option, - /// iqn is the target iSCSI Qualified Name. - pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. - /// Defaults to 'default' (tcp). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] - pub iscsi_interface: Option, - /// lun represents iSCSI Target Lun number. - pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is the CHAP Secret for iSCSI target and initiator authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(rename = "targetPortal")] - pub target_portal: String, -} - -/// secretRef is the CHAP Secret for iSCSI target and initiator authentication -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesIscsiSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// nfs represents an NFS mount on the host that shares a pod's lifetime -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesNfs { - /// path that is exported by the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// server is the hostname or IP address of the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub server: String, -} - -/// persistentVolumeClaimVolumeSource represents a reference to a -/// PersistentVolumeClaim in the same namespace. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(rename = "claimName")] - pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. - /// Default false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// pdID is the ID that identifies Photon Controller persistent disk - #[serde(rename = "pdID")] - pub pd_id: String, -} - -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesPortworxVolume { - /// fSType represents the filesystem type to mount - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID uniquely identifies a Portworx volume - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// projected items for all in one resources secrets, configmaps, and downward API -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// sources is the list of volume projections - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sources: Option>, -} - -/// Projection that may be projected along with other supported volume types -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSources { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field - /// of ClusterTrustBundle objects in an auto-updating file. - /// - /// - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// - /// - /// ClusterTrustBundle objects can either be selected by name, or by the - /// combination of signer name and a label selector. - /// - /// - /// Kubelet performs aggressive normalization of the PEM contents written - /// into the pod filesystem. Esoteric PEM features such as inter-block - /// comments and block headers are stripped. Certificates are deduplicated. - /// The ordering of certificates within the file is arbitrary, and Kubelet - /// may change the order over time. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] - pub cluster_trust_bundle: Option, - /// configMap information about the configMap data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// downwardAPI information about the downwardAPI data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// secret information about the secret data to project - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// serviceAccountToken is information about the serviceAccountToken data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] - pub service_account_token: Option, -} - -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field -/// of ClusterTrustBundle objects in an auto-updating file. -/// -/// -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// -/// -/// ClusterTrustBundle objects can either be selected by name, or by the -/// combination of signer name and a label selector. -/// -/// -/// Kubelet performs aggressive normalization of the PEM contents written -/// into the pod filesystem. Esoteric PEM features such as inter-block -/// comments and block headers are stripped. Certificates are deduplicated. -/// The ordering of certificates within the file is arbitrary, and Kubelet -/// may change the order over time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has - /// effect if signerName is set. Mutually-exclusive with name. If unset, - /// interpreted as "match nothing". If set but empty, interpreted as "match - /// everything". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive - /// with signerName and labelSelector. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) - /// aren't available. If using name, then the named ClusterTrustBundle is - /// allowed not to exist. If using signerName, then the combination of - /// signerName and labelSelector is allowed to match zero - /// ClusterTrustBundles. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// Relative path from the volume root to write the bundle. - pub path: String, - /// Select all ClusterTrustBundles that match this signer name. - /// Mutually-exclusive with name. The contents of all selected - /// ClusterTrustBundles will be unified and deduplicated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] - pub signer_name: Option, -} - -/// Select all ClusterTrustBundles that match this label selector. Only has -/// effect if signerName is set. Mutually-exclusive with name. If unset, -/// interpreted as "match nothing". If set but empty, interpreted as "match -/// everything". -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundleLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// configMap information about the configMap data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// downwardAPI information about the downwardAPI data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApi { - /// Items is a list of DownwardAPIVolume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// secret information about the secret data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional field specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// serviceAccountToken is information about the serviceAccountToken data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token - /// must identify itself with an identifier specified in the audience of the - /// token, and otherwise should reject the token. The audience defaults to the - /// identifier of the apiserver. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service - /// account token. As the token approaches expiration, the kubelet volume - /// plugin will proactively rotate the service account token. The kubelet will - /// start trying to rotate the token if the token is older than 80 percent of - /// its time to live or if the token is older than 24 hours.Defaults to 1 hour - /// and must be at least 10 minutes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] - pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the - /// token into. - pub path: String, -} - -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesQuobyte { - /// group to map volume access to - /// Default is no group - #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services - /// specified as a string as host:port pair (multiple entries are separated with commas) - /// which acts as the central registry for volumes - pub registry: String, - /// tenant owning the given Quobyte volume in the Backend - /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tenant: Option, - /// user to map volume access to - /// Defaults to serivceaccount user - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, - /// volume is a string that references an already created Quobyte volume by name. - pub volume: String, -} - -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/rbd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// image is the rados image name. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub image: String, - /// keyring is the path to key ring for RBDUser. - /// Default is /etc/ceph/keyring. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keyring: Option, - /// monitors is a collection of Ceph monitors. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub monitors: Vec, - /// pool is the rados pool name. - /// Default is rbd. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided - /// overrides keyring. - /// Default is nil. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is the rados user name. - /// Default is admin. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is name of the authentication secret for RBDUser. If provided -/// overrides keyring. -/// Default is nil. -/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesRbdSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesScaleIo { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". - /// Default is "xfs". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// gateway is the host address of the ScaleIO API Gateway. - pub gateway: String, - /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] - pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other - /// sensitive information. If this is not provided, Login operation will fail. - #[serde(rename = "secretRef")] - pub secret_ref: ClusterComponentSpecsVolumesScaleIoSecretRef, - /// sslEnabled Flag enable/disable SSL communication with Gateway, default false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] - pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - /// Default is ThinProvisioned. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] - pub storage_mode: Option, - /// storagePool is the ScaleIO Storage Pool associated with the protection domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] - pub storage_pool: Option, - /// system is the name of the storage system as configured in ScaleIO. - pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system - /// that is associated with this volume source. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// secretRef references to the secret for ScaleIO user and other -/// sensitive information. If this is not provided, Login operation will fail. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesScaleIoSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// secret represents a secret that should populate this volume. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values - /// for mode bits. Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// optional field specify whether the Secret or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesStorageos { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API - /// credentials. If not specified, default values will be attempted. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume - /// names are only unique within a namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no - /// namespace is specified then the Pod's namespace will be used. This allows the - /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - /// Set VolumeName to any name to override the default behaviour. - /// Set to "default" if you are not using namespaces within StorageOS. - /// Namespaces that do not pre-exist within StorageOS will be created. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] - pub volume_namespace: Option, -} - -/// secretRef specifies the secret to use for obtaining the StorageOS API -/// credentials. If not specified, default values will be attempted. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesStorageosSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesVsphereVolume { - /// fsType is filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] - pub storage_policy_id: Option, - /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] - pub storage_policy_name: Option, - /// volumePath is the path that identifies vSphere volume vmdk - #[serde(rename = "volumePath")] - pub volume_path: String, -} - -/// Specifies the scheduling policy for the Cluster. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicy { - /// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub affinity: Option, - /// NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, - /// the scheduler simply schedules this Pod onto that node, assuming that it fits resource - /// requirements. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] - pub node_name: Option, - /// NodeSelector is a selector which must be true for the Pod to fit on a node. - /// Selector which must match a node's labels for the Pod to be scheduled on that node. - /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] - pub node_selector: Option>, - /// If specified, the Pod will be dispatched by specified scheduler. - /// If not specified, the Pod will be dispatched by default scheduler. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] - pub scheduler_name: Option, - /// Allows Pods to be scheduled onto nodes with matching taints. - /// Each toleration in the array allows the Pod to tolerate node taints based on - /// specified `key`, `value`, `effect`, and `operator`. - /// - /// - /// - The `key`, `value`, and `effect` identify the taint that the toleration matches. - /// - The `operator` determines how the toleration matches the taint. - /// - /// - /// Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tolerations: Option>, - /// TopologySpreadConstraints describes how a group of Pods ought to spread across topology - /// domains. Scheduler will schedule Pods in a way which abides by the constraints. - /// All topologySpreadConstraints are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] - pub topology_spread_constraints: Option>, -} - -/// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinity { - /// Describes node affinity scheduling rules for the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] - pub node_affinity: Option, - /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] - pub pod_affinity: Option, - /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] - pub pod_anti_affinity: Option, -} - -/// Describes node affinity scheduling rules for the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node matches the corresponding matchExpressions; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to an update), the system - /// may or may not try to eventually evict the pod from its node. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option, -} - -/// An empty preferred scheduling term matches all objects with implicit weight 0 -/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// A node selector term, associated with the corresponding weight. - pub preference: ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, - /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - pub weight: i32, -} - -/// A node selector term, associated with the corresponding weight. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { - /// A list of node selector requirements by node's labels. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// If the affinity requirements specified by this field are not met at -/// scheduling time, the pod will not be scheduled onto the node. -/// If the affinity requirements specified by this field cease to be met -/// at some point during pod execution (e.g. due to an update), the system -/// may or may not try to eventually evict the pod from its node. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// Required. A list of node selector terms. The terms are ORed. - #[serde(rename = "nodeSelectorTerms")] - pub node_selector_terms: Vec, -} - -/// A null or empty node selector term matches no objects. The requirements of -/// them are ANDed. -/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { - /// A list of node selector requirements by node's labels. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to a pod label update), the - /// system may or may not try to eventually evict the pod from its node. - /// When there are multiple elements, the lists of nodes corresponding to each - /// podAffinityTerm are intersected, i.e. all terms must be satisfied. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, - /// in the range 1-100. - pub weight: i32, -} - -/// Required. A pod affinity term, associated with the corresponding weight. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Defines a set of pods (namely those matching the labelSelector -/// relative to the given namespace(s)) that this pod should be -/// co-located (affinity) or not co-located (anti-affinity) with, -/// where co-located is defined as running on a node whose value of -/// the label with key matches that of any node on which -/// a pod of the set of pods is running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the anti-affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling anti-affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the anti-affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to a pod label update), the - /// system may or may not try to eventually evict the pod from its node. - /// When there are multiple elements, the lists of nodes corresponding to each - /// podAffinityTerm are intersected, i.e. all terms must be satisfied. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, - /// in the range 1-100. - pub weight: i32, -} - -/// Required. A pod affinity term, associated with the corresponding weight. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Defines a set of pods (namely those matching the labelSelector -/// relative to the given namespace(s)) that this pod should be -/// co-located (affinity) or not co-located (anti-affinity) with, -/// where co-located is defined as running on a node whose value of -/// the label with key matches that of any node on which -/// a pod of the set of pods is running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// The pod this Toleration is attached to tolerates any taint that matches -/// the triple using the matching operator . -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. - /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. - /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - /// Operator represents a key's relationship to the value. - /// Valid operators are Exists and Equal. Defaults to Equal. - /// Exists is equivalent to wildcard for value, so that a pod can - /// tolerate all taints of a particular category. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be - /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - /// it is not set, which means tolerate the taint forever (do not evict). Zero and - /// negative values will be treated as 0 (evict immediately) by the system. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] - pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. - /// If the operator is Exists, the value should be empty, otherwise just a regular string. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, -} - -/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. - /// Pods that match this label selector are counted to determine the number of pods - /// in their corresponding topology domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which - /// spreading will be calculated. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are ANDed with labelSelector - /// to select the group of existing pods over which spreading will be calculated - /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// MatchLabelKeys cannot be set when LabelSelector isn't set. - /// Keys that don't exist in the incoming pod labels will - /// be ignored. A null or empty list means only match against labelSelector. - /// - /// - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. - /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference - /// between the number of matching pods in the target topology and the global minimum. - /// The global minimum is the minimum number of matching pods in an eligible domain - /// or zero if the number of eligible domains is less than MinDomains. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 2/2/1: - /// In this case, the global minimum is 1. - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P | - /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; - /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) - /// violate MaxSkew(1). - /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. - /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence - /// to topologies that satisfy it. - /// It's a required field. Default value is 1 and 0 is not allowed. - #[serde(rename = "maxSkew")] - pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. - /// When the number of eligible domains with matching topology keys is less than minDomains, - /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. - /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, - /// this value has no effect on scheduling. - /// As a result, when the number of eligible domains is less than minDomains, - /// scheduler won't schedule more than maxSkew Pods to those domains. - /// If value is nil, the constraint behaves as if MinDomains is equal to 1. - /// Valid values are integers greater than 0. - /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// - /// - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same - /// labelSelector spread as 2/2/2: - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P P | - /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. - /// In this situation, new pod with the same labelSelector cannot be scheduled, - /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, - /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] - pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector - /// when calculating pod topology spread skew. Options are: - /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// - /// - /// If this value is nil, the behavior is equivalent to the Honor policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] - pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating - /// pod topology spread skew. Options are: - /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod - /// has a toleration, are included. - /// - Ignore: node taints are ignored. All nodes are included. - /// - /// - /// If this value is nil, the behavior is equivalent to the Ignore policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] - pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key - /// and identical values are considered to be in the same topology. - /// We consider each as a "bucket", and try to put balanced number - /// of pods into each bucket. - /// We define a domain as a particular instance of a topology. - /// Also, we define an eligible domain as a domain whose nodes meet the requirements of - /// nodeAffinityPolicy and nodeTaintsPolicy. - /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. - /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. - /// It's a required field. - #[serde(rename = "topologyKey")] - pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy - /// the spread constraint. - /// - DoNotSchedule (default) tells the scheduler not to schedule it. - /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, - /// but giving higher precedence to topologies that would help reduce the - /// skew. - /// A constraint is considered "Unsatisfiable" for an incoming pod - /// if and only if every possible node assignment for that pod would violate - /// "MaxSkew" on some topology. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 3/1/1: - /// | zone1 | zone2 | zone3 | - /// | P P P | P | P | - /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled - /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies - /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler - /// won't make it *more* imbalanced. - /// It's a required field. - #[serde(rename = "whenUnsatisfiable")] - pub when_unsatisfiable: String, -} - -/// LabelSelector is used to find matching pods. -/// Pods that match this label selector are counted to determine the number of pods -/// in their corresponding topology domain. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyTopologySpreadConstraintsLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// ClusterService defines a service that is exposed externally, allowing entities outside the cluster to access it. -/// For example, external applications, or other Clusters. -/// And another Cluster managed by the same KubeBlocks operator can resolve the address exposed by a ClusterService -/// using the `serviceRef` field. -/// -/// -/// When a Component needs to access another Cluster's ClusterService using the `serviceRef` field, -/// it must also define the service type and version information in the `componentDefinition.spec.serviceRefDeclarations` -/// section. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterServices { - /// If ServiceType is LoadBalancer, cloud provider related parameters can be put here - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - /// Extends the ServiceSpec.Selector by allowing the specification of components, to be used as a selector for the service. - /// - /// - /// If the `componentSelector` is set as the name of a sharding, the service will be exposed to all components in the sharding. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentSelector")] - pub component_selector: Option, - /// Name defines the name of the service. - /// otherwise, it indicates the name of the service. - /// Others can refer to this service by its name. (e.g., connection credential) - /// Cannot be updated. - pub name: String, - /// Extends the above `serviceSpec.selector` by allowing you to specify defined role as selector for the service. - /// When `roleSelector` is set, it adds a label selector "kubeblocks.io/role: {roleSelector}" - /// to the `serviceSpec.selector`. - /// Example usage: - /// - /// - /// roleSelector: "leader" - /// - /// - /// In this example, setting `roleSelector` to "leader" will add a label selector - /// "kubeblocks.io/role: leader" to the `serviceSpec.selector`. - /// This means that the service will select and route traffic to Pods with the label - /// "kubeblocks.io/role" set to "leader". - /// - /// - /// Note that if `podService` sets to true, RoleSelector will be ignored. - /// The `podService` flag takes precedence over `roleSelector` and generates a service for each Pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleSelector")] - pub role_selector: Option, - /// ServiceName defines the name of the underlying service object. - /// If not specified, the default service name with different patterns will be used: - /// - /// - /// - CLUSTER_NAME: for cluster-level services - /// - CLUSTER_NAME-COMPONENT_NAME: for component-level services - /// - /// - /// Only one default service name is allowed. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] - pub service_name: Option, - /// Spec defines the behavior of a service. - /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -/// Spec defines the behavior of a service. -/// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterServicesSpec { - /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically - /// allocated for services with type LoadBalancer. Default is "true". It - /// may be set to "false" if the cluster load-balancer does not rely on - /// NodePorts. If the caller requests specific NodePorts (by specifying a - /// value), those requests will be respected, regardless of this field. - /// This field may only be set for services with type LoadBalancer and will - /// be cleared if the type is changed to any other type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] - pub allocate_load_balancer_node_ports: Option, - /// clusterIP is the IP address of the service and is usually assigned - /// randomly. If an address is specified manually, is in-range (as per - /// system configuration), and is not in use, it will be allocated to the - /// service; otherwise creation of the service will fail. This field may not - /// be changed through updates unless the type field is also being changed - /// to ExternalName (which requires this field to be blank) or the type - /// field is being changed from ExternalName (in which case this field may - /// optionally be specified, as describe above). Valid values are "None", - /// empty string (""), or a valid IP address. Setting this to "None" makes a - /// "headless service" (no virtual IP), which is useful when direct endpoint - /// connections are preferred and proxying is not required. Only applies to - /// types ClusterIP, NodePort, and LoadBalancer. If this field is specified - /// when creating a Service of type ExternalName, creation will fail. This - /// field will be wiped when updating a Service to type ExternalName. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIP")] - pub cluster_ip: Option, - /// ClusterIPs is a list of IP addresses assigned to this service, and are - /// usually assigned randomly. If an address is specified manually, is - /// in-range (as per system configuration), and is not in use, it will be - /// allocated to the service; otherwise creation of the service will fail. - /// This field may not be changed through updates unless the type field is - /// also being changed to ExternalName (which requires this field to be - /// empty) or the type field is being changed from ExternalName (in which - /// case this field may optionally be specified, as describe above). Valid - /// values are "None", empty string (""), or a valid IP address. Setting - /// this to "None" makes a "headless service" (no virtual IP), which is - /// useful when direct endpoint connections are preferred and proxying is - /// not required. Only applies to types ClusterIP, NodePort, and - /// LoadBalancer. If this field is specified when creating a Service of type - /// ExternalName, creation will fail. This field will be wiped when updating - /// a Service to type ExternalName. If this field is not specified, it will - /// be initialized from the clusterIP field. If this field is specified, - /// clients must ensure that clusterIPs[0] and clusterIP have the same - /// value. - /// - /// - /// This field may hold a maximum of two entries (dual-stack IPs, in either order). - /// These IPs must correspond to the values of the ipFamilies field. Both - /// clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIPs")] - pub cluster_i_ps: Option>, - /// externalIPs is a list of IP addresses for which nodes in the cluster - /// will also accept traffic for this service. These IPs are not managed by - /// Kubernetes. The user is responsible for ensuring that traffic arrives - /// at a node with this IP. A common example is external load-balancers - /// that are not part of the Kubernetes system. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")] - pub external_i_ps: Option>, - /// externalName is the external reference that discovery mechanisms will - /// return as an alias for this service (e.g. a DNS CNAME record). No - /// proxying will be involved. Must be a lowercase RFC-1123 hostname - /// (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalName")] - pub external_name: Option, - /// externalTrafficPolicy describes how nodes distribute service traffic they - /// receive on one of the Service's "externally-facing" addresses (NodePorts, - /// ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure - /// the service in a way that assumes that external load balancers will take care - /// of balancing the service traffic between nodes, and so each node will deliver - /// traffic only to the node-local endpoints of the service, without masquerading - /// the client source IP. (Traffic mistakenly sent to a node with no endpoints will - /// be dropped.) The default value, "Cluster", uses the standard behavior of - /// routing to all endpoints evenly (possibly modified by topology and other - /// features). Note that traffic sent to an External IP or LoadBalancer IP from - /// within the cluster will always get "Cluster" semantics, but clients sending to - /// a NodePort from within the cluster may need to take traffic policy into account - /// when picking a node. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalTrafficPolicy")] - pub external_traffic_policy: Option, - /// healthCheckNodePort specifies the healthcheck nodePort for the service. - /// This only applies when type is set to LoadBalancer and - /// externalTrafficPolicy is set to Local. If a value is specified, is - /// in-range, and is not in use, it will be used. If not specified, a value - /// will be automatically allocated. External systems (e.g. load-balancers) - /// can use this port to determine if a given node holds endpoints for this - /// service or not. If this field is specified when creating a Service - /// which does not need it, creation will fail. This field will be wiped - /// when updating a Service to no longer need it (e.g. changing type). - /// This field cannot be updated once set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckNodePort")] - pub health_check_node_port: Option, - /// InternalTrafficPolicy describes how nodes distribute service traffic they - /// receive on the ClusterIP. If set to "Local", the proxy will assume that pods - /// only want to talk to endpoints of the service on the same node as the pod, - /// dropping the traffic if there are no local endpoints. The default value, - /// "Cluster", uses the standard behavior of routing to all endpoints evenly - /// (possibly modified by topology and other features). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalTrafficPolicy")] - pub internal_traffic_policy: Option, - /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this - /// service. This field is usually assigned automatically based on cluster - /// configuration and the ipFamilyPolicy field. If this field is specified - /// manually, the requested family is available in the cluster, - /// and ipFamilyPolicy allows it, it will be used; otherwise creation of - /// the service will fail. This field is conditionally mutable: it allows - /// for adding or removing a secondary IP family, but it does not allow - /// changing the primary IP family of the Service. Valid values are "IPv4" - /// and "IPv6". This field only applies to Services of types ClusterIP, - /// NodePort, and LoadBalancer, and does apply to "headless" services. - /// This field will be wiped when updating a Service to type ExternalName. - /// - /// - /// This field may hold a maximum of two entries (dual-stack families, in - /// either order). These families must correspond to the values of the - /// clusterIPs field, if specified. Both clusterIPs and ipFamilies are - /// governed by the ipFamilyPolicy field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] - pub ip_families: Option>, - /// IPFamilyPolicy represents the dual-stack-ness requested or required by - /// this Service. If there is no value provided, then this field will be set - /// to SingleStack. Services can be "SingleStack" (a single IP family), - /// "PreferDualStack" (two IP families on dual-stack configured clusters or - /// a single IP family on single-stack clusters), or "RequireDualStack" - /// (two IP families on dual-stack configured clusters, otherwise fail). The - /// ipFamilies and clusterIPs fields depend on the value of this field. This - /// field will be wiped when updating a service to type ExternalName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] - pub ip_family_policy: Option, - /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. - /// If specified, the value of this field must be a label-style identifier, with an optional prefix, - /// e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. - /// This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load - /// balancer implementation is used, today this is typically done through the cloud provider integration, - /// but should apply for any default implementation. If set, it is assumed that a load balancer - /// implementation is watching for Services with a matching class. Any default load balancer - /// implementation (e.g. cloud providers) should ignore Services that set this field. - /// This field can only be set when creating or updating a Service to type 'LoadBalancer'. - /// Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerClass")] - pub load_balancer_class: Option, - /// Only applies to Service Type: LoadBalancer. - /// This feature depends on whether the underlying cloud-provider supports specifying - /// the loadBalancerIP when a load balancer is created. - /// This field will be ignored if the cloud-provider does not support the feature. - /// Deprecated: This field was under-specified and its meaning varies across implementations. - /// Using it is non-portable and it may not support dual-stack. - /// Users are encouraged to use implementation-specific annotations when available. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerIP")] - pub load_balancer_ip: Option, - /// If specified and supported by the platform, this will restrict traffic through the cloud-provider - /// load-balancer will be restricted to the specified client IPs. This field will be ignored if the - /// cloud-provider does not support the feature." - /// More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerSourceRanges")] - pub load_balancer_source_ranges: Option>, - /// The list of ports that are exposed by this service. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this - /// Service should disregard any indications of ready/not-ready. - /// The primary use case for setting this field is for a StatefulSet's Headless Service to - /// propagate SRV DNS records for its Pods for the purpose of peer discovery. - /// The Kubernetes controllers that generate Endpoints and EndpointSlice resources for - /// Services interpret this to mean that all endpoints are considered "ready" even if the - /// Pods themselves are not. Agents which consume only Kubernetes generated endpoints - /// through the Endpoints or EndpointSlice resources can safely assume this behavior. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "publishNotReadyAddresses")] - pub publish_not_ready_addresses: Option, - /// Route service traffic to pods with label keys and values matching this - /// selector. If empty or not present, the service is assumed to have an - /// external process managing its endpoints, which Kubernetes will not - /// modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. - /// Ignored if type is ExternalName. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/ + +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesNfs { + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + pub path: String, + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + pub server: String, +} + +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesPersistentVolumeClaim { + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + #[serde(rename = "claimName")] + pub claim_name: String, + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, +} + +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesPhotonPersistentDisk { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// pdID is the ID that identifies Photon Controller persistent disk + #[serde(rename = "pdID")] + pub pd_id: String, +} + +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesPortworxVolume { + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// volumeID uniquely identifies a Portworx volume + #[serde(rename = "volumeID")] + pub volume_id: String, +} + +/// projected items for all in one resources secrets, configmaps, and downward API +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjected { + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] + pub default_mode: Option, + /// sources is the list of volume projections #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option>, - /// Supports "ClientIP" and "None". Used to maintain session affinity. - /// Enable client IP based session affinity. - /// Must be ClientIP or None. - /// Defaults to None. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] - pub session_affinity: Option, - /// sessionAffinityConfig contains the configurations of session affinity. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] - pub session_affinity_config: Option, - /// type determines how the Service is exposed. Defaults to ClusterIP. Valid - /// options are ExternalName, ClusterIP, NodePort, and LoadBalancer. - /// "ClusterIP" allocates a cluster-internal IP address for load-balancing - /// to endpoints. Endpoints are determined by the selector or if that is not - /// specified, by manual construction of an Endpoints object or - /// EndpointSlice objects. If clusterIP is "None", no virtual IP is - /// allocated and the endpoints are published as a set of endpoints rather - /// than a virtual IP. - /// "NodePort" builds on ClusterIP and allocates a port on every node which - /// routes to the same endpoints as the clusterIP. - /// "LoadBalancer" builds on NodePort and creates an external load-balancer - /// (if supported in the current cloud) which routes to the same endpoints - /// as the clusterIP. - /// "ExternalName" aliases this service to the specified externalName. - /// Several other fields do not apply to ExternalName services. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, + pub sources: Option>, } -/// ServicePort contains information on service's port. +/// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterServicesSpecPorts { - /// The application protocol for this port. - /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. - /// This field follows standard Kubernetes label syntax. - /// Valid values are either: +pub struct ClusterComponentSpecsVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. /// /// - /// * Un-prefixed protocol names - reserved for IANA standard service names (as per - /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// /// - /// * Kubernetes-defined prefixed names: - /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- - /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 - /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. /// /// - /// * Other protocols should use implementation-defined prefixed names such as - /// mycompany.com/my-custom-protocol. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] - pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. - /// All ports within a ServiceSpec must have unique names. When considering - /// the endpoints for a Service, this must match the 'name' field in the - /// EndpointPort. - /// Optional if only one ServicePort is defined on this service. + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, + /// configMap information about the configMap data to project + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// downwardAPI information about the downwardAPI data to project + #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] + pub downward_api: Option, + /// secret information about the secret data to project + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, + /// serviceAccountToken is information about the serviceAccountToken data to project + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] + pub service_account_token: Option, +} + +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// configMap information about the configMap data to project +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesConfigMap { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Maps a string key to a path within a volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesConfigMapItems { + /// key is the key to project. + pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// The port on each node on which this service is exposed when type is - /// NodePort or LoadBalancer. Usually assigned by the system. If a value is - /// specified, in-range, and not in use it will be used, otherwise the - /// operation will fail. If not specified, a port will be allocated if this - /// Service requires one. If this field is specified when creating a - /// Service which does not need it, creation will fail. This field will be - /// wiped when updating a Service to no longer need it (e.g. changing type - /// from NodePort to ClusterIP). - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] - pub node_port: Option, - /// The port that will be exposed by this service. - pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". - /// Default is TCP. + pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. + pub path: String, +} + +/// downwardAPI information about the downwardAPI data to project +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApi { + /// Items is a list of DownwardAPIVolume file #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. - /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - /// If this is a string, it will be looked up as a named port in the - /// target Pod's container ports. If this is not specified, the value - /// of the 'port' field is used (an identity map). - /// This field is ignored for services with clusterIP=None, and should be - /// omitted or set equal to the 'port' field. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] - pub target_port: Option, + pub items: Option>, } -/// sessionAffinityConfig contains the configurations of session affinity. +/// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterServicesSpecSessionAffinityConfig { - /// clientIP contains the configurations of Client IP based session affinity. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientIP")] - pub client_ip: Option, +pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApiItems { + /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, + /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' + pub path: String, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, } -/// clientIP contains the configurations of Client IP based session affinity. +/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterServicesSpecSessionAffinityConfigClientIp { - /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. - /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". - /// Default value is 10800(for 3 hours). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, +pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApiItemsFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, } -/// ClusterSharding defines how KubeBlocks manage dynamic provisioned shards. -/// A typical design pattern for distributed databases is to distribute data across multiple shards, -/// with each shard consisting of multiple replicas. -/// Therefore, KubeBlocks supports representing a shard with a Component and dynamically instantiating Components -/// using a template when shards are added. -/// When shards are removed, the corresponding Components are also deleted. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardings { - /// Represents the common parent part of all shard names. - /// - /// - /// This identifier is included as part of the Service DNS name and must comply with IANA service naming rules. - /// It is used to generate the names of underlying Components following the pattern `$(clusterSharding.name)-$(ShardID)`. - /// ShardID is a random string that is appended to the Name to generate unique identifiers for each shard. - /// For example, if the sharding specification name is "my-shard" and the ShardID is "abc", the resulting Component name - /// would be "my-shard-abc". - /// - /// - /// Note that the name defined in Component template(`clusterSharding.template.name`) will be disregarded - /// when generating the Component names of the shards. The `clusterSharding.name` field takes precedence. - pub name: String, - /// Specifies the ShardingDefinition custom resource (CR) that defines the sharding's characteristics and behavior. - /// - /// - /// The full name or regular expression is supported to match the ShardingDefinition. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "shardingDef")] - pub sharding_def: Option, - /// Specifies the desired number of shards. - /// - /// - /// Users can declare the desired number of shards through this field. - /// KubeBlocks dynamically creates and deletes Components based on the difference - /// between the desired and actual number of shards. - /// KubeBlocks provides lifecycle management for sharding, including: - /// - /// - /// - Executing the shardProvision Action defined in the ShardingDefinition when the number of shards increases. - /// This allows for custom actions to be performed after a new shard is provisioned. - /// - Executing the shardTerminate Action defined in the ShardingDefinition when the number of shards decreases. - /// This enables custom cleanup or data migration tasks to be executed before a shard is terminated. - /// Resources and data associated with the corresponding Component will also be deleted. +pub struct ClusterComponentSpecsVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" #[serde(default, skip_serializing_if = "Option::is_none")] - pub shards: Option, - /// The template for generating Components for shards, where each shard consists of one Component. - /// - /// - /// This field is of type ClusterComponentSpec, which encapsulates all the required details and - /// definitions for creating and managing the Components. - /// KubeBlocks uses this template to generate a set of identical Components of shards. - /// All the generated Components will have the same specifications and definitions as specified in the `template` field. - /// - /// - /// This allows for the creation of multiple Components with consistent configurations, - /// enabling sharding and distribution of workloads across Components. - pub template: ClusterShardingsTemplate, + pub divisor: Option, + /// Required: resource to select + pub resource: String, } -/// The template for generating Components for shards, where each shard consists of one Component. -/// -/// -/// This field is of type ClusterComponentSpec, which encapsulates all the required details and -/// definitions for creating and managing the Components. -/// KubeBlocks uses this template to generate a set of identical Components of shards. -/// All the generated Components will have the same specifications and definitions as specified in the `template` field. -/// -/// -/// This allows for the creation of multiple Components with consistent configurations, -/// enabling sharding and distribution of workloads across Components. +/// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplate { - /// Specifies Annotations to override or add for underlying Pods, PVCs, Account & TLS Secrets, Services Owned by Component. +pub struct ClusterComponentSpecsVolumesProjectedSourcesSecret { + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - /// Specifies the ComponentDefinition custom resource (CR) that defines the Component's characteristics and behavior. - /// - /// - /// Supports three different ways to specify the ComponentDefinition: - /// - /// - /// - the regular expression - recommended - /// - the full name - recommended - /// - the name prefix - #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentDef")] - pub component_def: Option, - /// Specifies the configuration content of a config template. + pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub configs: Option>, - /// Determines whether metrics exporter information is annotated on the Component's headless Service. - /// - /// - /// If set to true, the following annotations will not be patched into the Service: - /// - /// - /// - "monitor.kubeblocks.io/path" - /// - "monitor.kubeblocks.io/port" - /// - "monitor.kubeblocks.io/scheme" - /// - /// - /// These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableExporter")] - pub disable_exporter: Option, - /// List of environment variables to add. - /// These environment variables will be placed after the environment variables declared in the Pod. + pub name: Option, + /// optional field specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Allows for the customization of configuration values for each instance within a Component. - /// An instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps). - /// While instances typically share a common configuration as defined in the ClusterComponentSpec, - /// they can require unique settings in various scenarios: - /// - /// - /// For example: - /// - A database Component might require different resource allocations for primary and secondary instances, - /// with primaries needing more resources. - /// - During a rolling upgrade, a Component may first update the image for one or a few instances, - /// and then update the remaining instances after verifying that the updated instances are functioning correctly. - /// - /// - /// InstanceTemplate allows for specifying these unique configurations per instance. - /// Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal), - /// starting with an ordinal of 0. - /// It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts. - /// - /// - /// The sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component. - /// Any remaining replicas will be generated using the default template and will follow the default naming rules. + pub optional: Option, +} + +/// Maps a string key to a path within a volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesSecretItems { + /// key is the key to project. + pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] - pub instances: Option>, - /// Specifies the configuration for the TLS certificates issuer. - /// It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. - /// The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. - /// Required when TLS is enabled. + pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. + pub path: String, +} + +/// serviceAccountToken is information about the serviceAccountToken data to project +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesServiceAccountToken { + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] - pub issuer: Option, - /// Specifies Labels to override or add for underlying Pods, PVCs, Account & TLS Secrets, Services Owned by Component. + pub audience: Option, + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] + pub expiration_seconds: Option, + /// path is the path relative to the mount point of the file to project the + /// token into. + pub path: String, +} + +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesQuobyte { + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - /// Specifies the Component's name. - /// It's part of the Service DNS name and must comply with the IANA service naming rule. - /// The name is optional when ClusterComponentSpec is used as a template (e.g., in `clusterSharding`), - /// but required otherwise. + pub group: Option, + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes + pub registry: String, + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specifies the names of instances to be transitioned to offline status. - /// - /// - /// Marking an instance as offline results in the following: - /// - /// - /// 1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential - /// future reuse or data recovery, but it is no longer actively used. - /// 2. The ordinal number assigned to this instance is preserved, ensuring it remains unique - /// and avoiding conflicts with new instances. - /// - /// - /// Setting instances to offline allows for a controlled scale-in process, preserving their data and maintaining - /// ordinal consistency within the Cluster. - /// Note that offline instances and their associated resources, such as PVCs, are not automatically deleted. - /// The administrator must manually manage the cleanup and removal of these resources when they are no longer needed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineInstances")] - pub offline_instances: Option>, - /// Controls the concurrency of pods during initial scale up, when replacing pods on nodes, - /// or when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`. - /// The default Concurrency is 100%. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "parallelPodManagementConcurrency")] - pub parallel_pod_management_concurrency: Option, - /// PodUpdatePolicy indicates how pods should be updated - /// - /// - /// - `StrictInPlace` indicates that only allows in-place upgrades. - /// Any attempt to modify other fields will be rejected. - /// - `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod. - /// If that fails, it will fall back to the ReCreate, where pod will be recreated. - /// Default value is "PreferInPlace" - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podUpdatePolicy")] - pub pod_update_policy: Option, - /// Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing. - pub replicas: i32, - /// Specifies the resources required by the Component. - /// It allows defining the CPU, memory requirements and limits for the Component's containers. + pub tenant: Option, + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// Specifies the scheduling policy for the Component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingPolicy")] - pub scheduling_policy: Option, - /// Specifies the name of the ServiceAccount required by the running Component. - /// This ServiceAccount is used to grant necessary permissions for the Component's Pods to interact - /// with other Kubernetes resources, such as modifying Pod labels or sending events. - /// - /// - /// Defaults: - /// To perform certain operational tasks, agent sidecars running in Pods require specific RBAC permissions. - /// The service account will be bound to a default role named "kubeblocks-cluster-pod-role" which is installed together with KubeBlocks. - /// If not specified, KubeBlocks automatically assigns a default ServiceAccount named "kb-{cluster.name}" - /// - /// - /// Future Changes: - /// Future versions might change the default ServiceAccount creation strategy to one per Component, - /// potentially revising the naming to "kb-{cluster.name}-{component.name}". - /// - /// - /// Users can override the automatic ServiceAccount assignment by explicitly setting the name of - /// an existed ServiceAccount in this field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] - pub service_account_name: Option, - /// Defines a list of ServiceRef for a Component, enabling access to both external services and - /// Services provided by other Clusters. - /// - /// - /// Types of services: - /// - /// - /// - External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; - /// Require a ServiceDescriptor for connection details. - /// - Services provided by a Cluster: Managed by the same KubeBlocks operator; - /// identified using Cluster, Component and Service names. - /// - /// - /// ServiceRefs with identical `serviceRef.name` in the same Cluster are considered the same. - /// - /// - /// Example: - /// ```text - /// serviceRefs: - /// - name: "redis-sentinel" - /// serviceDescriptor: - /// name: "external-redis-sentinel" - /// - name: "postgres-cluster" - /// clusterServiceSelector: - /// cluster: "my-postgres-cluster" - /// service: - /// component: "postgresql" - /// ``` - /// The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceRefs")] - pub service_refs: Option>, - /// ServiceVersion specifies the version of the Service expected to be provisioned by this Component. - /// The version should follow the syntax and semantics of the "Semantic Versioning" specification (http://semver.org/). - /// If no version is specified, the latest available version will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceVersion")] - pub service_version: Option, - /// Overrides services defined in referenced ComponentDefinition and expose endpoints that can be accessed by clients. + pub user: Option, + /// volume is a string that references an already created Quobyte volume by name. + pub volume: String, +} + +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesRbd { + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + pub image: String, + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] - pub services: Option>, - /// Stop the Component. - /// If set, all the computing resources will be released. + pub keyring: Option, + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + pub monitors: Vec, + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] - pub stop: Option, - /// Overrides system accounts defined in referenced ComponentDefinition. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemAccounts")] - pub system_accounts: Option>, - /// A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) - /// for secure communication. - /// When set to true, the Component will be configured to use TLS encryption for its network connections. - /// This ensures that the data transmitted between the Component and its clients or other Components is encrypted - /// and protected from unauthorized access. - /// If TLS is enabled, the Component may require additional configuration, such as specifying TLS certificates and keys, - /// to properly set up the secure communication channel. + pub pool: Option, + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] - pub tls: Option, - /// Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component. - /// Each template specifies the desired characteristics of a persistent volume, such as storage class, - /// size, and access modes. - /// These templates are used to dynamically provision persistent volumes for the Component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplates")] - pub volume_claim_templates: Option>, - /// List of volumes to override. + pub user: Option, +} + +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesRbdSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, + pub name: Option, +} + +/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesScaleIo { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// gateway is the host address of the ScaleIO API Gateway. + pub gateway: String, + /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] + pub protection_domain: Option, + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. + #[serde(rename = "secretRef")] + pub secret_ref: ClusterComponentSpecsVolumesScaleIoSecretRef, + /// sslEnabled Flag enable/disable SSL communication with Gateway, default false + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] + pub ssl_enabled: Option, + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] + pub storage_mode: Option, + /// storagePool is the ScaleIO Storage Pool associated with the protection domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] + pub storage_pool: Option, + /// system is the name of the storage system as configured in ScaleIO. + pub system: String, + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, } -/// ClusterComponentConfig represents a config with its source bound. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateConfigs { - /// ConfigMap source for the config. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// The name of the config. +pub struct ClusterComponentSpecsVolumesScaleIoSecretRef { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// ConfigMap source for the config. +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateConfigsConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. +pub struct ClusterComponentSpecsVolumesSecret { + /// defaultMode is Optional: mode bits used to set permissions on created files by default. /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. /// Directories within the path are not affected by this setting. /// This might be in conflict with other options that affect the file /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the /// key and content is the value. If specified, the listed keys will be /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, + /// present. If a key is specified which is not present in the Secret, /// the volume setup will error unless it is marked optional. Paths must be /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined + pub items: Option>, + /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] + pub secret_name: Option, } /// Maps a string key to a path within a volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateConfigsConfigMapItems { +pub struct ClusterComponentSpecsVolumesSecretItems { /// key is the key to project. pub key: String, /// mode is Optional: mode bits used to set permissions on this file. @@ -7816,290 +4837,72 @@ pub struct ClusterShardingsTemplateConfigsConfigMapItems { pub path: String, } -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// InstanceTemplate allows customization of individual replica configurations in a Component. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstances { - /// Specifies a map of key-value pairs to be merged into the Pod's existing annotations. - /// Existing keys will have their values overwritten, while new keys will be added to the annotations. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - /// Defines Env to override. - /// Add new or override existing envs. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Specifies an override for the first container's image in the Pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Specifies a map of key-value pairs that will be merged into the Pod's existing labels. - /// Values for existing keys will be overwritten, and new keys will be added. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - /// Name specifies the unique name of the instance Pod created using this InstanceTemplate. - /// This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal - /// using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. - /// The specified name overrides any default naming conventions or patterns. - pub name: String, - /// Specifies the number of instances (Pods) to create from this InstanceTemplate. - /// This field allows setting how many replicated instances of the Component, - /// with the specific overrides in the InstanceTemplate, are created. - /// The default value is 1. A value of 0 disables instance creation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub replicas: Option, - /// Specifies an override for the resource requirements of the first container in the Pod. - /// This field allows for customizing resource allocation (CPU, memory, etc.) for the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// Specifies the scheduling policy for the Component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingPolicy")] - pub scheduling_policy: Option, - /// Defines VolumeClaimTemplates to override. - /// Add new or override existing volume claim templates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplates")] - pub volume_claim_templates: Option>, - /// Defines VolumeMounts to override. - /// Add new or override existing volume mounts of the first container in the Pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - /// Defines Volumes to override. - /// Add new or override existing volumes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, +/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesStorageos { + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] + pub volume_namespace: Option, } -/// Selects a key of a secret in the pod's namespace +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, +pub struct ClusterComponentSpecsVolumesStorageosSecretRef { /// Name of the referent. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Specifies an override for the resource requirements of the first container in the Pod. -/// This field allows for customizing resource allocation (CPU, memory, etc.) for the container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, +pub struct ClusterComponentSpecsVolumesVsphereVolume { + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] + pub storage_policy_id: Option, + /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] + pub storage_policy_name: Option, + /// volumePath is the path that identifies vSphere volume vmdk + #[serde(rename = "volumePath")] + pub volume_path: String, } -/// Specifies the scheduling policy for the Component. +/// Specifies the scheduling policy for the Cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicy { +pub struct ClusterSchedulingPolicy { /// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. #[serde(default, skip_serializing_if = "Option::is_none")] - pub affinity: Option, + pub affinity: Option, /// NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, /// the scheduler simply schedules this Pod onto that node, assuming that it fits resource /// requirements. @@ -8125,31 +4928,31 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicy { /// /// Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. #[serde(default, skip_serializing_if = "Option::is_none")] - pub tolerations: Option>, + pub tolerations: Option>, /// TopologySpreadConstraints describes how a group of Pods ought to spread across topology /// domains. Scheduler will schedule Pods in a way which abides by the constraints. /// All topologySpreadConstraints are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] - pub topology_spread_constraints: Option>, + pub topology_spread_constraints: Option>, } /// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinity { +pub struct ClusterSchedulingPolicyAffinity { /// Describes node affinity scheduling rules for the pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] - pub node_affinity: Option, + pub node_affinity: Option, /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] - pub pod_affinity: Option, + pub pod_affinity: Option, /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] - pub pod_anti_affinity: Option, + pub pod_anti_affinity: Option, } /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinity { +pub struct ClusterSchedulingPolicyAffinityNodeAffinity { /// The scheduler will prefer to schedule pods to nodes that satisfy /// the affinity expressions specified by this field, but it may choose /// a node that violates one or more of the expressions. The node that is @@ -8160,165 +4963,438 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinity /// "weight" to the sum if the node matches the corresponding matchExpressions; the /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, + pub preferred_during_scheduling_ignored_during_execution: Option>, /// If the affinity requirements specified by this field are not met at /// scheduling time, the pod will not be scheduled onto the node. /// If the affinity requirements specified by this field cease to be met /// at some point during pod execution (e.g. due to an update), the system /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option, + pub required_during_scheduling_ignored_during_execution: Option, } /// An empty preferred scheduling term matches all objects with implicit weight 0 /// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { +pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. - pub preference: ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + pub preference: ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. pub weight: i32, } -/// A node selector term, associated with the corresponding weight. +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { - /// A list of node selector requirements by node's labels. +pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { - /// The label key that the selector applies to. +pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// An array of string values. If the operator is In or NotIn, + /// values is an array of string values. If the operator is In or NotIn, /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { - /// The label key that the selector applies to. +pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// An array of string values. If the operator is In or NotIn, + /// values is an array of string values. If the operator is In or NotIn, /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at -/// scheduling time, the pod will not be scheduled onto the node. -/// If the affinity requirements specified by this field cease to be met -/// at some point during pod execution (e.g. due to an update), the system -/// may or may not try to eventually evict the pod from its node. +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// Required. A list of node selector terms. The terms are ORed. - #[serde(rename = "nodeSelectorTerms")] - pub node_selector_terms: Vec, +pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// A null or empty node selector term matches no objects. The requirements of -/// them are ANDed. -/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { - /// A list of node selector requirements by node's labels. +pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { - /// The label key that the selector applies to. +pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// An array of string values. If the operator is In or NotIn, + /// values is an array of string values. If the operator is In or NotIn, /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { - /// The label key that the selector applies to. +pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// An array of string values. If the operator is In or NotIn, + /// values is an array of string values. If the operator is In or NotIn, /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinity { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinity { /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the affinity expressions specified by this field, but it may choose + /// the anti-affinity expressions specified by this field, but it may choose /// a node that violates one or more of the expressions. The node that is /// most preferred is the one with the greatest sum of weights, i.e. /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling affinity expressions, etc.), + /// request, requiredDuringScheduling anti-affinity expressions, etc.), /// compute a sum by iterating through the elements of this field and adding /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at /// scheduling time, the pod will not be scheduled onto the node. - /// If the affinity requirements specified by this field cease to be met + /// If the anti-affinity requirements specified by this field cease to be met /// at some point during pod execution (e.g. due to a pod label update), the /// system may or may not try to eventually evict the pod from its node. /// When there are multiple elements, the lists of nodes corresponding to each /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, + pub required_during_scheduling_ignored_during_execution: Option>, } /// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + pub pod_affinity_term: ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, /// weight associated with matching the corresponding podAffinityTerm, /// in the range 1-100. pub weight: i32, @@ -8326,11 +5402,11 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityP /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, + pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` @@ -8359,7 +5435,7 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityP /// null selector and null or empty namespaces list means "this pod's namespace". /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, + pub namespace_selector: Option, /// namespaces specifies a static list of namespace names that the term applies to. /// The term is applied to the union of the namespaces listed in this field /// and the ones selected by namespaceSelector. @@ -8378,10 +5454,10 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityP /// A label query over a set of resources, in this case pods. /// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -8392,7 +5468,7 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityP /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -8412,10 +5488,10 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityP /// null selector and null or empty namespaces list means "this pod's namespace". /// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -8426,7 +5502,7 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityP /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -8447,11 +5523,11 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityP /// the label with key matches that of any node on which /// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, + pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` @@ -8480,7 +5556,7 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityR /// null selector and null or empty namespaces list means "this pod's namespace". /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, + pub namespace_selector: Option, /// namespaces specifies a static list of namespace names that the term applies to. /// The term is applied to the union of the namespaces listed in this field /// and the ones selected by namespaceSelector. @@ -8499,10 +5575,10 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityR /// A label query over a set of resources, in this case pods. /// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -8513,7 +5589,7 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityR /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -8533,10 +5609,10 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityR /// null selector and null or empty namespaces list means "this pod's namespace". /// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -8547,7 +5623,7 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityR /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { +pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -8561,100 +5637,164 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityR pub values: Option>, } -/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the anti-affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling anti-affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the anti-affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to a pod label update), the - /// system may or may not try to eventually evict the pod from its node. - /// When there are multiple elements, the lists of nodes corresponding to each - /// podAffinityTerm are intersected, i.e. all terms must be satisfied. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, - /// in the range 1-100. - pub weight: i32, +pub struct ClusterSchedulingPolicyTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, } -/// Required. A pod affinity term, associated with the corresponding weight. +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. +pub struct ClusterSchedulingPolicyTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. + #[serde(rename = "maxSkew")] + pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] + pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] + pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] + pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. + #[serde(rename = "whenUnsatisfiable")] + pub when_unsatisfiable: String, } -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { +pub struct ClusterSchedulingPolicyTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -8665,7 +5805,7 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffin /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { +pub struct ClusterSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -8676,738 +5816,666 @@ pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffin /// the values array must be empty. This array is replaced during a strategic /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. + pub values: Option>, +} + +/// ClusterService defines a service that is exposed externally, allowing entities outside the cluster to access it. +/// For example, external applications, or other Clusters. +/// And another Cluster managed by the same KubeBlocks operator can resolve the address exposed by a ClusterService +/// using the `serviceRef` field. +/// +/// +/// When a Component needs to access another Cluster's ClusterService using the `serviceRef` field, +/// it must also define the service type and version information in the `componentDefinition.spec.serviceRefDeclarations` +/// section. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterServices { + /// If ServiceType is LoadBalancer, cloud provider related parameters can be put here + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Extends the ServiceSpec.Selector by allowing the specification of components, to be used as a selector for the service. + /// + /// + /// If the `componentSelector` is set as the name of a sharding, the service will be exposed to all components in the sharding. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentSelector")] + pub component_selector: Option, + /// Name defines the name of the service. + /// otherwise, it indicates the name of the service. + /// Others can refer to this service by its name. (e.g., connection credential) + /// Cannot be updated. + pub name: String, + /// Extends the above `serviceSpec.selector` by allowing you to specify defined role as selector for the service. + /// When `roleSelector` is set, it adds a label selector "kubeblocks.io/role: {roleSelector}" + /// to the `serviceSpec.selector`. + /// Example usage: + /// + /// + /// roleSelector: "leader" + /// + /// + /// In this example, setting `roleSelector` to "leader" will add a label selector + /// "kubeblocks.io/role: leader" to the `serviceSpec.selector`. + /// This means that the service will select and route traffic to Pods with the label + /// "kubeblocks.io/role" set to "leader". + /// + /// + /// Note that if `podService` sets to true, RoleSelector will be ignored. + /// The `podService` flag takes precedence over `roleSelector` and generates a service for each Pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleSelector")] + pub role_selector: Option, + /// ServiceName defines the name of the underlying service object. + /// If not specified, the default service name with different patterns will be used: + /// + /// + /// - CLUSTER_NAME: for cluster-level services + /// - CLUSTER_NAME-COMPONENT_NAME: for component-level services + /// + /// + /// Only one default service name is allowed. + /// Cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] + pub service_name: Option, + /// Spec defines the behavior of a service. + /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// Spec defines the behavior of a service. +/// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterServicesSpec { + /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically + /// allocated for services with type LoadBalancer. Default is "true". It + /// may be set to "false" if the cluster load-balancer does not rely on + /// NodePorts. If the caller requests specific NodePorts (by specifying a + /// value), those requests will be respected, regardless of this field. + /// This field may only be set for services with type LoadBalancer and will + /// be cleared if the type is changed to any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] + pub allocate_load_balancer_node_ports: Option, + /// clusterIP is the IP address of the service and is usually assigned + /// randomly. If an address is specified manually, is in-range (as per + /// system configuration), and is not in use, it will be allocated to the + /// service; otherwise creation of the service will fail. This field may not + /// be changed through updates unless the type field is also being changed + /// to ExternalName (which requires this field to be blank) or the type + /// field is being changed from ExternalName (in which case this field may + /// optionally be specified, as describe above). Valid values are "None", + /// empty string (""), or a valid IP address. Setting this to "None" makes a + /// "headless service" (no virtual IP), which is useful when direct endpoint + /// connections are preferred and proxying is not required. Only applies to + /// types ClusterIP, NodePort, and LoadBalancer. If this field is specified + /// when creating a Service of type ExternalName, creation will fail. This + /// field will be wiped when updating a Service to type ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIP")] + pub cluster_ip: Option, + /// ClusterIPs is a list of IP addresses assigned to this service, and are + /// usually assigned randomly. If an address is specified manually, is + /// in-range (as per system configuration), and is not in use, it will be + /// allocated to the service; otherwise creation of the service will fail. + /// This field may not be changed through updates unless the type field is + /// also being changed to ExternalName (which requires this field to be + /// empty) or the type field is being changed from ExternalName (in which + /// case this field may optionally be specified, as describe above). Valid + /// values are "None", empty string (""), or a valid IP address. Setting + /// this to "None" makes a "headless service" (no virtual IP), which is + /// useful when direct endpoint connections are preferred and proxying is + /// not required. Only applies to types ClusterIP, NodePort, and + /// LoadBalancer. If this field is specified when creating a Service of type + /// ExternalName, creation will fail. This field will be wiped when updating + /// a Service to type ExternalName. If this field is not specified, it will + /// be initialized from the clusterIP field. If this field is specified, + /// clients must ensure that clusterIPs[0] and clusterIP have the same + /// value. + /// + /// + /// This field may hold a maximum of two entries (dual-stack IPs, in either order). + /// These IPs must correspond to the values of the ipFamilies field. Both + /// clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIPs")] + pub cluster_i_ps: Option>, + /// externalIPs is a list of IP addresses for which nodes in the cluster + /// will also accept traffic for this service. These IPs are not managed by + /// Kubernetes. The user is responsible for ensuring that traffic arrives + /// at a node with this IP. A common example is external load-balancers + /// that are not part of the Kubernetes system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")] + pub external_i_ps: Option>, + /// externalName is the external reference that discovery mechanisms will + /// return as an alias for this service (e.g. a DNS CNAME record). No + /// proxying will be involved. Must be a lowercase RFC-1123 hostname + /// (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalName")] + pub external_name: Option, + /// externalTrafficPolicy describes how nodes distribute service traffic they + /// receive on one of the Service's "externally-facing" addresses (NodePorts, + /// ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + /// the service in a way that assumes that external load balancers will take care + /// of balancing the service traffic between nodes, and so each node will deliver + /// traffic only to the node-local endpoints of the service, without masquerading + /// the client source IP. (Traffic mistakenly sent to a node with no endpoints will + /// be dropped.) The default value, "Cluster", uses the standard behavior of + /// routing to all endpoints evenly (possibly modified by topology and other + /// features). Note that traffic sent to an External IP or LoadBalancer IP from + /// within the cluster will always get "Cluster" semantics, but clients sending to + /// a NodePort from within the cluster may need to take traffic policy into account + /// when picking a node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalTrafficPolicy")] + pub external_traffic_policy: Option, + /// healthCheckNodePort specifies the healthcheck nodePort for the service. + /// This only applies when type is set to LoadBalancer and + /// externalTrafficPolicy is set to Local. If a value is specified, is + /// in-range, and is not in use, it will be used. If not specified, a value + /// will be automatically allocated. External systems (e.g. load-balancers) + /// can use this port to determine if a given node holds endpoints for this + /// service or not. If this field is specified when creating a Service + /// which does not need it, creation will fail. This field will be wiped + /// when updating a Service to no longer need it (e.g. changing type). + /// This field cannot be updated once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckNodePort")] + pub health_check_node_port: Option, + /// InternalTrafficPolicy describes how nodes distribute service traffic they + /// receive on the ClusterIP. If set to "Local", the proxy will assume that pods + /// only want to talk to endpoints of the service on the same node as the pod, + /// dropping the traffic if there are no local endpoints. The default value, + /// "Cluster", uses the standard behavior of routing to all endpoints evenly + /// (possibly modified by topology and other features). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalTrafficPolicy")] + pub internal_traffic_policy: Option, + /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this + /// service. This field is usually assigned automatically based on cluster + /// configuration and the ipFamilyPolicy field. If this field is specified + /// manually, the requested family is available in the cluster, + /// and ipFamilyPolicy allows it, it will be used; otherwise creation of + /// the service will fail. This field is conditionally mutable: it allows + /// for adding or removing a secondary IP family, but it does not allow + /// changing the primary IP family of the Service. Valid values are "IPv4" + /// and "IPv6". This field only applies to Services of types ClusterIP, + /// NodePort, and LoadBalancer, and does apply to "headless" services. + /// This field will be wiped when updating a Service to type ExternalName. + /// + /// + /// This field may hold a maximum of two entries (dual-stack families, in + /// either order). These families must correspond to the values of the + /// clusterIPs field, if specified. Both clusterIPs and ipFamilies are + /// governed by the ipFamilyPolicy field. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] + pub ip_families: Option>, + /// IPFamilyPolicy represents the dual-stack-ness requested or required by + /// this Service. If there is no value provided, then this field will be set + /// to SingleStack. Services can be "SingleStack" (a single IP family), + /// "PreferDualStack" (two IP families on dual-stack configured clusters or + /// a single IP family on single-stack clusters), or "RequireDualStack" + /// (two IP families on dual-stack configured clusters, otherwise fail). The + /// ipFamilies and clusterIPs fields depend on the value of this field. This + /// field will be wiped when updating a service to type ExternalName. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] + pub ip_family_policy: Option, + /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. + /// If specified, the value of this field must be a label-style identifier, with an optional prefix, + /// e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + /// This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + /// balancer implementation is used, today this is typically done through the cloud provider integration, + /// but should apply for any default implementation. If set, it is assumed that a load balancer + /// implementation is watching for Services with a matching class. Any default load balancer + /// implementation (e.g. cloud providers) should ignore Services that set this field. + /// This field can only be set when creating or updating a Service to type 'LoadBalancer'. + /// Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerClass")] + pub load_balancer_class: Option, + /// Only applies to Service Type: LoadBalancer. + /// This feature depends on whether the underlying cloud-provider supports specifying + /// the loadBalancerIP when a load balancer is created. + /// This field will be ignored if the cloud-provider does not support the feature. + /// Deprecated: This field was under-specified and its meaning varies across implementations. + /// Using it is non-portable and it may not support dual-stack. + /// Users are encouraged to use implementation-specific annotations when available. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerIP")] + pub load_balancer_ip: Option, + /// If specified and supported by the platform, this will restrict traffic through the cloud-provider + /// load-balancer will be restricted to the specified client IPs. This field will be ignored if the + /// cloud-provider does not support the feature." + /// More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerSourceRanges")] + pub load_balancer_source_ranges: Option>, + /// The list of ports that are exposed by this service. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, + /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this + /// Service should disregard any indications of ready/not-ready. + /// The primary use case for setting this field is for a StatefulSet's Headless Service to + /// propagate SRV DNS records for its Pods for the purpose of peer discovery. + /// The Kubernetes controllers that generate Endpoints and EndpointSlice resources for + /// Services interpret this to mean that all endpoints are considered "ready" even if the + /// Pods themselves are not. Agents which consume only Kubernetes generated endpoints + /// through the Endpoints or EndpointSlice resources can safely assume this behavior. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "publishNotReadyAddresses")] + pub publish_not_ready_addresses: Option, + /// Route service traffic to pods with label keys and values matching this + /// selector. If empty or not present, the service is assumed to have an + /// external process managing its endpoints, which Kubernetes will not + /// modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. + /// Ignored if type is ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/ #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, + pub selector: Option>, + /// Supports "ClientIP" and "None". Used to maintain session affinity. + /// Enable client IP based session affinity. + /// Must be ClientIP or None. + /// Defaults to None. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] + pub session_affinity: Option, + /// sessionAffinityConfig contains the configurations of session affinity. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] + pub session_affinity_config: Option, + /// type determines how the Service is exposed. Defaults to ClusterIP. Valid + /// options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + /// "ClusterIP" allocates a cluster-internal IP address for load-balancing + /// to endpoints. Endpoints are determined by the selector or if that is not + /// specified, by manual construction of an Endpoints object or + /// EndpointSlice objects. If clusterIP is "None", no virtual IP is + /// allocated and the endpoints are published as a set of endpoints rather + /// than a virtual IP. + /// "NodePort" builds on ClusterIP and allocates a port on every node which + /// routes to the same endpoints as the clusterIP. + /// "LoadBalancer" builds on NodePort and creates an external load-balancer + /// (if supported in the current cloud) which routes to the same endpoints + /// as the clusterIP. + /// "ExternalName" aliases this service to the specified externalName. + /// Several other fields do not apply to ExternalName services. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, } -/// Defines a set of pods (namely those matching the labelSelector -/// relative to the given namespace(s)) that this pod should be -/// co-located (affinity) or not co-located (anti-affinity) with, -/// where co-located is defined as running on a node whose value of -/// the label with key matches that of any node on which -/// a pod of the set of pods is running +/// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. - /// If it's null, this PodAffinityTerm matches with no Pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will - /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - /// to select the group of existing pods which pods will be taken into consideration - /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] - pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". +pub struct ClusterServicesSpecPorts { + /// The application protocol for this port. + /// This is used as a hint for implementations to offer richer behavior for protocols that they understand. + /// This field follows standard Kubernetes label syntax. + /// Valid values are either: + /// + /// + /// * Un-prefixed protocol names - reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// + /// + /// * Kubernetes-defined prefixed names: + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- + /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 + /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 + /// + /// + /// * Other protocols should use implementation-defined prefixed names such as + /// mycompany.com/my-custom-protocol. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] + pub app_protocol: Option, + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -/// If it's null, this PodAffinityTerm matches with no Pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. + pub name: Option, + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. If a value is + /// specified, in-range, and not in use it will be used, otherwise the + /// operation will fail. If not specified, a port will be allocated if this + /// Service requires one. If this field is specified when creating a + /// Service which does not need it, creation will fail. This field will be + /// wiped when updating a Service to no longer need it (e.g. changing type + /// from NodePort to ClusterIP). + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] + pub node_port: Option, + /// The port that will be exposed by this service. + pub port: i32, + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, + pub protocol: Option, + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// If this is a string, it will be looked up as a named port in the + /// target Pod's container ports. If this is not specified, the value + /// of the 'port' field is used (an identity map). + /// This field is ignored for services with clusterIP=None, and should be + /// omitted or set equal to the 'port' field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] + pub target_port: Option, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// sessionAffinityConfig contains the configurations of session affinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, +pub struct ClusterServicesSpecSessionAffinityConfig { + /// clientIP contains the configurations of Client IP based session affinity. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientIP")] + pub client_ip: Option, } -/// The pod this Toleration is attached to tolerates any taint that matches -/// the triple using the matching operator . +/// clientIP contains the configurations of Client IP based session affinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. - /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. - /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - /// Operator represents a key's relationship to the value. - /// Valid operators are Exists and Equal. Defaults to Equal. - /// Exists is equivalent to wildcard for value, so that a pod can - /// tolerate all taints of a particular category. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be - /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - /// it is not set, which means tolerate the taint forever (do not evict). Zero and - /// negative values will be treated as 0 (evict immediately) by the system. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] - pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. - /// If the operator is Exists, the value should be empty, otherwise just a regular string. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, +pub struct ClusterServicesSpecSessionAffinityConfigClientIp { + /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. + /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + /// Default value is 10800(for 3 hours). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, } -/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. +/// ClusterSharding defines how KubeBlocks manage dynamic provisioned shards. +/// A typical design pattern for distributed databases is to distribute data across multiple shards, +/// with each shard consisting of multiple replicas. +/// Therefore, KubeBlocks supports representing a shard with a Component and dynamically instantiating Components +/// using a template when shards are added. +/// When shards are removed, the corresponding Components are also deleted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. - /// Pods that match this label selector are counted to determine the number of pods - /// in their corresponding topology domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which - /// spreading will be calculated. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are ANDed with labelSelector - /// to select the group of existing pods over which spreading will be calculated - /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// MatchLabelKeys cannot be set when LabelSelector isn't set. - /// Keys that don't exist in the incoming pod labels will - /// be ignored. A null or empty list means only match against labelSelector. +pub struct ClusterShardings { + /// Represents the common parent part of all shard names. /// /// - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. - /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference - /// between the number of matching pods in the target topology and the global minimum. - /// The global minimum is the minimum number of matching pods in an eligible domain - /// or zero if the number of eligible domains is less than MinDomains. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 2/2/1: - /// In this case, the global minimum is 1. - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P | - /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; - /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) - /// violate MaxSkew(1). - /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. - /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence - /// to topologies that satisfy it. - /// It's a required field. Default value is 1 and 0 is not allowed. - #[serde(rename = "maxSkew")] - pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. - /// When the number of eligible domains with matching topology keys is less than minDomains, - /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. - /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, - /// this value has no effect on scheduling. - /// As a result, when the number of eligible domains is less than minDomains, - /// scheduler won't schedule more than maxSkew Pods to those domains. - /// If value is nil, the constraint behaves as if MinDomains is equal to 1. - /// Valid values are integers greater than 0. - /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// This identifier is included as part of the Service DNS name and must comply with IANA service naming rules. + /// It is used to generate the names of underlying Components following the pattern `$(clusterSharding.name)-$(ShardID)`. + /// ShardID is a random string that is appended to the Name to generate unique identifiers for each shard. + /// For example, if the sharding specification name is "my-shard" and the ShardID is "abc", the resulting Component name + /// would be "my-shard-abc". /// /// - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same - /// labelSelector spread as 2/2/2: - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P P | - /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. - /// In this situation, new pod with the same labelSelector cannot be scheduled, - /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, - /// it will violate MaxSkew. + /// Note that the name defined in Component template(`clusterSharding.template.name`) will be disregarded + /// when generating the Component names of the shards. The `clusterSharding.name` field takes precedence. + pub name: String, + /// Specifies the ShardingDefinition custom resource (CR) that defines the sharding's characteristics and behavior. /// /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] - pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector - /// when calculating pod topology spread skew. Options are: - /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// The full name or regular expression is supported to match the ShardingDefinition. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "shardingDef")] + pub sharding_def: Option, + /// Specifies the desired number of shards. /// /// - /// If this value is nil, the behavior is equivalent to the Honor policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] - pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating - /// pod topology spread skew. Options are: - /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod - /// has a toleration, are included. - /// - Ignore: node taints are ignored. All nodes are included. + /// Users can declare the desired number of shards through this field. + /// KubeBlocks dynamically creates and deletes Components based on the difference + /// between the desired and actual number of shards. + /// KubeBlocks provides lifecycle management for sharding, including: /// /// - /// If this value is nil, the behavior is equivalent to the Ignore policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] - pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key - /// and identical values are considered to be in the same topology. - /// We consider each as a "bucket", and try to put balanced number - /// of pods into each bucket. - /// We define a domain as a particular instance of a topology. - /// Also, we define an eligible domain as a domain whose nodes meet the requirements of - /// nodeAffinityPolicy and nodeTaintsPolicy. - /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. - /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. - /// It's a required field. - #[serde(rename = "topologyKey")] - pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy - /// the spread constraint. - /// - DoNotSchedule (default) tells the scheduler not to schedule it. - /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, - /// but giving higher precedence to topologies that would help reduce the - /// skew. - /// A constraint is considered "Unsatisfiable" for an incoming pod - /// if and only if every possible node assignment for that pod would violate - /// "MaxSkew" on some topology. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 3/1/1: - /// | zone1 | zone2 | zone3 | - /// | P P P | P | P | - /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled - /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies - /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler - /// won't make it *more* imbalanced. - /// It's a required field. - #[serde(rename = "whenUnsatisfiable")] - pub when_unsatisfiable: String, -} - -/// LabelSelector is used to find matching pods. -/// Pods that match this label selector are counted to determine the number of pods -/// in their corresponding topology domain. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, + /// - Executing the shardProvision Action defined in the ShardingDefinition when the number of shards increases. + /// This allows for custom actions to be performed after a new shard is provisioned. + /// - Executing the shardTerminate Action defined in the ShardingDefinition when the number of shards decreases. + /// This enables custom cleanup or data migration tasks to be executed before a shard is terminated. + /// Resources and data associated with the corresponding Component will also be deleted. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub shards: Option, + /// The template for generating Components for shards, where each shard consists of one Component. + /// + /// + /// This field is of type ClusterComponentSpec, which encapsulates all the required details and + /// definitions for creating and managing the Components. + /// KubeBlocks uses this template to generate a set of identical Components of shards. + /// All the generated Components will have the same specifications and definitions as specified in the `template` field. + /// + /// + /// This allows for the creation of multiple Components with consistent configurations, + /// enabling sharding and distribution of workloads across Components. + pub template: ClusterShardingsTemplate, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// The template for generating Components for shards, where each shard consists of one Component. +/// +/// +/// This field is of type ClusterComponentSpec, which encapsulates all the required details and +/// definitions for creating and managing the Components. +/// KubeBlocks uses this template to generate a set of identical Components of shards. +/// All the generated Components will have the same specifications and definitions as specified in the `template` field. +/// +/// +/// This allows for the creation of multiple Components with consistent configurations, +/// enabling sharding and distribution of workloads across Components. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterShardingsTemplate { + /// Specifies Annotations to override or add for underlying Pods, PVCs, Account & TLS Secrets, Services Owned by Component. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the ComponentDefinition custom resource (CR) that defines the Component's characteristics and behavior. + /// + /// + /// Supports three different ways to specify the ComponentDefinition: + /// + /// + /// - the regular expression - recommended + /// - the full name - recommended + /// - the name prefix + #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentDef")] + pub component_def: Option, + /// Specifies the configuration content of a config template. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub configs: Option>, + /// Determines whether metrics exporter information is annotated on the Component's headless Service. + /// + /// + /// If set to true, the following annotations will not be patched into the Service: + /// + /// + /// - "monitor.kubeblocks.io/path" + /// - "monitor.kubeblocks.io/port" + /// - "monitor.kubeblocks.io/scheme" + /// + /// + /// These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableExporter")] + pub disable_exporter: Option, + /// List of environment variables to add. + /// These environment variables will be placed after the environment variables declared in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumeClaimTemplates { - /// Refers to the name of a volumeMount defined in either: + pub env: Option>, + /// Provides fine-grained control over the spec update process of all instances. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceUpdateStrategy")] + pub instance_update_strategy: Option, + /// Allows for the customization of configuration values for each instance within a Component. + /// An instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps). + /// While instances typically share a common configuration as defined in the ClusterComponentSpec, + /// they can require unique settings in various scenarios: /// /// - /// - `componentDefinition.spec.runtime.containers[*].volumeMounts` - /// - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated) + /// For example: + /// - A database Component might require different resource allocations for primary and secondary instances, + /// with primaries needing more resources. + /// - During a rolling upgrade, a Component may first update the image for one or a few instances, + /// and then update the remaining instances after verifying that the updated instances are functioning correctly. /// /// - /// The value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array. - pub name: String, - /// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume - /// with the mount name specified in the `name` field. + /// InstanceTemplate allows for specifying these unique configurations per instance. + /// Each instance's name is constructed using the pattern: $(component.name)-$(template.name)-$(ordinal), + /// starting with an ordinal of 0. + /// It is crucial to maintain unique names for each InstanceTemplate to avoid conflicts. /// /// - /// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification - /// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -/// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume -/// with the mount name specified in the `name` field. -/// -/// -/// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification -/// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumeClaimTemplatesSpec { - /// Contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// Represents the minimum resources the volume should have. - /// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that - /// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// The name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// Defines what type of volume is required by the claim, either Block or Filesystem. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, -} - -/// Represents the minimum resources the volume should have. -/// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that -/// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumeClaimTemplatesSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// The sum of replicas across all InstanceTemplates should not exceed the total number of replicas specified for the Component. + /// Any remaining replicas will be generated using the default template and will follow the default naming rules. #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// VolumeMount describes a mounting of a Volume within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumeMounts { - /// Path within the container at which the volume should be mounted. Must - /// not contain ':'. - #[serde(rename = "mountPath")] - pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host - /// to container and the other way around. - /// When not set, MountPropagationNone is used. - /// This field is beta in 1.10. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - /// This must match the Name of a Volume. - pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. - /// Defaults to "" (volume's root). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. - /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - /// Defaults to "" (volume's root). - /// SubPathExpr and SubPath are mutually exclusive. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -/// Volume represents a named volume in a pod that may be accessed by any container in the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] - pub aws_elastic_block_store: Option, - /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] - pub azure_disk: Option, - /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] - pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + pub instances: Option>, + /// Specifies the configuration for the TLS certificates issuer. + /// It allows defining the issuer name and the reference to the secret containing the TLS certificates and key. + /// The secret should contain the CA certificate, TLS certificate, and private key in the specified keys. + /// Required when TLS is enabled. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md + pub issuer: Option, + /// Specifies Labels to override or add for underlying Pods, PVCs, Account & TLS Secrets, Services Owned by Component. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cinder: Option, - /// configMap represents a configMap that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + pub labels: Option>, + /// Specifies the Component's name. + /// It's part of the Service DNS name and must comply with the IANA service naming rule. + /// The name is optional when ClusterComponentSpec is used as a template (e.g., in `clusterSharding`), + /// but required otherwise. #[serde(default, skip_serializing_if = "Option::is_none")] - pub csi: Option, - /// downwardAPI represents downward API about the pod that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] - pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. - /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - /// and deleted when the pod is removed. + pub name: Option, + /// Specifies the names of instances to be transitioned to offline status. /// /// - /// Use this if: - /// a) the volume is only needed while the pod runs, - /// b) features of normal volumes like restoring from snapshot or capacity - /// tracking are needed, - /// c) the storage driver is specified through a storage class, and - /// d) the storage driver supports dynamic volume provisioning through - /// a PersistentVolumeClaim (see EphemeralVolumeSource for more - /// information on the connection between this volume type - /// and PersistentVolumeClaim). + /// Marking an instance as offline results in the following: /// /// - /// Use PersistentVolumeClaim or one of the vendor-specific - /// APIs for volumes that persist for longer than the lifecycle - /// of an individual pod. + /// 1. The associated Pod is stopped, and its PersistentVolumeClaim (PVC) is retained for potential + /// future reuse or data recovery, but it is no longer actively used. + /// 2. The ordinal number assigned to this instance is preserved, ensuring it remains unique + /// and avoiding conflicts with new instances. /// /// - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - /// be used that way - see the documentation of the driver for - /// more information. + /// Setting instances to offline allows for a controlled scale-in process, preserving their data and maintaining + /// ordinal consistency within the Cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineInstances")] + pub offline_instances: Option>, + /// Controls the concurrency of pods during initial scale up, when replacing pods on nodes, + /// or when scaling down. It only used when `PodManagementPolicy` is set to `Parallel`. + /// The default Concurrency is 100%. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parallelPodManagementConcurrency")] + pub parallel_pod_management_concurrency: Option, + /// PodUpdatePolicy indicates how pods should be updated /// /// - /// A pod can use both types of ephemeral volumes and - /// persistent volumes at the same time. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ephemeral: Option, - /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub fc: Option, - /// flexVolume represents a generic volume resource that is - /// provisioned/attached using an exec based plugin. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] - pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] - pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - /// into the Pod's container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] - pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host - /// machine that is directly exposed to the container. This is generally - /// used for system agents or other privileged things that are allowed - /// to see the host machine. Most containers will NOT need this. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] - pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://examples.k8s.io/volumes/iscsi/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub iscsi: Option, - /// name of the volume. - /// Must be a DNS_LABEL and unique within the pod. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a - /// PersistentVolumeClaim in the same namespace. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] - pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] - pub portworx_volume: Option, - /// projected items for all in one resources secrets, configmaps, and downward API - #[serde(default, skip_serializing_if = "Option::is_none")] - pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/rbd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rbd: Option, - /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] - pub scale_io: Option, - /// secret represents a secret that should populate this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// - `StrictInPlace` indicates that only allows in-place upgrades. + /// Any attempt to modify other fields will be rejected. + /// - `PreferInPlace` indicates that we will first attempt an in-place upgrade of the Pod. + /// If that fails, it will fall back to the ReCreate, where pod will be recreated. + /// Default value is "PreferInPlace" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podUpdatePolicy")] + pub pod_update_policy: Option, + /// Specifies the desired number of replicas in the Component for enhancing availability and durability, or load balancing. + pub replicas: i32, + /// Specifies the resources required by the Component. + /// It allows defining the CPU, memory requirements and limits for the Component's containers. #[serde(default, skip_serializing_if = "Option::is_none")] - pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] - pub vsphere_volume: Option, -} - -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + pub resources: Option, + /// Specifies the scheduling policy for the Component. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingPolicy")] + pub scheduling_policy: Option, + /// Specifies the name of the ServiceAccount required by the running Component. + /// This ServiceAccount is used to grant necessary permissions for the Component's Pods to interact + /// with other Kubernetes resources, such as modifying Pod labels or sending events. + /// + /// + /// If not specified, KubeBlocks automatically creates a default ServiceAccount named + /// "kb-{componentdefinition.name}", bound to a role with rules defined in ComponentDefinition's + /// `policyRules` field. If needed (currently this means if any lifecycleAction is enabled), + /// it will also be bound to a default role named + /// "kubeblocks-cluster-pod-role", which is installed together with KubeBlocks. + /// If multiple components use the same ComponentDefinition, they will share one ServiceAccount. + /// + /// + /// If the field is not empty, the specified ServiceAccount will be used, and KubeBlocks will not + /// create a ServiceAccount. But KubeBlocks does create RoleBindings for the specified ServiceAccount. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// Defines a list of ServiceRef for a Component, enabling access to both external services and + /// Services provided by other Clusters. + /// + /// + /// Types of services: + /// + /// + /// - External services: Not managed by KubeBlocks or managed by a different KubeBlocks operator; + /// Require a ServiceDescriptor for connection details. + /// - Services provided by a Cluster: Managed by the same KubeBlocks operator; + /// identified using Cluster, Component and Service names. + /// + /// + /// ServiceRefs with identical `serviceRef.name` in the same Cluster are considered the same. + /// + /// + /// Example: + /// ```text + /// serviceRefs: + /// - name: "redis-sentinel" + /// serviceDescriptor: + /// name: "external-redis-sentinel" + /// - name: "postgres-cluster" + /// clusterServiceSelector: + /// cluster: "my-postgres-cluster" + /// service: + /// component: "postgresql" + /// ``` + /// The example above includes ServiceRefs to an external Redis Sentinel service and a PostgreSQL Cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceRefs")] + pub service_refs: Option>, + /// ServiceVersion specifies the version of the Service expected to be provisioned by this Component. + /// The version should follow the syntax and semantics of the "Semantic Versioning" specification (http://semver.org/). + /// If no version is specified, the latest available version will be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceVersion")] + pub service_version: Option, + /// Overrides services defined in referenced ComponentDefinition. #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesAzureDisk { - /// cachingMode is the Host Caching mode: None, Read Only, Read Write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] - pub caching_mode: Option, - /// diskName is the Name of the data disk in the blob storage - #[serde(rename = "diskName")] - pub disk_name: String, - /// diskURI is the URI of data disk in the blob storage - #[serde(rename = "diskURI")] - pub disk_uri: String, - /// fsType is Filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared + pub services: Option>, + /// Stop the Component. + /// If set, all the computing resources will be released. #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretName is the name of secret that contains Azure Storage Account Name and Key - #[serde(rename = "secretName")] - pub secret_name: String, - /// shareName is the azure share Name - #[serde(rename = "shareName")] - pub share_name: String, -} - -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - pub monitors: Vec, - /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / + pub stop: Option, + /// Overrides system accounts defined in referenced ComponentDefinition. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemAccounts")] + pub system_accounts: Option>, + /// A boolean flag that indicates whether the Component should use Transport Layer Security (TLS) + /// for secure communication. + /// When set to true, the Component will be configured to use TLS encryption for its network connections. + /// This ensures that the data transmitted between the Component and its clients or other Components is encrypted + /// and protected from unauthorized access. + /// If TLS is enabled, the Component may require additional configuration, such as specifying TLS certificates and keys, + /// to properly set up the secure communication channel. #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] - pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + pub tls: Option, + /// Specifies a list of PersistentVolumeClaim templates that represent the storage requirements for the Component. + /// Each template specifies the desired characteristics of a persistent volume, such as storage class, + /// size, and access modes. + /// These templates are used to dynamically provision persistent volumes for the Component. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplates")] + pub volume_claim_templates: Option>, + /// List of volumes to override. #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, + pub volumes: Option>, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. -/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// ClusterComponentConfig represents a configuration for a component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesCephfsSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterShardingsTemplateConfigs { + /// ConfigMap source for the config. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// ExternalManaged indicates whether the configuration is managed by an external system. + /// When set to true, the controller will use the user-provided template and reconfigure action, + /// ignoring the default template and update behavior. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalManaged")] + pub external_managed: Option, + /// The name of the config. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, -} - -/// cinder represents a cinder volume attached and mounted on kubelets host machine. -/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesCinder { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect - /// to OpenStack. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// secretRef is optional: points to a secret object containing parameters used to connect -/// to OpenStack. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesCinderSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? + /// The custom reconfigure action to reload the service configuration whenever changes to this config are detected. + /// + /// + /// The container executing this action has access to following variables: + /// + /// + /// - KB_CONFIG_FILES_CREATED: file1,file2... + /// - KB_CONFIG_FILES_REMOVED: file1,file2... + /// - KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2... + /// + /// + /// Note: This field is immutable once it has been set. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub reconfigure: Option, + /// Variables are key-value pairs for dynamic configuration values that can be provided by the user. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub variables: Option>, } -/// configMap represents a configMap that should populate this volume +/// ConfigMap source for the config. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesConfigMap { +pub struct ClusterShardingsTemplateConfigsConfigMap { /// defaultMode is optional: mode bits used to set permissions on created files by default. /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. @@ -9425,122 +6493,235 @@ pub struct ClusterShardingsTemplateInstancesVolumesConfigMap { /// the volume setup will error unless it is marked optional. Paths must be /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? + pub items: Option>, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// optional specify whether the ConfigMap or its keys must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Maps a string key to a path within a volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateConfigsConfigMapItems { + /// key is the key to project. + pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. + pub path: String, +} + +/// The custom reconfigure action to reload the service configuration whenever changes to this config are detected. +/// +/// +/// The container executing this action has access to following variables: +/// +/// +/// - KB_CONFIG_FILES_CREATED: file1,file2... +/// - KB_CONFIG_FILES_REMOVED: file1,file2... +/// - KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2... +/// +/// +/// Note: This field is immutable once it has been set. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateConfigsReconfigure { + /// Defines the command to run. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Specifies the state that the cluster must reach before the Action is executed. + /// Currently, this is only applicable to the `postProvision` action. + /// + /// + /// The conditions are as follows: + /// + /// + /// - `Immediately`: Executed right after the Component object is created. + /// The readiness of the Component and its resources is not guaranteed at this stage. + /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated + /// runtime resources (e.g. Pods) are in a ready state. + /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. + /// This process does not affect the readiness state of the Component or the Cluster. + /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. + /// This execution does not alter the Component or the Cluster's state of readiness. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] + pub pre_condition: Option, + /// Defines the strategy to be taken when retrying the Action after a failure. + /// + /// + /// It specifies the conditions under which the Action should be retried and the limits to apply, + /// such as the maximum number of retries and backoff strategy. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] + pub retry_policy: Option, + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateConfigsReconfigureExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Specifies the name of the container within the same pod whose resources will be shared with the action. + /// This allows the action to utilize the specified container's resources without executing within it. + /// + /// + /// The name must match one of the containers defined in `componentDefinition.spec.runtime`. + /// + /// + /// The resources that can be shared are included: + /// + /// + /// - volume mounts + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// All actions with same image will share the same container. + /// + /// + /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// If not specified, the Action will be executed in the pod where the Action is triggered, such as the pod + /// to be removed or added; or a random pod if the Action is triggered at the component level, such as + /// post-provision or pre-terminate of the component. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, } -/// Maps a string key to a path within a volume. +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. +pub struct ClusterShardingsTemplateConfigsReconfigureExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// Source for the environment variable's value. Cannot be used if value is not empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. - /// Consult with your admin for the correct name as registered in the cluster. - pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". - /// If not provided, the empty value is passed to the associated CSI driver - /// which will determine the default filesystem to apply. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing - /// sensitive information to pass to the CSI driver to complete the CSI - /// NodePublishVolume and NodeUnpublishVolume calls. - /// This field is optional, and may be empty if no secret is required. If the - /// secret object contains more than one secret, all secret references are passed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] - pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. - /// Defaults to false (read/write). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI - /// driver. Consult your driver's documentation for supported values. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] - pub volume_attributes: Option>, +pub struct ClusterShardingsTemplateConfigsReconfigureExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, } -/// nodePublishSecretRef is a reference to the secret object containing -/// sensitive information to pass to the CSI driver to complete the CSI -/// NodePublishVolume and NodeUnpublishVolume calls. -/// This field is optional, and may be empty if no secret is required. If the -/// secret object contains more than one secret, all secret references are passed. +/// Selects a key of a ConfigMap. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesCsiNodePublishSecretRef { +pub struct ClusterShardingsTemplateConfigsReconfigureExecEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, /// Name of the referent. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, -} - -/// downwardAPI represents downward API about the pod that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a - /// Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Items is a list of downward API volume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, + pub optional: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesDownwardApiItemsFieldRef { +pub struct ClusterShardingsTemplateConfigsReconfigureExecEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, @@ -9550,9 +6731,9 @@ pub struct ClusterShardingsTemplateInstancesVolumesDownwardApiItemsFieldRef { } /// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesDownwardApiItemsResourceFieldRef { +pub struct ClusterShardingsTemplateConfigsReconfigureExecEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, @@ -9563,290 +6744,368 @@ pub struct ClusterShardingsTemplateInstancesVolumesDownwardApiItemsResourceField pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. - /// The default is "" which means to use the node's default medium. - /// Must be an empty string (default) or Memory. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +pub struct ClusterShardingsTemplateConfigsReconfigureExecEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. - /// The size limit is also applicable for memory medium. - /// The maximum usage on memory medium EmptyDir would be the minimum value between - /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. - /// The default is nil which means that the limit is undefined. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] - pub size_limit: Option, + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. -/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, -/// and deleted when the pod is removed. -/// -/// -/// Use this if: -/// a) the volume is only needed while the pod runs, -/// b) features of normal volumes like restoring from snapshot or capacity -/// tracking are needed, -/// c) the storage driver is specified through a storage class, and -/// d) the storage driver supports dynamic volume provisioning through -/// a PersistentVolumeClaim (see EphemeralVolumeSource for more -/// information on the connection between this volume type -/// and PersistentVolumeClaim). +/// Defines the command to run. /// /// -/// Use PersistentVolumeClaim or one of the vendor-specific -/// APIs for volumes that persist for longer than the lifecycle -/// of an individual pod. +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterShardingsTemplateConfigsReconfigureExecTargetPodSelector { + Any, + All, + Role, + Ordinal, +} + +/// Defines the strategy to be taken when retrying the Action after a failure. /// /// -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to -/// be used that way - see the documentation of the driver for -/// more information. +/// It specifies the conditions under which the Action should be retried and the limits to apply, +/// such as the maximum number of retries and backoff strategy. /// /// -/// A pod can use both types of ephemeral volumes and -/// persistent volumes at the same time. +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateConfigsReconfigureRetryPolicy { + /// Defines the maximum number of retry attempts that should be made for a given Action. + /// This value is set to 0 by default, indicating that no retries will be made. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] + pub max_retries: Option, + /// Indicates the duration of time to wait between each retry attempt. + /// This value is set to 0 by default, indicating that there will be no delay between retry attempts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")] + pub retry_interval: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. - /// The pod in which this EphemeralVolumeSource is embedded will be the - /// owner of the PVC, i.e. the PVC will be deleted together with the - /// pod. The name of the PVC will be `-` where - /// `` is the name from the `PodSpec.Volumes` array - /// entry. Pod validation will reject the pod if the concatenated name - /// is not valid for a PVC (for example, too long). - /// - /// - /// An existing PVC with that name that is not owned by the pod - /// will *not* be used for the pod to avoid using an unrelated - /// volume by mistake. Starting the pod is then blocked until - /// the unrelated PVC is removed. If such a pre-created PVC is - /// meant to be used by the pod, the PVC has to updated with an - /// owner reference to the pod once the pod exists. Normally - /// this should not be necessary, but it may be useful when - /// manually reconstructing a broken cluster. - /// - /// - /// This field is read-only and no changes will be made by Kubernetes - /// to the PVC after it has been created. - /// - /// - /// Required, must not be nil. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] - pub volume_claim_template: Option, +pub struct ClusterShardingsTemplateEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, } -/// Will be used to create a stand-alone PVC to provision the volume. -/// The pod in which this EphemeralVolumeSource is embedded will be the -/// owner of the PVC, i.e. the PVC will be deleted together with the -/// pod. The name of the PVC will be `-` where -/// `` is the name from the `PodSpec.Volumes` array -/// entry. Pod validation will reject the pod if the concatenated name -/// is not valid for a PVC (for example, too long). -/// -/// -/// An existing PVC with that name that is not owned by the pod -/// will *not* be used for the pod to avoid using an unrelated -/// volume by mistake. Starting the pod is then blocked until -/// the unrelated PVC is removed. If such a pre-created PVC is -/// meant to be used by the pod, the PVC has to updated with an -/// owner reference to the pod once the pod exists. Normally -/// this should not be necessary, but it may be useful when -/// manually reconstructing a broken cluster. -/// -/// -/// This field is read-only and no changes will be made by Kubernetes -/// to the PVC after it has been created. -/// -/// -/// Required, must not be nil. +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC - /// when creating it. No other fields are allowed and will be rejected during - /// validation. +pub struct ClusterShardingsTemplateEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is - /// copied unchanged into the PVC that gets created from this - /// template. The same fields as in a PersistentVolumeClaim - /// are also valid here. - pub spec: ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpec, + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, } -/// May contain labels and annotations that will be copied into the PVC -/// when creating it. No other fields are allowed and will be rejected during -/// validation. +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstanceUpdateStrategy { + /// Specifies how the rolling update should be applied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] + pub rolling_update: Option, + /// Indicates the type of the update strategy. + /// Default is RollingUpdate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Specifies how the rolling update should be applied. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstanceUpdateStrategyRollingUpdate { + /// The maximum number of instances that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. The field applies to all instances. That means if there is any unavailable pod, + /// it will be counted towards MaxUnavailable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] + pub max_unavailable: Option, + /// Indicates the number of instances that should be updated during a rolling update. + /// The remaining instances will remain untouched. This is helpful in defining how many instances + /// should participate in the update process. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. + /// The default value is ComponentSpec.Replicas (i.e., update all instances). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, +} + +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterShardingsTemplateInstanceUpdateStrategyType { + RollingUpdate, + OnDelete, +} + +/// InstanceTemplate allows customization of individual replica configurations in a Component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateMetadata { +pub struct ClusterShardingsTemplateInstances { + /// Specifies a map of key-value pairs to be merged into the Pod's existing annotations. + /// Existing keys will have their values overwritten, while new keys will be added to the annotations. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, + /// Defines Env to override. + /// Add new or override existing envs. #[serde(default, skip_serializing_if = "Option::is_none")] - pub finalizers: Option>, + pub env: Option>, + /// Specifies a map of key-value pairs that will be merged into the Pod's existing labels. + /// Values for existing keys will be overwritten, and new keys will be added. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, + /// Name specifies the unique name of the instance Pod created using this InstanceTemplate. + /// This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal + /// using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. + /// The specified name overrides any default naming conventions or patterns. + pub name: String, + /// Specifies the desired Ordinals of this InstanceTemplate. + /// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. + /// + /// + /// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, + /// then the instance names generated under this InstanceTemplate would be + /// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and + /// $(cluster.name)-$(component.name)-$(template.name)-7 #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub ordinals: Option, + /// Specifies the number of instances (Pods) to create from this InstanceTemplate. + /// This field allows setting how many replicated instances of the Component, + /// with the specific overrides in the InstanceTemplate, are created. + /// The default value is 1. A value of 0 disables instance creation. #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, + pub replicas: Option, + /// Specifies an override for the resource requirements of the first container in the Pod. + /// This field allows for customizing resource allocation (CPU, memory, etc.) for the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, + /// Specifies the scheduling policy for the Component. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingPolicy")] + pub scheduling_policy: Option, } -/// The specification for the PersistentVolumeClaim. The entire content is -/// copied unchanged into the PVC that gets created from this -/// template. The same fields as in a PersistentVolumeClaim -/// are also valid here. +/// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// dataSource field can be used to specify either: - /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - /// * An existing PVC (PersistentVolumeClaim) - /// If the provisioner or an external controller can support the specified data source, - /// it will create a new volume based on the contents of the specified data source. - /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - /// volume is desired. This may be any object from a non-empty API group (non - /// core object) or a PersistentVolumeClaim object. - /// When this field is specified, volume binding will only succeed if the type of - /// the specified object matches some installed volume populator or dynamic - /// provisioner. - /// This field will replace the functionality of the dataSource field and as such - /// if both fields are non-empty, they must have the same value. For backwards - /// compatibility, when namespace isn't specified in dataSourceRef, - /// both fields (dataSource and dataSourceRef) will be set to the same - /// value automatically if one of them is empty and the other is non-empty. - /// When namespace is specified in dataSourceRef, - /// dataSource isn't set to the same value and must be empty. - /// There are three important differences between dataSource and dataSourceRef: - /// * While dataSource only allows two specific types of objects, dataSourceRef - /// allows any non-core object, as well as PersistentVolumeClaim objects. - /// * While dataSource ignores disallowed values (dropping them), dataSourceRef - /// preserves all values, and generates an error if a disallowed value is - /// specified. - /// * While dataSource only allows local objects, dataSourceRef allows objects - /// in any namespaces. - /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. - /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - /// that are lower than previous value but must still be higher than capacity recorded in the - /// status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +pub struct ClusterShardingsTemplateInstancesEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// selector is a label query over volumes to consider for binding. + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstancesEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstancesEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - /// If specified, the CSI driver will create or update the volume with the attributes defined - /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - /// will be set by the persistentvolume controller if it exists. - /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] - pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. - /// Value of Filesystem is implied when not included in claim spec. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstancesEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstancesEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, } -/// dataSource field can be used to specify either: -/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) -/// * An existing PVC (PersistentVolumeClaim) -/// If the provisioner or an external controller can support the specified data source, -/// it will create a new volume based on the contents of the specified data source. -/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, -/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. -/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// Selects a key of a secret in the pod's namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, +pub struct ClusterShardingsTemplateInstancesEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty -/// volume is desired. This may be any object from a non-empty API group (non -/// core object) or a PersistentVolumeClaim object. -/// When this field is specified, volume binding will only succeed if the type of -/// the specified object matches some installed volume populator or dynamic -/// provisioner. -/// This field will replace the functionality of the dataSource field and as such -/// if both fields are non-empty, they must have the same value. For backwards -/// compatibility, when namespace isn't specified in dataSourceRef, -/// both fields (dataSource and dataSourceRef) will be set to the same -/// value automatically if one of them is empty and the other is non-empty. -/// When namespace is specified in dataSourceRef, -/// dataSource isn't set to the same value and must be empty. -/// There are three important differences between dataSource and dataSourceRef: -/// * While dataSource only allows two specific types of objects, dataSourceRef -/// allows any non-core object, as well as PersistentVolumeClaim objects. -/// * While dataSource ignores disallowed values (dropping them), dataSourceRef -/// preserves all values, and generates an error if a disallowed value is -/// specified. -/// * While dataSource only allows local objects, dataSourceRef allows objects -/// in any namespaces. -/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// Specifies the desired Ordinals of this InstanceTemplate. +/// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. +/// +/// +/// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, +/// then the instance names generated under this InstanceTemplate would be +/// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and +/// $(cluster.name)-$(component.name)-$(template.name)-7 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, - /// Namespace is the namespace of resource being referenced - /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +pub struct ClusterShardingsTemplateInstancesOrdinals { #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, + pub discrete: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ranges: Option>, } -/// resources represents the minimum resources the volume should have. -/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements -/// that are lower than previous value but must still be higher than capacity recorded in the -/// status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// Range represents a range with a start and an end value. +/// It is used to define a continuous segment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstancesOrdinalsRanges { + pub end: i32, + pub start: i32, +} + +/// Specifies an override for the resource requirements of the first container in the Pod. +/// This field allows for customizing resource allocation (CPU, memory, etc.) for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { +pub struct ClusterShardingsTemplateInstancesResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -9859,425 +7118,424 @@ pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateS pub requests: Option>, } -/// selector is a label query over volumes to consider for binding. +/// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, +pub struct ClusterShardingsTemplateInstancesResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, } -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. +/// Specifies the scheduling policy for the Component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. +pub struct ClusterShardingsTemplateInstancesSchedulingPolicy { + /// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, + pub affinity: Option, + /// NodeName is a request to schedule this Pod onto a specific node. If it is non-empty, + /// the scheduler simply schedules this Pod onto that node, assuming that it fits resource + /// requirements. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] + pub node_name: Option, + /// NodeSelector is a selector which must be true for the Pod to fit on a node. + /// Selector which must match a node's labels for the Pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// If specified, the Pod will be dispatched by specified scheduler. + /// If not specified, the Pod will be dispatched by default scheduler. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] + pub scheduler_name: Option, + /// Allows Pods to be scheduled onto nodes with matching taints. + /// Each toleration in the array allows the Pod to tolerate node taints based on + /// specified `key`, `value`, `effect`, and `operator`. + /// + /// + /// - The `key`, `value`, and `effect` identify the taint that the toleration matches. + /// - The `operator` determines how the toleration matches the taint. + /// + /// + /// Pods with matching tolerations are allowed to be scheduled on tainted nodes, typically reserved for specific purposes. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, + /// TopologySpreadConstraints describes how a group of Pods ought to spread across topology + /// domains. Scheduler will schedule Pods in a way which abides by the constraints. + /// All topologySpreadConstraints are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] + pub topology_spread_constraints: Option>, } -/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. +/// Specifies a group of affinity scheduling rules of the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesFc { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// lun is Optional: FC target lun number - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// targetWWNs is Optional: FC target worldwide names (WWNs) - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] - pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) - /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub wwids: Option>, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, } -/// flexVolume represents a generic volume resource that is -/// provisioned/attached using an exec based plugin. +/// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesFlexVolume { - /// driver is the name of the driver to use for this volume. - pub driver: String, - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// options is Optional: this field holds extra command options if any. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing - /// sensitive information to pass to the plugin scripts. This may be - /// empty if no secret object is specified. If the secret object - /// contains more than one secret, all secrets are passed to the plugin - /// scripts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing -/// sensitive information to pass to the plugin scripts. This may be -/// empty if no secret object is specified. If the secret object -/// contains more than one secret, all secrets are passed to the plugin -/// scripts. +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesFlexVolumeSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// A node selector term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - /// should be considered as deprecated - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] - pub dataset_name: Option, - /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] - pub dataset_uuid: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(rename = "pdName")] - pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, + pub values: Option>, } -/// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -/// into the Pod's container. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesGitRepo { - /// directory is the target directory name. - /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - /// git repository. Otherwise, if specified, the volume will contain the git repository in - /// the subdirectory with the given name. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub directory: Option, - /// repository is the URL - pub repository: String, - /// revision is the commit hash for the specified revision. +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub revision: Option, + pub values: Option>, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub endpoints: String, - /// path is the Glusterfs volume path. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, } -/// hostPath represents a pre-existing file or directory on the host -/// machine that is directly exposed to the container. This is generally -/// used for system agents or other privileged things that are allowed -/// to see the host machine. Most containers will NOT need this. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesHostPath { - /// path of the directory on the host. - /// If the path is a symlink, it will follow the link to the real path. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - pub path: String, - /// type for HostPath Volume - /// Defaults to "" - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, } -/// iscsi represents an ISCSI Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://examples.k8s.io/volumes/iscsi/README.md +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesIscsi { - /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] - pub chap_auth_discovery: Option, - /// chapAuthSession defines whether support iSCSI Session CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] - pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. - /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - /// : will be created for the connection. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] - pub initiator_name: Option, - /// iqn is the target iSCSI Qualified Name. - pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. - /// Defaults to 'default' (tcp). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] - pub iscsi_interface: Option, - /// lun represents iSCSI Target Lun number. - pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is the CHAP Secret for iSCSI target and initiator authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(rename = "targetPortal")] - pub target_portal: String, + pub values: Option>, } -/// secretRef is the CHAP Secret for iSCSI target and initiator authentication +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesIscsiSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub values: Option>, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesNfs { - /// path that is exported by the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// server is the hostname or IP address of the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub server: String, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, } -/// persistentVolumeClaimVolumeSource represents a reference to a -/// PersistentVolumeClaim in the same namespace. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(rename = "claimName")] - pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. - /// Default false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// pdID is the ID that identifies Photon Controller persistent disk - #[serde(rename = "pdID")] - pub pd_id: String, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesPortworxVolume { - /// fSType represents the filesystem type to mount - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID uniquely identifies a Portworx volume - #[serde(rename = "volumeID")] - pub volume_id: String, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// projected items for all in one resources secrets, configmaps, and downward API +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// sources is the list of volume projections +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub sources: Option>, + pub values: Option>, } -/// Projection that may be projected along with other supported volume types +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSources { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field - /// of ClusterTrustBundle objects in an auto-updating file. - /// - /// - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// - /// - /// ClusterTrustBundle objects can either be selected by name, or by the - /// combination of signer name and a label selector. - /// - /// - /// Kubelet performs aggressive normalization of the PEM contents written - /// into the pod filesystem. Esoteric PEM features such as inter-block - /// comments and block headers are stripped. Certificates are deduplicated. - /// The ordering of certificates within the file is arbitrary, and Kubelet - /// may change the order over time. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] - pub cluster_trust_bundle: Option, - /// configMap information about the configMap data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// downwardAPI information about the downwardAPI data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// secret information about the secret data to project +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// serviceAccountToken is information about the serviceAccountToken data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] - pub service_account_token: Option, + pub values: Option>, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field -/// of ClusterTrustBundle objects in an auto-updating file. -/// -/// -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// -/// -/// ClusterTrustBundle objects can either be selected by name, or by the -/// combination of signer name and a label selector. -/// -/// -/// Kubelet performs aggressive normalization of the PEM contents written -/// into the pod filesystem. Esoteric PEM features such as inter-block -/// comments and block headers are stripped. Certificates are deduplicated. -/// The ordering of certificates within the file is arbitrary, and Kubelet -/// may change the order over time. +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has - /// effect if signerName is set. Mutually-exclusive with name. If unset, - /// interpreted as "match nothing". If set but empty, interpreted as "match - /// everything". +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive - /// with signerName and labelSelector. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) - /// aren't available. If using name, then the named ClusterTrustBundle is - /// allowed not to exist. If using signerName, then the combination of - /// signerName and labelSelector is allowed to match zero - /// ClusterTrustBundles. + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// Relative path from the volume root to write the bundle. - pub path: String, - /// Select all ClusterTrustBundles that match this signer name. - /// Mutually-exclusive with name. The contents of all selected - /// ClusterTrustBundles will be unified and deduplicated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] - pub signer_name: Option, + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } - -/// Select all ClusterTrustBundles that match this label selector. Only has -/// effect if signerName is set. Mutually-exclusive with name. If unset, -/// interpreted as "match nothing". If set but empty, interpreted as "match -/// everything". + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, + pub match_expressions: Option>, /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels /// map is equivalent to an element of matchExpressions, whose key field is "key", the /// operator is "In", and the values array contains only "value". The requirements are ANDed. @@ -10288,7 +7546,7 @@ pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesClusterTrustB /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, /// operator represents a key's relationship to a set of values. @@ -10302,412 +7560,493 @@ pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesClusterTrustB pub values: Option>, } -/// configMap information about the configMap data to project +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// Maps a string key to a path within a volume. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesConfigMapItems { - /// key is the key to project. +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// downwardAPI information about the downwardAPI data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesDownwardApi { - /// Items is a list of DownwardAPIVolume file + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, + pub values: Option>, } -/// DownwardAPIVolumeFile represents information to create the file containing the pod field +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, } -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// secret information about the secret data to project +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional field specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// Maps a string key to a path within a volume. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesSecretItems { - /// key is the key to project. +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, + pub values: Option>, } -/// serviceAccountToken is information about the serviceAccountToken data to project +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token - /// must identify itself with an identifier specified in the audience of the - /// token, and otherwise should reject the token. The audience defaults to the - /// identifier of the apiserver. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service - /// account token. As the token approaches expiration, the kubelet volume - /// plugin will proactively rotate the service account token. The kubelet will - /// start trying to rotate the token if the token is older than 80 percent of - /// its time to live or if the token is older than 24 hours.Defaults to 1 hour - /// and must be at least 10 minutes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] - pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the - /// token into. - pub path: String, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesQuobyte { - /// group to map volume access to - /// Default is no group - #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services - /// specified as a string as host:port pair (multiple entries are separated with commas) - /// which acts as the central registry for volumes - pub registry: String, - /// tenant owning the given Quobyte volume in the Backend - /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tenant: Option, - /// user to map volume access to - /// Defaults to serivceaccount user +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, - /// volume is a string that references an already created Quobyte volume by name. - pub volume: String, + pub values: Option>, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/rbd/README.md +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// image is the rados image name. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub image: String, - /// keyring is the path to key ring for RBDUser. - /// Default is /etc/ceph/keyring. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keyring: Option, - /// monitors is a collection of Ceph monitors. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub monitors: Vec, - /// pool is the rados pool name. - /// Default is rbd. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided - /// overrides keyring. - /// Default is nil. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is the rados user name. - /// Default is admin. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, } -/// secretRef is name of the authentication secret for RBDUser. If provided -/// overrides keyring. -/// Default is nil. -/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesRbdSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesScaleIo { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". - /// Default is "xfs". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// gateway is the host address of the ScaleIO API Gateway. - pub gateway: String, - /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] - pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other - /// sensitive information. If this is not provided, Login operation will fail. - #[serde(rename = "secretRef")] - pub secret_ref: ClusterShardingsTemplateInstancesVolumesScaleIoSecretRef, - /// sslEnabled Flag enable/disable SSL communication with Gateway, default false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] - pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - /// Default is ThinProvisioned. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] - pub storage_mode: Option, - /// storagePool is the ScaleIO Storage Pool associated with the protection domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] - pub storage_pool: Option, - /// system is the name of the storage system as configured in ScaleIO. - pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system - /// that is associated with this volume source. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, } -/// secretRef references to the secret for ScaleIO user and other -/// sensitive information. If this is not provided, Login operation will fail. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesScaleIoSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// secret represents a secret that should populate this volume. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values - /// for mode bits. Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// optional field specify whether the Secret or its keys must be defined +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, + pub values: Option>, } -/// Maps a string key to a path within a volume. +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, } -/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesStorageos { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API - /// credentials. If not specified, default values will be attempted. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume - /// names are only unique within a namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no - /// namespace is specified then the Pod's namespace will be used. This allows the - /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - /// Set VolumeName to any name to override the default behaviour. - /// Set to "default" if you are not using namespaces within StorageOS. - /// Namespaces that do not pre-exist within StorageOS will be created. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] - pub volume_namespace: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. + #[serde(rename = "maxSkew")] + pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] + pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] + pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] + pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. + #[serde(rename = "topologyKey")] + pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. + #[serde(rename = "whenUnsatisfiable")] + pub when_unsatisfiable: String, } -/// secretRef specifies the secret to use for obtaining the StorageOS API -/// credentials. If not specified, default values will be attempted. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesStorageosSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingsTemplateInstancesVolumesVsphereVolume { - /// fsType is filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] - pub storage_policy_id: Option, - /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] - pub storage_policy_name: Option, - /// volumePath is the path that identifies vSphere volume vmdk - #[serde(rename = "volumePath")] - pub volume_path: String, +pub struct ClusterShardingsTemplateInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, } /// Specifies the configuration for the TLS certificates issuer. @@ -10743,6 +8082,10 @@ pub struct ClusterShardingsTemplateIssuerSecretRef { pub key: String, /// Name of the Secret that contains user-provided certificates. pub name: String, + /// The namespace where the secret is located. + /// If not provided, the secret is assumed to be in the same namespace as the Cluster object. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The template for generating Components for shards, where each shard consists of one Component. @@ -11885,6 +9228,9 @@ pub enum ClusterShardingsTemplateServicesServiceType { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingsTemplateSystemAccounts { + /// Specifies whether the system account is disabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, /// The name of the system account. pub name: String, /// Specifies the policy for generating the account's password. @@ -11896,6 +9242,9 @@ pub struct ClusterShardingsTemplateSystemAccounts { /// Refers to the secret from which data will be copied to create the new account. /// /// + /// For user-specified passwords, the maximum length is limited to 64 bytes. + /// + /// /// This field is immutable once set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, @@ -11939,6 +9288,9 @@ pub enum ClusterShardingsTemplateSystemAccountsPasswordConfigLetterCase { /// Refers to the secret from which data will be copied to create the new account. /// /// +/// For user-specified passwords, the maximum length is limited to 64 bytes. +/// +/// /// This field is immutable once set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingsTemplateSystemAccountsSecretRef { @@ -11946,10 +9298,19 @@ pub struct ClusterShardingsTemplateSystemAccountsSecretRef { pub name: String, /// The namespace where the secret is located. pub namespace: String, + /// The key in the secret data that contains the password. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingsTemplateVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// @@ -11991,6 +9352,12 @@ pub struct ClusterShardingsTemplateVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// + /// + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// Defines what type of volume is required by the claim, either Block or Filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, @@ -13668,6 +11035,7 @@ pub enum ClusterStatusComponentsPhase { Deleting, Updating, Stopping, + Starting, Running, Stopped, Failed, @@ -13705,6 +11073,7 @@ pub enum ClusterStatusShardingsPhase { Deleting, Updating, Stopping, + Starting, Running, Stopped, Failed, diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/componentdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/componentdefinitions.rs index bc5e5b656..f7d9e0070 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/componentdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/componentdefinitions.rs @@ -50,6 +50,16 @@ pub struct ComponentDefinitionSpec { /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none")] pub configs: Option>, + /// Specifies the config file templates and volume mount parameters used by the Component. + /// + /// + /// This field specifies a list of templates that will be rendered into Component containers' config files. + /// Each template is represented as a ConfigMap and may contain multiple config files, with each file being a key in the ConfigMap. + /// + /// + /// This field is immutable. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub configs2: Option>, /// Provides a brief and concise explanation of the Component's purpose, functionality, and any relevant details. /// It serves as a quick reference for users to understand the Component's role and characteristics. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -97,7 +107,7 @@ pub struct ComponentDefinitionSpec { /// `Immediately`, `RuntimeReady`, `ComponentReady`, and `ClusterReady`. /// - `preTerminate`: Defines the hook to be executed before terminating a Component. /// - `roleProbe`: Defines the procedure which is invoked regularly to assess the role of replicas. - /// - `switchover`: Defines the procedure for a controlled transition of leadership from the current leader to a new replica. + /// - `switchover`: Defines the procedure for a controlled transition of a role to a new replica. /// This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, /// such as before planned maintenance or upgrades on the current leader node. /// - `memberJoin`: Defines the procedure to add a new replica to the replication group. @@ -170,7 +180,7 @@ pub struct ComponentDefinitionSpec { /// This ensures that the Pods in the Component has appropriate permissions to function. /// /// - /// Note: This field is currently non-functional and is reserved for future implementation. + /// To prevent privilege escalation, only permissions already owned by KubeBlocks can be added here. /// /// /// This field is immutable. @@ -201,9 +211,9 @@ pub struct ComponentDefinitionSpec { /// Enumerate all possible roles assigned to each replica of the Component, influencing its behavior. /// /// - /// A replica can have zero to multiple roles. - /// KubeBlocks operator determines the roles of each replica by invoking the `lifecycleActions.roleProbe` method. - /// This action returns a list of roles for each replica, and the returned roles must be predefined in the `roles` field. + /// A replica can have zero or one role. + /// KubeBlocks operator determines the role of each replica by invoking the `lifecycleActions.roleProbe` method. + /// This action returns the role for each replica, and the returned role must be predefined here. /// /// /// The roles assigned to a replica can influence various aspects of the Component's behavior, such as: @@ -263,6 +273,13 @@ pub struct ComponentDefinitionSpec { /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none")] pub scripts: Option>, + /// Specifies groups of scripts, each provided via a ConfigMap, to be mounted as volumes in the container. + /// These scripts can be executed during container startup or via specific actions. + /// + /// + /// This field is immutable. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scripts2: Option>, /// Defines the type of well-known service protocol that the Component provides. /// It specifies the standard or widely recognized protocol used by the Component to offer its Services. /// @@ -390,6 +407,12 @@ pub struct ComponentDefinitionSpec { /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemAccounts")] pub system_accounts: Option>, + /// Specifies the TLS configuration for the Component. + /// + /// + /// This field is immutable. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, /// Specifies the concurrency strategy for updating multiple instances of the Component. /// Available strategies: /// @@ -5150,28 +5173,6 @@ pub struct ComponentDefinitionAvailableWithProbeConditionOrNoneStdout { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionConfigs { - /// Specifies the containers to inject the ConfigMap parameters as environment variables. - /// - /// - /// This is useful when application images accept parameters through environment variables and - /// generate the final configuration file in the startup script based on these variables. - /// - /// - /// This field allows users to specify a list of container names, and KubeBlocks will inject the environment - /// variables converted from the ConfigMap into these designated containers. This provides a flexible way to - /// pass the configuration items from the ConfigMap to the container without modifying the image. - /// - /// - /// Deprecated: `asEnvFrom` has been deprecated since 0.9.0 and will be removed in 0.10.0. - /// Use `injectEnvTo` instead. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "asEnvFrom")] - pub as_env_from: Option>, - /// Whether to store the final rendered parameters as a secret. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "asSecret")] - pub as_secret: Option, - /// Specifies the name of the referenced configuration constraints object. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "constraintRef")] - pub constraint_ref: Option, /// The operator attempts to set default file permissions for scripts (0555) and configurations (0444). /// However, certain database engines may require different file permissions. /// You can specify the desired file permissions here. @@ -5190,65 +5191,12 @@ pub struct ComponentDefinitionConfigs { /// Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// Specifies the containers to inject the ConfigMap parameters as environment variables. - /// - /// - /// This is useful when application images accept parameters through environment variables and - /// generate the final configuration file in the startup script based on these variables. - /// - /// - /// This field allows users to specify a list of container names, and KubeBlocks will inject the environment - /// variables converted from the ConfigMap into these designated containers. This provides a flexible way to - /// pass the configuration items from the ConfigMap to the container without modifying the image. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "injectEnvTo")] - pub inject_env_to: Option>, - /// Specifies the configuration files within the ConfigMap that support dynamic updates. - /// - /// - /// A configuration template (provided in the form of a ConfigMap) may contain templates for multiple - /// configuration files. - /// Each configuration file corresponds to a key in the ConfigMap. - /// Some of these configuration files may support dynamic modification and reloading without requiring - /// a pod restart. - /// - /// - /// If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates, - /// and ConfigConstraint applies to all keys. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keys: Option>, - /// Specifies the secondary rendered config spec for pod-specific customization. - /// - /// - /// The template is rendered inside the pod (by the "config-manager" sidecar container) and merged with the main - /// template's render result to generate the final configuration file. - /// - /// - /// This field is intended to handle scenarios where different pods within the same Component have - /// varying configurations. It allows for pod-specific customization of the configuration. - /// - /// - /// Note: This field will be deprecated in future versions, and the functionality will be moved to - /// `cluster.spec.componentSpecs[*].instances[*]`. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "legacyRenderedConfigSpec")] - pub legacy_rendered_config_spec: Option, /// Specifies the name of the configuration template. pub name: String, /// Specifies the namespace of the referenced configuration template ConfigMap object. /// An empty namespace is equivalent to the "default" namespace. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes. - /// - /// - /// In some scenarios, the configuration may need to be updated to reflect the changes in resource allocation - /// or cluster topology. Examples: - /// - /// - /// - Redis: adjust maxmemory after v-scale operation. - /// - MySQL: increase max connections after v-scale operation. - /// - Zookeeper: update zoo.cfg with new node addresses after h-scale operation. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "reRenderResourceTypes")] - pub re_render_resource_types: Option>, /// Specifies the name of the referenced configuration template ConfigMap object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateRef")] pub template_ref: Option, @@ -5259,54 +5207,37 @@ pub struct ComponentDefinitionConfigs { pub volume_name: Option, } -/// Specifies the secondary rendered config spec for pod-specific customization. -/// -/// -/// The template is rendered inside the pod (by the "config-manager" sidecar container) and merged with the main -/// template's render result to generate the final configuration file. -/// -/// -/// This field is intended to handle scenarios where different pods within the same Component have -/// varying configurations. It allows for pod-specific customization of the configuration. -/// -/// -/// Note: This field will be deprecated in future versions, and the functionality will be moved to -/// `cluster.spec.componentSpecs[*].instances[*]`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionConfigsLegacyRenderedConfigSpec { - /// Specifies the namespace of the referenced configuration template ConfigMap object. - /// An empty namespace is equivalent to the "default" namespace. +pub struct ComponentDefinitionConfigs2 { + /// The operator attempts to set default file permissions (0444). + /// + /// + /// Must be specified as an octal value between 0000 and 0777 (inclusive), + /// or as a decimal value between 0 and 511 (inclusive). + /// YAML supports both octal and decimal values for file permissions. + /// + /// + /// Please note that this setting only affects the permissions of the files themselves. + /// Directories within the specified path are not impacted by this setting. + /// It's important to be aware that this setting might conflict with other options + /// that influence the file mode, such as fsGroup. + /// In such cases, the resulting file mode may have additional bits set. + /// Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] + pub default_mode: Option, + /// Specifies the name of the template. + pub name: String, + /// Specifies the namespace of the referenced template ConfigMap object. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Defines the strategy for merging externally imported templates into component templates. + /// Specifies the name of the referenced template ConfigMap object. #[serde(default, skip_serializing_if = "Option::is_none")] - pub policy: Option, - /// Specifies the name of the referenced configuration template ConfigMap object. - #[serde(rename = "templateRef")] - pub template_ref: String, -} - -/// Specifies the secondary rendered config spec for pod-specific customization. -/// -/// -/// The template is rendered inside the pod (by the "config-manager" sidecar container) and merged with the main -/// template's render result to generate the final configuration file. -/// -/// -/// This field is intended to handle scenarios where different pods within the same Component have -/// varying configurations. It allows for pod-specific customization of the configuration. -/// -/// -/// Note: This field will be deprecated in future versions, and the functionality will be moved to -/// `cluster.spec.componentSpecs[*].instances[*]`. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ComponentDefinitionConfigsLegacyRenderedConfigSpecPolicy { - #[serde(rename = "patch")] - Patch, - #[serde(rename = "replace")] - Replace, - #[serde(rename = "none")] - None, + pub template: Option, + /// Refers to the volume name of PodTemplate. The file produced through the template will be mounted to + /// the corresponding volume. Must be a DNS_LABEL name. + /// The volume name must be defined in podSpec.containers[*].volumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, } /// Defines the built-in metrics exporter container. @@ -5382,7 +5313,7 @@ pub struct ComponentDefinitionHostNetworkContainerPorts { /// `Immediately`, `RuntimeReady`, `ComponentReady`, and `ClusterReady`. /// - `preTerminate`: Defines the hook to be executed before terminating a Component. /// - `roleProbe`: Defines the procedure which is invoked regularly to assess the role of replicas. -/// - `switchover`: Defines the procedure for a controlled transition of leadership from the current leader to a new replica. +/// - `switchover`: Defines the procedure for a controlled transition of a role to a new replica. /// This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, /// such as before planned maintenance or upgrades on the current leader node. /// - `memberJoin`: Defines the procedure to add a new replica to the replication group. @@ -5409,9 +5340,9 @@ pub struct ComponentDefinitionLifecycleActions { /// The container executing this action has access to following variables: /// /// - /// - KB_ACCOUNT_NAME: The name of the system account to be created. - /// - KB_ACCOUNT_PASSWORD: The password for the system account. // TODO: how to pass the password securely? - /// - KB_ACCOUNT_STATEMENT: The statement used to create the system account. + /// - KB_ACCOUNT_NAME: The name of the system account to be manipulated. + /// - KB_ACCOUNT_PASSWORD: The password for the system account. + /// - KB_ACCOUNT_STATEMENT: The statement used to manipulate the system account. /// /// /// Note: This field is immutable once it has been set. @@ -5441,6 +5372,12 @@ pub struct ComponentDefinitionLifecycleActions { /// that only the necessary data is exported for import into the new replica. /// /// + /// The container executing this action has access to following environment variables: + /// + /// + /// - KB_TARGET_POD_NAME: The name of the replica pod into which the data will be loaded. + /// + /// /// Note: This field is immutable once it has been set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataDump")] pub data_dump: Option, @@ -5652,17 +5589,22 @@ pub struct ComponentDefinitionLifecycleActions { /// Note: This field is immutable once it has been set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleProbe")] pub role_probe: Option, - /// Defines the procedure for a controlled transition of leadership from the current leader to a new replica. - /// This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, - /// during events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations - /// involving the current leader node. + /// Defines the procedure for a controlled transition of a role to a new replica. + /// This approach aims to minimize downtime and maintain availability + /// during events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations. + /// In a typical consensus system, this action is used to transfer leader role to another replica. /// /// /// The container executing this action has access to following variables: /// /// - /// - KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod for the new leader candidate, which may not be specified (empty). - /// - KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the new leader candidate's pod, which may not be specified (empty). + /// - KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod of the new role's candidate, which may not be specified (empty). + /// - KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the pod of the new role's candidate, which may not be specified (empty). + /// - KB_SWITCHOVER_CURRENT_NAME: The name of the pod of the current role. + /// - KB_SWITCHOVER_CURRENT_FQDN: The FQDN of the pod of the current role. + /// - KB_SWITCHOVER_ROLE: The role that will be transferred to another replica. + /// This variable can be empty if, for example, role probe does not succeed. + /// It depends on the addon implementation what to do under such cases. /// /// /// Note: This field is immutable once it has been set. @@ -5681,9 +5623,9 @@ pub struct ComponentDefinitionLifecycleActions { /// The container executing this action has access to following variables: /// /// -/// - KB_ACCOUNT_NAME: The name of the system account to be created. -/// - KB_ACCOUNT_PASSWORD: The password for the system account. // TODO: how to pass the password securely? -/// - KB_ACCOUNT_STATEMENT: The statement used to create the system account. +/// - KB_ACCOUNT_NAME: The name of the system account to be manipulated. +/// - KB_ACCOUNT_PASSWORD: The password for the system account. +/// - KB_ACCOUNT_STATEMENT: The statement used to manipulate the system account. /// /// /// Note: This field is immutable once it has been set. @@ -6235,6 +6177,12 @@ pub struct ComponentDefinitionLifecycleActionsAvailableProbeRetryPolicy { /// that only the necessary data is exported for import into the new replica. /// /// +/// The container executing this action has access to following environment variables: +/// +/// +/// - KB_TARGET_POD_NAME: The name of the replica pod into which the data will be loaded. +/// +/// /// Note: This field is immutable once it has been set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionLifecycleActionsDataDump { @@ -8992,17 +8940,22 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbeRetryPolicy { pub retry_interval: Option, } -/// Defines the procedure for a controlled transition of leadership from the current leader to a new replica. -/// This approach aims to minimize downtime and maintain availability in systems with a leader-follower topology, -/// during events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations -/// involving the current leader node. +/// Defines the procedure for a controlled transition of a role to a new replica. +/// This approach aims to minimize downtime and maintain availability +/// during events such as planned maintenance or when performing stop, shutdown, restart, or upgrade operations. +/// In a typical consensus system, this action is used to transfer leader role to another replica. /// /// /// The container executing this action has access to following variables: /// /// -/// - KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod for the new leader candidate, which may not be specified (empty). -/// - KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the new leader candidate's pod, which may not be specified (empty). +/// - KB_SWITCHOVER_CANDIDATE_NAME: The name of the pod of the new role's candidate, which may not be specified (empty). +/// - KB_SWITCHOVER_CANDIDATE_FQDN: The FQDN of the pod of the new role's candidate, which may not be specified (empty). +/// - KB_SWITCHOVER_CURRENT_NAME: The name of the pod of the current role. +/// - KB_SWITCHOVER_CURRENT_FQDN: The FQDN of the pod of the current role. +/// - KB_SWITCHOVER_ROLE: The role that will be transferred to another replica. +/// This variable can be empty if, for example, role probe does not succeed. +/// It depends on the addon implementation what to do under such cases. /// /// /// Note: This field is immutable once it has been set. @@ -9320,36 +9273,53 @@ pub struct ComponentDefinitionReplicasLimit { pub min_replicas: i32, } -/// ReplicaRole represents a role that can be assumed by a component instance. +/// ReplicaRole represents a role that can be assigned to a component instance, defining its behavior and responsibilities. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRoles { - /// Defines the role's identifier. It is used to set the "apps.kubeblocks.io/role" label value - /// on the corresponding object. + /// Name defines the role's unique identifier. This value is used to set the "apps.kubeblocks.io/role" label + /// on the corresponding object to identify its role. + /// + /// + /// For example, common role names include: + /// - "leader": The primary/master instance that handles write operations + /// - "follower": Secondary/replica instances that replicate data from the leader + /// - "learner": Read-only instances that don't participate in elections /// /// /// This field is immutable once set. pub name: String, - /// Indicates whether a replica assigned this role is capable of providing services. + /// ParticipatesInQuorum indicates if pods with this role are counted when determining quorum. + /// This affects update strategies that need to maintain quorum for availability. Roles participate + /// in quorum should have higher update priority than roles do not participate in quorum. + /// The default value is false. /// /// - /// This field is immutable once set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub serviceable: Option, - /// Specifies whether a replica with this role has voting rights. - /// In distributed systems, this typically means the replica can participate in consensus decisions, - /// configuration changes, or other processes that require a quorum. + /// For example, in a 5-pod component where: + /// - 2 learner pods (participatesInQuorum=false) + /// - 2 follower pods (participatesInQuorum=true) + /// - 1 leader pod (participatesInQuorum=true) + /// The quorum size would be 3 (based on the 3 participating pods), allowing parallel updates + /// of 2 learners and 1 follower while maintaining quorum. /// /// /// This field is immutable once set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub votable: Option, - /// Determines if a replica in this role has the authority to perform write operations. - /// A writable replica can modify data, handle update operations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "participatesInQuorum")] + pub participates_in_quorum: Option, + /// UpdatePriority determines the order in which pods with different roles are updated. + /// Pods are sorted by this priority (higher numbers = higher priority) and updated accordingly. + /// Roles with the highest priority will be updated last. + /// The default priority is 0. + /// + /// + /// For example: + /// - Leader role may have priority 2 (updated last) + /// - Follower role may have priority 1 (updated before leader) + /// - Learner role may have priority 0 (updated first) /// /// /// This field is immutable once set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub writable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePriority")] + pub update_priority: Option, } /// Specifies the PodSpec template used in the Component. @@ -15940,6 +15910,39 @@ pub struct ComponentDefinitionScripts { pub volume_name: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionScripts2 { + /// The operator attempts to set default file permissions (0444). + /// + /// + /// Must be specified as an octal value between 0000 and 0777 (inclusive), + /// or as a decimal value between 0 and 511 (inclusive). + /// YAML supports both octal and decimal values for file permissions. + /// + /// + /// Please note that this setting only affects the permissions of the files themselves. + /// Directories within the specified path are not impacted by this setting. + /// It's important to be aware that this setting might conflict with other options + /// that influence the file mode, such as fsGroup. + /// In such cases, the resulting file mode may have additional bits set. + /// Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] + pub default_mode: Option, + /// Specifies the name of the template. + pub name: String, + /// Specifies the namespace of the referenced template ConfigMap object. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specifies the name of the referenced template ConfigMap object. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, + /// Refers to the volume name of PodTemplate. The file produced through the template will be mounted to + /// the corresponding volume. Must be a DNS_LABEL name. + /// The volume name must be defined in podSpec.containers[*].volumeMounts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, +} + /// ServiceRefDeclaration represents a reference to a service that can be either provided by a KubeBlocks Cluster /// or an external service. /// It acts as a placeholder for the actual service reference, which is determined later when a Cluster is created. @@ -16401,18 +16404,12 @@ pub struct ComponentDefinitionSystemAccounts { /// This field is immutable once set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordGenerationPolicy")] pub password_generation_policy: Option, - /// Refers to the secret from which data will be copied to create the new account. - /// - /// - /// This field is immutable once set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// Defines the statement used to create the account with the necessary privileges. + /// Defines the statements used to create, delete, and update the account. /// /// /// This field is immutable once set. #[serde(default, skip_serializing_if = "Option::is_none")] - pub statement: Option, + pub statement: Option, } /// Specifies the policy for generating the account's password. @@ -16450,16 +16447,76 @@ pub enum ComponentDefinitionSystemAccountsPasswordGenerationPolicyLetterCase { MixedCases, } -/// Refers to the secret from which data will be copied to create the new account. +/// Defines the statements used to create, delete, and update the account. /// /// /// This field is immutable once set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionSystemAccountsSecretRef { - /// The unique identifier of the secret. - pub name: String, - /// The namespace where the secret is located. - pub namespace: String, +pub struct ComponentDefinitionSystemAccountsStatement { + /// The statement to create a new account with the necessary privileges. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub create: Option, + /// The statement to delete a account. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub delete: Option, + /// The statement to update an existing account. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub update: Option, +} + +/// Specifies the TLS configuration for the Component. +/// +/// +/// This field is immutable. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionTls { + /// The CA file of the TLS. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caFile")] + pub ca_file: Option, + /// The certificate file of the TLS. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certFile")] + pub cert_file: Option, + /// The permissions for the mounted path. Defaults to 0600. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] + pub default_mode: Option, + /// The key file of the TLS. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyFile")] + pub key_file: Option, + /// Specifies the mount path for the TLS secret to be mounted. + /// Similar to the volume, the controller will mount the created volume to the specified path within containers when the TLS is enabled. + /// + /// + /// This field is immutable once set. + #[serde(rename = "mountPath")] + pub mount_path: String, + /// Specifies the volume name for the TLS secret. + /// The controller will create a volume object with the specified name and add it to the pod when the TLS is enabled. + /// + /// + /// This field is immutable once set. + #[serde(rename = "volumeName")] + pub volume_name: String, } #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -16540,6 +16597,9 @@ pub struct ComponentDefinitionVarsValueFrom { /// Selects a defined var of a Service. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceVarRef")] pub service_var_ref: Option, + /// Selects a defined var of the TLS. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsVarRef")] + pub tls_var_ref: Option, } /// Selects a defined var of a Cluster. @@ -16639,6 +16699,10 @@ pub struct ComponentDefinitionVarsValueFromComponentVarRefMultipleClusterObjectO /// Valid only when the strategy is set to "combined". #[serde(default, skip_serializing_if = "Option::is_none", rename = "combinedOption")] pub combined_option: Option, + /// RequireAllComponentObjects controls whether all component objects must exist before resolving. + /// If set to true, resolving will only proceed if all component objects are present. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireAllComponentObjects")] + pub require_all_component_objects: Option, /// Define the strategy for handling multiple cluster objects. pub strategy: ComponentDefinitionVarsValueFromComponentVarRefMultipleClusterObjectOptionStrategy, } @@ -16798,6 +16862,10 @@ pub struct ComponentDefinitionVarsValueFromCredentialVarRefMultipleClusterObject /// Valid only when the strategy is set to "combined". #[serde(default, skip_serializing_if = "Option::is_none", rename = "combinedOption")] pub combined_option: Option, + /// RequireAllComponentObjects controls whether all component objects must exist before resolving. + /// If set to true, resolving will only proceed if all component objects are present. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireAllComponentObjects")] + pub require_all_component_objects: Option, /// Define the strategy for handling multiple cluster objects. pub strategy: ComponentDefinitionVarsValueFromCredentialVarRefMultipleClusterObjectOptionStrategy, } @@ -16914,6 +16982,10 @@ pub struct ComponentDefinitionVarsValueFromHostNetworkVarRefMultipleClusterObjec /// Valid only when the strategy is set to "combined". #[serde(default, skip_serializing_if = "Option::is_none", rename = "combinedOption")] pub combined_option: Option, + /// RequireAllComponentObjects controls whether all component objects must exist before resolving. + /// If set to true, resolving will only proceed if all component objects are present. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireAllComponentObjects")] + pub require_all_component_objects: Option, /// Define the strategy for handling multiple cluster objects. pub strategy: ComponentDefinitionVarsValueFromHostNetworkVarRefMultipleClusterObjectOptionStrategy, } @@ -17033,6 +17105,10 @@ pub struct ComponentDefinitionVarsValueFromServiceRefVarRefMultipleClusterObject /// Valid only when the strategy is set to "combined". #[serde(default, skip_serializing_if = "Option::is_none", rename = "combinedOption")] pub combined_option: Option, + /// RequireAllComponentObjects controls whether all component objects must exist before resolving. + /// If set to true, resolving will only proceed if all component objects are present. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireAllComponentObjects")] + pub require_all_component_objects: Option, /// Define the strategy for handling multiple cluster objects. pub strategy: ComponentDefinitionVarsValueFromServiceRefVarRefMultipleClusterObjectOptionStrategy, } @@ -17166,6 +17242,10 @@ pub struct ComponentDefinitionVarsValueFromServiceVarRefMultipleClusterObjectOpt /// Valid only when the strategy is set to "combined". #[serde(default, skip_serializing_if = "Option::is_none", rename = "combinedOption")] pub combined_option: Option, + /// RequireAllComponentObjects controls whether all component objects must exist before resolving. + /// If set to true, resolving will only proceed if all component objects are present. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireAllComponentObjects")] + pub require_all_component_objects: Option, /// Define the strategy for handling multiple cluster objects. pub strategy: ComponentDefinitionVarsValueFromServiceVarRefMultipleClusterObjectOptionStrategy, } @@ -17240,6 +17320,92 @@ pub enum ComponentDefinitionVarsValueFromServiceVarRefServiceType { Optional, } +/// Selects a defined var of the TLS. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionVarsValueFromTlsVarRef { + /// Specifies the exact name, name prefix, or regular expression pattern for matching the name of the ComponentDefinition + /// custom resource (CR) used by the component that the referent object resident in. + /// + /// + /// If not specified, the component itself will be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "compDef")] + pub comp_def: Option, + /// VarOption defines whether a variable is required or optional. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// This option defines the behavior when multiple component objects match the specified @CompDef. + /// If not provided, an error will be raised when handling multiple matches. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "multipleClusterObjectOption")] + pub multiple_cluster_object_option: Option, + /// Name of the referent object. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the object must be defined. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a defined var of the TLS. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionVarsValueFromTlsVarRefEnabled { + Required, + Optional, +} + +/// This option defines the behavior when multiple component objects match the specified @CompDef. +/// If not provided, an error will be raised when handling multiple matches. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ComponentDefinitionVarsValueFromTlsVarRefMultipleClusterObjectOption { + /// Define the options for handling combined variables. + /// Valid only when the strategy is set to "combined". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "combinedOption")] + pub combined_option: Option, + /// RequireAllComponentObjects controls whether all component objects must exist before resolving. + /// If set to true, resolving will only proceed if all component objects are present. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireAllComponentObjects")] + pub require_all_component_objects: Option, + /// Define the strategy for handling multiple cluster objects. + pub strategy: ComponentDefinitionVarsValueFromTlsVarRefMultipleClusterObjectOptionStrategy, +} + +/// Define the options for handling combined variables. +/// Valid only when the strategy is set to "combined". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionVarsValueFromTlsVarRefMultipleClusterObjectOptionCombinedOption { + /// The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "flattenFormat")] + pub flatten_format: Option, + /// If set, the existing variable will be kept, and a new variable will be defined with the specified suffix + /// in pattern: $(var.name)_$(suffix). + /// The new variable will be auto-created and placed behind the existing one. + /// If not set, the existing variable will be reused with the value format defined below. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "newVarSuffix")] + pub new_var_suffix: Option, + /// The format of the value that the operator will use to compose values from multiple components. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFormat")] + pub value_format: Option, +} + +/// The flatten format, default is: $(comp-name-1):value,$(comp-name-2):value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionVarsValueFromTlsVarRefMultipleClusterObjectOptionCombinedOptionFlattenFormat { + /// Pair delimiter. + pub delimiter: String, + /// Key-value delimiter. + #[serde(rename = "keyValueDelimiter")] + pub key_value_delimiter: String, +} + +/// This option defines the behavior when multiple component objects match the specified @CompDef. +/// If not provided, an error will be raised when handling multiple matches. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentDefinitionVarsValueFromTlsVarRefMultipleClusterObjectOptionStrategy { + #[serde(rename = "individual")] + Individual, + #[serde(rename = "combined")] + Combined, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionVolumes { /// Sets the critical threshold for volume space utilization as a percentage (0-100). diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/components.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/components.rs index 1480cdef9..d2eeaaa36 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/components.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1/components.rs @@ -47,6 +47,9 @@ pub struct ComponentSpec { /// List of environment variables to add. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Provides fine-grained control over the spec update process of all instances. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceUpdateStrategy")] + pub instance_update_strategy: Option, /// Allows for the customization of configuration values for each instance within a Component. /// An Instance represent a single replica (Pod and associated K8s resources like PVCs, Services, and ConfigMaps). /// While instances typically share a common configuration as defined in the ClusterComponentSpec, @@ -123,18 +126,16 @@ pub struct ComponentSpec { /// with other Kubernetes resources, such as modifying Pod labels or sending events. /// /// - /// Defaults: - /// If not specified, KubeBlocks automatically assigns a default ServiceAccount named "kb-{cluster.name}", - /// bound to a default role defined during KubeBlocks installation. + /// If not specified, KubeBlocks automatically creates a default ServiceAccount named + /// "kb-{componentdefinition.name}", bound to a role with rules defined in ComponentDefinition's + /// `policyRules` field. If needed (currently this means if any lifecycleAction is enabled), + /// it will also be bound to a default role named + /// "kubeblocks-cluster-pod-role", which is installed together with KubeBlocks. + /// If multiple components use the same ComponentDefinition, they will share one ServiceAccount. /// /// - /// Future Changes: - /// Future versions might change the default ServiceAccount creation strategy to one per Component, - /// potentially revising the naming to "kb-{cluster.name}-{component.name}". - /// - /// - /// Users can override the automatic ServiceAccount assignment by explicitly setting the name of - /// an existed ServiceAccount in this field. + /// If the field is not empty, the specified ServiceAccount will be used, and KubeBlocks will not + /// create a ServiceAccount. But KubeBlocks does create RoleBindings for the specified ServiceAccount. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, /// Defines a list of ServiceRef for a Component, enabling access to both external services and @@ -172,9 +173,12 @@ pub struct ComponentSpec { /// The version should follow the syntax and semantics of the "Semantic Versioning" specification (http://semver.org/). #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceVersion")] pub service_version: Option, - /// Overrides Services defined in referenced ComponentDefinition and exposes endpoints that can be accessed by clients. + /// Overrides Services defined in referenced ComponentDefinition. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, + /// Specifies the sidecars to be injected into the Component. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sidecars: Option>, /// Stop the Component. /// If set, all the computing resources will be released. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -182,6 +186,9 @@ pub struct ComponentSpec { /// Overrides system accounts defined in referenced ComponentDefinition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemAccounts")] pub system_accounts: Option>, + /// Specifies the behavior when a Component is deleted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationPolicy")] + pub termination_policy: Option, /// Specifies the TLS configuration for the Component, including: /// /// @@ -202,15 +209,37 @@ pub struct ComponentSpec { pub volumes: Option>, } -/// ClusterComponentConfig represents a config with its source bound. +/// ClusterComponentConfig represents a configuration for a component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentConfigs { /// ConfigMap source for the config. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// ExternalManaged indicates whether the configuration is managed by an external system. + /// When set to true, the controller will use the user-provided template and reconfigure action, + /// ignoring the default template and update behavior. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalManaged")] + pub external_managed: Option, /// The name of the config. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// The custom reconfigure action to reload the service configuration whenever changes to this config are detected. + /// + /// + /// The container executing this action has access to following variables: + /// + /// + /// - KB_CONFIG_FILES_CREATED: file1,file2... + /// - KB_CONFIG_FILES_REMOVED: file1,file2... + /// - KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2... + /// + /// + /// Note: This field is immutable once it has been set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reconfigure: Option, + /// Variables are key-value pairs for dynamic configuration values that can be provided by the user. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub variables: Option>, } /// ConfigMap source for the config. @@ -264,6 +293,273 @@ pub struct ComponentConfigsConfigMapItems { pub path: String, } +/// The custom reconfigure action to reload the service configuration whenever changes to this config are detected. +/// +/// +/// The container executing this action has access to following variables: +/// +/// +/// - KB_CONFIG_FILES_CREATED: file1,file2... +/// - KB_CONFIG_FILES_REMOVED: file1,file2... +/// - KB_CONFIG_FILES_UPDATED: file1:checksum1,file2:checksum2... +/// +/// +/// Note: This field is immutable once it has been set. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigure { + /// Defines the command to run. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Specifies the state that the cluster must reach before the Action is executed. + /// Currently, this is only applicable to the `postProvision` action. + /// + /// + /// The conditions are as follows: + /// + /// + /// - `Immediately`: Executed right after the Component object is created. + /// The readiness of the Component and its resources is not guaranteed at this stage. + /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated + /// runtime resources (e.g. Pods) are in a ready state. + /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. + /// This process does not affect the readiness state of the Component or the Cluster. + /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. + /// This execution does not alter the Component or the Cluster's state of readiness. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] + pub pre_condition: Option, + /// Defines the strategy to be taken when retrying the Action after a failure. + /// + /// + /// It specifies the conditions under which the Action should be retried and the limits to apply, + /// such as the maximum number of retries and backoff strategy. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] + pub retry_policy: Option, + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Specifies the name of the container within the same pod whose resources will be shared with the action. + /// This allows the action to utilize the specified container's resources without executing within it. + /// + /// + /// The name must match one of the containers defined in `componentDefinition.spec.runtime`. + /// + /// + /// The resources that can be shared are included: + /// + /// + /// - volume mounts + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// All actions with same image will share the same container. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// If not specified, the Action will be executed in the pod where the Action is triggered, such as the pod + /// to be removed or added; or a random pod if the Action is triggered at the component level, such as + /// post-provision or pre-terminate of the component. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureExecEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureExecEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureExecEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureExecEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentConfigsReconfigureExecTargetPodSelector { + Any, + All, + Role, + Ordinal, +} + +/// Defines the strategy to be taken when retrying the Action after a failure. +/// +/// +/// It specifies the conditions under which the Action should be retried and the limits to apply, +/// such as the maximum number of retries and backoff strategy. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentConfigsReconfigureRetryPolicy { + /// Defines the maximum number of retry attempts that should be made for a given Action. + /// This value is set to 0 by default, indicating that no retries will be made. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] + pub max_retries: Option, + /// Indicates the duration of time to wait between each retry attempt. + /// This value is set to 0 by default, indicating that there will be no delay between retry attempts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")] + pub retry_interval: Option, +} + /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentEnv { @@ -360,6 +656,45 @@ pub struct ComponentEnvValueFromSecretKeyRef { pub optional: Option, } +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentInstanceUpdateStrategy { + /// Specifies how the rolling update should be applied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] + pub rolling_update: Option, + /// Indicates the type of the update strategy. + /// Default is RollingUpdate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Specifies how the rolling update should be applied. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentInstanceUpdateStrategyRollingUpdate { + /// The maximum number of instances that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. The field applies to all instances. That means if there is any unavailable pod, + /// it will be counted towards MaxUnavailable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] + pub max_unavailable: Option, + /// Indicates the number of instances that should be updated during a rolling update. + /// The remaining instances will remain untouched. This is helpful in defining how many instances + /// should participate in the update process. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. + /// The default value is ComponentSpec.Replicas (i.e., update all instances). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, +} + +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentInstanceUpdateStrategyType { + RollingUpdate, + OnDelete, +} + /// InstanceTemplate allows customization of individual replica configurations in a Component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstances { @@ -371,9 +706,6 @@ pub struct ComponentInstances { /// Add new or override existing envs. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// Specifies an override for the first container's image in the Pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, /// Specifies a map of key-value pairs that will be merged into the Pod's existing labels. /// Values for existing keys will be overwritten, and new keys will be added. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -383,6 +715,16 @@ pub struct ComponentInstances { /// using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. /// The specified name overrides any default naming conventions or patterns. pub name: String, + /// Specifies the desired Ordinals of this InstanceTemplate. + /// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. + /// + /// + /// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, + /// then the instance names generated under this InstanceTemplate would be + /// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and + /// $(cluster.name)-$(component.name)-$(template.name)-7 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ordinals: Option, /// Specifies the number of instances (Pods) to create from this InstanceTemplate. /// This field allows setting how many replicated instances of the Component, /// with the specific overrides in the InstanceTemplate, are created. @@ -396,18 +738,6 @@ pub struct ComponentInstances { /// Specifies the scheduling policy for the Component. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingPolicy")] pub scheduling_policy: Option, - /// Defines VolumeClaimTemplates to override. - /// Add new or override existing volume claim templates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplates")] - pub volume_claim_templates: Option>, - /// Defines VolumeMounts to override. - /// Add new or override existing volume mounts of the first container in the Pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - /// Defines Volumes to override. - /// Add new or override existing volumes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, } /// EnvVar represents an environment variable present in a Container. @@ -506,6 +836,30 @@ pub struct ComponentInstancesEnvValueFromSecretKeyRef { pub optional: Option, } +/// Specifies the desired Ordinals of this InstanceTemplate. +/// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under this InstanceTemplate. +/// +/// +/// For example, if Ordinals is {ranges: [{start: 0, end: 1}], discrete: [7]}, +/// then the instance names generated under this InstanceTemplate would be +/// $(cluster.name)-$(component.name)-$(template.name)-0、$(cluster.name)-$(component.name)-$(template.name)-1 and +/// $(cluster.name)-$(component.name)-$(template.name)-7 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentInstancesOrdinals { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub discrete: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ranges: Option>, +} + +/// Range represents a range with a start and an end value. +/// It is used to define a continuous segment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentInstancesOrdinalsRanges { + pub end: i32, + pub start: i32, +} + /// Specifies an override for the resource requirements of the first container in the Pod. /// This field allows for customizing resource allocation (CPU, memory, etc.) for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1296,1866 +1650,172 @@ pub struct ComponentInstancesSchedulingPolicyTolerations { pub key: Option, /// Operator represents a key's relationship to the value. /// Valid operators are Exists and Equal. Defaults to Equal. - /// Exists is equivalent to wildcard for value, so that a pod can - /// tolerate all taints of a particular category. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be - /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - /// it is not set, which means tolerate the taint forever (do not evict). Zero and - /// negative values will be treated as 0 (evict immediately) by the system. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] - pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. - /// If the operator is Exists, the value should be empty, otherwise just a regular string. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, -} - -/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesSchedulingPolicyTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. - /// Pods that match this label selector are counted to determine the number of pods - /// in their corresponding topology domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which - /// spreading will be calculated. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are ANDed with labelSelector - /// to select the group of existing pods over which spreading will be calculated - /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// MatchLabelKeys cannot be set when LabelSelector isn't set. - /// Keys that don't exist in the incoming pod labels will - /// be ignored. A null or empty list means only match against labelSelector. - /// - /// - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. - /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference - /// between the number of matching pods in the target topology and the global minimum. - /// The global minimum is the minimum number of matching pods in an eligible domain - /// or zero if the number of eligible domains is less than MinDomains. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 2/2/1: - /// In this case, the global minimum is 1. - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P | - /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; - /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) - /// violate MaxSkew(1). - /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. - /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence - /// to topologies that satisfy it. - /// It's a required field. Default value is 1 and 0 is not allowed. - #[serde(rename = "maxSkew")] - pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. - /// When the number of eligible domains with matching topology keys is less than minDomains, - /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. - /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, - /// this value has no effect on scheduling. - /// As a result, when the number of eligible domains is less than minDomains, - /// scheduler won't schedule more than maxSkew Pods to those domains. - /// If value is nil, the constraint behaves as if MinDomains is equal to 1. - /// Valid values are integers greater than 0. - /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// - /// - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same - /// labelSelector spread as 2/2/2: - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P P | - /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. - /// In this situation, new pod with the same labelSelector cannot be scheduled, - /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, - /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] - pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector - /// when calculating pod topology spread skew. Options are: - /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// - /// - /// If this value is nil, the behavior is equivalent to the Honor policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] - pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating - /// pod topology spread skew. Options are: - /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod - /// has a toleration, are included. - /// - Ignore: node taints are ignored. All nodes are included. - /// - /// - /// If this value is nil, the behavior is equivalent to the Ignore policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] - pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key - /// and identical values are considered to be in the same topology. - /// We consider each as a "bucket", and try to put balanced number - /// of pods into each bucket. - /// We define a domain as a particular instance of a topology. - /// Also, we define an eligible domain as a domain whose nodes meet the requirements of - /// nodeAffinityPolicy and nodeTaintsPolicy. - /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. - /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. - /// It's a required field. - #[serde(rename = "topologyKey")] - pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy - /// the spread constraint. - /// - DoNotSchedule (default) tells the scheduler not to schedule it. - /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, - /// but giving higher precedence to topologies that would help reduce the - /// skew. - /// A constraint is considered "Unsatisfiable" for an incoming pod - /// if and only if every possible node assignment for that pod would violate - /// "MaxSkew" on some topology. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 3/1/1: - /// | zone1 | zone2 | zone3 | - /// | P P P | P | P | - /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled - /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies - /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler - /// won't make it *more* imbalanced. - /// It's a required field. - #[serde(rename = "whenUnsatisfiable")] - pub when_unsatisfiable: String, -} - -/// LabelSelector is used to find matching pods. -/// Pods that match this label selector are counted to determine the number of pods -/// in their corresponding topology domain. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumeClaimTemplates { - /// Refers to the name of a volumeMount defined in either: - /// - /// - /// - `componentDefinition.spec.runtime.containers[*].volumeMounts` - /// - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` (deprecated) - /// - /// - /// The value of `name` must match the `name` field of a volumeMount specified in the corresponding `volumeMounts` array. - pub name: String, - /// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume - /// with the mount name specified in the `name` field. - /// - /// - /// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification - /// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, -} - -/// Defines the desired characteristics of a PersistentVolumeClaim that will be created for the volume -/// with the mount name specified in the `name` field. -/// -/// -/// When a Pod is created for this ClusterComponent, a new PVC will be created based on the specification -/// defined in the `spec` field. The PVC will be associated with the volume mount specified by the `name` field. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumeClaimTemplatesSpec { - /// Contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// Represents the minimum resources the volume should have. - /// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that - /// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// The name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// Defines what type of volume is required by the claim, either Block or Filesystem. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, -} - -/// Represents the minimum resources the volume should have. -/// If the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that -/// are lower than the previous value but must still be higher than the capacity recorded in the status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumeClaimTemplatesSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// VolumeMount describes a mounting of a Volume within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumeMounts { - /// Path within the container at which the volume should be mounted. Must - /// not contain ':'. - #[serde(rename = "mountPath")] - pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host - /// to container and the other way around. - /// When not set, MountPropagationNone is used. - /// This field is beta in 1.10. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - /// This must match the Name of a Volume. - pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. - /// Defaults to "" (volume's root). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. - /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - /// Defaults to "" (volume's root). - /// SubPathExpr and SubPath are mutually exclusive. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -/// Volume represents a named volume in a pod that may be accessed by any container in the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] - pub aws_elastic_block_store: Option, - /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] - pub azure_disk: Option, - /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] - pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cinder: Option, - /// configMap represents a configMap that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub csi: Option, - /// downwardAPI represents downward API about the pod that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] - pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. - /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - /// and deleted when the pod is removed. - /// - /// - /// Use this if: - /// a) the volume is only needed while the pod runs, - /// b) features of normal volumes like restoring from snapshot or capacity - /// tracking are needed, - /// c) the storage driver is specified through a storage class, and - /// d) the storage driver supports dynamic volume provisioning through - /// a PersistentVolumeClaim (see EphemeralVolumeSource for more - /// information on the connection between this volume type - /// and PersistentVolumeClaim). - /// - /// - /// Use PersistentVolumeClaim or one of the vendor-specific - /// APIs for volumes that persist for longer than the lifecycle - /// of an individual pod. - /// - /// - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - /// be used that way - see the documentation of the driver for - /// more information. - /// - /// - /// A pod can use both types of ephemeral volumes and - /// persistent volumes at the same time. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ephemeral: Option, - /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub fc: Option, - /// flexVolume represents a generic volume resource that is - /// provisioned/attached using an exec based plugin. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] - pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] - pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - /// into the Pod's container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] - pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host - /// machine that is directly exposed to the container. This is generally - /// used for system agents or other privileged things that are allowed - /// to see the host machine. Most containers will NOT need this. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] - pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://examples.k8s.io/volumes/iscsi/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub iscsi: Option, - /// name of the volume. - /// Must be a DNS_LABEL and unique within the pod. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a - /// PersistentVolumeClaim in the same namespace. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] - pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] - pub portworx_volume: Option, - /// projected items for all in one resources secrets, configmaps, and downward API - #[serde(default, skip_serializing_if = "Option::is_none")] - pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/rbd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rbd: Option, - /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] - pub scale_io: Option, - /// secret represents a secret that should populate this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] - pub vsphere_volume: Option, -} - -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesAzureDisk { - /// cachingMode is the Host Caching mode: None, Read Only, Read Write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] - pub caching_mode: Option, - /// diskName is the Name of the data disk in the blob storage - #[serde(rename = "diskName")] - pub disk_name: String, - /// diskURI is the URI of data disk in the blob storage - #[serde(rename = "diskURI")] - pub disk_uri: String, - /// fsType is Filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretName is the name of secret that contains Azure Storage Account Name and Key - #[serde(rename = "secretName")] - pub secret_name: String, - /// shareName is the azure share Name - #[serde(rename = "shareName")] - pub share_name: String, -} - -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - pub monitors: Vec, - /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] - pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. -/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesCephfsSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// cinder represents a cinder volume attached and mounted on kubelets host machine. -/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesCinder { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect - /// to OpenStack. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// secretRef is optional: points to a secret object containing parameters used to connect -/// to OpenStack. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesCinderSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// configMap represents a configMap that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. - /// Consult with your admin for the correct name as registered in the cluster. - pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". - /// If not provided, the empty value is passed to the associated CSI driver - /// which will determine the default filesystem to apply. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing - /// sensitive information to pass to the CSI driver to complete the CSI - /// NodePublishVolume and NodeUnpublishVolume calls. - /// This field is optional, and may be empty if no secret is required. If the - /// secret object contains more than one secret, all secret references are passed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] - pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. - /// Defaults to false (read/write). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI - /// driver. Consult your driver's documentation for supported values. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] - pub volume_attributes: Option>, -} - -/// nodePublishSecretRef is a reference to the secret object containing -/// sensitive information to pass to the CSI driver to complete the CSI -/// NodePublishVolume and NodeUnpublishVolume calls. -/// This field is optional, and may be empty if no secret is required. If the -/// secret object contains more than one secret, all secret references are passed. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesCsiNodePublishSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// downwardAPI represents downward API about the pod that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a - /// Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Items is a list of downward API volume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// emptyDir represents a temporary directory that shares a pod's lifetime. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. - /// The default is "" which means to use the node's default medium. - /// Must be an empty string (default) or Memory. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none")] - pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. - /// The size limit is also applicable for memory medium. - /// The maximum usage on memory medium EmptyDir would be the minimum value between - /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. - /// The default is nil which means that the limit is undefined. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] - pub size_limit: Option, -} - -/// ephemeral represents a volume that is handled by a cluster storage driver. -/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, -/// and deleted when the pod is removed. -/// -/// -/// Use this if: -/// a) the volume is only needed while the pod runs, -/// b) features of normal volumes like restoring from snapshot or capacity -/// tracking are needed, -/// c) the storage driver is specified through a storage class, and -/// d) the storage driver supports dynamic volume provisioning through -/// a PersistentVolumeClaim (see EphemeralVolumeSource for more -/// information on the connection between this volume type -/// and PersistentVolumeClaim). -/// -/// -/// Use PersistentVolumeClaim or one of the vendor-specific -/// APIs for volumes that persist for longer than the lifecycle -/// of an individual pod. -/// -/// -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to -/// be used that way - see the documentation of the driver for -/// more information. -/// -/// -/// A pod can use both types of ephemeral volumes and -/// persistent volumes at the same time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. - /// The pod in which this EphemeralVolumeSource is embedded will be the - /// owner of the PVC, i.e. the PVC will be deleted together with the - /// pod. The name of the PVC will be `-` where - /// `` is the name from the `PodSpec.Volumes` array - /// entry. Pod validation will reject the pod if the concatenated name - /// is not valid for a PVC (for example, too long). - /// - /// - /// An existing PVC with that name that is not owned by the pod - /// will *not* be used for the pod to avoid using an unrelated - /// volume by mistake. Starting the pod is then blocked until - /// the unrelated PVC is removed. If such a pre-created PVC is - /// meant to be used by the pod, the PVC has to updated with an - /// owner reference to the pod once the pod exists. Normally - /// this should not be necessary, but it may be useful when - /// manually reconstructing a broken cluster. - /// - /// - /// This field is read-only and no changes will be made by Kubernetes - /// to the PVC after it has been created. - /// - /// - /// Required, must not be nil. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] - pub volume_claim_template: Option, -} - -/// Will be used to create a stand-alone PVC to provision the volume. -/// The pod in which this EphemeralVolumeSource is embedded will be the -/// owner of the PVC, i.e. the PVC will be deleted together with the -/// pod. The name of the PVC will be `-` where -/// `` is the name from the `PodSpec.Volumes` array -/// entry. Pod validation will reject the pod if the concatenated name -/// is not valid for a PVC (for example, too long). -/// -/// -/// An existing PVC with that name that is not owned by the pod -/// will *not* be used for the pod to avoid using an unrelated -/// volume by mistake. Starting the pod is then blocked until -/// the unrelated PVC is removed. If such a pre-created PVC is -/// meant to be used by the pod, the PVC has to updated with an -/// owner reference to the pod once the pod exists. Normally -/// this should not be necessary, but it may be useful when -/// manually reconstructing a broken cluster. -/// -/// -/// This field is read-only and no changes will be made by Kubernetes -/// to the PVC after it has been created. -/// -/// -/// Required, must not be nil. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC - /// when creating it. No other fields are allowed and will be rejected during - /// validation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is - /// copied unchanged into the PVC that gets created from this - /// template. The same fields as in a PersistentVolumeClaim - /// are also valid here. - pub spec: ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpec, -} - -/// May contain labels and annotations that will be copied into the PVC -/// when creating it. No other fields are allowed and will be rejected during -/// validation. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub finalizers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// The specification for the PersistentVolumeClaim. The entire content is -/// copied unchanged into the PVC that gets created from this -/// template. The same fields as in a PersistentVolumeClaim -/// are also valid here. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// dataSource field can be used to specify either: - /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - /// * An existing PVC (PersistentVolumeClaim) - /// If the provisioner or an external controller can support the specified data source, - /// it will create a new volume based on the contents of the specified data source. - /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - /// volume is desired. This may be any object from a non-empty API group (non - /// core object) or a PersistentVolumeClaim object. - /// When this field is specified, volume binding will only succeed if the type of - /// the specified object matches some installed volume populator or dynamic - /// provisioner. - /// This field will replace the functionality of the dataSource field and as such - /// if both fields are non-empty, they must have the same value. For backwards - /// compatibility, when namespace isn't specified in dataSourceRef, - /// both fields (dataSource and dataSourceRef) will be set to the same - /// value automatically if one of them is empty and the other is non-empty. - /// When namespace is specified in dataSourceRef, - /// dataSource isn't set to the same value and must be empty. - /// There are three important differences between dataSource and dataSourceRef: - /// * While dataSource only allows two specific types of objects, dataSourceRef - /// allows any non-core object, as well as PersistentVolumeClaim objects. - /// * While dataSource ignores disallowed values (dropping them), dataSourceRef - /// preserves all values, and generates an error if a disallowed value is - /// specified. - /// * While dataSource only allows local objects, dataSourceRef allows objects - /// in any namespaces. - /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. - /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - /// that are lower than previous value but must still be higher than capacity recorded in the - /// status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// selector is a label query over volumes to consider for binding. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - /// If specified, the CSI driver will create or update the volume with the attributes defined - /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - /// will be set by the persistentvolume controller if it exists. - /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] - pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. - /// Value of Filesystem is implied when not included in claim spec. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// dataSource field can be used to specify either: -/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) -/// * An existing PVC (PersistentVolumeClaim) -/// If the provisioner or an external controller can support the specified data source, -/// it will create a new volume based on the contents of the specified data source. -/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, -/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. -/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty -/// volume is desired. This may be any object from a non-empty API group (non -/// core object) or a PersistentVolumeClaim object. -/// When this field is specified, volume binding will only succeed if the type of -/// the specified object matches some installed volume populator or dynamic -/// provisioner. -/// This field will replace the functionality of the dataSource field and as such -/// if both fields are non-empty, they must have the same value. For backwards -/// compatibility, when namespace isn't specified in dataSourceRef, -/// both fields (dataSource and dataSourceRef) will be set to the same -/// value automatically if one of them is empty and the other is non-empty. -/// When namespace is specified in dataSourceRef, -/// dataSource isn't set to the same value and must be empty. -/// There are three important differences between dataSource and dataSourceRef: -/// * While dataSource only allows two specific types of objects, dataSourceRef -/// allows any non-core object, as well as PersistentVolumeClaim objects. -/// * While dataSource ignores disallowed values (dropping them), dataSourceRef -/// preserves all values, and generates an error if a disallowed value is -/// specified. -/// * While dataSource only allows local objects, dataSourceRef allows objects -/// in any namespaces. -/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, - /// Namespace is the namespace of resource being referenced - /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// resources represents the minimum resources the volume should have. -/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements -/// that are lower than previous value but must still be higher than capacity recorded in the -/// status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// selector is a label query over volumes to consider for binding. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesFc { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// lun is Optional: FC target lun number - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// targetWWNs is Optional: FC target worldwide names (WWNs) - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] - pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) - /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub wwids: Option>, -} - -/// flexVolume represents a generic volume resource that is -/// provisioned/attached using an exec based plugin. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesFlexVolume { - /// driver is the name of the driver to use for this volume. - pub driver: String, - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// options is Optional: this field holds extra command options if any. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing - /// sensitive information to pass to the plugin scripts. This may be - /// empty if no secret object is specified. If the secret object - /// contains more than one secret, all secrets are passed to the plugin - /// scripts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// secretRef is Optional: secretRef is reference to the secret object containing -/// sensitive information to pass to the plugin scripts. This may be -/// empty if no secret object is specified. If the secret object -/// contains more than one secret, all secrets are passed to the plugin -/// scripts. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesFlexVolumeSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - /// should be considered as deprecated - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] - pub dataset_name: Option, - /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] - pub dataset_uuid: Option, -} - -/// gcePersistentDisk represents a GCE Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(rename = "pdName")] - pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -/// into the Pod's container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesGitRepo { - /// directory is the target directory name. - /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - /// git repository. Otherwise, if specified, the volume will contain the git repository in - /// the subdirectory with the given name. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub directory: Option, - /// repository is the URL - pub repository: String, - /// revision is the commit hash for the specified revision. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub revision: Option, -} - -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/glusterfs/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub endpoints: String, - /// path is the Glusterfs volume path. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// hostPath represents a pre-existing file or directory on the host -/// machine that is directly exposed to the container. This is generally -/// used for system agents or other privileged things that are allowed -/// to see the host machine. Most containers will NOT need this. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesHostPath { - /// path of the directory on the host. - /// If the path is a symlink, it will follow the link to the real path. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - pub path: String, - /// type for HostPath Volume - /// Defaults to "" - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// iscsi represents an ISCSI Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://examples.k8s.io/volumes/iscsi/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesIscsi { - /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] - pub chap_auth_discovery: Option, - /// chapAuthSession defines whether support iSCSI Session CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] - pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. - /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - /// : will be created for the connection. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] - pub initiator_name: Option, - /// iqn is the target iSCSI Qualified Name. - pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. - /// Defaults to 'default' (tcp). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] - pub iscsi_interface: Option, - /// lun represents iSCSI Target Lun number. - pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is the CHAP Secret for iSCSI target and initiator authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(rename = "targetPortal")] - pub target_portal: String, -} - -/// secretRef is the CHAP Secret for iSCSI target and initiator authentication -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesIscsiSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// nfs represents an NFS mount on the host that shares a pod's lifetime -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesNfs { - /// path that is exported by the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// server is the hostname or IP address of the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub server: String, -} - -/// persistentVolumeClaimVolumeSource represents a reference to a -/// PersistentVolumeClaim in the same namespace. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(rename = "claimName")] - pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. - /// Default false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// pdID is the ID that identifies Photon Controller persistent disk - #[serde(rename = "pdID")] - pub pd_id: String, -} - -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesPortworxVolume { - /// fSType represents the filesystem type to mount - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID uniquely identifies a Portworx volume - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// projected items for all in one resources secrets, configmaps, and downward API -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// sources is the list of volume projections - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sources: Option>, -} - -/// Projection that may be projected along with other supported volume types -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSources { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field - /// of ClusterTrustBundle objects in an auto-updating file. - /// - /// - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// - /// - /// ClusterTrustBundle objects can either be selected by name, or by the - /// combination of signer name and a label selector. - /// - /// - /// Kubelet performs aggressive normalization of the PEM contents written - /// into the pod filesystem. Esoteric PEM features such as inter-block - /// comments and block headers are stripped. Certificates are deduplicated. - /// The ordering of certificates within the file is arbitrary, and Kubelet - /// may change the order over time. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] - pub cluster_trust_bundle: Option, - /// configMap information about the configMap data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// downwardAPI information about the downwardAPI data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// secret information about the secret data to project - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// serviceAccountToken is information about the serviceAccountToken data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] - pub service_account_token: Option, -} - -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field -/// of ClusterTrustBundle objects in an auto-updating file. -/// -/// -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// -/// -/// ClusterTrustBundle objects can either be selected by name, or by the -/// combination of signer name and a label selector. -/// -/// -/// Kubelet performs aggressive normalization of the PEM contents written -/// into the pod filesystem. Esoteric PEM features such as inter-block -/// comments and block headers are stripped. Certificates are deduplicated. -/// The ordering of certificates within the file is arbitrary, and Kubelet -/// may change the order over time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has - /// effect if signerName is set. Mutually-exclusive with name. If unset, - /// interpreted as "match nothing". If set but empty, interpreted as "match - /// everything". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive - /// with signerName and labelSelector. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) - /// aren't available. If using name, then the named ClusterTrustBundle is - /// allowed not to exist. If using signerName, then the combination of - /// signerName and labelSelector is allowed to match zero - /// ClusterTrustBundles. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// Relative path from the volume root to write the bundle. - pub path: String, - /// Select all ClusterTrustBundles that match this signer name. - /// Mutually-exclusive with name. The contents of all selected - /// ClusterTrustBundles will be unified and deduplicated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] - pub signer_name: Option, -} - -/// Select all ClusterTrustBundles that match this label selector. Only has -/// effect if signerName is set. Mutually-exclusive with name. If unset, -/// interpreted as "match nothing". If set but empty, interpreted as "match -/// everything". -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// configMap information about the configMap data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// downwardAPI information about the downwardAPI data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesDownwardApi { - /// Items is a list of DownwardAPIVolume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// secret information about the secret data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional field specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// serviceAccountToken is information about the serviceAccountToken data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token - /// must identify itself with an identifier specified in the audience of the - /// token, and otherwise should reject the token. The audience defaults to the - /// identifier of the apiserver. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service - /// account token. As the token approaches expiration, the kubelet volume - /// plugin will proactively rotate the service account token. The kubelet will - /// start trying to rotate the token if the token is older than 80 percent of - /// its time to live or if the token is older than 24 hours.Defaults to 1 hour - /// and must be at least 10 minutes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] - pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the - /// token into. - pub path: String, -} - -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesQuobyte { - /// group to map volume access to - /// Default is no group - #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services - /// specified as a string as host:port pair (multiple entries are separated with commas) - /// which acts as the central registry for volumes - pub registry: String, - /// tenant owning the given Quobyte volume in the Backend - /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tenant: Option, - /// user to map volume access to - /// Defaults to serivceaccount user - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, - /// volume is a string that references an already created Quobyte volume by name. - pub volume: String, -} - -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/rbd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// image is the rados image name. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub image: String, - /// keyring is the path to key ring for RBDUser. - /// Default is /etc/ceph/keyring. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keyring: Option, - /// monitors is a collection of Ceph monitors. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub monitors: Vec, - /// pool is the rados pool name. - /// Default is rbd. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided - /// overrides keyring. - /// Default is nil. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is the rados user name. - /// Default is admin. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is name of the authentication secret for RBDUser. If provided -/// overrides keyring. -/// Default is nil. -/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesRbdSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesScaleIo { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". - /// Default is "xfs". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// gateway is the host address of the ScaleIO API Gateway. - pub gateway: String, - /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] - pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other - /// sensitive information. If this is not provided, Login operation will fail. - #[serde(rename = "secretRef")] - pub secret_ref: ComponentInstancesVolumesScaleIoSecretRef, - /// sslEnabled Flag enable/disable SSL communication with Gateway, default false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] - pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - /// Default is ThinProvisioned. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] - pub storage_mode: Option, - /// storagePool is the ScaleIO Storage Pool associated with the protection domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] - pub storage_pool: Option, - /// system is the name of the storage system as configured in ScaleIO. - pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system - /// that is associated with this volume source. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// secretRef references to the secret for ScaleIO user and other -/// sensitive information. If this is not provided, Login operation will fail. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesScaleIoSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// secret represents a secret that should populate this volume. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values - /// for mode bits. Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// optional field specify whether the Secret or its keys must be defined + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, + pub value: Option, } -/// Maps a string key to a path within a volume. +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, +pub struct ComponentInstancesSchedulingPolicyTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. + #[serde(rename = "maxSkew")] + pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] + pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] + pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] + pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. + #[serde(rename = "topologyKey")] + pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. + #[serde(rename = "whenUnsatisfiable")] + pub when_unsatisfiable: String, } -/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesStorageos { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API - /// credentials. If not specified, default values will be attempted. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume - /// names are only unique within a namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no - /// namespace is specified then the Pod's namespace will be used. This allows the - /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - /// Set VolumeName to any name to override the default behaviour. - /// Set to "default" if you are not using namespaces within StorageOS. - /// Namespaces that do not pre-exist within StorageOS will be created. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] - pub volume_namespace: Option, +pub struct ComponentInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, } -/// secretRef specifies the secret to use for obtaining the StorageOS API -/// credentials. If not specified, default values will be attempted. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesStorageosSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? +pub struct ComponentInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesVsphereVolume { - /// fsType is filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] - pub storage_policy_id: Option, - /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] - pub storage_policy_name: Option, - /// volumePath is the path that identifies vSphere volume vmdk - #[serde(rename = "volumePath")] - pub volume_path: String, + pub values: Option>, } /// Specifies the resources required by the Component. @@ -4629,8 +3289,28 @@ pub struct ComponentServicesSpecSessionAffinityConfigClientIp { pub timeout_seconds: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentSidecars { + /// Name specifies the unique name of the sidecar. + /// + /// + /// The name will be used as the name of the sidecar container in the Pod. + pub name: String, + /// Specifies the exact component definition that the sidecar belongs to. + /// + /// + /// A sidecar will be updated when the owner component definition is updated only. + pub owner: String, + /// Specifies the sidecar definition CR to be used to create the sidecar. + #[serde(rename = "sidecarDef")] + pub sidecar_def: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSystemAccounts { + /// Specifies whether the system account is disabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, /// The name of the system account. pub name: String, /// Specifies the policy for generating the account's password. @@ -4642,6 +3322,9 @@ pub struct ComponentSystemAccounts { /// Refers to the secret from which data will be copied to create the new account. /// /// + /// For user-specified passwords, the maximum length is limited to 64 bytes. + /// + /// /// This field is immutable once set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, @@ -4685,6 +3368,9 @@ pub enum ComponentSystemAccountsPasswordConfigLetterCase { /// Refers to the secret from which data will be copied to create the new account. /// /// +/// For user-specified passwords, the maximum length is limited to 64 bytes. +/// +/// /// This field is immutable once set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSystemAccountsSecretRef { @@ -4692,6 +3378,17 @@ pub struct ComponentSystemAccountsSecretRef { pub name: String, /// The namespace where the secret is located. pub namespace: String, + /// The key in the secret data that contains the password. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, +} + +/// ComponentSpec defines the desired state of Component +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ComponentTerminationPolicy { + DoNotTerminate, + Delete, + WipeOut, } /// Specifies the TLS configuration for the Component, including: @@ -4753,10 +3450,20 @@ pub struct ComponentTlsConfigIssuerSecretRef { pub key: String, /// Name of the Secret that contains user-provided certificates. pub name: String, + /// The namespace where the secret is located. + /// If not provided, the secret is assumed to be in the same namespace as the Cluster object. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// @@ -4798,6 +3505,12 @@ pub struct ComponentVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// + /// + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// Defines what type of volume is required by the claim, either Block or Filesystem. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, @@ -6450,6 +5163,7 @@ pub struct ComponentStatus { /// - Failed: A significant number of Pods have failed. /// - Stopping: All Pods are being terminated, with current replica count at zero. /// - Stopped: All associated Pods have been successfully deleted. + /// - Starting: Pods are being started. /// - Deleting: The Component is being deleted. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, @@ -6462,6 +5176,7 @@ pub enum ComponentStatusPhase { Deleting, Updating, Stopping, + Starting, Running, Stopped, Failed, diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs index 625b4b602..d68cf77f5 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs @@ -7657,6 +7657,11 @@ pub struct ClusterDefinitionComponentDefsRsmSpecMembershipReconfigurationSwitcho /// Defines the method used to probe a role. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDefinitionComponentDefsRsmSpecRoleProbe { + /// Specifies the builtin handler name to use to probe the role of the main container. + /// Available handlers include: mysql, postgres, mongodb, redis, etcd, kafka. + /// Use CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtinHandlerName")] + pub builtin_handler_name: Option, /// Defines a custom method for role probing. /// Actions defined here are executed in series. /// Upon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles. diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs index 5d56d80db..72a9069d3 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs @@ -314,6 +314,12 @@ pub struct ClusterBackup { /// Specifies whether automated backup is enabled for the Cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// Specifies whether to enable incremental backup. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "incrementalBackupEnabled")] + pub incremental_backup_enabled: Option, + /// The cron expression for the incremental backup schedule. The timezone is in UTC. See https://en.wikipedia.org/wiki/Cron. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "incrementalCronExpression")] + pub incremental_cron_expression: Option, /// Specifies the backup method to use, as defined in backupPolicy. pub method: String, /// Specifies whether to enable point-in-time recovery. @@ -2058,6 +2064,12 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyTopologySpreadConstrain #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// @@ -5190,6 +5202,12 @@ pub struct ClusterComponentSpecsUserResourceRefsSecretRefsSecretItems { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// @@ -9925,6 +9943,12 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyTopologySpreadCo #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// @@ -13069,6 +13093,12 @@ pub struct ClusterShardingSpecsTemplateUserResourceRefsSecretRefsSecretItems { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs index cb80d13e4..9d8e0112d 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs @@ -1087,7 +1087,7 @@ pub struct ComponentDefinitionLifecycleActionsAccountProvision { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -1497,7 +1497,7 @@ pub struct ComponentDefinitionLifecycleActionsDataDump { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -1906,7 +1906,7 @@ pub struct ComponentDefinitionLifecycleActionsDataLoad { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -2342,7 +2342,7 @@ pub struct ComponentDefinitionLifecycleActionsMemberJoin { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -2778,7 +2778,7 @@ pub struct ComponentDefinitionLifecycleActionsMemberLeave { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -3209,7 +3209,7 @@ pub struct ComponentDefinitionLifecycleActionsPostProvision { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -3647,7 +3647,7 @@ pub struct ComponentDefinitionLifecycleActionsPreTerminate { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -4059,7 +4059,7 @@ pub struct ComponentDefinitionLifecycleActionsReadonly { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -4473,7 +4473,7 @@ pub struct ComponentDefinitionLifecycleActionsReadwrite { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -4871,7 +4871,7 @@ pub struct ComponentDefinitionLifecycleActionsReconfigure { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler @@ -5294,7 +5294,7 @@ pub struct ComponentDefinitionLifecycleActionsRoleProbe { /// Lorry, as a sidecar agent co-located with the database container in the same Pod, /// includes a suite of built-in action implementations that are tailored to different database engines. /// These are known as "builtin" handlers, includes: `mysql`, `redis`, `mongodb`, `etcd`, - /// `postgresql`, `official-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. + /// `postgresql`, `vanilla-postgresql`, `apecloud-postgresql`, `wesql`, `oceanbase`, `polardbx`. /// /// /// If the `builtinHandler` field is specified, it instructs Lorry to utilize its internal built-in action handler diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs index a8be73f33..517d7138d 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs @@ -1631,6 +1631,12 @@ pub struct ComponentInstancesSchedulingPolicyTopologySpreadConstraintsLabelSelec #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// @@ -4941,6 +4947,12 @@ pub struct ComponentTolerations { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumeClaimTemplates { + /// Specifies the annotations for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Specifies the labels for the PVC of the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Refers to the name of a volumeMount defined in either: /// /// diff --git a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/applications.rs b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/applications.rs index 122d20335..527f8ae24 100644 --- a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/applications.rs +++ b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/applications.rs @@ -73,6 +73,9 @@ pub struct ApplicationOperationRetryBackoff { /// Sync contains parameters for the operation #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationOperationSync { + /// SelfHealAttemptsCount contains the number of auto-heal attempts + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoHealAttemptsCount")] + pub auto_heal_attempts_count: Option, /// DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] pub dry_run: Option, @@ -207,12 +210,23 @@ pub struct ApplicationOperationSyncSourceDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationOperationSyncSourceHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -267,6 +281,10 @@ pub struct ApplicationOperationSyncSourceHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationOperationSyncSourceKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -288,6 +306,10 @@ pub struct ApplicationOperationSyncSourceKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -472,12 +494,23 @@ pub struct ApplicationOperationSyncSourcesDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationOperationSyncSourcesHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -532,6 +565,10 @@ pub struct ApplicationOperationSyncSourcesHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationOperationSyncSourcesKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -553,6 +590,10 @@ pub struct ApplicationOperationSyncSourcesKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -846,12 +887,23 @@ pub struct ApplicationSourceDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationSourceHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -906,6 +958,10 @@ pub struct ApplicationSourceHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationSourceKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -927,6 +983,10 @@ pub struct ApplicationSourceKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -1111,12 +1171,23 @@ pub struct ApplicationSourcesDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationSourcesHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -1171,6 +1242,10 @@ pub struct ApplicationSourcesHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationSourcesKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -1192,6 +1267,10 @@ pub struct ApplicationSourcesKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -1549,12 +1628,23 @@ pub struct ApplicationStatusHistorySourceDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusHistorySourceHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -1609,6 +1699,10 @@ pub struct ApplicationStatusHistorySourceHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusHistorySourceKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -1630,6 +1724,10 @@ pub struct ApplicationStatusHistorySourceKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -1814,12 +1912,23 @@ pub struct ApplicationStatusHistorySourcesDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusHistorySourcesHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -1874,6 +1983,10 @@ pub struct ApplicationStatusHistorySourcesHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusHistorySourcesKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -1895,6 +2008,10 @@ pub struct ApplicationStatusHistorySourcesKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -2079,6 +2196,9 @@ pub struct ApplicationStatusOperationStateOperationRetryBackoff { /// Sync contains parameters for the operation #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateOperationSync { + /// SelfHealAttemptsCount contains the number of auto-heal attempts + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoHealAttemptsCount")] + pub auto_heal_attempts_count: Option, /// DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] pub dry_run: Option, @@ -2213,12 +2333,23 @@ pub struct ApplicationStatusOperationStateOperationSyncSourceDirectoryJsonnetTla /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateOperationSyncSourceHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -2273,6 +2404,10 @@ pub struct ApplicationStatusOperationStateOperationSyncSourceHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateOperationSyncSourceKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -2294,6 +2429,10 @@ pub struct ApplicationStatusOperationStateOperationSyncSourceKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -2478,12 +2617,23 @@ pub struct ApplicationStatusOperationStateOperationSyncSourcesDirectoryJsonnetTl /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateOperationSyncSourcesHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -2538,6 +2688,10 @@ pub struct ApplicationStatusOperationStateOperationSyncSourcesHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateOperationSyncSourcesKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -2559,6 +2713,10 @@ pub struct ApplicationStatusOperationStateOperationSyncSourcesKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -2836,12 +2994,23 @@ pub struct ApplicationStatusOperationStateSyncResultSourceDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateSyncResultSourceHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -2896,6 +3065,10 @@ pub struct ApplicationStatusOperationStateSyncResultSourceHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateSyncResultSourceKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -2917,6 +3090,10 @@ pub struct ApplicationStatusOperationStateSyncResultSourceKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -3101,12 +3278,23 @@ pub struct ApplicationStatusOperationStateSyncResultSourcesDirectoryJsonnetTlas /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateSyncResultSourcesHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -3161,6 +3349,10 @@ pub struct ApplicationStatusOperationStateSyncResultSourcesHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusOperationStateSyncResultSourcesKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -3182,6 +3374,10 @@ pub struct ApplicationStatusOperationStateSyncResultSourcesKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -3483,12 +3679,23 @@ pub struct ApplicationStatusSyncComparedToSourceDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusSyncComparedToSourceHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -3543,6 +3750,10 @@ pub struct ApplicationStatusSyncComparedToSourceHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusSyncComparedToSourceKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -3564,6 +3775,10 @@ pub struct ApplicationStatusSyncComparedToSourceKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, @@ -3748,12 +3963,23 @@ pub struct ApplicationStatusSyncComparedToSourcesDirectoryJsonnetTlas { /// Helm holds helm specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusSyncComparedToSourcesHelm { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// FileParameters are file parameters to the helm template #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileParameters")] pub file_parameters: Option>, /// IgnoreMissingValueFiles prevents helm template from failing when valueFiles do not exist locally by not appending them to helm template --values #[serde(default, skip_serializing_if = "Option::is_none", rename = "ignoreMissingValueFiles")] pub ignore_missing_value_files: Option, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, + /// Namespace is an optional namespace to template with. If left empty, defaults to the app's destination namespace. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -3808,6 +4034,10 @@ pub struct ApplicationStatusSyncComparedToSourcesHelmParameters { /// Kustomize holds kustomize specific options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationStatusSyncComparedToSourcesKustomize { + /// APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + /// Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersions")] + pub api_versions: Option>, /// CommonAnnotations is a list of additional annotations to add to rendered manifests #[serde(default, skip_serializing_if = "Option::is_none", rename = "commonAnnotations")] pub common_annotations: Option>, @@ -3829,6 +4059,10 @@ pub struct ApplicationStatusSyncComparedToSourcesKustomize { /// Images is a list of Kustomize image override specifications #[serde(default, skip_serializing_if = "Option::is_none")] pub images: Option>, + /// KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + /// uses the Kubernetes version of the target cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubeVersion")] + pub kube_version: Option, /// LabelWithoutSelector specifies whether to apply common labels to resource selectors or not #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelWithoutSelector")] pub label_without_selector: Option, diff --git a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/appprojects.rs b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/appprojects.rs index b41b0ae02..698f41c35 100644 --- a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/appprojects.rs +++ b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/appprojects.rs @@ -27,6 +27,9 @@ pub struct AppProjectSpec { /// Description contains optional project description #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, + /// DestinationServiceAccounts holds information about the service accounts to be impersonated for the application sync operation for each destination. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationServiceAccounts")] + pub destination_service_accounts: Option>, /// Destinations contains list of destinations available for deployment #[serde(default, skip_serializing_if = "Option::is_none")] pub destinations: Option>, @@ -75,6 +78,19 @@ pub struct AppProjectClusterResourceWhitelist { pub kind: String, } +/// ApplicationDestinationServiceAccount holds information about the service account to be impersonated for the application sync operation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AppProjectDestinationServiceAccounts { + /// DefaultServiceAccount to be used for impersonation during the sync operation + #[serde(rename = "defaultServiceAccount")] + pub default_service_account: String, + /// Namespace specifies the target namespace for the application's resources. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Server specifies the URL of the target cluster's Kubernetes control plane API. + pub server: String, +} + /// ApplicationDestination holds information about the application's destination #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppProjectDestinations { diff --git a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs index 65d49ed3d..df6b7ed8d 100644 --- a/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs +++ b/kube-custom-resources-rs/src/argoproj_io/v1alpha1/argocds.rs @@ -8,6 +8,7 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -87,6 +88,9 @@ pub struct ArgoCDSpec { /// InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialSSHKnownHosts")] pub initial_ssh_known_hosts: Option, + /// InstallationID uniquely identifies an Argo CD instance in multi-instance clusters. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "installationID")] + pub installation_id: Option, /// KustomizeBuildOptions is used to specify build options/parameters to use with `kustomize build`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kustomizeBuildOptions")] pub kustomize_build_options: Option, @@ -1544,7 +1548,9 @@ pub struct ArgoCDRepo { /// ServiceAccount defines the ServiceAccount user that you would like the Repo server to use #[serde(default, skip_serializing_if = "Option::is_none")] pub serviceaccount: Option, - /// SidecarContainers defines the list of sidecar containers for the repo server deployment + /// SidecarContainers defines the list of sidecar containers for the repo + /// server deployment. If the image field is omitted from a SidecarContainer, + /// the image for the repo server will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sidecarContainers")] pub sidecar_containers: Option>, /// VerifyTLS defines whether repo server API should be accessed using strict TLS validation @@ -6227,6 +6233,9 @@ pub struct ArgoCDStatus { /// Unknown: The state of the Argo CD applicationSet controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationSetController")] pub application_set_controller: Option, + /// Conditions is an array of the ArgoCD's status conditions + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, /// Host is the hostname of the Ingress. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, diff --git a/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs b/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs index 6d0944288..52a6760b5 100644 --- a/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs +++ b/kube-custom-resources-rs/src/argoproj_io/v1beta1/argocds.rs @@ -8,6 +8,7 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -83,6 +84,9 @@ pub struct ArgoCDSpec { /// InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialSSHKnownHosts")] pub initial_ssh_known_hosts: Option, + /// InstallationID uniquely identifies an Argo CD instance in multi-instance clusters. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "installationID")] + pub installation_id: Option, /// KustomizeBuildOptions is used to specify build options/parameters to use with `kustomize build`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kustomizeBuildOptions")] pub kustomize_build_options: Option, @@ -2087,6 +2091,9 @@ pub struct ArgoCDController { /// Resources defines the Compute Resources required by the container for the Application Controller. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RespectRBAC restricts controller from discovering/syncing specific resources, Defaults is empty if not configured. Valid options are strict and normal. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "respectRBAC")] + pub respect_rbac: Option, /// Sharding contains the options for the Application Controller sharding configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub sharding: Option, @@ -6893,7 +6900,9 @@ pub struct ArgoCDRepo { /// ServiceAccount defines the ServiceAccount user that you would like the Repo server to use #[serde(default, skip_serializing_if = "Option::is_none")] pub serviceaccount: Option, - /// SidecarContainers defines the list of sidecar containers for the repo server deployment + /// SidecarContainers defines the list of sidecar containers for the repo + /// server deployment. If the image field is omitted from a SidecarContainer, + /// the image for the repo server will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sidecarContainers")] pub sidecar_containers: Option>, /// VerifyTLS defines whether repo server API should be accessed using strict TLS validation @@ -15463,6 +15472,9 @@ pub struct ArgoCDStatus { /// Unknown: The state of the Argo CD applicationSet controller component could not be obtained. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationSetController")] pub application_set_controller: Option, + /// Conditions is an array of the ArgoCD's status conditions + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, /// Host is the hostname of the Ingress. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, diff --git a/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs b/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs index b8fd84425..7962eff43 100644 --- a/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs +++ b/kube-custom-resources-rs/src/asdb_aerospike_com/v1/aerospikeclusters.rs @@ -288,9 +288,11 @@ pub enum AerospikeClusterAerospikeNetworkPolicyTlsFabric { #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct AerospikeClusterOperations { + /// ID is the unique identifier for the operation. It is used by the operator to track the operation. pub id: String, /// Kind is the type of operation to be performed on the Aerospike cluster. pub kind: AerospikeClusterOperationsKind, + /// PodList is the list of pods on which the operation is to be performed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podList")] pub pod_list: Option>, } @@ -400,7 +402,6 @@ pub struct AerospikeClusterPodSpec { /// and any traffic that is sent to this port is forwarded to the service. /// Here service picks a random port in range (30000-32767), so these port should be open. /// - /// /// If set false then only single pod can be created per Kubernetes Node. /// This will create Pods using hostPort setting. /// The container port will be exposed to the external network at :, @@ -447,11 +448,9 @@ pub struct AerospikeClusterPodSpecAerospikeContainerResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -474,6 +473,11 @@ pub struct AerospikeClusterPodSpecAerospikeContainerResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext that will be added to aerospike-server container created by operator. @@ -488,6 +492,11 @@ pub struct AerospikeClusterPodSpecAerospikeContainerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -500,7 +509,7 @@ pub struct AerospikeClusterPodSpecAerospikeContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -554,6 +563,26 @@ pub struct AerospikeClusterPodSpecAerospikeContainerSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterPodSpecAerospikeContainerSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -603,7 +632,6 @@ pub struct AerospikeClusterPodSpecAerospikeContainerSecurityContextSeccompProfil /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -671,11 +699,9 @@ pub struct AerospikeClusterPodSpecAerospikeInitContainerResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -698,6 +724,11 @@ pub struct AerospikeClusterPodSpecAerospikeInitContainerResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext that will be added to aerospike-init container created by operator. @@ -712,6 +743,11 @@ pub struct AerospikeClusterPodSpecAerospikeInitContainerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -724,7 +760,7 @@ pub struct AerospikeClusterPodSpecAerospikeInitContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -778,6 +814,26 @@ pub struct AerospikeClusterPodSpecAerospikeInitContainerSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterPodSpecAerospikeInitContainerSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -827,7 +883,6 @@ pub struct AerospikeClusterPodSpecAerospikeInitContainerSecurityContextSeccompPr /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -1063,24 +1118,24 @@ pub struct AerospikeClusterPodSpecAffinityPodAffinityPreferredDuringSchedulingIg pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1184,24 +1239,24 @@ pub struct AerospikeClusterPodSpecAffinityPodAffinityRequiredDuringSchedulingIgn pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1336,24 +1391,24 @@ pub struct AerospikeClusterPodSpecAffinityPodAntiAffinityPreferredDuringScheduli pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1457,24 +1512,24 @@ pub struct AerospikeClusterPodSpecAffinityPodAntiAffinityRequiredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1601,8 +1656,10 @@ pub struct AerospikeClusterPodSpecDnsConfigOptions { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1820,8 +1877,10 @@ pub struct AerospikeClusterPodSpecInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1861,8 +1920,10 @@ pub struct AerospikeClusterPodSpecInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1888,8 +1949,10 @@ pub struct AerospikeClusterPodSpecInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecInitContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1901,8 +1964,10 @@ pub struct AerospikeClusterPodSpecInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecInitContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2187,7 +2252,6 @@ pub struct AerospikeClusterPodSpecInitContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2338,7 +2402,6 @@ pub struct AerospikeClusterPodSpecInitContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2410,11 +2473,9 @@ pub struct AerospikeClusterPodSpecInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2437,6 +2498,11 @@ pub struct AerospikeClusterPodSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -2453,6 +2519,11 @@ pub struct AerospikeClusterPodSpecInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2465,7 +2536,7 @@ pub struct AerospikeClusterPodSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2519,6 +2590,26 @@ pub struct AerospikeClusterPodSpecInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterPodSpecInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2568,7 +2659,6 @@ pub struct AerospikeClusterPodSpecInitContainersSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2680,7 +2770,6 @@ pub struct AerospikeClusterPodSpecInitContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2752,6 +2841,8 @@ pub struct AerospikeClusterPodSpecInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2760,6 +2851,24 @@ pub struct AerospikeClusterPodSpecInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2787,16 +2896,18 @@ pub struct AerospikeClusterPodSpecMetadata { /// Optional: Defaults to empty. See type description for default values of each field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -2846,15 +2957,24 @@ pub struct AerospikeClusterPodSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -2868,6 +2988,25 @@ pub struct AerospikeClusterPodSpecSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterPodSpecSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -2903,7 +3042,6 @@ pub struct AerospikeClusterPodSpecSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3161,8 +3299,10 @@ pub struct AerospikeClusterPodSpecSidecarsEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3202,8 +3342,10 @@ pub struct AerospikeClusterPodSpecSidecarsEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3229,8 +3371,10 @@ pub struct AerospikeClusterPodSpecSidecarsEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecSidecarsEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3242,8 +3386,10 @@ pub struct AerospikeClusterPodSpecSidecarsEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterPodSpecSidecarsEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3528,7 +3674,6 @@ pub struct AerospikeClusterPodSpecSidecarsLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3679,7 +3824,6 @@ pub struct AerospikeClusterPodSpecSidecarsReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3751,11 +3895,9 @@ pub struct AerospikeClusterPodSpecSidecarsResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -3778,6 +3920,11 @@ pub struct AerospikeClusterPodSpecSidecarsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -3794,6 +3941,11 @@ pub struct AerospikeClusterPodSpecSidecarsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3806,7 +3958,7 @@ pub struct AerospikeClusterPodSpecSidecarsSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -3860,6 +4012,26 @@ pub struct AerospikeClusterPodSpecSidecarsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterPodSpecSidecarsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3909,7 +4081,6 @@ pub struct AerospikeClusterPodSpecSidecarsSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -4021,7 +4192,6 @@ pub struct AerospikeClusterPodSpecSidecarsStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4093,6 +4263,8 @@ pub struct AerospikeClusterPodSpecSidecarsVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4101,6 +4273,24 @@ pub struct AerospikeClusterPodSpecSidecarsVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4425,24 +4615,24 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAffinityPre pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4546,24 +4736,24 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAffinityReq pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4698,24 +4888,24 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAntiAffinit pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4819,24 +5009,24 @@ pub struct AerospikeClusterRackConfigRacksEffectivePodSpecAffinityPodAntiAffinit pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5330,7 +5520,6 @@ pub struct AerospikeClusterRackConfigRacksEffectiveStorageVolumesSource { pub persistent_volume: Option, /// Adapts a Secret into a volume. /// - /// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -5360,8 +5549,10 @@ pub struct AerospikeClusterRackConfigRacksEffectiveStorageVolumesSourceConfigMap #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5473,7 +5664,6 @@ pub struct AerospikeClusterRackConfigRacksEffectiveStorageVolumesSourcePersisten /// Adapts a Secret into a volume. /// -/// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -5752,24 +5942,24 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAffinityPreferredDur pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5873,24 +6063,24 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAffinityRequiredDuri pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6025,24 +6215,24 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAntiAffinityPreferre pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6146,24 +6336,24 @@ pub struct AerospikeClusterRackConfigRacksPodSpecAffinityPodAntiAffinityRequired pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6657,7 +6847,6 @@ pub struct AerospikeClusterRackConfigRacksStorageVolumesSource { pub persistent_volume: Option, /// Adapts a Secret into a volume. /// - /// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -6687,8 +6876,10 @@ pub struct AerospikeClusterRackConfigRacksStorageVolumesSourceConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6800,7 +6991,6 @@ pub struct AerospikeClusterRackConfigRacksStorageVolumesSourcePersistentVolumeSe /// Adapts a Secret into a volume. /// -/// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -7282,7 +7472,6 @@ pub struct AerospikeClusterStorageVolumesSource { pub persistent_volume: Option, /// Adapts a Secret into a volume. /// - /// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -7312,8 +7501,10 @@ pub struct AerospikeClusterStorageVolumesSourceConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -7425,7 +7616,6 @@ pub struct AerospikeClusterStorageVolumesSourcePersistentVolumeSelectorMatchExpr /// Adapts a Secret into a volume. /// -/// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -7544,7 +7734,6 @@ pub struct AerospikeClusterStatus { /// and any traffic that is sent to this port is forwarded to the service. /// Here service picks a random port in range (30000-32767), so these port should be open. /// - /// /// If set false then only single pod can be created per Kubernetes Node. /// This will create Pods using hostPort setting. /// The container port will be exposed to the external network at :, @@ -7586,6 +7775,9 @@ pub struct AerospikeClusterStatus { /// SeedsFinderServices describes services which are used for seeding Aerospike nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seedsFinderServices")] pub seeds_finder_services: Option, + /// Selector specifies the label selector for the Aerospike pods. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, /// Aerospike cluster size #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, @@ -7804,9 +7996,11 @@ pub enum AerospikeClusterStatusAerospikeNetworkPolicyTlsFabric { #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct AerospikeClusterStatusOperations { + /// ID is the unique identifier for the operation. It is used by the operator to track the operation. pub id: String, /// Kind is the type of operation to be performed on the Aerospike cluster. pub kind: AerospikeClusterStatusOperationsKind, + /// PodList is the list of pods on which the operation is to be performed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podList")] pub pod_list: Option>, } @@ -7924,7 +8118,6 @@ pub struct AerospikeClusterStatusPodSpec { /// and any traffic that is sent to this port is forwarded to the service. /// Here service picks a random port in range (30000-32767), so these port should be open. /// - /// /// If set false then only single pod can be created per Kubernetes Node. /// This will create Pods using hostPort setting. /// The container port will be exposed to the external network at :, @@ -7971,11 +8164,9 @@ pub struct AerospikeClusterStatusPodSpecAerospikeContainerResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -7998,6 +8189,11 @@ pub struct AerospikeClusterStatusPodSpecAerospikeContainerResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext that will be added to aerospike-server container created by operator. @@ -8012,6 +8208,11 @@ pub struct AerospikeClusterStatusPodSpecAerospikeContainerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -8024,7 +8225,7 @@ pub struct AerospikeClusterStatusPodSpecAerospikeContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -8078,6 +8279,26 @@ pub struct AerospikeClusterStatusPodSpecAerospikeContainerSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterStatusPodSpecAerospikeContainerSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -8127,7 +8348,6 @@ pub struct AerospikeClusterStatusPodSpecAerospikeContainerSecurityContextSeccomp /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -8195,11 +8415,9 @@ pub struct AerospikeClusterStatusPodSpecAerospikeInitContainerResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -8222,6 +8440,11 @@ pub struct AerospikeClusterStatusPodSpecAerospikeInitContainerResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext that will be added to aerospike-init container created by operator. @@ -8236,6 +8459,11 @@ pub struct AerospikeClusterStatusPodSpecAerospikeInitContainerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -8248,7 +8476,7 @@ pub struct AerospikeClusterStatusPodSpecAerospikeInitContainerSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -8302,6 +8530,26 @@ pub struct AerospikeClusterStatusPodSpecAerospikeInitContainerSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterStatusPodSpecAerospikeInitContainerSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -8351,7 +8599,6 @@ pub struct AerospikeClusterStatusPodSpecAerospikeInitContainerSecurityContextSec /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -8587,24 +8834,24 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAffinityPreferredDuringSchedu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -8708,24 +8955,24 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAffinityRequiredDuringSchedul pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -8860,24 +9107,24 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAntiAffinityPreferredDuringSc pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -8981,24 +9228,24 @@ pub struct AerospikeClusterStatusPodSpecAffinityPodAntiAffinityRequiredDuringSch pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9125,8 +9372,10 @@ pub struct AerospikeClusterStatusPodSpecDnsConfigOptions { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9344,8 +9593,10 @@ pub struct AerospikeClusterStatusPodSpecInitContainersEnvValueFromConfigMapKeyRe /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -9385,8 +9636,10 @@ pub struct AerospikeClusterStatusPodSpecInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -9412,8 +9665,10 @@ pub struct AerospikeClusterStatusPodSpecInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecInitContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -9425,8 +9680,10 @@ pub struct AerospikeClusterStatusPodSpecInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecInitContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -9711,7 +9968,6 @@ pub struct AerospikeClusterStatusPodSpecInitContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -9862,7 +10118,6 @@ pub struct AerospikeClusterStatusPodSpecInitContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -9934,11 +10189,9 @@ pub struct AerospikeClusterStatusPodSpecInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -9961,6 +10214,11 @@ pub struct AerospikeClusterStatusPodSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -9977,6 +10235,11 @@ pub struct AerospikeClusterStatusPodSpecInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -9989,7 +10252,7 @@ pub struct AerospikeClusterStatusPodSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -10043,6 +10306,26 @@ pub struct AerospikeClusterStatusPodSpecInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterStatusPodSpecInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -10092,7 +10375,6 @@ pub struct AerospikeClusterStatusPodSpecInitContainersSecurityContextSeccompProf /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -10204,7 +10486,6 @@ pub struct AerospikeClusterStatusPodSpecInitContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -10276,6 +10557,8 @@ pub struct AerospikeClusterStatusPodSpecInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -10284,6 +10567,24 @@ pub struct AerospikeClusterStatusPodSpecInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -10311,16 +10612,18 @@ pub struct AerospikeClusterStatusPodSpecMetadata { /// Optional: Defaults to empty. See type description for default values of each field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -10370,15 +10673,24 @@ pub struct AerospikeClusterStatusPodSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -10392,6 +10704,25 @@ pub struct AerospikeClusterStatusPodSpecSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterStatusPodSpecSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -10427,7 +10758,6 @@ pub struct AerospikeClusterStatusPodSpecSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -10685,8 +11015,10 @@ pub struct AerospikeClusterStatusPodSpecSidecarsEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -10726,8 +11058,10 @@ pub struct AerospikeClusterStatusPodSpecSidecarsEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -10753,8 +11087,10 @@ pub struct AerospikeClusterStatusPodSpecSidecarsEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecSidecarsEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -10766,8 +11102,10 @@ pub struct AerospikeClusterStatusPodSpecSidecarsEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AerospikeClusterStatusPodSpecSidecarsEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -11052,7 +11390,6 @@ pub struct AerospikeClusterStatusPodSpecSidecarsLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -11203,7 +11540,6 @@ pub struct AerospikeClusterStatusPodSpecSidecarsReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -11275,11 +11611,9 @@ pub struct AerospikeClusterStatusPodSpecSidecarsResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -11302,6 +11636,11 @@ pub struct AerospikeClusterStatusPodSpecSidecarsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -11318,6 +11657,11 @@ pub struct AerospikeClusterStatusPodSpecSidecarsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -11330,7 +11674,7 @@ pub struct AerospikeClusterStatusPodSpecSidecarsSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -11384,6 +11728,26 @@ pub struct AerospikeClusterStatusPodSpecSidecarsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AerospikeClusterStatusPodSpecSidecarsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -11433,7 +11797,6 @@ pub struct AerospikeClusterStatusPodSpecSidecarsSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -11545,7 +11908,6 @@ pub struct AerospikeClusterStatusPodSpecSidecarsStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -11617,6 +11979,8 @@ pub struct AerospikeClusterStatusPodSpecSidecarsVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -11625,6 +11989,24 @@ pub struct AerospikeClusterStatusPodSpecSidecarsVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -12042,24 +12424,24 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAffin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12163,24 +12545,24 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAffin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12315,24 +12697,24 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAntiA pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12436,24 +12818,24 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectivePodSpecAffinityPodAntiA pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12947,7 +13329,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectiveStorageVolumesSource { pub persistent_volume: Option, /// Adapts a Secret into a volume. /// - /// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -12977,8 +13358,10 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectiveStorageVolumesSourceCon #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -13090,7 +13473,6 @@ pub struct AerospikeClusterStatusRackConfigRacksEffectiveStorageVolumesSourcePer /// Adapts a Secret into a volume. /// -/// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -13369,24 +13751,24 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAffinityPrefer pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -13490,24 +13872,24 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAffinityRequir pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -13642,24 +14024,24 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAntiAffinityPr pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -13763,24 +14145,24 @@ pub struct AerospikeClusterStatusRackConfigRacksPodSpecAffinityPodAntiAffinityRe pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -14274,7 +14656,6 @@ pub struct AerospikeClusterStatusRackConfigRacksStorageVolumesSource { pub persistent_volume: Option, /// Adapts a Secret into a volume. /// - /// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -14304,8 +14685,10 @@ pub struct AerospikeClusterStatusRackConfigRacksStorageVolumesSourceConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -14417,7 +14800,6 @@ pub struct AerospikeClusterStatusRackConfigRacksStorageVolumesSourcePersistentVo /// Adapts a Secret into a volume. /// -/// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -14491,11 +14873,9 @@ pub struct AerospikeClusterStatusResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -14518,6 +14898,11 @@ pub struct AerospikeClusterStatusResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SeedsFinderServices describes services which are used for seeding Aerospike nodes. @@ -14936,7 +15321,6 @@ pub struct AerospikeClusterStatusStorageVolumesSource { pub persistent_volume: Option, /// Adapts a Secret into a volume. /// - /// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. @@ -14966,8 +15350,10 @@ pub struct AerospikeClusterStatusStorageVolumesSourceConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -15079,7 +15465,6 @@ pub struct AerospikeClusterStatusStorageVolumesSourcePersistentVolumeSelectorMat /// Adapts a Secret into a volume. /// -/// /// The contents of the target Secret's Data field will be presented in a volume /// as files using the keys in the Data field as the file names. /// Secret volumes support ownership management and SELinux relabeling. diff --git a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalercheckpoints.rs b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalercheckpoints.rs index 8b0899d57..59c148bd6 100644 --- a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalercheckpoints.rs +++ b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalercheckpoints.rs @@ -10,7 +10,8 @@ mod prelude { } use self::prelude::*; -/// Specification of the checkpoint. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. +/// Specification of the checkpoint. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "autoscaling.k8s.io", version = "v1", kind = "VerticalPodAutoscalerCheckpoint", plural = "verticalpodautoscalercheckpoints")] #[kube(namespaced)] diff --git a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalers.rs b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalers.rs index 037752944..301f6798d 100644 --- a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalers.rs +++ b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1/verticalpodautoscalers.rs @@ -12,7 +12,8 @@ mod prelude { } use self::prelude::*; -/// Specification of the behavior of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. +/// Specification of the behavior of the autoscaler. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "autoscaling.k8s.io", version = "v1", kind = "VerticalPodAutoscaler", plural = "verticalpodautoscalers")] #[kube(namespaced)] @@ -21,28 +22,55 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct VerticalPodAutoscalerSpec { - /// Recommender responsible for generating recommendation for this object. List should be empty (then the default recommender will generate the recommendation) or contain exactly one recommender. + /// Recommender responsible for generating recommendation for this object. + /// List should be empty (then the default recommender will generate the + /// recommendation) or contain exactly one recommender. #[serde(default, skip_serializing_if = "Option::is_none")] pub recommenders: Option>, - /// Controls how the autoscaler computes recommended resources. The resource policy may be used to set constraints on the recommendations for individual containers. If any individual containers need to be excluded from getting the VPA recommendations, then it must be disabled explicitly by setting mode to "Off" under containerPolicies. If not specified, the autoscaler computes recommended resources for all containers in the pod, without additional constraints. + /// Controls how the autoscaler computes recommended resources. + /// The resource policy may be used to set constraints on the recommendations + /// for individual containers. + /// If any individual containers need to be excluded from getting the VPA recommendations, then + /// it must be disabled explicitly by setting mode to "Off" under containerPolicies. + /// If not specified, the autoscaler computes recommended resources for all containers in the pod, + /// without additional constraints. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePolicy")] pub resource_policy: Option, - /// TargetRef points to the controller managing the set of pods for the autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler can be targeted at controller implementing scale subresource (the pod set is retrieved from the controller's ScaleStatus) or some well known controllers (e.g. for DaemonSet the pod set is read from the controller's spec). If VerticalPodAutoscaler cannot use specified target it will report ConfigUnsupported condition. Note that VerticalPodAutoscaler does not require full implementation of scale subresource - it will not use it to modify the replica count. The only thing retrieved is a label selector matching pods grouped by the target resource. + /// TargetRef points to the controller managing the set of pods for the + /// autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler + /// can be targeted at controller implementing scale subresource (the pod set is + /// retrieved from the controller's ScaleStatus) or some well known controllers + /// (e.g. for DaemonSet the pod set is read from the controller's spec). + /// If VerticalPodAutoscaler cannot use specified target it will report + /// ConfigUnsupported condition. + /// Note that VerticalPodAutoscaler does not require full implementation + /// of scale subresource - it will not use it to modify the replica count. + /// The only thing retrieved is a label selector matching pods grouped by + /// the target resource. #[serde(rename = "targetRef")] pub target_ref: VerticalPodAutoscalerTargetRef, - /// Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values. + /// Describes the rules on how changes are applied to the pods. + /// If not specified, all fields in the `PodUpdatePolicy` are set to their + /// default values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePolicy")] pub update_policy: Option, } -/// VerticalPodAutoscalerRecommenderSelector points to a specific Vertical Pod Autoscaler recommender. In the future it might pass parameters to the recommender. +/// VerticalPodAutoscalerRecommenderSelector points to a specific Vertical Pod Autoscaler recommender. +/// In the future it might pass parameters to the recommender. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerRecommenders { /// Name of the recommender responsible for generating recommendation for this object. pub name: String, } -/// Controls how the autoscaler computes recommended resources. The resource policy may be used to set constraints on the recommendations for individual containers. If any individual containers need to be excluded from getting the VPA recommendations, then it must be disabled explicitly by setting mode to "Off" under containerPolicies. If not specified, the autoscaler computes recommended resources for all containers in the pod, without additional constraints. +/// Controls how the autoscaler computes recommended resources. +/// The resource policy may be used to set constraints on the recommendations +/// for individual containers. +/// If any individual containers need to be excluded from getting the VPA recommendations, then +/// it must be disabled explicitly by setting mode to "Off" under containerPolicies. +/// If not specified, the autoscaler computes recommended resources for all containers in the pod, +/// without additional constraints. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerResourcePolicy { /// Per-container resource policies. @@ -50,22 +78,30 @@ pub struct VerticalPodAutoscalerResourcePolicy { pub container_policies: Option>, } -/// ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container. +/// ContainerResourcePolicy controls how autoscaler computes the recommended +/// resources for a specific container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerResourcePolicyContainerPolicies { - /// Name of the container or DefaultContainerResourcePolicy, in which case the policy is used by the containers that don't have their own policy specified. + /// Name of the container or DefaultContainerResourcePolicy, in which + /// case the policy is used by the containers that don't have their own + /// policy specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Specifies the type of recommendations that will be computed (and possibly applied) by VPA. If not specified, the default of [ResourceCPU, ResourceMemory] will be used. + /// Specifies the type of recommendations that will be computed + /// (and possibly applied) by VPA. + /// If not specified, the default of [ResourceCPU, ResourceMemory] will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlledResources")] pub controlled_resources: Option>, - /// Specifies which resource values should be controlled. The default is "RequestsAndLimits". + /// Specifies which resource values should be controlled. + /// The default is "RequestsAndLimits". #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlledValues")] pub controlled_values: Option, - /// Specifies the maximum amount of resources that will be recommended for the container. The default is no maximum. + /// Specifies the maximum amount of resources that will be recommended + /// for the container. The default is no maximum. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAllowed")] pub max_allowed: Option>, - /// Specifies the minimal amount of resources that will be recommended for the container. The default is no minimum. + /// Specifies the minimal amount of resources that will be recommended + /// for the container. The default is no minimum. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAllowed")] pub min_allowed: Option>, /// Whether autoscaler is enabled for the container. The default is "Auto". @@ -73,64 +109,89 @@ pub struct VerticalPodAutoscalerResourcePolicyContainerPolicies { pub mode: Option, } -/// ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container. +/// ContainerResourcePolicy controls how autoscaler computes the recommended +/// resources for a specific container. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum VerticalPodAutoscalerResourcePolicyContainerPoliciesControlledValues { RequestsAndLimits, RequestsOnly, } -/// ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container. +/// ContainerResourcePolicy controls how autoscaler computes the recommended +/// resources for a specific container. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum VerticalPodAutoscalerResourcePolicyContainerPoliciesMode { Auto, Off, } -/// TargetRef points to the controller managing the set of pods for the autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler can be targeted at controller implementing scale subresource (the pod set is retrieved from the controller's ScaleStatus) or some well known controllers (e.g. for DaemonSet the pod set is read from the controller's spec). If VerticalPodAutoscaler cannot use specified target it will report ConfigUnsupported condition. Note that VerticalPodAutoscaler does not require full implementation of scale subresource - it will not use it to modify the replica count. The only thing retrieved is a label selector matching pods grouped by the target resource. +/// TargetRef points to the controller managing the set of pods for the +/// autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler +/// can be targeted at controller implementing scale subresource (the pod set is +/// retrieved from the controller's ScaleStatus) or some well known controllers +/// (e.g. for DaemonSet the pod set is read from the controller's spec). +/// If VerticalPodAutoscaler cannot use specified target it will report +/// ConfigUnsupported condition. +/// Note that VerticalPodAutoscaler does not require full implementation +/// of scale subresource - it will not use it to modify the replica count. +/// The only thing retrieved is a label selector matching pods grouped by +/// the target resource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerTargetRef { - /// API version of the referent + /// apiVersion is the API version of the referent #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds pub kind: String, - /// Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + /// name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, } -/// Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values. +/// Describes the rules on how changes are applied to the pods. +/// If not specified, all fields in the `PodUpdatePolicy` are set to their +/// default values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerUpdatePolicy { - /// EvictionRequirements is a list of EvictionRequirements that need to evaluate to true in order for a Pod to be evicted. If more than one EvictionRequirement is specified, all of them need to be fulfilled to allow eviction. + /// EvictionRequirements is a list of EvictionRequirements that need to + /// evaluate to true in order for a Pod to be evicted. If more than one + /// EvictionRequirement is specified, all of them need to be fulfilled to allow eviction. #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionRequirements")] pub eviction_requirements: Option>, - /// Minimal number of replicas which need to be alive for Updater to attempt pod eviction (pending other checks like PDB). Only positive values are allowed. Overrides global '--min-replicas' flag. + /// Minimal number of replicas which need to be alive for Updater to attempt + /// pod eviction (pending other checks like PDB). Only positive values are + /// allowed. Overrides global '--min-replicas' flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")] pub min_replicas: Option, - /// Controls when autoscaler applies changes to the pod resources. The default is 'Auto'. + /// Controls when autoscaler applies changes to the pod resources. + /// The default is 'Auto'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateMode")] pub update_mode: Option, } -/// EvictionRequirement defines a single condition which needs to be true in order to evict a Pod +/// EvictionRequirement defines a single condition which needs to be true in +/// order to evict a Pod #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct VerticalPodAutoscalerUpdatePolicyEvictionRequirements { /// EvictionChangeRequirement refers to the relationship between the new target recommendation for a Pod and its current requests, what kind of change is necessary for the Pod to be evicted #[serde(rename = "changeRequirement")] pub change_requirement: VerticalPodAutoscalerUpdatePolicyEvictionRequirementsChangeRequirement, - /// Resources is a list of one or more resources that the condition applies to. If more than one resource is given, the EvictionRequirement is fulfilled if at least one resource meets `changeRequirement`. + /// Resources is a list of one or more resources that the condition applies + /// to. If more than one resource is given, the EvictionRequirement is fulfilled + /// if at least one resource meets `changeRequirement`. pub resources: Vec, } -/// EvictionRequirement defines a single condition which needs to be true in order to evict a Pod +/// EvictionRequirement defines a single condition which needs to be true in +/// order to evict a Pod #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum VerticalPodAutoscalerUpdatePolicyEvictionRequirementsChangeRequirement { TargetHigherThanRequests, TargetLowerThanRequests, } -/// Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values. +/// Describes the rules on how changes are applied to the pods. +/// If not specified, all fields in the `PodUpdatePolicy` are set to their +/// default values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum VerticalPodAutoscalerUpdatePolicyUpdateMode { Off, @@ -142,15 +203,18 @@ pub enum VerticalPodAutoscalerUpdatePolicyUpdateMode { /// Current information about the autoscaler. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerStatus { - /// Conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met. + /// Conditions is the set of conditions required for this autoscaler to scale its target, + /// and indicates whether or not those conditions are met. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The most recently computed amount of resources recommended by the autoscaler for the controlled pods. + /// The most recently computed amount of resources recommended by the + /// autoscaler for the controlled pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub recommendation: Option, } -/// The most recently computed amount of resources recommended by the autoscaler for the controlled pods. +/// The most recently computed amount of resources recommended by the +/// autoscaler for the controlled pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerStatusRecommendation { /// Resources recommended by the autoscaler for each container. @@ -158,21 +222,34 @@ pub struct VerticalPodAutoscalerStatusRecommendation { pub container_recommendations: Option>, } -/// RecommendedContainerResources is the recommendation of resources computed by autoscaler for a specific container. Respects the container resource policy if present in the spec. In particular the recommendation is not produced for containers with `ContainerScalingMode` set to 'Off'. +/// RecommendedContainerResources is the recommendation of resources computed by +/// autoscaler for a specific container. Respects the container resource policy +/// if present in the spec. In particular the recommendation is not produced for +/// containers with `ContainerScalingMode` set to 'Off'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerStatusRecommendationContainerRecommendations { /// Name of the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Minimum recommended amount of resources. Observes ContainerResourcePolicy. This amount is not guaranteed to be sufficient for the application to operate in a stable way, however running with less resources is likely to have significant impact on performance/availability. + /// Minimum recommended amount of resources. Observes ContainerResourcePolicy. + /// This amount is not guaranteed to be sufficient for the application to operate in a stable way, however + /// running with less resources is likely to have significant impact on performance/availability. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lowerBound")] pub lower_bound: Option>, /// Recommended amount of resources. Observes ContainerResourcePolicy. pub target: BTreeMap, - /// The most recent recommended resources target computed by the autoscaler for the controlled pods, based only on actual resource usage, not taking into account the ContainerResourcePolicy. May differ from the Recommendation if the actual resource usage causes the target to violate the ContainerResourcePolicy (lower than MinAllowed or higher that MaxAllowed). Used only as status indication, will not affect actual resource assignment. + /// The most recent recommended resources target computed by the autoscaler + /// for the controlled pods, based only on actual resource usage, not taking + /// into account the ContainerResourcePolicy. + /// May differ from the Recommendation if the actual resource usage causes + /// the target to violate the ContainerResourcePolicy (lower than MinAllowed + /// or higher that MaxAllowed). + /// Used only as status indication, will not affect actual resource assignment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "uncappedTarget")] pub uncapped_target: Option>, - /// Maximum recommended amount of resources. Observes ContainerResourcePolicy. Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum amount of application is actually capable of consuming. + /// Maximum recommended amount of resources. Observes ContainerResourcePolicy. + /// Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum + /// amount of application is actually capable of consuming. #[serde(default, skip_serializing_if = "Option::is_none", rename = "upperBound")] pub upper_bound: Option>, } diff --git a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalercheckpoints.rs b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalercheckpoints.rs index ed93c42ab..304b9fae6 100644 --- a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalercheckpoints.rs +++ b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalercheckpoints.rs @@ -10,7 +10,8 @@ mod prelude { } use self::prelude::*; -/// Specification of the checkpoint. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. +/// Specification of the checkpoint. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "autoscaling.k8s.io", version = "v1beta2", kind = "VerticalPodAutoscalerCheckpoint", plural = "verticalpodautoscalercheckpoints")] #[kube(namespaced)] diff --git a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalers.rs b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalers.rs index 2d50faf7c..0e88d2532 100644 --- a/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalers.rs +++ b/kube-custom-resources-rs/src/autoscaling_k8s_io/v1beta2/verticalpodautoscalers.rs @@ -12,7 +12,8 @@ mod prelude { } use self::prelude::*; -/// Specification of the behavior of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. +/// Specification of the behavior of the autoscaler. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "autoscaling.k8s.io", version = "v1beta2", kind = "VerticalPodAutoscaler", plural = "verticalpodautoscalers")] #[kube(namespaced)] @@ -21,18 +22,36 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct VerticalPodAutoscalerSpec { - /// Controls how the autoscaler computes recommended resources. The resource policy may be used to set constraints on the recommendations for individual containers. If not specified, the autoscaler computes recommended resources for all containers in the pod, without additional constraints. + /// Controls how the autoscaler computes recommended resources. + /// The resource policy may be used to set constraints on the recommendations + /// for individual containers. If not specified, the autoscaler computes recommended + /// resources for all containers in the pod, without additional constraints. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePolicy")] pub resource_policy: Option, - /// TargetRef points to the controller managing the set of pods for the autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler can be targeted at controller implementing scale subresource (the pod set is retrieved from the controller's ScaleStatus) or some well known controllers (e.g. for DaemonSet the pod set is read from the controller's spec). If VerticalPodAutoscaler cannot use specified target it will report ConfigUnsupported condition. Note that VerticalPodAutoscaler does not require full implementation of scale subresource - it will not use it to modify the replica count. The only thing retrieved is a label selector matching pods grouped by the target resource. + /// TargetRef points to the controller managing the set of pods for the + /// autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler + /// can be targeted at controller implementing scale subresource (the pod set is + /// retrieved from the controller's ScaleStatus) or some well known controllers + /// (e.g. for DaemonSet the pod set is read from the controller's spec). + /// If VerticalPodAutoscaler cannot use specified target it will report + /// ConfigUnsupported condition. + /// Note that VerticalPodAutoscaler does not require full implementation + /// of scale subresource - it will not use it to modify the replica count. + /// The only thing retrieved is a label selector matching pods grouped by + /// the target resource. #[serde(rename = "targetRef")] pub target_ref: VerticalPodAutoscalerTargetRef, - /// Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values. + /// Describes the rules on how changes are applied to the pods. + /// If not specified, all fields in the `PodUpdatePolicy` are set to their + /// default values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePolicy")] pub update_policy: Option, } -/// Controls how the autoscaler computes recommended resources. The resource policy may be used to set constraints on the recommendations for individual containers. If not specified, the autoscaler computes recommended resources for all containers in the pod, without additional constraints. +/// Controls how the autoscaler computes recommended resources. +/// The resource policy may be used to set constraints on the recommendations +/// for individual containers. If not specified, the autoscaler computes recommended +/// resources for all containers in the pod, without additional constraints. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerResourcePolicy { /// Per-container resource policies. @@ -40,16 +59,21 @@ pub struct VerticalPodAutoscalerResourcePolicy { pub container_policies: Option>, } -/// ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container. +/// ContainerResourcePolicy controls how autoscaler computes the recommended +/// resources for a specific container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerResourcePolicyContainerPolicies { - /// Name of the container or DefaultContainerResourcePolicy, in which case the policy is used by the containers that don't have their own policy specified. + /// Name of the container or DefaultContainerResourcePolicy, in which + /// case the policy is used by the containers that don't have their own + /// policy specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Specifies the maximum amount of resources that will be recommended for the container. The default is no maximum. + /// Specifies the maximum amount of resources that will be recommended + /// for the container. The default is no maximum. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAllowed")] pub max_allowed: Option>, - /// Specifies the minimal amount of resources that will be recommended for the container. The default is no minimum. + /// Specifies the minimal amount of resources that will be recommended + /// for the container. The default is no minimum. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAllowed")] pub min_allowed: Option>, /// Whether autoscaler is enabled for the container. The default is "Auto". @@ -57,34 +81,50 @@ pub struct VerticalPodAutoscalerResourcePolicyContainerPolicies { pub mode: Option, } -/// ContainerResourcePolicy controls how autoscaler computes the recommended resources for a specific container. +/// ContainerResourcePolicy controls how autoscaler computes the recommended +/// resources for a specific container. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum VerticalPodAutoscalerResourcePolicyContainerPoliciesMode { Auto, Off, } -/// TargetRef points to the controller managing the set of pods for the autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler can be targeted at controller implementing scale subresource (the pod set is retrieved from the controller's ScaleStatus) or some well known controllers (e.g. for DaemonSet the pod set is read from the controller's spec). If VerticalPodAutoscaler cannot use specified target it will report ConfigUnsupported condition. Note that VerticalPodAutoscaler does not require full implementation of scale subresource - it will not use it to modify the replica count. The only thing retrieved is a label selector matching pods grouped by the target resource. +/// TargetRef points to the controller managing the set of pods for the +/// autoscaler to control - e.g. Deployment, StatefulSet. VerticalPodAutoscaler +/// can be targeted at controller implementing scale subresource (the pod set is +/// retrieved from the controller's ScaleStatus) or some well known controllers +/// (e.g. for DaemonSet the pod set is read from the controller's spec). +/// If VerticalPodAutoscaler cannot use specified target it will report +/// ConfigUnsupported condition. +/// Note that VerticalPodAutoscaler does not require full implementation +/// of scale subresource - it will not use it to modify the replica count. +/// The only thing retrieved is a label selector matching pods grouped by +/// the target resource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerTargetRef { - /// API version of the referent + /// apiVersion is the API version of the referent #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds pub kind: String, - /// Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + /// name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, } -/// Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values. +/// Describes the rules on how changes are applied to the pods. +/// If not specified, all fields in the `PodUpdatePolicy` are set to their +/// default values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerUpdatePolicy { - /// Controls when autoscaler applies changes to the pod resources. The default is 'Auto'. + /// Controls when autoscaler applies changes to the pod resources. + /// The default is 'Auto'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateMode")] pub update_mode: Option, } -/// Describes the rules on how changes are applied to the pods. If not specified, all fields in the `PodUpdatePolicy` are set to their default values. +/// Describes the rules on how changes are applied to the pods. +/// If not specified, all fields in the `PodUpdatePolicy` are set to their +/// default values. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum VerticalPodAutoscalerUpdatePolicyUpdateMode { Off, @@ -96,15 +136,18 @@ pub enum VerticalPodAutoscalerUpdatePolicyUpdateMode { /// Current information about the autoscaler. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerStatus { - /// Conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met. + /// Conditions is the set of conditions required for this autoscaler to scale its target, + /// and indicates whether or not those conditions are met. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The most recently computed amount of resources recommended by the autoscaler for the controlled pods. + /// The most recently computed amount of resources recommended by the + /// autoscaler for the controlled pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub recommendation: Option, } -/// The most recently computed amount of resources recommended by the autoscaler for the controlled pods. +/// The most recently computed amount of resources recommended by the +/// autoscaler for the controlled pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerStatusRecommendation { /// Resources recommended by the autoscaler for each container. @@ -112,21 +155,34 @@ pub struct VerticalPodAutoscalerStatusRecommendation { pub container_recommendations: Option>, } -/// RecommendedContainerResources is the recommendation of resources computed by autoscaler for a specific container. Respects the container resource policy if present in the spec. In particular the recommendation is not produced for containers with `ContainerScalingMode` set to 'Off'. +/// RecommendedContainerResources is the recommendation of resources computed by +/// autoscaler for a specific container. Respects the container resource policy +/// if present in the spec. In particular the recommendation is not produced for +/// containers with `ContainerScalingMode` set to 'Off'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VerticalPodAutoscalerStatusRecommendationContainerRecommendations { /// Name of the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] pub container_name: Option, - /// Minimum recommended amount of resources. Observes ContainerResourcePolicy. This amount is not guaranteed to be sufficient for the application to operate in a stable way, however running with less resources is likely to have significant impact on performance/availability. + /// Minimum recommended amount of resources. Observes ContainerResourcePolicy. + /// This amount is not guaranteed to be sufficient for the application to operate in a stable way, however + /// running with less resources is likely to have significant impact on performance/availability. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lowerBound")] pub lower_bound: Option>, /// Recommended amount of resources. Observes ContainerResourcePolicy. pub target: BTreeMap, - /// The most recent recommended resources target computed by the autoscaler for the controlled pods, based only on actual resource usage, not taking into account the ContainerResourcePolicy. May differ from the Recommendation if the actual resource usage causes the target to violate the ContainerResourcePolicy (lower than MinAllowed or higher that MaxAllowed). Used only as status indication, will not affect actual resource assignment. + /// The most recent recommended resources target computed by the autoscaler + /// for the controlled pods, based only on actual resource usage, not taking + /// into account the ContainerResourcePolicy. + /// May differ from the Recommendation if the actual resource usage causes + /// the target to violate the ContainerResourcePolicy (lower than MinAllowed + /// or higher that MaxAllowed). + /// Used only as status indication, will not affect actual resource assignment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "uncappedTarget")] pub uncapped_target: Option>, - /// Maximum recommended amount of resources. Observes ContainerResourcePolicy. Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum amount of application is actually capable of consuming. + /// Maximum recommended amount of resources. Observes ContainerResourcePolicy. + /// Any resources allocated beyond this value are likely wasted. This value may be larger than the maximum + /// amount of application is actually capable of consuming. #[serde(default, skip_serializing_if = "Option::is_none", rename = "upperBound")] pub upper_bound: Option>, } diff --git a/kube-custom-resources-rs/src/autoscaling_karmada_io/v1alpha1/cronfederatedhpas.rs b/kube-custom-resources-rs/src/autoscaling_karmada_io/v1alpha1/cronfederatedhpas.rs index 55f4b7582..1efde5cf4 100644 --- a/kube-custom-resources-rs/src/autoscaling_karmada_io/v1alpha1/cronfederatedhpas.rs +++ b/kube-custom-resources-rs/src/autoscaling_karmada_io/v1alpha1/cronfederatedhpas.rs @@ -39,7 +39,6 @@ pub struct CronFederatedHPARules { /// Name of the rule. /// Each rule in a CronFederatedHPA must have a unique name. /// - /// /// Note: the name will be used as an identifier to record its execution /// history. Changing the name will be considered as deleting the old rule /// and adding a new rule, that means the original execution history will be diff --git a/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs b/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs index 261bbcd73..844827787 100644 --- a/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs +++ b/kube-custom-resources-rs/src/awx_ansible_com/v1beta1/awxs.rs @@ -104,6 +104,9 @@ pub struct AWXSpec { /// (Deprecated) The hostname of the instance #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, + /// Scale down deployments to put AWX into an idle state + #[serde(default, skip_serializing_if = "Option::is_none")] + pub idle_deployment: Option, /// Registry path to the application container to use #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, @@ -227,6 +230,9 @@ pub struct AWXSpec { /// Metrics-Utility Ship Target #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics_utility_ship_target: Option, + /// Sets the maximum allowed size of the client request body in megabytes (defaults to 5M) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub nginx_client_max_body_size: Option, /// Set the socket listen queue size for nginx (defaults to same as uwsgi) #[serde(default, skip_serializing_if = "Option::is_none")] pub nginx_listen_queue_size: Option, diff --git a/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs b/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs index 617bdbfa1..0190afbda 100644 --- a/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs +++ b/kube-custom-resources-rs/src/batch_volcano_sh/v1alpha1/jobs.rs @@ -50,7 +50,7 @@ pub struct JobPolicies { #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub event: Option, + pub event: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCode")] @@ -59,6 +59,22 @@ pub struct JobPolicies { pub timeout: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobPoliciesEvent { + #[serde(rename = "*")] + KopiumVariant0, + PodPending, + PodRunning, + PodFailed, + PodEvicted, + Unknown, + TaskCompleted, + OutOfSync, + CommandIssued, + JobUpdated, + TaskFailed, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasks { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependsOn")] @@ -76,7 +92,7 @@ pub struct JobTasks { #[serde(default, skip_serializing_if = "Option::is_none")] pub template: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyPolicy")] - pub topology_policy: Option, + pub topology_policy: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -92,7 +108,7 @@ pub struct JobTasksPolicies { #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub event: Option, + pub event: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCode")] @@ -101,6 +117,22 @@ pub struct JobTasksPolicies { pub timeout: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobTasksPoliciesEvent { + #[serde(rename = "*")] + KopiumVariant0, + PodPending, + PodRunning, + PodFailed, + PodEvicted, + Unknown, + TaskCompleted, + OutOfSync, + CommandIssued, + JobUpdated, + TaskFailed, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTasksTemplate { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3100,6 +3132,18 @@ pub struct JobTasksTemplateSpecVolumesVsphereVolume { pub volume_path: String, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobTasksTopologyPolicy { + #[serde(rename = "none")] + None, + #[serde(rename = "best-effort")] + BestEffort, + #[serde(rename = "restricted")] + Restricted, + #[serde(rename = "single-numa-node")] + SingleNumaNode, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobVolumes { #[serde(rename = "mountPath")] diff --git a/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs b/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs index 721a458cc..729e7ba0c 100644 --- a/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs +++ b/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs @@ -113,7 +113,7 @@ pub enum BuildConfigurationStrategy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasks { /// a BuildahTask, for Buildah strategy - /// Deprecated: use jib, s2i or a custom publishing strategy instead + /// Deprecated: use jib or a custom publishing strategy instead #[serde(default, skip_serializing_if = "Option::is_none")] pub buildah: Option, /// a BuilderTask, used to generate and build the project @@ -126,7 +126,7 @@ pub struct BuildTasks { #[serde(default, skip_serializing_if = "Option::is_none")] pub jib: Option, /// a KanikoTask, for Kaniko strategy - /// Deprecated: use jib, s2i or a custom publishing strategy instead + /// Deprecated: use jib or a custom publishing strategy instead #[serde(default, skip_serializing_if = "Option::is_none")] pub kaniko: Option, /// Application pre publishing @@ -134,16 +134,17 @@ pub struct BuildTasks { #[serde(default, skip_serializing_if = "Option::is_none")] pub package: Option, /// a S2iTask, for S2I strategy + /// Deprecated: use jib or a custom publishing strategy instead #[serde(default, skip_serializing_if = "Option::is_none")] pub s2i: Option, /// a SpectrumTask, for Spectrum strategy - /// Deprecated: use jib, s2i or a custom publishing strategy instead + /// Deprecated: use jib or a custom publishing strategy instead #[serde(default, skip_serializing_if = "Option::is_none")] pub spectrum: Option, } /// a BuildahTask, for Buildah strategy -/// Deprecated: use jib, s2i or a custom publishing strategy instead +/// Deprecated: use jib or a custom publishing strategy instead #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksBuildah { /// base image layer @@ -395,8 +396,12 @@ pub struct BuildTasksBuilderMavenCaSecrets { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -441,8 +446,12 @@ pub struct BuildTasksBuilderMavenProfilesConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -456,8 +465,12 @@ pub struct BuildTasksBuilderMavenProfilesSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -547,8 +560,12 @@ pub struct BuildTasksBuilderMavenSettingsConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -562,8 +579,12 @@ pub struct BuildTasksBuilderMavenSettingsSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -589,8 +610,12 @@ pub struct BuildTasksBuilderMavenSettingsSecurityConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -604,8 +629,12 @@ pub struct BuildTasksBuilderMavenSettingsSecuritySecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -943,7 +972,7 @@ pub struct BuildTasksJibRegistry { } /// a KanikoTask, for Kaniko strategy -/// Deprecated: use jib, s2i or a custom publishing strategy instead +/// Deprecated: use jib or a custom publishing strategy instead #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksKaniko { /// base image layer @@ -1207,8 +1236,12 @@ pub struct BuildTasksPackageMavenCaSecrets { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1253,8 +1286,12 @@ pub struct BuildTasksPackageMavenProfilesConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1268,8 +1305,12 @@ pub struct BuildTasksPackageMavenProfilesSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1359,8 +1400,12 @@ pub struct BuildTasksPackageMavenSettingsConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1374,8 +1419,12 @@ pub struct BuildTasksPackageMavenSettingsSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1401,8 +1450,12 @@ pub struct BuildTasksPackageMavenSettingsSecurityConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1416,8 +1469,12 @@ pub struct BuildTasksPackageMavenSettingsSecuritySecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1569,6 +1626,7 @@ pub struct BuildTasksPackageSources { } /// a S2iTask, for S2I strategy +/// Deprecated: use jib or a custom publishing strategy instead #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksS2i { /// base image layer @@ -1673,7 +1731,7 @@ pub struct BuildTasksS2iRegistry { } /// a SpectrumTask, for Spectrum strategy -/// Deprecated: use jib, s2i or a custom publishing strategy instead +/// Deprecated: use jib or a custom publishing strategy instead #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksSpectrum { /// base image layer diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1alpha1/tenants.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1alpha1/tenants.rs index 41e20c997..a75b9009e 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1alpha1/tenants.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1alpha1/tenants.rs @@ -25,12 +25,14 @@ pub struct TenantSpec { /// additional parameters, used for Update, as in master portal Api Docs #[serde(default, skip_serializing_if = "Option::is_none", rename = "fromEmail")] pub from_email: Option, - /// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace + /// SecretReference represents a Secret Reference. It has enough information to retrieve secret + /// in any namespace #[serde(rename = "masterCredentialsRef")] pub master_credentials_ref: TenantMasterCredentialsRef, #[serde(rename = "organizationName")] pub organization_name: String, - /// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace + /// SecretReference represents a Secret Reference. It has enough information to retrieve secret + /// in any namespace #[serde(rename = "passwordCredentialsRef")] pub password_credentials_ref: TenantPasswordCredentialsRef, #[serde(default, skip_serializing_if = "Option::is_none", rename = "siteAccessCode")] @@ -39,13 +41,15 @@ pub struct TenantSpec { pub support_email: Option, #[serde(rename = "systemMasterUrl")] pub system_master_url: String, - /// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace + /// SecretReference represents a Secret Reference. It has enough information to retrieve secret + /// in any namespace #[serde(rename = "tenantSecretRef")] pub tenant_secret_ref: TenantTenantSecretRef, pub username: String, } -/// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace +/// SecretReference represents a Secret Reference. It has enough information to retrieve secret +/// in any namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantMasterCredentialsRef { /// name is unique within a namespace to reference a secret resource. @@ -56,7 +60,8 @@ pub struct TenantMasterCredentialsRef { pub namespace: Option, } -/// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace +/// SecretReference represents a Secret Reference. It has enough information to retrieve secret +/// in any namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantPasswordCredentialsRef { /// name is unique within a namespace to reference a secret resource. @@ -67,7 +72,8 @@ pub struct TenantPasswordCredentialsRef { pub namespace: Option, } -/// SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace +/// SecretReference represents a Secret Reference. It has enough information to retrieve secret +/// in any namespace #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantTenantSecretRef { /// name is unique within a namespace to reference a secret resource. @@ -83,7 +89,8 @@ pub struct TenantTenantSecretRef { pub struct TenantStatus { #[serde(rename = "adminId")] pub admin_id: i64, - /// Current state of the tenant resource. Conditions represent the latest available observations of an object's state + /// Current state of the tenant resource. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, #[serde(rename = "tenantId")] diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/activedocs.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/activedocs.rs index 4230a6662..00793240b 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/activedocs.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/activedocs.rs @@ -40,7 +40,8 @@ pub struct ActiveDocSpec { /// SkipSwaggerValidations switch to skip OpenAPI validation #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipSwaggerValidations")] pub skip_swagger_validations: Option, - /// SystemName identifies uniquely the activedoc within the account provider Default value will be sanitized Name + /// SystemName identifies uniquely the activedoc within the account provider + /// Default value will be sanitized Name #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemName")] pub system_name: Option, } @@ -62,22 +63,34 @@ pub struct ActiveDocActiveDocOpenApiRefSecretRef { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. + /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } @@ -85,7 +98,9 @@ pub struct ActiveDocActiveDocOpenApiRefSecretRef { /// ProviderAccountRef references account provider credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ActiveDocProviderAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -95,7 +110,8 @@ pub struct ActiveDocProviderAccountRef { pub struct ActiveDocStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeDocId")] pub active_doc_id: Option, - /// Current state of the activedoc resource. Conditions represent the latest available observations of an object's state + /// Current state of the activedoc resource. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration reflects the generation of the most recently observed Backend Spec. @@ -112,7 +128,9 @@ pub struct ActiveDocStatus { /// ProductResourceName references the managed 3scale product #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ActiveDocStatusProductResourceName { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/applications.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/applications.rs index a010f21d3..4bc47767e 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/applications.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/applications.rs @@ -40,7 +40,9 @@ pub struct ApplicationSpec { /// AccountCRName name of account custom resource under which the application will be created #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationAccountCr { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -48,7 +50,9 @@ pub struct ApplicationAccountCr { /// ProductCRName of product custom resource from which the application plan will be used #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ApplicationProductCr { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -58,7 +62,8 @@ pub struct ApplicationProductCr { pub struct ApplicationStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationID")] pub application_id: Option, - /// Current state of the 3scale application. Conditions represent the latest available observations of an object's state + /// Current state of the 3scale application. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration reflects the generation of the most recently observed Application Spec. diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/backends.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/backends.rs index 8f85f3614..079a2807f 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/backends.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/backends.rs @@ -25,10 +25,16 @@ pub struct BackendSpec { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "mappingRules")] pub mapping_rules: Option>, - /// Methods Map: system_name -> MethodSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. + /// Methods + /// Map: system_name -> MethodSpec + /// system_name attr is unique for all metrics AND methods + /// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, - /// Metrics Map: system_name -> MetricSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. + /// Metrics + /// Map: system_name -> MetricSpec + /// system_name attr is unique for all metrics AND methods + /// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option>, /// Name is human readable name for the backend @@ -39,7 +45,8 @@ pub struct BackendSpec { /// ProviderAccountRef references account provider credentials #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerAccountRef")] pub provider_account_ref: Option, - /// SystemName identifies uniquely the backend within the account provider Default value will be sanitized Name + /// SystemName identifies uniquely the backend within the account provider + /// Default value will be sanitized Name #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemName")] pub system_name: Option, } @@ -80,7 +87,10 @@ pub enum BackendMappingRulesHttpMethod { Connect, } -/// Methods Map: system_name -> MethodSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. +/// Methods +/// Map: system_name -> MethodSpec +/// system_name attr is unique for all metrics AND methods +/// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackendMethods { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -89,7 +99,10 @@ pub struct BackendMethods { pub friendly_name: Option, } -/// Metrics Map: system_name -> MetricSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. +/// Metrics +/// Map: system_name -> MetricSpec +/// system_name attr is unique for all metrics AND methods +/// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackendMetrics { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -103,7 +116,9 @@ pub struct BackendMetrics { /// ProviderAccountRef references account provider credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackendProviderAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -113,7 +128,8 @@ pub struct BackendProviderAccountRef { pub struct BackendStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendId")] pub backend_id: Option, - /// Current state of the 3scale backend. Conditions represent the latest available observations of an object's state + /// Current state of the 3scale backend. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration reflects the generation of the most recently observed Backend Spec. diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/custompolicydefinitions.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/custompolicydefinitions.rs index 23d657dcf..5e41e747f 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/custompolicydefinitions.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/custompolicydefinitions.rs @@ -34,7 +34,9 @@ pub struct CustomPolicyDefinitionSpec { /// ProviderAccountRef references account provider credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CustomPolicyDefinitionProviderAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -61,7 +63,8 @@ pub struct CustomPolicyDefinitionSchema { /// CustomPolicyDefinitionStatus defines the observed state of CustomPolicyDefinition #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CustomPolicyDefinitionStatus { - /// Current state of the custom policy resource. Conditions represent the latest available observations of an object's state + /// Current state of the custom policy resource. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration reflects the generation of the most recently observed Backend Spec. diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developeraccounts.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developeraccounts.rs index 562029d68..f19bbd59f 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developeraccounts.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developeraccounts.rs @@ -36,7 +36,9 @@ pub struct DeveloperAccountSpec { /// ProviderAccountRef references account provider credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeveloperAccountProviderAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -48,7 +50,8 @@ pub struct DeveloperAccountStatus { pub account_id: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "accountState")] pub account_state: Option, - /// Current state of the policy resource. Conditions represent the latest available observations of an object's state + /// Current state of the policy resource. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "creditCardStored")] diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developerusers.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developerusers.rs index 41fc727a4..3994d6320 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developerusers.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/developerusers.rs @@ -43,7 +43,9 @@ pub struct DeveloperUserSpec { /// DeveloperAccountRef is the reference to the parent developer account #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeveloperUserDeveloperAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -62,7 +64,9 @@ pub struct DeveloperUserPasswordCredentialsRef { /// ProviderAccountRef references account provider credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeveloperUserProviderAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -81,7 +85,8 @@ pub enum DeveloperUserRole { pub struct DeveloperUserStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "accoundID")] pub accound_id: Option, - /// Current state of the 3scale backend. Conditions represent the latest available observations of an object's state + /// Current state of the 3scale backend. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "developerUserID")] diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/openapis.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/openapis.rs index 14f480534..3258792dc 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/openapis.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/openapis.rs @@ -58,7 +58,10 @@ pub struct OpenAPIOidc { /// AuthenticationFlow specifies OAuth2.0 authorization grant type #[serde(default, skip_serializing_if = "Option::is_none", rename = "authenticationFlow")] pub authentication_flow: Option, - /// Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication + /// Credentials Location available options: + /// headers: As HTTP Headers + /// query: As query parameters (GET) or body parameters (POST/PUT/DELETE) + /// authorization: As HTTP Basic Authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, /// GatewayResponseSpec defines the desired gateway response configuration @@ -185,7 +188,9 @@ pub struct OpenAPIOidcSecurity { /// HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostHeader")] pub host_header: Option, - /// SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. + /// SecretToken Enables you to block any direct developer requests to your API backend; + /// each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. + /// The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretToken")] pub secret_token: Option, } @@ -207,22 +212,34 @@ pub struct OpenAPIOpenapiRefSecretRef { /// API version of the referent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. + /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, - /// Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] pub resource_version: Option, - /// UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } @@ -230,7 +247,9 @@ pub struct OpenAPIOpenapiRefSecretRef { /// ProviderAccountRef references account provider credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenAPIProviderAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -241,7 +260,8 @@ pub struct OpenAPIStatus { /// BackendResourceNames contains a list of references to the managed 3scale backends #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendResourceNames")] pub backend_resource_names: Option>, - /// Current state of the openapi resource. Conditions represent the latest available observations of an object's state + /// Current state of the openapi resource. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration reflects the generation of the most recently observed Backend Spec. @@ -255,10 +275,13 @@ pub struct OpenAPIStatus { pub provider_account_host: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenAPIStatusBackendResourceNames { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -266,7 +289,9 @@ pub struct OpenAPIStatusBackendResourceNames { /// ProductResourceName references the managed 3scale product #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenAPIStatusProductResourceName { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/products.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/products.rs index 184a6ade5..0ee610223 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/products.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/products.rs @@ -20,10 +20,13 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ProductSpec { - /// Application Plans Map: system_name -> Application Plan Spec + /// Application Plans + /// Map: system_name -> Application Plan Spec #[serde(default, skip_serializing_if = "Option::is_none", rename = "applicationPlans")] pub application_plans: Option>, - /// Backend usage will be a map of Map: system_name -> BackendUsageSpec Having system_name as the index, the structure ensures one backend is not used multiple times. + /// Backend usage will be a map of + /// Map: system_name -> BackendUsageSpec + /// Having system_name as the index, the structure ensures one backend is not used multiple times. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendUsages")] pub backend_usages: Option>, /// Deployment defined 3scale product deployment mode @@ -32,13 +35,20 @@ pub struct ProductSpec { /// Description is a human readable text of the product #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// Mapping Rules Array: MappingRule Spec + /// Mapping Rules + /// Array: MappingRule Spec #[serde(default, skip_serializing_if = "Option::is_none", rename = "mappingRules")] pub mapping_rules: Option>, - /// Methods Map: system_name -> MethodSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. + /// Methods + /// Map: system_name -> MethodSpec + /// system_name attr is unique for all metrics AND methods + /// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, - /// Metrics Map: system_name -> MetricSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. + /// Metrics + /// Map: system_name -> MetricSpec + /// system_name attr is unique for all metrics AND methods + /// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option>, /// Name is human readable name for the product @@ -49,15 +59,18 @@ pub struct ProductSpec { /// ProviderAccountRef references account provider credentials #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerAccountRef")] pub provider_account_ref: Option, - /// SystemName identifies uniquely the product within the account provider Default value will be sanitized Name + /// SystemName identifies uniquely the product within the account provider + /// Default value will be sanitized Name #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemName")] pub system_name: Option, } -/// Application Plans Map: system_name -> Application Plan Spec +/// Application Plans +/// Map: system_name -> Application Plan Spec #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductApplicationPlans { - /// Set whether or not applications can be created on demand or if approval is required from you before they are activated. + /// Set whether or not applications can be created on demand + /// or if approval is required from you before they are activated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appsRequireApproval")] pub apps_require_approval: Option, /// Cost per Month (USD) @@ -71,7 +84,8 @@ pub struct ProductApplicationPlans { /// Pricing Rules #[serde(default, skip_serializing_if = "Option::is_none", rename = "pricingRules")] pub pricing_rules: Option>, - /// Controls whether the application plan is published. If not specified it is hidden by default + /// Controls whether the application plan is published. If not specified it is + /// hidden by default #[serde(default, skip_serializing_if = "Option::is_none")] pub published: Option, /// Setup fee (USD) @@ -82,7 +96,8 @@ pub struct ProductApplicationPlans { pub trial_period: Option, } -/// LimitSpec defines the maximum value a metric can take on a contract before the user is no longer authorized to use resources. Once a limit has been passed in a given period, reject messages will be issued if the service is accessed under this contract. +/// LimitSpec defines the maximum value a metric can take on a contract before the user is no longer authorized to use resources. +/// Once a limit has been passed in a given period, reject messages will be issued if the service is accessed under this contract. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ProductApplicationPlansLimits { /// Metric or Method Reference @@ -97,7 +112,8 @@ pub struct ProductApplicationPlansLimits { /// Metric or Method Reference #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductApplicationPlansLimitsMetricMethodRef { - /// BackendSystemName identifies uniquely the backend Backend reference must be used by the product + /// BackendSystemName identifies uniquely the backend + /// Backend reference must be used by the product #[serde(default, skip_serializing_if = "Option::is_none")] pub backend: Option, /// SystemName identifies uniquely the metric or methods @@ -105,7 +121,8 @@ pub struct ProductApplicationPlansLimitsMetricMethodRef { pub system_name: String, } -/// LimitSpec defines the maximum value a metric can take on a contract before the user is no longer authorized to use resources. Once a limit has been passed in a given period, reject messages will be issued if the service is accessed under this contract. +/// LimitSpec defines the maximum value a metric can take on a contract before the user is no longer authorized to use resources. +/// Once a limit has been passed in a given period, reject messages will be issued if the service is accessed under this contract. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ProductApplicationPlansLimitsPeriod { #[serde(rename = "eternity")] @@ -124,7 +141,8 @@ pub enum ProductApplicationPlansLimitsPeriod { Minute, } -/// PricingRuleSpec defines the cost of each operation performed on an API. Multiple pricing rules on the same metric divide up the ranges of when a pricing rule applies. +/// PricingRuleSpec defines the cost of each operation performed on an API. +/// Multiple pricing rules on the same metric divide up the ranges of when a pricing rule applies. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductApplicationPlansPricingRules { /// Range From @@ -142,7 +160,8 @@ pub struct ProductApplicationPlansPricingRules { /// Metric or Method Reference #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductApplicationPlansPricingRulesMetricMethodRef { - /// BackendSystemName identifies uniquely the backend Backend reference must be used by the product + /// BackendSystemName identifies uniquely the backend + /// Backend reference must be used by the product #[serde(default, skip_serializing_if = "Option::is_none")] pub backend: Option, /// SystemName identifies uniquely the metric or methods @@ -150,7 +169,9 @@ pub struct ProductApplicationPlansPricingRulesMetricMethodRef { pub system_name: String, } -/// Backend usage will be a map of Map: system_name -> BackendUsageSpec Having system_name as the index, the structure ensures one backend is not used multiple times. +/// Backend usage will be a map of +/// Map: system_name -> BackendUsageSpec +/// Having system_name as the index, the structure ensures one backend is not used multiple times. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductBackendUsages { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -199,7 +220,10 @@ pub struct ProductDeploymentApicastHostedAuthenticationAppKeyAppId { /// AppKey is the name of the parameter that acts of behalf of app key #[serde(default, skip_serializing_if = "Option::is_none", rename = "appKey")] pub app_key: Option, - /// CredentialsLoc available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication + /// CredentialsLoc available options: + /// headers: As HTTP Headers + /// query: As query parameters (GET) or body parameters (POST/PUT/DELETE) + /// authorization: As HTTP Basic Authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, /// GatewayResponseSpec defines the desired gateway response configuration @@ -268,7 +292,9 @@ pub struct ProductDeploymentApicastHostedAuthenticationAppKeyAppIdSecurity { /// HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostHeader")] pub host_header: Option, - /// SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. + /// SecretToken Enables you to block any direct developer requests to your API backend; + /// each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. + /// The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretToken")] pub secret_token: Option, } @@ -279,7 +305,10 @@ pub struct ProductDeploymentApicastHostedAuthenticationOidc { /// AuthenticationFlow specifies OAuth2.0 authorization grant type #[serde(default, skip_serializing_if = "Option::is_none", rename = "authenticationFlow")] pub authentication_flow: Option, - /// Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication + /// Credentials Location available options: + /// headers: As HTTP Headers + /// query: As query parameters (GET) or body parameters (POST/PUT/DELETE) + /// authorization: As HTTP Basic Authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, /// GatewayResponseSpec defines the desired gateway response configuration @@ -406,7 +435,9 @@ pub struct ProductDeploymentApicastHostedAuthenticationOidcSecurity { /// HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostHeader")] pub host_header: Option, - /// SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. + /// SecretToken Enables you to block any direct developer requests to your API backend; + /// each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. + /// The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretToken")] pub secret_token: Option, } @@ -416,7 +447,10 @@ pub struct ProductDeploymentApicastHostedAuthenticationOidcSecurity { pub struct ProductDeploymentApicastHostedAuthenticationUserkey { #[serde(default, skip_serializing_if = "Option::is_none", rename = "authUserKey")] pub auth_user_key: Option, - /// Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication + /// Credentials Location available options: + /// headers: As HTTP Headers + /// query: As query parameters (GET) or body parameters (POST/PUT/DELETE) + /// authorization: As HTTP Basic Authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, /// GatewayResponseSpec defines the desired gateway response configuration @@ -485,7 +519,9 @@ pub struct ProductDeploymentApicastHostedAuthenticationUserkeySecurity { /// HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostHeader")] pub host_header: Option, - /// SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. + /// SecretToken Enables you to block any direct developer requests to your API backend; + /// each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. + /// The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretToken")] pub secret_token: Option, } @@ -525,7 +561,10 @@ pub struct ProductDeploymentApicastSelfManagedAuthenticationAppKeyAppId { /// AppKey is the name of the parameter that acts of behalf of app key #[serde(default, skip_serializing_if = "Option::is_none", rename = "appKey")] pub app_key: Option, - /// CredentialsLoc available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication + /// CredentialsLoc available options: + /// headers: As HTTP Headers + /// query: As query parameters (GET) or body parameters (POST/PUT/DELETE) + /// authorization: As HTTP Basic Authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, /// GatewayResponseSpec defines the desired gateway response configuration @@ -594,7 +633,9 @@ pub struct ProductDeploymentApicastSelfManagedAuthenticationAppKeyAppIdSecurity /// HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostHeader")] pub host_header: Option, - /// SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. + /// SecretToken Enables you to block any direct developer requests to your API backend; + /// each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. + /// The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretToken")] pub secret_token: Option, } @@ -605,7 +646,10 @@ pub struct ProductDeploymentApicastSelfManagedAuthenticationOidc { /// AuthenticationFlow specifies OAuth2.0 authorization grant type #[serde(default, skip_serializing_if = "Option::is_none", rename = "authenticationFlow")] pub authentication_flow: Option, - /// Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication + /// Credentials Location available options: + /// headers: As HTTP Headers + /// query: As query parameters (GET) or body parameters (POST/PUT/DELETE) + /// authorization: As HTTP Basic Authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, /// GatewayResponseSpec defines the desired gateway response configuration @@ -732,7 +776,9 @@ pub struct ProductDeploymentApicastSelfManagedAuthenticationOidcSecurity { /// HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostHeader")] pub host_header: Option, - /// SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. + /// SecretToken Enables you to block any direct developer requests to your API backend; + /// each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. + /// The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretToken")] pub secret_token: Option, } @@ -742,7 +788,10 @@ pub struct ProductDeploymentApicastSelfManagedAuthenticationOidcSecurity { pub struct ProductDeploymentApicastSelfManagedAuthenticationUserkey { #[serde(default, skip_serializing_if = "Option::is_none", rename = "authUserKey")] pub auth_user_key: Option, - /// Credentials Location available options: headers: As HTTP Headers query: As query parameters (GET) or body parameters (POST/PUT/DELETE) authorization: As HTTP Basic Authentication + /// Credentials Location available options: + /// headers: As HTTP Headers + /// query: As query parameters (GET) or body parameters (POST/PUT/DELETE) + /// authorization: As HTTP Basic Authentication #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, /// GatewayResponseSpec defines the desired gateway response configuration @@ -811,7 +860,9 @@ pub struct ProductDeploymentApicastSelfManagedAuthenticationUserkeySecurity { /// HostHeader Lets you define a custom Host request header. This is needed if your API backend only accepts traffic from a specific host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostHeader")] pub host_header: Option, - /// SecretToken Enables you to block any direct developer requests to your API backend; each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. + /// SecretToken Enables you to block any direct developer requests to your API backend; + /// each 3scale API gateway call to your API backend contains a request header called X-3scale-proxy-secret-token. + /// The value of this header can be set by you here. It's up to you ensure your backend only allows calls with this secret header. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretToken")] pub secret_token: Option, } @@ -852,7 +903,10 @@ pub enum ProductMappingRulesHttpMethod { Connect, } -/// Methods Map: system_name -> MethodSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. +/// Methods +/// Map: system_name -> MethodSpec +/// system_name attr is unique for all metrics AND methods +/// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductMethods { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -861,7 +915,10 @@ pub struct ProductMethods { pub friendly_name: Option, } -/// Metrics Map: system_name -> MetricSpec system_name attr is unique for all metrics AND methods In other words, if metric's system_name is A, there is no metric or method with system_name A. +/// Metrics +/// Map: system_name -> MetricSpec +/// system_name attr is unique for all metrics AND methods +/// In other words, if metric's system_name is A, there is no metric or method with system_name A. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductMetrics { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -903,7 +960,9 @@ pub struct ProductPoliciesConfigurationRef { /// ProviderAccountRef references account provider credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductProviderAccountRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -911,7 +970,8 @@ pub struct ProductProviderAccountRef { /// ProductStatus defines the observed state of Product #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProductStatus { - /// Current state of the 3scale product. Conditions represent the latest available observations of an object's state + /// Current state of the 3scale product. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// ObservedGeneration reflects the generation of the most recently observed Product Spec. diff --git a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs index 77104d505..c7a88f071 100644 --- a/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs +++ b/kube-custom-resources-rs/src/capabilities_3scale_net/v1beta1/proxyconfigpromotes.rs @@ -33,7 +33,8 @@ pub struct ProxyConfigPromoteSpec { /// ProxyConfigPromoteStatus defines the observed state of ProxyConfigPromote #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProxyConfigPromoteStatus { - /// Current state of the ProxyConfigPromote resource. Conditions represent the latest available observations of an object's state + /// Current state of the ProxyConfigPromote resource. + /// Conditions represent the latest available observations of an object's state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// The latest Version in production diff --git a/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs b/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs index 066a711f3..0c7c8172b 100644 --- a/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs +++ b/kube-custom-resources-rs/src/cassandra_datastax_com/v1beta1/cassandradatacenters.rs @@ -67,7 +67,6 @@ pub struct CassandraDatacenterSpec { /// secret is expected to have a property named config whose value should be a JSON /// formatted string that should look like this: /// - /// /// config: |- /// { /// "cassandra-yaml": { @@ -78,7 +77,6 @@ pub struct CassandraDatacenterSpec { /// } /// } /// - /// /// ConfigSecret is mutually exclusive with Config. ConfigSecret takes precedence and /// will be used exclusively if both properties are set. The operator sets a watch such /// that an update to the secret will trigger an update of the StatefulSets. @@ -309,11 +307,9 @@ pub struct CassandraDatacenterConfigBuilderResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -336,6 +332,11 @@ pub struct CassandraDatacenterConfigBuilderResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -465,7 +466,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "ephemeralContainers")] pub ephemeral_containers: Option>, /// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts - /// file if specified. This is only valid for non-hostNetwork pods. + /// file if specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] pub host_aliases: Option>, /// Use the host's ipc namespace. @@ -516,9 +517,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpec { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, - /// NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - /// the scheduler simply schedules this pod onto that node, assuming that it fits resource - /// requirements. + /// NodeName indicates in which node this pod is scheduled. + /// If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. + /// Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. + /// This field should not be used to express a desire for the pod to be scheduled on a specific node. + /// https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] pub node_name: Option, /// NodeSelector is a selector which must be true for the pod to fit on a node. @@ -529,15 +532,14 @@ pub struct CassandraDatacenterPodTemplateSpecSpec { /// Specifies the OS of the containers in the pod. /// Some pod and container fields are restricted if this is set. /// - /// /// If the OS field is set to linux, the following fields must be unset: /// -securityContext.windowsOptions /// - /// /// If the OS field is set to windows, following fields must be unset: /// - spec.hostPID /// - spec.hostIPC /// - spec.hostUsers + /// - spec.securityContext.appArmorProfile /// - spec.securityContext.seLinuxOptions /// - spec.securityContext.seccompProfile /// - spec.securityContext.fsGroup @@ -547,6 +549,8 @@ pub struct CassandraDatacenterPodTemplateSpecSpec { /// - spec.securityContext.runAsUser /// - spec.securityContext.runAsGroup /// - spec.securityContext.supplementalGroups + /// - spec.securityContext.supplementalGroupsPolicy + /// - spec.containers[*].securityContext.appArmorProfile /// - spec.containers[*].securityContext.seLinuxOptions /// - spec.containers[*].securityContext.seccompProfile /// - spec.containers[*].securityContext.capabilities @@ -598,11 +602,9 @@ pub struct CassandraDatacenterPodTemplateSpecSpec { /// will be made available to those containers which consume them /// by name. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaims")] pub resource_claims: Option>, @@ -627,18 +629,14 @@ pub struct CassandraDatacenterPodTemplateSpecSpec { /// If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the /// scheduler will not attempt to schedule the pod. /// - /// /// SchedulingGates can only be set at pod creation time, and be removed only afterwards. - /// - /// - /// This is a beta feature enabled by the PodSchedulingReadiness feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingGates")] pub scheduling_gates: Option>, /// SecurityContext holds pod-level security attributes and common container settings. /// Optional: Defaults to empty. See type description for default values of each field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. + /// DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. /// Deprecated: Use serviceAccountName instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, @@ -888,24 +886,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecAffinityPodAffinityPreferredDur pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1009,24 +1007,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecAffinityPodAffinityRequiredDuri pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1161,24 +1159,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecAffinityPodAntiAffinityPreferre pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1282,24 +1280,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecAffinityPodAntiAffinityRequired pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1602,8 +1600,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersEnvValueFromConfigMap /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1643,8 +1643,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersEnvValueFromSecretKey /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1670,8 +1672,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1683,8 +1687,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1969,7 +1975,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2120,7 +2125,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2192,11 +2196,9 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2219,6 +2221,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -2235,6 +2242,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2247,7 +2259,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2301,6 +2313,26 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CassandraDatacenterPodTemplateSpecSpecContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2350,7 +2382,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersSecurityContextSeccom /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2462,7 +2493,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2534,6 +2564,8 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2542,6 +2574,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2593,7 +2643,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecDnsConfigOptions { /// removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the /// Pod to exceed its resource allocation. /// -/// /// To add an ephemeral container, use the ephemeralcontainers subresource of an existing /// Pod. Ephemeral containers may not be removed or restarted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2694,7 +2743,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainers { /// The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. /// If not set then the ephemeral container uses the namespaces configured in the Pod spec. /// - /// /// The container runtime must implement support for this feature. If the runtime does not /// support namespace targeting then the result of setting this field is undefined. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetContainerName")] @@ -2782,8 +2830,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersEnvValueFrom /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2823,8 +2873,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersEnvValueFrom /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2850,8 +2902,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2863,8 +2917,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersEnvFromConfi #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3145,7 +3201,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersLivenessProb /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3293,7 +3348,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersReadinessPro /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3364,11 +3418,9 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -3391,6 +3443,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersResourcesCla /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Optional: SecurityContext defines the security options the ephemeral container should be run with. @@ -3406,6 +3463,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersSecurityCont /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3418,7 +3480,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersSecurityCont #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -3472,6 +3534,26 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersSecurityCont pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3521,7 +3603,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersSecurityCont /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3627,7 +3708,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersStartupProbe /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3699,6 +3779,8 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersVolumeMounts /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -3707,6 +3789,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecEphemeralContainersVolumeMounts /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -3727,8 +3827,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } /// LocalObjectReference contains enough information to let you locate the @@ -3736,8 +3835,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecHostAliases { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3955,8 +4056,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersEnvValueFromConfi /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3996,8 +4099,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersEnvValueFromSecre /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4023,8 +4128,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -4036,8 +4143,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersEnvFromConfigMapR #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -4322,7 +4431,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersLivenessProbeGrpc /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4473,7 +4581,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersReadinessProbeGrp /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4545,11 +4652,9 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -4572,6 +4677,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -4588,6 +4698,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4600,7 +4715,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -4654,6 +4769,26 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4703,7 +4838,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersSecurityContextSe /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -4815,7 +4949,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersStartupProbeGrpc /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4887,6 +5020,8 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4895,6 +5030,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4910,15 +5063,14 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersVolumeMounts { /// Specifies the OS of the containers in the pod. /// Some pod and container fields are restricted if this is set. /// -/// /// If the OS field is set to linux, the following fields must be unset: /// -securityContext.windowsOptions /// -/// /// If the OS field is set to windows, following fields must be unset: /// - spec.hostPID /// - spec.hostIPC /// - spec.hostUsers +/// - spec.securityContext.appArmorProfile /// - spec.securityContext.seLinuxOptions /// - spec.securityContext.seccompProfile /// - spec.securityContext.fsGroup @@ -4928,6 +5080,8 @@ pub struct CassandraDatacenterPodTemplateSpecSpecInitContainersVolumeMounts { /// - spec.securityContext.runAsUser /// - spec.securityContext.runAsGroup /// - spec.securityContext.supplementalGroups +/// - spec.securityContext.supplementalGroupsPolicy +/// - spec.containers[*].securityContext.appArmorProfile /// - spec.containers[*].securityContext.seLinuxOptions /// - spec.containers[*].securityContext.seccompProfile /// - spec.containers[*].securityContext.capabilities @@ -4954,7 +5108,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecReadinessGates { pub condition_type: String, } -/// PodResourceClaim references exactly one ResourceClaim through a ClaimSource. +/// PodResourceClaim references exactly one ResourceClaim, either directly +/// or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim +/// for the pod. +/// /// It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. /// Containers that need access to the ResourceClaim reference it with this name. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -4962,32 +5119,28 @@ pub struct CassandraDatacenterPodTemplateSpecSpecResourceClaims { /// Name uniquely identifies this resource claim inside the pod. /// This must be a DNS_LABEL. pub name: String, - /// Source describes where to find the ResourceClaim. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source: Option, -} - -/// Source describes where to find the ResourceClaim. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CassandraDatacenterPodTemplateSpecSpecResourceClaimsSource { /// ResourceClaimName is the name of a ResourceClaim object in the same /// namespace as this pod. + /// + /// Exactly one of ResourceClaimName and ResourceClaimTemplateName must + /// be set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimName")] pub resource_claim_name: Option, /// ResourceClaimTemplateName is the name of a ResourceClaimTemplate /// object in the same namespace as this pod. /// - /// /// The template will be used to create a new ResourceClaim, which will /// be bound to this pod. When this pod is deleted, the ResourceClaim /// will also be deleted. The pod name and resource name, along with a /// generated component, will be used to form a unique name for the /// ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. /// - /// /// This field is immutable and no changes will be made to the /// corresponding ResourceClaim by the control plane after creating the /// ResourceClaim. + /// + /// Exactly one of ResourceClaimName and ResourceClaimTemplateName must + /// be set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimTemplateName")] pub resource_claim_template_name: Option, } @@ -5004,16 +5157,18 @@ pub struct CassandraDatacenterPodTemplateSpecSpecSchedulingGates { /// Optional: Defaults to empty. See type description for default values of each field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -5063,15 +5218,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -5085,6 +5249,25 @@ pub struct CassandraDatacenterPodTemplateSpecSpecSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CassandraDatacenterPodTemplateSpecSpecSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -5120,7 +5303,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -5212,7 +5394,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecTopologySpreadConstraints { /// Keys that don't exist in the incoming pod labels will /// be ignored. A null or empty list means only match against labelSelector. /// - /// /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, @@ -5246,7 +5427,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecTopologySpreadConstraints { /// Valid values are integers greater than 0. /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. /// - /// /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same /// labelSelector spread as 2/2/2: /// | zone1 | zone2 | zone3 | @@ -5255,9 +5435,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecTopologySpreadConstraints { /// In this situation, new pod with the same labelSelector cannot be scheduled, /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector @@ -5265,7 +5442,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecTopologySpreadConstraints { /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. /// - /// /// If this value is nil, the behavior is equivalent to the Honor policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] @@ -5276,7 +5452,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecTopologySpreadConstraints { /// has a toleration, are included. /// - Ignore: node taints are ignored. All nodes are included. /// - /// /// If this value is nil, the behavior is equivalent to the Ignore policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] @@ -5385,7 +5560,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumes { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -5396,17 +5570,14 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumes { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5441,11 +5612,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumes { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -5504,7 +5688,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesAwsElasticBlockStore { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -5597,8 +5780,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesCephfsSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5633,8 +5818,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesCinderSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5661,8 +5848,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5726,8 +5915,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesCsiNodePublishSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5753,7 +5944,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -5772,7 +5963,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -5821,7 +6012,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEmptyDir { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -5832,17 +6022,14 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEmptyDir { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -5855,7 +6042,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -5865,11 +6051,9 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -5883,7 +6067,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -5893,11 +6076,9 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEphemeralVolumeClaimTemplate { @@ -5999,8 +6180,8 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesEphemeralVolumeClaimTemp /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -6129,7 +6310,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -6183,8 +6363,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesFlexVolumeSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6210,7 +6392,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesGcePersistentDisk { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -6272,9 +6453,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesGlusterfs { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesHostPath { /// path of the directory on the host. @@ -6288,6 +6466,39 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CassandraDatacenterPodTemplateSpecSpecVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -6303,7 +6514,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -6340,8 +6550,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesIscsiSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6419,25 +6631,24 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// - /// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// - /// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// - /// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -6462,14 +6673,11 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// -/// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// -/// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// -/// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -6549,8 +6757,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSourcesConfigMa #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6589,7 +6799,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSourcesDownward /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -6608,7 +6818,7 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSourcesDownward pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -6646,8 +6856,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -6732,7 +6944,6 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -6776,8 +6987,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesRbdSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6827,8 +7040,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesScaleIoSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6919,8 +7134,10 @@ pub struct CassandraDatacenterPodTemplateSpecSpecVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterPodTemplateSpecSpecVolumesStorageosSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -7162,24 +7379,24 @@ pub struct CassandraDatacenterRacksAffinityPodAffinityPreferredDuringSchedulingI pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7283,24 +7500,24 @@ pub struct CassandraDatacenterRacksAffinityPodAffinityRequiredDuringSchedulingIg pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7435,24 +7652,24 @@ pub struct CassandraDatacenterRacksAffinityPodAntiAffinityPreferredDuringSchedul pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7556,24 +7773,24 @@ pub struct CassandraDatacenterRacksAffinityPodAntiAffinityRequiredDuringScheduli pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7669,11 +7886,9 @@ pub struct CassandraDatacenterResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -7696,6 +7911,11 @@ pub struct CassandraDatacenterResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// CassandraDatacenterSpec defines the desired state of a CassandraDatacenter @@ -7802,8 +8022,8 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesPvcSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -7964,7 +8184,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSource { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -7975,17 +8194,14 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSource { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8020,11 +8236,24 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSource { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -8079,7 +8308,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceAwsElast /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -8172,8 +8400,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceCephfsSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8208,8 +8438,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceCinderSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8236,8 +8468,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceConfigMa #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -8301,8 +8535,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceCsiNodePublishSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8328,7 +8564,7 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceDownward /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -8347,7 +8583,7 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceDownward pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -8396,7 +8632,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEmptyDir /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -8407,17 +8642,14 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEmptyDir /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -8430,7 +8662,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEphemera /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -8440,11 +8671,9 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEphemera /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -8458,7 +8687,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEphemera /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -8468,11 +8696,9 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEphemera /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEphemeralVolumeClaimTemplate { @@ -8574,8 +8800,8 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceEphemera /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -8704,7 +8930,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -8758,8 +8983,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceFlexVolu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceFlexVolumeSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8785,7 +9012,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceGcePersi /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -8847,9 +9073,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceGlusterf /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceHostPath { /// path of the directory on the host. @@ -8863,6 +9086,39 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceHostPath pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -8878,7 +9134,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -8915,8 +9170,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceIscsiSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8994,25 +9251,24 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjecte /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// - /// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// - /// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// - /// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -9037,14 +9293,11 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjecte /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// -/// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// -/// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// -/// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -9124,8 +9377,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjecte #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -9164,7 +9419,7 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjecte /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -9183,7 +9438,7 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjecte pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -9221,8 +9476,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceProjecte #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -9307,7 +9564,6 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -9351,8 +9607,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceRbdSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9402,8 +9660,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceScaleIo #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceScaleIoSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9494,8 +9754,10 @@ pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceStorageo #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CassandraDatacenterStorageConfigAdditionalVolumesVolumeSourceStorageosSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9586,8 +9848,8 @@ pub struct CassandraDatacenterStorageConfigCassandraDataVolumeClaimSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -9716,11 +9978,9 @@ pub struct CassandraDatacenterSystemLoggerResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -9743,6 +10003,11 @@ pub struct CassandraDatacenterSystemLoggerResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches diff --git a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephblockpools.rs b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephblockpools.rs index ee5584c1e..7a53a9c8f 100644 --- a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephblockpools.rs +++ b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephblockpools.rs @@ -241,6 +241,9 @@ pub struct CephBlockPoolStatus { /// ConditionType represent a resource's status #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, + /// optional + #[serde(default, skip_serializing_if = "Option::is_none", rename = "poolID")] + pub pool_id: Option, /// SnapshotScheduleStatusSpec is the status of the snapshot schedule #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotScheduleStatus")] pub snapshot_schedule_status: Option, diff --git a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystems.rs b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystems.rs index 27ef417ee..42d4af376 100644 --- a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystems.rs +++ b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephfilesystems.rs @@ -36,6 +36,9 @@ pub struct CephFilesystemSpec { /// Preserve the fs in the cluster on CephFilesystem CR deletion. Setting this to true automatically implies PreservePoolsOnDelete is true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preserveFilesystemOnDelete")] pub preserve_filesystem_on_delete: Option, + /// Preserve pool names as specified + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preservePoolNames")] + pub preserve_pool_names: Option, /// Preserve pools on filesystem deletion #[serde(default, skip_serializing_if = "Option::is_none", rename = "preservePoolsOnDelete")] pub preserve_pools_on_delete: Option, @@ -264,6 +267,9 @@ pub struct CephFilesystemMetadataPool { /// The mirroring settings #[serde(default, skip_serializing_if = "Option::is_none")] pub mirroring: Option, + /// Name of the pool + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, /// Parameters is a list of properties to enable on a given pool #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, @@ -465,17 +471,17 @@ pub struct CephFilesystemMetadataServerLivenessProbe { /// alive or ready to receive traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerLivenessProbeProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -490,7 +496,7 @@ pub struct CephFilesystemMetadataServerLivenessProbeProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] @@ -502,7 +508,7 @@ pub struct CephFilesystemMetadataServerLivenessProbeProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerLivenessProbeProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -514,7 +520,7 @@ pub struct CephFilesystemMetadataServerLivenessProbeProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerLivenessProbeProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -527,7 +533,7 @@ pub struct CephFilesystemMetadataServerLivenessProbeProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerLivenessProbeProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -560,7 +566,7 @@ pub struct CephFilesystemMetadataServerLivenessProbeProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerLivenessProbeProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -980,17 +986,17 @@ pub struct CephFilesystemMetadataServerStartupProbe { /// alive or ready to receive traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerStartupProbeProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1005,7 +1011,7 @@ pub struct CephFilesystemMetadataServerStartupProbeProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] @@ -1017,7 +1023,7 @@ pub struct CephFilesystemMetadataServerStartupProbeProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerStartupProbeProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1029,7 +1035,7 @@ pub struct CephFilesystemMetadataServerStartupProbeProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerStartupProbeProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1042,7 +1048,7 @@ pub struct CephFilesystemMetadataServerStartupProbeProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerStartupProbeProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1075,7 +1081,7 @@ pub struct CephFilesystemMetadataServerStartupProbeProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephFilesystemMetadataServerStartupProbeProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. diff --git a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephnfses.rs b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephnfses.rs index 8c1ea49ad..9a66cb405 100644 --- a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephnfses.rs +++ b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephnfses.rs @@ -1103,17 +1103,17 @@ pub struct CephNFSServerLivenessProbe { /// alive or ready to receive traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephNFSServerLivenessProbeProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1128,7 +1128,7 @@ pub struct CephNFSServerLivenessProbeProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] @@ -1140,7 +1140,7 @@ pub struct CephNFSServerLivenessProbeProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephNFSServerLivenessProbeProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1152,7 +1152,7 @@ pub struct CephNFSServerLivenessProbeProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephNFSServerLivenessProbeProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1165,7 +1165,7 @@ pub struct CephNFSServerLivenessProbeProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephNFSServerLivenessProbeProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1198,7 +1198,7 @@ pub struct CephNFSServerLivenessProbeProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephNFSServerLivenessProbeProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. diff --git a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs index 5baf8fc7b..aa5727d48 100644 --- a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs +++ b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs @@ -320,6 +320,9 @@ pub struct CephObjectStoreGateway { /// The labels-related configuration to add/set on each Pod related object. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, + /// Enable enhanced operation Logs for S3 in a sidecar named ops-log + #[serde(default, skip_serializing_if = "Option::is_none", rename = "opsLogSidecar")] + pub ops_log_sidecar: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub placement: Option, /// The port the rgw service will be listening on (http) @@ -331,6 +334,18 @@ pub struct CephObjectStoreGateway { /// The resource requirements for the rgw pods #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RgwCommandFlags sets Ceph RGW config values for the gateway clients that serve this object + /// store. Values are modified at RGW startup, resulting in RGW pod restarts. + /// This feature is intended for advanced users. It allows breaking configurations to be easily + /// applied. Use with caution. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rgwCommandFlags")] + pub rgw_command_flags: Option>, + /// RgwConfig sets Ceph RGW config values for the gateway clients that serve this object store. + /// Values are modified at runtime without RGW restart. + /// This feature is intended for advanced users. It allows breaking configurations to be easily + /// applied. Use with caution. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rgwConfig")] + pub rgw_config: Option>, /// The port the rgw service will be listening on (https) #[serde(default, skip_serializing_if = "Option::is_none", rename = "securePort")] pub secure_port: Option, @@ -577,6 +592,52 @@ pub struct CephObjectStoreGatewayExternalRgwEndpoints { pub ip: Option, } +/// Enable enhanced operation Logs for S3 in a sidecar named ops-log +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreGatewayOpsLogSidecar { + /// Resources represents the way to specify resource requirements for the ops-log sidecar + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// Resources represents the way to specify resource requirements for the ops-log sidecar +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreGatewayOpsLogSidecarResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreGatewayOpsLogSidecarResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreGatewayPlacement { #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] @@ -1006,17 +1067,17 @@ pub struct CephObjectStoreHealthCheckReadinessProbe { /// alive or ready to receive traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckReadinessProbeProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1031,7 +1092,7 @@ pub struct CephObjectStoreHealthCheckReadinessProbeProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] @@ -1043,7 +1104,7 @@ pub struct CephObjectStoreHealthCheckReadinessProbeProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckReadinessProbeProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1055,7 +1116,7 @@ pub struct CephObjectStoreHealthCheckReadinessProbeProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckReadinessProbeProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1068,7 +1129,7 @@ pub struct CephObjectStoreHealthCheckReadinessProbeProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckReadinessProbeProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1101,7 +1162,7 @@ pub struct CephObjectStoreHealthCheckReadinessProbeProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckReadinessProbeProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1129,17 +1190,17 @@ pub struct CephObjectStoreHealthCheckStartupProbe { /// alive or ready to receive traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckStartupProbeProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1154,7 +1215,7 @@ pub struct CephObjectStoreHealthCheckStartupProbeProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] @@ -1166,7 +1227,7 @@ pub struct CephObjectStoreHealthCheckStartupProbeProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckStartupProbeProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1178,7 +1239,7 @@ pub struct CephObjectStoreHealthCheckStartupProbeProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckStartupProbeProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1191,7 +1252,7 @@ pub struct CephObjectStoreHealthCheckStartupProbeProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckStartupProbeProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1224,7 +1285,7 @@ pub struct CephObjectStoreHealthCheckStartupProbeProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreHealthCheckStartupProbeProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1469,6 +1530,12 @@ pub struct CephObjectStoreMetadataPoolStatusCheckMirror { /// The protocol specification #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreProtocols { + /// Represents RGW 'rgw_enable_apis' config option. See: https://docs.ceph.com/en/reef/radosgw/config-ref/#confval-rgw_enable_apis + /// If no value provided then all APIs will be enabled: s3, s3website, swift, swift_auth, admin, sts, iam, notifications + /// If enabled APIs are set, all remaining APIs will be disabled. + /// This option overrides S3.Enabled value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableAPIs")] + pub enable_ap_is: Option>, /// The spec for S3 #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, @@ -1483,6 +1550,7 @@ pub struct CephObjectStoreProtocolsS3 { /// Whether to use Keystone for authentication. This option maps directly to the rgw_s3_auth_use_keystone option. Enabling it allows generating S3 credentials via an OpenStack API call, see the docs. If not given, the defaults of the corresponding RGW option apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authUseKeystone")] pub auth_use_keystone: Option, + /// Deprecated: use protocol.enableAPIs instead. /// Whether to enable S3. This defaults to true (even if protocols.s3 is not present in the CRD). This maintains backwards compatibility – by default S3 is enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs index 1f47daa62..9070b6462 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/certificates.rs @@ -252,21 +252,30 @@ pub struct CertificateKeystoresJks { /// Create enables JKS keystore creation for the Certificate. /// If true, a file named `keystore.jks` will be created in the target /// Secret resource, encrypted using the password stored in - /// `passwordSecretRef`. + /// `passwordSecretRef` or `password`. /// The keystore file will be updated immediately. /// If the issuer provided a CA certificate, a file named `truststore.jks` /// will also be created in the target Secret resource, encrypted using the /// password stored in `passwordSecretRef` /// containing the issuing Certificate Authority pub create: bool, - /// PasswordSecretRef is a reference to a key in a Secret resource + /// Password provides a literal password used to encrypt the JKS keystore. + /// Mutually exclusive with passwordSecretRef. + /// One of password or passwordSecretRef must provide a password with a non-zero length. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// PasswordSecretRef is a reference to a non-empty key in a Secret resource /// containing the password used to encrypt the JKS keystore. - #[serde(rename = "passwordSecretRef")] - pub password_secret_ref: CertificateKeystoresJksPasswordSecretRef, + /// Mutually exclusive with password. + /// One of password or passwordSecretRef must provide a password with a non-zero length. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordSecretRef")] + pub password_secret_ref: Option, } -/// PasswordSecretRef is a reference to a key in a Secret resource +/// PasswordSecretRef is a reference to a non-empty key in a Secret resource /// containing the password used to encrypt the JKS keystore. +/// Mutually exclusive with password. +/// One of password or passwordSecretRef must provide a password with a non-zero length. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CertificateKeystoresJksPasswordSecretRef { /// The key of the entry in the Secret resource's `data` field to be used. @@ -286,17 +295,24 @@ pub struct CertificateKeystoresPkcs12 { /// Create enables PKCS12 keystore creation for the Certificate. /// If true, a file named `keystore.p12` will be created in the target /// Secret resource, encrypted using the password stored in - /// `passwordSecretRef`. + /// `passwordSecretRef` or in `password`. /// The keystore file will be updated immediately. /// If the issuer provided a CA certificate, a file named `truststore.p12` will /// also be created in the target Secret resource, encrypted using the /// password stored in `passwordSecretRef` containing the issuing Certificate /// Authority pub create: bool, - /// PasswordSecretRef is a reference to a key in a Secret resource - /// containing the password used to encrypt the PKCS12 keystore. - #[serde(rename = "passwordSecretRef")] - pub password_secret_ref: CertificateKeystoresPkcs12PasswordSecretRef, + /// Password provides a literal password used to encrypt the PKCS#12 keystore. + /// Mutually exclusive with passwordSecretRef. + /// One of password or passwordSecretRef must provide a password with a non-zero length. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// PasswordSecretRef is a reference to a non-empty key in a Secret resource + /// containing the password used to encrypt the PKCS#12 keystore. + /// Mutually exclusive with password. + /// One of password or passwordSecretRef must provide a password with a non-zero length. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordSecretRef")] + pub password_secret_ref: Option, /// Profile specifies the key and certificate encryption algorithms and the HMAC algorithm /// used to create the PKCS12 keystore. Default value is `LegacyRC2` for backward compatibility. /// @@ -310,8 +326,10 @@ pub struct CertificateKeystoresPkcs12 { pub profile: Option, } -/// PasswordSecretRef is a reference to a key in a Secret resource -/// containing the password used to encrypt the PKCS12 keystore. +/// PasswordSecretRef is a reference to a non-empty key in a Secret resource +/// containing the password used to encrypt the PKCS#12 keystore. +/// Mutually exclusive with password. +/// One of password or passwordSecretRef must provide a password with a non-zero length. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CertificateKeystoresPkcs12PasswordSecretRef { /// The key of the entry in the Secret resource's `data` field to be used. diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs index 7242c81c8..3c8a41c25 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs @@ -85,7 +85,7 @@ pub struct ClusterIssuerAcme { /// PreferredChain is the chain to use if the ACME server outputs multiple. /// PreferredChain is no guarantee that this one gets delivered by the ACME /// endpoint. - /// For example, for Let's Encrypt's DST crosssign you would use: + /// For example, for Let's Encrypt's DST cross-sign you would use: /// "DST Root CA X3" or "ISRG Root X1" for the newer Let's Encrypt root CA. /// This value picks the first certificate bundle in the combined set of /// ACME default and alternative chains that has a root-most certificate with @@ -416,14 +416,14 @@ pub enum ClusterIssuerAcmeSolversDns01AzureDnsEnvironment { /// If set, ClientID, ClientSecret and TenantID must not be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterIssuerAcmeSolversDns01AzureDnsManagedIdentity { - /// client ID of the managed identity, can not be used at the same time as resourceID + /// client ID of the managed identity, cannot be used at the same time as resourceID #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientID")] pub client_id: Option, - /// resource ID of the managed identity, can not be used at the same time as clientID + /// resource ID of the managed identity, cannot be used at the same time as clientID /// Cannot be used for Azure Managed Service Identity #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceID")] pub resource_id: Option, - /// tenant ID of the managed identity, can not be used at the same time as resourceID + /// tenant ID of the managed identity, cannot be used at the same time as resourceID #[serde(default, skip_serializing_if = "Option::is_none", rename = "tenantID")] pub tenant_id: Option, } diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs index 9c33f0837..40d37c70c 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs @@ -86,7 +86,7 @@ pub struct IssuerAcme { /// PreferredChain is the chain to use if the ACME server outputs multiple. /// PreferredChain is no guarantee that this one gets delivered by the ACME /// endpoint. - /// For example, for Let's Encrypt's DST crosssign you would use: + /// For example, for Let's Encrypt's DST cross-sign you would use: /// "DST Root CA X3" or "ISRG Root X1" for the newer Let's Encrypt root CA. /// This value picks the first certificate bundle in the combined set of /// ACME default and alternative chains that has a root-most certificate with @@ -417,14 +417,14 @@ pub enum IssuerAcmeSolversDns01AzureDnsEnvironment { /// If set, ClientID, ClientSecret and TenantID must not be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IssuerAcmeSolversDns01AzureDnsManagedIdentity { - /// client ID of the managed identity, can not be used at the same time as resourceID + /// client ID of the managed identity, cannot be used at the same time as resourceID #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientID")] pub client_id: Option, - /// resource ID of the managed identity, can not be used at the same time as clientID + /// resource ID of the managed identity, cannot be used at the same time as clientID /// Cannot be used for Azure Managed Service Identity #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceID")] pub resource_id: Option, - /// tenant ID of the managed identity, can not be used at the same time as resourceID + /// tenant ID of the managed identity, cannot be used at the same time as resourceID #[serde(default, skip_serializing_if = "Option::is_none", rename = "tenantID")] pub tenant_id: Option, } diff --git a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs index 31bebdfe6..b5f992a0a 100644 --- a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs +++ b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/configurations.rs @@ -155,6 +155,9 @@ pub struct ConfigurationCatchCommand { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -558,6 +561,9 @@ pub struct ConfigurationCatchScript { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, diff --git a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs index 4faf78997..82e20eed4 100644 --- a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs +++ b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha1/tests.rs @@ -166,6 +166,9 @@ pub struct TestCatchCommand { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -569,6 +572,9 @@ pub struct TestCatchScript { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -954,6 +960,9 @@ pub struct TestStepsCatchCommand { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -1357,6 +1366,9 @@ pub struct TestStepsCatchScript { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -1603,6 +1615,9 @@ pub struct TestStepsCleanupCommand { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -2006,6 +2021,9 @@ pub struct TestStepsCleanupScript { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -2280,6 +2298,9 @@ pub struct TestStepsFinallyCommand { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -2683,6 +2704,9 @@ pub struct TestStepsFinallyScript { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -3144,6 +3168,9 @@ pub struct TestStepsTryCommand { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -3888,6 +3915,9 @@ pub struct TestStepsTryScript { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, diff --git a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs index dd275e524..ca5549c63 100644 --- a/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs +++ b/kube-custom-resources-rs/src/chainsaw_kyverno_io/v1alpha2/configurations.rs @@ -179,6 +179,9 @@ pub struct ConfigurationErrorCatchCommand { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, @@ -582,6 +585,9 @@ pub struct ConfigurationErrorCatchScript { /// Outputs defines output bindings. #[serde(default, skip_serializing_if = "Option::is_none")] pub outputs: Option>, + /// SkipCommandOutput removes the command from the output logs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipCommandOutput")] + pub skip_command_output: Option, /// SkipLogOutput removes the output from the command. Useful for sensitive logs or to reduce noise. #[serde(default, skip_serializing_if = "Option::is_none", rename = "skipLogOutput")] pub skip_log_output: Option, diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/awschaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/awschaos.rs index c45ad0230..57154bc23 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/awschaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/awschaos.rs @@ -16,12 +16,15 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct AWSChaosSpec { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: AWSChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -39,7 +42,8 @@ pub struct AWSChaosSpec { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/azurechaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/azurechaos.rs index 37501cfc3..d9f0bb026 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/azurechaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/azurechaos.rs @@ -16,15 +16,19 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct AzureChaosSpec { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: AzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/blockchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/blockchaos.rs index 68874425c..a507d801b 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/blockchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/blockchaos.rs @@ -17,9 +17,11 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct BlockChaosSpec { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: BlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -28,14 +30,18 @@ pub struct BlockChaosSpec { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: BlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: BlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -79,43 +85,57 @@ pub enum BlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/dnschaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/dnschaos.rs index 35b2383c2..0933e79b5 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/dnschaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/dnschaos.rs @@ -17,17 +17,27 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct DNSChaosSpec { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: DNSChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: DNSChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -35,7 +45,10 @@ pub struct DNSChaosSpec { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: DNSChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -67,43 +80,57 @@ pub enum DNSChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DNSChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DNSChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/gcpchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/gcpchaos.rs index 05d6eeca0..0b8996dd2 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/gcpchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/gcpchaos.rs @@ -16,9 +16,12 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct GCPChaosSpec { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: GCPChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -52,7 +55,8 @@ pub enum GCPChaosAction { /// GCPChaosStatus represents the status of a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GCPChaosStatus { - /// The attached disk info strings. Needed in disk-loss. + /// The attached disk info strings. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachedDiskStrings")] pub attached_disk_strings: Option>, /// Conditions represents the current global condition of the chaos diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/httpchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/httpchaos.rs index 9b8e660c6..56b680a82 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/httpchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/httpchaos.rs @@ -22,7 +22,11 @@ pub struct HTTPChaosSpec { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -31,7 +35,8 @@ pub struct HTTPChaosSpec { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: HTTPChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -48,20 +53,26 @@ pub struct HTTPChaosSpec { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: HTTPChaosSelector, /// Target is the object to be selected and injected. pub target: HTTPChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -86,10 +97,12 @@ pub struct HTTPChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -113,7 +126,8 @@ pub struct HTTPChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -122,7 +136,8 @@ pub struct HTTPChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -130,43 +145,57 @@ pub struct HTTPChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -177,7 +206,8 @@ pub enum HTTPChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/iochaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/iochaos.rs index 858675598..a0b873429 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/iochaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/iochaos.rs @@ -17,35 +17,50 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct IOChaosSpec { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: IOChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: IOChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -53,7 +68,10 @@ pub struct IOChaosSpec { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: IOChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -169,43 +187,57 @@ pub enum IOChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IOChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IOChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/jvmchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/jvmchaos.rs index 89396e13a..6ff5eae02 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/jvmchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/jvmchaos.rs @@ -17,27 +17,32 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct JVMChaosSpec { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: JVMChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -46,7 +51,8 @@ pub struct JVMChaosSpec { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: JVMChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -63,18 +69,27 @@ pub struct JVMChaosSpec { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: JVMChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -116,43 +131,57 @@ pub enum JVMChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JVMChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JVMChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/kernelchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/kernelchaos.rs index eabc2d685..5e423a8bc 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/kernelchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/kernelchaos.rs @@ -17,7 +17,8 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct KernelChaosSpec { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -26,14 +27,18 @@ pub struct KernelChaosSpec { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: KernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: KernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: KernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -41,15 +46,34 @@ pub struct KernelChaosSpec { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -63,10 +87,15 @@ pub struct KernelChaosFailKernRequestCallchain { /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -89,43 +118,57 @@ pub enum KernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/networkchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/networkchaos.rs index 851baf3cb..43498dfaa 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/networkchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/networkchaos.rs @@ -17,7 +17,9 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct NetworkChaosSpec { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: NetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -46,7 +48,8 @@ pub struct NetworkChaosSpec { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: NetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -62,7 +65,10 @@ pub struct NetworkChaosSpec { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -93,10 +99,16 @@ pub struct NetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -185,43 +197,57 @@ pub struct NetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -229,11 +255,15 @@ pub struct NetworkChaosSelectorExpressionSelectors { /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct NetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: NetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: NetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -256,43 +286,57 @@ pub enum NetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/physicalmachinechaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/physicalmachinechaos.rs index 4aec51189..aba73dc6e 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/physicalmachinechaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/physicalmachinechaos.rs @@ -19,7 +19,8 @@ use self::prelude::*; pub struct PhysicalMachineChaosSpec { /// the subAction, generate automatically pub action: PhysicalMachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -74,7 +75,8 @@ pub struct PhysicalMachineChaosSpec { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: PhysicalMachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -121,7 +123,10 @@ pub struct PhysicalMachineChaosSpec { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -213,7 +218,9 @@ pub enum PhysicalMachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -229,36 +236,42 @@ pub struct PhysicalMachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -445,13 +458,16 @@ pub struct PhysicalMachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -463,10 +479,13 @@ pub struct PhysicalMachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -628,7 +647,8 @@ pub struct PhysicalMachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -643,14 +663,16 @@ pub struct PhysicalMachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -659,7 +681,8 @@ pub struct PhysicalMachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -677,7 +700,8 @@ pub struct PhysicalMachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -713,7 +737,8 @@ pub struct PhysicalMachineChaosNetworkDuplicate { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -728,7 +753,8 @@ pub struct PhysicalMachineChaosNetworkDuplicate { /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -758,7 +784,8 @@ pub struct PhysicalMachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -773,20 +800,24 @@ pub struct PhysicalMachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -902,34 +933,45 @@ pub struct PhysicalMachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PhysicalMachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -952,7 +994,8 @@ pub struct PhysicalMachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podchaos.rs index d4385e709..58128d546 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podchaos.rs @@ -17,25 +17,38 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct PodChaosSpec { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: PodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: PodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: PodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -69,43 +82,57 @@ pub enum PodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podhttpchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podhttpchaos.rs index 854346caf..6cb94ba57 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podhttpchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podhttpchaos.rs @@ -22,7 +22,8 @@ pub struct PodHttpChaosSpec { /// Rules are a list of injection rule for http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub rules: Option>, - /// TLS is the tls config, will be override if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will be override if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } @@ -49,7 +50,11 @@ pub struct PodHttpChaosRulesActions { /// Abort is a rule to abort a http session. #[serde(default, skip_serializing_if = "Option::is_none")] pub abort: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Patch is a rule to patch some contents in target. @@ -66,10 +71,12 @@ pub struct PodHttpChaosRulesActionsPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -93,7 +100,8 @@ pub struct PodHttpChaosRulesActionsReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -102,7 +110,8 @@ pub struct PodHttpChaosRulesActionsReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -122,15 +131,18 @@ pub struct PodHttpChaosRulesSelector { /// Port is a rule to select server listening on specific port. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, } -/// TLS is the tls config, will be override if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will be override if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PodHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podiochaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podiochaos.rs index b9b7418aa..22d6daed2 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podiochaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podiochaos.rs @@ -24,7 +24,10 @@ pub struct PodIOChaosSpec { /// TODO: support multiple different container to inject in one pod #[serde(default, skip_serializing_if = "Option::is_none")] pub container: Option, - /// VolumeMountPath represents the target mount path It must be a root of mount path now. TODO: search the mount parent of any path automatically. TODO: support multiple different volume mount path in one pod + /// VolumeMountPath represents the target mount path + /// It must be a root of mount path now. + /// TODO: search the mount parent of any path automatically. + /// TODO: support multiple different volume mount path in one pod #[serde(rename = "volumeMountPath")] pub volume_mount_path: String, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podnetworkchaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podnetworkchaos.rs index 214fb635e..c40f8e8d7 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podnetworkchaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/podnetworkchaos.rs @@ -32,10 +32,12 @@ pub struct PodNetworkChaosSpec { /// RawIPSet represents an ipset on specific pod #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PodNetworkChaosIpsets { - /// The contents of ipset. Only available when IPSetType is NetPortIPSet. + /// The contents of ipset. + /// Only available when IPSetType is NetPortIPSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrAndPorts")] pub cidr_and_ports: Option>, - /// The contents of ipset. Only available when IPSetType is NetIPSet. + /// The contents of ipset. + /// Only available when IPSetType is NetIPSet. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidrs: Option>, /// IPSetType represents the type of IP set @@ -43,7 +45,8 @@ pub struct PodNetworkChaosIpsets { pub ipset_type: String, /// The name of ipset pub name: String, - /// The contents of ipset. Only available when IPSetType is SetIPSet. + /// The contents of ipset. + /// Only available when IPSetType is SetIPSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "setNames")] pub set_names: Option>, pub source: String, @@ -113,10 +116,16 @@ pub struct PodNetworkChaosTcsBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/schedules.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/schedules.rs index 1b2bd20ba..53c2f07b9 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/schedules.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/schedules.rs @@ -77,12 +77,15 @@ pub struct ScheduleSpec { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: ScheduleAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -100,7 +103,8 @@ pub struct ScheduleAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -119,15 +123,19 @@ pub enum ScheduleAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: ScheduleAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -161,9 +169,11 @@ pub enum ScheduleAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: ScheduleBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -172,14 +182,18 @@ pub struct ScheduleBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -223,43 +237,57 @@ pub enum ScheduleBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -274,17 +302,27 @@ pub enum ScheduleConcurrencyPolicy { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: ScheduleDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -292,7 +330,10 @@ pub struct ScheduleDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -324,43 +365,57 @@ pub enum ScheduleDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -368,9 +423,12 @@ pub struct ScheduleDnsChaosSelectorExpressionSelectors { /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: ScheduleGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -409,7 +467,11 @@ pub struct ScheduleHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -418,7 +480,8 @@ pub struct ScheduleHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -435,20 +498,26 @@ pub struct ScheduleHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleHttpChaosSelector, /// Target is the object to be selected and injected. pub target: ScheduleHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -473,10 +542,12 @@ pub struct ScheduleHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -500,7 +571,8 @@ pub struct ScheduleHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -509,7 +581,8 @@ pub struct ScheduleHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -517,43 +590,57 @@ pub struct ScheduleHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -564,7 +651,8 @@ pub enum ScheduleHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -587,35 +675,50 @@ pub struct ScheduleHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: ScheduleIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -623,7 +726,10 @@ pub struct ScheduleIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -739,43 +845,57 @@ pub enum ScheduleIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -783,27 +903,32 @@ pub struct ScheduleIoChaosSelectorExpressionSelectors { /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: ScheduleJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -812,7 +937,8 @@ pub struct ScheduleJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -829,18 +955,27 @@ pub struct ScheduleJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -882,43 +1017,57 @@ pub enum ScheduleJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -926,7 +1075,8 @@ pub struct ScheduleJvmChaosSelectorExpressionSelectors { /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -935,14 +1085,18 @@ pub struct ScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: ScheduleKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -950,15 +1104,34 @@ pub struct ScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -972,10 +1145,15 @@ pub struct ScheduleKernelChaosFailKernRequestCallchain { /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -998,43 +1176,57 @@ pub enum ScheduleKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1042,7 +1234,9 @@ pub struct ScheduleKernelChaosSelectorExpressionSelectors { /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: ScheduleNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1071,7 +1265,8 @@ pub struct ScheduleNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1087,7 +1282,10 @@ pub struct ScheduleNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1118,10 +1316,16 @@ pub struct ScheduleNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -1210,43 +1414,57 @@ pub struct ScheduleNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1254,11 +1472,15 @@ pub struct ScheduleNetworkChaosSelectorExpressionSelectors { /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1281,43 +1503,57 @@ pub enum ScheduleNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1327,7 +1563,8 @@ pub struct ScheduleNetworkChaosTargetSelectorExpressionSelectors { pub struct SchedulePhysicalmachineChaos { /// the subAction, generate automatically pub action: SchedulePhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1382,7 +1619,8 @@ pub struct SchedulePhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: SchedulePhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -1429,7 +1667,10 @@ pub struct SchedulePhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1521,7 +1762,9 @@ pub enum SchedulePhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -1537,36 +1780,42 @@ pub struct SchedulePhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -1753,13 +2002,16 @@ pub struct SchedulePhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -1771,10 +2023,13 @@ pub struct SchedulePhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -1936,7 +2191,8 @@ pub struct SchedulePhysicalmachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -1951,14 +2207,16 @@ pub struct SchedulePhysicalmachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -1967,7 +2225,8 @@ pub struct SchedulePhysicalmachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -1985,7 +2244,8 @@ pub struct SchedulePhysicalmachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -2021,7 +2281,8 @@ pub struct SchedulePhysicalmachineChaosNetworkDuplicate { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2036,7 +2297,8 @@ pub struct SchedulePhysicalmachineChaosNetworkDuplicate { /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -2066,7 +2328,8 @@ pub struct SchedulePhysicalmachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2081,20 +2344,24 @@ pub struct SchedulePhysicalmachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -2210,34 +2477,45 @@ pub struct SchedulePhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2260,7 +2538,8 @@ pub struct SchedulePhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -2285,25 +2564,38 @@ pub struct SchedulePhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct SchedulePodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: SchedulePodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: SchedulePodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: SchedulePodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2337,43 +2629,57 @@ pub enum SchedulePodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SchedulePodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2381,26 +2687,38 @@ pub struct SchedulePodChaosSelectorExpressionSelectors { /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2423,48 +2741,64 @@ pub enum ScheduleStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleStressChaosStressors { /// CPUStressor stresses CPU out @@ -2478,55 +2812,71 @@ pub struct ScheduleStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2549,43 +2899,57 @@ pub enum ScheduleTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2598,7 +2962,8 @@ pub struct ScheduleWorkflow { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplates { - /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck. + /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. + /// Only used when Type is TypeStatusCheck. #[serde(default, skip_serializing_if = "Option::is_none", rename = "abortWithStatusCheck")] pub abort_with_status_check: Option, /// AWSChaosSpec is the content of the specification for an AWSChaos @@ -2667,12 +3032,15 @@ pub struct ScheduleWorkflowTemplates { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: ScheduleWorkflowTemplatesAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -2690,7 +3058,8 @@ pub struct ScheduleWorkflowTemplatesAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -2709,15 +3078,19 @@ pub enum ScheduleWorkflowTemplatesAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: ScheduleWorkflowTemplatesAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -2751,9 +3124,11 @@ pub enum ScheduleWorkflowTemplatesAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: ScheduleWorkflowTemplatesBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -2762,14 +3137,18 @@ pub struct ScheduleWorkflowTemplatesBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -2813,43 +3192,57 @@ pub enum ScheduleWorkflowTemplatesBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2866,17 +3259,27 @@ pub struct ScheduleWorkflowTemplatesConditionalBranches { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: ScheduleWorkflowTemplatesDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -2884,7 +3287,10 @@ pub struct ScheduleWorkflowTemplatesDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2916,43 +3322,57 @@ pub enum ScheduleWorkflowTemplatesDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2960,9 +3380,12 @@ pub struct ScheduleWorkflowTemplatesDnsChaosSelectorExpressionSelectors { /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: ScheduleWorkflowTemplatesGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -3001,7 +3424,11 @@ pub struct ScheduleWorkflowTemplatesHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -3010,7 +3437,8 @@ pub struct ScheduleWorkflowTemplatesHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3027,20 +3455,26 @@ pub struct ScheduleWorkflowTemplatesHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesHttpChaosSelector, /// Target is the object to be selected and injected. pub target: ScheduleWorkflowTemplatesHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3065,10 +3499,12 @@ pub struct ScheduleWorkflowTemplatesHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -3092,7 +3528,8 @@ pub struct ScheduleWorkflowTemplatesHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -3101,7 +3538,8 @@ pub struct ScheduleWorkflowTemplatesHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -3109,43 +3547,57 @@ pub struct ScheduleWorkflowTemplatesHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3156,7 +3608,8 @@ pub enum ScheduleWorkflowTemplatesHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -3179,35 +3632,50 @@ pub struct ScheduleWorkflowTemplatesHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: ScheduleWorkflowTemplatesIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -3215,7 +3683,10 @@ pub struct ScheduleWorkflowTemplatesIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -3331,43 +3802,57 @@ pub enum ScheduleWorkflowTemplatesIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3375,27 +3860,32 @@ pub struct ScheduleWorkflowTemplatesIoChaosSelectorExpressionSelectors { /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: ScheduleWorkflowTemplatesJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -3404,7 +3894,8 @@ pub struct ScheduleWorkflowTemplatesJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -3421,18 +3912,27 @@ pub struct ScheduleWorkflowTemplatesJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3474,43 +3974,57 @@ pub enum ScheduleWorkflowTemplatesJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3518,7 +4032,8 @@ pub struct ScheduleWorkflowTemplatesJvmChaosSelectorExpressionSelectors { /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -3527,14 +4042,18 @@ pub struct ScheduleWorkflowTemplatesKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: ScheduleWorkflowTemplatesKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3542,15 +4061,34 @@ pub struct ScheduleWorkflowTemplatesKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -3564,10 +4102,15 @@ pub struct ScheduleWorkflowTemplatesKernelChaosFailKernRequestCallchain { /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -3590,43 +4133,57 @@ pub enum ScheduleWorkflowTemplatesKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3634,7 +4191,9 @@ pub struct ScheduleWorkflowTemplatesKernelChaosSelectorExpressionSelectors { /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: ScheduleWorkflowTemplatesNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3663,7 +4222,8 @@ pub struct ScheduleWorkflowTemplatesNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3679,7 +4239,10 @@ pub struct ScheduleWorkflowTemplatesNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3710,10 +4273,16 @@ pub struct ScheduleWorkflowTemplatesNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -3802,43 +4371,57 @@ pub struct ScheduleWorkflowTemplatesNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3846,11 +4429,15 @@ pub struct ScheduleWorkflowTemplatesNetworkChaosSelectorExpressionSelectors { /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3873,43 +4460,57 @@ pub enum ScheduleWorkflowTemplatesNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3919,7 +4520,8 @@ pub struct ScheduleWorkflowTemplatesNetworkChaosTargetSelectorExpressionSelector pub struct ScheduleWorkflowTemplatesPhysicalmachineChaos { /// the subAction, generate automatically pub action: ScheduleWorkflowTemplatesPhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3974,7 +4576,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesPhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -4021,7 +4624,10 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4113,7 +4719,9 @@ pub enum ScheduleWorkflowTemplatesPhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -4129,36 +4737,42 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -4345,13 +4959,16 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -4363,10 +4980,13 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -4528,7 +5148,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4543,14 +5164,16 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -4559,7 +5182,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4577,7 +5201,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -4613,7 +5238,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDuplicate { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4628,7 +5254,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDuplicate { /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -4658,7 +5285,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4673,20 +5301,24 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -4802,34 +5434,45 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4852,7 +5495,8 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -4877,25 +5521,38 @@ pub struct ScheduleWorkflowTemplatesPhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesPodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: ScheduleWorkflowTemplatesPodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesPodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesPodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4929,43 +5586,57 @@ pub enum ScheduleWorkflowTemplatesPodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesPodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5028,12 +5699,15 @@ pub struct ScheduleWorkflowTemplatesSchedule { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: ScheduleWorkflowTemplatesScheduleAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -5051,7 +5725,8 @@ pub struct ScheduleWorkflowTemplatesScheduleAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -5070,15 +5745,19 @@ pub enum ScheduleWorkflowTemplatesScheduleAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: ScheduleWorkflowTemplatesScheduleAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -5112,9 +5791,11 @@ pub enum ScheduleWorkflowTemplatesScheduleAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: ScheduleWorkflowTemplatesScheduleBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -5123,14 +5804,18 @@ pub struct ScheduleWorkflowTemplatesScheduleBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -5174,43 +5859,57 @@ pub enum ScheduleWorkflowTemplatesScheduleBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5225,17 +5924,27 @@ pub enum ScheduleWorkflowTemplatesScheduleConcurrencyPolicy { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: ScheduleWorkflowTemplatesScheduleDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -5243,7 +5952,10 @@ pub struct ScheduleWorkflowTemplatesScheduleDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5275,43 +5987,57 @@ pub enum ScheduleWorkflowTemplatesScheduleDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5319,9 +6045,12 @@ pub struct ScheduleWorkflowTemplatesScheduleDnsChaosSelectorExpressionSelectors /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: ScheduleWorkflowTemplatesScheduleGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -5360,7 +6089,11 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -5369,7 +6102,8 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5386,20 +6120,26 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleHttpChaosSelector, /// Target is the object to be selected and injected. pub target: ScheduleWorkflowTemplatesScheduleHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5424,10 +6164,12 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -5451,7 +6193,8 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -5460,7 +6203,8 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -5468,43 +6212,57 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5515,7 +6273,8 @@ pub enum ScheduleWorkflowTemplatesScheduleHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -5538,35 +6297,50 @@ pub struct ScheduleWorkflowTemplatesScheduleHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: ScheduleWorkflowTemplatesScheduleIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -5574,7 +6348,10 @@ pub struct ScheduleWorkflowTemplatesScheduleIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -5690,43 +6467,57 @@ pub enum ScheduleWorkflowTemplatesScheduleIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5734,27 +6525,32 @@ pub struct ScheduleWorkflowTemplatesScheduleIoChaosSelectorExpressionSelectors { /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: ScheduleWorkflowTemplatesScheduleJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -5763,7 +6559,8 @@ pub struct ScheduleWorkflowTemplatesScheduleJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -5780,18 +6577,27 @@ pub struct ScheduleWorkflowTemplatesScheduleJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5833,43 +6639,57 @@ pub enum ScheduleWorkflowTemplatesScheduleJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5877,7 +6697,8 @@ pub struct ScheduleWorkflowTemplatesScheduleJvmChaosSelectorExpressionSelectors /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -5886,14 +6707,18 @@ pub struct ScheduleWorkflowTemplatesScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: ScheduleWorkflowTemplatesScheduleKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5901,15 +6726,34 @@ pub struct ScheduleWorkflowTemplatesScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -5923,10 +6767,15 @@ pub struct ScheduleWorkflowTemplatesScheduleKernelChaosFailKernRequestCallchain /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -5949,43 +6798,57 @@ pub enum ScheduleWorkflowTemplatesScheduleKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5993,7 +6856,9 @@ pub struct ScheduleWorkflowTemplatesScheduleKernelChaosSelectorExpressionSelecto /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: ScheduleWorkflowTemplatesScheduleNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6022,7 +6887,8 @@ pub struct ScheduleWorkflowTemplatesScheduleNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6038,7 +6904,10 @@ pub struct ScheduleWorkflowTemplatesScheduleNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -6069,10 +6938,16 @@ pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -6161,43 +7036,57 @@ pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6205,11 +7094,15 @@ pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosSelectorExpressionSelect /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -6232,43 +7125,57 @@ pub enum ScheduleWorkflowTemplatesScheduleNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6278,7 +7185,8 @@ pub struct ScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelectorExpression pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaos { /// the subAction, generate automatically pub action: ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6333,7 +7241,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -6380,7 +7289,10 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6472,7 +7384,9 @@ pub enum ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -6488,36 +7402,42 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -6704,13 +7624,16 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -6722,10 +7645,13 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -6887,7 +7813,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -6902,14 +7829,16 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -6918,7 +7847,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -6936,7 +7866,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -6972,7 +7903,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkDuplicate /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -6987,7 +7919,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkDuplicate /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -7017,7 +7950,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -7032,20 +7966,24 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -7161,34 +8099,45 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7211,7 +8160,8 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -7236,25 +8186,38 @@ pub struct ScheduleWorkflowTemplatesSchedulePhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: ScheduleWorkflowTemplatesSchedulePodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesSchedulePodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesSchedulePodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7288,43 +8251,57 @@ pub enum ScheduleWorkflowTemplatesSchedulePodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesSchedulePodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7332,26 +8309,38 @@ pub struct ScheduleWorkflowTemplatesSchedulePodChaosSelectorExpressionSelectors /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7374,48 +8363,64 @@ pub enum ScheduleWorkflowTemplatesScheduleStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleStressChaosStressors { /// CPUStressor stresses CPU out @@ -7429,55 +8434,71 @@ pub struct ScheduleWorkflowTemplatesScheduleStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesScheduleTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesScheduleTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7500,43 +8521,57 @@ pub enum ScheduleWorkflowTemplatesScheduleTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesScheduleTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7544,30 +8579,43 @@ pub struct ScheduleWorkflowTemplatesScheduleTimeChaosSelectorExpressionSelectors /// StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesStatusCheck { - /// Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration defines the duration of the whole status check if the + /// number of failed execution does not exceed the failure threshold. + /// Duration is available to both `Synchronous` and `Continuous` mode. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// FailureThreshold defines the minimum consecutive failure for the status check to be considered failed. + /// FailureThreshold defines the minimum consecutive failure + /// for the status check to be considered failed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// IntervalSeconds defines how often (in seconds) to perform an execution of status check. + /// IntervalSeconds defines how often (in seconds) to perform + /// an execution of status check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "intervalSeconds")] pub interval_seconds: Option, - /// Mode defines the execution mode of the status check. Support type: Synchronous / Continuous + /// Mode defines the execution mode of the status check. + /// Support type: Synchronous / Continuous #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// RecordsHistoryLimit defines the number of record to retain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recordsHistoryLimit")] pub records_history_limit: Option, - /// SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode. + /// SuccessThreshold defines the minimum consecutive successes + /// for the status check to be considered successful. + /// SuccessThreshold only works for `Synchronous` mode. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TimeoutSeconds defines the number of seconds after which an execution of status check times out. + /// TimeoutSeconds defines the number of seconds after which + /// an execution of status check times out. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, - /// Type defines the specific status check type. Support type: HTTP + /// Type defines the specific status check type. + /// Support type: HTTP #[serde(rename = "type")] pub r#type: ScheduleWorkflowTemplatesStatusCheckType, } @@ -7578,8 +8626,11 @@ pub struct ScheduleWorkflowTemplatesStatusCheckHttp { pub body: Option, /// Criteria defines how to determine the result of the status check. pub criteria: ScheduleWorkflowTemplatesStatusCheckHttpCriteria, - /// A Header represents the key-value pairs in an HTTP header. - /// The keys should be in canonical form, as returned by CanonicalHeaderKey. + /// A Header represents the key-value pairs in an HTTP header. + /// + /// + /// The keys should be in canonical form, as returned by + /// [CanonicalHeaderKey]. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -7590,7 +8641,9 @@ pub struct ScheduleWorkflowTemplatesStatusCheckHttp { /// Criteria defines how to determine the result of the status check. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesStatusCheckHttpCriteria { - /// StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included). + /// StatusCode defines the expected http status code for the request. + /// A statusCode string could be a single code (e.g. 200), or + /// an inclusive range (e.g. 200-400, both `200` and `400` are included). #[serde(rename = "statusCode")] pub status_code: String, } @@ -7620,26 +8673,38 @@ pub enum ScheduleWorkflowTemplatesStatusCheckType { /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7662,48 +8727,64 @@ pub enum ScheduleWorkflowTemplatesStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesStressChaosStressors { /// CPUStressor stresses CPU out @@ -7717,29 +8798,35 @@ pub struct ScheduleWorkflowTemplatesStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } @@ -7757,75 +8844,166 @@ pub struct ScheduleWorkflowTemplatesTask { /// Container is the main container image to run in the pod #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainer { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -7835,7 +9013,15 @@ pub struct ScheduleWorkflowTemplatesTaskContainer { pub struct ScheduleWorkflowTemplatesTaskContainerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -7849,10 +9035,12 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -7865,7 +9053,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFrom { pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -7873,7 +9063,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -7884,7 +9075,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -7902,7 +9094,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFromResourceFieldRef { pub struct ScheduleWorkflowTemplatesTaskContainerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7927,7 +9121,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -7938,7 +9134,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -7946,18 +9144,33 @@ pub struct ScheduleWorkflowTemplatesTaskContainerEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStart { /// Exec specifies the action to take. @@ -7966,7 +9179,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -7974,7 +9189,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -7982,7 +9201,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -7991,9 +9211,12 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -8001,23 +9224,36 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStop { /// Exec specifies the action to take. @@ -8026,7 +9262,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -8034,7 +9272,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -8042,7 +9284,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -8051,9 +9294,12 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -8061,29 +9307,38 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -8092,22 +9347,36 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -8115,7 +9384,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -8125,8 +9398,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeExec { pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -8134,7 +9410,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -8143,9 +9420,12 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -8153,7 +9433,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -8165,37 +9446,50 @@ pub struct ScheduleWorkflowTemplatesTaskContainerLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -8204,22 +9498,36 @@ pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -8227,7 +9535,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -8237,8 +9549,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeExec { pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -8246,7 +9561,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -8255,9 +9571,12 @@ pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -8265,7 +9584,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -8277,33 +9597,49 @@ pub struct ScheduleWorkflowTemplatesTaskContainerReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -8311,49 +9647,95 @@ pub struct ScheduleWorkflowTemplatesTaskContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerSecurityContextCapabilities { /// Added capabilities @@ -8364,7 +9746,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -8381,42 +9767,71 @@ pub struct ScheduleWorkflowTemplatesTaskContainerSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -8425,22 +9840,36 @@ pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -8448,7 +9877,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -8458,8 +9891,11 @@ pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeExec { pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -8467,7 +9903,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -8476,9 +9913,12 @@ pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -8486,7 +9926,8 @@ pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -8498,7 +9939,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -8515,21 +9958,30 @@ pub struct ScheduleWorkflowTemplatesTaskContainerVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskContainerVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -8537,7 +9989,9 @@ pub struct ScheduleWorkflowTemplatesTaskContainerVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -8549,7 +10003,8 @@ pub struct ScheduleWorkflowTemplatesTaskVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -8561,46 +10016,91 @@ pub struct ScheduleWorkflowTemplatesTaskVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -8615,13 +10115,15 @@ pub struct ScheduleWorkflowTemplatesTaskVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -8632,19 +10134,30 @@ pub struct ScheduleWorkflowTemplatesTaskVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -8661,13 +10174,16 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -8675,7 +10191,8 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -8689,54 +10206,74 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8744,13 +10281,27 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -8763,36 +10314,59 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesConfigMap { pub struct ScheduleWorkflowTemplatesTaskVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8800,7 +10374,14 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -8814,12 +10395,18 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -8835,7 +10422,8 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -8848,72 +10436,190 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesDownwardApiItemsResourceFieldRef pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateMetadata { } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -8921,10 +10627,19 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -8933,33 +10648,73 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecD pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -8967,7 +10722,9 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecR /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -8977,19 +10734,26 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecS /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8997,46 +10761,65 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecS /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9044,7 +10827,8 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -9052,27 +10836,46 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -9082,29 +10885,47 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -9113,29 +10934,39 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -9143,30 +10974,41 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -9174,7 +11016,9 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -9185,10 +11029,13 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -9199,7 +11046,12 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -9227,10 +11079,18 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -9243,10 +11103,18 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesConfigMap { pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -9264,12 +11132,18 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItems /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -9285,7 +11159,8 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItemsF pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -9301,10 +11176,18 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItemsR /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -9317,78 +11200,124 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesSecret { pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9396,7 +11325,10 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -9404,16 +11336,19 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: ScheduleWorkflowTemplatesTaskVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -9421,32 +11356,50 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -9456,37 +11409,58 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesSecret { pub struct ScheduleWorkflowTemplatesTaskVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9494,7 +11468,9 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTaskVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -9511,26 +11487,36 @@ pub struct ScheduleWorkflowTemplatesTaskVolumesVsphereVolume { /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ScheduleWorkflowTemplatesTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: ScheduleWorkflowTemplatesTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: ScheduleWorkflowTemplatesTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -9553,43 +11539,57 @@ pub enum ScheduleWorkflowTemplatesTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduleWorkflowTemplatesTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/statuschecks.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/statuschecks.rs index a93fc900b..b4cf25fce 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/statuschecks.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/statuschecks.rs @@ -18,30 +18,43 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct StatusCheckSpec { - /// Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration defines the duration of the whole status check if the + /// number of failed execution does not exceed the failure threshold. + /// Duration is available to both `Synchronous` and `Continuous` mode. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// FailureThreshold defines the minimum consecutive failure for the status check to be considered failed. + /// FailureThreshold defines the minimum consecutive failure + /// for the status check to be considered failed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// IntervalSeconds defines how often (in seconds) to perform an execution of status check. + /// IntervalSeconds defines how often (in seconds) to perform + /// an execution of status check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "intervalSeconds")] pub interval_seconds: Option, - /// Mode defines the execution mode of the status check. Support type: Synchronous / Continuous + /// Mode defines the execution mode of the status check. + /// Support type: Synchronous / Continuous #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// RecordsHistoryLimit defines the number of record to retain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recordsHistoryLimit")] pub records_history_limit: Option, - /// SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode. + /// SuccessThreshold defines the minimum consecutive successes + /// for the status check to be considered successful. + /// SuccessThreshold only works for `Synchronous` mode. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TimeoutSeconds defines the number of seconds after which an execution of status check times out. + /// TimeoutSeconds defines the number of seconds after which + /// an execution of status check times out. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, - /// Type defines the specific status check type. Support type: HTTP + /// Type defines the specific status check type. + /// Support type: HTTP #[serde(rename = "type")] pub r#type: StatusCheckType, } @@ -52,8 +65,11 @@ pub struct StatusCheckHttp { pub body: Option, /// Criteria defines how to determine the result of the status check. pub criteria: StatusCheckHttpCriteria, - /// A Header represents the key-value pairs in an HTTP header. - /// The keys should be in canonical form, as returned by CanonicalHeaderKey. + /// A Header represents the key-value pairs in an HTTP header. + /// + /// + /// The keys should be in canonical form, as returned by + /// [CanonicalHeaderKey]. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -64,7 +80,9 @@ pub struct StatusCheckHttp { /// Criteria defines how to determine the result of the status check. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StatusCheckHttpCriteria { - /// StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included). + /// StatusCode defines the expected http status code for the request. + /// A statusCode string could be a single code (e.g. 200), or + /// an inclusive range (e.g. 200-400, both `200` and `400` are included). #[serde(rename = "statusCode")] pub status_code: String, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/stresschaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/stresschaos.rs index 3fdb7f265..03f42f84f 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/stresschaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/stresschaos.rs @@ -17,26 +17,38 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct StressChaosSpec { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: StressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: StressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -59,48 +71,64 @@ pub enum StressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StressChaosStressors { /// CPUStressor stresses CPU out @@ -114,29 +142,35 @@ pub struct StressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/timechaos.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/timechaos.rs index 7d99a8251..543e8a7ba 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/timechaos.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/timechaos.rs @@ -17,26 +17,36 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct TimeChaosSpec { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: TimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: TimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -59,43 +69,57 @@ pub enum TimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflownodes.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflownodes.rs index b8645171b..6a01375a7 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflownodes.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflownodes.rs @@ -20,7 +20,8 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct WorkflowNodeSpec { - /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck. + /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. + /// Only used when Type is TypeStatusCheck. #[serde(default, skip_serializing_if = "Option::is_none", rename = "abortWithStatusCheck")] pub abort_with_status_check: Option, /// AWSChaosSpec is the content of the specification for an AWSChaos @@ -91,12 +92,15 @@ pub struct WorkflowNodeSpec { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: WorkflowNodeAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -114,7 +118,8 @@ pub struct WorkflowNodeAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -133,15 +138,19 @@ pub enum WorkflowNodeAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: WorkflowNodeAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -175,9 +184,11 @@ pub enum WorkflowNodeAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: WorkflowNodeBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -186,14 +197,18 @@ pub struct WorkflowNodeBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -237,43 +252,57 @@ pub enum WorkflowNodeBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -290,17 +319,27 @@ pub struct WorkflowNodeConditionalBranches { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: WorkflowNodeDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -308,7 +347,10 @@ pub struct WorkflowNodeDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -340,43 +382,57 @@ pub enum WorkflowNodeDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -384,9 +440,12 @@ pub struct WorkflowNodeDnsChaosSelectorExpressionSelectors { /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: WorkflowNodeGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -425,7 +484,11 @@ pub struct WorkflowNodeHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -434,7 +497,8 @@ pub struct WorkflowNodeHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -451,20 +515,26 @@ pub struct WorkflowNodeHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeHttpChaosSelector, /// Target is the object to be selected and injected. pub target: WorkflowNodeHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -489,10 +559,12 @@ pub struct WorkflowNodeHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -516,7 +588,8 @@ pub struct WorkflowNodeHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -525,7 +598,8 @@ pub struct WorkflowNodeHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -533,43 +607,57 @@ pub struct WorkflowNodeHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -580,7 +668,8 @@ pub enum WorkflowNodeHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -603,35 +692,50 @@ pub struct WorkflowNodeHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: WorkflowNodeIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -639,7 +743,10 @@ pub struct WorkflowNodeIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -755,43 +862,57 @@ pub enum WorkflowNodeIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -799,27 +920,32 @@ pub struct WorkflowNodeIoChaosSelectorExpressionSelectors { /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: WorkflowNodeJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -828,7 +954,8 @@ pub struct WorkflowNodeJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -845,18 +972,27 @@ pub struct WorkflowNodeJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -898,43 +1034,57 @@ pub enum WorkflowNodeJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -942,7 +1092,8 @@ pub struct WorkflowNodeJvmChaosSelectorExpressionSelectors { /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -951,14 +1102,18 @@ pub struct WorkflowNodeKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: WorkflowNodeKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -966,15 +1121,34 @@ pub struct WorkflowNodeKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -988,10 +1162,15 @@ pub struct WorkflowNodeKernelChaosFailKernRequestCallchain { /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -1014,43 +1193,57 @@ pub enum WorkflowNodeKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1058,7 +1251,9 @@ pub struct WorkflowNodeKernelChaosSelectorExpressionSelectors { /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: WorkflowNodeNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1087,7 +1282,8 @@ pub struct WorkflowNodeNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1103,7 +1299,10 @@ pub struct WorkflowNodeNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1134,10 +1333,16 @@ pub struct WorkflowNodeNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -1226,43 +1431,57 @@ pub struct WorkflowNodeNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1270,11 +1489,15 @@ pub struct WorkflowNodeNetworkChaosSelectorExpressionSelectors { /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1297,43 +1520,57 @@ pub enum WorkflowNodeNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1343,7 +1580,8 @@ pub struct WorkflowNodeNetworkChaosTargetSelectorExpressionSelectors { pub struct WorkflowNodePhysicalmachineChaos { /// the subAction, generate automatically pub action: WorkflowNodePhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1398,7 +1636,8 @@ pub struct WorkflowNodePhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodePhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -1445,7 +1684,10 @@ pub struct WorkflowNodePhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1537,7 +1779,9 @@ pub enum WorkflowNodePhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -1553,36 +1797,42 @@ pub struct WorkflowNodePhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -1769,13 +2019,16 @@ pub struct WorkflowNodePhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -1787,10 +2040,13 @@ pub struct WorkflowNodePhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -1952,7 +2208,8 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -1967,14 +2224,16 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -1983,7 +2242,8 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2001,7 +2261,8 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -2037,7 +2298,8 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkDuplicate { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2052,7 +2314,8 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkDuplicate { /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -2082,7 +2345,8 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2097,20 +2361,24 @@ pub struct WorkflowNodePhysicalmachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -2226,34 +2494,45 @@ pub struct WorkflowNodePhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2276,7 +2555,8 @@ pub struct WorkflowNodePhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -2301,25 +2581,38 @@ pub struct WorkflowNodePhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodePodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: WorkflowNodePodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodePodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodePodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2353,43 +2646,57 @@ pub enum WorkflowNodePodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodePodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2454,12 +2761,15 @@ pub struct WorkflowNodeSchedule { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: WorkflowNodeScheduleAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -2477,7 +2787,8 @@ pub struct WorkflowNodeScheduleAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -2496,15 +2807,19 @@ pub enum WorkflowNodeScheduleAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: WorkflowNodeScheduleAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -2538,9 +2853,11 @@ pub enum WorkflowNodeScheduleAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: WorkflowNodeScheduleBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -2549,14 +2866,18 @@ pub struct WorkflowNodeScheduleBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -2600,43 +2921,57 @@ pub enum WorkflowNodeScheduleBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2651,17 +2986,27 @@ pub enum WorkflowNodeScheduleConcurrencyPolicy { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: WorkflowNodeScheduleDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -2669,7 +3014,10 @@ pub struct WorkflowNodeScheduleDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2701,43 +3049,57 @@ pub enum WorkflowNodeScheduleDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2745,9 +3107,12 @@ pub struct WorkflowNodeScheduleDnsChaosSelectorExpressionSelectors { /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: WorkflowNodeScheduleGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -2786,7 +3151,11 @@ pub struct WorkflowNodeScheduleHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -2795,7 +3164,8 @@ pub struct WorkflowNodeScheduleHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2812,20 +3182,26 @@ pub struct WorkflowNodeScheduleHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleHttpChaosSelector, /// Target is the object to be selected and injected. pub target: WorkflowNodeScheduleHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2850,10 +3226,12 @@ pub struct WorkflowNodeScheduleHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -2877,7 +3255,8 @@ pub struct WorkflowNodeScheduleHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -2886,7 +3265,8 @@ pub struct WorkflowNodeScheduleHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -2894,43 +3274,57 @@ pub struct WorkflowNodeScheduleHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2941,7 +3335,8 @@ pub enum WorkflowNodeScheduleHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -2964,35 +3359,50 @@ pub struct WorkflowNodeScheduleHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: WorkflowNodeScheduleIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -3000,7 +3410,10 @@ pub struct WorkflowNodeScheduleIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -3116,43 +3529,57 @@ pub enum WorkflowNodeScheduleIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3160,27 +3587,32 @@ pub struct WorkflowNodeScheduleIoChaosSelectorExpressionSelectors { /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: WorkflowNodeScheduleJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -3189,7 +3621,8 @@ pub struct WorkflowNodeScheduleJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -3206,18 +3639,27 @@ pub struct WorkflowNodeScheduleJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3259,43 +3701,57 @@ pub enum WorkflowNodeScheduleJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3303,7 +3759,8 @@ pub struct WorkflowNodeScheduleJvmChaosSelectorExpressionSelectors { /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -3312,14 +3769,18 @@ pub struct WorkflowNodeScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: WorkflowNodeScheduleKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3327,15 +3788,34 @@ pub struct WorkflowNodeScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -3349,10 +3829,15 @@ pub struct WorkflowNodeScheduleKernelChaosFailKernRequestCallchain { /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -3375,43 +3860,57 @@ pub enum WorkflowNodeScheduleKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3419,7 +3918,9 @@ pub struct WorkflowNodeScheduleKernelChaosSelectorExpressionSelectors { /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: WorkflowNodeScheduleNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3448,7 +3949,8 @@ pub struct WorkflowNodeScheduleNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3464,7 +3966,10 @@ pub struct WorkflowNodeScheduleNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3495,10 +4000,16 @@ pub struct WorkflowNodeScheduleNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -3587,43 +4098,57 @@ pub struct WorkflowNodeScheduleNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3631,11 +4156,15 @@ pub struct WorkflowNodeScheduleNetworkChaosSelectorExpressionSelectors { /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3658,43 +4187,57 @@ pub enum WorkflowNodeScheduleNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3704,7 +4247,8 @@ pub struct WorkflowNodeScheduleNetworkChaosTargetSelectorExpressionSelectors { pub struct WorkflowNodeSchedulePhysicalmachineChaos { /// the subAction, generate automatically pub action: WorkflowNodeSchedulePhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3759,7 +4303,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeSchedulePhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -3806,7 +4351,10 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3898,7 +4446,9 @@ pub enum WorkflowNodeSchedulePhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -3914,36 +4464,42 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -4130,13 +4686,16 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -4148,10 +4707,13 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -4313,7 +4875,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4328,14 +4891,16 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -4344,7 +4909,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4362,7 +4928,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -4398,7 +4965,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkDuplicate { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4413,7 +4981,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkDuplicate { /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -4443,7 +5012,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4458,20 +5028,24 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -4587,34 +5161,45 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4637,7 +5222,8 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -4662,25 +5248,38 @@ pub struct WorkflowNodeSchedulePhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeSchedulePodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: WorkflowNodeSchedulePodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeSchedulePodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeSchedulePodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4714,43 +5313,57 @@ pub enum WorkflowNodeSchedulePodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeSchedulePodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4758,26 +5371,38 @@ pub struct WorkflowNodeSchedulePodChaosSelectorExpressionSelectors { /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4800,48 +5425,64 @@ pub enum WorkflowNodeScheduleStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleStressChaosStressors { /// CPUStressor stresses CPU out @@ -4855,55 +5496,71 @@ pub struct WorkflowNodeScheduleStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4926,43 +5583,57 @@ pub enum WorkflowNodeScheduleTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4975,7 +5646,8 @@ pub struct WorkflowNodeScheduleWorkflow { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplates { - /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck. + /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. + /// Only used when Type is TypeStatusCheck. #[serde(default, skip_serializing_if = "Option::is_none", rename = "abortWithStatusCheck")] pub abort_with_status_check: Option, /// AWSChaosSpec is the content of the specification for an AWSChaos @@ -5044,12 +5716,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplates { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: WorkflowNodeScheduleWorkflowTemplatesAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -5067,7 +5742,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -5086,15 +5762,19 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: WorkflowNodeScheduleWorkflowTemplatesAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -5128,9 +5808,11 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: WorkflowNodeScheduleWorkflowTemplatesBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -5139,14 +5821,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -5190,43 +5876,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5243,17 +5943,27 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesConditionalBranches { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: WorkflowNodeScheduleWorkflowTemplatesDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -5261,7 +5971,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5293,43 +6006,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5337,9 +6064,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesDnsChaosSelectorExpressionSelect /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: WorkflowNodeScheduleWorkflowTemplatesGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -5378,7 +6108,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -5387,7 +6121,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5404,20 +6139,26 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesHttpChaosSelector, /// Target is the object to be selected and injected. pub target: WorkflowNodeScheduleWorkflowTemplatesHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5442,10 +6183,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -5469,7 +6212,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -5478,7 +6222,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -5486,43 +6231,57 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5533,7 +6292,8 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -5556,35 +6316,50 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: WorkflowNodeScheduleWorkflowTemplatesIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -5592,7 +6367,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -5708,43 +6486,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5752,27 +6544,32 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesIoChaosSelectorExpressionSelecto /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: WorkflowNodeScheduleWorkflowTemplatesJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -5781,7 +6578,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -5798,18 +6596,27 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5851,43 +6658,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -5895,7 +6716,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesJvmChaosSelectorExpressionSelect /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -5904,14 +6726,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: WorkflowNodeScheduleWorkflowTemplatesKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5919,15 +6745,34 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -5941,10 +6786,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaosFailKernRequestCallch /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -5967,43 +6817,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6011,7 +6875,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesKernelChaosSelectorExpressionSel /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: WorkflowNodeScheduleWorkflowTemplatesNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6040,7 +6906,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6056,7 +6923,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -6087,10 +6957,16 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -6179,43 +7055,57 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6223,11 +7113,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosSelectorExpressionSe /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -6250,43 +7144,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6296,7 +7204,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesNetworkChaosTargetSelectorExpres pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaos { /// the subAction, generate automatically pub action: WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6351,7 +7260,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -6398,7 +7308,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6490,7 +7403,9 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -6506,36 +7421,42 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -6722,13 +7643,16 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -6740,10 +7664,13 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -6905,7 +7832,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkCorru /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -6920,14 +7848,16 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkCorru /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -6936,7 +7866,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDelay /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -6954,7 +7885,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDelay /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -6990,7 +7922,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDupli /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -7005,7 +7938,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkDupli /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -7035,7 +7969,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkLoss /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -7050,20 +7985,24 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkLoss /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -7179,34 +8118,45 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7229,7 +8179,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -7254,25 +8205,38 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesPhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: WorkflowNodeScheduleWorkflowTemplatesPodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesPodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesPodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7306,43 +8270,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesPodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesPodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7405,12 +8383,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedule { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -7428,7 +8409,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -7447,15 +8429,19 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -7489,9 +8475,11 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -7500,14 +8488,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -7551,43 +8543,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7602,17 +8608,27 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleConcurrencyPolicy { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -7620,7 +8636,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7652,43 +8671,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7696,9 +8729,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleDnsChaosSelectorExpressi /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -7737,7 +8773,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -7746,7 +8786,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -7763,20 +8804,26 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosSelector, /// Target is the object to be selected and injected. pub target: WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -7801,10 +8848,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -7828,7 +8877,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -7837,7 +8887,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -7845,43 +8896,57 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -7892,7 +8957,8 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -7915,35 +8981,50 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -7951,7 +9032,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -8067,43 +9151,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8111,27 +9209,32 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleIoChaosSelectorExpressio /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -8140,7 +9243,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -8157,18 +9261,27 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -8210,43 +9323,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8254,7 +9381,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleJvmChaosSelectorExpressi /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -8263,14 +9391,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -8278,15 +9410,34 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -8300,10 +9451,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosFailKernReque /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -8326,43 +9482,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8370,7 +9540,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleKernelChaosSelectorExpre /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8399,7 +9571,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8415,7 +9588,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -8446,10 +9622,16 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -8538,43 +9720,57 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8582,11 +9778,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosSelectorExpr /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -8609,43 +9809,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -8655,7 +9869,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleNetworkChaosTargetSelect pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaos { /// the subAction, generate automatically pub action: WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8710,7 +9925,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -8757,7 +9973,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8849,7 +10068,9 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosAction #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -8865,36 +10086,42 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosDisk /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -9081,13 +10308,16 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosJvmL #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -9099,10 +10329,13 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosJvmM /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -9264,7 +10497,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -9279,14 +10513,16 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -9295,7 +10531,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -9313,7 +10550,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -9349,7 +10587,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -9364,7 +10603,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -9394,7 +10634,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -9409,20 +10650,24 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetw /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -9538,34 +10783,45 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosRedi /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9588,7 +10844,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosStre /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -9613,25 +10870,38 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -9665,43 +10935,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9709,26 +10993,38 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesSchedulePodChaosSelectorExpressi /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -9751,48 +11047,64 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosStressors { /// CPUStressor stresses CPU out @@ -9806,55 +11118,71 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesScheduleTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesScheduleTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -9877,43 +11205,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesScheduleTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -9921,30 +11263,43 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesScheduleTimeChaosSelectorExpress /// StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStatusCheck { - /// Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration defines the duration of the whole status check if the + /// number of failed execution does not exceed the failure threshold. + /// Duration is available to both `Synchronous` and `Continuous` mode. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// FailureThreshold defines the minimum consecutive failure for the status check to be considered failed. + /// FailureThreshold defines the minimum consecutive failure + /// for the status check to be considered failed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// IntervalSeconds defines how often (in seconds) to perform an execution of status check. + /// IntervalSeconds defines how often (in seconds) to perform + /// an execution of status check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "intervalSeconds")] pub interval_seconds: Option, - /// Mode defines the execution mode of the status check. Support type: Synchronous / Continuous + /// Mode defines the execution mode of the status check. + /// Support type: Synchronous / Continuous #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// RecordsHistoryLimit defines the number of record to retain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recordsHistoryLimit")] pub records_history_limit: Option, - /// SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode. + /// SuccessThreshold defines the minimum consecutive successes + /// for the status check to be considered successful. + /// SuccessThreshold only works for `Synchronous` mode. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TimeoutSeconds defines the number of seconds after which an execution of status check times out. + /// TimeoutSeconds defines the number of seconds after which + /// an execution of status check times out. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, - /// Type defines the specific status check type. Support type: HTTP + /// Type defines the specific status check type. + /// Support type: HTTP #[serde(rename = "type")] pub r#type: WorkflowNodeScheduleWorkflowTemplatesStatusCheckType, } @@ -9955,8 +11310,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesStatusCheckHttp { pub body: Option, /// Criteria defines how to determine the result of the status check. pub criteria: WorkflowNodeScheduleWorkflowTemplatesStatusCheckHttpCriteria, - /// A Header represents the key-value pairs in an HTTP header. - /// The keys should be in canonical form, as returned by CanonicalHeaderKey. + /// A Header represents the key-value pairs in an HTTP header. + /// + /// + /// The keys should be in canonical form, as returned by + /// [CanonicalHeaderKey]. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -9967,7 +11325,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesStatusCheckHttp { /// Criteria defines how to determine the result of the status check. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStatusCheckHttpCriteria { - /// StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included). + /// StatusCode defines the expected http status code for the request. + /// A statusCode string could be a single code (e.g. 200), or + /// an inclusive range (e.g. 200-400, both `200` and `400` are included). #[serde(rename = "statusCode")] pub status_code: String, } @@ -9997,26 +11357,38 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesStatusCheckType { /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -10039,48 +11411,64 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStressChaosStressors { /// CPUStressor stresses CPU out @@ -10094,29 +11482,35 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } @@ -10134,75 +11528,166 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTask { /// Container is the main container image to run in the pod #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainer { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -10212,7 +11697,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainer { pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -10226,10 +11719,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -10242,7 +11737,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFrom { pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -10250,7 +11747,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFromConfigM pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -10261,7 +11759,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFromFieldRe pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -10279,7 +11778,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFromResourc pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -10304,7 +11805,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -10315,7 +11818,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvFromConfigMapRef /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -10323,18 +11828,33 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStart { /// Exec specifies the action to take. @@ -10343,7 +11863,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStart /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -10351,7 +11873,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStart /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -10359,7 +11885,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStartE /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -10368,9 +11895,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStartH /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -10378,23 +11908,36 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStartH /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStop { /// Exec specifies the action to take. @@ -10403,7 +11946,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -10411,7 +11956,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -10419,7 +11968,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStopExe /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -10428,9 +11978,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHtt /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -10438,29 +11991,38 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHtt /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -10469,22 +12031,36 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -10492,7 +12068,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -10502,8 +12082,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeExec { pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -10511,7 +12094,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -10520,9 +12104,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGe /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -10530,7 +12117,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGe /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -10542,37 +12130,50 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerLivenessProbeTcpSoc /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -10581,22 +12182,36 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -10604,7 +12219,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -10614,8 +12233,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeExec pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -10623,7 +12245,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeGrpc /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -10632,9 +12255,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpG /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -10642,7 +12268,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpG /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -10654,33 +12281,49 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerReadinessProbeTcpSo /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -10688,49 +12331,95 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerSecurityContextCapabilities { /// Added capabilities @@ -10741,7 +12430,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerSecurityContextCapa pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -10758,42 +12451,71 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerSecurityContextSeLi pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -10802,22 +12524,36 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -10825,7 +12561,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -10835,8 +12575,11 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeExec { pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -10844,7 +12587,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -10853,9 +12597,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGet /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -10863,7 +12610,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGet /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -10875,7 +12623,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerStartupProbeTcpSock /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -10892,21 +12642,30 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -10914,7 +12673,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskContainerVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -10926,7 +12687,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -10938,46 +12700,91 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -10992,13 +12799,15 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -11009,19 +12818,30 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -11038,13 +12858,16 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -11052,7 +12875,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -11066,54 +12890,74 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11121,13 +12965,27 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -11140,36 +12998,59 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesConfigMap { pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11177,7 +13058,14 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesCsiNodePublishSecretR /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -11191,12 +13079,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -11212,7 +13106,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesDownwardApiItemsField pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -11225,72 +13120,190 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesDownwardApiItemsResou pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateMetadata { } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -11298,10 +13311,19 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimT pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -11310,33 +13332,73 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimT pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -11344,7 +13406,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimT /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -11354,19 +13418,26 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimT /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -11374,46 +13445,65 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesEphemeralVolumeClaimT /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11421,7 +13511,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -11429,27 +13520,46 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -11459,29 +13569,47 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -11490,29 +13618,39 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -11520,30 +13658,41 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -11551,7 +13700,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesPersistentVolumeClaim /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -11562,10 +13713,13 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesPhotonPersistentDisk /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -11576,7 +13730,12 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -11604,10 +13763,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -11620,10 +13787,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesConfi pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -11641,12 +13816,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownw /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -11662,7 +13843,8 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownw pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -11678,10 +13860,18 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesDownw /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -11694,78 +13884,124 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesSecre pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11773,7 +14009,10 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -11781,16 +14020,19 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: WorkflowNodeScheduleWorkflowTemplatesTaskVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -11798,32 +14040,50 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -11833,37 +14093,58 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesSecret { pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11871,7 +14152,9 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -11888,26 +14171,36 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTaskVolumesVsphereVolume { /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeScheduleWorkflowTemplatesTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeScheduleWorkflowTemplatesTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -11930,43 +14223,57 @@ pub enum WorkflowNodeScheduleWorkflowTemplatesTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeScheduleWorkflowTemplatesTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -11974,30 +14281,43 @@ pub struct WorkflowNodeScheduleWorkflowTemplatesTimeChaosSelectorExpressionSelec /// StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeStatusCheck { - /// Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration defines the duration of the whole status check if the + /// number of failed execution does not exceed the failure threshold. + /// Duration is available to both `Synchronous` and `Continuous` mode. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// FailureThreshold defines the minimum consecutive failure for the status check to be considered failed. + /// FailureThreshold defines the minimum consecutive failure + /// for the status check to be considered failed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// IntervalSeconds defines how often (in seconds) to perform an execution of status check. + /// IntervalSeconds defines how often (in seconds) to perform + /// an execution of status check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "intervalSeconds")] pub interval_seconds: Option, - /// Mode defines the execution mode of the status check. Support type: Synchronous / Continuous + /// Mode defines the execution mode of the status check. + /// Support type: Synchronous / Continuous #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// RecordsHistoryLimit defines the number of record to retain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recordsHistoryLimit")] pub records_history_limit: Option, - /// SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode. + /// SuccessThreshold defines the minimum consecutive successes + /// for the status check to be considered successful. + /// SuccessThreshold only works for `Synchronous` mode. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TimeoutSeconds defines the number of seconds after which an execution of status check times out. + /// TimeoutSeconds defines the number of seconds after which + /// an execution of status check times out. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, - /// Type defines the specific status check type. Support type: HTTP + /// Type defines the specific status check type. + /// Support type: HTTP #[serde(rename = "type")] pub r#type: WorkflowNodeStatusCheckType, } @@ -12008,8 +14328,11 @@ pub struct WorkflowNodeStatusCheckHttp { pub body: Option, /// Criteria defines how to determine the result of the status check. pub criteria: WorkflowNodeStatusCheckHttpCriteria, - /// A Header represents the key-value pairs in an HTTP header. - /// The keys should be in canonical form, as returned by CanonicalHeaderKey. + /// A Header represents the key-value pairs in an HTTP header. + /// + /// + /// The keys should be in canonical form, as returned by + /// [CanonicalHeaderKey]. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -12020,7 +14343,9 @@ pub struct WorkflowNodeStatusCheckHttp { /// Criteria defines how to determine the result of the status check. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStatusCheckHttpCriteria { - /// StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included). + /// StatusCode defines the expected http status code for the request. + /// A statusCode string could be a single code (e.g. 200), or + /// an inclusive range (e.g. 200-400, both `200` and `400` are included). #[serde(rename = "statusCode")] pub status_code: String, } @@ -12050,26 +14375,38 @@ pub enum WorkflowNodeStatusCheckType { /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -12092,48 +14429,64 @@ pub enum WorkflowNodeStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStressChaosStressors { /// CPUStressor stresses CPU out @@ -12147,29 +14500,35 @@ pub struct WorkflowNodeStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } @@ -12186,75 +14545,166 @@ pub struct WorkflowNodeTask { /// Container is the main container image to run in the pod #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainer { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -12264,7 +14714,15 @@ pub struct WorkflowNodeTaskContainer { pub struct WorkflowNodeTaskContainerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -12278,10 +14736,12 @@ pub struct WorkflowNodeTaskContainerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -12294,7 +14754,9 @@ pub struct WorkflowNodeTaskContainerEnvValueFrom { pub struct WorkflowNodeTaskContainerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -12302,7 +14764,8 @@ pub struct WorkflowNodeTaskContainerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -12313,7 +14776,8 @@ pub struct WorkflowNodeTaskContainerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -12331,7 +14795,9 @@ pub struct WorkflowNodeTaskContainerEnvValueFromResourceFieldRef { pub struct WorkflowNodeTaskContainerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -12356,7 +14822,9 @@ pub struct WorkflowNodeTaskContainerEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -12367,7 +14835,9 @@ pub struct WorkflowNodeTaskContainerEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -12375,18 +14845,33 @@ pub struct WorkflowNodeTaskContainerEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePostStart { /// Exec specifies the action to take. @@ -12395,7 +14880,9 @@ pub struct WorkflowNodeTaskContainerLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -12403,7 +14890,11 @@ pub struct WorkflowNodeTaskContainerLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -12411,7 +14902,8 @@ pub struct WorkflowNodeTaskContainerLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -12420,9 +14912,12 @@ pub struct WorkflowNodeTaskContainerLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -12430,23 +14925,36 @@ pub struct WorkflowNodeTaskContainerLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePreStop { /// Exec specifies the action to take. @@ -12455,7 +14963,9 @@ pub struct WorkflowNodeTaskContainerLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -12463,7 +14973,11 @@ pub struct WorkflowNodeTaskContainerLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -12471,7 +14985,8 @@ pub struct WorkflowNodeTaskContainerLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -12480,9 +14995,12 @@ pub struct WorkflowNodeTaskContainerLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -12490,29 +15008,38 @@ pub struct WorkflowNodeTaskContainerLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -12521,22 +15048,36 @@ pub struct WorkflowNodeTaskContainerLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -12544,7 +15085,11 @@ pub struct WorkflowNodeTaskContainerLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -12554,8 +15099,11 @@ pub struct WorkflowNodeTaskContainerLivenessProbeExec { pub struct WorkflowNodeTaskContainerLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -12563,7 +15111,8 @@ pub struct WorkflowNodeTaskContainerLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -12572,9 +15121,12 @@ pub struct WorkflowNodeTaskContainerLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -12582,7 +15134,8 @@ pub struct WorkflowNodeTaskContainerLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -12594,37 +15147,50 @@ pub struct WorkflowNodeTaskContainerLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -12633,22 +15199,36 @@ pub struct WorkflowNodeTaskContainerReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -12656,7 +15236,11 @@ pub struct WorkflowNodeTaskContainerReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -12666,8 +15250,11 @@ pub struct WorkflowNodeTaskContainerReadinessProbeExec { pub struct WorkflowNodeTaskContainerReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -12675,7 +15262,8 @@ pub struct WorkflowNodeTaskContainerReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -12684,9 +15272,12 @@ pub struct WorkflowNodeTaskContainerReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -12694,7 +15285,8 @@ pub struct WorkflowNodeTaskContainerReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -12706,33 +15298,49 @@ pub struct WorkflowNodeTaskContainerReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -12740,49 +15348,95 @@ pub struct WorkflowNodeTaskContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerSecurityContextCapabilities { /// Added capabilities @@ -12793,7 +15447,11 @@ pub struct WorkflowNodeTaskContainerSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -12810,42 +15468,71 @@ pub struct WorkflowNodeTaskContainerSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -12854,22 +15541,36 @@ pub struct WorkflowNodeTaskContainerStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -12877,7 +15578,11 @@ pub struct WorkflowNodeTaskContainerStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -12887,8 +15592,11 @@ pub struct WorkflowNodeTaskContainerStartupProbeExec { pub struct WorkflowNodeTaskContainerStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -12896,7 +15604,8 @@ pub struct WorkflowNodeTaskContainerStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -12905,9 +15614,12 @@ pub struct WorkflowNodeTaskContainerStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -12915,7 +15627,8 @@ pub struct WorkflowNodeTaskContainerStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -12927,7 +15640,9 @@ pub struct WorkflowNodeTaskContainerStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -12944,21 +15659,30 @@ pub struct WorkflowNodeTaskContainerVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskContainerVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -12966,7 +15690,9 @@ pub struct WorkflowNodeTaskContainerVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -12978,7 +15704,8 @@ pub struct WorkflowNodeTaskVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -12990,46 +15717,91 @@ pub struct WorkflowNodeTaskVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -13044,13 +15816,15 @@ pub struct WorkflowNodeTaskVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -13061,19 +15835,30 @@ pub struct WorkflowNodeTaskVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -13090,13 +15875,16 @@ pub struct WorkflowNodeTaskVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -13104,7 +15892,8 @@ pub struct WorkflowNodeTaskVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -13118,54 +15907,74 @@ pub struct WorkflowNodeTaskVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -13173,13 +15982,27 @@ pub struct WorkflowNodeTaskVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -13192,36 +16015,59 @@ pub struct WorkflowNodeTaskVolumesConfigMap { pub struct WorkflowNodeTaskVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -13229,7 +16075,14 @@ pub struct WorkflowNodeTaskVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -13243,12 +16096,18 @@ pub struct WorkflowNodeTaskVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -13264,7 +16123,8 @@ pub struct WorkflowNodeTaskVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -13277,72 +16137,190 @@ pub struct WorkflowNodeTaskVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateMetadata { } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -13350,10 +16328,19 @@ pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -13362,33 +16349,73 @@ pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -13396,7 +16423,9 @@ pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -13406,19 +16435,26 @@ pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -13426,46 +16462,65 @@ pub struct WorkflowNodeTaskVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchE /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -13473,7 +16528,8 @@ pub struct WorkflowNodeTaskVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -13481,27 +16537,46 @@ pub struct WorkflowNodeTaskVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -13511,29 +16586,47 @@ pub struct WorkflowNodeTaskVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -13542,29 +16635,39 @@ pub struct WorkflowNodeTaskVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -13572,30 +16675,41 @@ pub struct WorkflowNodeTaskVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -13603,7 +16717,9 @@ pub struct WorkflowNodeTaskVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -13614,10 +16730,13 @@ pub struct WorkflowNodeTaskVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -13628,7 +16747,12 @@ pub struct WorkflowNodeTaskVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -13656,10 +16780,18 @@ pub struct WorkflowNodeTaskVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -13672,10 +16804,18 @@ pub struct WorkflowNodeTaskVolumesProjectedSourcesConfigMap { pub struct WorkflowNodeTaskVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -13693,12 +16833,18 @@ pub struct WorkflowNodeTaskVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -13714,7 +16860,8 @@ pub struct WorkflowNodeTaskVolumesProjectedSourcesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -13730,10 +16877,18 @@ pub struct WorkflowNodeTaskVolumesProjectedSourcesDownwardApiItemsResourceFieldR /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -13746,78 +16901,124 @@ pub struct WorkflowNodeTaskVolumesProjectedSourcesSecret { pub struct WorkflowNodeTaskVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -13825,7 +17026,10 @@ pub struct WorkflowNodeTaskVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -13833,16 +17037,19 @@ pub struct WorkflowNodeTaskVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: WorkflowNodeTaskVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -13850,32 +17057,50 @@ pub struct WorkflowNodeTaskVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -13885,37 +17110,58 @@ pub struct WorkflowNodeTaskVolumesSecret { pub struct WorkflowNodeTaskVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -13923,7 +17169,9 @@ pub struct WorkflowNodeTaskVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTaskVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -13940,26 +17188,36 @@ pub struct WorkflowNodeTaskVolumesVsphereVolume { /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowNodeTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowNodeTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowNodeTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -13982,43 +17240,57 @@ pub enum WorkflowNodeTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -14043,10 +17315,13 @@ pub struct WorkflowNodeStatus { pub finished_children: Option>, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStatusActiveChildren { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -14054,7 +17329,9 @@ pub struct WorkflowNodeStatusActiveChildren { /// ChaosResource refs to the real chaos CR object. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStatusChaosResource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -14087,10 +17364,13 @@ pub struct WorkflowNodeStatusConditions { pub r#type: String, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowNodeStatusFinishedChildren { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflows.rs b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflows.rs index a409e9fdf..f60d66bbc 100644 --- a/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflows.rs +++ b/kube-custom-resources-rs/src/chaos_mesh_org/v1alpha1/workflows.rs @@ -26,7 +26,8 @@ pub struct WorkflowSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplates { - /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. Only used when Type is TypeStatusCheck. + /// AbortWithStatusCheck describe whether to abort the workflow when the failure threshold of StatusCheck is exceeded. + /// Only used when Type is TypeStatusCheck. #[serde(default, skip_serializing_if = "Option::is_none", rename = "abortWithStatusCheck")] pub abort_with_status_check: Option, /// AWSChaosSpec is the content of the specification for an AWSChaos @@ -95,12 +96,15 @@ pub struct WorkflowTemplates { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: WorkflowTemplatesAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -118,7 +122,8 @@ pub struct WorkflowTemplatesAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -137,15 +142,19 @@ pub enum WorkflowTemplatesAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: WorkflowTemplatesAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -179,9 +188,11 @@ pub enum WorkflowTemplatesAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: WorkflowTemplatesBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -190,14 +201,18 @@ pub struct WorkflowTemplatesBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -241,43 +256,57 @@ pub enum WorkflowTemplatesBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -294,17 +323,27 @@ pub struct WorkflowTemplatesConditionalBranches { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: WorkflowTemplatesDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -312,7 +351,10 @@ pub struct WorkflowTemplatesDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -344,43 +386,57 @@ pub enum WorkflowTemplatesDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -388,9 +444,12 @@ pub struct WorkflowTemplatesDnsChaosSelectorExpressionSelectors { /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: WorkflowTemplatesGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -429,7 +488,11 @@ pub struct WorkflowTemplatesHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -438,7 +501,8 @@ pub struct WorkflowTemplatesHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -455,20 +519,26 @@ pub struct WorkflowTemplatesHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesHttpChaosSelector, /// Target is the object to be selected and injected. pub target: WorkflowTemplatesHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -493,10 +563,12 @@ pub struct WorkflowTemplatesHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -520,7 +592,8 @@ pub struct WorkflowTemplatesHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -529,7 +602,8 @@ pub struct WorkflowTemplatesHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -537,43 +611,57 @@ pub struct WorkflowTemplatesHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -584,7 +672,8 @@ pub enum WorkflowTemplatesHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -607,35 +696,50 @@ pub struct WorkflowTemplatesHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: WorkflowTemplatesIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -643,7 +747,10 @@ pub struct WorkflowTemplatesIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -759,43 +866,57 @@ pub enum WorkflowTemplatesIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -803,27 +924,32 @@ pub struct WorkflowTemplatesIoChaosSelectorExpressionSelectors { /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: WorkflowTemplatesJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -832,7 +958,8 @@ pub struct WorkflowTemplatesJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -849,18 +976,27 @@ pub struct WorkflowTemplatesJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -902,43 +1038,57 @@ pub enum WorkflowTemplatesJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -946,7 +1096,8 @@ pub struct WorkflowTemplatesJvmChaosSelectorExpressionSelectors { /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -955,14 +1106,18 @@ pub struct WorkflowTemplatesKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: WorkflowTemplatesKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -970,15 +1125,34 @@ pub struct WorkflowTemplatesKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -992,10 +1166,15 @@ pub struct WorkflowTemplatesKernelChaosFailKernRequestCallchain { /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -1018,43 +1197,57 @@ pub enum WorkflowTemplatesKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1062,7 +1255,9 @@ pub struct WorkflowTemplatesKernelChaosSelectorExpressionSelectors { /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: WorkflowTemplatesNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1091,7 +1286,8 @@ pub struct WorkflowTemplatesNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1107,7 +1303,10 @@ pub struct WorkflowTemplatesNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1138,10 +1337,16 @@ pub struct WorkflowTemplatesNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -1230,43 +1435,57 @@ pub struct WorkflowTemplatesNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1274,11 +1493,15 @@ pub struct WorkflowTemplatesNetworkChaosSelectorExpressionSelectors { /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1301,43 +1524,57 @@ pub enum WorkflowTemplatesNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1347,7 +1584,8 @@ pub struct WorkflowTemplatesNetworkChaosTargetSelectorExpressionSelectors { pub struct WorkflowTemplatesPhysicalmachineChaos { /// the subAction, generate automatically pub action: WorkflowTemplatesPhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1402,7 +1640,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesPhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -1449,7 +1688,10 @@ pub struct WorkflowTemplatesPhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1541,7 +1783,9 @@ pub enum WorkflowTemplatesPhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -1557,36 +1801,42 @@ pub struct WorkflowTemplatesPhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -1773,13 +2023,16 @@ pub struct WorkflowTemplatesPhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -1791,10 +2044,13 @@ pub struct WorkflowTemplatesPhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -1956,7 +2212,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -1971,14 +2228,16 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -1987,7 +2246,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2005,7 +2265,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -2041,7 +2302,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkDuplicate { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2056,7 +2318,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkDuplicate { /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -2086,7 +2349,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -2101,20 +2365,24 @@ pub struct WorkflowTemplatesPhysicalmachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -2230,34 +2498,45 @@ pub struct WorkflowTemplatesPhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2280,7 +2559,8 @@ pub struct WorkflowTemplatesPhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -2305,25 +2585,38 @@ pub struct WorkflowTemplatesPhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesPodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: WorkflowTemplatesPodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesPodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesPodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2357,43 +2650,57 @@ pub enum WorkflowTemplatesPodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesPodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2456,12 +2763,15 @@ pub struct WorkflowTemplatesSchedule { /// AWSChaosSpec is the content of the specification for an AWSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleAwsChaos { - /// Action defines the specific aws chaos action. Supported action: ec2-stop / ec2-restart / detach-volume Default action: ec2-stop + /// Action defines the specific aws chaos action. + /// Supported action: ec2-stop / ec2-restart / detach-volume + /// Default action: ec2-stop pub action: WorkflowTemplatesScheduleAwsChaosAction, /// AWSRegion defines the region of aws. #[serde(rename = "awsRegion")] pub aws_region: String, - /// DeviceName indicates the name of the device. Needed in detach-volume. + /// DeviceName indicates the name of the device. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceName")] pub device_name: Option, /// Duration represents the duration of the chaos action. @@ -2479,7 +2789,8 @@ pub struct WorkflowTemplatesScheduleAwsChaos { /// SecretName defines the name of kubernetes secret. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, - /// EbsVolume indicates the ID of the EBS volume. Needed in detach-volume. + /// EbsVolume indicates the ID of the EBS volume. + /// Needed in detach-volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeID")] pub volume_id: Option, } @@ -2498,15 +2809,19 @@ pub enum WorkflowTemplatesScheduleAwsChaosAction { /// AzureChaosSpec is the content of the specification for an AzureChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleAzureChaos { - /// Action defines the specific azure chaos action. Supported action: vm-stop / vm-restart / disk-detach Default action: vm-stop + /// Action defines the specific azure chaos action. + /// Supported action: vm-stop / vm-restart / disk-detach + /// Default action: vm-stop pub action: WorkflowTemplatesScheduleAzureChaosAction, - /// DiskName indicates the name of the disk. Needed in disk-detach. + /// DiskName indicates the name of the disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskName")] pub disk_name: Option, /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// LUN indicates the Logical Unit Number of the data disk. Needed in disk-detach. + /// LUN indicates the Logical Unit Number of the data disk. + /// Needed in disk-detach. #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -2540,9 +2855,11 @@ pub enum WorkflowTemplatesScheduleAzureChaosAction { /// BlockChaosSpec is the content of the specification for a BlockChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleBlockChaos { - /// Action defines the specific block chaos action. Supported action: delay + /// Action defines the specific block chaos action. + /// Supported action: delay pub action: WorkflowTemplatesScheduleBlockChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Delay defines the delay distribution. @@ -2551,14 +2868,18 @@ pub struct WorkflowTemplatesScheduleBlockChaos { /// Duration represents the duration of the chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleBlockChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleBlockChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(rename = "volumeName")] @@ -2602,43 +2923,57 @@ pub enum WorkflowTemplatesScheduleBlockChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleBlockChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleBlockChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2653,17 +2988,27 @@ pub enum WorkflowTemplatesScheduleConcurrencyPolicy { /// DNSChaosSpec defines the desired state of DNSChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleDnsChaos { - /// Action defines the specific DNS chaos action. Supported action: error, random Default action: error + /// Action defines the specific DNS chaos action. + /// Supported action: error, random + /// Default action: error pub action: WorkflowTemplatesScheduleDnsChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleDnsChaosMode, - /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. Note: 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. 2. if the patterns is empty, will take effect on all the domain names. For example: The value is ["google.com", "github.*", "chaos-mes?.org"], will take effect on "google.com", "github.com" and "chaos-mesh.org" + /// Choose which domain names to take effect, support the placeholder ? and wildcard *, or the Specified domain name. + /// Note: + /// 1. The wildcard * must be at the end of the string. For example, chaos-*.org is invalid. + /// 2. if the patterns is empty, will take effect on all the domain names. + /// For example: + /// The value is ["google.com", "github.*", "chaos-mes?.org"], + /// will take effect on "google.com", "github.com" and "chaos-mesh.org" #[serde(default, skip_serializing_if = "Option::is_none")] pub patterns: Option>, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -2671,7 +3016,10 @@ pub struct WorkflowTemplatesScheduleDnsChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleDnsChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2703,43 +3051,57 @@ pub enum WorkflowTemplatesScheduleDnsChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleDnsChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleDnsChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2747,9 +3109,12 @@ pub struct WorkflowTemplatesScheduleDnsChaosSelectorExpressionSelectors { /// GCPChaosSpec is the content of the specification for a GCPChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleGcpChaos { - /// Action defines the specific gcp chaos action. Supported action: node-stop / node-reset / disk-loss Default action: node-stop + /// Action defines the specific gcp chaos action. + /// Supported action: node-stop / node-reset / disk-loss + /// Default action: node-stop pub action: WorkflowTemplatesScheduleGcpChaosAction, - /// The device name of disks to detach. Needed in disk-loss. + /// The device name of disks to detach. + /// Needed in disk-loss. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceNames")] pub device_names: Option>, /// Duration represents the duration of the chaos action. @@ -2788,7 +3153,11 @@ pub struct WorkflowTemplatesScheduleHttpChaos { /// Code is a rule to select target by http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Delay represents the delay of the target request/response. A duration string is a possibly unsigned sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay represents the delay of the target request/response. + /// A duration string is a possibly unsigned sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, /// Duration represents the duration of the chaos action. @@ -2797,7 +3166,8 @@ pub struct WorkflowTemplatesScheduleHttpChaos { /// Method is a rule to select target by http method in request. #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleHttpChaosMode, /// Patch is a rule to patch some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2814,20 +3184,26 @@ pub struct WorkflowTemplatesScheduleHttpChaos { /// Replace is a rule to replace some contents in target. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace: Option, - /// RequestHeaders is a rule to select target by http headers in request. The key-value pairs represent header name and header value pairs. + /// RequestHeaders is a rule to select target by http headers in request. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_headers: Option>, - /// ResponseHeaders is a rule to select target by http headers in response. The key-value pairs represent header name and header value pairs. + /// ResponseHeaders is a rule to select target by http headers in response. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub response_headers: Option>, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleHttpChaosSelector, /// Target is the object to be selected and injected. pub target: WorkflowTemplatesScheduleHttpChaosTarget, - /// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied + /// TLS is the tls config, + /// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2852,10 +3228,12 @@ pub struct WorkflowTemplatesScheduleHttpChaosPatch { /// Body is a rule to patch message body of target. #[serde(default, skip_serializing_if = "Option::is_none")] pub body: Option, - /// Headers is a rule to append http headers of target. For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. + /// Headers is a rule to append http headers of target. + /// For example: `[["Set-Cookie", ""], ["Set-Cookie", ""]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Queries is a rule to append uri queries of target(Request only). For example: `[["foo", "bar"], ["foo", "unknown"]]`. + /// Queries is a rule to append uri queries of target(Request only). + /// For example: `[["foo", "bar"], ["foo", "unknown"]]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -2879,7 +3257,8 @@ pub struct WorkflowTemplatesScheduleHttpChaosReplace { /// Code is a rule to replace http status code in response. #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, - /// Headers is a rule to replace http headers of target. The key-value pairs represent header name and header value pairs. + /// Headers is a rule to replace http headers of target. + /// The key-value pairs represent header name and header value pairs. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, /// Method is a rule to replace http method in request. @@ -2888,7 +3267,8 @@ pub struct WorkflowTemplatesScheduleHttpChaosReplace { /// Path is rule to to replace uri path in http request. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Queries is a rule to replace uri queries in http request. For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, + /// Queries is a rule to replace uri queries in http request. + /// For example, with value `{ "foo": "unknown" }`, the `/?foo=bar` will be altered to `/?foo=unknown`, #[serde(default, skip_serializing_if = "Option::is_none")] pub queries: Option>, } @@ -2896,43 +3276,57 @@ pub struct WorkflowTemplatesScheduleHttpChaosReplace { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleHttpChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleHttpChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2943,7 +3337,8 @@ pub enum WorkflowTemplatesScheduleHttpChaosTarget { Response, } -/// TLS is the tls config, will override PodHttpChaos if there are multiple HTTPChaos experiments are applied +/// TLS is the tls config, +/// will override PodHttpChaos if there are multiple HTTPChaos experiments are applied #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleHttpChaosTls { /// CAName represents the data name of ca file in secret, `ca.crt` for example @@ -2966,35 +3361,50 @@ pub struct WorkflowTemplatesScheduleHttpChaosTls { /// IOChaosSpec defines the desired state of IOChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleIoChaos { - /// Action defines the specific pod chaos action. Supported action: latency / fault / attrOverride / mistake + /// Action defines the specific pod chaos action. + /// Supported action: latency / fault / attrOverride / mistake pub action: WorkflowTemplatesScheduleIoChaosAction, /// Attr defines the overrided attribution #[serde(default, skip_serializing_if = "Option::is_none")] pub attr: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Delay defines the value of I/O chaos action delay. A delay string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Delay defines the value of I/O chaos action delay. + /// A delay string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Errno defines the error code that returned by I/O action. refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html + /// Errno defines the error code that returned by I/O action. + /// refer to: https://www-numi.fnal.gov/offline_software/srt_public_context/WebDocs/Errors/unix_system_errors.html #[serde(default, skip_serializing_if = "Option::is_none")] pub errno: Option, - /// Methods defines the I/O methods for injecting I/O chaos action. default: all I/O methods. + /// Methods defines the I/O methods for injecting I/O chaos action. + /// default: all I/O methods. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, /// Mistake defines what types of incorrectness are injected to IO operations #[serde(default, skip_serializing_if = "Option::is_none")] pub mistake: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleIoChaosMode, /// Path defines the path of files for injecting I/O chaos action. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Percent defines the percentage of injection errors and provides a number from 0-100. default: 100. + /// Percent defines the percentage of injection errors and provides a number from 0-100. + /// default: 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, /// RemoteCluster represents the remote cluster where the chaos will be deployed @@ -3002,7 +3412,10 @@ pub struct WorkflowTemplatesScheduleIoChaos { pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleIoChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// VolumePath represents the mount path of injected volume @@ -3118,43 +3531,57 @@ pub enum WorkflowTemplatesScheduleIoChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleIoChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleIoChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3162,27 +3589,32 @@ pub struct WorkflowTemplatesScheduleIoChaosSelectorExpressionSelectors { /// JVMChaosSpec defines the desired state of JVMChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleJvmChaos { - /// Action defines the specific jvm chaos action. Supported action: latency;return;exception;stress;gc;ruleData + /// Action defines the specific jvm chaos action. + /// Supported action: latency;return;exception;stress;gc;ruleData pub action: WorkflowTemplatesScheduleJvmChaosAction, /// Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub class: Option, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// the CPU core number needs to use, only set it when action is stress #[serde(default, skip_serializing_if = "Option::is_none", rename = "cpuCount")] pub cpu_count: Option, - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// the exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// the exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// the latency duration for action 'latency', unit ms or the latency duration in action `mysql` + /// the latency duration for action 'latency', unit ms + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the memory type needs to locate, only set it when action is stress, the value can be 'stack' or 'heap' @@ -3191,7 +3623,8 @@ pub struct WorkflowTemplatesScheduleJvmChaos { /// the method in Java class #[serde(default, skip_serializing_if = "Option::is_none")] pub method: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleJvmChaosMode, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now #[serde(default, skip_serializing_if = "Option::is_none", rename = "mysqlConnectorVersion")] @@ -3208,18 +3641,27 @@ pub struct WorkflowTemplatesScheduleJvmChaos { /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, + /// the return value for action 'return' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "returnValue")] + pub return_value: Option, /// the byteman rule's data for action 'ruleData' #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleData")] pub rule_data: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleJvmChaosSelector, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3261,43 +3703,57 @@ pub enum WorkflowTemplatesScheduleJvmChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleJvmChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleJvmChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3305,7 +3761,8 @@ pub struct WorkflowTemplatesScheduleJvmChaosSelectorExpressionSelectors { /// KernelChaosSpec defines the desired state of KernelChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleKernelChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action @@ -3314,14 +3771,18 @@ pub struct WorkflowTemplatesScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[serde(rename = "failKernRequest")] pub fail_kern_request: WorkflowTemplatesScheduleKernelChaosFailKernRequest, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleKernelChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleKernelChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3329,15 +3790,34 @@ pub struct WorkflowTemplatesScheduleKernelChaos { /// FailKernRequest defines the request of kernel injection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleKernelChaosFailKernRequest { - /// Callchain indicate a special call chain, such as: ext4_mount -> mount_subtree -> ... -> should_failslab With an optional set of predicates and an optional set of parameters, which used with predicates. You can read call chan and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples to learn more. If no special call chain, just keep Callchain empty, which means it will fail at any call chain with slab alloc (eg: kmalloc). + /// Callchain indicate a special call chain, such as: + /// ext4_mount + /// -> mount_subtree + /// -> ... + /// -> should_failslab + /// With an optional set of predicates and an optional set of + /// parameters, which used with predicates. You can read call chan + /// and predicate examples from https://github.com/chaos-mesh/bpfki/tree/develop/examples + /// to learn more. + /// If no special call chain, just keep Callchain empty, which means it will fail at any call chain + /// with slab alloc (eg: kmalloc). #[serde(default, skip_serializing_if = "Option::is_none")] pub callchain: Option>, - /// FailType indicates what to fail, can be set to '0' / '1' / '2' If `0`, indicates slab to fail (should_failslab) If `1`, indicates alloc_page to fail (should_fail_alloc_page) If `2`, indicates bio to fail (should_fail_bio) You can read: 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt to learn more + /// FailType indicates what to fail, can be set to '0' / '1' / '2' + /// If `0`, indicates slab to fail (should_failslab) + /// If `1`, indicates alloc_page to fail (should_fail_alloc_page) + /// If `2`, indicates bio to fail (should_fail_bio) + /// You can read: + /// 1. https://www.kernel.org/doc/html/latest/fault-injection/fault-injection.html + /// 2. http://github.com/iovisor/bcc/blob/master/tools/inject_example.txt + /// to learn more pub failtype: i32, - /// Headers indicates the appropriate kernel headers you need. Eg: "linux/mmzone.h", "linux/blkdev.h" and so on + /// Headers indicates the appropriate kernel headers you need. + /// Eg: "linux/mmzone.h", "linux/blkdev.h" and so on #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, - /// Probability indicates the fails with probability. If you want 1%, please set this field with 1. + /// Probability indicates the fails with probability. + /// If you want 1%, please set this field with 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub probability: Option, /// Times indicates the max times of fails. @@ -3351,10 +3831,15 @@ pub struct WorkflowTemplatesScheduleKernelChaosFailKernRequestCallchain { /// Funcname can be find from kernel source or `/proc/kallsyms`, such as `ext4_mount` #[serde(default, skip_serializing_if = "Option::is_none")] pub funcname: Option, - /// Parameters is used with predicate, for example, if you want to inject slab error in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` otherwise omit it. + /// Parameters is used with predicate, for example, if you want to inject slab error + /// in `d_alloc_parallel(struct dentry *parent, const struct qstr *name)` with a special + /// name `bananas`, you need to set it to `struct dentry *parent, const struct qstr *name` + /// otherwise omit it. #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option, - /// Predicate will access the arguments of this Frame, example with Parameters's, you can set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it to inject for all d_alloc_parallel call chain. + /// Predicate will access the arguments of this Frame, example with Parameters's, you can + /// set it to `STRNCMP(name->name, "bananas", 8)` to make inject only with it, or omit it + /// to inject for all d_alloc_parallel call chain. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, } @@ -3377,43 +3862,57 @@ pub enum WorkflowTemplatesScheduleKernelChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleKernelChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleKernelChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3421,7 +3920,9 @@ pub struct WorkflowTemplatesScheduleKernelChaosSelectorExpressionSelectors { /// NetworkChaosSpec defines the desired state of NetworkChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleNetworkChaos { - /// Action defines the specific network chaos action. Supported action: partition, netem, delay, loss, duplicate, corrupt Default action: delay + /// Action defines the specific network chaos action. + /// Supported action: partition, netem, delay, loss, duplicate, corrupt + /// Default action: delay pub action: WorkflowTemplatesScheduleNetworkChaosAction, /// Bandwidth represents the detail about bandwidth control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3450,7 +3951,8 @@ pub struct WorkflowTemplatesScheduleNetworkChaos { /// Loss represents the detail about loss action #[serde(default, skip_serializing_if = "Option::is_none")] pub loss: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleNetworkChaosMode, /// Rate represents the detail about rate control action #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3466,7 +3968,10 @@ pub struct WorkflowTemplatesScheduleNetworkChaos { /// TargetDevice represents the network device to be affected in target scope. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetDevice")] pub target_device: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3497,10 +4002,16 @@ pub struct WorkflowTemplatesScheduleNetworkChaosBandwidth { pub buffer: i32, /// Limit is the number of bytes that can be queued waiting for tokens to become available. pub limit: i32, - /// Minburst specifies the size of the peakrate bucket. For perfect accuracy, should be set to the MTU of the interface. If a peakrate is needed, but some burstiness is acceptable, this size can be raised. A 3000 byte minburst allows around 3mbit/s of peakrate, given 1000 byte packets. + /// Minburst specifies the size of the peakrate bucket. For perfect + /// accuracy, should be set to the MTU of the interface. If a + /// peakrate is needed, but some burstiness is acceptable, this + /// size can be raised. A 3000 byte minburst allows around 3mbit/s + /// of peakrate, given 1000 byte packets. #[serde(default, skip_serializing_if = "Option::is_none")] pub minburst: Option, - /// Peakrate is the maximum depletion rate of the bucket. The peakrate does not need to be set, it is only necessary if perfect millisecond timescale shaping is required. + /// Peakrate is the maximum depletion rate of the bucket. + /// The peakrate does not need to be set, it is only necessary + /// if perfect millisecond timescale shaping is required. #[serde(default, skip_serializing_if = "Option::is_none")] pub peakrate: Option, /// Rate is the speed knob. Allows bit, kbit, mbit, gbit, tbit, bps, kbps, mbps, gbps, tbps unit. bps means bytes per second. @@ -3589,43 +4100,57 @@ pub struct WorkflowTemplatesScheduleNetworkChaosRate { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleNetworkChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleNetworkChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3633,11 +4158,15 @@ pub struct WorkflowTemplatesScheduleNetworkChaosSelectorExpressionSelectors { /// Target represents network target, this applies on netem and network partition action #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleNetworkChaosTarget { - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleNetworkChaosTargetMode, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleNetworkChaosTargetSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3660,43 +4189,57 @@ pub enum WorkflowTemplatesScheduleNetworkChaosTargetMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleNetworkChaosTargetSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleNetworkChaosTargetSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3706,7 +4249,8 @@ pub struct WorkflowTemplatesScheduleNetworkChaosTargetSelectorExpressionSelector pub struct WorkflowTemplatesSchedulePhysicalmachineChaos { /// the subAction, generate automatically pub action: WorkflowTemplatesSchedulePhysicalmachineChaosAction, - /// DEPRECATED: Use Selector instead. Only one of Address and Selector could be specified. + /// DEPRECATED: Use Selector instead. + /// Only one of Address and Selector could be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3761,7 +4305,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaos { pub kafka_flood: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kafka-io")] pub kafka_io: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesSchedulePhysicalmachineChaosMode, #[serde(default, skip_serializing_if = "Option::is_none", rename = "network-bandwidth")] pub network_bandwidth: Option, @@ -3808,7 +4353,10 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaos { pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub user_defined: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of physical machines to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of physical machines to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of physical machines the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3900,7 +4448,9 @@ pub enum WorkflowTemplatesSchedulePhysicalmachineChaosAction { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosClock { - /// the identifier of the particular clock on which to act. More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. Muti clock ids should be split with "," + /// the identifier of the particular clock on which to act. + /// More clock description in linux kernel can be found in man page of clock_getres, clock_gettime, clock_settime. + /// Muti clock ids should be split with "," #[serde(default, skip_serializing_if = "Option::is_none", rename = "clock-ids-slice")] pub clock_ids_slice: Option, /// the pid of target program. @@ -3916,36 +4466,42 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosDiskFill { /// fill disk by fallocate #[serde(default, skip_serializing_if = "Option::is_none", rename = "fill-by-fallocate")] pub fill_by_fallocate: Option, - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosDiskReadPayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosDiskWritePayload { - /// specifies the location to fill data in. if path not provided, payload will read/write from/into a temp file, temp file will be deleted after writing + /// specifies the location to fill data in. if path not provided, + /// payload will read/write from/into a temp file, temp file will be deleted after writing #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// specifies the number of process work on writing, default 1, only 1-255 is valid value #[serde(default, skip_serializing_if = "Option::is_none", rename = "payload-process-num")] pub payload_process_num: Option, - /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB + /// specifies how many units of data will write into the file path. support unit: c=1, w=2, b=512, kB=1000, + /// K=1024, MB=1000*1000, M=1024*1024, GB=1000*1000*1000, G=1024*1024*1024 BYTES. example : 1M | 512kB #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -4132,13 +4688,16 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosJvmLatency { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosJvmMysql { - /// the match database default value is "", means match all database + /// the match database + /// default value is "", means match all database #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// The exception which needs to throw for action `exception` or the exception message needs to throw in action `mysql` + /// The exception which needs to throw for action `exception` + /// or the exception message needs to throw in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub exception: Option, - /// The latency duration for action 'latency' or the latency duration in action `mysql` + /// The latency duration for action 'latency' + /// or the latency duration in action `mysql` #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, /// the version of mysql-connector-java, only support 5.X.X(set to "5") and 8.X.X(set to "8") now @@ -4150,10 +4709,13 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosJvmMysql { /// the port of agent server, default 9277 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, - /// the match sql type default value is "", means match all SQL type. The value can be 'select', 'insert', 'update', 'delete', 'replace'. + /// the match sql type + /// default value is "", means match all SQL type. + /// The value can be 'select', 'insert', 'update', 'delete', 'replace'. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqlType")] pub sql_type: Option, - /// the match table default value is "", means match all table + /// the match table + /// default value is "", means match all table #[serde(default, skip_serializing_if = "Option::is_none")] pub table: Option, } @@ -4315,7 +4877,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkCorrupt { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4330,14 +4893,16 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkCorrupt { /// percentage of packets to corrupt (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkDelay { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// correlation is percentage (10 is 10%) @@ -4346,7 +4911,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkDelay { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4364,7 +4930,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkDelay { /// delay egress time, time units: ns, us (or µs), ms, s, m, h. #[serde(default, skip_serializing_if = "Option::is_none")] pub latency: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -4400,7 +4967,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkDuplicate { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4415,7 +4983,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkDuplicate { /// percentage of packets to duplicate (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } @@ -4445,7 +5014,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkLoss { /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "egress-port")] pub egress_port: Option, /// only impact traffic to these hostnames @@ -4460,20 +5030,24 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkLoss { /// percentage of packets to loss (10 is 10%) #[serde(default, skip_serializing_if = "Option::is_none")] pub percent: Option, - /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. it can only be used in conjunction with -p tcp or -p udp + /// only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. + /// it can only be used in conjunction with -p tcp or -p udp #[serde(default, skip_serializing_if = "Option::is_none", rename = "source-port")] pub source_port: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosNetworkPartition { - /// only the packet which match the tcp flag can be accepted, others will be dropped. only set when the IPProtocol is tcp, used for partition. + /// only the packet which match the tcp flag can be accepted, others will be dropped. + /// only set when the IPProtocol is tcp, used for partition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accept-tcp-flags")] pub accept_tcp_flags: Option, /// the network interface to impact #[serde(default, skip_serializing_if = "Option::is_none")] pub device: Option, - /// specifies the partition direction, values can be 'from', 'to'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. + /// specifies the partition direction, values can be 'from', 'to'. + /// 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, + /// 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// only impact traffic to these hostnames @@ -4589,34 +5163,45 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosRedisStop { /// Selector is used to select physical machines that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. The key defines the namespace which physical machine belong, and each value is a set of physical machine names. + /// PhysicalMachines is a map of string keys and a set values that used to select physical machines. + /// The key defines the namespace which physical machine belong, + /// and each value is a set of physical machine names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "physicalMachines")] pub physical_machines: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePhysicalmachineChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4639,7 +5224,8 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosStressMem { /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. + /// specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB.. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, } @@ -4664,25 +5250,38 @@ pub struct WorkflowTemplatesSchedulePhysicalmachineChaosVm { /// PodChaosSpec defines the attributes that a user creates on a chaos experiment about pods. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesSchedulePodChaos { - /// Action defines the specific pod chaos action. Supported action: pod-kill / pod-failure / container-kill Default action: pod-kill + /// Action defines the specific pod chaos action. + /// Supported action: pod-kill / pod-failure / container-kill + /// Default action: pod-kill pub action: WorkflowTemplatesSchedulePodChaosAction, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, - /// Duration represents the duration of the chaos action. It is required when the action is `PodFailureAction`. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration represents the duration of the chaos action. + /// It is required when the action is `PodFailureAction`. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. Value must be non-negative integer. The default value is zero that indicates delete immediately. + /// GracePeriod is used in pod-kill action. It represents the duration in seconds before the pod should be deleted. + /// Value must be non-negative integer. The default value is zero that indicates delete immediately. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesSchedulePodChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesSchedulePodChaosSelector, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4716,43 +5315,57 @@ pub enum WorkflowTemplatesSchedulePodChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePodChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesSchedulePodChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4760,26 +5373,38 @@ pub struct WorkflowTemplatesSchedulePodChaosSelectorExpressionSelectors { /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4802,48 +5427,64 @@ pub enum WorkflowTemplatesScheduleStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleStressChaosStressors { /// CPUStressor stresses CPU out @@ -4857,55 +5498,71 @@ pub struct WorkflowTemplatesScheduleStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesScheduleTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesScheduleTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesScheduleTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -4928,43 +5585,57 @@ pub enum WorkflowTemplatesScheduleTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesScheduleTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4972,30 +5643,43 @@ pub struct WorkflowTemplatesScheduleTimeChaosSelectorExpressionSelectors { /// StatusCheck describe the behavior of StatusCheck. Only used when Type is TypeStatusCheck. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesStatusCheck { - /// Duration defines the duration of the whole status check if the number of failed execution does not exceed the failure threshold. Duration is available to both `Synchronous` and `Continuous` mode. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// Duration defines the duration of the whole status check if the + /// number of failed execution does not exceed the failure threshold. + /// Duration is available to both `Synchronous` and `Continuous` mode. + /// A duration string is a possibly signed sequence of + /// decimal numbers, each with optional fraction and a unit suffix, + /// such as "300ms", "-1.5h" or "2h45m". + /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// FailureThreshold defines the minimum consecutive failure for the status check to be considered failed. + /// FailureThreshold defines the minimum consecutive failure + /// for the status check to be considered failed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, - /// IntervalSeconds defines how often (in seconds) to perform an execution of status check. + /// IntervalSeconds defines how often (in seconds) to perform + /// an execution of status check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "intervalSeconds")] pub interval_seconds: Option, - /// Mode defines the execution mode of the status check. Support type: Synchronous / Continuous + /// Mode defines the execution mode of the status check. + /// Support type: Synchronous / Continuous #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// RecordsHistoryLimit defines the number of record to retain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recordsHistoryLimit")] pub records_history_limit: Option, - /// SuccessThreshold defines the minimum consecutive successes for the status check to be considered successful. SuccessThreshold only works for `Synchronous` mode. + /// SuccessThreshold defines the minimum consecutive successes + /// for the status check to be considered successful. + /// SuccessThreshold only works for `Synchronous` mode. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TimeoutSeconds defines the number of seconds after which an execution of status check times out. + /// TimeoutSeconds defines the number of seconds after which + /// an execution of status check times out. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, - /// Type defines the specific status check type. Support type: HTTP + /// Type defines the specific status check type. + /// Support type: HTTP #[serde(rename = "type")] pub r#type: WorkflowTemplatesStatusCheckType, } @@ -5006,8 +5690,11 @@ pub struct WorkflowTemplatesStatusCheckHttp { pub body: Option, /// Criteria defines how to determine the result of the status check. pub criteria: WorkflowTemplatesStatusCheckHttpCriteria, - /// A Header represents the key-value pairs in an HTTP header. - /// The keys should be in canonical form, as returned by CanonicalHeaderKey. + /// A Header represents the key-value pairs in an HTTP header. + /// + /// + /// The keys should be in canonical form, as returned by + /// [CanonicalHeaderKey]. #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5018,7 +5705,9 @@ pub struct WorkflowTemplatesStatusCheckHttp { /// Criteria defines how to determine the result of the status check. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesStatusCheckHttpCriteria { - /// StatusCode defines the expected http status code for the request. A statusCode string could be a single code (e.g. 200), or an inclusive range (e.g. 200-400, both `200` and `400` are included). + /// StatusCode defines the expected http status code for the request. + /// A statusCode string could be a single code (e.g. 200), or + /// an inclusive range (e.g. 200-400, both `200` and `400` are included). #[serde(rename = "statusCode")] pub status_code: String, } @@ -5048,26 +5737,38 @@ pub enum WorkflowTemplatesStatusCheckType { /// StressChaosSpec defines the desired state of StressChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesStressChaos { - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesStressChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesStressChaosSelector, - /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, however not all of the supported stressors are well tested. It maybe retired in later releases. You should always use `Stressors` to define the stressors and use this only when you want more stressors unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` wins. + /// StressngStressors defines plenty of stressors just like `Stressors` except that it's an experimental + /// feature and more powerful. You can define stressors in `stress-ng` (see also `man stress-ng`) dialect, + /// however not all of the supported stressors are well tested. It maybe retired in later releases. You + /// should always use `Stressors` to define the stressors and use this only when you want more stressors + /// unsupported by `Stressors`. When both `StressngStressors` and `Stressors` are defined, `StressngStressors` + /// wins. #[serde(default, skip_serializing_if = "Option::is_none", rename = "stressngStressors")] pub stressng_stressors: Option, - /// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. + /// Stressors defines plenty of stressors supported to stress system components out. + /// You can use one or more of them to make up various kinds of stresses. At least + /// one of the stressors should be specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub stressors: Option, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5090,48 +5791,64 @@ pub enum WorkflowTemplatesStressChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesStressChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesStressChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Stressors defines plenty of stressors supported to stress system components out. You can use one or more of them to make up various kinds of stresses. At least one of the stressors should be specified. +/// Stressors defines plenty of stressors supported to stress system components out. +/// You can use one or more of them to make up various kinds of stresses. At least +/// one of the stressors should be specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesStressChaosStressors { /// CPUStressor stresses CPU out @@ -5145,29 +5862,35 @@ pub struct WorkflowTemplatesStressChaosStressors { /// CPUStressor stresses CPU out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesStressChaosStressorsCpu { - /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 is full loading. + /// Load specifies P percent loading per CPU worker. 0 is effectively a sleep (no load) and 100 + /// is full loading. #[serde(default, skip_serializing_if = "Option::is_none")] pub load: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } /// MemoryStressor stresses virtual memory out #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesStressChaosStressorsMemory { - /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more about this option. + /// OOMScoreAdj sets the oom_score_adj of the stress process. See `man 5 proc` to know more + /// about this option. #[serde(default, skip_serializing_if = "Option::is_none", rename = "oomScoreAdj")] pub oom_score_adj: Option, /// extend stress-ng options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// Size specifies N bytes consumed per vm worker, default is the total available memory. One can specify the size as % of total available memory or in units of B, KB/KiB, MB/MiB, GB/GiB, TB/TiB. + /// Size specifies N bytes consumed per vm worker, default is the total available memory. + /// One can specify the size as % of total available memory or in units of B, KB/KiB, + /// MB/MiB, GB/GiB, TB/TiB. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// Workers specifies N workers to apply the stressor. Maximum 8192 workers can run by stress-ng + /// Workers specifies N workers to apply the stressor. + /// Maximum 8192 workers can run by stress-ng pub workers: i64, } @@ -5185,75 +5908,166 @@ pub struct WorkflowTemplatesTask { /// Container is the main container image to run in the pod #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainer { - /// Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Arguments to the entrypoint. + /// The container image's CMD is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, - /// Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + /// Entrypoint array. Not executed within a shell. + /// The container image's ENTRYPOINT is used if this is not provided. + /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + /// of whether the variable exists or not. Cannot be updated. + /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, - /// List of environment variables to set in the container. Cannot be updated. + /// List of environment variables to set in the container. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. + /// List of sources to populate environment variables in the container. + /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys + /// will be reported as an event when the container is starting. When a key exists in multiple + /// sources, the value associated with the last source will take precedence. + /// Values defined by an Env with a duplicate key will take precedence. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. + /// Container image name. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + /// Image pull policy. + /// One of Always, Never, IfNotPresent. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. Cannot be updated. + /// Actions that the management system should take in response to container lifecycle events. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container liveness. + /// Container will be restarted if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. + /// Name of the container specified as a DNS_LABEL. + /// Each container in a pod must have a unique name (DNS_LABEL). + /// Cannot be updated. pub name: String, - /// List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. + /// List of ports to expose from the container. Not specifying a port here + /// DOES NOT prevent that port from being exposed. Any port which is + /// listening on the default "0.0.0.0" address inside a container will be + /// accessible from the network. + /// Modifying this array with strategic merge patch may corrupt the data. + /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Periodic probe of container service readiness. + /// Container will be removed from service endpoints if the probe fails. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Resources resize policy for the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] pub resize_policy: Option>, - /// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Compute Resources required by this container. + /// Cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed. + /// RestartPolicy defines the restart behavior of individual containers in a pod. + /// This field may only be set for init containers, and the only allowed value is "Always". + /// For non-init containers or when this field is not specified, + /// the restart behavior is defined by the Pod's restart policy and the container type. + /// Setting the RestartPolicy as "Always" for the init container will have the following effect: + /// this init container will be continually restarted on + /// exit until all regular containers have terminated. Once all regular + /// containers have completed, all init containers with restartPolicy "Always" + /// will be shut down. This lifecycle differs from normal init containers and + /// is often referred to as a "sidecar" container. Although this init + /// container still starts in the init container sequence, it does not wait + /// for the container to complete before proceeding to the next init + /// container. Instead, the next init container starts immediately after this + /// init container is started, or after any startupProbe has successfully + /// completed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + /// SecurityContext defines the security options the container should be run with. + /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// StartupProbe indicates that the Pod has successfully initialized. + /// If specified, no other probes are executed until this completes successfully. + /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + /// when it might take a long time to load data or warm a cache, than during steady-state operation. + /// This cannot be updated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. + /// Whether this container should allocate a buffer for stdin in the container runtime. If this + /// is not set, reads from stdin in the container will always result in EOF. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false + /// Whether the container runtime should close the stdin channel after it has been opened by + /// a single attach. When stdin is true the stdin stream will remain open across multiple attach + /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, + /// at which time stdin is closed and remains closed until the container is restarted. If this + /// flag is false, a container processes that reads from stdin will never receive an EOF. + /// Default is false #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. + /// Optional: Path at which the file to which the container's termination message + /// will be written is mounted into the container's filesystem. + /// Message written is intended to be brief final status, such as an assertion failure message. + /// Will be truncated by the node if greater than 4096 bytes. The total message length across + /// all containers will be limited to 12kb. + /// Defaults to /dev/termination-log. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. + /// Indicate how the termination message should be populated. File will use the contents of + /// terminationMessagePath to populate the container status message on both success and failure. + /// FallbackToLogsOnError will use the last chunk of container log output if the termination + /// message file is empty and the container exited with an error. + /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + /// Defaults to File. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. + /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + /// Default is false. #[serde(default, skip_serializing_if = "Option::is_none")] pub tty: Option, /// volumeDevices is the list of block devices to be used by the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Cannot be updated. + /// Pod volumes to mount into the container's filesystem. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, - /// Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. + /// Container's working directory. + /// If not specified, the container runtime's default will be used, which + /// might be configured in the container image. + /// Cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] pub working_dir: Option, } @@ -5263,7 +6077,15 @@ pub struct WorkflowTemplatesTaskContainer { pub struct WorkflowTemplatesTaskContainerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -5277,10 +6099,12 @@ pub struct WorkflowTemplatesTaskContainerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -5293,7 +6117,9 @@ pub struct WorkflowTemplatesTaskContainerEnvValueFrom { pub struct WorkflowTemplatesTaskContainerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -5301,7 +6127,8 @@ pub struct WorkflowTemplatesTaskContainerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -5312,7 +6139,8 @@ pub struct WorkflowTemplatesTaskContainerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -5330,7 +6158,9 @@ pub struct WorkflowTemplatesTaskContainerEnvValueFromResourceFieldRef { pub struct WorkflowTemplatesTaskContainerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -5355,7 +6185,9 @@ pub struct WorkflowTemplatesTaskContainerEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -5366,7 +6198,9 @@ pub struct WorkflowTemplatesTaskContainerEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -5374,18 +6208,33 @@ pub struct WorkflowTemplatesTaskContainerEnvFromSecretRef { pub optional: Option, } -/// Actions that the management system should take in response to container lifecycle events. Cannot be updated. +/// Actions that the management system should take in response to container lifecycle events. +/// Cannot be updated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePostStart { /// Exec specifies the action to take. @@ -5394,7 +6243,9 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -5402,7 +6253,11 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5410,7 +6265,8 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5419,9 +6275,12 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5429,23 +6288,36 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePreStop { /// Exec specifies the action to take. @@ -5454,7 +6326,9 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -5462,7 +6336,11 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5470,7 +6348,8 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5479,9 +6358,12 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5489,29 +6371,38 @@ pub struct WorkflowTemplatesTaskContainerLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container liveness. +/// Container will be restarted if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -5520,22 +6411,36 @@ pub struct WorkflowTemplatesTaskContainerLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -5543,7 +6448,11 @@ pub struct WorkflowTemplatesTaskContainerLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5553,8 +6462,11 @@ pub struct WorkflowTemplatesTaskContainerLivenessProbeExec { pub struct WorkflowTemplatesTaskContainerLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -5562,7 +6474,8 @@ pub struct WorkflowTemplatesTaskContainerLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5571,9 +6484,12 @@ pub struct WorkflowTemplatesTaskContainerLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5581,7 +6497,8 @@ pub struct WorkflowTemplatesTaskContainerLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -5593,37 +6510,50 @@ pub struct WorkflowTemplatesTaskContainerLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// Periodic probe of container service readiness. +/// Container will be removed from service endpoints if the probe fails. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -5632,22 +6562,36 @@ pub struct WorkflowTemplatesTaskContainerReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -5655,7 +6599,11 @@ pub struct WorkflowTemplatesTaskContainerReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5665,8 +6613,11 @@ pub struct WorkflowTemplatesTaskContainerReadinessProbeExec { pub struct WorkflowTemplatesTaskContainerReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -5674,7 +6625,8 @@ pub struct WorkflowTemplatesTaskContainerReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5683,9 +6635,12 @@ pub struct WorkflowTemplatesTaskContainerReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5693,7 +6648,8 @@ pub struct WorkflowTemplatesTaskContainerReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -5705,33 +6661,49 @@ pub struct WorkflowTemplatesTaskContainerReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// ContainerResizePolicy represents resource resize policy for the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerResizePolicy { - /// Name of the resource to which this resource resize policy applies. Supported values: cpu, memory. + /// Name of the resource to which this resource resize policy applies. + /// Supported values: cpu, memory. #[serde(rename = "resourceName")] pub resource_name: String, - /// Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired. + /// Restart policy to apply when specified resource is resized. + /// If not specified, it defaults to NotRequired. #[serde(rename = "restartPolicy")] pub restart_policy: String, } -/// Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +/// Compute Resources required by this container. +/// Cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -5739,49 +6711,95 @@ pub struct WorkflowTemplatesTaskContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } -/// SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +/// SecurityContext defines the security options the container should be run with. +/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. +/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerSecurityContextCapabilities { /// Added capabilities @@ -5792,7 +6810,11 @@ pub struct WorkflowTemplatesTaskContainerSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -5809,42 +6831,71 @@ pub struct WorkflowTemplatesTaskContainerSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type. + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +/// StartupProbe indicates that the Pod has successfully initialized. +/// If specified, no other probes are executed until this completes successfully. +/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +/// when it might take a long time to load data or warm a cache, than during steady-state operation. +/// This cannot be updated. +/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerStartupProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -5853,22 +6904,36 @@ pub struct WorkflowTemplatesTaskContainerStartupProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -5876,7 +6941,11 @@ pub struct WorkflowTemplatesTaskContainerStartupProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5886,8 +6955,11 @@ pub struct WorkflowTemplatesTaskContainerStartupProbeExec { pub struct WorkflowTemplatesTaskContainerStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -5895,7 +6967,8 @@ pub struct WorkflowTemplatesTaskContainerStartupProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5904,9 +6977,12 @@ pub struct WorkflowTemplatesTaskContainerStartupProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5914,7 +6990,8 @@ pub struct WorkflowTemplatesTaskContainerStartupProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerStartupProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -5926,7 +7003,9 @@ pub struct WorkflowTemplatesTaskContainerStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } @@ -5943,21 +7022,30 @@ pub struct WorkflowTemplatesTaskContainerVolumeDevices { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskContainerVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -5965,7 +7053,9 @@ pub struct WorkflowTemplatesTaskContainerVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -5977,7 +7067,8 @@ pub struct WorkflowTemplatesTaskVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -5989,46 +7080,91 @@ pub struct WorkflowTemplatesTaskVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -6043,13 +7179,15 @@ pub struct WorkflowTemplatesTaskVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -6060,19 +7198,30 @@ pub struct WorkflowTemplatesTaskVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -6089,13 +7238,16 @@ pub struct WorkflowTemplatesTaskVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -6103,7 +7255,8 @@ pub struct WorkflowTemplatesTaskVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -6117,54 +7270,74 @@ pub struct WorkflowTemplatesTaskVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6172,13 +7345,27 @@ pub struct WorkflowTemplatesTaskVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6191,36 +7378,59 @@ pub struct WorkflowTemplatesTaskVolumesConfigMap { pub struct WorkflowTemplatesTaskVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6228,7 +7438,14 @@ pub struct WorkflowTemplatesTaskVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -6242,12 +7459,18 @@ pub struct WorkflowTemplatesTaskVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -6263,7 +7486,8 @@ pub struct WorkflowTemplatesTaskVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -6276,72 +7500,190 @@ pub struct WorkflowTemplatesTaskVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateMetadata { } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -6349,10 +7691,19 @@ pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -6361,33 +7712,73 @@ pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecDataSourc pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -6395,7 +7786,9 @@ pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecResources /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -6405,19 +7798,26 @@ pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecSelector /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6425,46 +7825,65 @@ pub struct WorkflowTemplatesTaskVolumesEphemeralVolumeClaimTemplateSpecSelectorM /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6472,7 +7891,8 @@ pub struct WorkflowTemplatesTaskVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -6480,27 +7900,46 @@ pub struct WorkflowTemplatesTaskVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -6510,29 +7949,47 @@ pub struct WorkflowTemplatesTaskVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -6541,29 +7998,39 @@ pub struct WorkflowTemplatesTaskVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -6571,30 +8038,41 @@ pub struct WorkflowTemplatesTaskVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -6602,7 +8080,9 @@ pub struct WorkflowTemplatesTaskVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -6613,10 +8093,13 @@ pub struct WorkflowTemplatesTaskVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -6627,7 +8110,12 @@ pub struct WorkflowTemplatesTaskVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -6655,10 +8143,18 @@ pub struct WorkflowTemplatesTaskVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6671,10 +8167,18 @@ pub struct WorkflowTemplatesTaskVolumesProjectedSourcesConfigMap { pub struct WorkflowTemplatesTaskVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -6692,12 +8196,18 @@ pub struct WorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -6713,7 +8223,8 @@ pub struct WorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItemsFieldRef pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -6729,10 +8240,18 @@ pub struct WorkflowTemplatesTaskVolumesProjectedSourcesDownwardApiItemsResourceF /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -6745,78 +8264,124 @@ pub struct WorkflowTemplatesTaskVolumesProjectedSourcesSecret { pub struct WorkflowTemplatesTaskVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6824,7 +8389,10 @@ pub struct WorkflowTemplatesTaskVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -6832,16 +8400,19 @@ pub struct WorkflowTemplatesTaskVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: WorkflowTemplatesTaskVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -6849,32 +8420,50 @@ pub struct WorkflowTemplatesTaskVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -6884,37 +8473,58 @@ pub struct WorkflowTemplatesTaskVolumesSecret { pub struct WorkflowTemplatesTaskVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6922,7 +8532,9 @@ pub struct WorkflowTemplatesTaskVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTaskVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -6939,26 +8551,36 @@ pub struct WorkflowTemplatesTaskVolumesVsphereVolume { /// TimeChaosSpec defines the desired state of TimeChaos #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct WorkflowTemplatesTimeChaos { - /// ClockIds defines all affected clock id All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", "CLOCK_BOOTTIME_ALARM"] Default value is ["CLOCK_REALTIME"] + /// ClockIds defines all affected clock id + /// All available options are ["CLOCK_REALTIME","CLOCK_MONOTONIC","CLOCK_PROCESS_CPUTIME_ID","CLOCK_THREAD_CPUTIME_ID", + /// "CLOCK_MONOTONIC_RAW","CLOCK_REALTIME_COARSE","CLOCK_MONOTONIC_COARSE","CLOCK_BOOTTIME","CLOCK_REALTIME_ALARM", + /// "CLOCK_BOOTTIME_ALARM"] + /// Default value is ["CLOCK_REALTIME"] #[serde(default, skip_serializing_if = "Option::is_none", rename = "clockIds")] pub clock_ids: Option>, - /// ContainerNames indicates list of the name of affected container. If not set, the first container will be injected + /// ContainerNames indicates list of the name of affected container. + /// If not set, the first container will be injected #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerNames")] pub container_names: Option>, /// Duration represents the duration of the chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, - /// Mode defines the mode to run chaos action. Supported mode: one / all / fixed / fixed-percent / random-max-percent + /// Mode defines the mode to run chaos action. + /// Supported mode: one / all / fixed / fixed-percent / random-max-percent pub mode: WorkflowTemplatesTimeChaosMode, /// RemoteCluster represents the remote cluster where the chaos will be deployed #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteCluster")] pub remote_cluster: Option, /// Selector is used to select pods that are used to inject chaos action. pub selector: WorkflowTemplatesTimeChaosSelector, - /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + /// TimeOffset defines the delta time of injected program. It's a possibly signed sequence of decimal numbers, such as + /// "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". #[serde(rename = "timeOffset")] pub time_offset: String, - /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. If `FixedMode`, provide an integer of pods to do chaos action. If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action + /// Value is required when the mode is set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + /// If `FixedMode`, provide an integer of pods to do chaos action. + /// If `FixedPercentMode`, provide a number from 0-100 to specify the percent of pods the server can do chaos action. + /// IF `RandomMaxPercentMode`, provide a number from 0-100 to specify the max percent of pods to do chaos action #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -6981,43 +8603,57 @@ pub enum WorkflowTemplatesTimeChaosMode { /// Selector is used to select pods that are used to inject chaos action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTimeChaosSelector { - /// Map of string keys and values that can be used to select objects. A selector based on annotations. + /// Map of string keys and values that can be used to select objects. + /// A selector based on annotations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "annotationSelectors")] pub annotation_selectors: Option>, - /// a slice of label selector expressions that can be used to select objects. A list of selectors based on set-based label expressions. + /// a slice of label selector expressions that can be used to select objects. + /// A list of selectors based on set-based label expressions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expressionSelectors")] pub expression_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on fields. + /// Map of string keys and values that can be used to select objects. + /// A selector based on fields. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] pub field_selectors: Option>, - /// Map of string keys and values that can be used to select objects. A selector based on labels. + /// Map of string keys and values that can be used to select objects. + /// A selector based on labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] pub label_selectors: Option>, /// Namespaces is a set of namespace to which objects belong. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// Map of string keys and values that can be used to select nodes. Selector which must match a node's labels, and objects must belong to these selected nodes. + /// Map of string keys and values that can be used to select nodes. + /// Selector which must match a node's labels, + /// and objects must belong to these selected nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelectors")] pub node_selectors: Option>, /// Nodes is a set of node name and objects must belong to these nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option>, - /// PodPhaseSelectors is a set of condition of a pod at the current time. supported value: Pending / Running / Succeeded / Failed / Unknown + /// PodPhaseSelectors is a set of condition of a pod at the current time. + /// supported value: Pending / Running / Succeeded / Failed / Unknown #[serde(default, skip_serializing_if = "Option::is_none", rename = "podPhaseSelectors")] pub pod_phase_selectors: Option>, - /// Pods is a map of string keys and a set values that used to select pods. The key defines the namespace which pods belong, and the each values is a set of pod names. + /// Pods is a map of string keys and a set values that used to select pods. + /// The key defines the namespace which pods belong, + /// and the each values is a set of pod names. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkflowTemplatesTimeChaosSelectorExpressionSelectors { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs b/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs index 11277f6fb..3c06b9009 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2/ciliumclusterwidenetworkpolicies.rs @@ -201,12 +201,7 @@ pub struct CiliumClusterwideNetworkPolicyEgress { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -284,6 +279,10 @@ pub struct CiliumClusterwideNetworkPolicyEgressToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -294,6 +293,47 @@ pub struct CiliumClusterwideNetworkPolicyEgressToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyEgressToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyEgressToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicyEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicyEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicyEgressToEndpoints { @@ -348,7 +388,7 @@ pub struct CiliumClusterwideNetworkPolicyEgressToFqdNs { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -622,7 +662,7 @@ pub struct CiliumClusterwideNetworkPolicyEgressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -902,7 +942,10 @@ pub enum CiliumClusterwideNetworkPolicyEgressToRequiresMatchExpressionsOperator DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicyEgressToServices { /// K8sService selects service by name and namespace pair @@ -1074,12 +1117,7 @@ pub struct CiliumClusterwideNetworkPolicyEgressDeny { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -1139,6 +1177,10 @@ pub struct CiliumClusterwideNetworkPolicyEgressDenyToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -1149,6 +1191,47 @@ pub struct CiliumClusterwideNetworkPolicyEgressDenyToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyEgressDenyToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyEgressDenyToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicyEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicyEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicyEgressDenyToEndpoints { @@ -1334,7 +1417,10 @@ pub enum CiliumClusterwideNetworkPolicyEgressDenyToRequiresMatchExpressionsOpera DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicyEgressDenyToServices { /// K8sService selects service by name and namespace pair @@ -1611,6 +1697,10 @@ pub struct CiliumClusterwideNetworkPolicyIngressFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -1621,6 +1711,47 @@ pub struct CiliumClusterwideNetworkPolicyIngressFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyIngressFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyIngressFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicyIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicyIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicyIngressFromEndpoints { @@ -2003,7 +2134,7 @@ pub struct CiliumClusterwideNetworkPolicyIngressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -2361,6 +2492,10 @@ pub struct CiliumClusterwideNetworkPolicyIngressDenyFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -2371,6 +2506,47 @@ pub struct CiliumClusterwideNetworkPolicyIngressDenyFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyIngressDenyFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicyIngressDenyFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicyIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicyIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicyIngressDenyFromEndpoints { @@ -2844,12 +3020,7 @@ pub struct CiliumClusterwideNetworkPolicysEgress { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -2927,6 +3098,10 @@ pub struct CiliumClusterwideNetworkPolicysEgressToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -2937,6 +3112,47 @@ pub struct CiliumClusterwideNetworkPolicysEgressToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysEgressToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysEgressToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicysEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicysEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicysEgressToEndpoints { @@ -2991,7 +3207,7 @@ pub struct CiliumClusterwideNetworkPolicysEgressToFqdNs { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -3265,7 +3481,7 @@ pub struct CiliumClusterwideNetworkPolicysEgressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -3545,7 +3761,10 @@ pub enum CiliumClusterwideNetworkPolicysEgressToRequiresMatchExpressionsOperator DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicysEgressToServices { /// K8sService selects service by name and namespace pair @@ -3717,12 +3936,7 @@ pub struct CiliumClusterwideNetworkPolicysEgressDeny { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -3782,6 +3996,10 @@ pub struct CiliumClusterwideNetworkPolicysEgressDenyToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -3792,6 +4010,47 @@ pub struct CiliumClusterwideNetworkPolicysEgressDenyToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysEgressDenyToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysEgressDenyToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicysEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicysEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicysEgressDenyToEndpoints { @@ -3977,7 +4236,10 @@ pub enum CiliumClusterwideNetworkPolicysEgressDenyToRequiresMatchExpressionsOper DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicysEgressDenyToServices { /// K8sService selects service by name and namespace pair @@ -4254,6 +4516,10 @@ pub struct CiliumClusterwideNetworkPolicysIngressFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -4264,6 +4530,47 @@ pub struct CiliumClusterwideNetworkPolicysIngressFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysIngressFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysIngressFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicysIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicysIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicysIngressFromEndpoints { @@ -4646,7 +4953,7 @@ pub struct CiliumClusterwideNetworkPolicysIngressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -5004,6 +5311,10 @@ pub struct CiliumClusterwideNetworkPolicysIngressDenyFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -5014,6 +5325,47 @@ pub struct CiliumClusterwideNetworkPolicysIngressDenyFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysIngressDenyFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumClusterwideNetworkPolicysIngressDenyFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumClusterwideNetworkPolicysIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumClusterwideNetworkPolicysIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumClusterwideNetworkPolicysIngressDenyFromEndpoints { diff --git a/kube-custom-resources-rs/src/cilium_io/v2/ciliumegressgatewaypolicies.rs b/kube-custom-resources-rs/src/cilium_io/v2/ciliumegressgatewaypolicies.rs index 2e8de00c3..dc4265b0a 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2/ciliumegressgatewaypolicies.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2/ciliumegressgatewaypolicies.rs @@ -122,6 +122,10 @@ pub struct CiliumEgressGatewayPolicySelectors { /// selector semantics; if present but empty, it selects all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, + /// This is a label selector which selects Pods by Node. This field follows standard label + /// selector semantics; if present but empty, it selects all nodes. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option, /// This is a label selector which selects Pods. This field follows standard label /// selector semantics; if present but empty, it selects all pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] @@ -169,6 +173,47 @@ pub enum CiliumEgressGatewayPolicySelectorsNamespaceSelectorMatchExpressionsOper DoesNotExist, } +/// This is a label selector which selects Pods by Node. This field follows standard label +/// selector semantics; if present but empty, it selects all nodes. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumEgressGatewayPolicySelectorsNodeSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumEgressGatewayPolicySelectorsNodeSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumEgressGatewayPolicySelectorsNodeSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumEgressGatewayPolicySelectorsNodeSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// This is a label selector which selects Pods. This field follows standard label /// selector semantics; if present but empty, it selects all pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/cilium_io/v2/ciliumendpoints.rs b/kube-custom-resources-rs/src/cilium_io/v2/ciliumendpoints.rs index f8123511b..1cca8dd82 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2/ciliumendpoints.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2/ciliumendpoints.rs @@ -176,7 +176,7 @@ pub struct CiliumEndpointStatusIdentity { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumEndpointStatusLog { /// Code indicate type of status change - /// Enum: [ok failed] + /// Enum: ["ok","failed"] #[serde(default, skip_serializing_if = "Option::is_none")] pub code: Option, /// Status message @@ -202,7 +202,7 @@ pub struct CiliumEndpointStatusNamedPorts { #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// Layer 4 protocol - /// Enum: [TCP UDP SCTP ICMP ICMPV6 ANY] + /// Enum: ["TCP","UDP","SCTP","ICMP","ICMPV6","ANY"] #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } diff --git a/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs b/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs index 04c180189..bebff85e1 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2/ciliumnetworkpolicies.rs @@ -202,12 +202,7 @@ pub struct CiliumNetworkPolicyEgress { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -285,6 +280,10 @@ pub struct CiliumNetworkPolicyEgressToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -295,6 +294,47 @@ pub struct CiliumNetworkPolicyEgressToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicyEgressToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicyEgressToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicyEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicyEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicyEgressToEndpoints { @@ -349,7 +389,7 @@ pub struct CiliumNetworkPolicyEgressToFqdNs { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -623,7 +663,7 @@ pub struct CiliumNetworkPolicyEgressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -903,7 +943,10 @@ pub enum CiliumNetworkPolicyEgressToRequiresMatchExpressionsOperator { DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicyEgressToServices { /// K8sService selects service by name and namespace pair @@ -1075,12 +1118,7 @@ pub struct CiliumNetworkPolicyEgressDeny { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -1140,6 +1178,10 @@ pub struct CiliumNetworkPolicyEgressDenyToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -1150,6 +1192,47 @@ pub struct CiliumNetworkPolicyEgressDenyToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicyEgressDenyToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicyEgressDenyToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicyEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicyEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicyEgressDenyToEndpoints { @@ -1335,7 +1418,10 @@ pub enum CiliumNetworkPolicyEgressDenyToRequiresMatchExpressionsOperator { DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicyEgressDenyToServices { /// K8sService selects service by name and namespace pair @@ -1612,6 +1698,10 @@ pub struct CiliumNetworkPolicyIngressFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -1622,6 +1712,47 @@ pub struct CiliumNetworkPolicyIngressFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicyIngressFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicyIngressFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicyIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicyIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicyIngressFromEndpoints { @@ -2004,7 +2135,7 @@ pub struct CiliumNetworkPolicyIngressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -2362,6 +2493,10 @@ pub struct CiliumNetworkPolicyIngressDenyFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -2372,6 +2507,47 @@ pub struct CiliumNetworkPolicyIngressDenyFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicyIngressDenyFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicyIngressDenyFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicyIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicyIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicyIngressDenyFromEndpoints { @@ -2845,12 +3021,7 @@ pub struct CiliumNetworkPolicysEgress { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -2928,6 +3099,10 @@ pub struct CiliumNetworkPolicysEgressToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -2938,6 +3113,47 @@ pub struct CiliumNetworkPolicysEgressToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicysEgressToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicysEgressToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicysEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicysEgressToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicysEgressToEndpoints { @@ -2992,7 +3208,7 @@ pub struct CiliumNetworkPolicysEgressToFqdNs { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -3266,7 +3482,7 @@ pub struct CiliumNetworkPolicysEgressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -3546,7 +3762,10 @@ pub enum CiliumNetworkPolicysEgressToRequiresMatchExpressionsOperator { DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicysEgressToServices { /// K8sService selects service by name and namespace pair @@ -3718,12 +3937,7 @@ pub struct CiliumNetworkPolicysEgressDeny { pub to_requires: Option>, /// ToServices is a list of services to which the endpoint subject /// to the rule is allowed to initiate connections. - /// Currently Cilium only supports toServices for K8s services without - /// selectors. - /// - /// Example: - /// Any endpoint with the label "app=backend-app" is allowed to - /// initiate connections to all cidrs backing the "external-service" service + /// Currently Cilium only supports toServices for K8s services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "toServices")] pub to_services: Option>, } @@ -3783,6 +3997,10 @@ pub struct CiliumNetworkPolicysEgressDenyToCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -3793,6 +4011,47 @@ pub struct CiliumNetworkPolicysEgressDenyToCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicysEgressDenyToCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicysEgressDenyToCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicysEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicysEgressDenyToCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicysEgressDenyToEndpoints { @@ -3978,7 +4237,10 @@ pub enum CiliumNetworkPolicysEgressDenyToRequiresMatchExpressionsOperator { DoesNotExist, } -/// Service wraps around selectors for services +/// Service selects policy targets that are bundled as part of a +/// logical load-balanced service. +/// +/// Currently only Kubernetes-based Services are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicysEgressDenyToServices { /// K8sService selects service by name and namespace pair @@ -4255,6 +4517,10 @@ pub struct CiliumNetworkPolicysIngressFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -4265,6 +4531,47 @@ pub struct CiliumNetworkPolicysIngressFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicysIngressFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicysIngressFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicysIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicysIngressFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicysIngressFromEndpoints { @@ -4647,7 +4954,7 @@ pub struct CiliumNetworkPolicysIngressToPortsRulesDns { /// A trailing "." is automatically added when missing. /// /// Examples: - /// `*.cilium.io` matches subomains of cilium at that level + /// `*.cilium.io` matches subdomains of cilium at that level /// www.cilium.io and blog.cilium.io match, cilium.io and google.com do not /// `*cilium.io` matches cilium.io and all subdomains ends with "cilium.io" /// except those containing "." separator, subcilium.io and sub-cilium.io match, @@ -5005,6 +5312,10 @@ pub struct CiliumNetworkPolicysIngressDenyFromCidrSet { /// connections from. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupRef")] pub cidr_group_ref: Option, + /// CIDRGroupSelector selects CiliumCIDRGroups by their labels, + /// rather than by name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrGroupSelector")] + pub cidr_group_selector: Option, /// ExceptCIDRs is a list of IP blocks which the endpoint subject to the rule /// is not allowed to initiate connections to. These CIDR prefixes should be /// contained within Cidr, using ExceptCIDRs together with CIDRGroupRef is not @@ -5015,6 +5326,47 @@ pub struct CiliumNetworkPolicysIngressDenyFromCidrSet { pub except: Option>, } +/// CIDRGroupSelector selects CiliumCIDRGroups by their labels, +/// rather than by name. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CiliumNetworkPolicysIngressDenyFromCidrSetCidrGroupSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct CiliumNetworkPolicysIngressDenyFromCidrSetCidrGroupSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: CiliumNetworkPolicysIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum CiliumNetworkPolicysIngressDenyFromCidrSetCidrGroupSelectorMatchExpressionsOperator { + In, + NotIn, + Exists, + DoesNotExist, +} + /// EndpointSelector is a wrapper for k8s LabelSelector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CiliumNetworkPolicysIngressDenyFromEndpoints { diff --git a/kube-custom-resources-rs/src/cilium_io/v2alpha1/ciliumendpointslices.rs b/kube-custom-resources-rs/src/cilium_io/v2alpha1/ciliumendpointslices.rs index 3b88b9b16..daef92de1 100644 --- a/kube-custom-resources-rs/src/cilium_io/v2alpha1/ciliumendpointslices.rs +++ b/kube-custom-resources-rs/src/cilium_io/v2alpha1/ciliumendpointslices.rs @@ -53,7 +53,7 @@ pub struct CiliumEndpointSliceEndpointsNamedPorts { #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// Layer 4 protocol - /// Enum: [TCP UDP SCTP ICMP ICMPV6 ANY] + /// Enum: ["TCP","UDP","SCTP","ICMP","ICMPV6","ANY"] #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } diff --git a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/cachepolicies.rs b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/cachepolicies.rs index 1eba510eb..92bf65bde 100644 --- a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/cachepolicies.rs +++ b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/cachepolicies.rs @@ -167,7 +167,7 @@ pub struct CachePolicyStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs index a57fd4549..34bf5b8ee 100644 --- a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs +++ b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs @@ -25,6 +25,9 @@ pub struct DistributionSpec { /// The distribution's configuration information. #[serde(rename = "distributionConfig")] pub distribution_config: DistributionDistributionConfig, + /// A complex type that contains Tag elements. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tags: Option>, } /// The distribution's configuration information. @@ -67,7 +70,16 @@ pub struct DistributionDistributionConfig { pub http_version: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "isIPV6Enabled")] pub is_ipv6_enabled: Option, - /// A complex type that controls whether access logs are written for the distribution. + /// A complex type that specifies whether access logs are written for the distribution. + /// + /// If you already enabled standard logging (legacy) and you want to enable standard + /// logging (v2) to send your access logs to Amazon S3, we recommend that you + /// specify a different Amazon S3 bucket or use a separate path in the same bucket + /// (for example, use a log prefix or partitioning). This helps you keep track + /// of which log files are associated with which logging subscription and prevents + /// log files from overwriting each other. For more information, see Standard + /// logging (access logs) (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) + /// in the Amazon CloudFront Developer Guide. #[serde(default, skip_serializing_if = "Option::is_none")] pub logging: Option, /// A complex data type for the origin groups specified for a distribution. @@ -158,7 +170,8 @@ pub struct DistributionDistributionConfigCacheBehaviors { /// in the Amazon CloudFront Developer Guide. /// /// If you don't want to specify any cache behaviors, include only an empty CacheBehaviors -/// element. Don't include an empty CacheBehavior element because this is invalid. +/// element. Don't specify an empty individual CacheBehavior element, because +/// this is invalid. For more information, see CacheBehaviors (https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CacheBehaviors.html). /// /// To delete all cache behaviors in an existing distribution, update the distribution /// configuration and include only an empty CacheBehaviors element. @@ -213,8 +226,8 @@ pub struct DistributionDistributionConfigCacheBehaviorsItems { #[serde(default, skip_serializing_if = "Option::is_none", rename = "forwardedValues")] pub forwarded_values: Option, /// A list of CloudFront functions that are associated with a cache behavior - /// in a CloudFront distribution. CloudFront functions must be published to the - /// LIVE stage to associate them with a cache behavior. + /// in a CloudFront distribution. Your functions must be published to the LIVE + /// stage to associate them with a cache behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "functionAssociations")] pub function_associations: Option, /// A complex type that specifies a list of Lambda@Edge functions associations @@ -412,8 +425,8 @@ pub struct DistributionDistributionConfigCacheBehaviorsItemsForwardedValuesQuery } /// A list of CloudFront functions that are associated with a cache behavior -/// in a CloudFront distribution. CloudFront functions must be published to the -/// LIVE stage to associate them with a cache behavior. +/// in a CloudFront distribution. Your functions must be published to the LIVE +/// stage to associate them with a cache behavior. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DistributionDistributionConfigCacheBehaviorsItemsFunctionAssociations { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -564,8 +577,8 @@ pub struct DistributionDistributionConfigDefaultCacheBehavior { #[serde(default, skip_serializing_if = "Option::is_none", rename = "forwardedValues")] pub forwarded_values: Option, /// A list of CloudFront functions that are associated with a cache behavior - /// in a CloudFront distribution. CloudFront functions must be published to the - /// LIVE stage to associate them with a cache behavior. + /// in a CloudFront distribution. Your functions must be published to the LIVE + /// stage to associate them with a cache behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "functionAssociations")] pub function_associations: Option, /// A complex type that specifies a list of Lambda@Edge functions associations @@ -761,8 +774,8 @@ pub struct DistributionDistributionConfigDefaultCacheBehaviorForwardedValuesQuer } /// A list of CloudFront functions that are associated with a cache behavior -/// in a CloudFront distribution. CloudFront functions must be published to the -/// LIVE stage to associate them with a cache behavior. +/// in a CloudFront distribution. Your functions must be published to the LIVE +/// stage to associate them with a cache behavior. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DistributionDistributionConfigDefaultCacheBehaviorFunctionAssociations { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -827,7 +840,16 @@ pub struct DistributionDistributionConfigDefaultCacheBehaviorTrustedSigners { pub items: Option>, } -/// A complex type that controls whether access logs are written for the distribution. +/// A complex type that specifies whether access logs are written for the distribution. +/// +/// If you already enabled standard logging (legacy) and you want to enable standard +/// logging (v2) to send your access logs to Amazon S3, we recommend that you +/// specify a different Amazon S3 bucket or use a separate path in the same bucket +/// (for example, use a log prefix or partitioning). This helps you keep track +/// of which log files are associated with which logging subscription and prevents +/// log files from overwriting each other. For more information, see Standard +/// logging (access logs) (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) +/// in the Amazon CloudFront Developer Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DistributionDistributionConfigLogging { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -848,12 +870,15 @@ pub struct DistributionDistributionConfigOriginGroups { pub items: Option>, } -/// An origin group includes two origins (a primary origin and a second origin +/// An origin group includes two origins (a primary origin and a secondary origin /// to failover to) and a failover criteria that you specify. You create an origin /// group to support origin failover in CloudFront. When you create or update -/// a distribution, you can specifiy the origin group instead of a single origin, -/// and CloudFront will failover from the primary origin to the second origin +/// a distribution, you can specify the origin group instead of a single origin, +/// and CloudFront will failover from the primary origin to the secondary origin /// under the failover conditions that you've chosen. +/// +/// Optionally, you can choose selection criteria for your origin group to specify +/// how your origins are selected when your distribution routes viewer requests. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DistributionDistributionConfigOriginGroupsItems { /// A complex data type that includes information about the failover criteria @@ -920,9 +945,9 @@ pub struct DistributionDistributionConfigOrigins { /// /// * Use CustomOriginConfig to specify all other kinds of origins, including: /// An Amazon S3 bucket that is configured with static website hosting An -/// Elastic Load Balancing load balancer An AWS Elemental MediaPackage endpoint -/// An AWS Elemental MediaStore container Any other HTTP server, running on -/// an Amazon EC2 instance or any other kind of host +/// Elastic Load Balancing load balancer An Elemental MediaPackage endpoint +/// An Elemental MediaStore container Any other HTTP server, running on an +/// Amazon EC2 instance or any other kind of host /// /// For the current maximum number of origins that you can specify per distribution, /// see General Quotas on Web Distributions (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html#limits-web-distributions) @@ -1133,6 +1158,19 @@ pub struct DistributionDistributionConfigViewerCertificateAcmCertificateRefFrom pub namespace: Option, } +/// A complex type that contains Tag key and Tag value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DistributionTags { + /// A string that contains Tag key. + /// + /// The string length should be between 1 and 128 characters. Valid characters + /// include a-z, A-Z, 0-9, space, and the special characters _ - . : / = + @. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + /// DistributionStatus defines the observed state of Distribution #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DistributionStatus { @@ -1166,7 +1204,7 @@ pub struct DistributionStatus { pub alias_icp_recordals: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "callerReference")] pub caller_reference: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/functions.rs b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/functions.rs index ba0c91915..d704734de 100644 --- a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/functions.rs +++ b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/functions.rs @@ -50,7 +50,7 @@ pub struct FunctionStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/originrequestpolicies.rs b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/originrequestpolicies.rs index 9a4401bfc..9f3be7872 100644 --- a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/originrequestpolicies.rs +++ b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/originrequestpolicies.rs @@ -132,7 +132,7 @@ pub struct OriginRequestPolicyStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/responseheaderspolicies.rs b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/responseheaderspolicies.rs index cbd2defd9..67eebf825 100644 --- a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/responseheaderspolicies.rs +++ b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/responseheaderspolicies.rs @@ -399,7 +399,7 @@ pub struct ResponseHeadersPolicyStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/eventdatastores.rs b/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/eventdatastores.rs index 196cd593d..9ff2c4397 100644 --- a/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/eventdatastores.rs +++ b/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/eventdatastores.rs @@ -14,9 +14,8 @@ use self::prelude::*; /// /// A storage lake of event data against which you can run complex SQL-based /// queries. An event data store can include events that you have logged on your -/// account from the last 90 to 2555 days (about three months to up to seven -/// years). To select events for an event data store, use advanced event selectors -/// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced). +/// account. To select events for an event data store, use advanced event selectors +/// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-concepts.html#adv-event-selectors). #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "cloudtrail.services.k8s.aws", version = "v1alpha1", kind = "EventDataStore", plural = "eventdatastores")] #[kube(namespaced)] @@ -26,13 +25,26 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct EventDataStoreSpec { /// The advanced event selectors to use to select the events for the data store. - /// For more information about how to use advanced event selectors, see Log events - /// by using advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) + /// You can configure up to five advanced event selectors for each event data + /// store. + /// + /// For more information about how to use advanced event selectors to log CloudTrail + /// events, see Log events by using advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) + /// in the CloudTrail User Guide. + /// + /// For more information about how to use advanced event selectors to include + /// Config configuration items in your event data store, see Create an event + /// data store for Config configuration items (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) + /// in the CloudTrail User Guide. + /// + /// For more information about how to use advanced event selectors to include + /// events outside of Amazon Web Services events in your event data store, see + /// Create an integration to log events from outside Amazon Web Services (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) /// in the CloudTrail User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "advancedEventSelectors")] pub advanced_event_selectors: Option>, - /// Specifies whether the event data store includes events from all regions, - /// or only from the region in which the event data store is created. + /// Specifies whether the event data store includes events from all Regions, + /// or only from the Region in which the event data store is created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiRegionEnabled")] pub multi_region_enabled: Option, /// The name of the event data store. @@ -41,8 +53,23 @@ pub struct EventDataStoreSpec { /// in Organizations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "organizationEnabled")] pub organization_enabled: Option, - /// The retention period of the event data store, in days. You can set a retention - /// period of up to 2555 days, the equivalent of seven years. + /// The retention period of the event data store, in days. If BillingMode is + /// set to EXTENDABLE_RETENTION_PRICING, you can set a retention period of up + /// to 3653 days, the equivalent of 10 years. If BillingMode is set to FIXED_RETENTION_PRICING, + /// you can set a retention period of up to 2557 days, the equivalent of seven + /// years. + /// + /// CloudTrail Lake determines whether to retain an event by checking if the + /// eventTime of the event is within the specified retention period. For example, + /// if you set a retention period of 90 days, CloudTrail will remove events when + /// the eventTime is older than 90 days. + /// + /// If you plan to copy trail events to this event data store, we recommend that + /// you consider both the age of the events that you want to copy as well as + /// how long you want to keep the copied events in your event data store. For + /// example, if you copy trail events that are 5 years old and specify a retention + /// period of 7 years, the event data store will retain those events for two + /// years. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retentionPeriod")] pub retention_period: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -54,25 +81,74 @@ pub struct EventDataStoreSpec { pub termination_protection_enabled: Option, } -/// Advanced event selectors let you create fine-grained selectors for the following -/// CloudTrail event record fields. They help you control costs by logging only -/// those events that are important to you. For more information about advanced -/// event selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) -/// in the CloudTrail User Guide. +/// Advanced event selectors let you create fine-grained selectors for CloudTrail +/// management, data, and network activity events. They help you control costs +/// by logging only those events that are important to you. For more information +/// about configuring advanced event selectors, see the Logging data events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html), +/// Logging network activity events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-network-events-with-cloudtrail.html), +/// and Logging management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) +/// topics in the CloudTrail User Guide. /// -/// * readOnly +/// You cannot apply both event selectors and advanced event selectors to a trail. +/// +/// Supported CloudTrail event record fields for management events +/// +/// * eventCategory (required) /// /// * eventSource /// +/// * readOnly +/// +/// The following additional fields are available for event data stores: +/// /// * eventName /// -/// * eventCategory +/// * eventType +/// +/// * sessionCredentialFromConsole +/// +/// * userIdentity.arn +/// +/// Supported CloudTrail event record fields for data events +/// +/// * eventCategory (required) +/// +/// * resources.type (required) +/// +/// * readOnly /// -/// * resources.type +/// * eventName /// /// * resources.ARN /// -/// You cannot apply both event selectors and advanced event selectors to a trail. +/// The following additional fields are available for event data stores: +/// +/// * eventSource +/// +/// * eventType +/// +/// * sessionCredentialFromConsole +/// +/// * userIdentity.arn +/// +/// Supported CloudTrail event record fields for network activity events +/// +/// Network activity events is in preview release for CloudTrail and is subject +/// to change. +/// +/// * eventCategory (required) +/// +/// * eventSource (required) +/// +/// * eventName +/// +/// * errorCode - The only valid value for errorCode is VpceAccessDenied. +/// +/// * vpcEndpointId +/// +/// For event data stores for CloudTrail Insights events, Config configuration +/// items, Audit Manager evidence, or events outside of Amazon Web Services, +/// the only supported field is eventCategory. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct EventDataStoreAdvancedEventSelectors { #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldSelectors")] @@ -100,7 +176,8 @@ pub struct EventDataStoreAdvancedEventSelectorsFieldSelectors { pub starts_with: Option>, } -/// A custom key-value pair associated with a resource such as a CloudTrail trail. +/// A custom key-value pair associated with a resource such as a CloudTrail trail, +/// event data store, dashboard, or channel. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct EventDataStoreTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -117,7 +194,7 @@ pub struct EventDataStoreStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/trails.rs b/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/trails.rs index 6e26bee91..55e6f932e 100644 --- a/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/trails.rs +++ b/kube-custom-resources-rs/src/cloudtrail_services_k8s_aws/v1alpha1/trails.rs @@ -23,11 +23,13 @@ use self::prelude::*; pub struct TrailSpec { /// Specifies a log group name using an Amazon Resource Name (ARN), a unique /// identifier that represents the log group to which CloudTrail logs will be - /// delivered. Not required unless you specify CloudWatchLogsRoleArn. + /// delivered. You must use a log group that exists in your account. + /// + /// Not required unless you specify CloudWatchLogsRoleArn. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudWatchLogsLogGroupARN")] pub cloud_watch_logs_log_group_arn: Option, /// Specifies the role for the CloudWatch Logs endpoint to assume to write to - /// a user's log group. + /// a user's log group. You must use a role that exists in your account. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudWatchLogsRoleARN")] pub cloud_watch_logs_role_arn: Option, /// Specifies whether log file integrity validation is enabled. The default is @@ -47,21 +49,21 @@ pub struct TrailSpec { /// as IAM to the log files. #[serde(default, skip_serializing_if = "Option::is_none", rename = "includeGlobalServiceEvents")] pub include_global_service_events: Option, - /// Specifies whether the trail is created in the current region or in all regions. - /// The default is false, which creates a trail only in the region where you + /// Specifies whether the trail is created in the current Region or in all Regions. + /// The default is false, which creates a trail only in the Region where you /// are signed in. As a best practice, consider creating trails that log events - /// in all regions. + /// in all Regions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "isMultiRegionTrail")] pub is_multi_region_trail: Option, /// Specifies whether the trail is created for all accounts in an organization /// in Organizations, or only for the current Amazon Web Services account. The /// default is false, and cannot be true unless the call is made on behalf of - /// an Amazon Web Services account that is the management account for an organization - /// in Organizations. + /// an Amazon Web Services account that is the management account or delegated + /// administrator account for an organization in Organizations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "isOrganizationTrail")] pub is_organization_trail: Option, /// Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. - /// The value can be an alias name prefixed by "alias/", a fully specified ARN + /// The value can be an alias name prefixed by alias/, a fully specified ARN /// to an alias, a fully specified ARN to a key, or a globally unique identifier. /// /// CloudTrail also supports KMS multi-Region keys. For more information about @@ -94,12 +96,14 @@ pub struct TrailSpec { /// * Not be in IP address format (for example, 192.168.5.4) pub name: String, /// Specifies the name of the Amazon S3 bucket designated for publishing log - /// files. See Amazon S3 Bucket Naming Requirements (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html). + /// files. For information about bucket naming rules, see Bucket naming rules + /// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) + /// in the Amazon Simple Storage Service User Guide. #[serde(rename = "s3BucketName")] pub s3_bucket_name: String, /// Specifies the Amazon S3 key prefix that comes after the name of the bucket /// you have designated for log file delivery. For more information, see Finding - /// Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html). + /// Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files). /// The maximum length is 200 characters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "s3KeyPrefix")] pub s3_key_prefix: Option, @@ -111,7 +115,8 @@ pub struct TrailSpec { pub tags: Option>, } -/// A custom key-value pair associated with a resource such as a CloudTrail trail. +/// A custom key-value pair associated with a resource such as a CloudTrail trail, +/// event data store, dashboard, or channel. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TrailTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -128,7 +133,7 @@ pub struct TrailStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudwatch_aws_amazon_com/v1alpha1/amazoncloudwatchagents.rs b/kube-custom-resources-rs/src/cloudwatch_aws_amazon_com/v1alpha1/amazoncloudwatchagents.rs index 09ea16ff1..0989d0258 100644 --- a/kube-custom-resources-rs/src/cloudwatch_aws_amazon_com/v1alpha1/amazoncloudwatchagents.rs +++ b/kube-custom-resources-rs/src/cloudwatch_aws_amazon_com/v1alpha1/amazoncloudwatchagents.rs @@ -142,6 +142,9 @@ pub struct AmazonCloudWatchAgentSpec { /// default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// Prometheus is the raw YAML to be used as the collector's prometheus configuration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prometheus: Option, /// Replicas is the number of pod instances for the underlying OpenTelemetry Collector. Set this if your are not using autoscaling #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, @@ -165,6 +168,9 @@ pub struct AmazonCloudWatchAgentSpec { /// the operator will not automatically create a ServiceAccount for the collector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, + /// TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetAllocator")] + pub target_allocator: Option, /// Duration in seconds the pod needs to terminate gracefully upon probe failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, @@ -4223,6 +4229,25 @@ pub struct AmazonCloudWatchAgentPorts { pub target_port: Option, } +/// Prometheus is the raw YAML to be used as the collector's prometheus configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentPrometheus { + /// AnyConfig represent parts of the config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub config: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub report_extra_scrape_metrics: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub start_time_metric_regex: Option, + /// AnyConfig represent parts of the config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub target_allocator: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub trim_metric_suffixes: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub use_start_time_metric: Option, +} + /// Resources to set on the OpenTelemetry Collector pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AmazonCloudWatchAgentResources { @@ -4431,6 +4456,1277 @@ pub struct AmazonCloudWatchAgentSecurityContextWindowsOptions { pub run_as_user_name: Option, } +/// TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocator { + /// If specified, indicates the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// AllocationStrategy determines which strategy the target allocator should use for allocation. + /// The current option is consistent-hashing. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocationStrategy")] + pub allocation_strategy: Option, + /// Enabled indicates whether to use a target allocation mechanism for Prometheus targets or not. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// ENV vars to set on the OpenTelemetry TargetAllocator's Pods. These can then in certain cases be + /// consumed in the config file for the TargetAllocator. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// FilterStrategy determines how to filter targets before allocating them among the collectors. + /// The only current option is relabel-config (drops targets based on prom relabel_config). + /// Filtering is disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "filterStrategy")] + pub filter_strategy: Option, + /// Image indicates the container image to use for the OpenTelemetry TargetAllocator. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// NodeSelector to schedule OpenTelemetry TargetAllocator pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. + /// All CR instances which the ServiceAccount has access to will be retrieved. This includes other namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "prometheusCR")] + pub prometheus_cr: Option, + /// Replicas is the number of pod instances for the underlying TargetAllocator. This should only be set to a value + /// other than 1 if a strategy that allows for high availability is chosen. Currently, the only allocation strategy + /// that can be run in a high availability mode is consistent-hashing. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, + /// Resources to set on the OpenTelemetryTargetAllocator containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, + /// SecurityContext configures the container security context for + /// the target-allocator. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, + /// ServiceAccount indicates the name of an existing service account to use with this instance. When set, + /// the operator will not automatically create a ServiceAccount for the TargetAllocator. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] + pub service_account: Option, + /// Toleration embedded kubernetes pod configuration option, + /// controls how pods can be scheduled with matching taints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, + /// TopologySpreadConstraints embedded kubernetes pod configuration option, + /// controls how pods are spread across your cluster among failure-domains + /// such as regions, zones, nodes, and other user-defined topology domains + /// https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] + pub topology_spread_constraints: Option>, +} + +/// If specified, indicates the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// TargetAllocator indicates a value which determines whether to spawn a target allocation resource or not. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AmazonCloudWatchAgentTargetAllocatorAllocationStrategy { + #[serde(rename = "consistent-hashing")] + ConsistentHashing, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ) retrieval. +/// All CR instances which the ServiceAccount has access to will be retrieved. This includes other namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorPrometheusCr { + /// Enabled indicates whether to use a PrometheusOperator custom resources as targets or not. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// PodMonitors to be selected for target discovery. + /// This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a + /// PodMonitor's meta labels. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podMonitorSelector")] + pub pod_monitor_selector: Option>, + /// Interval between consecutive scrapes. Equivalent to the same setting on the Prometheus CRD. + /// + /// + /// Default: "30s" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeInterval")] + pub scrape_interval: Option, + /// ServiceMonitors to be selected for target discovery. + /// This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a + /// ServiceMonitor's meta labels. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceMonitorSelector")] + pub service_monitor_selector: Option>, +} + +/// Resources to set on the OpenTelemetryTargetAllocator containers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + +/// SecurityContext configures the container security context for +/// the target-allocator. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] + pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] + pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] + pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] + pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] + pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] + pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sysctls: Option>, + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] + pub windows_options: Option, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub level: Option, + /// Role is a SELinux role label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub role: Option, + /// Type is a SELinux type label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// User is a SELinux user label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorSecurityContextSysctls { + /// Name of a property to set + pub name: String, + /// Value of a property to set + pub value: String, +} + +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorSecurityContextWindowsOptions { + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] + pub gmsa_credential_spec: Option, + /// GMSACredentialSpecName is the name of the GMSA credential spec to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] + pub gmsa_credential_spec_name: Option, + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// All of a Pod's containers must have the same effective HostProcess value + /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + /// In addition, if HostProcess is true then HostNetwork must also be set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] + pub host_process: Option, + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] + pub run_as_user_name: Option, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorTopologySpreadConstraints { + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. + #[serde(rename = "maxSkew")] + pub max_skew: i32, + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] + pub min_domains: Option, + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] + pub node_affinity_policy: Option, + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] + pub node_taints_policy: Option, + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. + #[serde(rename = "topologyKey")] + pub topology_key: String, + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. + #[serde(rename = "whenUnsatisfiable")] + pub when_unsatisfiable: String, +} + +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorTopologySpreadConstraintsLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AmazonCloudWatchAgentTargetAllocatorTopologySpreadConstraintsLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/cloudwatch_services_k8s_aws/v1alpha1/metricalarms.rs b/kube-custom-resources-rs/src/cloudwatch_services_k8s_aws/v1alpha1/metricalarms.rs index 70e7c4f19..0ceda6687 100644 --- a/kube-custom-resources-rs/src/cloudwatch_services_k8s_aws/v1alpha1/metricalarms.rs +++ b/kube-custom-resources-rs/src/cloudwatch_services_k8s_aws/v1alpha1/metricalarms.rs @@ -51,9 +51,17 @@ pub struct MetricAlarmSpec { /// /// * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name /// + /// Lambda actions: + /// + /// * Invoke the latest version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name + /// + /// * Invoke a specific version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name:version-number + /// + /// * Invoke a function by using an alias Lambda function: arn:aws:lambda:region:account-id:function:function-name:alias-name + /// /// SNS notification action: /// - /// * arn:aws:sns:region:account-id:sns-topic-name:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name + /// * arn:aws:sns:region:account-id:sns-topic-name /// /// SSM integration actions: /// @@ -159,9 +167,17 @@ pub struct MetricAlarmSpec { /// /// * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name /// + /// Lambda actions: + /// + /// * Invoke the latest version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name + /// + /// * Invoke a specific version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name:version-number + /// + /// * Invoke a function by using an alias Lambda function: arn:aws:lambda:region:account-id:function:function-name:alias-name + /// /// SNS notification action: /// - /// * arn:aws:sns:region:account-id:sns-topic-name:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name + /// * arn:aws:sns:region:account-id:sns-topic-name /// /// SSM integration actions: /// @@ -230,9 +246,17 @@ pub struct MetricAlarmSpec { /// /// * arn:aws:autoscaling:region:account-id:scalingPolicy:policy-id:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name /// + /// Lambda actions: + /// + /// * Invoke the latest version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name + /// + /// * Invoke a specific version of a Lambda function: arn:aws:lambda:region:account-id:function:function-name:version-number + /// + /// * Invoke a function by using an alias Lambda function: arn:aws:lambda:region:account-id:function:function-name:alias-name + /// /// SNS notification action: /// - /// * arn:aws:sns:region:account-id:sns-topic-name:autoScalingGroupName/group-friendly-name:policyName/policy-friendly-name + /// * arn:aws:sns:region:account-id:sns-topic-name /// /// SSM integration actions: /// @@ -280,6 +304,10 @@ pub struct MetricAlarmSpec { /// specify in this parameter are ignored. To change the tags of an existing /// alarm, use TagResource (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_TagResource.html) /// or UntagResource (https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_UntagResource.html). + /// + /// To use this field to set tags for an alarm when you create it, you must be + /// signed on with both the cloudwatch:PutMetricAlarm and cloudwatch:TagResource + /// permissions. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, /// The value against which the specified statistic is compared. @@ -453,7 +481,7 @@ pub struct MetricAlarmStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs b/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs index bda16799a..d570b35a2 100644 --- a/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs +++ b/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs @@ -107,7 +107,7 @@ pub struct LogGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/clusters.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/clusters.rs index 5279ce887..73d2137bb 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/clusters.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/clusters.rs @@ -21,7 +21,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterSpec { - /// Cluster network configuration. + /// clusterNetwork is the cluster network configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNetwork")] pub cluster_network: Option, /// controlPlaneEndpoint represents the endpoint used to communicate with the control plane. @@ -40,34 +40,36 @@ pub struct ClusterSpec { pub paused: Option, } -/// Cluster network configuration. +/// clusterNetwork is the cluster network configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetwork { /// apiServerPort specifies the port the API Server should bind to. /// Defaults to 6443. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerPort")] pub api_server_port: Option, - /// The network ranges from which Pod networks are allocated. + /// pods is the network ranges from which Pod networks are allocated. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, - /// Domain name for services. + /// serviceDomain is the domain name for services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDomain")] pub service_domain: Option, - /// The network ranges from which service VIPs are allocated. + /// services is the network ranges from which service VIPs are allocated. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option, } -/// The network ranges from which Pod networks are allocated. +/// pods is the network ranges from which Pod networks are allocated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetworkPods { + /// cidrBlocks is a list of CIDR blocks. #[serde(rename = "cidrBlocks")] pub cidr_blocks: Vec, } -/// The network ranges from which service VIPs are allocated. +/// services is the network ranges from which service VIPs are allocated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetworkServices { + /// cidrBlocks is a list of CIDR blocks. #[serde(rename = "cidrBlocks")] pub cidr_blocks: Vec, } @@ -75,9 +77,9 @@ pub struct ClusterClusterNetworkServices { /// controlPlaneEndpoint represents the endpoint used to communicate with the control plane. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterControlPlaneEndpoint { - /// The hostname on which the API server is serving. + /// host is the hostname on which the API server is serving. pub host: String, - /// The port on which the API server is serving. + /// port is the port on which the API server is serving. pub port: i32, } diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinedeployments.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinedeployments.rs index 91e6ceaf8..1704bb610 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinedeployments.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinedeployments.rs @@ -24,36 +24,36 @@ pub struct MachineDeploymentSpec { /// clusterName is the name of the Cluster this object belongs to. #[serde(rename = "clusterName")] pub cluster_name: String, - /// Minimum number of seconds for which a newly created machine should + /// minReadySeconds is the minimum number of seconds for which a newly created machine should /// be ready. /// Defaults to 0 (machine will be considered available as soon as it /// is ready) #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] pub min_ready_seconds: Option, - /// Indicates that the deployment is paused. + /// paused indicates that the deployment is paused. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, - /// The maximum time in seconds for a deployment to make progress before it + /// progressDeadlineSeconds is the maximum time in seconds for a deployment to make progress before it /// is considered to be failed. The deployment controller will continue to /// process failed deployments and a condition with a ProgressDeadlineExceeded /// reason will be surfaced in the deployment status. Note that progress will /// not be estimated during the time a deployment is paused. Defaults to 600s. #[serde(default, skip_serializing_if = "Option::is_none", rename = "progressDeadlineSeconds")] pub progress_deadline_seconds: Option, - /// Number of desired machines. Defaults to 1. + /// replicas is the number of desired machines. Defaults to 1. /// This is a pointer to distinguish between explicit zero and not specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// The number of old MachineSets to retain to allow rollback. + /// revisionHistoryLimit is the number of old MachineSets to retain to allow rollback. /// This is a pointer to distinguish between explicit zero and not specified. /// Defaults to 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "revisionHistoryLimit")] pub revision_history_limit: Option, - /// Label selector for machines. Existing MachineSets whose machines are + /// selector is the label selector for machines. Existing MachineSets whose machines are /// selected by this will be the ones affected by this deployment. /// It must match the machine template's labels. pub selector: MachineDeploymentSelector, - /// The deployment strategy to use to replace existing machines with + /// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[serde(default, skip_serializing_if = "Option::is_none")] pub strategy: Option, @@ -61,7 +61,7 @@ pub struct MachineDeploymentSpec { pub template: MachineDeploymentTemplate, } -/// Label selector for machines. Existing MachineSets whose machines are +/// selector is the label selector for machines. Existing MachineSets whose machines are /// selected by this will be the ones affected by this deployment. /// It must match the machine template's labels. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -93,11 +93,11 @@ pub struct MachineDeploymentSelectorMatchExpressions { pub values: Option>, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStrategy { - /// Rolling update config params. Present only if + /// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, @@ -108,11 +108,11 @@ pub struct MachineDeploymentStrategy { pub r#type: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStrategyRollingUpdate { - /// The maximum number of machines that can be scheduled above the + /// maxSurge is the maximum number of machines that can be scheduled above the /// desired number of machines. /// Value can be an absolute number (ex: 5) or a percentage of /// desired machines (ex: 10%). @@ -127,7 +127,7 @@ pub struct MachineDeploymentStrategyRollingUpdate { /// at any time during the update is at most 130% of desired machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of machines that can be unavailable during the update. + /// maxUnavailable is the maximum number of machines that can be unavailable during the update. /// Value can be an absolute number (ex: 5) or a percentage of desired /// machines (ex: 10%). /// Absolute number is calculated from percentage by rounding down. @@ -150,7 +150,7 @@ pub struct MachineDeploymentTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -185,7 +185,7 @@ pub struct MachineDeploymentTemplateMetadata { /// Deprecated: This field has no function and is going to be removed in a next release. #[serde(default, skip_serializing_if = "Option::is_none", rename = "generateName")] pub generate_name: Option, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -213,7 +213,7 @@ pub struct MachineDeploymentTemplateMetadata { /// Deprecated: This field has no function and is going to be removed in a next release. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// List of objects depended by this object. If ALL objects in the list have + /// ownerReferences is the list of objects depended by this object. If ALL objects in the list have /// been deleted, this object will be garbage collected. If this object is managed by a controller, /// then an entry in this list will point to this controller, with the controller field set to true. /// There cannot be more than one managing controller. @@ -255,7 +255,7 @@ pub struct MachineDeploymentTemplateMetadataOwnerReferences { pub uid: String, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentTemplateSpec { @@ -399,20 +399,20 @@ pub struct MachineDeploymentTemplateSpecInfrastructureRef { /// MachineDeploymentStatus defines the observed state of MachineDeployment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStatus { - /// Total number of available machines (ready for at least minReadySeconds) + /// availableReplicas is the total number of available machines (ready for at least minReadySeconds) /// targeted by this deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, - /// The generation observed by the deployment controller. + /// observedGeneration is the generation observed by the deployment controller. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, /// phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// Total number of ready machines targeted by this deployment. + /// readyReplicas is the total number of ready machines targeted by this deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, - /// Total number of non-terminated machines targeted by this deployment + /// replicas is the total number of non-terminated machines targeted by this deployment /// (their labels match the selector). #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, @@ -421,14 +421,14 @@ pub struct MachineDeploymentStatus { /// More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// Total number of unavailable machines targeted by this deployment. + /// unavailableReplicas is the total number of unavailable machines targeted by this deployment. /// This is the total number of machines that are still required for /// the deployment to have 100% available capacity. They may either /// be machines that are running but not yet available or machines /// that still have not been created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unavailableReplicas")] pub unavailable_replicas: Option, - /// Total number of non-terminated machines targeted by this deployment + /// updatedReplicas is the total number of non-terminated machines targeted by this deployment /// that have the desired template spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatedReplicas")] pub updated_replicas: Option, diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinehealthchecks.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinehealthchecks.rs index 2ec518cc1..4c28f1fef 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinehealthchecks.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinehealthchecks.rs @@ -13,7 +13,7 @@ mod prelude { } use self::prelude::*; -/// Specification of machine health check policy +/// spec is the specification of machine health check policy #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "cluster.x-k8s.io", version = "v1alpha3", kind = "MachineHealthCheck", plural = "machinehealthchecks")] #[kube(namespaced)] @@ -25,12 +25,13 @@ pub struct MachineHealthCheckSpec { /// clusterName is the name of the Cluster this object belongs to. #[serde(rename = "clusterName")] pub cluster_name: String, - /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + /// maxUnhealthy specifies the maximum number of unhealthy machines allowed. + /// Any further remediation is only allowed if at most "maxUnhealthy" machines selected by /// "selector" are not healthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnhealthy")] pub max_unhealthy: Option, - /// Machines older than this duration without a node will be considered to have - /// failed and will be remediated. + /// nodeStartupTimeout is the duration after which machines without a node will be considered to + /// have failed and will be remediated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeStartupTimeout")] pub node_startup_timeout: Option, /// remediationTemplate is a reference to a remediation template @@ -41,7 +42,7 @@ pub struct MachineHealthCheckSpec { /// a controller that lives outside of Cluster API. #[serde(default, skip_serializing_if = "Option::is_none", rename = "remediationTemplate")] pub remediation_template: Option, - /// Label selector to match machines whose health will be exercised + /// selector is the label selector to match machines whose health will be exercised pub selector: MachineHealthCheckSelector, /// unhealthyConditions contains a list of the conditions that determine /// whether a node is considered unhealthy. The conditions are combined in a @@ -92,7 +93,7 @@ pub struct MachineHealthCheckRemediationTemplate { pub uid: Option, } -/// Label selector to match machines whose health will be exercised +/// selector is the label selector to match machines whose health will be exercised #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -127,22 +128,28 @@ pub struct MachineHealthCheckSelectorMatchExpressions { /// status for at least the timeout value, a node is considered unhealthy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckUnhealthyConditions { + /// status of the condition, one of True, False, Unknown. pub status: String, + /// timeout is the duration that a node must be in a given status for, + /// after which the node is considered unhealthy. + /// For example, with a value of "1h", the node must match the status + /// for at least 1 hour before being considered unhealthy. pub timeout: String, + /// type of Node condition #[serde(rename = "type")] pub r#type: String, } -/// Most recently observed status of MachineHealthCheck resource +/// status is the most recently observed status of MachineHealthCheck resource #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckStatus { /// conditions defines current service state of the MachineHealthCheck. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// total number of healthy machines counted by this machine health check + /// currentHealthy is the total number of healthy machines counted by this machine health check #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentHealthy")] pub current_healthy: Option, - /// total number of machines counted by this machine health check + /// expectedMachines is the total number of machines counted by this machine health check #[serde(default, skip_serializing_if = "Option::is_none", rename = "expectedMachines")] pub expected_machines: Option, /// observedGeneration is the latest generation observed by the controller. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinepools.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinepools.rs index 9db51ca9e..a9a9da362 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinepools.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinepools.rs @@ -28,7 +28,7 @@ pub struct MachinePoolSpec { /// failureDomains is the list of failure domains this MachinePool should be attached to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] pub failure_domains: Option>, - /// Minimum number of seconds for which a newly created machine instances should + /// minReadySeconds is the minimum number of seconds for which a newly created machine instances should /// be ready. /// Defaults to 0 (machine instance will be considered available as soon as it /// is ready) @@ -38,11 +38,11 @@ pub struct MachinePoolSpec { /// This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerIDList")] pub provider_id_list: Option>, - /// Number of desired machines. Defaults to 1. + /// replicas is the number of desired machines. Defaults to 1. /// This is a pointer to distinguish between explicit zero and not specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// The deployment strategy to use to replace existing machine instances with + /// strategy is the deployment strategy to use to replace existing machine instances with /// new ones. #[serde(default, skip_serializing_if = "Option::is_none")] pub strategy: Option, @@ -50,11 +50,11 @@ pub struct MachinePoolSpec { pub template: MachinePoolTemplate, } -/// The deployment strategy to use to replace existing machine instances with +/// strategy is the deployment strategy to use to replace existing machine instances with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolStrategy { - /// Rolling update config params. Present only if + /// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, @@ -65,11 +65,11 @@ pub struct MachinePoolStrategy { pub r#type: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolStrategyRollingUpdate { - /// The maximum number of machines that can be scheduled above the + /// maxSurge is the maximum number of machines that can be scheduled above the /// desired number of machines. /// Value can be an absolute number (ex: 5) or a percentage of /// desired machines (ex: 10%). @@ -84,7 +84,7 @@ pub struct MachinePoolStrategyRollingUpdate { /// at any time during the update is at most 130% of desired machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of machines that can be unavailable during the update. + /// maxUnavailable is the maximum number of machines that can be unavailable during the update. /// Value can be an absolute number (ex: 5) or a percentage of desired /// machines (ex: 10%). /// Absolute number is calculated from percentage by rounding down. @@ -107,7 +107,7 @@ pub struct MachinePoolTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -142,7 +142,7 @@ pub struct MachinePoolTemplateMetadata { /// Deprecated: This field has no function and is going to be removed in a next release. #[serde(default, skip_serializing_if = "Option::is_none", rename = "generateName")] pub generate_name: Option, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -170,7 +170,7 @@ pub struct MachinePoolTemplateMetadata { /// Deprecated: This field has no function and is going to be removed in a next release. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// List of objects depended by this object. If ALL objects in the list have + /// ownerReferences is the list of objects depended by this object. If ALL objects in the list have /// been deleted, this object will be garbage collected. If this object is managed by a controller, /// then an entry in this list will point to this controller, with the controller field set to true. /// There cannot be more than one managing controller. @@ -212,7 +212,7 @@ pub struct MachinePoolTemplateMetadataOwnerReferences { pub uid: String, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolTemplateSpec { @@ -356,7 +356,7 @@ pub struct MachinePoolTemplateSpecInfrastructureRef { /// MachinePoolStatus defines the observed state of MachinePool. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolStatus { - /// The number of available replicas (ready for at least minReadySeconds) for this MachinePool. + /// availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachinePool. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, /// bootstrapReady is the state of the bootstrap provider. @@ -386,13 +386,13 @@ pub struct MachinePoolStatus { /// E.g. Pending, Running, Terminating, Failed etc. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". + /// readyReplicas is the number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, /// replicas is the most recently observed number of replicas. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Total number of unavailable machine instances targeted by this machine pool. + /// unavailableReplicas is the total number of unavailable machine instances targeted by this machine pool. /// This is the total number of machine instances that are still required for /// the machine pool to have 100% available capacity. They may either /// be machine instances that are running but not yet available or machine instances diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machines.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machines.rs index 42e84f6f5..973ae3da3 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machines.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machines.rs @@ -233,9 +233,9 @@ pub struct MachineStatus { /// MachineAddress contains information for the node's address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineStatusAddresses { - /// The machine address. + /// address is the machine address. pub address: String, - /// Machine address type, one of Hostname, ExternalIP or InternalIP. + /// type is the machine address type, one of Hostname, ExternalIP or InternalIP. #[serde(rename = "type")] pub r#type: String, } diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinesets.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinesets.rs index c8c29f2ab..27ce48c84 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinesets.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha3/machinesets.rs @@ -98,7 +98,7 @@ pub struct MachineSetTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -133,7 +133,7 @@ pub struct MachineSetTemplateMetadata { /// Deprecated: This field has no function and is going to be removed in a next release. #[serde(default, skip_serializing_if = "Option::is_none", rename = "generateName")] pub generate_name: Option, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -161,7 +161,7 @@ pub struct MachineSetTemplateMetadata { /// Deprecated: This field has no function and is going to be removed in a next release. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// List of objects depended by this object. If ALL objects in the list have + /// ownerReferences is the list of objects depended by this object. If ALL objects in the list have /// been deleted, this object will be garbage collected. If this object is managed by a controller, /// then an entry in this list will point to this controller, with the controller field set to true. /// There cannot be more than one managing controller. @@ -203,7 +203,7 @@ pub struct MachineSetTemplateMetadataOwnerReferences { pub uid: String, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineSetTemplateSpec { @@ -347,11 +347,18 @@ pub struct MachineSetTemplateSpecInfrastructureRef { /// MachineSetStatus defines the observed state of MachineSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineSetStatus { - /// The number of available replicas (ready for at least minReadySeconds) for this MachineSet. + /// availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, + /// failureMessage will be set in the event that there is a terminal problem + /// reconciling the Machine and will contain a more verbose string suitable + /// for logging and human consumption. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, + /// failureReason will be set in the event that there is a terminal problem + /// reconciling the Machine and will contain a succinct value suitable + /// for machine interpretation. + /// /// In the event that there is a terminal problem reconciling the /// replicas, both FailureReason and FailureMessage will be set. FailureReason /// will be populated with a succinct value suitable for machine @@ -372,13 +379,13 @@ pub struct MachineSetStatus { /// controller's output. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureReason")] pub failure_reason: Option, - /// The number of replicas that have labels matching the labels of the machine template of the MachineSet. + /// fullyLabeledReplicas is the number of replicas that have labels matching the labels of the machine template of the MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fullyLabeledReplicas")] pub fully_labeled_replicas: Option, /// observedGeneration reflects the generation of the most recently observed MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, - /// The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". + /// readyReplicas is the number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, /// replicas is the most recently observed number of replicas. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusterclasses.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusterclasses.rs index e20f32d42..ed52554e2 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusterclasses.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusterclasses.rs @@ -41,7 +41,7 @@ pub struct ClusterClassSpec { /// for provisioning the Control Plane for the Cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassControlPlane { - /// MachineTemplate defines the metadata and infrastructure information + /// machineInfrastructure defines the metadata and infrastructure information /// for control plane machines. /// /// This field is supported if and only if the control plane provider template @@ -61,7 +61,7 @@ pub struct ClusterClassControlPlane { pub r#ref: ObjectReference, } -/// MachineTemplate defines the metadata and infrastructure information +/// machineInfrastructure defines the metadata and infrastructure information /// for control plane machines. /// /// This field is supported if and only if the control plane provider template @@ -125,7 +125,7 @@ pub struct ClusterClassControlPlaneMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -368,7 +368,7 @@ pub struct ClusterClassWorkersMachineDeploymentsTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusters.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusters.rs index bd6752af4..9a0418db3 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusters.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/clusters.rs @@ -21,7 +21,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterSpec { - /// Cluster network configuration. + /// clusterNetwork is the cluster network configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNetwork")] pub cluster_network: Option, /// controlPlaneEndpoint represents the endpoint used to communicate with the control plane. @@ -38,7 +38,7 @@ pub struct ClusterSpec { /// paused can be used to prevent controllers from processing the Cluster and all its associated objects. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, - /// This encapsulates the topology for the cluster. + /// topology encapsulates the topology for the cluster. /// NOTE: It is required to enable the ClusterTopology /// feature gate flag to activate managed topologies support; /// this feature is highly experimental, and parts of it might still be not implemented. @@ -46,34 +46,36 @@ pub struct ClusterSpec { pub topology: Option, } -/// Cluster network configuration. +/// clusterNetwork is the cluster network configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetwork { /// apiServerPort specifies the port the API Server should bind to. /// Defaults to 6443. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerPort")] pub api_server_port: Option, - /// The network ranges from which Pod networks are allocated. + /// pods is the network ranges from which Pod networks are allocated. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, - /// Domain name for services. + /// serviceDomain is the domain name for services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDomain")] pub service_domain: Option, - /// The network ranges from which service VIPs are allocated. + /// services is the network ranges from which service VIPs are allocated. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option, } -/// The network ranges from which Pod networks are allocated. +/// pods is the network ranges from which Pod networks are allocated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetworkPods { + /// cidrBlocks is a list of CIDR blocks. #[serde(rename = "cidrBlocks")] pub cidr_blocks: Vec, } -/// The network ranges from which service VIPs are allocated. +/// services is the network ranges from which service VIPs are allocated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetworkServices { + /// cidrBlocks is a list of CIDR blocks. #[serde(rename = "cidrBlocks")] pub cidr_blocks: Vec, } @@ -81,9 +83,9 @@ pub struct ClusterClusterNetworkServices { /// controlPlaneEndpoint represents the endpoint used to communicate with the control plane. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterControlPlaneEndpoint { - /// The hostname on which the API server is serving. + /// host is the hostname on which the API server is serving. pub host: String, - /// The port on which the API server is serving. + /// port is the port on which the API server is serving. pub port: i32, } @@ -163,13 +165,13 @@ pub struct ClusterInfrastructureRef { pub uid: Option, } -/// This encapsulates the topology for the cluster. +/// topology encapsulates the topology for the cluster. /// NOTE: It is required to enable the ClusterTopology /// feature gate flag to activate managed topologies support; /// this feature is highly experimental, and parts of it might still be not implemented. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopology { - /// The name of the ClusterClass object to create the topology. + /// class is the name of the ClusterClass object to create the topology. pub class: String, /// controlPlane describes the cluster control plane. #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlPlane")] @@ -178,7 +180,7 @@ pub struct ClusterTopology { /// control plane first and then machine deployments. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rolloutAfter")] pub rollout_after: Option, - /// The Kubernetes version of the cluster. + /// version is the Kubernetes version of the cluster. pub version: String, /// workers encapsulates the different constructs that form the worker nodes /// for the cluster. @@ -217,7 +219,7 @@ pub struct ClusterTopologyControlPlaneMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -269,7 +271,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinedeployments.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinedeployments.rs index ccc6d7df0..5ab02d943 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinedeployments.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinedeployments.rs @@ -25,36 +25,36 @@ pub struct MachineDeploymentSpec { /// clusterName is the name of the Cluster this object belongs to. #[serde(rename = "clusterName")] pub cluster_name: String, - /// Minimum number of seconds for which a newly created machine should + /// minReadySeconds is the minimum number of seconds for which a newly created machine should /// be ready. /// Defaults to 0 (machine will be considered available as soon as it /// is ready) #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] pub min_ready_seconds: Option, - /// Indicates that the deployment is paused. + /// paused indicates that the deployment is paused. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, - /// The maximum time in seconds for a deployment to make progress before it + /// progressDeadlineSeconds is the maximum time in seconds for a deployment to make progress before it /// is considered to be failed. The deployment controller will continue to /// process failed deployments and a condition with a ProgressDeadlineExceeded /// reason will be surfaced in the deployment status. Note that progress will /// not be estimated during the time a deployment is paused. Defaults to 600s. #[serde(default, skip_serializing_if = "Option::is_none", rename = "progressDeadlineSeconds")] pub progress_deadline_seconds: Option, - /// Number of desired machines. Defaults to 1. + /// replicas is the number of desired machines. Defaults to 1. /// This is a pointer to distinguish between explicit zero and not specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// The number of old MachineSets to retain to allow rollback. + /// revisionHistoryLimit is the number of old MachineSets to retain to allow rollback. /// This is a pointer to distinguish between explicit zero and not specified. /// Defaults to 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "revisionHistoryLimit")] pub revision_history_limit: Option, - /// Label selector for machines. Existing MachineSets whose machines are + /// selector is the label selector for machines. Existing MachineSets whose machines are /// selected by this will be the ones affected by this deployment. /// It must match the machine template's labels. pub selector: MachineDeploymentSelector, - /// The deployment strategy to use to replace existing machines with + /// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[serde(default, skip_serializing_if = "Option::is_none")] pub strategy: Option, @@ -62,7 +62,7 @@ pub struct MachineDeploymentSpec { pub template: MachineDeploymentTemplate, } -/// Label selector for machines. Existing MachineSets whose machines are +/// selector is the label selector for machines. Existing MachineSets whose machines are /// selected by this will be the ones affected by this deployment. /// It must match the machine template's labels. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -94,11 +94,11 @@ pub struct MachineDeploymentSelectorMatchExpressions { pub values: Option>, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStrategy { - /// Rolling update config params. Present only if + /// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, @@ -108,7 +108,7 @@ pub struct MachineDeploymentStrategy { pub r#type: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStrategyRollingUpdate { @@ -117,7 +117,7 @@ pub struct MachineDeploymentStrategyRollingUpdate { /// When no value is supplied, the default DeletePolicy of MachineSet is used #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletePolicy")] pub delete_policy: Option, - /// The maximum number of machines that can be scheduled above the + /// maxSurge is the maximum number of machines that can be scheduled above the /// desired number of machines. /// Value can be an absolute number (ex: 5) or a percentage of /// desired machines (ex: 10%). @@ -132,7 +132,7 @@ pub struct MachineDeploymentStrategyRollingUpdate { /// at any time during the update is at most 130% of desired machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of machines that can be unavailable during the update. + /// maxUnavailable is the maximum number of machines that can be unavailable during the update. /// Value can be an absolute number (ex: 5) or a percentage of desired /// machines (ex: 10%). /// Absolute number is calculated from percentage by rounding down. @@ -148,7 +148,7 @@ pub struct MachineDeploymentStrategyRollingUpdate { pub max_unavailable: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum MachineDeploymentStrategyRollingUpdateDeletePolicy { @@ -157,7 +157,7 @@ pub enum MachineDeploymentStrategyRollingUpdateDeletePolicy { Oldest, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum MachineDeploymentStrategyType { @@ -172,7 +172,7 @@ pub struct MachineDeploymentTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -188,7 +188,7 @@ pub struct MachineDeploymentTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -196,7 +196,7 @@ pub struct MachineDeploymentTemplateMetadata { pub labels: Option>, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentTemplateSpec { @@ -334,23 +334,23 @@ pub struct MachineDeploymentTemplateSpecInfrastructureRef { /// MachineDeploymentStatus defines the observed state of MachineDeployment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStatus { - /// Total number of available machines (ready for at least minReadySeconds) + /// availableReplicas is the total number of available machines (ready for at least minReadySeconds) /// targeted by this deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, /// conditions defines current service state of the MachineDeployment. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The generation observed by the deployment controller. + /// observedGeneration is the generation observed by the deployment controller. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, /// phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// Total number of ready machines targeted by this deployment. + /// readyReplicas is the total number of ready machines targeted by this deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, - /// Total number of non-terminated machines targeted by this deployment + /// replicas is the total number of non-terminated machines targeted by this deployment /// (their labels match the selector). #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, @@ -359,14 +359,14 @@ pub struct MachineDeploymentStatus { /// More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// Total number of unavailable machines targeted by this deployment. + /// unavailableReplicas is the total number of unavailable machines targeted by this deployment. /// This is the total number of machines that are still required for /// the deployment to have 100% available capacity. They may either /// be machines that are running but not yet available or machines /// that still have not been created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unavailableReplicas")] pub unavailable_replicas: Option, - /// Total number of non-terminated machines targeted by this deployment + /// updatedReplicas is the total number of non-terminated machines targeted by this deployment /// that have the desired template spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatedReplicas")] pub updated_replicas: Option, diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinehealthchecks.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinehealthchecks.rs index 556fb799c..1c85e764f 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinehealthchecks.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinehealthchecks.rs @@ -13,7 +13,7 @@ mod prelude { } use self::prelude::*; -/// Specification of machine health check policy +/// spec is the specification of machine health check policy #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "cluster.x-k8s.io", version = "v1alpha4", kind = "MachineHealthCheck", plural = "machinehealthchecks")] #[kube(namespaced)] @@ -25,12 +25,13 @@ pub struct MachineHealthCheckSpec { /// clusterName is the name of the Cluster this object belongs to. #[serde(rename = "clusterName")] pub cluster_name: String, - /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + /// maxUnhealthy specifies the maximum number of unhealthy machines allowed. + /// Any further remediation is only allowed if at most "maxUnhealthy" machines selected by /// "selector" are not healthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnhealthy")] pub max_unhealthy: Option, - /// Machines older than this duration without a node will be considered to have - /// failed and will be remediated. + /// nodeStartupTimeout is the duration after which machines without a node will be considered to + /// have failed and will be remediated. /// If not set, this value is defaulted to 10 minutes. /// If you wish to disable this feature, set the value explicitly to 0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeStartupTimeout")] @@ -43,15 +44,16 @@ pub struct MachineHealthCheckSpec { /// a controller that lives outside of Cluster API. #[serde(default, skip_serializing_if = "Option::is_none", rename = "remediationTemplate")] pub remediation_template: Option, - /// Label selector to match machines whose health will be exercised + /// selector is the label selector to match machines whose health will be exercised pub selector: MachineHealthCheckSelector, /// unhealthyConditions contains a list of the conditions that determine /// whether a node is considered unhealthy. The conditions are combined in a /// logical OR, i.e. if any of the conditions is met, the node is unhealthy. #[serde(rename = "unhealthyConditions")] pub unhealthy_conditions: Vec, + /// unhealthyRange specifies the range of unhealthy machines allowed. /// Any further remediation is only allowed if the number of machines selected by "selector" as not healthy - /// is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + /// is within the range of "unhealthyRange". Takes precedence over maxUnhealthy. /// Eg. "[3-5]" - This means that remediation will be allowed only when: /// (a) there are at least 3 unhealthy machines (and) /// (b) there are at most 5 unhealthy machines @@ -101,7 +103,7 @@ pub struct MachineHealthCheckRemediationTemplate { pub uid: Option, } -/// Label selector to match machines whose health will be exercised +/// selector is the label selector to match machines whose health will be exercised #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -136,22 +138,28 @@ pub struct MachineHealthCheckSelectorMatchExpressions { /// status for at least the timeout value, a node is considered unhealthy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckUnhealthyConditions { + /// status of the condition, one of True, False, Unknown. pub status: String, + /// timeout is the duration that a node must be in a given status for, + /// after which the node is considered unhealthy. + /// For example, with a value of "1h", the node must match the status + /// for at least 1 hour before being considered unhealthy. pub timeout: String, + /// type of Node condition #[serde(rename = "type")] pub r#type: String, } -/// Most recently observed status of MachineHealthCheck resource +/// status is the most recently observed status of MachineHealthCheck resource #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckStatus { /// conditions defines current service state of the MachineHealthCheck. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// total number of healthy machines counted by this machine health check + /// currentHealthy is the total number of healthy machines counted by this machine health check #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentHealthy")] pub current_healthy: Option, - /// total number of machines counted by this machine health check + /// expectedMachines is the total number of machines counted by this machine health check #[serde(default, skip_serializing_if = "Option::is_none", rename = "expectedMachines")] pub expected_machines: Option, /// observedGeneration is the latest generation observed by the controller. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinepools.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinepools.rs index a1855ecbe..2db60e42b 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinepools.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinepools.rs @@ -27,7 +27,7 @@ pub struct MachinePoolSpec { /// failureDomains is the list of failure domains this MachinePool should be attached to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] pub failure_domains: Option>, - /// Minimum number of seconds for which a newly created machine instances should + /// minReadySeconds is the minimum number of seconds for which a newly created machine instances should /// be ready. /// Defaults to 0 (machine instance will be considered available as soon as it /// is ready) @@ -37,7 +37,7 @@ pub struct MachinePoolSpec { /// This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerIDList")] pub provider_id_list: Option>, - /// Number of desired machines. Defaults to 1. + /// replicas is the number of desired machines. Defaults to 1. /// This is a pointer to distinguish between explicit zero and not specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, @@ -52,7 +52,7 @@ pub struct MachinePoolTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -68,7 +68,7 @@ pub struct MachinePoolTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -76,7 +76,7 @@ pub struct MachinePoolTemplateMetadata { pub labels: Option>, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolTemplateSpec { @@ -214,7 +214,7 @@ pub struct MachinePoolTemplateSpecInfrastructureRef { /// MachinePoolStatus defines the observed state of MachinePool. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolStatus { - /// The number of available replicas (ready for at least minReadySeconds) for this MachinePool. + /// availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachinePool. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, /// bootstrapReady is the state of the bootstrap provider. @@ -244,13 +244,13 @@ pub struct MachinePoolStatus { /// E.g. Pending, Running, Terminating, Failed etc. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". + /// readyReplicas is the number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, /// replicas is the most recently observed number of replicas. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Total number of unavailable machine instances targeted by this machine pool. + /// unavailableReplicas is the total number of unavailable machine instances targeted by this machine pool. /// This is the total number of machine instances that are still required for /// the machine pool to have 100% available capacity. They may either /// be machine instances that are running but not yet available or machine instances diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machines.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machines.rs index 61980e4cb..a90ba3533 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machines.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machines.rs @@ -231,9 +231,9 @@ pub struct MachineStatus { /// MachineAddress contains information for the node's address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineStatusAddresses { - /// The machine address. + /// address is the machine address. pub address: String, - /// Machine address type, one of Hostname, ExternalIP or InternalIP. + /// type is the machine address type, one of Hostname, ExternalIP or InternalIP. #[serde(rename = "type")] pub r#type: String, } diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinesets.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinesets.rs index d79d2fbab..198e8d7ef 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinesets.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1alpha4/machinesets.rs @@ -99,7 +99,7 @@ pub struct MachineSetTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -115,7 +115,7 @@ pub struct MachineSetTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -123,7 +123,7 @@ pub struct MachineSetTemplateMetadata { pub labels: Option>, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineSetTemplateSpec { @@ -261,14 +261,21 @@ pub struct MachineSetTemplateSpecInfrastructureRef { /// MachineSetStatus defines the observed state of MachineSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineSetStatus { - /// The number of available replicas (ready for at least minReadySeconds) for this MachineSet. + /// availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, /// conditions defines current service state of the MachineSet. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// failureMessage will be set in the event that there is a terminal problem + /// reconciling the Machine and will contain a more verbose string suitable + /// for logging and human consumption. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, + /// failureReason will be set in the event that there is a terminal problem + /// reconciling the Machine and will contain a succinct value suitable + /// for machine interpretation. + /// /// In the event that there is a terminal problem reconciling the /// replicas, both FailureReason and FailureMessage will be set. FailureReason /// will be populated with a succinct value suitable for machine @@ -289,13 +296,13 @@ pub struct MachineSetStatus { /// controller's output. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureReason")] pub failure_reason: Option, - /// The number of replicas that have labels matching the labels of the machine template of the MachineSet. + /// fullyLabeledReplicas is the number of replicas that have labels matching the labels of the machine template of the MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fullyLabeledReplicas")] pub fully_labeled_replicas: Option, /// observedGeneration reflects the generation of the most recently observed MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, - /// The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". + /// readyReplicas is the number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, /// replicas is the most recently observed number of replicas. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs index 1aaf937de..312643038 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusterclasses.rs @@ -105,7 +105,8 @@ pub struct ClusterClassControlPlane { /// referenced above is Machine based and supports setting replicas. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassControlPlaneMachineHealthCheck { - /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + /// maxUnhealthy specifies the maximum number of unhealthy machines allowed. + /// Any further remediation is only allowed if at most "maxUnhealthy" machines selected by /// "selector" are not healthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnhealthy")] pub max_unhealthy: Option, @@ -136,8 +137,9 @@ pub struct ClusterClassControlPlaneMachineHealthCheck { /// logical OR, i.e. if any of the conditions is met, the node is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyConditions")] pub unhealthy_conditions: Option>, + /// unhealthyRange specifies the range of unhealthy machines allowed. /// Any further remediation is only allowed if the number of machines selected by "selector" as not healthy - /// is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + /// is within the range of "unhealthyRange". Takes precedence over maxUnhealthy. /// Eg. "[3-5]" - This means that remediation will be allowed only when: /// (a) there are at least 3 unhealthy machines (and) /// (b) there are at most 5 unhealthy machines @@ -192,8 +194,14 @@ pub struct ClusterClassControlPlaneMachineHealthCheckRemediationTemplate { /// status for at least the timeout value, a node is considered unhealthy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassControlPlaneMachineHealthCheckUnhealthyConditions { + /// status of the condition, one of True, False, Unknown. pub status: String, + /// timeout is the duration that a node must be in a given status for, + /// after which the node is considered unhealthy. + /// For example, with a value of "1h", the node must match the status + /// for at least 1 hour before being considered unhealthy. pub timeout: String, + /// type of Node condition #[serde(rename = "type")] pub r#type: String, } @@ -264,7 +272,7 @@ pub struct ClusterClassControlPlaneMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -563,7 +571,7 @@ pub struct ClusterClassVariablesMetadata { /// They are not queryable. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, @@ -837,7 +845,7 @@ pub struct ClusterClassVariablesSchemaOpenApiv3SchemaXMetadata { /// They are not queryable. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, @@ -874,7 +882,7 @@ pub struct ClusterClassWorkersMachineDeployments { /// machineHealthCheck defines a MachineHealthCheck for this MachineDeploymentClass. #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineHealthCheck")] pub machine_health_check: Option, - /// Minimum number of seconds for which a newly created machine should + /// minReadySeconds is the minimum number of seconds for which a newly created machine should /// be ready. /// Defaults to 0 (machine will be considered available as soon as it /// is ready) @@ -901,7 +909,7 @@ pub struct ClusterClassWorkersMachineDeployments { /// NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeVolumeDetachTimeout")] pub node_volume_detach_timeout: Option, - /// The deployment strategy to use to replace existing machines with + /// strategy is the deployment strategy to use to replace existing machines with /// new ones. /// NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -914,7 +922,8 @@ pub struct ClusterClassWorkersMachineDeployments { /// machineHealthCheck defines a MachineHealthCheck for this MachineDeploymentClass. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassWorkersMachineDeploymentsMachineHealthCheck { - /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + /// maxUnhealthy specifies the maximum number of unhealthy machines allowed. + /// Any further remediation is only allowed if at most "maxUnhealthy" machines selected by /// "selector" are not healthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnhealthy")] pub max_unhealthy: Option, @@ -945,8 +954,9 @@ pub struct ClusterClassWorkersMachineDeploymentsMachineHealthCheck { /// logical OR, i.e. if any of the conditions is met, the node is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyConditions")] pub unhealthy_conditions: Option>, + /// unhealthyRange specifies the range of unhealthy machines allowed. /// Any further remediation is only allowed if the number of machines selected by "selector" as not healthy - /// is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + /// is within the range of "unhealthyRange". Takes precedence over maxUnhealthy. /// Eg. "[3-5]" - This means that remediation will be allowed only when: /// (a) there are at least 3 unhealthy machines (and) /// (b) there are at most 5 unhealthy machines @@ -1001,8 +1011,14 @@ pub struct ClusterClassWorkersMachineDeploymentsMachineHealthCheckRemediationTem /// status for at least the timeout value, a node is considered unhealthy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassWorkersMachineDeploymentsMachineHealthCheckUnhealthyConditions { + /// status of the condition, one of True, False, Unknown. pub status: String, + /// timeout is the duration that a node must be in a given status for, + /// after which the node is considered unhealthy. + /// For example, with a value of "1h", the node must match the status + /// for at least 1 hour before being considered unhealthy. pub timeout: String, + /// type of Node condition #[serde(rename = "type")] pub r#type: String, } @@ -1022,7 +1038,7 @@ pub struct ClusterClassWorkersMachineDeploymentsNamingStrategy { pub template: Option, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. /// NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1031,7 +1047,7 @@ pub struct ClusterClassWorkersMachineDeploymentsStrategy { /// and how remediating operations should occur during the lifecycle of the dependant MachineSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub remediation: Option, - /// Rolling update config params. Present only if + /// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, @@ -1063,7 +1079,7 @@ pub struct ClusterClassWorkersMachineDeploymentsStrategyRemediation { pub max_in_flight: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClassWorkersMachineDeploymentsStrategyRollingUpdate { @@ -1072,7 +1088,7 @@ pub struct ClusterClassWorkersMachineDeploymentsStrategyRollingUpdate { /// When no value is supplied, the default DeletePolicy of MachineSet is used #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletePolicy")] pub delete_policy: Option, - /// The maximum number of machines that can be scheduled above the + /// maxSurge is the maximum number of machines that can be scheduled above the /// desired number of machines. /// Value can be an absolute number (ex: 5) or a percentage of /// desired machines (ex: 10%). @@ -1087,7 +1103,7 @@ pub struct ClusterClassWorkersMachineDeploymentsStrategyRollingUpdate { /// at any time during the update is at most 130% of desired machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of machines that can be unavailable during the update. + /// maxUnavailable is the maximum number of machines that can be unavailable during the update. /// Value can be an absolute number (ex: 5) or a percentage of desired /// machines (ex: 10%). /// Absolute number is calculated from percentage by rounding down. @@ -1103,7 +1119,7 @@ pub struct ClusterClassWorkersMachineDeploymentsStrategyRollingUpdate { pub max_unavailable: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterClassWorkersMachineDeploymentsStrategyRollingUpdateDeletePolicy { @@ -1112,7 +1128,7 @@ pub enum ClusterClassWorkersMachineDeploymentsStrategyRollingUpdateDeletePolicy Oldest, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. /// NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -1243,7 +1259,7 @@ pub struct ClusterClassWorkersMachineDeploymentsTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -1264,7 +1280,7 @@ pub struct ClusterClassWorkersMachinePools { /// NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] pub failure_domains: Option>, - /// Minimum number of seconds for which a newly created machine pool should + /// minReadySeconds is the minimum number of seconds for which a newly created machine pool should /// be ready. /// Defaults to 0 (machine will be considered available as soon as it /// is ready) @@ -1433,7 +1449,7 @@ pub struct ClusterClassWorkersMachinePoolsTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -1514,7 +1530,7 @@ pub struct ClusterClassStatusVariablesDefinitionsMetadata { /// They are not queryable. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, @@ -1788,7 +1804,7 @@ pub struct ClusterClassStatusVariablesDefinitionsSchemaOpenApiv3SchemaXMetadata /// They are not queryable. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) variables. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs index c8f1f5f3a..30cd0d7a3 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/clusters.rs @@ -27,7 +27,7 @@ pub struct ClusterSpec { /// NOTE: this field is considered only for computing v1beta2 conditions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availabilityGates")] pub availability_gates: Option>, - /// Cluster network configuration. + /// clusterNetwork represents the cluster network configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNetwork")] pub cluster_network: Option, /// controlPlaneEndpoint represents the endpoint used to communicate with the control plane. @@ -44,7 +44,7 @@ pub struct ClusterSpec { /// paused can be used to prevent controllers from processing the Cluster and all its associated objects. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, - /// This encapsulates the topology for the cluster. + /// topology encapsulates the topology for the cluster. /// NOTE: It is required to enable the ClusterTopology /// feature gate flag to activate managed topologies support; /// this feature is highly experimental, and parts of it might still be not implemented. @@ -62,34 +62,36 @@ pub struct ClusterAvailabilityGates { pub condition_type: String, } -/// Cluster network configuration. +/// clusterNetwork represents the cluster network configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetwork { /// apiServerPort specifies the port the API Server should bind to. /// Defaults to 6443. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerPort")] pub api_server_port: Option, - /// The network ranges from which Pod networks are allocated. + /// pods is the network ranges from which Pod networks are allocated. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, - /// Domain name for services. + /// serviceDomain is the domain name for services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDomain")] pub service_domain: Option, - /// The network ranges from which service VIPs are allocated. + /// services is the network ranges from which service VIPs are allocated. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option, } -/// The network ranges from which Pod networks are allocated. +/// pods is the network ranges from which Pod networks are allocated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetworkPods { + /// cidrBlocks is a list of CIDR blocks. #[serde(rename = "cidrBlocks")] pub cidr_blocks: Vec, } -/// The network ranges from which service VIPs are allocated. +/// services is the network ranges from which service VIPs are allocated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClusterNetworkServices { + /// cidrBlocks is a list of CIDR blocks. #[serde(rename = "cidrBlocks")] pub cidr_blocks: Vec, } @@ -97,9 +99,9 @@ pub struct ClusterClusterNetworkServices { /// controlPlaneEndpoint represents the endpoint used to communicate with the control plane. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterControlPlaneEndpoint { - /// The hostname on which the API server is serving. + /// host is the hostname on which the API server is serving. pub host: String, - /// The port on which the API server is serving. + /// port is the port on which the API server is serving. pub port: i32, } @@ -179,14 +181,19 @@ pub struct ClusterInfrastructureRef { pub uid: Option, } -/// This encapsulates the topology for the cluster. +/// topology encapsulates the topology for the cluster. /// NOTE: It is required to enable the ClusterTopology /// feature gate flag to activate managed topologies support; /// this feature is highly experimental, and parts of it might still be not implemented. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopology { - /// The name of the ClusterClass object to create the topology. + /// class is the name of the ClusterClass object to create the topology. pub class: String, + /// classNamespace is the namespace of the ClusterClass object to create the topology. + /// If the namespace is empty or not set, it is defaulted to the namespace of the cluster object. + /// Value must follow the DNS1123Subdomain syntax. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "classNamespace")] + pub class_namespace: Option, /// controlPlane describes the cluster control plane. #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlPlane")] pub control_plane: Option, @@ -201,7 +208,7 @@ pub struct ClusterTopology { /// VariableClasses defined in the ClusterClass. #[serde(default, skip_serializing_if = "Option::is_none")] pub variables: Option>, - /// The Kubernetes version of the cluster. + /// version is the Kubernetes version of the cluster. pub version: String, /// workers encapsulates the different constructs that form the worker nodes /// for the cluster. @@ -262,7 +269,8 @@ pub struct ClusterTopologyControlPlaneMachineHealthCheck { /// block if `enable` is true and no MachineHealthCheck definition is available. #[serde(default, skip_serializing_if = "Option::is_none")] pub enable: Option, - /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + /// maxUnhealthy specifies the maximum number of unhealthy machines allowed. + /// Any further remediation is only allowed if at most "maxUnhealthy" machines selected by /// "selector" are not healthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnhealthy")] pub max_unhealthy: Option, @@ -293,8 +301,9 @@ pub struct ClusterTopologyControlPlaneMachineHealthCheck { /// logical OR, i.e. if any of the conditions is met, the node is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyConditions")] pub unhealthy_conditions: Option>, + /// unhealthyRange specifies the range of unhealthy machines allowed. /// Any further remediation is only allowed if the number of machines selected by "selector" as not healthy - /// is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + /// is within the range of "unhealthyRange". Takes precedence over maxUnhealthy. /// Eg. "[3-5]" - This means that remediation will be allowed only when: /// (a) there are at least 3 unhealthy machines (and) /// (b) there are at most 5 unhealthy machines @@ -349,8 +358,14 @@ pub struct ClusterTopologyControlPlaneMachineHealthCheckRemediationTemplate { /// status for at least the timeout value, a node is considered unhealthy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyControlPlaneMachineHealthCheckUnhealthyConditions { + /// status of the condition, one of True, False, Unknown. pub status: String, + /// timeout is the duration that a node must be in a given status for, + /// after which the node is considered unhealthy. + /// For example, with a value of "1h", the node must match the status + /// for at least 1 hour before being considered unhealthy. pub timeout: String, + /// type of Node condition #[serde(rename = "type")] pub r#type: String, } @@ -367,7 +382,7 @@ pub struct ClusterTopologyControlPlaneMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -457,7 +472,7 @@ pub struct ClusterTopologyWorkersMachineDeployments { /// At runtime this metadata is merged with the corresponding metadata from the ClusterClass. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Minimum number of seconds for which a newly created machine should + /// minReadySeconds is the minimum number of seconds for which a newly created machine should /// be ready. /// Defaults to 0 (machine will be considered available as soon as it /// is ready) @@ -488,7 +503,7 @@ pub struct ClusterTopologyWorkersMachineDeployments { /// of this value. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// The deployment strategy to use to replace existing machines with + /// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[serde(default, skip_serializing_if = "Option::is_none")] pub strategy: Option, @@ -512,7 +527,8 @@ pub struct ClusterTopologyWorkersMachineDeploymentsMachineHealthCheck { /// block if `enable` is true and no MachineHealthCheck definition is available. #[serde(default, skip_serializing_if = "Option::is_none")] pub enable: Option, - /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + /// maxUnhealthy specifies the maximum number of unhealthy machines allowed. + /// Any further remediation is only allowed if at most "maxUnhealthy" machines selected by /// "selector" are not healthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnhealthy")] pub max_unhealthy: Option, @@ -543,8 +559,9 @@ pub struct ClusterTopologyWorkersMachineDeploymentsMachineHealthCheck { /// logical OR, i.e. if any of the conditions is met, the node is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyConditions")] pub unhealthy_conditions: Option>, + /// unhealthyRange specifies the range of unhealthy machines allowed. /// Any further remediation is only allowed if the number of machines selected by "selector" as not healthy - /// is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + /// is within the range of "unhealthyRange". Takes precedence over maxUnhealthy. /// Eg. "[3-5]" - This means that remediation will be allowed only when: /// (a) there are at least 3 unhealthy machines (and) /// (b) there are at most 5 unhealthy machines @@ -599,8 +616,14 @@ pub struct ClusterTopologyWorkersMachineDeploymentsMachineHealthCheckRemediation /// status for at least the timeout value, a node is considered unhealthy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyWorkersMachineDeploymentsMachineHealthCheckUnhealthyConditions { + /// status of the condition, one of True, False, Unknown. pub status: String, + /// timeout is the duration that a node must be in a given status for, + /// after which the node is considered unhealthy. + /// For example, with a value of "1h", the node must match the status + /// for at least 1 hour before being considered unhealthy. pub timeout: String, + /// type of Node condition #[serde(rename = "type")] pub r#type: String, } @@ -615,7 +638,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -623,7 +646,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsMetadata { pub labels: Option>, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyWorkersMachineDeploymentsStrategy { @@ -631,7 +654,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsStrategy { /// and how remediating operations should occur during the lifecycle of the dependant MachineSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub remediation: Option, - /// Rolling update config params. Present only if + /// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, @@ -663,7 +686,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsStrategyRemediation { pub max_in_flight: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterTopologyWorkersMachineDeploymentsStrategyRollingUpdate { @@ -672,7 +695,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsStrategyRollingUpdate { /// When no value is supplied, the default DeletePolicy of MachineSet is used #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletePolicy")] pub delete_policy: Option, - /// The maximum number of machines that can be scheduled above the + /// maxSurge is the maximum number of machines that can be scheduled above the /// desired number of machines. /// Value can be an absolute number (ex: 5) or a percentage of /// desired machines (ex: 10%). @@ -687,7 +710,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsStrategyRollingUpdate { /// at any time during the update is at most 130% of desired machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of machines that can be unavailable during the update. + /// maxUnavailable is the maximum number of machines that can be unavailable during the update. /// Value can be an absolute number (ex: 5) or a percentage of desired /// machines (ex: 10%). /// Absolute number is calculated from percentage by rounding down. @@ -703,7 +726,7 @@ pub struct ClusterTopologyWorkersMachineDeploymentsStrategyRollingUpdate { pub max_unavailable: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterTopologyWorkersMachineDeploymentsStrategyRollingUpdateDeletePolicy { @@ -712,7 +735,7 @@ pub enum ClusterTopologyWorkersMachineDeploymentsStrategyRollingUpdateDeletePoli Oldest, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterTopologyWorkersMachineDeploymentsStrategyType { @@ -765,7 +788,7 @@ pub struct ClusterTopologyWorkersMachinePools { /// At runtime this metadata is merged with the corresponding metadata from the ClusterClass. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Minimum number of seconds for which a newly created machine pool should + /// minReadySeconds is the minimum number of seconds for which a newly created machine pool should /// be ready. /// Defaults to 0 (machine will be considered available as soon as it /// is ready) @@ -811,7 +834,7 @@ pub struct ClusterTopologyWorkersMachinePoolsMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs index 5fa7a8a32..dbcf5c0d5 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinedeployments.rs @@ -25,21 +25,27 @@ pub struct MachineDeploymentSpec { /// clusterName is the name of the Cluster this object belongs to. #[serde(rename = "clusterName")] pub cluster_name: String, + /// machineNamingStrategy allows changing the naming pattern used when creating Machines. + /// Note: InfraMachines & BootstrapConfigs will use the same name as the corresponding Machines. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineNamingStrategy")] + pub machine_naming_strategy: Option, /// minReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available. /// Defaults to 0 (machine will be considered available as soon as the Node is ready) #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] pub min_ready_seconds: Option, - /// Indicates that the deployment is paused. + /// paused indicates that the deployment is paused. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, - /// The maximum time in seconds for a deployment to make progress before it + /// progressDeadlineSeconds is the maximum time in seconds for a deployment to make progress before it /// is considered to be failed. The deployment controller will continue to /// process failed deployments and a condition with a ProgressDeadlineExceeded /// reason will be surfaced in the deployment status. Note that progress will /// not be estimated during the time a deployment is paused. Defaults to 600s. + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/11470 for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "progressDeadlineSeconds")] pub progress_deadline_seconds: Option, - /// Number of desired machines. + /// replicas is the number of desired machines. /// This is a pointer to distinguish between explicit zero and not specified. /// /// Defaults to: @@ -58,7 +64,7 @@ pub struct MachineDeploymentSpec { /// should be later controlled by the autoscaler #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// The number of old MachineSets to retain to allow rollback. + /// revisionHistoryLimit is the number of old MachineSets to retain to allow rollback. /// This is a pointer to distinguish between explicit zero and not specified. /// Defaults to 1. /// @@ -73,11 +79,11 @@ pub struct MachineDeploymentSpec { /// use "2023-03-09T09:00:00Z". #[serde(default, skip_serializing_if = "Option::is_none", rename = "rolloutAfter")] pub rollout_after: Option, - /// Label selector for machines. Existing MachineSets whose machines are + /// selector is the label selector for machines. Existing MachineSets whose machines are /// selected by this will be the ones affected by this deployment. /// It must match the machine template's labels. pub selector: MachineDeploymentSelector, - /// The deployment strategy to use to replace existing machines with + /// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[serde(default, skip_serializing_if = "Option::is_none")] pub strategy: Option, @@ -85,7 +91,31 @@ pub struct MachineDeploymentSpec { pub template: MachineDeploymentTemplate, } -/// Label selector for machines. Existing MachineSets whose machines are +/// machineNamingStrategy allows changing the naming pattern used when creating Machines. +/// Note: InfraMachines & BootstrapConfigs will use the same name as the corresponding Machines. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineDeploymentMachineNamingStrategy { + /// template defines the template to use for generating the names of the + /// Machine objects. + /// If not defined, it will fallback to `{{ .machineSet.name }}-{{ .random }}`. + /// If the generated name string exceeds 63 characters, it will be trimmed to + /// 58 characters and will + /// get concatenated with a random suffix of length 5. + /// Length of the template string must not exceed 256 characters. + /// The template allows the following variables `.cluster.name`, + /// `.machineSet.name` and `.random`. + /// The variable `.cluster.name` retrieves the name of the cluster object + /// that owns the Machines being created. + /// The variable `.machineSet.name` retrieves the name of the MachineSet + /// object that owns the Machines being created. + /// The variable `.random` is substituted with random alphanumeric string, + /// without vowels, of length 5. This variable is required part of the + /// template. If not provided, validation will fail. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, +} + +/// selector is the label selector for machines. Existing MachineSets whose machines are /// selected by this will be the ones affected by this deployment. /// It must match the machine template's labels. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -117,7 +147,7 @@ pub struct MachineDeploymentSelectorMatchExpressions { pub values: Option>, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStrategy { @@ -125,7 +155,7 @@ pub struct MachineDeploymentStrategy { /// and how remediating operations should occur during the lifecycle of the dependant MachineSets. #[serde(default, skip_serializing_if = "Option::is_none")] pub remediation: Option, - /// Rolling update config params. Present only if + /// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, @@ -157,7 +187,7 @@ pub struct MachineDeploymentStrategyRemediation { pub max_in_flight: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStrategyRollingUpdate { @@ -166,7 +196,7 @@ pub struct MachineDeploymentStrategyRollingUpdate { /// When no value is supplied, the default DeletePolicy of MachineSet is used #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletePolicy")] pub delete_policy: Option, - /// The maximum number of machines that can be scheduled above the + /// maxSurge is the maximum number of machines that can be scheduled above the /// desired number of machines. /// Value can be an absolute number (ex: 5) or a percentage of /// desired machines (ex: 10%). @@ -181,7 +211,7 @@ pub struct MachineDeploymentStrategyRollingUpdate { /// at any time during the update is at most 130% of desired machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// The maximum number of machines that can be unavailable during the update. + /// maxUnavailable is the maximum number of machines that can be unavailable during the update. /// Value can be an absolute number (ex: 5) or a percentage of desired /// machines (ex: 10%). /// Absolute number is calculated from percentage by rounding down. @@ -197,7 +227,7 @@ pub struct MachineDeploymentStrategyRollingUpdate { pub max_unavailable: Option, } -/// Rolling update config params. Present only if +/// rollingUpdate is the rolling update config params. Present only if /// MachineDeploymentStrategyType = RollingUpdate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum MachineDeploymentStrategyRollingUpdateDeletePolicy { @@ -206,7 +236,7 @@ pub enum MachineDeploymentStrategyRollingUpdateDeletePolicy { Oldest, } -/// The deployment strategy to use to replace existing machines with +/// strategy is the deployment strategy to use to replace existing machines with /// new ones. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum MachineDeploymentStrategyType { @@ -221,7 +251,7 @@ pub struct MachineDeploymentTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -237,7 +267,7 @@ pub struct MachineDeploymentTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -245,7 +275,7 @@ pub struct MachineDeploymentTemplateMetadata { pub labels: Option>, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentTemplateSpec { @@ -298,7 +328,11 @@ pub struct MachineDeploymentTemplateSpec { /// Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; /// they can include the status of those components with a new condition and add this condition to ReadinessGates. /// - /// NOTE: this field is considered only for computing v1beta2 conditions. + /// NOTE: This field is considered only for computing v1beta2 conditions. + /// NOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those + /// readiness gates condition are reporting the same message, when computing the Machine's Ready condition those + /// readinessGates will be replaced by a single entry reporting "Control plane components: " + message. + /// This helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] pub readiness_gates: Option>, /// version defines the desired Kubernetes version. @@ -414,23 +448,23 @@ pub struct MachineDeploymentTemplateSpecReadinessGates { /// MachineDeploymentStatus defines the observed state of MachineDeployment. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineDeploymentStatus { - /// Total number of available machines (ready for at least minReadySeconds) + /// availableReplicas is the total number of available machines (ready for at least minReadySeconds) /// targeted by this deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, /// conditions defines current service state of the MachineDeployment. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The generation observed by the deployment controller. + /// observedGeneration is the generation observed by the deployment controller. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, /// phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// Total number of ready machines targeted by this deployment. + /// readyReplicas is the total number of ready machines targeted by this deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, - /// Total number of non-terminated machines targeted by this deployment + /// replicas is the total number of non-terminated machines targeted by this deployment /// (their labels match the selector). #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, @@ -439,14 +473,16 @@ pub struct MachineDeploymentStatus { /// More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// Total number of unavailable machines targeted by this deployment. + /// unavailableReplicas is the total number of unavailable machines targeted by this deployment. /// This is the total number of machines that are still required for /// the deployment to have 100% available capacity. They may either /// be machines that are running but not yet available or machines /// that still have not been created. + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unavailableReplicas")] pub unavailable_replicas: Option, - /// Total number of non-terminated machines targeted by this deployment + /// updatedReplicas is the total number of non-terminated machines targeted by this deployment /// that have the desired template spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatedReplicas")] pub updated_replicas: Option, diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs index 56d7e30ce..706e968ec 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinehealthchecks.rs @@ -13,7 +13,7 @@ mod prelude { } use self::prelude::*; -/// Specification of machine health check policy +/// spec is the specification of machine health check policy #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "cluster.x-k8s.io", version = "v1beta1", kind = "MachineHealthCheck", plural = "machinehealthchecks")] #[kube(namespaced)] @@ -25,7 +25,8 @@ pub struct MachineHealthCheckSpec { /// clusterName is the name of the Cluster this object belongs to. #[serde(rename = "clusterName")] pub cluster_name: String, - /// Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by + /// maxUnhealthy specifies the maximum number of unhealthy machines allowed. + /// Any further remediation is only allowed if at most "maxUnhealthy" machines selected by /// "selector" are not healthy. /// /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/issues/10722 for more details. @@ -53,15 +54,16 @@ pub struct MachineHealthCheckSpec { /// a controller that lives outside of Cluster API. #[serde(default, skip_serializing_if = "Option::is_none", rename = "remediationTemplate")] pub remediation_template: Option, - /// Label selector to match machines whose health will be exercised + /// selector is a label selector to match machines whose health will be exercised pub selector: MachineHealthCheckSelector, /// unhealthyConditions contains a list of the conditions that determine /// whether a node is considered unhealthy. The conditions are combined in a /// logical OR, i.e. if any of the conditions is met, the node is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyConditions")] pub unhealthy_conditions: Option>, + /// unhealthyRange specifies the range of unhealthy machines allowed. /// Any further remediation is only allowed if the number of machines selected by "selector" as not healthy - /// is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. + /// is within the range of "unhealthyRange". Takes precedence over maxUnhealthy. /// Eg. "[3-5]" - This means that remediation will be allowed only when: /// (a) there are at least 3 unhealthy machines (and) /// (b) there are at most 5 unhealthy machines @@ -113,7 +115,7 @@ pub struct MachineHealthCheckRemediationTemplate { pub uid: Option, } -/// Label selector to match machines whose health will be exercised +/// selector is a label selector to match machines whose health will be exercised #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -148,22 +150,28 @@ pub struct MachineHealthCheckSelectorMatchExpressions { /// status for at least the timeout value, a node is considered unhealthy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckUnhealthyConditions { + /// status of the condition, one of True, False, Unknown. pub status: String, + /// timeout is the duration that a node must be in a given status for, + /// after which the node is considered unhealthy. + /// For example, with a value of "1h", the node must match the status + /// for at least 1 hour before being considered unhealthy. pub timeout: String, + /// type of Node condition #[serde(rename = "type")] pub r#type: String, } -/// Most recently observed status of MachineHealthCheck resource +/// status is the most recently observed status of MachineHealthCheck resource #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineHealthCheckStatus { /// conditions defines current service state of the MachineHealthCheck. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// total number of healthy machines counted by this machine health check + /// currentHealthy is the total number of healthy machines counted by this machine health check #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentHealthy")] pub current_healthy: Option, - /// total number of machines counted by this machine health check + /// expectedMachines is the total number of machines counted by this machine health check #[serde(default, skip_serializing_if = "Option::is_none", rename = "expectedMachines")] pub expected_machines: Option, /// observedGeneration is the latest generation observed by the controller. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinepools.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinepools.rs index 8a61c75b1..73fac0545 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinepools.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinepools.rs @@ -27,7 +27,7 @@ pub struct MachinePoolSpec { /// failureDomains is the list of failure domains this MachinePool should be attached to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomains")] pub failure_domains: Option>, - /// Minimum number of seconds for which a newly created machine instances should + /// minReadySeconds is the minimum number of seconds for which a newly created machine instances should /// be ready. /// Defaults to 0 (machine instance will be considered available as soon as it /// is ready) @@ -37,7 +37,7 @@ pub struct MachinePoolSpec { /// This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerIDList")] pub provider_id_list: Option>, - /// Number of desired machines. Defaults to 1. + /// replicas is the number of desired machines. Defaults to 1. /// This is a pointer to distinguish between explicit zero and not specified. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, @@ -52,7 +52,7 @@ pub struct MachinePoolTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -68,7 +68,7 @@ pub struct MachinePoolTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -76,7 +76,7 @@ pub struct MachinePoolTemplateMetadata { pub labels: Option>, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolTemplateSpec { @@ -129,7 +129,11 @@ pub struct MachinePoolTemplateSpec { /// Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; /// they can include the status of those components with a new condition and add this condition to ReadinessGates. /// - /// NOTE: this field is considered only for computing v1beta2 conditions. + /// NOTE: This field is considered only for computing v1beta2 conditions. + /// NOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those + /// readiness gates condition are reporting the same message, when computing the Machine's Ready condition those + /// readinessGates will be replaced by a single entry reporting "Control plane components: " + message. + /// This helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] pub readiness_gates: Option>, /// version defines the desired Kubernetes version. @@ -245,7 +249,7 @@ pub struct MachinePoolTemplateSpecReadinessGates { /// MachinePoolStatus defines the observed state of MachinePool. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolStatus { - /// The number of available replicas (ready for at least minReadySeconds) for this MachinePool. + /// availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachinePool. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, /// bootstrapReady is the state of the bootstrap provider. @@ -279,17 +283,19 @@ pub struct MachinePoolStatus { /// E.g. Pending, Running, Terminating, Failed etc. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". + /// readyReplicas is the number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, /// replicas is the most recently observed number of replicas. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Total number of unavailable machine instances targeted by this machine pool. + /// unavailableReplicas is the total number of unavailable machine instances targeted by this machine pool. /// This is the total number of machine instances that are still required for /// the machine pool to have 100% available capacity. They may either /// be machine instances that are running but not yet available or machine instances /// that still have not been created. + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unavailableReplicas")] pub unavailable_replicas: Option, /// v1beta2 groups all the fields that will be added or modified in MachinePool's status with the V1Beta2 version. diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machines.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machines.rs index be862bcfe..db64c5110 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machines.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machines.rs @@ -69,7 +69,11 @@ pub struct MachineSpec { /// Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; /// they can include the status of those components with a new condition and add this condition to ReadinessGates. /// - /// NOTE: this field is considered only for computing v1beta2 conditions. + /// NOTE: This field is considered only for computing v1beta2 conditions. + /// NOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those + /// readiness gates condition are reporting the same message, when computing the Machine's Ready condition those + /// readinessGates will be replaced by a single entry reporting "Control plane components: " + message. + /// This helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] pub readiness_gates: Option>, /// version defines the desired Kubernetes version. @@ -271,9 +275,9 @@ pub struct MachineStatus { /// MachineAddress contains information for the node's address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineStatusAddresses { - /// The machine address. + /// address is the machine address. pub address: String, - /// Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + /// type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. #[serde(rename = "type")] pub r#type: String, } diff --git a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs index 382978631..d40db1144 100644 --- a/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs +++ b/kube-custom-resources-rs/src/cluster_x_k8s_io/v1beta1/machinesets.rs @@ -28,6 +28,10 @@ pub struct MachineSetSpec { /// Defaults to "Random". Valid values are "Random, "Newest", "Oldest" #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletePolicy")] pub delete_policy: Option, + /// machineNamingStrategy allows changing the naming pattern used when creating Machines. + /// Note: InfraMachines & BootstrapConfigs will use the same name as the corresponding Machines. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "machineNamingStrategy")] + pub machine_naming_strategy: Option, /// minReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available. /// Defaults to 0 (machine will be considered available as soon as the Node is ready) #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] @@ -71,6 +75,30 @@ pub enum MachineSetDeletePolicy { Oldest, } +/// machineNamingStrategy allows changing the naming pattern used when creating Machines. +/// Note: InfraMachines & BootstrapConfigs will use the same name as the corresponding Machines. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MachineSetMachineNamingStrategy { + /// template defines the template to use for generating the names of the + /// Machine objects. + /// If not defined, it will fallback to `{{ .machineSet.name }}-{{ .random }}`. + /// If the generated name string exceeds 63 characters, it will be trimmed to + /// 58 characters and will + /// get concatenated with a random suffix of length 5. + /// Length of the template string must not exceed 256 characters. + /// The template allows the following variables `.cluster.name`, + /// `.machineSet.name` and `.random`. + /// The variable `.cluster.name` retrieves the name of the cluster object + /// that owns the Machines being created. + /// The variable `.machineSet.name` retrieves the name of the MachineSet + /// object that owns the Machines being created. + /// The variable `.random` is substituted with random alphanumeric string, + /// without vowels, of length 5. This variable is required part of the + /// template. If not provided, validation will fail. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, +} + /// selector is a label query over machines that should match the replica count. /// Label keys and values that must match in order to be controlled by this MachineSet. /// It must match the machine template's labels. @@ -113,7 +141,7 @@ pub struct MachineSetTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Specification of the desired behavior of the machine. + /// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, @@ -129,7 +157,7 @@ pub struct MachineSetTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -137,7 +165,7 @@ pub struct MachineSetTemplateMetadata { pub labels: Option>, } -/// Specification of the desired behavior of the machine. +/// spec is the specification of the desired behavior of the machine. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineSetTemplateSpec { @@ -190,7 +218,11 @@ pub struct MachineSetTemplateSpec { /// Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; /// they can include the status of those components with a new condition and add this condition to ReadinessGates. /// - /// NOTE: this field is considered only for computing v1beta2 conditions. + /// NOTE: This field is considered only for computing v1beta2 conditions. + /// NOTE: In case readinessGates conditions start with the APIServer, ControllerManager, Scheduler prefix, and all those + /// readiness gates condition are reporting the same message, when computing the Machine's Ready condition those + /// readinessGates will be replaced by a single entry reporting "Control plane components: " + message. + /// This helps to improve readability of conditions bubbling up to the Machine's owner resource / to the Cluster). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] pub readiness_gates: Option>, /// version defines the desired Kubernetes version. @@ -306,15 +338,23 @@ pub struct MachineSetTemplateSpecReadinessGates { /// MachineSetStatus defines the observed state of MachineSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachineSetStatus { - /// The number of available replicas (ready for at least minReadySeconds) for this MachineSet. + /// availableReplicas is the number of available replicas (ready for at least minReadySeconds) for this MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableReplicas")] pub available_replicas: Option, /// conditions defines current service state of the MachineSet. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// failureMessage will be set in the event that there is a terminal problem + /// reconciling the Machine and will contain a more verbose string suitable + /// for logging and human consumption. + /// /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureMessage")] pub failure_message: Option, + /// failureReason will be set in the event that there is a terminal problem + /// reconciling the Machine and will contain a succinct value suitable + /// for machine interpretation. + /// /// In the event that there is a terminal problem reconciling the /// replicas, both FailureReason and FailureMessage will be set. FailureReason /// will be populated with a succinct value suitable for machine @@ -337,13 +377,15 @@ pub struct MachineSetStatus { /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureReason")] pub failure_reason: Option, - /// The number of replicas that have labels matching the labels of the machine template of the MachineSet. + /// fullyLabeledReplicas is the number of replicas that have labels matching the labels of the machine template of the MachineSet. + /// + /// Deprecated: This field is deprecated and is going to be removed in the next apiVersion. Please see https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20240916-improve-status-in-CAPI-resources.md for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fullyLabeledReplicas")] pub fully_labeled_replicas: Option, /// observedGeneration reflects the generation of the most recently observed MachineSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, - /// The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". + /// readyReplicas is the number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, /// replicas is the most recently observed number of replicas. diff --git a/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs b/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs index 6b2ea4a0e..e1ef31e44 100644 --- a/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs +++ b/kube-custom-resources-rs/src/confidentialcontainers_org/v1beta1/ccruntimes.rs @@ -62,9 +62,6 @@ pub struct CcRuntimeCcNodeSelectorMatchExpressions { /// CcInstallConfig is a placeholder struct #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct CcRuntimeConfig { - /// This specifies the registry secret to pull of the container images - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ImagePullSecret")] - pub image_pull_secret: Option, /// This specifies the command for cleanup on the nodes #[serde(default, skip_serializing_if = "Option::is_none", rename = "cleanupCmd")] pub cleanup_cmd: Option>, @@ -90,6 +87,9 @@ pub struct CcRuntimeConfig { /// PullPolicy describes a policy for if/when to pull a container image #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// This specifies the registry secret to pull of the container images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecret")] + pub image_pull_secret: Option, /// This specifies the command for installation of the runtime on the nodes #[serde(default, skip_serializing_if = "Option::is_none", rename = "installCmd")] pub install_cmd: Option>, @@ -140,18 +140,6 @@ pub struct CcRuntimeConfig { pub uninstall_done_label: Option>, } -/// This specifies the registry secret to pull of the container images -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CcRuntimeConfigImagePullSecret { - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigEnvironmentVariables { @@ -252,6 +240,18 @@ pub struct CcRuntimeConfigEnvironmentVariablesValueFromSecretKeyRef { pub optional: Option, } +/// This specifies the registry secret to pull of the container images +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CcRuntimeConfigImagePullSecret { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// CcInstallConfig is a placeholder struct #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum CcRuntimeConfigInstallType { @@ -317,26 +317,35 @@ pub struct CcRuntimeConfigInstallerVolumeMounts { pub struct CcRuntimeConfigInstallerVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -377,23 +386,28 @@ pub struct CcRuntimeConfigInstallerVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -404,6 +418,22 @@ pub struct CcRuntimeConfigInstallerVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -422,23 +452,30 @@ pub struct CcRuntimeConfigInstallerVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -446,15 +483,20 @@ pub struct CcRuntimeConfigInstallerVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesAwsElasticBlockStore { @@ -481,6 +523,8 @@ pub struct CcRuntimeConfigInstallerVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -507,6 +551,8 @@ pub struct CcRuntimeConfigInstallerVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -521,7 +567,8 @@ pub struct CcRuntimeConfigInstallerVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -563,6 +610,8 @@ pub struct CcRuntimeConfigInstallerVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesCinder { @@ -653,7 +702,7 @@ pub struct CcRuntimeConfigInstallerVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -945,7 +994,7 @@ pub struct CcRuntimeConfigInstallerVolumesEphemeralVolumeClaimTemplateSpec { /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -1094,6 +1143,7 @@ pub struct CcRuntimeConfigInstallerVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -1135,7 +1185,8 @@ pub struct CcRuntimeConfigInstallerVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -1149,6 +1200,8 @@ pub struct CcRuntimeConfigInstallerVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesGcePersistentDisk { @@ -1177,7 +1230,7 @@ pub struct CcRuntimeConfigInstallerVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1196,6 +1249,7 @@ pub struct CcRuntimeConfigInstallerVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesGlusterfs { @@ -1230,6 +1284,39 @@ pub struct CcRuntimeConfigInstallerVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CcRuntimeConfigInstallerVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -1321,7 +1408,8 @@ pub struct CcRuntimeConfigInstallerVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -1334,7 +1422,10 @@ pub struct CcRuntimeConfigInstallerVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -1362,12 +1453,14 @@ pub struct CcRuntimeConfigInstallerVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field @@ -1638,7 +1731,8 @@ pub struct CcRuntimeConfigInstallerVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesQuobyte { /// group to map volume access to @@ -1666,6 +1760,7 @@ pub struct CcRuntimeConfigInstallerVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesRbd { @@ -1725,6 +1820,7 @@ pub struct CcRuntimeConfigInstallerVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -1829,6 +1925,7 @@ pub struct CcRuntimeConfigInstallerVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesStorageos { /// fsType is the filesystem type to mount. @@ -1871,7 +1968,9 @@ pub struct CcRuntimeConfigInstallerVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigInstallerVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -2066,26 +2165,35 @@ pub struct CcRuntimeConfigPostUninstallVolumeMounts { pub struct CcRuntimeConfigPostUninstallVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -2126,23 +2234,28 @@ pub struct CcRuntimeConfigPostUninstallVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -2153,6 +2266,22 @@ pub struct CcRuntimeConfigPostUninstallVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -2171,23 +2300,30 @@ pub struct CcRuntimeConfigPostUninstallVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -2195,15 +2331,20 @@ pub struct CcRuntimeConfigPostUninstallVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesAwsElasticBlockStore { @@ -2230,6 +2371,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -2256,6 +2399,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -2270,7 +2415,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -2312,6 +2458,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesCinder { @@ -2402,7 +2550,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -2694,7 +2842,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesEphemeralVolumeClaimTemplateSpec { /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -2843,6 +2991,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -2884,7 +3033,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -2898,6 +3048,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesGcePersistentDisk { @@ -2926,7 +3078,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2945,6 +3097,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesGlusterfs { @@ -2979,6 +3132,39 @@ pub struct CcRuntimeConfigPostUninstallVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CcRuntimeConfigPostUninstallVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -3070,7 +3256,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -3083,7 +3270,10 @@ pub struct CcRuntimeConfigPostUninstallVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -3111,12 +3301,14 @@ pub struct CcRuntimeConfigPostUninstallVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field @@ -3387,7 +3579,8 @@ pub struct CcRuntimeConfigPostUninstallVolumesProjectedSourcesServiceAccountToke pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesQuobyte { /// group to map volume access to @@ -3415,6 +3608,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesRbd { @@ -3474,6 +3668,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -3578,6 +3773,7 @@ pub struct CcRuntimeConfigPostUninstallVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesStorageos { /// fsType is the filesystem type to mount. @@ -3620,7 +3816,9 @@ pub struct CcRuntimeConfigPostUninstallVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPostUninstallVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -3815,26 +4013,35 @@ pub struct CcRuntimeConfigPreInstallVolumeMounts { pub struct CcRuntimeConfigPreInstallVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -3875,23 +4082,28 @@ pub struct CcRuntimeConfigPreInstallVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -3902,6 +4114,22 @@ pub struct CcRuntimeConfigPreInstallVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -3920,23 +4148,30 @@ pub struct CcRuntimeConfigPreInstallVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -3944,15 +4179,20 @@ pub struct CcRuntimeConfigPreInstallVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesAwsElasticBlockStore { @@ -3979,6 +4219,8 @@ pub struct CcRuntimeConfigPreInstallVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -4005,6 +4247,8 @@ pub struct CcRuntimeConfigPreInstallVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -4019,7 +4263,8 @@ pub struct CcRuntimeConfigPreInstallVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -4061,6 +4306,8 @@ pub struct CcRuntimeConfigPreInstallVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesCinder { @@ -4151,7 +4398,7 @@ pub struct CcRuntimeConfigPreInstallVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -4443,7 +4690,7 @@ pub struct CcRuntimeConfigPreInstallVolumesEphemeralVolumeClaimTemplateSpec { /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -4592,6 +4839,7 @@ pub struct CcRuntimeConfigPreInstallVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -4633,7 +4881,8 @@ pub struct CcRuntimeConfigPreInstallVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -4647,6 +4896,8 @@ pub struct CcRuntimeConfigPreInstallVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesGcePersistentDisk { @@ -4675,7 +4926,7 @@ pub struct CcRuntimeConfigPreInstallVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -4694,6 +4945,7 @@ pub struct CcRuntimeConfigPreInstallVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesGlusterfs { @@ -4728,6 +4980,39 @@ pub struct CcRuntimeConfigPreInstallVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CcRuntimeConfigPreInstallVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -4819,7 +5104,8 @@ pub struct CcRuntimeConfigPreInstallVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -4832,7 +5118,10 @@ pub struct CcRuntimeConfigPreInstallVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -4860,12 +5149,14 @@ pub struct CcRuntimeConfigPreInstallVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field @@ -5136,7 +5427,8 @@ pub struct CcRuntimeConfigPreInstallVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesQuobyte { /// group to map volume access to @@ -5164,6 +5456,7 @@ pub struct CcRuntimeConfigPreInstallVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesRbd { @@ -5223,6 +5516,7 @@ pub struct CcRuntimeConfigPreInstallVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -5327,6 +5621,7 @@ pub struct CcRuntimeConfigPreInstallVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesStorageos { /// fsType is the filesystem type to mount. @@ -5369,7 +5664,9 @@ pub struct CcRuntimeConfigPreInstallVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CcRuntimeConfigPreInstallVolumesVsphereVolume { /// fsType is filesystem type to mount. diff --git a/kube-custom-resources-rs/src/config_gatekeeper_sh/v1alpha1/configs.rs b/kube-custom-resources-rs/src/config_gatekeeper_sh/v1alpha1/configs.rs index 97682ec7a..8753a92a1 100644 --- a/kube-custom-resources-rs/src/config_gatekeeper_sh/v1alpha1/configs.rs +++ b/kube-custom-resources-rs/src/config_gatekeeper_sh/v1alpha1/configs.rs @@ -13,6 +13,7 @@ use self::prelude::*; #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "config.gatekeeper.sh", version = "v1alpha1", kind = "Config", plural = "configs")] #[kube(namespaced)] +#[kube(status = "ConfigStatus")] #[kube(schema = "disabled")] #[kube(derive="Default")] #[kube(derive="PartialEq")] @@ -99,5 +100,31 @@ pub struct ConfigValidationTracesKind { /// ConfigStatus defines the observed state of Config. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConfigStatus { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "byPod")] + pub by_pod: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigStatusByPod { + /// UID is a type that holds unique ID values, including UUIDs. Because we + /// don't ONLY use UUIDs, this is an alias to string. Being a type captures + /// intent and helps make sure that UIDs and names do not get conflated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configUID")] + pub config_uid: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub errors: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operations: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConfigStatusByPodErrors { + pub message: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpretercustomizations.rs b/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpretercustomizations.rs index ffe97f4b8..36327d3ca 100644 --- a/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpretercustomizations.rs +++ b/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpretercustomizations.rs @@ -88,7 +88,6 @@ pub struct ResourceInterpreterCustomizationCustomizationsDependencyInterpretatio /// a specific resource. /// The script should implement a function as follows: /// - /// /// ```text /// luaScript: > /// function GetDependencies(desiredObj) @@ -106,16 +105,13 @@ pub struct ResourceInterpreterCustomizationCustomizationsDependencyInterpretatio /// end /// ``` /// - /// /// The content of the LuaScript needs to be a whole function including both /// declaration and implementation. /// - /// /// The parameters will be supplied by the system: /// - desiredObj: the object represents the configuration to be applied /// to the member cluster. /// - /// /// The returned value should be expressed by a slice of DependentObjectReference. #[serde(rename = "luaScript")] pub lua_script: String, @@ -129,7 +125,6 @@ pub struct ResourceInterpreterCustomizationCustomizationsHealthInterpretation { /// a specific resource. /// The script should implement a function as follows: /// - /// /// ```text /// luaScript: > /// function InterpretHealth(observedObj) @@ -139,16 +134,13 @@ pub struct ResourceInterpreterCustomizationCustomizationsHealthInterpretation { /// end /// ``` /// - /// /// The content of the LuaScript needs to be a whole function including both /// declaration and implementation. /// - /// /// The parameters will be supplied by the system: /// - observedObj: the object represents the configuration that is observed /// from a specific member cluster. /// - /// /// The returned boolean value indicates the health status. #[serde(rename = "luaScript")] pub lua_script: String, @@ -166,10 +158,8 @@ pub struct ResourceInterpreterCustomizationCustomizationsReplicaResource { /// LuaScript holds the Lua script that is used to discover the resource's /// replica as well as resource requirements /// - /// /// The script should implement a function as follows: /// - /// /// ```text /// luaScript: > /// function GetReplicas(desiredObj) @@ -183,16 +173,13 @@ pub struct ResourceInterpreterCustomizationCustomizationsReplicaResource { /// end /// ``` /// - /// /// The content of the LuaScript needs to be a whole function including both /// declaration and implementation. /// - /// /// The parameters will be supplied by the system: /// - desiredObj: the object represents the configuration to be applied /// to the member cluster. /// - /// /// The function expects two return values: /// - replica: the declared replica number /// - requirement: the resource required by each replica expressed with a @@ -213,7 +200,6 @@ pub struct ResourceInterpreterCustomizationCustomizationsReplicaRevision { /// LuaScript holds the Lua script that is used to revise replicas in the desired specification. /// The script should implement a function as follows: /// - /// /// ```text /// luaScript: > /// function ReviseReplica(desiredObj, desiredReplica) @@ -222,17 +208,14 @@ pub struct ResourceInterpreterCustomizationCustomizationsReplicaRevision { /// end /// ``` /// - /// /// The content of the LuaScript needs to be a whole function including both /// declaration and implementation. /// - /// /// The parameters will be supplied by the system: /// - desiredObj: the object represents the configuration to be applied /// to the member cluster. /// - desiredReplica: the replica number should be applied with. /// - /// /// The returned object should be a revised configuration which will be /// applied to member cluster eventually. #[serde(rename = "luaScript")] @@ -251,10 +234,8 @@ pub struct ResourceInterpreterCustomizationCustomizationsRetention { /// LuaScript holds the Lua script that is used to retain runtime values /// to the desired specification. /// - /// /// The script should implement a function as follows: /// - /// /// ```text /// luaScript: > /// function Retain(desiredObj, observedObj) @@ -263,18 +244,15 @@ pub struct ResourceInterpreterCustomizationCustomizationsRetention { /// end /// ``` /// - /// /// The content of the LuaScript needs to be a whole function including both /// declaration and implementation. /// - /// /// The parameters will be supplied by the system: /// - desiredObj: the object represents the configuration to be applied /// to the member cluster. /// - observedObj: the object represents the configuration that is observed /// from a specific member cluster. /// - /// /// The returned object should be a retained configuration which will be /// applied to member cluster eventually. #[serde(rename = "luaScript")] @@ -292,7 +270,6 @@ pub struct ResourceInterpreterCustomizationCustomizationsStatusAggregation { /// to the desired specification. /// The script should implement a function as follows: /// - /// /// ```text /// luaScript: > /// function AggregateStatus(desiredObj, statusItems) @@ -303,16 +280,13 @@ pub struct ResourceInterpreterCustomizationCustomizationsStatusAggregation { /// end /// ``` /// - /// /// The content of the LuaScript needs to be a whole function including both /// declaration and implementation. /// - /// /// The parameters will be supplied by the system: /// - desiredObj: the object represents a resource template. /// - statusItems: the slice of status expressed with AggregatedStatusItem. /// - /// /// The returned object should be a whole object with status aggregated. #[serde(rename = "luaScript")] pub lua_script: String, @@ -327,7 +301,6 @@ pub struct ResourceInterpreterCustomizationCustomizationsStatusReflection { /// LuaScript holds the Lua script that is used to get the status from the observed specification. /// The script should implement a function as follows: /// - /// /// ```text /// luaScript: > /// function ReflectStatus(observedObj) @@ -337,16 +310,13 @@ pub struct ResourceInterpreterCustomizationCustomizationsStatusReflection { /// end /// ``` /// - /// /// The content of the LuaScript needs to be a whole function including both /// declaration and implementation. /// - /// /// The parameters will be supplied by the system: /// - observedObj: the object represents the configuration that is observed /// from a specific member cluster. /// - /// /// The returned status could be the whole status or part of it and will /// be set into both Work and ResourceBinding(ClusterResourceBinding). #[serde(rename = "luaScript")] diff --git a/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpreterwebhookconfigurations.rs b/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpreterwebhookconfigurations.rs index 6d37823f1..462696902 100644 --- a/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpreterwebhookconfigurations.rs +++ b/kube-custom-resources-rs/src/config_karmada_io/v1alpha1/resourceinterpreterwebhookconfigurations.rs @@ -13,6 +13,24 @@ use self::prelude::*; #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceInterpreterWebhookConfigurationWebhooks { /// ClientConfig defines how to communicate with the hook. + /// It supports two mutually exclusive configuration modes: + /// + /// 1. URL - Directly specify the webhook URL with format `scheme://host:port/path`. + /// Example: https://webhook.example.com:8443/my-interpreter + /// + /// 2. Service - Reference a Kubernetes Service that exposes the webhook. + /// When using Service reference, Karmada resolves the endpoint through following steps: + /// a) First attempts to locate the Service in karmada-apiserver + /// b) If found, constructs URL based on Service type: + /// - ClusterIP/LoadBalancer/NodePort: Uses ClusterIP with port from Service spec + /// (Note: Services with ClusterIP "None" are rejected), Example: + /// `https://:` + /// - ExternalName: Uses external DNS name format: `https://:` + /// c) If NOT found in karmada-apiserver, falls back to standard Kubernetes + /// service DNS name format: `https://..svc:` + /// + /// Note: When both URL and Service are specified, the Service reference takes precedence + /// and the URL configuration will be ignored. #[serde(rename = "clientConfig")] pub client_config: ResourceInterpreterWebhookConfigurationWebhooksClientConfig, /// InterpreterContextVersions is an ordered list of preferred `ResourceInterpreterContext` @@ -40,6 +58,24 @@ pub struct ResourceInterpreterWebhookConfigurationWebhooks { } /// ClientConfig defines how to communicate with the hook. +/// It supports two mutually exclusive configuration modes: +/// +/// 1. URL - Directly specify the webhook URL with format `scheme://host:port/path`. +/// Example: https://webhook.example.com:8443/my-interpreter +/// +/// 2. Service - Reference a Kubernetes Service that exposes the webhook. +/// When using Service reference, Karmada resolves the endpoint through following steps: +/// a) First attempts to locate the Service in karmada-apiserver +/// b) If found, constructs URL based on Service type: +/// - ClusterIP/LoadBalancer/NodePort: Uses ClusterIP with port from Service spec +/// (Note: Services with ClusterIP "None" are rejected), Example: +/// `https://:` +/// - ExternalName: Uses external DNS name format: `https://:` +/// c) If NOT found in karmada-apiserver, falls back to standard Kubernetes +/// service DNS name format: `https://..svc:` +/// +/// Note: When both URL and Service are specified, the Service reference takes precedence +/// and the URL configuration will be ignored. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceInterpreterWebhookConfigurationWebhooksClientConfig { /// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. @@ -49,7 +85,6 @@ pub struct ResourceInterpreterWebhookConfigurationWebhooksClientConfig { /// `service` is a reference to the service for this webhook. Either /// `service` or `url` must be specified. /// - /// /// If the webhook is running within the cluster, then you should use `service`. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -57,29 +92,24 @@ pub struct ResourceInterpreterWebhookConfigurationWebhooksClientConfig { /// (`scheme://host:port/path`). Exactly one of `url` or `service` /// must be specified. /// - /// /// The `host` should not refer to a service running in the cluster; use /// the `service` field instead. The host might be resolved via external /// DNS in some apiservers (e.g., `kube-apiserver` cannot resolve /// in-cluster DNS as that would be a layering violation). `host` may /// also be an IP address. /// - /// /// Please note that using `localhost` or `127.0.0.1` as a `host` is /// risky unless you take great care to run this webhook on all hosts /// which run an apiserver which might need to make calls to this /// webhook. Such installs are likely to be non-portable, i.e., not easy /// to turn up in a new cluster. /// - /// /// The scheme must be "https"; the URL must begin with "https://". /// - /// /// A path is optional, and if present may be any string permissible in /// a URL. You may use the path to pass an arbitrary string to the /// webhook, for example, a cluster identifier. /// - /// /// Attempting to use a user or basic auth e.g. "user:password@" is not /// allowed. Fragments ("#...") and query parameters ("?...") are not /// allowed, either. @@ -90,7 +120,6 @@ pub struct ResourceInterpreterWebhookConfigurationWebhooksClientConfig { /// `service` is a reference to the service for this webhook. Either /// `service` or `url` must be specified. /// -/// /// If the webhook is running within the cluster, then you should use `service`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceInterpreterWebhookConfigurationWebhooksClientConfigService { @@ -121,7 +150,6 @@ pub struct ResourceInterpreterWebhookConfigurationWebhooksRules { /// ["apps", "batch", "example.io"] means matches 3 groups. /// ["*"] means matches all group /// - /// /// Note: The group could be empty, e.g the 'core' group of kubernetes, in that case use [""]. #[serde(rename = "apiGroups")] pub api_groups: Vec, diff --git a/kube-custom-resources-rs/src/control_k8ssandra_io/v1alpha1/cassandratasks.rs b/kube-custom-resources-rs/src/control_k8ssandra_io/v1alpha1/cassandratasks.rs index 86298aa76..72aae63c9 100644 --- a/kube-custom-resources-rs/src/control_k8ssandra_io/v1alpha1/cassandratasks.rs +++ b/kube-custom-resources-rs/src/control_k8ssandra_io/v1alpha1/cassandratasks.rs @@ -62,7 +62,6 @@ pub struct CassandraTaskDatacenter { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. diff --git a/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha1/featureflagconfigurations.rs b/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha1/featureflagconfigurations.rs index 6398c339f..13efbb6cf 100644 --- a/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha1/featureflagconfigurations.rs +++ b/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha1/featureflagconfigurations.rs @@ -88,8 +88,10 @@ pub struct FeatureFlagConfigurationFlagDSpecEnvsValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -129,8 +131,10 @@ pub struct FeatureFlagConfigurationFlagDSpecEnvsValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -142,44 +146,12 @@ pub struct FeatureFlagConfigurationFlagDSpecEnvsValueFromSecretKeyRef { #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct FeatureFlagConfigurationServiceProvider { /// ObjectReference contains enough information to let you inspect or modify the referred object. - /// --- - /// New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. - /// 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. - /// 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular - /// restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". - /// Those cannot be well described when embedded. - /// 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. - /// 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity - /// during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple - /// and the version of the actual struct is irrelevant. - /// 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type - /// will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. - /// - /// - /// Instead of using this type, create a locally provided and used type that is well-focused on your reference. - /// For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, pub name: FeatureFlagConfigurationServiceProviderName, } /// ObjectReference contains enough information to let you inspect or modify the referred object. -/// --- -/// New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. -/// 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. -/// 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular -/// restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". -/// Those cannot be well described when embedded. -/// 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. -/// 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity -/// during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple -/// and the version of the actual struct is irrelevant. -/// 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type -/// will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. -/// -/// -/// Instead of using this type, create a locally provided and used type that is well-focused on your reference. -/// For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FeatureFlagConfigurationServiceProviderCredentials { /// API version of the referent. @@ -192,7 +164,6 @@ pub struct FeatureFlagConfigurationServiceProviderCredentials { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. diff --git a/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha2/featureflagconfigurations.rs b/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha2/featureflagconfigurations.rs index 9fbb44fa1..f15457692 100644 --- a/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha2/featureflagconfigurations.rs +++ b/kube-custom-resources-rs/src/core_openfeature_dev/v1alpha2/featureflagconfigurations.rs @@ -119,8 +119,10 @@ pub struct FeatureFlagConfigurationFlagDSpecEnvsValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -160,8 +162,10 @@ pub struct FeatureFlagConfigurationFlagDSpecEnvsValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -175,11 +179,9 @@ pub struct FeatureFlagConfigurationResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -202,50 +204,23 @@ pub struct FeatureFlagConfigurationResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ServiceProvider [DEPRECATED]: superseded by FlagSourceConfiguration #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct FeatureFlagConfigurationServiceProvider { /// ObjectReference contains enough information to let you inspect or modify the referred object. - /// --- - /// New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. - /// 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. - /// 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular - /// restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". - /// Those cannot be well described when embedded. - /// 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. - /// 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity - /// during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple - /// and the version of the actual struct is irrelevant. - /// 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type - /// will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. - /// - /// - /// Instead of using this type, create a locally provided and used type that is well-focused on your reference. - /// For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . #[serde(default, skip_serializing_if = "Option::is_none")] pub credentials: Option, pub name: FeatureFlagConfigurationServiceProviderName, } /// ObjectReference contains enough information to let you inspect or modify the referred object. -/// --- -/// New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. -/// 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. -/// 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular -/// restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". -/// Those cannot be well described when embedded. -/// 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. -/// 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity -/// during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple -/// and the version of the actual struct is irrelevant. -/// 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type -/// will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. -/// -/// -/// Instead of using this type, create a locally provided and used type that is well-focused on your reference. -/// For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FeatureFlagConfigurationServiceProviderCredentials { /// API version of the referent. @@ -258,7 +233,6 @@ pub struct FeatureFlagConfigurationServiceProviderCredentials { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgpconfigurations.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgpconfigurations.rs index a5e4d4248..1e12ff035 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgpconfigurations.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgpconfigurations.rs @@ -19,7 +19,9 @@ pub struct BGPConfigurationSpec { /// ASNumber is the default AS number used by a node. [Default: 64512] #[serde(default, skip_serializing_if = "Option::is_none", rename = "asNumber")] pub as_number: Option, - /// BindMode indicates whether to listen for BGP connections on all addresses (None) or only on the node's canonical IP address Node.Spec.BGP.IPvXAddress (NodeIP). Default behaviour is to listen for BGP connections on all addresses. + /// BindMode indicates whether to listen for BGP connections on all addresses (None) + /// or only on the node's canonical IP address Node.Spec.BGP.IPvXAddress (NodeIP). + /// Default behaviour is to listen for BGP connections on all addresses. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bindMode")] pub bind_mode: Option, /// Communities is a list of BGP community values and their arbitrary names for tagging routes. @@ -34,10 +36,13 @@ pub struct BGPConfigurationSpec { /// LogSeverityScreen is the log severity above which logs are sent to the stdout. [Default: INFO] #[serde(default, skip_serializing_if = "Option::is_none", rename = "logSeverityScreen")] pub log_severity_screen: Option, - /// Time to allow for software restart for node-to-mesh peerings. When specified, this is configured as the graceful restart timeout. When not specified, the BIRD default of 120s is used. This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled + /// Time to allow for software restart for node-to-mesh peerings. When specified, this is configured + /// as the graceful restart timeout. When not specified, the BIRD default of 120s is used. + /// This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeMeshMaxRestartTime")] pub node_mesh_max_restart_time: Option, - /// Optional BGP password for full node-to-mesh peerings. This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled + /// Optional BGP password for full node-to-mesh peerings. + /// This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeMeshPassword")] pub node_mesh_password: Option, /// NodeToNodeMeshEnabled sets whether full node to node BGP mesh is enabled. [Default: true] @@ -46,13 +51,16 @@ pub struct BGPConfigurationSpec { /// PrefixAdvertisements contains per-prefix advertisement configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "prefixAdvertisements")] pub prefix_advertisements: Option>, - /// ServiceClusterIPs are the CIDR blocks from which service cluster IPs are allocated. If specified, Calico will advertise these blocks, as well as any cluster IPs within them. + /// ServiceClusterIPs are the CIDR blocks from which service cluster IPs are allocated. + /// If specified, Calico will advertise these blocks, as well as any cluster IPs within them. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceClusterIPs")] pub service_cluster_i_ps: Option>, - /// ServiceExternalIPs are the CIDR blocks for Kubernetes Service External IPs. Kubernetes Service ExternalIPs will only be advertised if they are within one of these blocks. + /// ServiceExternalIPs are the CIDR blocks for Kubernetes Service External IPs. + /// Kubernetes Service ExternalIPs will only be advertised if they are within one of these blocks. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceExternalIPs")] pub service_external_i_ps: Option>, - /// ServiceLoadBalancerIPs are the CIDR blocks for Kubernetes Service LoadBalancer IPs. Kubernetes Service status.LoadBalancer.Ingress IPs will only be advertised if they are within one of these blocks. + /// ServiceLoadBalancerIPs are the CIDR blocks for Kubernetes Service LoadBalancer IPs. + /// Kubernetes Service status.LoadBalancer.Ingress IPs will only be advertised if they are within one of these blocks. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceLoadBalancerIPs")] pub service_load_balancer_i_ps: Option>, } @@ -63,12 +71,16 @@ pub struct BGPConfigurationCommunities { /// Name given to community value. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Value must be of format `aa:nn` or `aa:nn:mm`. For standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number. For large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number. Where, `aa` is an AS Number, `nn` and `mm` are per-AS identifier. + /// Value must be of format `aa:nn` or `aa:nn:mm`. + /// For standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number. + /// For large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number. + /// Where, `aa` is an AS Number, `nn` and `mm` are per-AS identifier. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } -/// Optional BGP password for full node-to-mesh peerings. This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled +/// Optional BGP password for full node-to-mesh peerings. +/// This field can only be set on the default BGPConfiguration instance and requires that NodeMesh is enabled #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BGPConfigurationNodeMeshPassword { /// Selects a key of a secret in the node pod's namespace. @@ -81,7 +93,11 @@ pub struct BGPConfigurationNodeMeshPassword { pub struct BGPConfigurationNodeMeshPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -95,7 +111,10 @@ pub struct BGPConfigurationPrefixAdvertisements { /// CIDR for which properties should be advertised. #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// Communities can be list of either community names already defined in `Specs.Communities` or community value of format `aa:nn` or `aa:nn:mm`. For standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number. For large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number. Where,`aa` is an AS Number, `nn` and `mm` are per-AS identifier. + /// Communities can be list of either community names already defined in `Specs.Communities` or community value of format `aa:nn` or `aa:nn:mm`. + /// For standard community use `aa:nn` format, where `aa` and `nn` are 16 bit number. + /// For large community use `aa:nn:mm` format, where `aa`, `nn` and `mm` are 32 bit number. + /// Where,`aa` is an AS Number, `nn` and `mm` are per-AS identifier. #[serde(default, skip_serializing_if = "Option::is_none")] pub communities: Option>, } diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgppeers.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgppeers.rs index bc2782531..c181a335f 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgppeers.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/bgppeers.rs @@ -22,37 +22,57 @@ pub struct BGPPeerSpec { /// The ordered set of BGPFilters applied on this BGP peer. #[serde(default, skip_serializing_if = "Option::is_none")] pub filters: Option>, - /// Option to keep the original nexthop field when routes are sent to a BGP Peer. Setting "true" configures the selected BGP Peers node to use the "next hop keep;" instead of "next hop self;"(default) in the specific branch of the Node on "bird.cfg". + /// Option to keep the original nexthop field when routes are sent to a BGP Peer. + /// Setting "true" configures the selected BGP Peers node to use the "next hop keep;" + /// instead of "next hop self;"(default) in the specific branch of the Node on "bird.cfg". #[serde(default, skip_serializing_if = "Option::is_none", rename = "keepOriginalNextHop")] pub keep_original_next_hop: Option, - /// Time to allow for software restart. When specified, this is configured as the graceful restart timeout. When not specified, the BIRD default of 120s is used. + /// Time to allow for software restart. When specified, this is configured as the graceful + /// restart timeout. When not specified, the BIRD default of 120s is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRestartTime")] pub max_restart_time: Option, - /// The node name identifying the Calico node instance that is targeted by this peer. If this is not set, and no nodeSelector is specified, then this BGP peer selects all nodes in the cluster. + /// The node name identifying the Calico node instance that is targeted by this peer. + /// If this is not set, and no nodeSelector is specified, then this BGP peer selects all + /// nodes in the cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub node: Option, - /// Selector for the nodes that should have this peering. When this is set, the Node field must be empty. + /// Selector for the nodes that should have this peering. When this is set, the Node + /// field must be empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Maximum number of local AS numbers that are allowed in the AS path for received routes. This removes BGP loop prevention and should only be used if absolutely necessary. + /// Maximum number of local AS numbers that are allowed in the AS path for received routes. + /// This removes BGP loop prevention and should only be used if absolutely necessary. #[serde(default, skip_serializing_if = "Option::is_none", rename = "numAllowedLocalASNumbers")] pub num_allowed_local_as_numbers: Option, /// Optional BGP password for the peerings generated by this BGPPeer resource. #[serde(default, skip_serializing_if = "Option::is_none")] pub password: Option, - /// The IP address of the peer followed by an optional port number to peer with. If port number is given, format should be `[]:port` or `:` for IPv4. If optional port number is not set, and this peer IP and ASNumber belongs to a calico/node with ListenPort set in BGPConfiguration, then we use that port to peer. + /// The IP address of the peer followed by an optional port number to peer with. + /// If port number is given, format should be `[]:port` or `:` for IPv4. + /// If optional port number is not set, and this peer IP and ASNumber belongs to a calico/node + /// with ListenPort set in BGPConfiguration, then we use that port to peer. #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerIP")] pub peer_ip: Option, - /// Selector for the remote nodes to peer with. When this is set, the PeerIP and ASNumber fields must be empty. For each peering between the local node and selected remote nodes, we configure an IPv4 peering if both ends have NodeBGPSpec.IPv4Address specified, and an IPv6 peering if both ends have NodeBGPSpec.IPv6Address specified. The remote AS number comes from the remote node's NodeBGPSpec.ASNumber, or the global default if that is not set. + /// Selector for the remote nodes to peer with. When this is set, the PeerIP and + /// ASNumber fields must be empty. For each peering between the local node and + /// selected remote nodes, we configure an IPv4 peering if both ends have + /// NodeBGPSpec.IPv4Address specified, and an IPv6 peering if both ends have + /// NodeBGPSpec.IPv6Address specified. The remote AS number comes from the remote + /// node's NodeBGPSpec.ASNumber, or the global default if that is not set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerSelector")] pub peer_selector: Option, - /// Add an exact, i.e. /32, static route toward peer IP in order to prevent route flapping. ReachableBy contains the address of the gateway which peer can be reached by. + /// Add an exact, i.e. /32, static route toward peer IP in order to prevent route flapping. + /// ReachableBy contains the address of the gateway which peer can be reached by. #[serde(default, skip_serializing_if = "Option::is_none", rename = "reachableBy")] pub reachable_by: Option, - /// Specifies whether and how to configure a source address for the peerings generated by this BGPPeer resource. Default value "UseNodeIP" means to configure the node IP as the source address. "None" means not to configure a source address. + /// Specifies whether and how to configure a source address for the peerings generated by + /// this BGPPeer resource. Default value "UseNodeIP" means to configure the node IP as the + /// source address. "None" means not to configure a source address. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceAddress")] pub source_address: Option, - /// TTLSecurity enables the generalized TTL security mechanism (GTSM) which protects against spoofed packets by ignoring received packets with a smaller than expected TTL value. The provided value is the number of hops (edges) between the peers. + /// TTLSecurity enables the generalized TTL security mechanism (GTSM) which protects against spoofed packets by + /// ignoring received packets with a smaller than expected TTL value. The provided value is the number of hops + /// (edges) between the peers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ttlSecurity")] pub ttl_security: Option, } @@ -70,7 +90,11 @@ pub struct BGPPeerPassword { pub struct BGPPeerPasswordSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/blockaffinities.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/blockaffinities.rs index 0558903d7..14ffd44bb 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/blockaffinities.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/blockaffinities.rs @@ -17,9 +17,13 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct BlockAffinitySpec { pub cidr: String, - /// Deleted indicates that this block affinity is being deleted. This field is a string for compatibility with older releases that mistakenly treat this field as a string. + /// Deleted indicates that this block affinity is being deleted. + /// This field is a string for compatibility with older releases that + /// mistakenly treat this field as a string. pub deleted: String, pub node: String, pub state: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/caliconodestatuses.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/caliconodestatuses.rs index a7ead2501..856001ede 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/caliconodestatuses.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/caliconodestatuses.rs @@ -16,18 +16,21 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct CalicoNodeStatusSpec { - /// Classes declares the types of information to monitor for this calico/node, and allows for selective status reporting about certain subsets of information. + /// Classes declares the types of information to monitor for this calico/node, + /// and allows for selective status reporting about certain subsets of information. #[serde(default, skip_serializing_if = "Option::is_none")] pub classes: Option>, /// The node name identifies the Calico node instance for node status. #[serde(default, skip_serializing_if = "Option::is_none")] pub node: Option, - /// UpdatePeriodSeconds is the period at which CalicoNodeStatus should be updated. Set to 0 to disable CalicoNodeStatus refresh. Maximum update period is one day. + /// UpdatePeriodSeconds is the period at which CalicoNodeStatus should be updated. + /// Set to 0 to disable CalicoNodeStatus refresh. Maximum update period is one day. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePeriodSeconds")] pub update_period_seconds: Option, } -/// CalicoNodeStatusStatus defines the observed state of CalicoNodeStatus. No validation needed for status since it is updated by Calico. +/// CalicoNodeStatusStatus defines the observed state of CalicoNodeStatus. +/// No validation needed for status since it is updated by Calico. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CalicoNodeStatusStatus { /// Agent holds agent status on the node. @@ -36,7 +39,8 @@ pub struct CalicoNodeStatusStatus { /// BGP holds node BGP status. #[serde(default, skip_serializing_if = "Option::is_none")] pub bgp: Option, - /// LastUpdated is a timestamp representing the server time when CalicoNodeStatus object last updated. It is represented in RFC3339 form and is in UTC. + /// LastUpdated is a timestamp representing the server time when CalicoNodeStatus object + /// last updated. It is represented in RFC3339 form and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastUpdated")] pub last_updated: Option, /// Routes reports routes known to the Calico BGP daemon on the node. @@ -130,7 +134,8 @@ pub struct CalicoNodeStatusStatusBgpPeersV4 { /// State is the BGP session state. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, - /// Type indicates whether this peer is configured via the node-to-node mesh, or via en explicit global or per-node BGPPeer object. + /// Type indicates whether this peer is configured via the node-to-node mesh, + /// or via en explicit global or per-node BGPPeer object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -147,7 +152,8 @@ pub struct CalicoNodeStatusStatusBgpPeersV6 { /// State is the BGP session state. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, - /// Type indicates whether this peer is configured via the node-to-node mesh, or via en explicit global or per-node BGPPeer object. + /// Type indicates whether this peer is configured via the node-to-node mesh, + /// or via en explicit global or per-node BGPPeer object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/clusterinformations.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/clusterinformations.rs index 66208b27e..506e52253 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/clusterinformations.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/clusterinformations.rs @@ -25,7 +25,8 @@ pub struct ClusterInformationSpec { /// ClusterType describes the type of the cluster #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterType")] pub cluster_type: Option, - /// DatastoreReady is used during significant datastore migrations to signal to components such as Felix that it should wait before accessing the datastore. + /// DatastoreReady is used during significant datastore migrations to signal to components + /// such as Felix that it should wait before accessing the datastore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "datastoreReady")] pub datastore_ready: Option, /// Variant declares which variant of Calico should be active. diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/hostendpoints.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/hostendpoints.rs index 98239d7e0..04e5617a1 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/hostendpoints.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/hostendpoints.rs @@ -17,12 +17,31 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct HostEndpointSpec { - /// The expected IP addresses (IPv4 and IPv6) of the endpoint. If "InterfaceName" is not present, Calico will look for an interface matching any of the IPs in the list and apply policy to that. Note: When using the selector match criteria in an ingress or egress security Policy or Profile, Calico converts the selector into a set of IP addresses. For host endpoints, the ExpectedIPs field is used for that purpose. (If only the interface name is specified, Calico does not learn the IPs of the interface for use in match criteria.) + /// The expected IP addresses (IPv4 and IPv6) of the endpoint. + /// If "InterfaceName" is not present, Calico will look for an interface matching any + /// of the IPs in the list and apply policy to that. + /// Note: + /// When using the selector match criteria in an ingress or egress security Policy + /// or Profile, Calico converts the selector into a set of IP addresses. For host + /// endpoints, the ExpectedIPs field is used for that purpose. (If only the interface + /// name is specified, Calico does not learn the IPs of the interface for use in match + /// criteria.) #[serde(default, skip_serializing_if = "Option::is_none", rename = "expectedIPs")] pub expected_i_ps: Option>, - /// Either "*", or the name of a specific Linux interface to apply policy to; or empty. "*" indicates that this HostEndpoint governs all traffic to, from or through the default network namespace of the host named by the "Node" field; entering and leaving that namespace via any interface, including those from/to non-host-networked local workloads. - /// If InterfaceName is not "*", this HostEndpoint only governs traffic that enters or leaves the host through the specific interface named by InterfaceName, or - when InterfaceName is empty - through the specific interface that has one of the IPs in ExpectedIPs. Therefore, when InterfaceName is empty, at least one expected IP must be specified. Only external interfaces (such as "eth0") are supported here; it isn't possible for a HostEndpoint to protect traffic through a specific local workload interface. - /// Note: Only some kinds of policy are implemented for "*" HostEndpoints; initially just pre-DNAT policy. Please check Calico documentation for the latest position. + /// Either "*", or the name of a specific Linux interface to apply policy to; or empty. "*" + /// indicates that this HostEndpoint governs all traffic to, from or through the default + /// network namespace of the host named by the "Node" field; entering and leaving that + /// namespace via any interface, including those from/to non-host-networked local workloads. + /// + /// If InterfaceName is not "*", this HostEndpoint only governs traffic that enters or leaves + /// the host through the specific interface named by InterfaceName, or - when InterfaceName + /// is empty - through the specific interface that has one of the IPs in ExpectedIPs. + /// Therefore, when InterfaceName is empty, at least one expected IP must be specified. Only + /// external interfaces (such as "eth0") are supported here; it isn't possible for a + /// HostEndpoint to protect traffic through a specific local workload interface. + /// + /// Note: Only some kinds of policy are implemented for "*" HostEndpoints; initially just + /// pre-DNAT policy. Please check Calico documentation for the latest position. #[serde(default, skip_serializing_if = "Option::is_none", rename = "interfaceName")] pub interface_name: Option, /// The node name identifying the Calico node instance. @@ -31,7 +50,9 @@ pub struct HostEndpointSpec { /// Ports contains the endpoint's named ports, which may be referenced in security policy rules. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// A list of identifiers of security Profile objects that apply to this endpoint. Each profile is applied in the order that they appear in this list. Profile rules are applied after the selector-based security policy. + /// A list of identifiers of security Profile objects that apply to this endpoint. Each + /// profile is applied in the order that they appear in this list. Profile rules are applied + /// after the selector-based security policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub profiles: Option>, } diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamblocks.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamblocks.rs index 9d40f4d3c..01723f738 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamblocks.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamblocks.rs @@ -17,22 +17,34 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct IPAMBlockSpec { - /// Affinity of the block, if this block has one. If set, it will be of the form "host:". If not set, this block is not affine to a host. + /// Affinity of the block, if this block has one. If set, it will be of the form + /// "host:". If not set, this block is not affine to a host. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// Array of allocations in-use within this block. nil entries mean the allocation is free. For non-nil entries at index i, the index is the ordinal of the allocation within this block and the value is the index of the associated attributes in the Attributes array. + /// Array of allocations in-use within this block. nil entries mean the allocation is free. + /// For non-nil entries at index i, the index is the ordinal of the allocation within this block + /// and the value is the index of the associated attributes in the Attributes array. pub allocations: Vec, - /// Attributes is an array of arbitrary metadata associated with allocations in the block. To find attributes for a given allocation, use the value of the allocation's entry in the Allocations array as the index of the element in this array. + /// Attributes is an array of arbitrary metadata associated with allocations in the block. To find + /// attributes for a given allocation, use the value of the allocation's entry in the Allocations array + /// as the index of the element in this array. pub attributes: Vec, /// The block's CIDR. pub cidr: String, - /// Deleted is an internal boolean used to workaround a limitation in the Kubernetes API whereby deletion will not return a conflict error if the block has been updated. It should not be set manually. + /// Deleted is an internal boolean used to workaround a limitation in the Kubernetes API whereby + /// deletion will not return a conflict error if the block has been updated. It should not be set manually. #[serde(default, skip_serializing_if = "Option::is_none")] pub deleted: Option, - /// We store a sequence number that is updated each time the block is written. Each allocation will also store the sequence number of the block at the time of its creation. When releasing an IP, passing the sequence number associated with the allocation allows us to protect against a race condition and ensure the IP hasn't been released and re-allocated since the release request. + /// We store a sequence number that is updated each time the block is written. + /// Each allocation will also store the sequence number of the block at the time of its creation. + /// When releasing an IP, passing the sequence number associated with the allocation allows us + /// to protect against a race condition and ensure the IP hasn't been released and re-allocated + /// since the release request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sequenceNumber")] pub sequence_number: Option, - /// Map of allocated ordinal within the block to sequence number of the block at the time of allocation. Kubernetes does not allow numerical keys for maps, so the key is cast to a string. + /// Map of allocated ordinal within the block to sequence number of the block at + /// the time of allocation. Kubernetes does not allow numerical keys for maps, so + /// the key is cast to a string. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sequenceNumberForAllocation")] pub sequence_number_for_allocation: Option>, /// StrictAffinity on the IPAMBlock is deprecated and no longer used by the code. Use IPAMConfig StrictAffinity instead. diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamconfigs.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamconfigs.rs index 8ce6c93de..22e67ff57 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamconfigs.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ipamconfigs.rs @@ -18,7 +18,8 @@ use self::prelude::*; pub struct IPAMConfigSpec { #[serde(rename = "autoAllocateBlocks")] pub auto_allocate_blocks: bool, - /// MaxBlocksPerHost, if non-zero, is the max number of blocks that can be affine to each host. + /// MaxBlocksPerHost, if non-zero, is the max number of blocks that can be + /// affine to each host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxBlocksPerHost")] pub max_blocks_per_host: Option, #[serde(rename = "strictAffinity")] diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ippools.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ippools.rs index fa3cf728c..77016a391 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ippools.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/ippools.rs @@ -16,9 +16,13 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct IPPoolSpec { - /// AllowedUse controls what the IP pool will be used for. If not specified or empty, defaults to ["Tunnel", "Workload"] for back-compatibility + /// AllowedUse controls what the IP pool will be used for. If not specified or empty, defaults to + /// ["Tunnel", "Workload"] for back-compatibility #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedUses")] pub allowed_uses: Option>, + /// Determines the mode how IP addresses should be assigned from this pool + #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignmentMode")] + pub assignment_mode: Option, /// The block size to use for IP address assignments from this pool. Defaults to 26 for IPv4 and 122 for IPv6. #[serde(default, skip_serializing_if = "Option::is_none", rename = "blockSize")] pub block_size: Option, @@ -30,33 +34,51 @@ pub struct IPPoolSpec { /// When disabled is true, Calico IPAM will not assign addresses from this pool. #[serde(default, skip_serializing_if = "Option::is_none")] pub disabled: Option, - /// Deprecated: this field is only used for APIv1 backwards compatibility. Setting this field is not allowed, this field is for internal use only. + /// Deprecated: this field is only used for APIv1 backwards compatibility. + /// Setting this field is not allowed, this field is for internal use only. #[serde(default, skip_serializing_if = "Option::is_none")] pub ipip: Option, - /// Contains configuration for IPIP tunneling for this pool. If not specified, then this is defaulted to "Never" (i.e. IPIP tunneling is disabled). + /// Contains configuration for IPIP tunneling for this pool. If not specified, + /// then this is defaulted to "Never" (i.e. IPIP tunneling is disabled). #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipipMode")] pub ipip_mode: Option, - /// Deprecated: this field is only used for APIv1 backwards compatibility. Setting this field is not allowed, this field is for internal use only. + /// Deprecated: this field is only used for APIv1 backwards compatibility. + /// Setting this field is not allowed, this field is for internal use only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nat-outgoing")] pub nat_outgoing: Option, - /// When natOutgoing is true, packets sent from Calico networked containers in this pool to destinations outside of this pool will be masqueraded. + /// When natOutgoing is true, packets sent from Calico networked containers in + /// this pool to destinations outside of this pool will be masqueraded. #[serde(default, skip_serializing_if = "Option::is_none", rename = "natOutgoing")] pub nat_outgoing_x: Option, /// Allows IPPool to allocate for a specific node by label selector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// Contains configuration for VXLAN tunneling for this pool. If not specified, then this is defaulted to "Never" (i.e. VXLAN tunneling is disabled). + /// Contains configuration for VXLAN tunneling for this pool. If not specified, + /// then this is defaulted to "Never" (i.e. VXLAN tunneling is disabled). #[serde(default, skip_serializing_if = "Option::is_none", rename = "vxlanMode")] pub vxlan_mode: Option, } -/// Deprecated: this field is only used for APIv1 backwards compatibility. Setting this field is not allowed, this field is for internal use only. +/// IPPoolSpec contains the specification for an IPPool resource. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum IPPoolAssignmentMode { + Automatic, + Manual, +} + +/// Deprecated: this field is only used for APIv1 backwards compatibility. +/// Setting this field is not allowed, this field is for internal use only. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IPPoolIpip { - /// When enabled is true, ipip tunneling will be used to deliver packets to destinations within this pool. + /// When enabled is true, ipip tunneling will be used to deliver packets to + /// destinations within this pool. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// The IPIP mode. This can be one of "always" or "cross-subnet". A mode of "always" will also use IPIP tunneling for routing to destination IP addresses within this pool. A mode of "cross-subnet" will only use IPIP tunneling when the destination node is on a different subnet to the originating node. The default value (if not specified) is "always". + /// The IPIP mode. This can be one of "always" or "cross-subnet". A mode + /// of "always" will also use IPIP tunneling for routing to destination IP + /// addresses within this pool. A mode of "cross-subnet" will only use IPIP + /// tunneling when the destination node is on a different subnet to the + /// originating node. The default value (if not specified) is "always". #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, } diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/kubecontrollersconfigurations.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/kubecontrollersconfigurations.rs index df85813b4..1b1b47e72 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/kubecontrollersconfigurations.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/kubecontrollersconfigurations.rs @@ -19,7 +19,8 @@ use self::prelude::*; pub struct KubeControllersConfigurationSpec { /// Controllers enables and configures individual Kubernetes controllers pub controllers: KubeControllersConfigurationControllers, - /// DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling is disabled. + /// DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling + /// is disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "debugProfilePort")] pub debug_profile_port: Option, /// EtcdV3CompactionPeriod is the period between etcdv3 compaction requests. Set to 0 to disable. [Default: 10m] @@ -39,6 +40,9 @@ pub struct KubeControllersConfigurationSpec { /// Controllers enables and configures individual Kubernetes controllers #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubeControllersConfigurationControllers { + /// LoadBalancer enables and configures the LoadBalancer controller. Enabled by default, set to nil to disable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancer")] + pub load_balancer: Option, /// Namespace enables and configures the namespace controller. Enabled by default, set to nil to disable. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -56,6 +60,13 @@ pub struct KubeControllersConfigurationControllers { pub workload_endpoint: Option, } +/// LoadBalancer enables and configures the LoadBalancer controller. Enabled by default, set to nil to disable. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeControllersConfigurationControllersLoadBalancer { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignIPs")] + pub assign_i_ps: Option, +} + /// Namespace enables and configures the namespace controller. Enabled by default, set to nil to disable. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubeControllersConfigurationControllersNamespace { @@ -70,7 +81,8 @@ pub struct KubeControllersConfigurationControllersNode { /// HostEndpoint controls syncing nodes to host endpoints. Disabled by default, set to nil to disable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostEndpoint")] pub host_endpoint: Option, - /// LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked. Set to 0 to disable IP garbage collection. [Default: 15m] + /// LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked. + /// Set to 0 to disable IP garbage collection. [Default: 15m] #[serde(default, skip_serializing_if = "Option::is_none", rename = "leakGracePeriod")] pub leak_grace_period: Option, /// ReconcilerPeriod is the period to perform reconciliation with the Calico datastore. [Default: 5m] @@ -113,23 +125,29 @@ pub struct KubeControllersConfigurationControllersWorkloadEndpoint { pub reconciler_period: Option, } -/// KubeControllersConfigurationStatus represents the status of the configuration. It's useful for admins to be able to see the actual config that was applied, which can be modified by environment variables on the kube-controllers process. +/// KubeControllersConfigurationStatus represents the status of the configuration. It's useful for admins to +/// be able to see the actual config that was applied, which can be modified by environment variables on the +/// kube-controllers process. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubeControllersConfigurationStatus { - /// EnvironmentVars contains the environment variables on the kube-controllers that influenced the RunningConfig. + /// EnvironmentVars contains the environment variables on the kube-controllers that influenced + /// the RunningConfig. #[serde(default, skip_serializing_if = "Option::is_none", rename = "environmentVars")] pub environment_vars: Option>, - /// RunningConfig contains the effective config that is running in the kube-controllers pod, after merging the API resource with any environment variables. + /// RunningConfig contains the effective config that is running in the kube-controllers pod, after + /// merging the API resource with any environment variables. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runningConfig")] pub running_config: Option, } -/// RunningConfig contains the effective config that is running in the kube-controllers pod, after merging the API resource with any environment variables. +/// RunningConfig contains the effective config that is running in the kube-controllers pod, after +/// merging the API resource with any environment variables. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubeControllersConfigurationStatusRunningConfig { /// Controllers enables and configures individual Kubernetes controllers pub controllers: KubeControllersConfigurationStatusRunningConfigControllers, - /// DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling is disabled. + /// DebugProfilePort configures the port to serve memory and cpu profiles on. If not specified, profiling + /// is disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "debugProfilePort")] pub debug_profile_port: Option, /// EtcdV3CompactionPeriod is the period between etcdv3 compaction requests. Set to 0 to disable. [Default: 10m] @@ -149,6 +167,9 @@ pub struct KubeControllersConfigurationStatusRunningConfig { /// Controllers enables and configures individual Kubernetes controllers #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubeControllersConfigurationStatusRunningConfigControllers { + /// LoadBalancer enables and configures the LoadBalancer controller. Enabled by default, set to nil to disable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancer")] + pub load_balancer: Option, /// Namespace enables and configures the namespace controller. Enabled by default, set to nil to disable. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -166,6 +187,13 @@ pub struct KubeControllersConfigurationStatusRunningConfigControllers { pub workload_endpoint: Option, } +/// LoadBalancer enables and configures the LoadBalancer controller. Enabled by default, set to nil to disable. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubeControllersConfigurationStatusRunningConfigControllersLoadBalancer { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignIPs")] + pub assign_i_ps: Option, +} + /// Namespace enables and configures the namespace controller. Enabled by default, set to nil to disable. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubeControllersConfigurationStatusRunningConfigControllersNamespace { @@ -180,7 +208,8 @@ pub struct KubeControllersConfigurationStatusRunningConfigControllersNode { /// HostEndpoint controls syncing nodes to host endpoints. Disabled by default, set to nil to disable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostEndpoint")] pub host_endpoint: Option, - /// LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked. Set to 0 to disable IP garbage collection. [Default: 15m] + /// LeakGracePeriod is the period used by the controller to determine if an IP address has been leaked. + /// Set to 0 to disable IP garbage collection. [Default: 15m] #[serde(default, skip_serializing_if = "Option::is_none", rename = "leakGracePeriod")] pub leak_grace_period: Option, /// ReconcilerPeriod is the period to perform reconciliation with the Calico datastore. [Default: 5m] diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/mod.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/mod.rs index 1804a5fc8..6161394c4 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/mod.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/mod.rs @@ -13,4 +13,7 @@ pub mod ippools; pub mod ipreservations; pub mod kubecontrollersconfigurations; pub mod networksets; +pub mod stagedglobalnetworkpolicies; +pub mod stagedkubernetesnetworkpolicies; +pub mod stagednetworkpolicies; pub mod tiers; diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedglobalnetworkpolicies.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedglobalnetworkpolicies.rs new file mode 100644 index 000000000..af447bbbc --- /dev/null +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedglobalnetworkpolicies.rs @@ -0,0 +1,4 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedglobalnetworkpolicies.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedkubernetesnetworkpolicies.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedkubernetesnetworkpolicies.rs new file mode 100644 index 000000000..dc5183bda --- /dev/null +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagedkubernetesnetworkpolicies.rs @@ -0,0 +1,401 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagedkubernetesnetworkpolicies.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; + pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; +} +use self::prelude::*; + +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "crd.projectcalico.org", version = "v1", kind = "StagedKubernetesNetworkPolicy", plural = "stagedkubernetesnetworkpolicies")] +#[kube(namespaced)] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct StagedKubernetesNetworkPolicySpec { + /// List of egress rules to be applied to the selected pods. Outgoing traffic is + /// allowed if there are no NetworkPolicies selecting the pod (and cluster policy + /// otherwise allows the traffic), OR if the traffic matches at least one egress rule + /// across all of the NetworkPolicy objects whose podSelector matches the pod. If + /// this field is empty then this NetworkPolicy limits all outgoing traffic (and serves + /// solely to ensure that the pods it selects are isolated by default). + /// This field is beta-level in 1.8 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub egress: Option>, + /// List of ingress rules to be applied to the selected pods. Traffic is allowed to + /// a pod if there are no NetworkPolicies selecting the pod + /// (and cluster policy otherwise allows the traffic), OR if the traffic source is + /// the pod's local node, OR if the traffic matches at least one ingress rule + /// across all of the NetworkPolicy objects whose podSelector matches the pod. If + /// this field is empty then this NetworkPolicy does not allow any traffic (and serves + /// solely to ensure that the pods it selects are isolated by default) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ingress: Option>, + /// Selects the pods to which this NetworkPolicy object applies. The array of + /// ingress rules is applied to any pods selected by this field. Multiple network + /// policies can select the same set of pods. In this case, the ingress rules for + /// each are combined additively. This field is NOT optional and follows standard + /// label selector semantics. An empty podSelector matches all pods in this + /// namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] + pub pod_selector: Option, + /// List of rule types that the NetworkPolicy relates to. + /// Valid options are Ingress, Egress, or Ingress,Egress. + /// If this field is not specified, it will default based on the existence of Ingress or Egress rules; + /// policies that contain an Egress section are assumed to affect Egress, and all policies + /// (whether or not they contain an Ingress section) are assumed to affect Ingress. + /// If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. + /// Likewise, if you want to write a policy that specifies that no egress is allowed, + /// you must specify a policyTypes value that include "Egress" (since such a policy would not include + /// an Egress section and would otherwise default to just [ "Ingress" ]). + /// This field is beta-level in 1.8 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "policyTypes")] + pub policy_types: Option>, + /// The staged action. If this is omitted, the default is Set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stagedAction")] + pub staged_action: Option, +} + +/// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods +/// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to. +/// This type is beta-level in 1.8 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgress { + /// ports is a list of destination ports for outgoing traffic. + /// Each item in this list is combined using a logical OR. If this field is + /// empty or missing, this rule matches all ports (traffic not restricted by port). + /// If this field is present and contains at least one item, then this rule allows + /// traffic only if the traffic matches at least one port in the list. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, + /// to is a list of destinations for outgoing traffic of pods selected for this rule. + /// Items in this list are combined using a logical OR operation. If this field is + /// empty or missing, this rule matches all destinations (traffic not restricted by + /// destination). If this field is present and contains at least one item, this rule + /// allows traffic only if the traffic matches at least one item in the to list. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub to: Option>, +} + +/// NetworkPolicyPort describes a port to allow traffic on +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgressPorts { + /// endPort indicates that the range of ports from port to endPort if set, inclusive, + /// should be allowed by the policy. This field cannot be defined if the port field + /// is not defined or if the port field is defined as a named (string) port. + /// The endPort must be equal or greater than port. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endPort")] + pub end_port: Option, + /// port represents the port on the given protocol. This can either be a numerical or named + /// port on a pod. If this field is not provided, this matches all port names and + /// numbers. + /// If present, only traffic on the specified protocol AND port will be matched. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, +} + +/// NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of +/// fields are allowed +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgressTo { + /// ipBlock defines policy on a particular IPBlock. If this field is set then + /// neither of the other fields can be. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] + pub ip_block: Option, + /// namespaceSelector selects namespaces using cluster-scoped labels. This field follows + /// standard label selector semantics; if present but empty, it selects all namespaces. + /// + /// If podSelector is also set, then the NetworkPolicyPeer as a whole selects + /// the pods matching podSelector in the namespaces selected by namespaceSelector. + /// Otherwise it selects all pods in the namespaces selected by namespaceSelector. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// podSelector is a label selector which selects pods. This field follows standard label + /// selector semantics; if present but empty, it selects all pods. + /// + /// If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects + /// the pods matching podSelector in the Namespaces selected by NamespaceSelector. + /// Otherwise it selects the pods matching podSelector in the policy's own namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] + pub pod_selector: Option, +} + +/// ipBlock defines policy on a particular IPBlock. If this field is set then +/// neither of the other fields can be. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgressToIpBlock { + /// cidr is a string representing the IPBlock + /// Valid examples are "192.168.1.0/24" or "2001:db8::/64" + pub cidr: String, + /// except is a slice of CIDRs that should not be included within an IPBlock + /// Valid examples are "192.168.1.0/24" or "2001:db8::/64" + /// Except values will be rejected if they are outside the cidr range + #[serde(default, skip_serializing_if = "Option::is_none")] + pub except: Option>, +} + +/// namespaceSelector selects namespaces using cluster-scoped labels. This field follows +/// standard label selector semantics; if present but empty, it selects all namespaces. +/// +/// If podSelector is also set, then the NetworkPolicyPeer as a whole selects +/// the pods matching podSelector in the namespaces selected by namespaceSelector. +/// Otherwise it selects all pods in the namespaces selected by namespaceSelector. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgressToNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgressToNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// podSelector is a label selector which selects pods. This field follows standard label +/// selector semantics; if present but empty, it selects all pods. +/// +/// If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects +/// the pods matching podSelector in the Namespaces selected by NamespaceSelector. +/// Otherwise it selects the pods matching podSelector in the policy's own namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgressToPodSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyEgressToPodSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods +/// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and from. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngress { + /// from is a list of sources which should be able to access the pods selected for this rule. + /// Items in this list are combined using a logical OR operation. If this field is + /// empty or missing, this rule matches all sources (traffic not restricted by + /// source). If this field is present and contains at least one item, this rule + /// allows traffic only if the traffic matches at least one item in the from list. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub from: Option>, + /// ports is a list of ports which should be made accessible on the pods selected for + /// this rule. Each item in this list is combined using a logical OR. If this field is + /// empty or missing, this rule matches all ports (traffic not restricted by port). + /// If this field is present and contains at least one item, then this rule allows + /// traffic only if the traffic matches at least one port in the list. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, +} + +/// NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of +/// fields are allowed +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngressFrom { + /// ipBlock defines policy on a particular IPBlock. If this field is set then + /// neither of the other fields can be. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipBlock")] + pub ip_block: Option, + /// namespaceSelector selects namespaces using cluster-scoped labels. This field follows + /// standard label selector semantics; if present but empty, it selects all namespaces. + /// + /// If podSelector is also set, then the NetworkPolicyPeer as a whole selects + /// the pods matching podSelector in the namespaces selected by namespaceSelector. + /// Otherwise it selects all pods in the namespaces selected by namespaceSelector. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// podSelector is a label selector which selects pods. This field follows standard label + /// selector semantics; if present but empty, it selects all pods. + /// + /// If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects + /// the pods matching podSelector in the Namespaces selected by NamespaceSelector. + /// Otherwise it selects the pods matching podSelector in the policy's own namespace. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSelector")] + pub pod_selector: Option, +} + +/// ipBlock defines policy on a particular IPBlock. If this field is set then +/// neither of the other fields can be. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngressFromIpBlock { + /// cidr is a string representing the IPBlock + /// Valid examples are "192.168.1.0/24" or "2001:db8::/64" + pub cidr: String, + /// except is a slice of CIDRs that should not be included within an IPBlock + /// Valid examples are "192.168.1.0/24" or "2001:db8::/64" + /// Except values will be rejected if they are outside the cidr range + #[serde(default, skip_serializing_if = "Option::is_none")] + pub except: Option>, +} + +/// namespaceSelector selects namespaces using cluster-scoped labels. This field follows +/// standard label selector semantics; if present but empty, it selects all namespaces. +/// +/// If podSelector is also set, then the NetworkPolicyPeer as a whole selects +/// the pods matching podSelector in the namespaces selected by namespaceSelector. +/// Otherwise it selects all pods in the namespaces selected by namespaceSelector. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngressFromNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngressFromNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// podSelector is a label selector which selects pods. This field follows standard label +/// selector semantics; if present but empty, it selects all pods. +/// +/// If namespaceSelector is also set, then the NetworkPolicyPeer as a whole selects +/// the pods matching podSelector in the Namespaces selected by NamespaceSelector. +/// Otherwise it selects the pods matching podSelector in the policy's own namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngressFromPodSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngressFromPodSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// NetworkPolicyPort describes a port to allow traffic on +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyIngressPorts { + /// endPort indicates that the range of ports from port to endPort if set, inclusive, + /// should be allowed by the policy. This field cannot be defined if the port field + /// is not defined or if the port field is defined as a named (string) port. + /// The endPort must be equal or greater than port. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endPort")] + pub end_port: Option, + /// port represents the port on the given protocol. This can either be a numerical or named + /// port on a pod. If this field is not provided, this matches all port names and + /// numbers. + /// If present, only traffic on the specified protocol AND port will be matched. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// protocol represents the protocol (TCP, UDP, or SCTP) which traffic must match. + /// If not specified, this field defaults to TCP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, +} + +/// Selects the pods to which this NetworkPolicy object applies. The array of +/// ingress rules is applied to any pods selected by this field. Multiple network +/// policies can select the same set of pods. In this case, the ingress rules for +/// each are combined additively. This field is NOT optional and follows standard +/// label selector semantics. An empty podSelector matches all pods in this +/// namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyPodSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct StagedKubernetesNetworkPolicyPodSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagednetworkpolicies.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagednetworkpolicies.rs new file mode 100644 index 000000000..c003c0b91 --- /dev/null +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/stagednetworkpolicies.rs @@ -0,0 +1,4 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/projectcalico/calico/crd.projectcalico.org/v1/stagednetworkpolicies.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + diff --git a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/tiers.rs b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/tiers.rs index b789797a4..f244d5cb4 100644 --- a/kube-custom-resources-rs/src/crd_projectcalico_org/v1/tiers.rs +++ b/kube-custom-resources-rs/src/crd_projectcalico_org/v1/tiers.rs @@ -16,10 +16,16 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct TierSpec { - /// DefaultAction specifies the action applied to workloads selected by a policy in the tier, but not rule matched the workload's traffic. [Default: Deny] + /// DefaultAction specifies the action applied to workloads selected by a policy in the tier, + /// but not rule matched the workload's traffic. + /// [Default: Deny] #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultAction")] pub default_action: Option, - /// Order is an optional field that specifies the order in which the tier is applied. Tiers with higher "order" are applied after those with lower order. If the order is omitted, it may be considered to be "infinite" - i.e. the tier will be applied last. Tiers with identical order will be applied in alphanumerical order based on the Tier "Name". + /// Order is an optional field that specifies the order in which the tier is applied. + /// Tiers with higher "order" are applied after those with lower order. If the order + /// is omitted, it may be considered to be "infinite" - i.e. the tier will be applied + /// last. Tiers with identical order will be applied in alphanumerical order based + /// on the Tier "Name". #[serde(default, skip_serializing_if = "Option::is_none")] pub order: Option, } diff --git a/kube-custom-resources-rs/src/datadoghq_com/v2alpha1/datadogagents.rs b/kube-custom-resources-rs/src/datadoghq_com/v2alpha1/datadogagents.rs index e4de37906..8a41984e5 100644 --- a/kube-custom-resources-rs/src/datadoghq_com/v2alpha1/datadogagents.rs +++ b/kube-custom-resources-rs/src/datadoghq_com/v2alpha1/datadogagents.rs @@ -92,6 +92,9 @@ pub struct DatadogAgentFeatures { /// OrchestratorExplorer check configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "orchestratorExplorer")] pub orchestrator_explorer: Option, + /// OtelCollector configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "otelCollector")] + pub otel_collector: Option, /// OTLP ingest configuration #[serde(default, skip_serializing_if = "Option::is_none")] pub otlp: Option, @@ -107,6 +110,9 @@ pub struct DatadogAgentFeatures { /// SBOM collection configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub sbom: Option, + /// ServiceDiscovery + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDiscovery")] + pub service_discovery: Option, /// TCPQueueLength configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpQueueLength")] pub tcp_queue_length: Option, @@ -135,16 +141,25 @@ pub struct DatadogAgentFeaturesAdmissionController { /// FailurePolicy determines how unrecognized and timeout errors are handled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, + /// KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesAdmissionEvents")] + pub kubernetes_admission_events: Option, /// MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled="true"'. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutateUnlabelled")] pub mutate_unlabelled: Option, + /// Mutation contains Admission Controller mutation configurations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mutation: Option, /// Registry defines an image registry for the admission controller. #[serde(default, skip_serializing_if = "Option::is_none")] pub registry: Option, /// ServiceName corresponds to the webhook service name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] pub service_name: Option, + /// Validation contains Admission Controller validation configurations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub validation: Option, /// WebhookName is a custom name for the MutatingWebhookConfiguration. /// Default: "datadog-webhook" #[serde(default, skip_serializing_if = "Option::is_none", rename = "webhookName")] @@ -189,16 +204,12 @@ pub struct DatadogAgentFeaturesAdmissionControllerAgentSidecarInjectionImage { /// To be used if the Name field does not correspond to a full image string. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jmxEnabled")] pub jmx_enabled: Option, - /// Define the image to use: - /// Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - /// Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - /// Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - /// Use "agent" with the registry and tag configurations for /agent:. - /// Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - /// If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - /// and `global.registry` values are ignored. - /// Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - /// image string is created using default registry unless `global.registry` is configured. + /// Defines the Agent image name for the pod. You can provide this as: + /// * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + /// The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + /// * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + /// * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + /// like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The Kubernetes pull policy: @@ -220,8 +231,10 @@ pub struct DatadogAgentFeaturesAdmissionControllerAgentSidecarInjectionImage { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesAdmissionControllerAgentSidecarInjectionImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -283,8 +296,10 @@ pub struct DatadogAgentFeaturesAdmissionControllerAgentSidecarInjectionProfilesE /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -324,8 +339,10 @@ pub struct DatadogAgentFeaturesAdmissionControllerAgentSidecarInjectionProfilesE /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -339,11 +356,9 @@ pub struct DatadogAgentFeaturesAdmissionControllerAgentSidecarInjectionProfilesR /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -366,6 +381,11 @@ pub struct DatadogAgentFeaturesAdmissionControllerAgentSidecarInjectionProfilesR /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Selectors define a pod selector for sidecar injection. @@ -452,6 +472,33 @@ pub struct DatadogAgentFeaturesAdmissionControllerCwsInstrumentation { pub mode: Option, } +/// KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesAdmissionControllerKubernetesAdmissionEvents { + /// Enable the Kubernetes Admission Events feature. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + +/// Mutation contains Admission Controller mutation configurations. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesAdmissionControllerMutation { + /// Enabled enables the Admission Controller mutation webhook. + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + +/// Validation contains Admission Controller validation configurations. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesAdmissionControllerValidation { + /// Enabled enables the Admission Controller validation webhook. + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// APM (Application Performance Monitoring) configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesApm { @@ -484,7 +531,6 @@ pub struct DatadogAgentFeaturesApm { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesApmHostPortConfig { /// Enabled enables host port configuration - /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) @@ -824,7 +870,6 @@ pub struct DatadogAgentFeaturesDogstatsd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesDogstatsdHostPortConfig { /// Enabled enables host port configuration - /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) @@ -1265,6 +1310,117 @@ pub struct DatadogAgentFeaturesOrchestratorExplorerConfConfigMapItems { pub path: String, } +/// OtelCollector configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtelCollector { + /// Conf overrides the configuration for the default Kubernetes State Metrics Core check. + /// This must point to a ConfigMap containing a valid cluster check configuration. + /// When passing a configmap, file name *must* be otel-config.yaml. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conf: Option, + /// OTelCollector Config Relevant to the Core agent + #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreConfig")] + pub core_config: Option, + /// Enabled enables the OTel Agent. + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Ports contains the ports for the otel-agent. + /// Defaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317 + /// or 4318 manually is *only* supported if name match default names (otel-grpc, otel-http). + /// If not, this will lead to a port conflict. + /// This limitation will be lifted once annotations support is removed. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, +} + +/// Conf overrides the configuration for the default Kubernetes State Metrics Core check. +/// This must point to a ConfigMap containing a valid cluster check configuration. +/// When passing a configmap, file name *must* be otel-config.yaml. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtelCollectorConf { + /// ConfigData corresponds to the configuration file content. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configData")] + pub config_data: Option, + /// ConfigMap references an existing ConfigMap with the configuration file content. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, +} + +/// ConfigMap references an existing ConfigMap with the configuration file content. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtelCollectorConfConfigMap { + /// Items maps a ConfigMap data `key` to a file `path` mount. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub items: Option>, + /// Name is the name of the ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Maps a string key to a path within a volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtelCollectorConfConfigMapItems { + /// key is the key to project. + pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. + pub path: String, +} + +/// OTelCollector Config Relevant to the Core agent +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtelCollectorCoreConfig { + /// Enabled marks otelcollector as enabled in core agent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Extension URL provides the timout of the ddflareextension to + /// the core agent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extensionTimeout")] + pub extension_timeout: Option, + /// Extension URL provides the URL of the ddflareextension to + /// the core agent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extensionURL")] + pub extension_url: Option, +} + +/// ContainerPort represents a network port in a single container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtelCollectorPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. + #[serde(rename = "containerPort")] + pub container_port: i32, + /// What host IP to bind the external port to. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] + pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] + pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, +} + /// OTLP ingest configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesOtlp { @@ -1295,7 +1451,7 @@ pub struct DatadogAgentFeaturesOtlpReceiverProtocols { /// GRPC contains configuration for the OTLP ingest OTLP/gRPC receiver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesOtlpReceiverProtocolsGrpc { - /// Enable the OTLP/gRPC endpoint. + /// Enable the OTLP/gRPC endpoint. Host port is enabled by default and can be disabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Endpoint for OTLP/gRPC. @@ -1304,18 +1460,52 @@ pub struct DatadogAgentFeaturesOtlpReceiverProtocolsGrpc { /// Default: `0.0.0.0:4317`. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, + /// Enable hostPort for OTLP/gRPC + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPortConfig")] + pub host_port_config: Option, +} + +/// Enable hostPort for OTLP/gRPC +/// Default: true +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtlpReceiverProtocolsGrpcHostPortConfig { + /// Enabled enables host port configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) + /// If HostNetwork is enabled, this value must match the ContainerPort. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] + pub host_port: Option, } /// HTTP contains configuration for the OTLP ingest OTLP/HTTP receiver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesOtlpReceiverProtocolsHttp { - /// Enable the OTLP/HTTP endpoint. + /// Enable the OTLP/HTTP endpoint. Host port is enabled by default and can be disabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Endpoint for OTLP/HTTP. /// Default: '0.0.0.0:4318'. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, + /// Enable hostPorts for OTLP/HTTP + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPortConfig")] + pub host_port_config: Option, +} + +/// Enable hostPorts for OTLP/HTTP +/// Default: true +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesOtlpReceiverProtocolsHttpHostPortConfig { + /// Enabled enables host port configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) + /// If HostNetwork is enabled, this value must match the ContainerPort. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] + pub host_port: Option, } /// ProcessDiscovery configuration. @@ -1403,6 +1593,15 @@ pub struct DatadogAgentFeaturesSbomHost { pub enabled: Option, } +/// ServiceDiscovery +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentFeaturesServiceDiscovery { + /// Enables the service discovery check. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// TCPQueueLength configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentFeaturesTcpQueueLength { @@ -1424,6 +1623,12 @@ pub struct DatadogAgentFeaturesUsm { /// Global settings to configure the agents #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentGlobal { + /// ChecksTagCardinality configures tag cardinality for the metrics collected by integrations (`low`, `orchestrator` or `high`). + /// See also: https://docs.datadoghq.com/getting_started/tagging/assigning_tags/?tab=containerizedenvironments#tags-cardinality. + /// Not set by default to avoid overriding existing DD_CHECKS_TAG_CARDINALITY configurations, the default value in the Agent is low. + /// Ref: https://github.com/DataDog/datadog-agent/blob/856cf4a66142ce91fd4f8a278149436eb971184a/pkg/config/setup/config.go#L625. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "checksTagCardinality")] + pub checks_tag_cardinality: Option, /// ClusterAgentToken is the token for communication between the NodeAgent and ClusterAgent. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterAgentToken")] pub cluster_agent_token: Option, @@ -1455,12 +1660,27 @@ pub struct DatadogAgentGlobal { /// Overrides the site setting defined in `Site`. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, + /// Env contains a list of environment variables that are set for all Agents. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, /// FIPS contains configuration used to customize the FIPS proxy sidecar. #[serde(default, skip_serializing_if = "Option::is_none")] pub fips: Option, /// Kubelet contains the kubelet configuration parameters. #[serde(default, skip_serializing_if = "Option::is_none")] pub kubelet: Option, + /// Provide a mapping of Kubernetes Resource Groups to annotations mapping to Datadog Tags. + /// : + /// : + /// KUBERNETES_RESOURCE_GROUP should be in the form `{resource}.{group}` or `{resource}` (example: deployments.apps, pods) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesResourcesAnnotationsAsTags")] + pub kubernetes_resources_annotations_as_tags: Option>, + /// Provide a mapping of Kubernetes Resource Groups to labels mapping to Datadog Tags. + /// : + /// : + /// KUBERNETES_RESOURCE_GROUP should be in the form `{resource}.{group}` or `{resource}` (example: deployments.apps, pods) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesResourcesLabelsAsTags")] + pub kubernetes_resources_labels_as_tags: Option>, /// LocalService contains configuration to customize the internal traffic policy service. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localService")] pub local_service: Option, @@ -1497,10 +1717,24 @@ pub struct DatadogAgentGlobal { pub pod_labels_as_tags: Option>, /// Registry is the image registry to use for all Agent images. /// Use 'public.ecr.aws/datadog' for AWS ECR. + /// Use 'datadoghq.azurecr.io' for Azure Container Registry. + /// Use 'gcr.io/datadoghq' for Google Container Registry. + /// Use 'eu.gcr.io/datadoghq' for Google Container Registry in the EU region. + /// Use 'asia.gcr.io/datadoghq' for Google Container Registry in the Asia region. /// Use 'docker.io/datadog' for DockerHub. /// Default: 'gcr.io/datadoghq' #[serde(default, skip_serializing_if = "Option::is_none")] pub registry: Option, + /// Configure whether the Process Agent or core Agent collects process and/or container information (Linux only). + /// The Process Agent container won't spin up if there are no other running checks as a result. + /// (Requires Agent 7.57.0+) + /// Default: 'false' + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runProcessChecksInCoreAgent")] + pub run_process_checks_in_core_agent: Option, + /// Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management + /// See also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretBackend")] + pub secret_backend: Option, /// Site is the Datadog intake site Agent data are sent to. /// Set to 'datadoghq.com' to send data to the US1 site (default). /// Set to 'datadoghq.eu' to send data to the EU site. @@ -1633,6 +1867,106 @@ pub struct DatadogAgentGlobalEndpointCredentialsAppSecret { pub secret_name: String, } +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// FIPS contains configuration used to customize the FIPS proxy sidecar. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentGlobalFips { @@ -1721,16 +2055,12 @@ pub struct DatadogAgentGlobalFipsImage { /// To be used if the Name field does not correspond to a full image string. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jmxEnabled")] pub jmx_enabled: Option, - /// Define the image to use: - /// Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - /// Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - /// Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - /// Use "agent" with the registry and tag configurations for /agent:. - /// Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - /// If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - /// and `global.registry` values are ignored. - /// Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - /// image string is created using default registry unless `global.registry` is configured. + /// Defines the Agent image name for the pod. You can provide this as: + /// * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + /// The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + /// * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + /// * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + /// like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The Kubernetes pull policy: @@ -1752,8 +2082,10 @@ pub struct DatadogAgentGlobalFipsImage { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentGlobalFipsImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1764,11 +2096,9 @@ pub struct DatadogAgentGlobalFipsResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1791,6 +2121,11 @@ pub struct DatadogAgentGlobalFipsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Kubelet contains the kubelet configuration parameters. @@ -1837,8 +2172,10 @@ pub struct DatadogAgentGlobalKubeletHostConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1878,8 +2215,10 @@ pub struct DatadogAgentGlobalKubeletHostSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1956,6 +2295,42 @@ pub struct DatadogAgentGlobalOriginDetectionUnified { pub enabled: Option, } +/// Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management +/// See also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalSecretBackend { + /// List of arguments to pass to the command (space-separated strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option, + /// The secret backend command to use. Datadog provides a pre-defined binary `/readsecret_multiple_providers.sh`. + /// Read more about `/readsecret_multiple_providers.sh` at https://docs.datadoghq.com/agent/configuration/secrets-management/?tab=linux#script-for-reading-from-multiple-secret-providers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option, + /// Whether to create a global permission allowing Datadog agents to read all Kubernetes secrets. + /// Default: `false`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableGlobalPermissions")] + pub enable_global_permissions: Option, + /// Roles for Datadog to read the specified secrets, replacing `enableGlobalPermissions`. + /// They are defined as a list of namespace/secrets. + /// Each defined namespace needs to be present in the DatadogAgent controller using `WATCH_NAMESPACE` or `DD_AGENT_WATCH_NAMESPACE`. + /// See also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md#how-to-deploy-the-agent-components-using-the-secret-backend-feature-with-datadogagent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub roles: Option>, + /// The command timeout in seconds. + /// Default: `30`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub timeout: Option, +} + +/// SecretBackendRolesConfig provides configuration of the secrets Datadog agents can read for the SecretBackend feature +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentGlobalSecretBackendRoles { + /// Namespace defines the namespace in which the secrets reside. + pub namespace: String, + /// Secrets defines the list of secrets for which a role should be created. + pub secrets: Vec, +} + /// Override the default configurations of the agents #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverride { @@ -1967,10 +2342,13 @@ pub struct DatadogAgentOverride { pub annotations: Option>, /// Configure the basic configurations for each Agent container. Valid Agent container names are: /// `agent`, `cluster-agent`, `init-config`, `init-volume`, `process-agent`, `seccomp-setup`, - /// `security-agent`, `system-probe`, `trace-agent`, and `all`. - /// Configuration under `all` applies to all configured containers. + /// `security-agent`, `system-probe`, and `trace-agent`. #[serde(default, skip_serializing_if = "Option::is_none")] pub containers: Option>, + /// Set CreatePodDisruptionBudget to true to create a PodDisruptionBudget for this component. + /// Not applicable for the Node Agent. A Cluster Agent PDB is set with 1 minimum available pod, and a Cluster Checks Runner PDB is set with 1 maximum unavailable pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "createPodDisruptionBudget")] + pub create_pod_disruption_budget: Option, /// Set CreateRbac to false to prevent automatic creation of Role/ClusterRole for this component #[serde(default, skip_serializing_if = "Option::is_none", rename = "createRbac")] pub create_rbac: Option, @@ -2000,6 +2378,10 @@ pub struct DatadogAgentOverride { /// See also: https://docs.datadoghq.com/agent/kubernetes/?tab=helm#environment-variables #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// EnvFrom specifies the ConfigMaps and Secrets to expose as environment variables. + /// Priority is env > envFrom. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] + pub env_from: Option>, /// Checksd configuration allowing to specify custom checks placed under /etc/datadog-agent/checks.d/ /// See https://docs.datadoghq.com/agent/guide/agent-configuration-files/?tab=agentv6 for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraChecksd")] @@ -2023,9 +2405,8 @@ pub struct DatadogAgentOverride { /// Name overrides the default name for the resource #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// NodeSelector is a selector which must be true for the pod to fit on a node. - /// Selector which must match a node's labels for the pod to be scheduled on that node. - /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + /// A map of key-value pairs. For this pod to run on a specific node, the node must have these key-value pairs as labels. + /// See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, /// If specified, indicates the pod's priority. "system-node-critical" and "system-cluster-critical" @@ -2038,9 +2419,17 @@ pub struct DatadogAgentOverride { /// Not applicable for a DaemonSet/ExtendedDaemonSet deployment #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, + /// If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. + /// If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. + /// If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runtimeClassName")] + pub runtime_class_name: Option, /// Pod-level SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// Sets the ServiceAccountAnnotations used by this component. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountAnnotations")] + pub service_account_annotations: Option>, /// Sets the ServiceAccount used by this component. /// Ignored if the field CreateRbac is true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] @@ -2251,8 +2640,31 @@ pub struct DatadogAgentOverrideAffinityPodAffinityPreferredDuringSchedulingIgnor #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2276,6 +2688,7 @@ pub struct DatadogAgentOverrideAffinityPodAffinityPreferredDuringSchedulingIgnor } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2348,8 +2761,31 @@ pub struct DatadogAgentOverrideAffinityPodAffinityPreferredDuringSchedulingIgnor #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2373,6 +2809,7 @@ pub struct DatadogAgentOverrideAffinityPodAffinityRequiredDuringSchedulingIgnore } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2476,8 +2913,31 @@ pub struct DatadogAgentOverrideAffinityPodAntiAffinityPreferredDuringSchedulingI #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2501,6 +2961,7 @@ pub struct DatadogAgentOverrideAffinityPodAntiAffinityPreferredDuringSchedulingI } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2573,8 +3034,31 @@ pub struct DatadogAgentOverrideAffinityPodAntiAffinityPreferredDuringSchedulingI #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2598,6 +3082,7 @@ pub struct DatadogAgentOverrideAffinityPodAntiAffinityRequiredDuringSchedulingIg } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2663,8 +3148,7 @@ pub struct DatadogAgentOverrideAffinityPodAntiAffinityRequiredDuringSchedulingIg /// Configure the basic configurations for each Agent container. Valid Agent container names are: /// `agent`, `cluster-agent`, `init-config`, `init-volume`, `process-agent`, `seccomp-setup`, -/// `security-agent`, `system-probe`, `trace-agent`, and `all`. -/// Configuration under `all` applies to all configured containers. +/// `security-agent`, `system-probe`, and `trace-agent`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideContainers { /// AppArmorProfileName specifies an apparmor profile. @@ -2710,6 +3194,9 @@ pub struct DatadogAgentOverrideContainers { /// Container-level SecurityContext. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// Configure the Startup Probe of the container + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] + pub startup_probe: Option, /// Specify additional volume mounts in the container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, @@ -2761,8 +3248,10 @@ pub struct DatadogAgentOverrideContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2802,8 +3291,10 @@ pub struct DatadogAgentOverrideContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2881,7 +3372,6 @@ pub struct DatadogAgentOverrideContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3002,7 +3492,6 @@ pub struct DatadogAgentOverrideContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3061,11 +3550,9 @@ pub struct DatadogAgentOverrideContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -3088,6 +3575,11 @@ pub struct DatadogAgentOverrideContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Seccomp configurations to override Operator actions. For all other Seccomp Profile manipulation, @@ -3160,6 +3652,11 @@ pub struct DatadogAgentOverrideContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3172,7 +3669,7 @@ pub struct DatadogAgentOverrideContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -3226,6 +3723,26 @@ pub struct DatadogAgentOverrideContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3275,7 +3792,6 @@ pub struct DatadogAgentOverrideContainersSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3311,6 +3827,126 @@ pub struct DatadogAgentOverrideContainersSecurityContextWindowsOptions { pub run_as_user_name: Option, } +/// Configure the Startup Probe of the container +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideContainersStartupProbe { + /// Exec specifies the action to take. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + /// GRPC specifies an action involving a GRPC port. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + /// HTTPGet specifies the http request to perform. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] + pub initial_delay_seconds: Option, + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] + pub period_seconds: Option, + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + /// TCPSocket specifies an action involving a TCP port. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Exec specifies the action to take. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideContainersStartupProbeExec { + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// GRPC specifies an action involving a GRPC port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideContainersStartupProbeGrpc { + /// Port number of the gRPC service. Number must be in the range 1 to 65535. + pub port: i32, + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// If this is not specified, the default behavior is defined by gRPC. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +/// HTTPGet specifies the http request to perform. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideContainersStartupProbeHttpGet { + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Custom headers to set in the request. HTTP allows repeated headers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] + pub http_headers: Option>, + /// Path to access on the HTTP server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// HTTPHeader describes a custom header to be used in HTTP probes +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideContainersStartupProbeHttpGetHttpHeaders { + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. + pub name: String, + /// The header field value + pub value: String, +} + +/// TCPSocket specifies an action involving a TCP port. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideContainersStartupProbeTcpSocket { + /// Optional: Host name to connect to, defaults to the pod IP. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. + pub port: IntOrString, +} + /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideContainersVolumeMounts { @@ -3322,6 +3958,8 @@ pub struct DatadogAgentOverrideContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -3330,6 +3968,24 @@ pub struct DatadogAgentOverrideContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -3465,8 +4121,10 @@ pub struct DatadogAgentOverrideEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3506,8 +4164,10 @@ pub struct DatadogAgentOverrideEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3515,6 +4175,50 @@ pub struct DatadogAgentOverrideEnvValueFromSecretKeyRef { pub optional: Option, } +/// EnvFromSource represents the source of a set of ConfigMaps +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideEnvFrom { + /// The ConfigMap to select from + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] + pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, + /// The Secret to select from + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, +} + +/// The ConfigMap to select from +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideEnvFromConfigMapRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// The Secret to select from +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideEnvFromSecretRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// Checksd configuration allowing to specify custom checks placed under /etc/datadog-agent/checks.d/ /// See https://docs.datadoghq.com/agent/guide/agent-configuration-files/?tab=agentv6 for more details. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3610,16 +4314,12 @@ pub struct DatadogAgentOverrideImage { /// To be used if the Name field does not correspond to a full image string. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jmxEnabled")] pub jmx_enabled: Option, - /// Define the image to use: - /// Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - /// Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - /// Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - /// Use "agent" with the registry and tag configurations for /agent:. - /// Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - /// If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - /// and `global.registry` values are ignored. - /// Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - /// image string is created using default registry unless `global.registry` is configured. + /// Defines the Agent image name for the pod. You can provide this as: + /// * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + /// The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + /// * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + /// * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + /// like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The Kubernetes pull policy: @@ -3641,8 +4341,10 @@ pub struct DatadogAgentOverrideImage { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3650,16 +4352,18 @@ pub struct DatadogAgentOverrideImagePullSecrets { /// Pod-level SecurityContext. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -3709,15 +4413,24 @@ pub struct DatadogAgentOverrideSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -3731,6 +4444,25 @@ pub struct DatadogAgentOverrideSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -3766,7 +4498,6 @@ pub struct DatadogAgentOverrideSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3905,7 +4636,6 @@ pub struct DatadogAgentOverrideVolumes { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -3916,17 +4646,14 @@ pub struct DatadogAgentOverrideVolumes { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3961,11 +4688,24 @@ pub struct DatadogAgentOverrideVolumes { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -4024,7 +4764,6 @@ pub struct DatadogAgentOverrideVolumesAwsElasticBlockStore { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -4117,8 +4856,10 @@ pub struct DatadogAgentOverrideVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesCephfsSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4153,8 +4894,10 @@ pub struct DatadogAgentOverrideVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesCinderSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4181,8 +4924,10 @@ pub struct DatadogAgentOverrideVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -4246,8 +4991,10 @@ pub struct DatadogAgentOverrideVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesCsiNodePublishSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4273,7 +5020,7 @@ pub struct DatadogAgentOverrideVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -4292,7 +5039,7 @@ pub struct DatadogAgentOverrideVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -4341,7 +5088,6 @@ pub struct DatadogAgentOverrideVolumesEmptyDir { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -4352,17 +5098,14 @@ pub struct DatadogAgentOverrideVolumesEmptyDir { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -4375,7 +5118,6 @@ pub struct DatadogAgentOverrideVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -4385,11 +5127,9 @@ pub struct DatadogAgentOverrideVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -4403,7 +5143,6 @@ pub struct DatadogAgentOverrideVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -4413,11 +5152,9 @@ pub struct DatadogAgentOverrideVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesEphemeralVolumeClaimTemplate { @@ -4499,6 +5236,20 @@ pub struct DatadogAgentOverrideVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -4577,17 +5328,6 @@ pub struct DatadogAgentOverrideVolumesEphemeralVolumeClaimTemplateSpecDataSource /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4600,15 +5340,6 @@ pub struct DatadogAgentOverrideVolumesEphemeralVolumeClaimTemplateSpecResources pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct DatadogAgentOverrideVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -4645,7 +5376,6 @@ pub struct DatadogAgentOverrideVolumesFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -4699,8 +5429,10 @@ pub struct DatadogAgentOverrideVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesFlexVolumeSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4726,7 +5458,6 @@ pub struct DatadogAgentOverrideVolumesGcePersistentDisk { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -4788,9 +5519,6 @@ pub struct DatadogAgentOverrideVolumesGlusterfs { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesHostPath { /// path of the directory on the host. @@ -4804,6 +5532,39 @@ pub struct DatadogAgentOverrideVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -4819,7 +5580,6 @@ pub struct DatadogAgentOverrideVolumesIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -4856,8 +5616,10 @@ pub struct DatadogAgentOverrideVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesIscsiSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4935,14 +5697,31 @@ pub struct DatadogAgentOverrideVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -4957,6 +5736,80 @@ pub struct DatadogAgentOverrideVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentOverrideVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesProjectedSourcesConfigMap { @@ -4970,8 +5823,10 @@ pub struct DatadogAgentOverrideVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5010,7 +5865,7 @@ pub struct DatadogAgentOverrideVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -5029,7 +5884,7 @@ pub struct DatadogAgentOverrideVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -5067,8 +5922,10 @@ pub struct DatadogAgentOverrideVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -5153,7 +6010,6 @@ pub struct DatadogAgentOverrideVolumesRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -5197,8 +6053,10 @@ pub struct DatadogAgentOverrideVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesRbdSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5248,8 +6106,10 @@ pub struct DatadogAgentOverrideVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesScaleIoSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5340,8 +6200,10 @@ pub struct DatadogAgentOverrideVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentOverrideVolumesStorageosSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5600,6 +6462,9 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeatures { /// OrchestratorExplorer check configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "orchestratorExplorer")] pub orchestrator_explorer: Option, + /// OtelCollector configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "otelCollector")] + pub otel_collector: Option, /// OTLP ingest configuration #[serde(default, skip_serializing_if = "Option::is_none")] pub otlp: Option, @@ -5615,6 +6480,9 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeatures { /// SBOM collection configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub sbom: Option, + /// ServiceDiscovery + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDiscovery")] + pub service_discovery: Option, /// TCPQueueLength configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpQueueLength")] pub tcp_queue_length: Option, @@ -5643,16 +6511,25 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle /// FailurePolicy determines how unrecognized and timeout errors are handled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] pub failure_policy: Option, + /// KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesAdmissionEvents")] + pub kubernetes_admission_events: Option, /// MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled="true"'. /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "mutateUnlabelled")] pub mutate_unlabelled: Option, + /// Mutation contains Admission Controller mutation configurations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mutation: Option, /// Registry defines an image registry for the admission controller. #[serde(default, skip_serializing_if = "Option::is_none")] pub registry: Option, /// ServiceName corresponds to the webhook service name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] pub service_name: Option, + /// Validation contains Admission Controller validation configurations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub validation: Option, /// WebhookName is a custom name for the MutatingWebhookConfiguration. /// Default: "datadog-webhook" #[serde(default, skip_serializing_if = "Option::is_none", rename = "webhookName")] @@ -5697,16 +6574,12 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle /// To be used if the Name field does not correspond to a full image string. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jmxEnabled")] pub jmx_enabled: Option, - /// Define the image to use: - /// Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - /// Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - /// Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - /// Use "agent" with the registry and tag configurations for /agent:. - /// Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - /// If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - /// and `global.registry` values are ignored. - /// Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - /// image string is created using default registry unless `global.registry` is configured. + /// Defines the Agent image name for the pod. You can provide this as: + /// * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + /// The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + /// * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + /// * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + /// like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The Kubernetes pull policy: @@ -5728,8 +6601,10 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControllerAgentSidecarInjectionImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5791,8 +6666,10 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -5832,8 +6709,10 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -5847,11 +6726,9 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -5874,6 +6751,11 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Selectors define a pod selector for sidecar injection. @@ -5960,6 +6842,33 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControlle pub mode: Option, } +/// KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControllerKubernetesAdmissionEvents { + /// Enable the Kubernetes Admission Events feature. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + +/// Mutation contains Admission Controller mutation configurations. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControllerMutation { + /// Enabled enables the Admission Controller mutation webhook. + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + +/// Validation contains Admission Controller validation configurations. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesAdmissionControllerValidation { + /// Enabled enables the Admission Controller validation webhook. + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// APM (Application Performance Monitoring) configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesApm { @@ -5992,7 +6901,6 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesApm { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesApmHostPortConfig { /// Enabled enables host port configuration - /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) @@ -6332,7 +7240,6 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesDogstatsd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesDogstatsdHostPortConfig { /// Enabled enables host port configuration - /// Default: false #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) @@ -6773,6 +7680,117 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOrchestratorExplor pub path: String, } +/// OtelCollector configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtelCollector { + /// Conf overrides the configuration for the default Kubernetes State Metrics Core check. + /// This must point to a ConfigMap containing a valid cluster check configuration. + /// When passing a configmap, file name *must* be otel-config.yaml. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conf: Option, + /// OTelCollector Config Relevant to the Core agent + #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreConfig")] + pub core_config: Option, + /// Enabled enables the OTel Agent. + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Ports contains the ports for the otel-agent. + /// Defaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317 + /// or 4318 manually is *only* supported if name match default names (otel-grpc, otel-http). + /// If not, this will lead to a port conflict. + /// This limitation will be lifted once annotations support is removed. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option>, +} + +/// Conf overrides the configuration for the default Kubernetes State Metrics Core check. +/// This must point to a ConfigMap containing a valid cluster check configuration. +/// When passing a configmap, file name *must* be otel-config.yaml. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtelCollectorConf { + /// ConfigData corresponds to the configuration file content. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configData")] + pub config_data: Option, + /// ConfigMap references an existing ConfigMap with the configuration file content. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, +} + +/// ConfigMap references an existing ConfigMap with the configuration file content. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtelCollectorConfConfigMap { + /// Items maps a ConfigMap data `key` to a file `path` mount. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub items: Option>, + /// Name is the name of the ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Maps a string key to a path within a volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtelCollectorConfConfigMapItems { + /// key is the key to project. + pub key: String, + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. + pub path: String, +} + +/// OTelCollector Config Relevant to the Core agent +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtelCollectorCoreConfig { + /// Enabled marks otelcollector as enabled in core agent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Extension URL provides the timout of the ddflareextension to + /// the core agent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extensionTimeout")] + pub extension_timeout: Option, + /// Extension URL provides the URL of the ddflareextension to + /// the core agent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extensionURL")] + pub extension_url: Option, +} + +/// ContainerPort represents a network port in a single container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtelCollectorPorts { + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. + #[serde(rename = "containerPort")] + pub container_port: i32, + /// What host IP to bind the external port to. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] + pub host_ip: Option, + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] + pub host_port: Option, + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, +} + /// OTLP ingest configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtlp { @@ -6803,7 +7821,7 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtlpReceiverProtoc /// GRPC contains configuration for the OTLP ingest OTLP/gRPC receiver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtlpReceiverProtocolsGrpc { - /// Enable the OTLP/gRPC endpoint. + /// Enable the OTLP/gRPC endpoint. Host port is enabled by default and can be disabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Endpoint for OTLP/gRPC. @@ -6812,18 +7830,52 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtlpReceiverProtoc /// Default: `0.0.0.0:4317`. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, + /// Enable hostPort for OTLP/gRPC + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPortConfig")] + pub host_port_config: Option, +} + +/// Enable hostPort for OTLP/gRPC +/// Default: true +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtlpReceiverProtocolsGrpcHostPortConfig { + /// Enabled enables host port configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) + /// If HostNetwork is enabled, this value must match the ContainerPort. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] + pub host_port: Option, } /// HTTP contains configuration for the OTLP ingest OTLP/HTTP receiver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtlpReceiverProtocolsHttp { - /// Enable the OTLP/HTTP endpoint. + /// Enable the OTLP/HTTP endpoint. Host port is enabled by default and can be disabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, /// Endpoint for OTLP/HTTP. /// Default: '0.0.0.0:4318'. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, + /// Enable hostPorts for OTLP/HTTP + /// Default: true + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPortConfig")] + pub host_port_config: Option, +} + +/// Enable hostPorts for OTLP/HTTP +/// Default: true +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesOtlpReceiverProtocolsHttpHostPortConfig { + /// Enabled enables host port configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) + /// If HostNetwork is enabled, this value must match the ContainerPort. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] + pub host_port: Option, } /// ProcessDiscovery configuration. @@ -6911,6 +7963,15 @@ pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesSbomHost { pub enabled: Option, } +/// ServiceDiscovery +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesServiceDiscovery { + /// Enables the service discovery check. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// TCPQueueLength configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DatadogAgentStatusRemoteConfigConfigurationFeaturesTcpQueueLength { diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/actionsets.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/actionsets.rs index b307c5bdc..efb89a68c 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/actionsets.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/actionsets.rs @@ -6,6 +6,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; + pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; } use self::prelude::*; @@ -28,6 +29,7 @@ pub struct ActionSetSpec { /// - `Incremental` back up data that have changed since the last backup (either full or incremental). /// - `Differential` back up data that has changed since the last full backup. /// - `Continuous` back up transaction logs continuously, such as MySQL binlog, PostgreSQL WAL, etc. + /// - `Selective` back up data more precisely, use custom parameters, such as specific databases or tables. /// /// /// Continuous backup is essential for implementing Point-in-Time Recovery (PITR). @@ -46,6 +48,9 @@ pub struct ActionSetSpec { /// This field cannot be updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, + /// Specifies the schema of parameters in backups and restores before their usage. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parametersSchema")] + pub parameters_schema: Option, /// Specifies the restore action. #[serde(default, skip_serializing_if = "Option::is_none")] pub restore: Option, @@ -67,6 +72,9 @@ pub struct ActionSetBackup { /// Note: The preDelete action job will ignore the env/envFrom. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preDelete")] pub pre_delete: Option, + /// Specifies the parameters used by the backup action + #[serde(default, skip_serializing_if = "Option::is_none", rename = "withParameters")] + pub with_parameters: Option>, } /// Represents the action to be performed for backing up data. @@ -377,6 +385,19 @@ pub struct ActionSetEnvFromSecretRef { pub optional: Option, } +/// Specifies the schema of parameters in backups and restores before their usage. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ActionSetParametersSchema { + /// Defines the schema for parameters using the OpenAPI v3. + /// The supported property types include: + /// - string + /// - number + /// - integer + /// - array: Note that only items of string type are supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "openAPIV3Schema")] + pub open_apiv3_schema: Option>, +} + /// Specifies the restore action. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ActionSetRestore { @@ -389,6 +410,9 @@ pub struct ActionSetRestore { /// Specifies the action required to prepare data for restoration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "prepareData")] pub prepare_data: Option, + /// Specifies the parameters used by the restore action + #[serde(default, skip_serializing_if = "Option::is_none", rename = "withParameters")] + pub with_parameters: Option>, } /// ActionSpec defines an action that should be executed. Only one of the fields may be set. diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs index d157cdf95..a34e7d284 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs @@ -70,6 +70,9 @@ pub struct BackupPolicyBackupMethods { /// will use the CSI volume snapshotter to create the snapshot. #[serde(default, skip_serializing_if = "Option::is_none", rename = "actionSetName")] pub action_set_name: Option, + /// The name of the compatible full backup method, used by incremental backups. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "compatibleMethod")] + pub compatible_method: Option, /// Specifies the environment variables for the backup workload. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs index 10b144ef3..c3e773f9b 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs @@ -41,6 +41,10 @@ pub struct BackupSpec { /// The current implementation only prevent accidental deletion of backup data. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionPolicy")] pub deletion_policy: Option, + /// Specifies a list of name-value pairs representing parameters and their corresponding values. + /// Parameters match the schema specified in the `actionset.spec.parametersSchema` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub parameters: Option>, /// Determines the parent backup name for incremental or differential backup. #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentBackupName")] pub parent_backup_name: Option, @@ -63,6 +67,14 @@ pub struct BackupSpec { pub retention_period: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupParameters { + /// Represents the name of the parameter. + pub name: String, + /// Represents the parameter values. + pub value: String, +} + /// BackupStatus defines the observed state of Backup. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStatus { @@ -76,6 +88,10 @@ pub struct BackupStatus { /// The name of the backup repository. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupRepoName")] pub backup_repo_name: Option, + /// Records the base full backup name for incremental backup or differential backup. + /// When the base backup is deleted, the backup will also be deleted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseBackupName")] + pub base_backup_name: Option, /// Records the time when the backup operation was completed. /// This timestamp is recorded even if the backup operation fails. /// The server's time is used for this timestamp. @@ -104,6 +120,10 @@ pub struct BackupStatus { /// Records the path of the Kopia repository. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kopiaRepoPath")] pub kopia_repo_path: Option, + /// Records the parent backup name for incremental or differential backup. + /// When the parent backup is deleted, the backup will also be deleted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentBackupName")] + pub parent_backup_name: Option, /// The directory within the backup repository where the backup data is stored. /// This is an absolute path within the backup repository. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -262,6 +282,9 @@ pub struct BackupStatusBackupMethod { /// will use the CSI volume snapshotter to create the snapshot. #[serde(default, skip_serializing_if = "Option::is_none", rename = "actionSetName")] pub action_set_name: Option, + /// The name of the compatible full backup method, used by incremental backups. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "compatibleMethod")] + pub compatible_method: Option, /// Specifies the environment variables for the backup workload. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backupschedules.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backupschedules.rs index 69cfa8d2e..065a67329 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backupschedules.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backupschedules.rs @@ -42,6 +42,14 @@ pub struct BackupScheduleSchedules { /// Specifies whether the backup schedule is enabled or not. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, + /// Specifies the name of the schedule. Names cannot be duplicated. + /// If the name is empty, it will be considered the same as the value of the backupMethod below. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specifies a list of name-value pairs representing parameters and their corresponding values. + /// Parameters match the schema specified in the `actionset.spec.parametersSchema` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub parameters: Option>, /// Determines the duration for which the backup should be kept. /// KubeBlocks will remove all backups that are older than the RetentionPeriod. /// For example, RetentionPeriod of `30d` will keep only the backups of last 30 days. @@ -60,6 +68,14 @@ pub struct BackupScheduleSchedules { pub retention_period: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupScheduleSchedulesParameters { + /// Represents the name of the parameter. + pub name: String, + /// Represents the parameter values. + pub value: String, +} + /// BackupScheduleStatus defines the observed state of BackupSchedule. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupScheduleStatus { diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs index d50cf9c76..e2cecd206 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs @@ -42,6 +42,10 @@ pub struct RestoreSpec { /// The priority of merging is as follows: `Restore env > Backup env > ActionSet env`. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// Specifies a list of name-value pairs representing parameters and their corresponding values. + /// Parameters match the schema specified in the `actionset.spec.parametersSchema` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub parameters: Option>, /// Configuration for the action of "prepareData" phase, including the persistent volume claims /// that need to be restored and scheduling strategy of temporary recovery pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "prepareDataConfig")] @@ -209,6 +213,14 @@ pub struct RestoreEnvValueFromSecretKeyRef { pub optional: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RestoreParameters { + /// Represents the name of the parameter. + pub name: String, + /// Represents the parameter values. + pub value: String, +} + /// Configuration for the action of "prepareData" phase, including the persistent volume claims /// that need to be restored and scheduling strategy of temporary recovery pod. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] diff --git a/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devicemodels.rs b/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devicemodels.rs index 68deb6f82..3cce23319 100644 --- a/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devicemodels.rs +++ b/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devicemodels.rs @@ -9,7 +9,8 @@ mod prelude { } use self::prelude::*; -/// DeviceModelSpec defines the model / template for a device.It is a blueprint which describes the device capabilities and access mechanism via property visitors. +/// DeviceModelSpec defines the model / template for a device.It is a blueprint which describes the device +/// capabilities and access mechanism via property visitors. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "devices.kubeedge.io", version = "v1alpha2", kind = "DeviceModel", plural = "devicemodels")] #[kube(namespaced)] diff --git a/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devices.rs b/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devices.rs index 908b88964..836ed99c9 100644 --- a/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devices.rs +++ b/kube-custom-resources-rs/src/devices_kubeedge_io/v1alpha2/devices.rs @@ -18,16 +18,20 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct DeviceSpec { - /// Data section describe a list of time-series properties which should be processed on edge node. + /// Data section describe a list of time-series properties which should be processed + /// on edge node. #[serde(default, skip_serializing_if = "Option::is_none")] pub data: Option, - /// Required: DeviceModelRef is reference to the device model used as a template to create the device instance. + /// Required: DeviceModelRef is reference to the device model used as a template + /// to create the device instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceModelRef")] pub device_model_ref: Option, - /// NodeSelector indicates the binding preferences between devices and nodes. Refer to k8s.io/kubernetes/pkg/apis/core NodeSelector for more details + /// NodeSelector indicates the binding preferences between devices and nodes. + /// Refer to k8s.io/kubernetes/pkg/apis/core NodeSelector for more details #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, - /// List of property visitors which describe how to access the device properties. PropertyVisitors must unique by propertyVisitor.propertyName. + /// List of property visitors which describe how to access the device properties. + /// PropertyVisitors must unique by propertyVisitor.propertyName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propertyVisitors")] pub property_visitors: Option>, /// Required: The protocol configuration used to connect to the device. @@ -35,13 +39,16 @@ pub struct DeviceSpec { pub protocol: Option, } -/// Data section describe a list of time-series properties which should be processed on edge node. +/// Data section describe a list of time-series properties which should be processed +/// on edge node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceData { /// Required: A list of data properties, which are not required to be processed by edgecore #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataProperties")] pub data_properties: Option>, - /// Topic used by mapper, all data collected from dataProperties should be published to this topic, the default value is $ke/events/device/+/data/update + /// Topic used by mapper, all data collected from dataProperties + /// should be published to this topic, + /// the default value is $ke/events/device/+/data/update #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataTopic")] pub data_topic: Option, } @@ -52,20 +59,29 @@ pub struct DeviceDataDataProperties { /// Additional metadata like timestamp when the value was reported etc. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option>, - /// Required: The property name for which should be processed by external apps. This property should be present in the device model. + /// Required: The property name for which should be processed by external apps. + /// This property should be present in the device model. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propertyName")] pub property_name: Option, } -/// Required: DeviceModelRef is reference to the device model used as a template to create the device instance. +/// Required: DeviceModelRef is reference to the device model used as a template +/// to create the device instance. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceDeviceModelRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// NodeSelector indicates the binding preferences between devices and nodes. Refer to k8s.io/kubernetes/pkg/apis/core NodeSelector for more details +/// NodeSelector indicates the binding preferences between devices and nodes. +/// Refer to k8s.io/kubernetes/pkg/apis/core NodeSelector for more details #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceNodeSelector { /// Required. A list of node selector terms. The terms are ORed. @@ -73,7 +89,9 @@ pub struct DeviceNodeSelector { pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceNodeSelectorNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -84,31 +102,45 @@ pub struct DeviceNodeSelectorNodeSelectorTerms { pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceNodeSelectorNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceNodeSelectorNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// DevicePropertyVisitor describes the specifics of accessing a particular device property. Visitors are intended to be consumed by device mappers which connect to devices and collect data / perform actions on the device. +/// DevicePropertyVisitor describes the specifics of accessing a particular device +/// property. Visitors are intended to be consumed by device mappers which connect to devices +/// and collect data / perform actions on the device. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevicePropertyVisitors { /// Bluetooth represents a set of additional visitor config fields of bluetooth protocol. @@ -129,7 +161,8 @@ pub struct DevicePropertyVisitors { /// Opcua represents a set of additional visitor config fields of opc-ua protocol. #[serde(default, skip_serializing_if = "Option::is_none")] pub opcua: Option, - /// Required: The device property name to be accessed. This should refer to one of the device properties defined in the device model. + /// Required: The device property name to be accessed. This should refer to one of the + /// device properties defined in the device model. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propertyName")] pub property_name: Option, /// Define how frequent mapper will report the value. @@ -146,7 +179,8 @@ pub struct DevicePropertyVisitorsBluetooth { /// Responsible for converting the data being read from the bluetooth device into a form that is understandable by the platform #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataConverter")] pub data_converter: Option, - /// Responsible for converting the data coming from the platform into a form that is understood by the bluetooth device For example: "ON":[1], "OFF":[0] + /// Responsible for converting the data coming from the platform into a form that is understood by the bluetooth device + /// For example: "ON":[1], "OFF":[0] #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataWrite")] pub data_write: Option>, } @@ -154,7 +188,8 @@ pub struct DevicePropertyVisitorsBluetooth { /// Responsible for converting the data being read from the bluetooth device into a form that is understandable by the platform #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevicePropertyVisitorsBluetoothDataConverter { - /// Required: Specifies the end index of incoming byte stream to be considered to convert the data the value specified should be inclusive for example if 3 is specified it includes the third index + /// Required: Specifies the end index of incoming byte stream to be considered to convert the data + /// the value specified should be inclusive for example if 3 is specified it includes the third index #[serde(default, skip_serializing_if = "Option::is_none", rename = "endIndex")] pub end_index: Option, /// Specifies in what order the operations(which are required to be performed to convert incoming data into understandable form) are performed @@ -166,7 +201,8 @@ pub struct DevicePropertyVisitorsBluetoothDataConverter { /// Refers to the number of bits to shift right, if right-shift operation is necessary for conversion #[serde(default, skip_serializing_if = "Option::is_none", rename = "shiftRight")] pub shift_right: Option, - /// Required: Specifies the start index of the incoming byte stream to be considered to convert the data. For example: start-index:2, end-index:3 concatenates the value present at second and third index of the incoming byte stream. If we want to reverse the order we can give it as start-index:3, end-index:2 + /// Required: Specifies the start index of the incoming byte stream to be considered to convert the data. + /// For example: start-index:2, end-index:3 concatenates the value present at second and third index of the incoming byte stream. If we want to reverse the order we can give it as start-index:3, end-index:2 #[serde(default, skip_serializing_if = "Option::is_none", rename = "startIndex")] pub start_index: Option, } @@ -196,10 +232,12 @@ pub struct DevicePropertyVisitorsCustomizedProtocol { /// Modbus represents a set of additional visitor config fields of modbus protocol. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevicePropertyVisitorsModbus { - /// Indicates whether the high and low register swapped. Defaults to false. + /// Indicates whether the high and low register swapped. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "isRegisterSwap")] pub is_register_swap: Option, - /// Indicates whether the high and low byte swapped. Defaults to false. + /// Indicates whether the high and low byte swapped. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "isSwap")] pub is_swap: Option, /// Required: Limit number of registers to read/write. @@ -211,7 +249,8 @@ pub struct DevicePropertyVisitorsModbus { /// Required: Type of register #[serde(default, skip_serializing_if = "Option::is_none")] pub register: Option, - /// The scale to convert raw property data into final units. Defaults to 1.0 + /// The scale to convert raw property data into final units. + /// Defaults to 1.0 #[serde(default, skip_serializing_if = "Option::is_none")] pub scale: Option, } @@ -406,7 +445,8 @@ pub struct DeviceProtocolCustomizedProtocol { /// Any config data #[serde(default, skip_serializing_if = "Option::is_none", rename = "configData")] pub config_data: Option>, - /// Unique protocol name Required. + /// Unique protocol name + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protocolName")] pub protocol_name: Option, } @@ -451,18 +491,26 @@ pub struct DeviceProtocolOpcua { /// DeviceStatus reports the device state and the desired/reported values of twin attributes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceStatus { - /// A list of device twins containing desired/reported desired/reported values of twin properties. Optional: A passive device won't have twin properties and this list could be empty. + /// A list of device twins containing desired/reported desired/reported values of twin properties. + /// Optional: A passive device won't have twin properties and this list could be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub twins: Option>, } -/// Twin provides a logical representation of control properties (writable properties in the device model). The properties can have a Desired state and a Reported state. The cloud configures the `Desired`state of a device property and this configuration update is pushed to the edge node. The mapper sends a command to the device to change this property value as per the desired state . It receives the `Reported` state of the property once the previous operation is complete and sends the reported state to the cloud. Offline device interaction in the edge is possible via twin properties for control/command operations. +/// Twin provides a logical representation of control properties (writable properties in the +/// device model). The properties can have a Desired state and a Reported state. The cloud configures +/// the `Desired`state of a device property and this configuration update is pushed to the edge node. +/// The mapper sends a command to the device to change this property value as per the desired state . +/// It receives the `Reported` state of the property once the previous operation is complete and sends +/// the reported state to the cloud. Offline device interaction in the edge is possible via twin +/// properties for control/command operations. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceStatusTwins { /// Required: the desired property value. #[serde(default, skip_serializing_if = "Option::is_none")] pub desired: Option, - /// Required: The property name for which the desired/reported values are specified. This property should be present in the device model. + /// Required: The property name for which the desired/reported values are specified. + /// This property should be present in the device model. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propertyName")] pub property_name: Option, /// Required: the reported property value. diff --git a/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devicemodels.rs b/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devicemodels.rs index 0ee8ffaae..55d23c908 100644 --- a/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devicemodels.rs +++ b/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devicemodels.rs @@ -9,7 +9,8 @@ mod prelude { } use self::prelude::*; -/// DeviceModelSpec defines the model for a device.It is a blueprint which describes the device capabilities and access mechanism via property visitors. +/// DeviceModelSpec defines the model for a device.It is a blueprint which describes the device +/// capabilities and access mechanism via property visitors. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "devices.kubeedge.io", version = "v1beta1", kind = "DeviceModel", plural = "devicemodels")] #[kube(namespaced)] @@ -38,7 +39,8 @@ pub struct DeviceModelProperties { pub maximum: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub minimum: Option, - /// Required: The device property name. Note: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo + /// Required: The device property name. + /// Note: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Required: Type of device property, ENUM: INT,FLOAT,DOUBLE,STRING,BOOLEAN,BYTES,STREAM diff --git a/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs b/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs index 0b542e844..15143a7ea 100644 --- a/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs +++ b/kube-custom-resources-rs/src/devices_kubeedge_io/v1beta1/devices.rs @@ -18,16 +18,21 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct DeviceSpec { - /// Required: DeviceModelRef is reference to the device model used as a template to create the device instance. + /// Required: DeviceModelRef is reference to the device model used as a template + /// to create the device instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deviceModelRef")] pub device_model_ref: Option, - /// List of methods of device. methods list item must be unique by method.Name. + /// List of methods of device. + /// methods list item must be unique by method.Name. #[serde(default, skip_serializing_if = "Option::is_none")] pub methods: Option>, - /// NodeName is a request to schedule this device onto a specific node. If it is non-empty, the scheduler simply schedules this device onto that node, assuming that it fits resource requirements. + /// NodeName is a request to schedule this device onto a specific node. If it is non-empty, + /// the scheduler simply schedules this device onto that node, assuming that it fits + /// resource requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] pub node_name: Option, - /// List of properties which describe the device properties. properties list item must be unique by properties.Name. + /// List of properties which describe the device properties. + /// properties list item must be unique by properties.Name. #[serde(default, skip_serializing_if = "Option::is_none")] pub properties: Option>, /// Required: The protocol configuration used to connect to the device. @@ -35,10 +40,17 @@ pub struct DeviceSpec { pub protocol: Option, } -/// Required: DeviceModelRef is reference to the device model used as a template to create the device instance. +/// Required: DeviceModelRef is reference to the device model used as a template +/// to create the device instance. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceDeviceModelRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -52,7 +64,8 @@ pub struct DeviceMethods { /// Required: The device method name to be accessed. It must be unique. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// PropertyNames are list of device properties that device methods can control. Required: A device method can control multiple device properties. + /// PropertyNames are list of device properties that device methods can control. + /// Required: A device method can control multiple device properties. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propertyNames")] pub property_names: Option>, } @@ -66,10 +79,12 @@ pub struct DeviceProperties { /// The desired property value. #[serde(default, skip_serializing_if = "Option::is_none")] pub desired: Option, - /// Required: The device property name to be accessed. It must be unique. Note: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo + /// Required: The device property name to be accessed. It must be unique. + /// Note: If you need to use the built-in stream data processing function, you need to define Name as saveFrame or saveVideo #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// PushMethod represents the protocol used to push data, please ensure that the mapper can access the destination address. + /// PushMethod represents the protocol used to push data, + /// please ensure that the mapper can access the destination address. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pushMethod")] pub push_method: Option, /// Define how frequent mapper will report the value. @@ -78,7 +93,9 @@ pub struct DeviceProperties { /// whether be reported to the cloud #[serde(default, skip_serializing_if = "Option::is_none", rename = "reportToCloud")] pub report_to_cloud: Option, - /// Visitors are intended to be consumed by device mappers which connect to devices and collect data / perform actions on the device. Required: Protocol relevant config details about the how to access the device property. + /// Visitors are intended to be consumed by device mappers which connect to devices + /// and collect data / perform actions on the device. + /// Required: Protocol relevant config details about the how to access the device property. #[serde(default, skip_serializing_if = "Option::is_none")] pub visitors: Option, } @@ -93,10 +110,12 @@ pub struct DevicePropertiesDesired { pub value: String, } -/// PushMethod represents the protocol used to push data, please ensure that the mapper can access the destination address. +/// PushMethod represents the protocol used to push data, +/// please ensure that the mapper can access the destination address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevicePropertiesPushMethod { - /// DBMethod represents the method used to push data to database, please ensure that the mapper can access the destination address. + /// DBMethod represents the method used to push data to database, + /// please ensure that the mapper can access the destination address. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbMethod")] pub db_method: Option, /// HTTP Push method configuration for http @@ -110,7 +129,8 @@ pub struct DevicePropertiesPushMethod { pub otel: Option, } -/// DBMethod represents the method used to push data to database, please ensure that the mapper can access the destination address. +/// DBMethod represents the method used to push data to database, +/// please ensure that the mapper can access the destination address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevicePropertiesPushMethodDbMethod { #[serde(default, skip_serializing_if = "Option::is_none", rename = "TDEngine")] @@ -262,7 +282,9 @@ pub struct DevicePropertiesPushMethodOtel { pub endpoint_url: Option, } -/// Visitors are intended to be consumed by device mappers which connect to devices and collect data / perform actions on the device. Required: Protocol relevant config details about the how to access the device property. +/// Visitors are intended to be consumed by device mappers which connect to devices +/// and collect data / perform actions on the device. +/// Required: Protocol relevant config details about the how to access the device property. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevicePropertiesVisitors { /// Required: The configData of customized protocol @@ -279,7 +301,8 @@ pub struct DeviceProtocol { /// Any config data #[serde(default, skip_serializing_if = "Option::is_none", rename = "configData")] pub config_data: Option>, - /// Unique protocol name Required. + /// Unique protocol name + /// Required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protocolName")] pub protocol_name: Option, } @@ -299,18 +322,30 @@ pub struct DeviceStatus { /// Optional: The state of the device. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, - /// A list of device twins containing desired/reported desired/reported values of twin properties. Optional: A passive device won't have twin properties and this list could be empty. + /// A list of device twins containing desired/reported desired/reported values of twin properties. + /// Optional: A passive device won't have twin properties and this list could be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub twins: Option>, } -/// Twin provides a logical representation of control properties (writable properties in the device model). The properties can have a Desired state and a Reported state. The cloud configures the `Desired`state of a device property and this configuration update is pushed to the edge node. The mapper sends a command to the device to change this property value as per the desired state . It receives the `Reported` state of the property once the previous operation is complete and sends the reported state to the cloud. Offline device interaction in the edge is possible via twin properties for control/command operations. +/// Twin provides a logical representation of control properties (writable properties in the +/// device model). The properties can have a Desired state and a Reported state. The cloud configures +/// the `Desired`state of a device property and this configuration update is pushed to the edge node. +/// The mapper sends a command to the device to change this property value as per the desired state . +/// It receives the `Reported` state of the property once the previous operation is complete and sends +/// the reported state to the cloud. Offline device interaction in the edge is possible via twin +/// properties for control/command operations. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceStatusTwins { - /// The meaning of here is to indicate desired value of `deviceProperty.Desired` that the mapper has received in current cycle. Useful in cases that people want to check whether the mapper is working appropriately and its internal status is up-to-date. This value should be only updated by devicecontroller upstream. + /// The meaning of here is to indicate desired value of `deviceProperty.Desired` + /// that the mapper has received in current cycle. + /// Useful in cases that people want to check whether the mapper is working + /// appropriately and its internal status is up-to-date. + /// This value should be only updated by devicecontroller upstream. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedDesired")] pub observed_desired: Option, - /// Required: The property name for which the desired/reported values are specified. This property should be present in the device model. + /// Required: The property name for which the desired/reported values are specified. + /// This property should be present in the device model. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propertyName")] pub property_name: Option, /// Required: the reported property value. @@ -318,7 +353,11 @@ pub struct DeviceStatusTwins { pub reported: Option, } -/// The meaning of here is to indicate desired value of `deviceProperty.Desired` that the mapper has received in current cycle. Useful in cases that people want to check whether the mapper is working appropriately and its internal status is up-to-date. This value should be only updated by devicecontroller upstream. +/// The meaning of here is to indicate desired value of `deviceProperty.Desired` +/// that the mapper has received in current cycle. +/// Useful in cases that people want to check whether the mapper is working +/// appropriately and its internal status is up-to-date. +/// This value should be only updated by devicecontroller upstream. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DeviceStatusTwinsObservedDesired { /// Additional metadata like timestamp when the value was reported etc. diff --git a/kube-custom-resources-rs/src/digitalis_io/v1/valssecrets.rs b/kube-custom-resources-rs/src/digitalis_io/v1/valssecrets.rs index 454dd4c61..0722caaed 100644 --- a/kube-custom-resources-rs/src/digitalis_io/v1/valssecrets.rs +++ b/kube-custom-resources-rs/src/digitalis_io/v1/valssecrets.rs @@ -24,6 +24,8 @@ pub struct ValsSecretSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub rollout: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub template: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub ttl: Option, @@ -36,7 +38,8 @@ pub struct ValsSecretData { /// Encoding type for the secret. Only base64 supported. Optional #[serde(default, skip_serializing_if = "Option::is_none")] pub encoding: Option, - /// Ref value to the secret in the format ref+backend://path https://github.com/helmfile/vals + /// Ref value to the secret in the format ref+backend://path + /// https://github.com/helmfile/vals #[serde(default, skip_serializing_if = "Option::is_none", rename = "ref")] pub r#ref: Option, } @@ -82,6 +85,15 @@ pub struct ValsSecretDatabasesLoginCredentials { pub username_key: Option, } +/// RolloutTarget sets up what deployment or sts to restart +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ValsSecretRollout { + /// Kind is either Deployment, Pod or StatefulSet + pub kind: String, + /// Name is the object name + pub name: String, +} + /// ValsSecretStatus defines the observed state of ValsSecret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ValsSecretStatus { diff --git a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs index 9366d5dd9..09b7da217 100644 --- a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs +++ b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs @@ -342,7 +342,7 @@ pub struct DBClusterStatus { /// Time (UTC). #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterCreateTime")] pub cluster_create_time: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs index 56c23d7f1..43663cde3 100644 --- a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs +++ b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs @@ -172,7 +172,7 @@ pub struct DBInstanceStatus { /// The details of the DB instance's server certificate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateDetails")] pub certificate_details: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs index d480591b9..a784a2f9e 100644 --- a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs +++ b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs @@ -83,7 +83,7 @@ pub struct DBSubnetGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/druid_apache_org/v1alpha1/druids.rs b/kube-custom-resources-rs/src/druid_apache_org/v1alpha1/druids.rs index 8141ee409..773613365 100644 --- a/kube-custom-resources-rs/src/druid_apache_org/v1alpha1/druids.rs +++ b/kube-custom-resources-rs/src/druid_apache_org/v1alpha1/druids.rs @@ -28,6 +28,8 @@ pub struct DruidSpec { /// Affinity Kubernetes native `affinity` specification. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub auth: Option, /// CommonRuntimeProperties Content fo the `common.runtime.properties` configuration file. #[serde(rename = "common.runtime.properties")] pub common_runtime_properties: String, @@ -43,7 +45,8 @@ pub struct DruidSpec { /// DeepStorage IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deepStorage")] pub deep_storage: Option, - /// DefaultProbes If set to true this will add default probes (liveness / readiness / startup) for all druid components but it won't override existing probes + /// DefaultProbes If set to true this will add default probes (liveness / readiness / startup) for all druid components + /// but it won't override existing probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultProbes")] pub default_probes: Option, /// DeleteOrphanPvc Orphaned (unmounted PVCs) shall be cleaned up by the operator. @@ -52,22 +55,29 @@ pub struct DruidSpec { /// DisablePVCDeletionFinalizer Whether PVCs shall be deleted on the deletion of the Druid cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disablePVCDeletionFinalizer")] pub disable_pvc_deletion_finalizer: Option, + /// Dynamic Configurations for Druid. Applied through the dynamic configuration API. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicConfig")] + pub dynamic_config: Option>, /// Env Environment variables for druid containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, /// EnvFrom Extra environment variables from remote source (ConfigMaps, Secrets...). #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] pub env_from: Option>, - /// ExtraCommonConfig References to ConfigMaps holding more configuration files to mount to the common configuration path. + /// ExtraCommonConfig References to ConfigMaps holding more configuration files to mount to the + /// common configuration path. #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraCommonConfig")] pub extra_common_config: Option>, - /// ForceDeleteStsPodOnError Delete the StatefulSet's pods if the StatefulSet is set to ordered ready. issue: https://github.com/kubernetes/kubernetes/issues/67250 doc: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#forced-rollback + /// ForceDeleteStsPodOnError Delete the StatefulSet's pods if the StatefulSet is set to ordered ready. + /// issue: https://github.com/kubernetes/kubernetes/issues/67250 + /// doc: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#forced-rollback #[serde(default, skip_serializing_if = "Option::is_none", rename = "forceDeleteStsPodOnError")] pub force_delete_sts_pod_on_error: Option, /// HdfsSite Contents of `hdfs-site.xml`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hdfs-site.xml")] pub hdfs_site_xml: Option, - /// Ignored is now deprecated API. In order to avoid reconciliation of objects use the `druid.apache.org/ignored: "true"` annotation. + /// Ignored is now deprecated API. In order to avoid reconciliation of objects use the + /// `druid.apache.org/ignored: "true"` annotation. #[serde(default, skip_serializing_if = "Option::is_none")] pub ignored: Option, /// Image Required here or at the NodeSpec level. @@ -82,7 +92,8 @@ pub struct DruidSpec { /// JvmOptions Contents of the shared `jvm.options` configuration file for druid JVM processes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jvm.options")] pub jvm_options: Option, - /// LivenessProbe Port is set to `druid.port` if not specified with httpGet handler. + /// LivenessProbe + /// Port is set to `druid.port` if not specified with httpGet handler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, /// Log4jConfig contents `log4j.config` configuration file. @@ -91,13 +102,17 @@ pub struct DruidSpec { /// MetadataStore IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadataStore")] pub metadata_store: Option, - /// DimensionsMapPath Custom Dimension Map Path for statsd emitter. stastd documentation is described in the following documentation: https://druid.apache.org/docs/latest/development/extensions-contrib/statsd.html + /// DimensionsMapPath Custom Dimension Map Path for statsd emitter. + /// stastd documentation is described in the following documentation: + /// https://druid.apache.org/docs/latest/development/extensions-contrib/statsd.html #[serde(default, skip_serializing_if = "Option::is_none", rename = "metricDimensions.json")] pub metric_dimensions_json: Option, /// NodeSelector Kubernetes native `nodeSelector` specification. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, - /// Nodes a list of `Druid` Node types and their configurations. `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific `NodeSpec` level. + /// Nodes a list of `Druid` Node types and their configurations. + /// `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific + /// `NodeSpec` level. pub nodes: BTreeMap, /// PodAnnotations Custom annotations to be populated in `Druid` pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAnnotations")] @@ -111,10 +126,14 @@ pub struct DruidSpec { /// PriorityClassName Kubernetes native `priorityClassName` specification. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - /// ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler. + /// ReadinessProbe + /// Port is set to `druid.port` if not specified with httpGet handler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, - /// RollingDeploy Whether to deploy the components in a rolling update as described in the documentation: https://druid.apache.org/docs/latest/operations/rolling-updates.html If set to true then operator checks the rollout status of previous version workloads before updating the next. This will be done only for update actions. + /// RollingDeploy Whether to deploy the components in a rolling update as described in the documentation: + /// https://druid.apache.org/docs/latest/operations/rolling-updates.html + /// If set to true then operator checks the rollout status of previous version workloads before updating the next. + /// This will be done only for update actions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingDeploy")] pub rolling_deploy: Option, /// ScalePvcSts When enabled, operator will allow volume expansion of StatefulSet's PVCs. @@ -150,7 +169,8 @@ pub struct DruidSpec { /// Volumes Kubernetes Native `Volumes` specification. #[serde(default, skip_serializing_if = "Option::is_none")] pub volumes: Option>, - /// WorkloadAnnotations annotations to be populated in StatefulSet or Deployment spec. if the same key is specified at both the DruidNodeSpec level and DruidSpec level, the DruidNodeSpec WorkloadAnnotations will take precedence. + /// WorkloadAnnotations annotations to be populated in StatefulSet or Deployment spec. + /// if the same key is specified at both the DruidNodeSpec level and DruidSpec level, the DruidNodeSpec WorkloadAnnotations will take precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadAnnotations")] pub workload_annotations: Option>, /// Zookeeper IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator. @@ -158,7 +178,9 @@ pub struct DruidSpec { pub zookeeper: Option, } -/// AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. (will be part of Kubernetes native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary). +/// AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. +/// (will be part of Kubernetes native in the future: +/// https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainer { /// Args Arguments to call the command. @@ -199,7 +221,15 @@ pub struct DruidAdditionalContainer { pub struct DruidAdditionalContainerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -213,10 +243,12 @@ pub struct DruidAdditionalContainerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -229,7 +261,9 @@ pub struct DruidAdditionalContainerEnvValueFrom { pub struct DruidAdditionalContainerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -237,7 +271,8 @@ pub struct DruidAdditionalContainerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -248,7 +283,8 @@ pub struct DruidAdditionalContainerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -266,7 +302,9 @@ pub struct DruidAdditionalContainerEnvValueFromResourceFieldRef { pub struct DruidAdditionalContainerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -291,7 +329,9 @@ pub struct DruidAdditionalContainerEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -302,7 +342,9 @@ pub struct DruidAdditionalContainerEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -313,15 +355,25 @@ pub struct DruidAdditionalContainerEnvFromSecretRef { /// Resources Kubernetes Native `resources` specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -329,49 +381,93 @@ pub struct DruidAdditionalContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// ContainerSecurityContext If not present, will be taken from top level pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerSecurityContextCapabilities { /// Added capabilities @@ -382,7 +478,11 @@ pub struct DruidAdditionalContainerSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -399,31 +499,56 @@ pub struct DruidAdditionalContainerSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -431,21 +556,30 @@ pub struct DruidAdditionalContainerSecurityContextWindowsOptions { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAdditionalContainerVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -467,15 +601,28 @@ pub struct DruidAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -495,31 +642,47 @@ pub struct DruidAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecut pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -527,7 +690,9 @@ pub struct DruidAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecuti pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -538,26 +703,38 @@ pub struct DruidAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecuti pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -565,10 +742,24 @@ pub struct DruidAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecuti /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -579,7 +770,8 @@ pub struct DruidAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecuti /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: DruidAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -589,13 +781,24 @@ pub struct DruidAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecuti /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -606,59 +809,93 @@ pub struct DruidAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecuti /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -669,42 +906,60 @@ pub struct DruidAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutio /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -712,10 +967,24 @@ pub struct DruidAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutio /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -726,7 +995,8 @@ pub struct DruidAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExe /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: DruidAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -736,13 +1006,24 @@ pub struct DruidAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExe /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -753,59 +1034,93 @@ pub struct DruidAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExe /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -816,85 +1131,167 @@ pub struct DruidAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExec /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DruidAuth { + /// SecretReference represents a Secret Reference. It has enough information to retrieve secret + /// in any namespace + #[serde(rename = "secretRef")] + pub secret_ref: DruidAuthSecretRef, + #[serde(rename = "type")] + pub r#type: String, +} + +/// SecretReference represents a Secret Reference. It has enough information to retrieve secret +/// in any namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DruidAuthSecretRef { + /// name is unique within a namespace to reference a secret resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// namespace defines the space within which the secret name must be unique. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// ContainerSecurityContext #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidContainerSecurityContextCapabilities { /// Added capabilities @@ -905,7 +1302,11 @@ pub struct DruidContainerSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -922,31 +1323,56 @@ pub struct DruidContainerSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -954,7 +1380,9 @@ pub struct DruidContainerSecurityContextWindowsOptions { /// DeepStorage IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidDeepStorage { - /// RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding. + /// RawMessage is a raw encoded JSON value. + /// It implements [Marshaler] and [Unmarshaler] and can + /// be used to delay JSON decoding or precompute a JSON encoding. pub spec: String, #[serde(rename = "type")] pub r#type: String, @@ -965,7 +1393,15 @@ pub struct DruidDeepStorage { pub struct DruidEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -979,10 +1415,12 @@ pub struct DruidEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -995,7 +1433,9 @@ pub struct DruidEnvValueFrom { pub struct DruidEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1003,7 +1443,8 @@ pub struct DruidEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1014,7 +1455,8 @@ pub struct DruidEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1032,7 +1474,9 @@ pub struct DruidEnvValueFromResourceFieldRef { pub struct DruidEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1057,7 +1501,9 @@ pub struct DruidEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1068,7 +1514,9 @@ pub struct DruidEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1076,21 +1524,26 @@ pub struct DruidEnvFromSecretRef { pub optional: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidImagePullSecrets { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// LivenessProbe Port is set to `druid.port` if not specified with httpGet handler. +/// LivenessProbe +/// Port is set to `druid.port` if not specified with httpGet handler. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -1099,22 +1552,36 @@ pub struct DruidLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1122,7 +1589,11 @@ pub struct DruidLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -1132,8 +1603,11 @@ pub struct DruidLivenessProbeExec { pub struct DruidLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -1141,7 +1615,8 @@ pub struct DruidLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -1150,9 +1625,12 @@ pub struct DruidLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -1160,7 +1638,8 @@ pub struct DruidLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -1172,20 +1651,26 @@ pub struct DruidLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// MetadataStore IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidMetadataStore { - /// RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding. + /// RawMessage is a raw encoded JSON value. + /// It implements [Marshaler] and [Unmarshaler] and can + /// be used to delay JSON decoding or precompute a JSON encoding. pub spec: String, #[serde(rename = "type")] pub r#type: String, } -/// Nodes a list of `Druid` Node types and their configurations. `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific `NodeSpec` level. +/// Nodes a list of `Druid` Node types and their configurations. +/// `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific +/// `NodeSpec` level. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodes { /// Operator deploys the sidecar container based on these properties. @@ -1200,6 +1685,9 @@ pub struct DruidNodes { /// DruidPort Used by the `Druid` process. #[serde(default, skip_serializing_if = "Option::is_none", rename = "druid.port")] pub druid_port: Option, + /// Dynamic Configurations for Druid. Applied through the dynamic configuration API. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamicConfig")] + pub dynamic_config: Option>, /// Env Environment variables for druid containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, @@ -1230,22 +1718,26 @@ pub struct DruidNodes { /// JvmOptions overrides `JvmOptions` at top level. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jvm.options")] pub jvm_options: Option, - /// Kind Can be StatefulSet or Deployment. Note: volumeClaimTemplates are ignored when kind=Deployment + /// Kind Can be StatefulSet or Deployment. + /// Note: volumeClaimTemplates are ignored when kind=Deployment #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, /// Lifecycle #[serde(default, skip_serializing_if = "Option::is_none")] pub lifecycle: Option, - /// LivenessProbe Port is set to `druid.port` if not specified with httpGet handler. + /// LivenessProbe + /// Port is set to `druid.port` if not specified with httpGet handler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, /// Log4jConfig Overrides `Log4jConfig` at top level. #[serde(default, skip_serializing_if = "Option::is_none", rename = "log4j.config")] pub log4j_config: Option, - /// MaxSurge For Deployment object only. Set to 25% by default. + /// MaxSurge For Deployment object only. + /// Set to 25% by default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] pub max_surge: Option, - /// MaxUnavailable For deployment object only. Set to 25% by default + /// MaxUnavailable For deployment object only. + /// Set to 25% by default #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, /// NodeConfigMountPath in-container directory to mount with runtime.properties, jvm.config, log4j2.xml files. @@ -1278,7 +1770,8 @@ pub struct DruidNodes { /// PriorityClassName Kubernetes native `priorityClassName` specification. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - /// ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler. + /// ReadinessProbe + /// Port is set to `druid.port` if not specified with httpGet handler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, /// Replicas replica of the workload @@ -1328,7 +1821,9 @@ pub struct DruidNodes { pub workload_annotations: Option>, } -/// AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. (will be part of Kubernetes native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary). +/// AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. +/// (will be part of Kubernetes native in the future: +/// https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainer { /// Args Arguments to call the command. @@ -1369,7 +1864,15 @@ pub struct DruidNodesAdditionalContainer { pub struct DruidNodesAdditionalContainerEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -1383,10 +1886,12 @@ pub struct DruidNodesAdditionalContainerEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -1399,7 +1904,9 @@ pub struct DruidNodesAdditionalContainerEnvValueFrom { pub struct DruidNodesAdditionalContainerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1407,7 +1914,8 @@ pub struct DruidNodesAdditionalContainerEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1418,7 +1926,8 @@ pub struct DruidNodesAdditionalContainerEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1436,7 +1945,9 @@ pub struct DruidNodesAdditionalContainerEnvValueFromResourceFieldRef { pub struct DruidNodesAdditionalContainerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1461,7 +1972,9 @@ pub struct DruidNodesAdditionalContainerEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1472,7 +1985,9 @@ pub struct DruidNodesAdditionalContainerEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1483,15 +1998,25 @@ pub struct DruidNodesAdditionalContainerEnvFromSecretRef { /// Resources Kubernetes Native `resources` specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1499,49 +2024,93 @@ pub struct DruidNodesAdditionalContainerResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// ContainerSecurityContext If not present, will be taken from top level pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerSecurityContextCapabilities { /// Added capabilities @@ -1552,7 +2121,11 @@ pub struct DruidNodesAdditionalContainerSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -1569,31 +2142,56 @@ pub struct DruidNodesAdditionalContainerSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -1601,21 +2199,30 @@ pub struct DruidNodesAdditionalContainerSecurityContextWindowsOptions { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAdditionalContainerVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -1637,15 +2244,28 @@ pub struct DruidNodesAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -1665,31 +2285,47 @@ pub struct DruidNodesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringE pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -1697,7 +2333,9 @@ pub struct DruidNodesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringEx pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -1708,26 +2346,38 @@ pub struct DruidNodesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringEx pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1735,10 +2385,24 @@ pub struct DruidNodesAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringEx /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1749,7 +2413,8 @@ pub struct DruidNodesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringEx /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: DruidNodesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -1759,13 +2424,24 @@ pub struct DruidNodesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringEx /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -1776,59 +2452,93 @@ pub struct DruidNodesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringEx /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -1839,42 +2549,60 @@ pub struct DruidNodesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExe /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1882,10 +2610,24 @@ pub struct DruidNodesAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExe /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -1896,7 +2638,8 @@ pub struct DruidNodesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuri /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: DruidNodesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } @@ -1906,13 +2649,24 @@ pub struct DruidNodesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuri /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -1923,59 +2677,93 @@ pub struct DruidNodesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuri /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } @@ -1986,42 +2774,60 @@ pub struct DruidNodesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDurin /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2029,42 +2835,84 @@ pub struct DruidNodesAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDurin /// ContainerSecurityContext #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesContainerSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + /// AllowPrivilegeEscalation controls whether a process can gain more + /// privileges than its parent process. This bool directly controls if + /// the no_new_privs flag will be set on the container process. + /// AllowPrivilegeEscalation is true always when the container is: + /// 1) run as Privileged + /// 2) has CAP_SYS_ADMIN + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. + /// The capabilities to add/drop when running containers. + /// Defaults to the default set of capabilities granted by the container runtime. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub capabilities: Option, - /// Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. + /// Run container in privileged mode. + /// Processes in privileged containers are essentially equivalent to root on the host. + /// Defaults to false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. + /// procMount denotes the type of proc mount to use for the containers. + /// The default is DefaultProcMount which uses the container runtime defaults for + /// readonly paths and masked paths. + /// This requires the ProcMountType feature flag to be enabled. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. + /// Whether this container has a read-only root filesystem. + /// Default is false. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to the container. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by this container. If seccomp options are + /// provided at both the pod & container level, the container options + /// override the pod options. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options from the PodSecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. +/// The capabilities to add/drop when running containers. +/// Defaults to the default set of capabilities granted by the container runtime. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesContainerSecurityContextCapabilities { /// Added capabilities @@ -2075,7 +2923,11 @@ pub struct DruidNodesContainerSecurityContextCapabilities { pub drop: Option>, } -/// The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to the container. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in PodSecurityContext. If set in both SecurityContext and +/// PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesContainerSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -2092,31 +2944,56 @@ pub struct DruidNodesContainerSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by this container. If seccomp options are +/// provided at both the pod & container level, the container options +/// override the pod options. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesContainerSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options from the PodSecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesContainerSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } @@ -2126,7 +3003,15 @@ pub struct DruidNodesContainerSecurityContextWindowsOptions { pub struct DruidNodesEnv { /// Name of the environment variable. Must be a C_IDENTIFIER. pub name: String, - /// Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, /// Source for the environment variable's value. Cannot be used if value is not empty. @@ -2140,10 +3025,12 @@ pub struct DruidNodesEnvValueFrom { /// Selects a key of a ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, /// Selects a key of a secret in the pod's namespace @@ -2156,7 +3043,9 @@ pub struct DruidNodesEnvValueFrom { pub struct DruidNodesEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2164,7 +3053,8 @@ pub struct DruidNodesEnvValueFromConfigMapKeyRef { pub optional: Option, } -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesEnvValueFromFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -2175,7 +3065,8 @@ pub struct DruidNodesEnvValueFromFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesEnvValueFromResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -2193,7 +3084,9 @@ pub struct DruidNodesEnvValueFromResourceFieldRef { pub struct DruidNodesEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2218,7 +3111,9 @@ pub struct DruidNodesEnvFrom { /// The ConfigMap to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesEnvFromConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2229,7 +3124,9 @@ pub struct DruidNodesEnvFromConfigMapRef { /// The Secret to select from #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesEnvFromSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2240,44 +3137,78 @@ pub struct DruidNodesEnvFromSecretRef { /// HPAutoScaler Kubernetes Native `HorizontalPodAutoscaler` specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscaler { - /// behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). If not set, the default HPAScalingRules for scale up and scale down are used. + /// behavior configures the scaling behavior of the target + /// in both Up and Down directions (scaleUp and scaleDown fields respectively). + /// If not set, the default HPAScalingRules for scale up and scale down are used. #[serde(default, skip_serializing_if = "Option::is_none")] pub behavior: Option, - /// maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas. + /// maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. + /// It cannot be less that minReplicas. #[serde(rename = "maxReplicas")] pub max_replicas: i32, - /// metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization. + /// metrics contains the specifications for which to use to calculate the + /// desired replica count (the maximum replica count across all metrics will + /// be used). The desired replica count is calculated multiplying the + /// ratio between the target value and the current value by the current + /// number of pods. Ergo, metrics used must decrease as the pod count is + /// increased, and vice-versa. See the individual metric source types for + /// more information about how each type of metric must respond. + /// If not set, the default metric will be set to 80% average CPU utilization. #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option>, - /// minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available. + /// minReplicas is the lower limit for the number of replicas to which the autoscaler + /// can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the + /// alpha feature gate HPAScaleToZero is enabled and at least one Object or External + /// metric is configured. Scaling is active as long as at least one metric value is + /// available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")] pub min_replicas: Option, - /// scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count. + /// scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics + /// should be collected, as well as to actually change the replica count. #[serde(rename = "scaleTargetRef")] pub scale_target_ref: DruidNodesHpAutoscalerScaleTargetRef, } -/// behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). If not set, the default HPAScalingRules for scale up and scale down are used. +/// behavior configures the scaling behavior of the target +/// in both Up and Down directions (scaleUp and scaleDown fields respectively). +/// If not set, the default HPAScalingRules for scale up and scale down are used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerBehavior { - /// scaleDown is scaling policy for scaling Down. If not set, the default value is to allow to scale down to minReplicas pods, with a 300 second stabilization window (i.e., the highest recommendation for the last 300sec is used). + /// scaleDown is scaling policy for scaling Down. + /// If not set, the default value is to allow to scale down to minReplicas pods, with a + /// 300 second stabilization window (i.e., the highest recommendation for + /// the last 300sec is used). #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleDown")] pub scale_down: Option, - /// scaleUp is scaling policy for scaling Up. If not set, the default value is the higher of: * increase no more than 4 pods per 60 seconds * double the number of pods per 60 seconds No stabilization is used. + /// scaleUp is scaling policy for scaling Up. + /// If not set, the default value is the higher of: + /// * increase no more than 4 pods per 60 seconds + /// * double the number of pods per 60 seconds + /// No stabilization is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleUp")] pub scale_up: Option, } -/// scaleDown is scaling policy for scaling Down. If not set, the default value is to allow to scale down to minReplicas pods, with a 300 second stabilization window (i.e., the highest recommendation for the last 300sec is used). +/// scaleDown is scaling policy for scaling Down. +/// If not set, the default value is to allow to scale down to minReplicas pods, with a +/// 300 second stabilization window (i.e., the highest recommendation for +/// the last 300sec is used). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerBehaviorScaleDown { - /// policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid + /// policies is a list of potential scaling polices which can be used during scaling. + /// At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, - /// selectPolicy is used to specify which policy should be used. If not set, the default value Max is used. + /// selectPolicy is used to specify which policy should be used. + /// If not set, the default value Max is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "selectPolicy")] pub select_policy: Option, - /// stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). + /// stabilizationWindowSeconds is the number of seconds for which past recommendations should be + /// considered while scaling up or scaling down. + /// StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). + /// If not set, use the default values: + /// - For scale up: 0 (i.e. no stabilization is done). + /// - For scale down: 300 (i.e. the stabilization window is 300 seconds long). #[serde(default, skip_serializing_if = "Option::is_none", rename = "stabilizationWindowSeconds")] pub stabilization_window_seconds: Option, } @@ -2285,26 +3216,39 @@ pub struct DruidNodesHpAutoscalerBehaviorScaleDown { /// HPAScalingPolicy is a single policy which must hold true for a specified past interval. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerBehaviorScaleDownPolicies { - /// periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). + /// periodSeconds specifies the window of time for which the policy should hold true. + /// PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). #[serde(rename = "periodSeconds")] pub period_seconds: i32, /// type is used to specify the scaling policy. #[serde(rename = "type")] pub r#type: String, - /// value contains the amount of change which is permitted by the policy. It must be greater than zero + /// value contains the amount of change which is permitted by the policy. + /// It must be greater than zero pub value: i32, } -/// scaleUp is scaling policy for scaling Up. If not set, the default value is the higher of: * increase no more than 4 pods per 60 seconds * double the number of pods per 60 seconds No stabilization is used. +/// scaleUp is scaling policy for scaling Up. +/// If not set, the default value is the higher of: +/// * increase no more than 4 pods per 60 seconds +/// * double the number of pods per 60 seconds +/// No stabilization is used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerBehaviorScaleUp { - /// policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid + /// policies is a list of potential scaling polices which can be used during scaling. + /// At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid #[serde(default, skip_serializing_if = "Option::is_none")] pub policies: Option>, - /// selectPolicy is used to specify which policy should be used. If not set, the default value Max is used. + /// selectPolicy is used to specify which policy should be used. + /// If not set, the default value Max is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "selectPolicy")] pub select_policy: Option, - /// stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). + /// stabilizationWindowSeconds is the number of seconds for which past recommendations should be + /// considered while scaling up or scaling down. + /// StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). + /// If not set, use the default values: + /// - For scale up: 0 (i.e. no stabilization is done). + /// - For scale down: 300 (i.e. the stabilization window is 300 seconds long). #[serde(default, skip_serializing_if = "Option::is_none", rename = "stabilizationWindowSeconds")] pub stabilization_window_seconds: Option, } @@ -2312,40 +3256,67 @@ pub struct DruidNodesHpAutoscalerBehaviorScaleUp { /// HPAScalingPolicy is a single policy which must hold true for a specified past interval. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerBehaviorScaleUpPolicies { - /// periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). + /// periodSeconds specifies the window of time for which the policy should hold true. + /// PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). #[serde(rename = "periodSeconds")] pub period_seconds: i32, /// type is used to specify the scaling policy. #[serde(rename = "type")] pub r#type: String, - /// value contains the amount of change which is permitted by the policy. It must be greater than zero + /// value contains the amount of change which is permitted by the policy. + /// It must be greater than zero pub value: i32, } -/// MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once). +/// MetricSpec specifies how to scale based on a single metric +/// (only `type` and one other matching field should be set at once). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetrics { - /// containerResource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag. + /// containerResource refers to a resource metric (such as those specified in + /// requests and limits) known to Kubernetes describing a single container in + /// each pod of the current scale target (e.g. CPU or memory). Such metrics are + /// built in to Kubernetes, and have special scaling options on top of those + /// available to normal per-pod metrics using the "pods" source. + /// This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerResource")] pub container_resource: Option, - /// external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). + /// external refers to a global metric that is not associated + /// with any Kubernetes object. It allows autoscaling based on information + /// coming from components running outside of cluster + /// (for example length of queue in cloud messaging service, or + /// QPS from loadbalancer running outside of cluster). #[serde(default, skip_serializing_if = "Option::is_none")] pub external: Option, - /// object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object). + /// object refers to a metric describing a single kubernetes object + /// (for example, hits-per-second on an Ingress object). #[serde(default, skip_serializing_if = "Option::is_none")] pub object: Option, - /// pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value. + /// pods refers to a metric describing each pod in the current scale target + /// (for example, transactions-processed-per-second). The values will be + /// averaged together before being compared to the target value. #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, - /// resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. + /// resource refers to a resource metric (such as those specified in + /// requests and limits) known to Kubernetes describing each pod in the + /// current scale target (e.g. CPU or memory). Such metrics are built in to + /// Kubernetes, and have special scaling options on top of those available + /// to normal per-pod metrics using the "pods" source. #[serde(default, skip_serializing_if = "Option::is_none")] pub resource: Option, - /// type is the type of metric source. It should be one of "ContainerResource", "External", "Object", "Pods" or "Resource", each mapping to a matching field in the object. Note: "ContainerResource" type is available on when the feature-gate HPAContainerMetrics is enabled + /// type is the type of metric source. It should be one of "ContainerResource", "External", + /// "Object", "Pods" or "Resource", each mapping to a matching field in the object. + /// Note: "ContainerResource" type is available on when the feature-gate + /// HPAContainerMetrics is enabled #[serde(rename = "type")] pub r#type: String, } -/// containerResource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag. +/// containerResource refers to a resource metric (such as those specified in +/// requests and limits) known to Kubernetes describing a single container in +/// each pod of the current scale target (e.g. CPU or memory). Such metrics are +/// built in to Kubernetes, and have special scaling options on top of those +/// available to normal per-pod metrics using the "pods" source. +/// This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsContainerResource { /// container is the name of the container in the pods of the scaling target @@ -2359,10 +3330,14 @@ pub struct DruidNodesHpAutoscalerMetricsContainerResource { /// target specifies the target value for the given metric #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsContainerResourceTarget { - /// averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + /// averageUtilization is the target value of the average of the + /// resource metric across all relevant pods, represented as a percentage of + /// the requested value of the resource for the pods. + /// Currently only valid for Resource metric source type #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageUtilization")] pub average_utilization: Option, - /// averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + /// averageValue is the target value of the average of the + /// metric across all relevant pods (as a quantity) #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageValue")] pub average_value: Option, /// type represents whether the metric type is Utilization, Value, or AverageValue @@ -2373,7 +3348,11 @@ pub struct DruidNodesHpAutoscalerMetricsContainerResourceTarget { pub value: Option, } -/// external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). +/// external refers to a global metric that is not associated +/// with any Kubernetes object. It allows autoscaling based on information +/// coming from components running outside of cluster +/// (for example length of queue in cloud messaging service, or +/// QPS from loadbalancer running outside of cluster). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsExternal { /// metric identifies the target metric by name and selector @@ -2387,30 +3366,41 @@ pub struct DruidNodesHpAutoscalerMetricsExternal { pub struct DruidNodesHpAutoscalerMetricsExternalMetric { /// name is the name of the given metric pub name: String, - /// selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + /// selector is the string-encoded form of a standard kubernetes label selector for the given metric + /// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. + /// When unset, just the metricName will be used to gather metrics. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, } -/// selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. +/// selector is the string-encoded form of a standard kubernetes label selector for the given metric +/// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. +/// When unset, just the metricName will be used to gather metrics. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsExternalMetricSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsExternalMetricSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2418,10 +3408,14 @@ pub struct DruidNodesHpAutoscalerMetricsExternalMetricSelectorMatchExpressions { /// target specifies the target value for the given metric #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsExternalTarget { - /// averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + /// averageUtilization is the target value of the average of the + /// resource metric across all relevant pods, represented as a percentage of + /// the requested value of the resource for the pods. + /// Currently only valid for Resource metric source type #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageUtilization")] pub average_utilization: Option, - /// averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + /// averageValue is the target value of the average of the + /// metric across all relevant pods (as a quantity) #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageValue")] pub average_value: Option, /// type represents whether the metric type is Utilization, Value, or AverageValue @@ -2432,7 +3426,8 @@ pub struct DruidNodesHpAutoscalerMetricsExternalTarget { pub value: Option, } -/// object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object). +/// object refers to a metric describing a single kubernetes object +/// (for example, hits-per-second on an Ingress object). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsObject { /// describedObject specifies the descriptions of a object,such as kind,name apiVersion @@ -2461,30 +3456,41 @@ pub struct DruidNodesHpAutoscalerMetricsObjectDescribedObject { pub struct DruidNodesHpAutoscalerMetricsObjectMetric { /// name is the name of the given metric pub name: String, - /// selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + /// selector is the string-encoded form of a standard kubernetes label selector for the given metric + /// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. + /// When unset, just the metricName will be used to gather metrics. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, } -/// selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. +/// selector is the string-encoded form of a standard kubernetes label selector for the given metric +/// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. +/// When unset, just the metricName will be used to gather metrics. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsObjectMetricSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsObjectMetricSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2492,10 +3498,14 @@ pub struct DruidNodesHpAutoscalerMetricsObjectMetricSelectorMatchExpressions { /// target specifies the target value for the given metric #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsObjectTarget { - /// averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + /// averageUtilization is the target value of the average of the + /// resource metric across all relevant pods, represented as a percentage of + /// the requested value of the resource for the pods. + /// Currently only valid for Resource metric source type #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageUtilization")] pub average_utilization: Option, - /// averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + /// averageValue is the target value of the average of the + /// metric across all relevant pods (as a quantity) #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageValue")] pub average_value: Option, /// type represents whether the metric type is Utilization, Value, or AverageValue @@ -2506,7 +3516,9 @@ pub struct DruidNodesHpAutoscalerMetricsObjectTarget { pub value: Option, } -/// pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value. +/// pods refers to a metric describing each pod in the current scale target +/// (for example, transactions-processed-per-second). The values will be +/// averaged together before being compared to the target value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsPods { /// metric identifies the target metric by name and selector @@ -2520,30 +3532,41 @@ pub struct DruidNodesHpAutoscalerMetricsPods { pub struct DruidNodesHpAutoscalerMetricsPodsMetric { /// name is the name of the given metric pub name: String, - /// selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + /// selector is the string-encoded form of a standard kubernetes label selector for the given metric + /// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. + /// When unset, just the metricName will be used to gather metrics. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, } -/// selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. +/// selector is the string-encoded form of a standard kubernetes label selector for the given metric +/// When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. +/// When unset, just the metricName will be used to gather metrics. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsPodsMetricSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsPodsMetricSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -2551,10 +3574,14 @@ pub struct DruidNodesHpAutoscalerMetricsPodsMetricSelectorMatchExpressions { /// target specifies the target value for the given metric #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsPodsTarget { - /// averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + /// averageUtilization is the target value of the average of the + /// resource metric across all relevant pods, represented as a percentage of + /// the requested value of the resource for the pods. + /// Currently only valid for Resource metric source type #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageUtilization")] pub average_utilization: Option, - /// averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + /// averageValue is the target value of the average of the + /// metric across all relevant pods (as a quantity) #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageValue")] pub average_value: Option, /// type represents whether the metric type is Utilization, Value, or AverageValue @@ -2565,7 +3592,11 @@ pub struct DruidNodesHpAutoscalerMetricsPodsTarget { pub value: Option, } -/// resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. +/// resource refers to a resource metric (such as those specified in +/// requests and limits) known to Kubernetes describing each pod in the +/// current scale target (e.g. CPU or memory). Such metrics are built in to +/// Kubernetes, and have special scaling options on top of those available +/// to normal per-pod metrics using the "pods" source. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsResource { /// name is the name of the resource in question. @@ -2577,10 +3608,14 @@ pub struct DruidNodesHpAutoscalerMetricsResource { /// target specifies the target value for the given metric #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerMetricsResourceTarget { - /// averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + /// averageUtilization is the target value of the average of the + /// resource metric across all relevant pods, represented as a percentage of + /// the requested value of the resource for the pods. + /// Currently only valid for Resource metric source type #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageUtilization")] pub average_utilization: Option, - /// averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + /// averageValue is the target value of the average of the + /// metric across all relevant pods (as a quantity) #[serde(default, skip_serializing_if = "Option::is_none", rename = "averageValue")] pub average_value: Option, /// type represents whether the metric type is Utilization, Value, or AverageValue @@ -2591,7 +3626,8 @@ pub struct DruidNodesHpAutoscalerMetricsResourceTarget { pub value: Option, } -/// scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count. +/// scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics +/// should be collected, as well as to actually change the replica count. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesHpAutoscalerScaleTargetRef { /// apiVersion is the API version of the referent @@ -2603,10 +3639,13 @@ pub struct DruidNodesHpAutoscalerScaleTargetRef { pub name: String, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesImagePullSecrets { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2614,35 +3653,64 @@ pub struct DruidNodesImagePullSecrets { /// Ingress Kubernetes Native `Ingress` specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngress { - /// defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller. + /// defaultBackend is the backend that should handle requests that don't + /// match any rule. If Rules are not specified, DefaultBackend must be specified. + /// If DefaultBackend is not set, the handling of requests that do not match any + /// of the rules will be up to the Ingress controller. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultBackend")] pub default_backend: Option, - /// ingressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present. + /// ingressClassName is the name of an IngressClass cluster resource. Ingress + /// controller implementations use this field to know whether they should be + /// serving this Ingress resource, by a transitive connection + /// (controller -> IngressClass -> Ingress resource). Although the + /// `kubernetes.io/ingress.class` annotation (simple constant name) was never + /// formally defined, it was widely supported by Ingress controllers to create + /// a direct binding between Ingress controller and Ingress resources. Newly + /// created Ingress resources should prefer using the field. However, even + /// though the annotation is officially deprecated, for backwards compatibility + /// reasons, ingress controllers should still honor that annotation if present. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressClassName")] pub ingress_class_name: Option, - /// rules is a list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend. + /// rules is a list of host rules used to configure the Ingress. If unspecified, + /// or no rule matches, all traffic is sent to the default backend. #[serde(default, skip_serializing_if = "Option::is_none")] pub rules: Option>, - /// tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI. + /// tls represents the TLS configuration. Currently the Ingress only supports a + /// single TLS port, 443. If multiple members of this list specify different hosts, + /// they will be multiplexed on the same port according to the hostname specified + /// through the SNI TLS extension, if the ingress controller fulfilling the + /// ingress supports SNI. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option>, } -/// defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller. +/// defaultBackend is the backend that should handle requests that don't +/// match any rule. If Rules are not specified, DefaultBackend must be specified. +/// If DefaultBackend is not set, the handling of requests that do not match any +/// of the rules will be up to the Ingress controller. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressDefaultBackend { - /// resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service". + /// resource is an ObjectRef to another Kubernetes resource in the namespace + /// of the Ingress object. If resource is specified, a service.Name and + /// service.Port must not be specified. + /// This is a mutually exclusive setting with "Service". #[serde(default, skip_serializing_if = "Option::is_none")] pub resource: Option, - /// service references a service as a backend. This is a mutually exclusive setting with "Resource". + /// service references a service as a backend. + /// This is a mutually exclusive setting with "Resource". #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service". +/// resource is an ObjectRef to another Kubernetes resource in the namespace +/// of the Ingress object. If resource is specified, a service.Name and +/// service.Port must not be specified. +/// This is a mutually exclusive setting with "Service". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressDefaultBackendResource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -2651,74 +3719,139 @@ pub struct DruidNodesIngressDefaultBackendResource { pub name: String, } -/// service references a service as a backend. This is a mutually exclusive setting with "Resource". +/// service references a service as a backend. +/// This is a mutually exclusive setting with "Resource". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressDefaultBackendService { - /// name is the referenced service. The service must exist in the same namespace as the Ingress object. + /// name is the referenced service. The service must exist in + /// the same namespace as the Ingress object. pub name: String, - /// port of the referenced service. A port name or port number is required for a IngressServiceBackend. + /// port of the referenced service. A port name or port number + /// is required for a IngressServiceBackend. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, } -/// port of the referenced service. A port name or port number is required for a IngressServiceBackend. +/// port of the referenced service. A port name or port number +/// is required for a IngressServiceBackend. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressDefaultBackendServicePort { - /// name is the name of the port on the Service. This is a mutually exclusive setting with "Number". + /// name is the name of the port on the Service. + /// This is a mutually exclusive setting with "Number". #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with "Name". + /// number is the numerical port number (e.g. 80) on the Service. + /// This is a mutually exclusive setting with "Name". #[serde(default, skip_serializing_if = "Option::is_none")] pub number: Option, } -/// IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue. +/// IngressRule represents the rules mapping the paths under a specified host to +/// the related backend services. Incoming requests are first evaluated for a host +/// match, then routed to the backend associated with the matching IngressRuleValue. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressRules { - /// host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. - /// host can be "precise" which is a domain name without the terminating dot of a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name prefixed with a single wildcard label (e.g. "*.foo.com"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). Requests will be matched against the Host field in the following way: 1. If host is precise, the request matches this rule if the http host header is equal to Host. 2. If host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule. + /// host is the fully qualified domain name of a network host, as defined by RFC 3986. + /// Note the following deviations from the "host" part of the + /// URI as defined in RFC 3986: + /// 1. IPs are not allowed. Currently an IngressRuleValue can only apply to + /// the IP in the Spec of the parent Ingress. + /// 2. The `:` delimiter is not respected because ports are not allowed. + /// Currently the port of an Ingress is implicitly :80 for http and + /// :443 for https. + /// Both these may change in the future. + /// Incoming requests are matched against the host before the + /// IngressRuleValue. If the host is unspecified, the Ingress routes all + /// traffic based on the specified IngressRuleValue. + /// + /// + /// host can be "precise" which is a domain name without the terminating dot of + /// a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name + /// prefixed with a single wildcard label (e.g. "*.foo.com"). + /// The wildcard character '*' must appear by itself as the first DNS label and + /// matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). + /// Requests will be matched against the Host field in the following way: + /// 1. If host is precise, the request matches this rule if the http host header is equal to Host. + /// 2. If host is a wildcard, then the request matches this rule if the http host header + /// is to equal to the suffix (removing the first label) of the wildcard rule. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'. + /// HTTPIngressRuleValue is a list of http selectors pointing to backends. + /// In the example: http:///? -> backend where + /// where parts of the url correspond to RFC 3986, this resource will be used + /// to match against everything after the last '/' and before the first '?' + /// or '#'. #[serde(default, skip_serializing_if = "Option::is_none")] pub http: Option, } -/// HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'. +/// HTTPIngressRuleValue is a list of http selectors pointing to backends. +/// In the example: http:///? -> backend where +/// where parts of the url correspond to RFC 3986, this resource will be used +/// to match against everything after the last '/' and before the first '?' +/// or '#'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressRulesHttp { /// paths is a collection of paths that map requests to backends. pub paths: Vec, } -/// HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend. +/// HTTPIngressPath associates a path with a backend. Incoming urls matching the +/// path are forwarded to the backend. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressRulesHttpPaths { - /// backend defines the referenced service endpoint to which the traffic will be forwarded to. + /// backend defines the referenced service endpoint to which the traffic + /// will be forwarded to. pub backend: DruidNodesIngressRulesHttpPathsBackend, - /// path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value "Exact" or "Prefix". + /// path is matched against the path of an incoming request. Currently it can + /// contain characters disallowed from the conventional "path" part of a URL + /// as defined by RFC 3986. Paths must begin with a '/' and must be present + /// when using PathType with value "Exact" or "Prefix". #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is done on a path element by element basis. A path element refers is the list of labels in the path split by the '/' separator. A request is a match for path p if every p is an element-wise prefix of p of the request path. Note that if the last element of the path is a substring of the last element in request path, it is not a match (e.g. /foo/bar matches /foo/bar/baz, but does not match /foo/barbaz). * ImplementationSpecific: Interpretation of the Path matching is up to the IngressClass. Implementations can treat this as a separate PathType or treat it identically to Prefix or Exact path types. Implementations are required to support all path types. + /// pathType determines the interpretation of the path matching. PathType can + /// be one of the following values: + /// * Exact: Matches the URL path exactly. + /// * Prefix: Matches based on a URL path prefix split by '/'. Matching is + /// done on a path element by element basis. A path element refers is the + /// list of labels in the path split by the '/' separator. A request is a + /// match for path p if every p is an element-wise prefix of p of the + /// request path. Note that if the last element of the path is a substring + /// of the last element in request path, it is not a match (e.g. /foo/bar + /// matches /foo/bar/baz, but does not match /foo/barbaz). + /// * ImplementationSpecific: Interpretation of the Path matching is up to + /// the IngressClass. Implementations can treat this as a separate PathType + /// or treat it identically to Prefix or Exact path types. + /// Implementations are required to support all path types. #[serde(rename = "pathType")] pub path_type: String, } -/// backend defines the referenced service endpoint to which the traffic will be forwarded to. +/// backend defines the referenced service endpoint to which the traffic +/// will be forwarded to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressRulesHttpPathsBackend { - /// resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service". + /// resource is an ObjectRef to another Kubernetes resource in the namespace + /// of the Ingress object. If resource is specified, a service.Name and + /// service.Port must not be specified. + /// This is a mutually exclusive setting with "Service". #[serde(default, skip_serializing_if = "Option::is_none")] pub resource: Option, - /// service references a service as a backend. This is a mutually exclusive setting with "Resource". + /// service references a service as a backend. + /// This is a mutually exclusive setting with "Resource". #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service". +/// resource is an ObjectRef to another Kubernetes resource in the namespace +/// of the Ingress object. If resource is specified, a service.Name and +/// service.Port must not be specified. +/// This is a mutually exclusive setting with "Service". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressRulesHttpPathsBackendResource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -2727,23 +3860,29 @@ pub struct DruidNodesIngressRulesHttpPathsBackendResource { pub name: String, } -/// service references a service as a backend. This is a mutually exclusive setting with "Resource". +/// service references a service as a backend. +/// This is a mutually exclusive setting with "Resource". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressRulesHttpPathsBackendService { - /// name is the referenced service. The service must exist in the same namespace as the Ingress object. + /// name is the referenced service. The service must exist in + /// the same namespace as the Ingress object. pub name: String, - /// port of the referenced service. A port name or port number is required for a IngressServiceBackend. + /// port of the referenced service. A port name or port number + /// is required for a IngressServiceBackend. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, } -/// port of the referenced service. A port name or port number is required for a IngressServiceBackend. +/// port of the referenced service. A port name or port number +/// is required for a IngressServiceBackend. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressRulesHttpPathsBackendServicePort { - /// name is the name of the port on the Service. This is a mutually exclusive setting with "Number". + /// name is the name of the port on the Service. + /// This is a mutually exclusive setting with "Number". #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with "Name". + /// number is the numerical port number (e.g. 80) on the Service. + /// This is a mutually exclusive setting with "Name". #[serde(default, skip_serializing_if = "Option::is_none")] pub number: Option, } @@ -2751,10 +3890,17 @@ pub struct DruidNodesIngressRulesHttpPathsBackendServicePort { /// IngressTLS describes the transport layer security associated with an ingress. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesIngressTls { - /// hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified. + /// hosts is a list of hosts included in the TLS certificate. The values in + /// this list must match the name/s used in the tlsSecret. Defaults to the + /// wildcard host setting for the loadbalancer controller fulfilling this + /// Ingress, if left unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, - /// secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the "Host" header is used for routing. + /// secretName is the name of the secret used to terminate TLS traffic on + /// port 443. Field is left optional to allow TLS routing based on SNI + /// hostname alone. If the SNI host in a listener conflicts with the "Host" + /// header field used by an IngressRule, the SNI host is used for termination + /// and value of the "Host" header is used for routing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -2762,15 +3908,29 @@ pub struct DruidNodesIngressTls { /// Lifecycle #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PostStart is called immediately after a container is created. If the handler fails, + /// the container is terminated and restarted according to its restart policy. + /// Other management of the container blocks until the hook completes. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + /// PreStop is called immediately before a container is terminated due to an + /// API request or management event such as liveness/startup probe failure, + /// preemption, resource contention, etc. The handler is not called if the + /// container crashes or exits. The Pod's termination grace period countdown begins before the + /// PreStop hook is executed. Regardless of the outcome of the handler, the + /// container will eventually terminate within the Pod's termination grace + /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes + /// or until the termination grace period is reached. + /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] pub pre_stop: Option, } -/// PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PostStart is called immediately after a container is created. If the handler fails, +/// the container is terminated and restarted according to its restart policy. +/// Other management of the container blocks until the hook completes. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePostStart { /// Exec specifies the action to take. @@ -2779,7 +3939,9 @@ pub struct DruidNodesLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2787,7 +3949,11 @@ pub struct DruidNodesLifecyclePostStart { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2795,7 +3961,8 @@ pub struct DruidNodesLifecyclePostStartExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2804,9 +3971,12 @@ pub struct DruidNodesLifecyclePostStartHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2814,23 +3984,36 @@ pub struct DruidNodesLifecyclePostStartHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +/// PreStop is called immediately before a container is terminated due to an +/// API request or management event such as liveness/startup probe failure, +/// preemption, resource contention, etc. The handler is not called if the +/// container crashes or exits. The Pod's termination grace period countdown begins before the +/// PreStop hook is executed. Regardless of the outcome of the handler, the +/// container will eventually terminate within the Pod's termination grace +/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes +/// or until the termination grace period is reached. +/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePreStop { /// Exec specifies the action to take. @@ -2839,7 +4022,9 @@ pub struct DruidNodesLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + /// for the backward compatibility. There are no validation of this field and + /// lifecycle hooks will fail in runtime when tcp handler is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } @@ -2847,7 +4032,11 @@ pub struct DruidNodesLifecyclePreStop { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2855,7 +4044,8 @@ pub struct DruidNodesLifecyclePreStopExec { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2864,9 +4054,12 @@ pub struct DruidNodesLifecyclePreStopHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2874,29 +4067,36 @@ pub struct DruidNodesLifecyclePreStopHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, } -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. +/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept +/// for the backward compatibility. There are no validation of this field and +/// lifecycle hooks will fail in runtime when tcp handler is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// LivenessProbe Port is set to `druid.port` if not specified with httpGet handler. +/// LivenessProbe +/// Port is set to `druid.port` if not specified with httpGet handler. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLivenessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -2905,22 +4105,36 @@ pub struct DruidNodesLivenessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2928,7 +4142,11 @@ pub struct DruidNodesLivenessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -2938,8 +4156,11 @@ pub struct DruidNodesLivenessProbeExec { pub struct DruidNodesLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -2947,7 +4168,8 @@ pub struct DruidNodesLivenessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -2956,9 +4178,12 @@ pub struct DruidNodesLivenessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -2966,7 +4191,8 @@ pub struct DruidNodesLivenessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesLivenessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -2978,11 +4204,15 @@ pub struct DruidNodesLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// Nodes a list of `Druid` Node types and their configurations. `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific `NodeSpec` level. +/// Nodes a list of `Druid` Node types and their configurations. +/// `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific +/// `NodeSpec` level. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum DruidNodesNodeType { #[serde(rename = "historical")] @@ -3004,24 +4234,36 @@ pub enum DruidNodesNodeType { /// PersistentVolumeClaim is a user's request for and claim to a persistent volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaim { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// spec defines the desired characteristics of a volume requested by a pod author. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// status represents the current information/status of a persistent volume claim. + /// Read-only. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3036,28 +4278,65 @@ pub struct DruidNodesPersistentVolumeClaimMetadata { pub namespace: Option, } -/// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// spec defines the desired characteristics of a volume requested by a pod author. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3065,10 +4344,19 @@ pub struct DruidNodesPersistentVolumeClaimSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3077,33 +4365,73 @@ pub struct DruidNodesPersistentVolumeClaimSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3111,7 +4439,9 @@ pub struct DruidNodesPersistentVolumeClaimSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3121,42 +4451,63 @@ pub struct DruidNodesPersistentVolumeClaimSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// status represents the current information/status of a persistent volume claim. +/// Read-only. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPersistentVolumeClaimStatus { - /// accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the actual access modes the volume backing the PVC has. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may + /// be larger than the actual capacity when a volume expansion operation is requested. + /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. + /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. + /// If a volume expansion capacity request is lowered, allocatedResources is only + /// lowered if there are no expansion operations in progress and if the actual volume capacity + /// is equal or lower than the requested capacity. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, /// capacity represents the actual resources of the underlying volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, - /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. + /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// resizeStatus stores status of resize operation. + /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty + /// string by resize controller or kubelet. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] pub resize_status: Option, } @@ -3164,44 +4515,87 @@ pub struct DruidNodesPersistentVolumeClaimStatus { /// PodDisruptionBudgetSpec Kubernetes native `podDisruptionBudget` specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPodDisruptionBudgetSpec { - /// An eviction is allowed if at most "maxUnavailable" pods selected by "selector" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with "minAvailable". + /// An eviction is allowed if at most "maxUnavailable" pods selected by + /// "selector" are unavailable after the eviction, i.e. even in absence of + /// the evicted pod. For example, one can prevent all voluntary evictions + /// by specifying 0. This is a mutually exclusive setting with "minAvailable". #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, - /// An eviction is allowed if at least "minAvailable" pods selected by "selector" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying "100%". + /// An eviction is allowed if at least "minAvailable" pods selected by + /// "selector" will still be available after the eviction, i.e. even in the + /// absence of the evicted pod. So for example you can prevent all voluntary + /// evictions by specifying "100%". #[serde(default, skip_serializing_if = "Option::is_none", rename = "minAvailable")] pub min_available: Option, - /// Label query over pods whose evictions are managed by the disruption budget. A null selector will match no pods, while an empty ({}) selector will select all pods within the namespace. + /// Label query over pods whose evictions are managed by the disruption + /// budget. + /// A null selector will match no pods, while an empty ({}) selector will select + /// all pods within the namespace. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type="Ready",status="True". - /// Valid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy. - /// IfHealthyBudget policy means that running pods (status.phase="Running"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction. - /// AlwaysAllow policy means that all running pods (status.phase="Running"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction. - /// Additional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field. - /// This field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default). + /// UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods + /// should be considered for eviction. Current implementation considers healthy pods, + /// as pods that have status.conditions item with type="Ready",status="True". + /// + /// + /// Valid policies are IfHealthyBudget and AlwaysAllow. + /// If no policy is specified, the default behavior will be used, + /// which corresponds to the IfHealthyBudget policy. + /// + /// + /// IfHealthyBudget policy means that running pods (status.phase="Running"), + /// but not yet healthy can be evicted only if the guarded application is not + /// disrupted (status.currentHealthy is at least equal to status.desiredHealthy). + /// Healthy pods will be subject to the PDB for eviction. + /// + /// + /// AlwaysAllow policy means that all running pods (status.phase="Running"), + /// but not yet healthy are considered disrupted and can be evicted regardless + /// of whether the criteria in a PDB is met. This means perspective running + /// pods of a disrupted application might not get a chance to become healthy. + /// Healthy pods will be subject to the PDB for eviction. + /// + /// + /// Additional policies may be added in the future. + /// Clients making eviction decisions should disallow eviction of unhealthy pods + /// if they encounter an unrecognized policy in this field. + /// + /// + /// This field is beta-level. The eviction API uses this field when + /// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyPodEvictionPolicy")] pub unhealthy_pod_eviction_policy: Option, } -/// Label query over pods whose evictions are managed by the disruption budget. A null selector will match no pods, while an empty ({}) selector will select all pods within the namespace. +/// Label query over pods whose evictions are managed by the disruption +/// budget. +/// A null selector will match no pods, while an empty ({}) selector will select +/// all pods within the namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPodDisruptionBudgetSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPodDisruptionBudgetSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3209,30 +4603,39 @@ pub struct DruidNodesPodDisruptionBudgetSpecSelectorMatchExpressions { /// ContainerPort represents a network port in a single container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesPorts { - /// Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. + /// Number of port to expose on the pod's IP address. + /// This must be a valid port number, 0 < x < 65536. #[serde(rename = "containerPort")] pub container_port: i32, /// What host IP to bind the external port to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] pub host_ip: Option, - /// Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. + /// Number of port to expose on the host. + /// If specified, this must be a valid port number, 0 < x < 65536. + /// If HostNetwork is specified, this must match ContainerPort. + /// Most containers do not need this. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. + /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + /// named port in a pod must have a unique name. Name for the port that can be + /// referred to by services. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". + /// Protocol for port. Must be UDP, TCP, or SCTP. + /// Defaults to "TCP". #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } -/// ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler. +/// ReadinessProbe +/// Port is set to `druid.port` if not specified with httpGet handler. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -3241,22 +4644,36 @@ pub struct DruidNodesReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -3264,7 +4681,11 @@ pub struct DruidNodesReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -3274,8 +4695,11 @@ pub struct DruidNodesReadinessProbeExec { pub struct DruidNodesReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -3283,7 +4707,8 @@ pub struct DruidNodesReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -3292,9 +4717,12 @@ pub struct DruidNodesReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -3302,7 +4730,8 @@ pub struct DruidNodesReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -3314,22 +4743,34 @@ pub struct DruidNodesReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// Resources Kubernetes Native `resources` specification. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3337,48 +4778,102 @@ pub struct DruidNodesResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } /// PodSecurityContext Overrides `securityContext` at top level. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -3395,14 +4890,23 @@ pub struct DruidNodesSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -3416,44 +4920,73 @@ pub struct DruidNodesSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy. +/// Service is a named abstraction of software service (for example, mysql) consisting of local port +/// (for example 3306) that the proxy listens on, and the selector that determines which pods +/// will answer requests sent through the proxy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServices { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + /// Spec defines the behavior of a service. + /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + /// Most recently observed status of the service. + /// Populated by the system. + /// Read-only. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3468,66 +5001,215 @@ pub struct DruidNodesServicesMetadata { pub namespace: Option, } -/// Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +/// Spec defines the behavior of a service. +/// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesSpec { - /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is "true". It may be set to "false" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type. + /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically + /// allocated for services with type LoadBalancer. Default is "true". It + /// may be set to "false" if the cluster load-balancer does not rely on + /// NodePorts. If the caller requests specific NodePorts (by specifying a + /// value), those requests will be respected, regardless of this field. + /// This field may only be set for services with type LoadBalancer and will + /// be cleared if the type is changed to any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] pub allocate_load_balancer_node_ports: Option, - /// clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// clusterIP is the IP address of the service and is usually assigned + /// randomly. If an address is specified manually, is in-range (as per + /// system configuration), and is not in use, it will be allocated to the + /// service; otherwise creation of the service will fail. This field may not + /// be changed through updates unless the type field is also being changed + /// to ExternalName (which requires this field to be blank) or the type + /// field is being changed from ExternalName (in which case this field may + /// optionally be specified, as describe above). Valid values are "None", + /// empty string (""), or a valid IP address. Setting this to "None" makes a + /// "headless service" (no virtual IP), which is useful when direct endpoint + /// connections are preferred and proxying is not required. Only applies to + /// types ClusterIP, NodePort, and LoadBalancer. If this field is specified + /// when creating a Service of type ExternalName, creation will fail. This + /// field will be wiped when updating a Service to type ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIP")] pub cluster_ip: Option, - /// ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. - /// This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// ClusterIPs is a list of IP addresses assigned to this service, and are + /// usually assigned randomly. If an address is specified manually, is + /// in-range (as per system configuration), and is not in use, it will be + /// allocated to the service; otherwise creation of the service will fail. + /// This field may not be changed through updates unless the type field is + /// also being changed to ExternalName (which requires this field to be + /// empty) or the type field is being changed from ExternalName (in which + /// case this field may optionally be specified, as describe above). Valid + /// values are "None", empty string (""), or a valid IP address. Setting + /// this to "None" makes a "headless service" (no virtual IP), which is + /// useful when direct endpoint connections are preferred and proxying is + /// not required. Only applies to types ClusterIP, NodePort, and + /// LoadBalancer. If this field is specified when creating a Service of type + /// ExternalName, creation will fail. This field will be wiped when updating + /// a Service to type ExternalName. If this field is not specified, it will + /// be initialized from the clusterIP field. If this field is specified, + /// clients must ensure that clusterIPs[0] and clusterIP have the same + /// value. + /// + /// + /// This field may hold a maximum of two entries (dual-stack IPs, in either order). + /// These IPs must correspond to the values of the ipFamilies field. Both + /// clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIPs")] pub cluster_i_ps: Option>, - /// externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. + /// externalIPs is a list of IP addresses for which nodes in the cluster + /// will also accept traffic for this service. These IPs are not managed by + /// Kubernetes. The user is responsible for ensuring that traffic arrives + /// at a node with this IP. A common example is external load-balancers + /// that are not part of the Kubernetes system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")] pub external_i_ps: Option>, - /// externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". + /// externalName is the external reference that discovery mechanisms will + /// return as an alias for this service (e.g. a DNS CNAME record). No + /// proxying will be involved. Must be a lowercase RFC-1123 hostname + /// (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalName")] pub external_name: Option, - /// externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. + /// externalTrafficPolicy describes how nodes distribute service traffic they + /// receive on one of the Service's "externally-facing" addresses (NodePorts, + /// ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + /// the service in a way that assumes that external load balancers will take care + /// of balancing the service traffic between nodes, and so each node will deliver + /// traffic only to the node-local endpoints of the service, without masquerading + /// the client source IP. (Traffic mistakenly sent to a node with no endpoints will + /// be dropped.) The default value, "Cluster", uses the standard behavior of + /// routing to all endpoints evenly (possibly modified by topology and other + /// features). Note that traffic sent to an External IP or LoadBalancer IP from + /// within the cluster will always get "Cluster" semantics, but clients sending to + /// a NodePort from within the cluster may need to take traffic policy into account + /// when picking a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalTrafficPolicy")] pub external_traffic_policy: Option, - /// healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set. + /// healthCheckNodePort specifies the healthcheck nodePort for the service. + /// This only applies when type is set to LoadBalancer and + /// externalTrafficPolicy is set to Local. If a value is specified, is + /// in-range, and is not in use, it will be used. If not specified, a value + /// will be automatically allocated. External systems (e.g. load-balancers) + /// can use this port to determine if a given node holds endpoints for this + /// service or not. If this field is specified when creating a Service + /// which does not need it, creation will fail. This field will be wiped + /// when updating a Service to no longer need it (e.g. changing type). + /// This field cannot be updated once set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckNodePort")] pub health_check_node_port: Option, - /// InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). + /// InternalTrafficPolicy describes how nodes distribute service traffic they + /// receive on the ClusterIP. If set to "Local", the proxy will assume that pods + /// only want to talk to endpoints of the service on the same node as the pod, + /// dropping the traffic if there are no local endpoints. The default value, + /// "Cluster", uses the standard behavior of routing to all endpoints evenly + /// (possibly modified by topology and other features). #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalTrafficPolicy")] pub internal_traffic_policy: Option, - /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are "IPv4" and "IPv6". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. - /// This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. + /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this + /// service. This field is usually assigned automatically based on cluster + /// configuration and the ipFamilyPolicy field. If this field is specified + /// manually, the requested family is available in the cluster, + /// and ipFamilyPolicy allows it, it will be used; otherwise creation of + /// the service will fail. This field is conditionally mutable: it allows + /// for adding or removing a secondary IP family, but it does not allow + /// changing the primary IP family of the Service. Valid values are "IPv4" + /// and "IPv6". This field only applies to Services of types ClusterIP, + /// NodePort, and LoadBalancer, and does apply to "headless" services. + /// This field will be wiped when updating a Service to type ExternalName. + /// + /// + /// This field may hold a maximum of two entries (dual-stack families, in + /// either order). These families must correspond to the values of the + /// clusterIPs field, if specified. Both clusterIPs and ipFamilies are + /// governed by the ipFamilyPolicy field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] pub ip_families: Option>, - /// IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or "RequireDualStack" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName. + /// IPFamilyPolicy represents the dual-stack-ness requested or required by + /// this Service. If there is no value provided, then this field will be set + /// to SingleStack. Services can be "SingleStack" (a single IP family), + /// "PreferDualStack" (two IP families on dual-stack configured clusters or + /// a single IP family on single-stack clusters), or "RequireDualStack" + /// (two IP families on dual-stack configured clusters, otherwise fail). The + /// ipFamilies and clusterIPs fields depend on the value of this field. This + /// field will be wiped when updating a service to type ExternalName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] pub ip_family_policy: Option, - /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. + /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. + /// If specified, the value of this field must be a label-style identifier, with an optional prefix, + /// e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + /// This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + /// balancer implementation is used, today this is typically done through the cloud provider integration, + /// but should apply for any default implementation. If set, it is assumed that a load balancer + /// implementation is watching for Services with a matching class. Any default load balancer + /// implementation (e.g. cloud providers) should ignore Services that set this field. + /// This field can only be set when creating or updating a Service to type 'LoadBalancer'. + /// Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerClass")] pub load_balancer_class: Option, - /// Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version. + /// Only applies to Service Type: LoadBalancer. + /// This feature depends on whether the underlying cloud-provider supports specifying + /// the loadBalancerIP when a load balancer is created. + /// This field will be ignored if the cloud-provider does not support the feature. + /// Deprecated: This field was under-specified and its meaning varies across implementations, + /// and it cannot support dual-stack. + /// As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. + /// This field may be removed in a future API version. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerIP")] pub load_balancer_ip: Option, - /// If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ + /// If specified and supported by the platform, this will restrict traffic through the cloud-provider + /// load-balancer will be restricted to the specified client IPs. This field will be ignored if the + /// cloud-provider does not support the feature." + /// More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerSourceRanges")] pub load_balancer_source_ranges: Option>, - /// The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// The list of ports that are exposed by this service. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered "ready" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior. + /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this + /// Service should disregard any indications of ready/not-ready. + /// The primary use case for setting this field is for a StatefulSet's Headless Service to + /// propagate SRV DNS records for its Pods for the purpose of peer discovery. + /// The Kubernetes controllers that generate Endpoints and EndpointSlice resources for + /// Services interpret this to mean that all endpoints are considered "ready" even if the + /// Pods themselves are not. Agents which consume only Kubernetes generated endpoints + /// through the Endpoints or EndpointSlice resources can safely assume this behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "publishNotReadyAddresses")] pub publish_not_ready_addresses: Option, - /// Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/ + /// Route service traffic to pods with label keys and values matching this + /// selector. If empty or not present, the service is assumed to have an + /// external process managing its endpoints, which Kubernetes will not + /// modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. + /// Ignored if type is ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/ #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option>, - /// Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// Supports "ClientIP" and "None". Used to maintain session affinity. + /// Enable client IP based session affinity. + /// Must be ClientIP or None. + /// Defaults to None. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] pub session_affinity: Option, /// sessionAffinityConfig contains the configurations of session affinity. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] pub session_affinity_config: Option, - /// type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + /// type determines how the Service is exposed. Defaults to ClusterIP. Valid + /// options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + /// "ClusterIP" allocates a cluster-internal IP address for load-balancing + /// to endpoints. Endpoints are determined by the selector or if that is not + /// specified, by manual construction of an Endpoints object or + /// EndpointSlice objects. If clusterIP is "None", no virtual IP is + /// allocated and the endpoints are published as a set of endpoints rather + /// than a virtual IP. + /// "NodePort" builds on ClusterIP and allocates a port on every node which + /// routes to the same endpoints as the clusterIP. + /// "LoadBalancer" builds on NodePort and creates an external load-balancer + /// (if supported in the current cloud) which routes to the same endpoints + /// as the clusterIP. + /// "ExternalName" aliases this service to the specified externalName. + /// Several other fields do not apply to ExternalName services. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -3535,21 +5217,46 @@ pub struct DruidNodesServicesSpec { /// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesSpecPorts { - /// The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. + /// The application protocol for this port. + /// This field follows standard Kubernetes label syntax. + /// Un-prefixed names are reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// Non-standard protocols should use prefixed names such as + /// mycompany.com/my-custom-protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. If a value is + /// specified, in-range, and not in use it will be used, otherwise the + /// operation will fail. If not specified, a port will be allocated if this + /// Service requires one. If this field is specified when creating a + /// Service which does not need it, creation will fail. This field will be + /// wiped when updating a Service to no longer need it (e.g. changing type + /// from NodePort to ClusterIP). + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// The port that will be exposed by this service. pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// If this is a string, it will be looked up as a named port in the + /// target Pod's container ports. If this is not specified, the value + /// of the 'port' field is used (an identity map). + /// This field is ignored for services with clusterIP=None, and should be + /// omitted or set equal to the 'port' field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, } @@ -3565,52 +5272,72 @@ pub struct DruidNodesServicesSpecSessionAffinityConfig { /// clientIP contains the configurations of Client IP based session affinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesSpecSessionAffinityConfigClientIp { - /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). + /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. + /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + /// Default value is 10800(for 3 hours). #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +/// Most recently observed status of the service. +/// Populated by the system. +/// Read-only. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesStatus { /// Current service state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// LoadBalancer contains the current status of the load-balancer, if one is present. + /// LoadBalancer contains the current status of the load-balancer, + /// if one is present. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancer")] pub load_balancer: Option, } -/// LoadBalancer contains the current status of the load-balancer, if one is present. +/// LoadBalancer contains the current status of the load-balancer, +/// if one is present. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesStatusLoadBalancer { - /// Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. + /// Ingress is a list containing ingress points for the load-balancer. + /// Traffic intended for the service should be sent to these ingress points. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option>, } -/// LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point. +/// LoadBalancerIngress represents the status of a load-balancer ingress point: +/// traffic intended for the service should be sent to an ingress point. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesStatusLoadBalancerIngress { - /// Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) + /// Hostname is set for load-balancer ingress points that are DNS based + /// (typically AWS load-balancers) #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) + /// IP is set for load-balancer ingress points that are IP based + /// (typically GCE or OpenStack load-balancers) #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, - /// Ports is a list of records of service ports If used, every port defined in the service should have an entry in it + /// Ports is a list of records of service ports + /// If used, every port defined in the service should have an entry in it #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesServicesStatusLoadBalancerIngressPorts { - /// Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + /// Error is to record the problem with the service port + /// The format of the error shall comply with the following rules: + /// - built-in error values shall be specified in this file and those shall use + /// CamelCase names + /// - cloud provider specific error values must have names that comply with the + /// format foo.example.com/CamelCase. + /// --- + /// The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) #[serde(default, skip_serializing_if = "Option::is_none")] pub error: Option, /// Port is the port number of the service port of which status is recorded here pub port: i32, - /// Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" + /// Protocol is the protocol of the service port of which status is recorded here + /// The supported values are: "TCP", "UDP", "SCTP" pub protocol: String, } @@ -3620,7 +5347,8 @@ pub struct DruidNodesStartUpProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -3629,22 +5357,36 @@ pub struct DruidNodesStartUpProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -3652,7 +5394,11 @@ pub struct DruidNodesStartUpProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesStartUpProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -3662,8 +5408,11 @@ pub struct DruidNodesStartUpProbeExec { pub struct DruidNodesStartUpProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -3671,7 +5420,8 @@ pub struct DruidNodesStartUpProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesStartUpProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -3680,9 +5430,12 @@ pub struct DruidNodesStartUpProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -3690,7 +5443,8 @@ pub struct DruidNodesStartUpProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesStartUpProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -3702,26 +5456,38 @@ pub struct DruidNodesStartUpProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3729,56 +5495,151 @@ pub struct DruidNodesTolerations { /// TopologySpreadConstraint specifies how to spread matching pods among the given topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + /// LabelSelector is used to find matching pods. + /// Pods that match this label selector are counted to determine the number of pods + /// in their corresponding topology domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + /// MatchLabelKeys is a set of pod label keys to select the pods over which + /// spreading will be calculated. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are ANDed with labelSelector + /// to select the group of existing pods over which spreading will be calculated + /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// MatchLabelKeys cannot be set when LabelSelector isn't set. + /// Keys that don't exist in the incoming pod labels will + /// be ignored. A null or empty list means only match against labelSelector. + /// + /// + /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. + /// MaxSkew describes the degree to which pods may be unevenly distributed. + /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + /// between the number of matching pods in the target topology and the global minimum. + /// The global minimum is the minimum number of matching pods in an eligible domain + /// or zero if the number of eligible domains is less than MinDomains. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 2/2/1: + /// In this case, the global minimum is 1. + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P | + /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + /// violate MaxSkew(1). + /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + /// to topologies that satisfy it. + /// It's a required field. Default value is 1 and 0 is not allowed. #[serde(rename = "maxSkew")] pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + /// MinDomains indicates a minimum number of eligible domains. + /// When the number of eligible domains with matching topology keys is less than minDomains, + /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, + /// this value has no effect on scheduling. + /// As a result, when the number of eligible domains is less than minDomains, + /// scheduler won't schedule more than maxSkew Pods to those domains. + /// If value is nil, the constraint behaves as if MinDomains is equal to 1. + /// Valid values are integers greater than 0. + /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + /// + /// + /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + /// labelSelector spread as 2/2/2: + /// | zone1 | zone2 | zone3 | + /// | P P | P P | P P | + /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + /// In this situation, new pod with the same labelSelector cannot be scheduled, + /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + /// it will violate MaxSkew. + /// + /// + /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + /// when calculating pod topology spread skew. Options are: + /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + /// + /// + /// If this value is nil, the behavior is equivalent to the Honor policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - /// If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + /// NodeTaintsPolicy indicates how we will treat node taints when calculating + /// pod topology spread skew. Options are: + /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod + /// has a toleration, are included. + /// - Ignore: node taints are ignored. All nodes are included. + /// + /// + /// If this value is nil, the behavior is equivalent to the Ignore policy. + /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. + /// TopologyKey is the key of node labels. Nodes that have a label with this key + /// and identical values are considered to be in the same topology. + /// We consider each as a "bucket", and try to put balanced number + /// of pods into each bucket. + /// We define a domain as a particular instance of a topology. + /// Also, we define an eligible domain as a domain whose nodes meet the requirements of + /// nodeAffinityPolicy and nodeTaintsPolicy. + /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + /// It's a required field. #[serde(rename = "topologyKey")] pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. + /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + /// the spread constraint. + /// - DoNotSchedule (default) tells the scheduler not to schedule it. + /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, + /// but giving higher precedence to topologies that would help reduce the + /// skew. + /// A constraint is considered "Unsatisfiable" for an incoming pod + /// if and only if every possible node assignment for that pod would violate + /// "MaxSkew" on some topology. + /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + /// labelSelector spread as 3/1/1: + /// | zone1 | zone2 | zone3 | + /// | P P P | P | P | + /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + /// won't make it *more* imbalanced. + /// It's a required field. #[serde(rename = "whenUnsatisfiable")] pub when_unsatisfiable: String, } -/// LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +/// LabelSelector is used to find matching pods. +/// Pods that match this label selector are counted to determine the number of pods +/// in their corresponding topology domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesTopologySpreadConstraintsLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesTopologySpreadConstraintsLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -3789,7 +5650,8 @@ pub struct DruidNodesUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. + /// Type indicates the type of the StatefulSetUpdateStrategy. + /// Default is RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -3797,10 +5659,19 @@ pub struct DruidNodesUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + /// The maximum number of pods that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the + /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to + /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it + /// will be counted towards MaxUnavailable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. + /// Partition indicates the ordinal at which the StatefulSet should be partitioned + /// for updates. During a rolling update, all pods from ordinal Replicas-1 to + /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. + /// This is helpful in being able to do a canary based deployment. The default value is 0. #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, } @@ -3808,24 +5679,36 @@ pub struct DruidNodesUpdateStrategyRollingUpdate { /// PersistentVolumeClaim is a user's request for and claim to a persistent volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplates { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// spec defines the desired characteristics of a volume requested by a pod author. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// status represents the current information/status of a persistent volume claim. + /// Read-only. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3840,28 +5723,65 @@ pub struct DruidNodesVolumeClaimTemplatesMetadata { pub namespace: Option, } -/// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// spec defines the desired characteristics of a volume requested by a pod author. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -3869,10 +5789,19 @@ pub struct DruidNodesVolumeClaimTemplatesSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -3881,33 +5810,73 @@ pub struct DruidNodesVolumeClaimTemplatesSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -3915,7 +5884,9 @@ pub struct DruidNodesVolumeClaimTemplatesSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -3925,42 +5896,63 @@ pub struct DruidNodesVolumeClaimTemplatesSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// status represents the current information/status of a persistent volume claim. +/// Read-only. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeClaimTemplatesStatus { - /// accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the actual access modes the volume backing the PVC has. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may + /// be larger than the actual capacity when a volume expansion operation is requested. + /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. + /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. + /// If a volume expansion capacity request is lowered, allocatedResources is only + /// lowered if there are no expansion operations in progress and if the actual volume capacity + /// is equal or lower than the requested capacity. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, /// capacity represents the actual resources of the underlying volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, - /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. + /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// resizeStatus stores status of resize operation. + /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty + /// string by resize controller or kubelet. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] pub resize_status: Option, } @@ -3968,21 +5960,30 @@ pub struct DruidNodesVolumeClaimTemplatesStatus { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -3990,7 +5991,9 @@ pub struct DruidNodesVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -4002,7 +6005,8 @@ pub struct DruidNodesVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -4014,46 +6018,91 @@ pub struct DruidNodesVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -4068,13 +6117,15 @@ pub struct DruidNodesVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -4085,19 +6136,30 @@ pub struct DruidNodesVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -4114,13 +6176,16 @@ pub struct DruidNodesVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -4128,7 +6193,8 @@ pub struct DruidNodesVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -4142,54 +6208,74 @@ pub struct DruidNodesVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4197,13 +6283,27 @@ pub struct DruidNodesVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -4216,36 +6316,59 @@ pub struct DruidNodesVolumesConfigMap { pub struct DruidNodesVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4253,7 +6376,14 @@ pub struct DruidNodesVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -4267,12 +6397,18 @@ pub struct DruidNodesVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -4288,7 +6424,8 @@ pub struct DruidNodesVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4301,46 +6438,125 @@ pub struct DruidNodesVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: DruidNodesVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4355,28 +6571,67 @@ pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateMetadata { pub namespace: Option, } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -4384,10 +6639,19 @@ pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -4396,33 +6660,73 @@ pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -4430,7 +6734,9 @@ pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -4440,19 +6746,26 @@ pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -4460,46 +6773,65 @@ pub struct DruidNodesVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpress /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4507,7 +6839,8 @@ pub struct DruidNodesVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -4515,27 +6848,46 @@ pub struct DruidNodesVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -4545,29 +6897,47 @@ pub struct DruidNodesVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -4576,29 +6946,39 @@ pub struct DruidNodesVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -4606,30 +6986,41 @@ pub struct DruidNodesVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -4637,7 +7028,9 @@ pub struct DruidNodesVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -4648,10 +7041,13 @@ pub struct DruidNodesVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -4662,7 +7058,12 @@ pub struct DruidNodesVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -4690,10 +7091,18 @@ pub struct DruidNodesVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -4706,10 +7115,18 @@ pub struct DruidNodesVolumesProjectedSourcesConfigMap { pub struct DruidNodesVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -4727,12 +7144,18 @@ pub struct DruidNodesVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -4748,7 +7171,8 @@ pub struct DruidNodesVolumesProjectedSourcesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -4764,10 +7188,18 @@ pub struct DruidNodesVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -4780,78 +7212,124 @@ pub struct DruidNodesVolumesProjectedSourcesSecret { pub struct DruidNodesVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4859,7 +7337,10 @@ pub struct DruidNodesVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -4867,16 +7348,19 @@ pub struct DruidNodesVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: DruidNodesVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -4884,32 +7368,50 @@ pub struct DruidNodesVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -4919,37 +7421,58 @@ pub struct DruidNodesVolumesSecret { pub struct DruidNodesVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4957,7 +7480,9 @@ pub struct DruidNodesVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidNodesVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -4971,13 +7496,15 @@ pub struct DruidNodesVolumesVsphereVolume { pub volume_path: String, } -/// ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler. +/// ReadinessProbe +/// Port is set to `druid.port` if not specified with httpGet handler. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidReadinessProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -4986,22 +7513,36 @@ pub struct DruidReadinessProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -5009,7 +7550,11 @@ pub struct DruidReadinessProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5019,8 +7564,11 @@ pub struct DruidReadinessProbeExec { pub struct DruidReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -5028,7 +7576,8 @@ pub struct DruidReadinessProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5037,9 +7586,12 @@ pub struct DruidReadinessProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5047,7 +7599,8 @@ pub struct DruidReadinessProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidReadinessProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -5059,48 +7612,102 @@ pub struct DruidReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } /// PodSecurityContext #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidSecurityContext { - /// A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - /// 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, - /// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, - /// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. + /// The Windows specific settings applied to all containers. + /// If unspecified, the options within a container's SecurityContext will be used. + /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// Note that this field cannot be set when spec.os.name is linux. #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] pub windows_options: Option, } -/// The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidSecurityContextSeLinuxOptions { /// Level is SELinux level label that applies to the container. @@ -5117,14 +7724,23 @@ pub struct DruidSecurityContextSeLinuxOptions { pub user: Option, } -/// The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must only be set if type is "Localhost". #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. Valid options are: - /// Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. #[serde(rename = "type")] pub r#type: String, } @@ -5138,44 +7754,73 @@ pub struct DruidSecurityContextSysctls { pub value: String, } -/// The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. +/// The Windows specific settings applied to all containers. +/// If unspecified, the options within a container's SecurityContext will be used. +/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +/// Note that this field cannot be set when spec.os.name is linux. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. + /// GMSACredentialSpec is where the GMSA admission webhook + /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + /// GMSA credential spec named by the GMSACredentialSpecName field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] pub gmsa_credential_spec: Option, /// GMSACredentialSpecName is the name of the GMSA credential spec to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + /// HostProcess determines if a container should be run as a 'Host Process' container. + /// This field is alpha-level and will only be honored by components that enable the + /// WindowsHostProcessContainers feature flag. Setting this field without the feature + /// flag will result in errors when validating the Pod. All of a Pod's containers must + /// have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + /// containers and non-HostProcess containers). In addition, if HostProcess is true + /// then HostNetwork must also be set to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + /// The UserName in Windows to run the entrypoint of the container process. + /// Defaults to the user specified in image metadata if unspecified. + /// May also be set in PodSecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] pub run_as_user_name: Option, } -/// Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy. +/// Service is a named abstraction of software service (for example, mysql) consisting of local port +/// (for example 3306) that the proxy listens on, and the selector that determines which pods +/// will answer requests sent through the proxy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServices { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + /// Spec defines the behavior of a service. + /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + /// Most recently observed status of the service. + /// Populated by the system. + /// Read-only. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5190,66 +7835,215 @@ pub struct DruidServicesMetadata { pub namespace: Option, } -/// Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +/// Spec defines the behavior of a service. +/// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesSpec { - /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is "true". It may be set to "false" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type. + /// allocateLoadBalancerNodePorts defines if NodePorts will be automatically + /// allocated for services with type LoadBalancer. Default is "true". It + /// may be set to "false" if the cluster load-balancer does not rely on + /// NodePorts. If the caller requests specific NodePorts (by specifying a + /// value), those requests will be respected, regardless of this field. + /// This field may only be set for services with type LoadBalancer and will + /// be cleared if the type is changed to any other type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] pub allocate_load_balancer_node_ports: Option, - /// clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// clusterIP is the IP address of the service and is usually assigned + /// randomly. If an address is specified manually, is in-range (as per + /// system configuration), and is not in use, it will be allocated to the + /// service; otherwise creation of the service will fail. This field may not + /// be changed through updates unless the type field is also being changed + /// to ExternalName (which requires this field to be blank) or the type + /// field is being changed from ExternalName (in which case this field may + /// optionally be specified, as describe above). Valid values are "None", + /// empty string (""), or a valid IP address. Setting this to "None" makes a + /// "headless service" (no virtual IP), which is useful when direct endpoint + /// connections are preferred and proxying is not required. Only applies to + /// types ClusterIP, NodePort, and LoadBalancer. If this field is specified + /// when creating a Service of type ExternalName, creation will fail. This + /// field will be wiped when updating a Service to type ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIP")] pub cluster_ip: Option, - /// ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. - /// This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// ClusterIPs is a list of IP addresses assigned to this service, and are + /// usually assigned randomly. If an address is specified manually, is + /// in-range (as per system configuration), and is not in use, it will be + /// allocated to the service; otherwise creation of the service will fail. + /// This field may not be changed through updates unless the type field is + /// also being changed to ExternalName (which requires this field to be + /// empty) or the type field is being changed from ExternalName (in which + /// case this field may optionally be specified, as describe above). Valid + /// values are "None", empty string (""), or a valid IP address. Setting + /// this to "None" makes a "headless service" (no virtual IP), which is + /// useful when direct endpoint connections are preferred and proxying is + /// not required. Only applies to types ClusterIP, NodePort, and + /// LoadBalancer. If this field is specified when creating a Service of type + /// ExternalName, creation will fail. This field will be wiped when updating + /// a Service to type ExternalName. If this field is not specified, it will + /// be initialized from the clusterIP field. If this field is specified, + /// clients must ensure that clusterIPs[0] and clusterIP have the same + /// value. + /// + /// + /// This field may hold a maximum of two entries (dual-stack IPs, in either order). + /// These IPs must correspond to the values of the ipFamilies field. Both + /// clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterIPs")] pub cluster_i_ps: Option>, - /// externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system. + /// externalIPs is a list of IP addresses for which nodes in the cluster + /// will also accept traffic for this service. These IPs are not managed by + /// Kubernetes. The user is responsible for ensuring that traffic arrives + /// at a node with this IP. A common example is external load-balancers + /// that are not part of the Kubernetes system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIPs")] pub external_i_ps: Option>, - /// externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". + /// externalName is the external reference that discovery mechanisms will + /// return as an alias for this service (e.g. a DNS CNAME record). No + /// proxying will be involved. Must be a lowercase RFC-1123 hostname + /// (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName". #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalName")] pub external_name: Option, - /// externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. + /// externalTrafficPolicy describes how nodes distribute service traffic they + /// receive on one of the Service's "externally-facing" addresses (NodePorts, + /// ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure + /// the service in a way that assumes that external load balancers will take care + /// of balancing the service traffic between nodes, and so each node will deliver + /// traffic only to the node-local endpoints of the service, without masquerading + /// the client source IP. (Traffic mistakenly sent to a node with no endpoints will + /// be dropped.) The default value, "Cluster", uses the standard behavior of + /// routing to all endpoints evenly (possibly modified by topology and other + /// features). Note that traffic sent to an External IP or LoadBalancer IP from + /// within the cluster will always get "Cluster" semantics, but clients sending to + /// a NodePort from within the cluster may need to take traffic policy into account + /// when picking a node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalTrafficPolicy")] pub external_traffic_policy: Option, - /// healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set. + /// healthCheckNodePort specifies the healthcheck nodePort for the service. + /// This only applies when type is set to LoadBalancer and + /// externalTrafficPolicy is set to Local. If a value is specified, is + /// in-range, and is not in use, it will be used. If not specified, a value + /// will be automatically allocated. External systems (e.g. load-balancers) + /// can use this port to determine if a given node holds endpoints for this + /// service or not. If this field is specified when creating a Service + /// which does not need it, creation will fail. This field will be wiped + /// when updating a Service to no longer need it (e.g. changing type). + /// This field cannot be updated once set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckNodePort")] pub health_check_node_port: Option, - /// InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). + /// InternalTrafficPolicy describes how nodes distribute service traffic they + /// receive on the ClusterIP. If set to "Local", the proxy will assume that pods + /// only want to talk to endpoints of the service on the same node as the pod, + /// dropping the traffic if there are no local endpoints. The default value, + /// "Cluster", uses the standard behavior of routing to all endpoints evenly + /// (possibly modified by topology and other features). #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalTrafficPolicy")] pub internal_traffic_policy: Option, - /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are "IPv4" and "IPv6". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. - /// This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. + /// IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this + /// service. This field is usually assigned automatically based on cluster + /// configuration and the ipFamilyPolicy field. If this field is specified + /// manually, the requested family is available in the cluster, + /// and ipFamilyPolicy allows it, it will be used; otherwise creation of + /// the service will fail. This field is conditionally mutable: it allows + /// for adding or removing a secondary IP family, but it does not allow + /// changing the primary IP family of the Service. Valid values are "IPv4" + /// and "IPv6". This field only applies to Services of types ClusterIP, + /// NodePort, and LoadBalancer, and does apply to "headless" services. + /// This field will be wiped when updating a Service to type ExternalName. + /// + /// + /// This field may hold a maximum of two entries (dual-stack families, in + /// either order). These families must correspond to the values of the + /// clusterIPs field, if specified. Both clusterIPs and ipFamilies are + /// governed by the ipFamilyPolicy field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilies")] pub ip_families: Option>, - /// IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or "RequireDualStack" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName. + /// IPFamilyPolicy represents the dual-stack-ness requested or required by + /// this Service. If there is no value provided, then this field will be set + /// to SingleStack. Services can be "SingleStack" (a single IP family), + /// "PreferDualStack" (two IP families on dual-stack configured clusters or + /// a single IP family on single-stack clusters), or "RequireDualStack" + /// (two IP families on dual-stack configured clusters, otherwise fail). The + /// ipFamilies and clusterIPs fields depend on the value of this field. This + /// field will be wiped when updating a service to type ExternalName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamilyPolicy")] pub ip_family_policy: Option, - /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. + /// loadBalancerClass is the class of the load balancer implementation this Service belongs to. + /// If specified, the value of this field must be a label-style identifier, with an optional prefix, + /// e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. + /// This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load + /// balancer implementation is used, today this is typically done through the cloud provider integration, + /// but should apply for any default implementation. If set, it is assumed that a load balancer + /// implementation is watching for Services with a matching class. Any default load balancer + /// implementation (e.g. cloud providers) should ignore Services that set this field. + /// This field can only be set when creating or updating a Service to type 'LoadBalancer'. + /// Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerClass")] pub load_balancer_class: Option, - /// Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version. + /// Only applies to Service Type: LoadBalancer. + /// This feature depends on whether the underlying cloud-provider supports specifying + /// the loadBalancerIP when a load balancer is created. + /// This field will be ignored if the cloud-provider does not support the feature. + /// Deprecated: This field was under-specified and its meaning varies across implementations, + /// and it cannot support dual-stack. + /// As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. + /// This field may be removed in a future API version. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerIP")] pub load_balancer_ip: Option, - /// If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ + /// If specified and supported by the platform, this will restrict traffic through the cloud-provider + /// load-balancer will be restricted to the specified client IPs. This field will be ignored if the + /// cloud-provider does not support the feature." + /// More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerSourceRanges")] pub load_balancer_source_ranges: Option>, - /// The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// The list of ports that are exposed by this service. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered "ready" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior. + /// publishNotReadyAddresses indicates that any agent which deals with endpoints for this + /// Service should disregard any indications of ready/not-ready. + /// The primary use case for setting this field is for a StatefulSet's Headless Service to + /// propagate SRV DNS records for its Pods for the purpose of peer discovery. + /// The Kubernetes controllers that generate Endpoints and EndpointSlice resources for + /// Services interpret this to mean that all endpoints are considered "ready" even if the + /// Pods themselves are not. Agents which consume only Kubernetes generated endpoints + /// through the Endpoints or EndpointSlice resources can safely assume this behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "publishNotReadyAddresses")] pub publish_not_ready_addresses: Option, - /// Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/ + /// Route service traffic to pods with label keys and values matching this + /// selector. If empty or not present, the service is assumed to have an + /// external process managing its endpoints, which Kubernetes will not + /// modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. + /// Ignored if type is ExternalName. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/ #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option>, - /// Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + /// Supports "ClientIP" and "None". Used to maintain session affinity. + /// Enable client IP based session affinity. + /// Must be ClientIP or None. + /// Defaults to None. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinity")] pub session_affinity: Option, /// sessionAffinityConfig contains the configurations of session affinity. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionAffinityConfig")] pub session_affinity_config: Option, - /// type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + /// type determines how the Service is exposed. Defaults to ClusterIP. Valid + /// options are ExternalName, ClusterIP, NodePort, and LoadBalancer. + /// "ClusterIP" allocates a cluster-internal IP address for load-balancing + /// to endpoints. Endpoints are determined by the selector or if that is not + /// specified, by manual construction of an Endpoints object or + /// EndpointSlice objects. If clusterIP is "None", no virtual IP is + /// allocated and the endpoints are published as a set of endpoints rather + /// than a virtual IP. + /// "NodePort" builds on ClusterIP and allocates a port on every node which + /// routes to the same endpoints as the clusterIP. + /// "LoadBalancer" builds on NodePort and creates an external load-balancer + /// (if supported in the current cloud) which routes to the same endpoints + /// as the clusterIP. + /// "ExternalName" aliases this service to the specified externalName. + /// Several other fields do not apply to ExternalName services. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -5257,21 +8051,46 @@ pub struct DruidServicesSpec { /// ServicePort contains information on service's port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesSpecPorts { - /// The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. + /// The application protocol for this port. + /// This field follows standard Kubernetes label syntax. + /// Un-prefixed names are reserved for IANA standard service names (as per + /// RFC-6335 and https://www.iana.org/assignments/service-names). + /// Non-standard protocols should use prefixed names such as + /// mycompany.com/my-custom-protocol. #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service. + /// The name of this port within the service. This must be a DNS_LABEL. + /// All ports within a ServiceSpec must have unique names. When considering + /// the endpoints for a Service, this must match the 'name' field in the + /// EndpointPort. + /// Optional if only one ServicePort is defined on this service. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + /// The port on each node on which this service is exposed when type is + /// NodePort or LoadBalancer. Usually assigned by the system. If a value is + /// specified, in-range, and not in use it will be used, otherwise the + /// operation will fail. If not specified, a port will be allocated if this + /// Service requires one. If this field is specified when creating a + /// Service which does not need it, creation will fail. This field will be + /// wiped when updating a Service to no longer need it (e.g. changing type + /// from NodePort to ClusterIP). + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePort")] pub node_port: Option, /// The port that will be exposed by this service. pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. + /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + /// Default is TCP. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service + /// Number or name of the port to access on the pods targeted by the service. + /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// If this is a string, it will be looked up as a named port in the + /// target Pod's container ports. If this is not specified, the value + /// of the 'port' field is used (an identity map). + /// This field is ignored for services with clusterIP=None, and should be + /// omitted or set equal to the 'port' field. + /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, } @@ -5287,52 +8106,72 @@ pub struct DruidServicesSpecSessionAffinityConfig { /// clientIP contains the configurations of Client IP based session affinity. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesSpecSessionAffinityConfigClientIp { - /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours). + /// timeoutSeconds specifies the seconds of ClientIP type session sticky time. + /// The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + /// Default value is 10800(for 3 hours). #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } -/// Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +/// Most recently observed status of the service. +/// Populated by the system. +/// Read-only. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesStatus { /// Current service state #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// LoadBalancer contains the current status of the load-balancer, if one is present. + /// LoadBalancer contains the current status of the load-balancer, + /// if one is present. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancer")] pub load_balancer: Option, } -/// LoadBalancer contains the current status of the load-balancer, if one is present. +/// LoadBalancer contains the current status of the load-balancer, +/// if one is present. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesStatusLoadBalancer { - /// Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. + /// Ingress is a list containing ingress points for the load-balancer. + /// Traffic intended for the service should be sent to these ingress points. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option>, } -/// LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point. +/// LoadBalancerIngress represents the status of a load-balancer ingress point: +/// traffic intended for the service should be sent to an ingress point. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesStatusLoadBalancerIngress { - /// Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) + /// Hostname is set for load-balancer ingress points that are DNS based + /// (typically AWS load-balancers) #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) + /// IP is set for load-balancer ingress points that are IP based + /// (typically GCE or OpenStack load-balancers) #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, - /// Ports is a list of records of service ports If used, every port defined in the service should have an entry in it + /// Ports is a list of records of service ports + /// If used, every port defined in the service should have an entry in it #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidServicesStatusLoadBalancerIngressPorts { - /// Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + /// Error is to record the problem with the service port + /// The format of the error shall comply with the following rules: + /// - built-in error values shall be specified in this file and those shall use + /// CamelCase names + /// - cloud provider specific error values must have names that comply with the + /// format foo.example.com/CamelCase. + /// --- + /// The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) #[serde(default, skip_serializing_if = "Option::is_none")] pub error: Option, /// Port is the port number of the service port of which status is recorded here pub port: i32, - /// Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" + /// Protocol is the protocol of the service port of which status is recorded here + /// The supported values are: "TCP", "UDP", "SCTP" pub protocol: String, } @@ -5342,7 +8181,8 @@ pub struct DruidStartUpProbe { /// Exec specifies the action to take. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + /// Minimum consecutive failures for the probe to be considered failed after having succeeded. + /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// GRPC specifies an action involving a GRPC port. @@ -5351,22 +8191,36 @@ pub struct DruidStartUpProbe { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after the container has started before liveness probes are initiated. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + /// How often (in seconds) to perform the probe. + /// Default to 10 seconds. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + /// Minimum consecutive successes for the probe to be considered successful after having failed. + /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + /// The grace period is the duration in seconds after the processes running in the pod are sent + /// a termination signal and the time when the processes are forcibly halted with a kill signal. + /// Set this value longer than the expected cleanup time for your process. + /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + /// value overrides the value provided by the pod spec. + /// Value must be non-negative integer. The value zero indicates stop immediately via + /// the kill signal (no opportunity to shut down). + /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + /// Number of seconds after which the probe times out. + /// Defaults to 1 second. Minimum value is 1. + /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -5374,7 +8228,11 @@ pub struct DruidStartUpProbe { /// Exec specifies the action to take. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidStartUpProbeExec { - /// Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + /// Command is the command line to execute inside the container, the working directory for the + /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is + /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + /// a shell, you need to explicitly call out to that shell. + /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option>, } @@ -5384,8 +8242,11 @@ pub struct DruidStartUpProbeExec { pub struct DruidStartUpProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// If this is not specified, the default behavior is defined by gRPC. + /// Service is the name of the service to place in the gRPC HealthCheckRequest + /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + /// + /// + /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } @@ -5393,7 +8254,8 @@ pub struct DruidStartUpProbeGrpc { /// HTTPGet specifies the http request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidStartUpProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. + /// Host name to connect to, defaults to the pod IP. You probably want to set + /// "Host" in httpHeaders instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, /// Custom headers to set in the request. HTTP allows repeated headers. @@ -5402,9 +8264,12 @@ pub struct DruidStartUpProbeHttpGet { /// Path to access on the HTTP server. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Name or number of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, - /// Scheme to use for connecting to the host. Defaults to HTTP. + /// Scheme to use for connecting to the host. + /// Defaults to HTTP. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, } @@ -5412,7 +8277,8 @@ pub struct DruidStartUpProbeHttpGet { /// HTTPHeader describes a custom header to be used in HTTP probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidStartUpProbeHttpGetHttpHeaders { - /// The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header. + /// The header field name. + /// This will be canonicalized upon output, so case-variant names will be understood as the same header. pub name: String, /// The header field value pub value: String, @@ -5424,26 +8290,38 @@ pub struct DruidStartUpProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + /// Number or name of the port to access on the container. + /// Number must be in the range 1 to 65535. + /// Name must be an IANA_SVC_NAME. pub port: IntOrString, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5454,7 +8332,8 @@ pub struct DruidUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate. + /// Type indicates the type of the StatefulSetUpdateStrategy. + /// Default is RollingUpdate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -5462,10 +8341,19 @@ pub struct DruidUpdateStrategy { /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + /// The maximum number of pods that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the + /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to + /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it + /// will be counted towards MaxUnavailable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0. + /// Partition indicates the ordinal at which the StatefulSet should be partitioned + /// for updates. During a rolling update, all pods from ordinal Replicas-1 to + /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. + /// This is helpful in being able to do a canary based deployment. The default value is 0. #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, } @@ -5473,24 +8361,36 @@ pub struct DruidUpdateStrategyRollingUpdate { /// PersistentVolumeClaim is a user's request for and claim to a persistent volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplates { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// spec defines the desired characteristics of a volume requested by a pod author. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub spec: Option, - /// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// status represents the current information/status of a persistent volume claim. + /// Read-only. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5505,28 +8405,65 @@ pub struct DruidVolumeClaimTemplatesMetadata { pub namespace: Option, } -/// spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// spec defines the desired characteristics of a volume requested by a pod author. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -5534,10 +8471,19 @@ pub struct DruidVolumeClaimTemplatesSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -5546,33 +8492,73 @@ pub struct DruidVolumeClaimTemplatesSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -5580,7 +8566,9 @@ pub struct DruidVolumeClaimTemplatesSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -5590,42 +8578,63 @@ pub struct DruidVolumeClaimTemplatesSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// status represents the current information/status of a persistent volume claim. +/// Read-only. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeClaimTemplatesStatus { - /// accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the actual access modes the volume backing the PVC has. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may + /// be larger than the actual capacity when a volume expansion operation is requested. + /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. + /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. + /// If a volume expansion capacity request is lowered, allocatedResources is only + /// lowered if there are no expansion operations in progress and if the actual volume capacity + /// is equal or lower than the requested capacity. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] pub allocated_resources: Option>, /// capacity represents the actual resources of the underlying volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option>, - /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. + /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, - /// resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + /// resizeStatus stores status of resize operation. + /// ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty + /// string by resize controller or kubelet. + /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeStatus")] pub resize_status: Option, } @@ -5633,21 +8642,30 @@ pub struct DruidVolumeClaimTemplatesStatus { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -5655,7 +8673,9 @@ pub struct DruidVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. @@ -5667,7 +8687,8 @@ pub struct DruidVolumes { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume @@ -5679,46 +8700,91 @@ pub struct DruidVolumes { /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// --- + /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine @@ -5733,13 +8799,15 @@ pub struct DruidVolumes { /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. @@ -5750,19 +8818,30 @@ pub struct DruidVolumes { pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } @@ -5779,13 +8858,16 @@ pub struct DruidVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -5793,7 +8875,8 @@ pub struct DruidVolumesAzureDisk { /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -5807,54 +8890,74 @@ pub struct DruidVolumesAzureFile { /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5862,13 +8965,27 @@ pub struct DruidVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5881,36 +8998,59 @@ pub struct DruidVolumesConfigMap { pub struct DruidVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5918,7 +9058,14 @@ pub struct DruidVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -5932,12 +9079,18 @@ pub struct DruidVolumesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -5953,7 +9106,8 @@ pub struct DruidVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -5966,46 +9120,125 @@ pub struct DruidVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: DruidVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplateMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6020,28 +9253,67 @@ pub struct DruidVolumesEphemeralVolumeClaimTemplateMetadata { pub namespace: Option, } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -6049,10 +9321,19 @@ pub struct DruidVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -6061,33 +9342,73 @@ pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecDataSource { pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -6095,7 +9416,9 @@ pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, } @@ -6105,19 +9428,26 @@ pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -6125,46 +9455,65 @@ pub struct DruidVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6172,7 +9521,8 @@ pub struct DruidVolumesFlexVolumeSecretRef { /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -6180,27 +9530,46 @@ pub struct DruidVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -6210,29 +9579,47 @@ pub struct DruidVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath +/// --- +/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not +/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -6241,29 +9628,39 @@ pub struct DruidVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -6271,30 +9668,41 @@ pub struct DruidVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } @@ -6302,7 +9710,9 @@ pub struct DruidVolumesPersistentVolumeClaim { /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -6313,10 +9723,13 @@ pub struct DruidVolumesPhotonPersistentDisk { /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -6327,7 +9740,12 @@ pub struct DruidVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// sources is the list of volume projections @@ -6355,10 +9773,18 @@ pub struct DruidVolumesProjectedSources { /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6371,10 +9797,18 @@ pub struct DruidVolumesProjectedSourcesConfigMap { pub struct DruidVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -6392,12 +9826,18 @@ pub struct DruidVolumesProjectedSourcesDownwardApiItems { /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } @@ -6413,7 +9853,8 @@ pub struct DruidVolumesProjectedSourcesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -6429,10 +9870,18 @@ pub struct DruidVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -6445,78 +9894,124 @@ pub struct DruidVolumesProjectedSourcesSecret { pub struct DruidVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6524,7 +10019,10 @@ pub struct DruidVolumesRbdSecretRef { /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -6532,16 +10030,19 @@ pub struct DruidVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: DruidVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -6549,32 +10050,50 @@ pub struct DruidVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -6584,37 +10103,58 @@ pub struct DruidVolumesSecret { pub struct DruidVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6622,7 +10162,9 @@ pub struct DruidVolumesStorageosSecretRef { /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -6639,7 +10181,9 @@ pub struct DruidVolumesVsphereVolume { /// Zookeeper IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidZookeeper { - /// RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding. + /// RawMessage is a raw encoded JSON value. + /// It implements [Marshaler] and [Unmarshaler] and can + /// be used to delay JSON decoding or precompute a JSON encoding. pub spec: String, #[serde(rename = "type")] pub r#type: String, @@ -6652,7 +10196,8 @@ pub struct DruidStatus { pub config_maps: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub deployments: Option>, - /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file + /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + /// Important: Run "make" to regenerate code after modifying this file #[serde(default, skip_serializing_if = "Option::is_none", rename = "druidNodeStatus")] pub druid_node_status: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "hpAutoscalers")] @@ -6671,7 +10216,8 @@ pub struct DruidStatus { pub stateful_sets: Option>, } -/// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file +/// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster +/// Important: Run "make" to regenerate code after modifying this file #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DruidStatusDruidNodeStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "druidNode")] diff --git a/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/backups.rs b/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/backups.rs index 41345311d..395785962 100644 --- a/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/backups.rs +++ b/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/backups.rs @@ -22,7 +22,8 @@ pub struct BackupSpec { /// Specified name for the backup. #[serde(rename = "backupName")] pub backup_name: String, - /// The name of the table. + /// The name of the table. You can also provide the Amazon Resource Name (ARN) + /// of the table in this parameter. #[serde(rename = "tableName")] pub table_name: String, } @@ -61,7 +62,7 @@ pub struct BackupStatus { /// * AWS_BACKUP - On-demand backup created by you from Backup service. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupType")] pub backup_type: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/globaltables.rs b/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/globaltables.rs index ec6c08d2a..c1a9f078b 100644 --- a/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/globaltables.rs +++ b/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/globaltables.rs @@ -44,7 +44,7 @@ pub struct GlobalTableStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/tables.rs b/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/tables.rs index 59cadd90c..75c43eec5 100644 --- a/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/tables.rs +++ b/kube-custom-resources-rs/src/dynamodb_services_k8s_aws/v1alpha1/tables.rs @@ -26,10 +26,11 @@ pub struct TableSpec { /// capacity. This setting can be changed later. /// /// * PROVISIONED - We recommend using PROVISIONED for predictable workloads. - /// PROVISIONED sets the billing mode to Provisioned Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual). + /// PROVISIONED sets the billing mode to Provisioned capacity mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/provisioned-capacity-mode.html). /// /// * PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST for unpredictable - /// workloads. PAY_PER_REQUEST sets the billing mode to On-Demand Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand). + /// workloads. PAY_PER_REQUEST sets the billing mode to On-demand capacity + /// mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/on-demand-capacity-mode.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "billingMode")] pub billing_mode: Option, /// Represents the settings used to enable point in time recovery. @@ -157,7 +158,8 @@ pub struct TableSpec { /// The table class of the new table. Valid values are STANDARD and STANDARD_INFREQUENT_ACCESS. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tableClass")] pub table_class: Option, - /// The name of the table to create. + /// The name of the table to create. You can also provide the Amazon Resource + /// Name (ARN) of the table in this parameter. #[serde(rename = "tableName")] pub table_name: String, /// A list of key-value pairs to label the table. For more information, see Tagging @@ -170,7 +172,7 @@ pub struct TableSpec { pub time_to_live: Option, } -/// Represents an attribute for describing the key schema for the table and indexes. +/// Represents an attribute for describing the schema for the table and indexes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TableAttributeDefinitions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "attributeName")] @@ -339,10 +341,32 @@ pub struct TableSseSpecification { pub enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsMasterKeyID")] pub kms_master_key_id: Option, + /// Reference field for KMSMasterKeyID + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsMasterKeyRef")] + pub kms_master_key_ref: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "sseType")] pub sse_type: Option, } +/// Reference field for KMSMasterKeyID +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TableSseSpecificationKmsMasterKeyRef { + /// AWSResourceReference provides all the values necessary to reference another + /// k8s resource for finding the identifier(Id/ARN/Name) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub from: Option, +} + +/// AWSResourceReference provides all the values necessary to reference another +/// k8s resource for finding the identifier(Id/ARN/Name) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TableSseSpecificationKmsMasterKeyRefFrom { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + /// The settings for DynamoDB Streams on the table. These settings consist of: /// /// * StreamEnabled - Indicates whether DynamoDB Streams is to be enabled @@ -404,7 +428,7 @@ pub struct TableStatus { /// Contains information about the table archive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "archivalSummary")] pub archival_summary: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs index 254587331..c03f4a951 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs @@ -12,7 +12,7 @@ use self::prelude::*; /// DhcpOptionsSpec defines the desired state of DhcpOptions. /// -/// Describes a set of DHCP options. +/// The set of DHCP options. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "ec2.services.k8s.aws", version = "v1alpha1", kind = "DHCPOptions", plural = "dhcpoptions")] #[kube(namespaced)] @@ -35,6 +35,7 @@ pub struct DHCPOptionsSpec { pub vpc_refs: Option>, } +/// Describes a DHCP configuration option. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DHCPOptionsDhcpConfigurations { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -85,7 +86,7 @@ pub struct DHCPOptionsStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/elasticipaddresses.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/elasticipaddresses.rs index 28260cf05..4c3d2981a 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/elasticipaddresses.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/elasticipaddresses.rs @@ -19,8 +19,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ElasticIPAddressSpec { - /// [EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address - /// pool. + /// The Elastic IP address to recover or an IPv4 address from an address pool. #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option, /// The ID of a customer-owned address pool. Use this parameter to let Amazon @@ -32,12 +31,6 @@ pub struct ElasticIPAddressSpec { /// which Amazon Web Services advertises IP addresses. Use this parameter to /// limit the IP address to this location. IP addresses cannot move between network /// border groups. - /// - /// Use DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) - /// to view the network border groups. - /// - /// You cannot use a network border group with EC2 Classic. If you attempt this - /// operation on EC2 Classic, you receive an InvalidParameterCombination error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkBorderGroup")] pub network_border_group: Option, /// The ID of an address pool that you own. Use this parameter to let Amazon @@ -69,15 +62,14 @@ pub struct ElasticIPAddressStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// [EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation - /// of the Elastic IP address for use with instances in a VPC. + /// The ID that represents the allocation of the Elastic IP address. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocationID")] pub allocation_id: Option, /// The carrier IP address. This option is only available for network interfaces - /// which reside in a subnet in a Wavelength Zone (for example an EC2 instance). + /// that reside in a subnet in a Wavelength Zone. #[serde(default, skip_serializing_if = "Option::is_none", rename = "carrierIP")] pub carrier_ip: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/instances.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/instances.rs index 15b80fc7f..aee9418e3 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/instances.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/instances.rs @@ -30,7 +30,7 @@ pub struct InstanceSpec { /// Information about the Capacity Reservation targeting option. If you do not /// specify this parameter, the instance's Capacity Reservation preference defaults /// to open, which enables it to run in any open Capacity Reservation that has - /// matching attributes (instance type, platform, Availability Zone). + /// matching attributes (instance type, platform, Availability Zone, and tenancy). #[serde(default, skip_serializing_if = "Option::is_none", rename = "capacityReservationSpecification")] pub capacity_reservation_specification: Option, /// The CPU options for the instance. For more information, see Optimize CPU @@ -71,17 +71,14 @@ pub struct InstanceSpec { /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "ebsOptimized")] pub ebs_optimized: Option, - /// An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource - /// that you can attach to your Windows instance to accelerate the graphics performance - /// of your applications. For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html) - /// in the Amazon EC2 User Guide. + /// An elastic GPU to associate with the instance. + /// + /// Amazon Elastic Graphics reached end of life on January 8, 2024. #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticGPUSpecification")] pub elastic_gpu_specification: Option>, - /// An elastic inference accelerator to associate with the instance. Elastic - /// inference accelerators are a resource you can attach to your Amazon EC2 instances - /// to accelerate your Deep Learning (DL) inference workloads. + /// An elastic inference accelerator to associate with the instance. /// - /// You cannot specify accelerators from different generations in the same request. + /// Amazon Elastic Inference is no longer available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticInferenceAccelerators")] pub elastic_inference_accelerators: Option>, /// Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. @@ -92,8 +89,9 @@ pub struct InstanceSpec { /// same instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enclaveOptions")] pub enclave_options: Option, - /// Indicates whether an instance is enabled for hibernation. For more information, - /// see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + /// Indicates whether an instance is enabled for hibernation. This parameter + /// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). + /// For more information, see Hibernate your Amazon EC2 instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) /// in the Amazon EC2 User Guide. /// /// You can't enable hibernation and Amazon Web Services Nitro Enclaves on the @@ -119,15 +117,13 @@ pub struct InstanceSpec { /// InstanceInterruptionBehavior is set to either hibernate or stop. #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceMarketOptions")] pub instance_market_options: Option, - /// The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + /// The instance type. For more information, see Amazon EC2 instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) /// in the Amazon EC2 User Guide. - /// - /// Default: m1.small #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceType")] pub instance_type: Option, - /// [EC2-VPC] The number of IPv6 addresses to associate with the primary network - /// interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. - /// You cannot specify this option and the option to assign specific IPv6 addresses + /// The number of IPv6 addresses to associate with the primary network interface. + /// Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You + /// cannot specify this option and the option to assign specific IPv6 addresses /// in the same request. You can specify this option if you've specified a minimum /// number of instances to launch. /// @@ -135,10 +131,10 @@ pub struct InstanceSpec { /// request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6AddressCount")] pub ipv6_address_count: Option, - /// [EC2-VPC] The IPv6 addresses from the range of the subnet to associate with - /// the primary network interface. You cannot specify this option and the option - /// to assign a number of IPv6 addresses in the same request. You cannot specify - /// this option if you've specified a minimum number of instances to launch. + /// The IPv6 addresses from the range of the subnet to associate with the primary + /// network interface. You cannot specify this option and the option to assign + /// a number of IPv6 addresses in the same request. You cannot specify this option + /// if you've specified a minimum number of instances to launch. /// /// You cannot specify this option and the network interfaces option in the same /// request. @@ -158,9 +154,8 @@ pub struct InstanceSpec { /// you choose an AMI that is configured to allow users another way to log in. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyName")] pub key_name: Option, - /// The launch template to use to launch the instances. Any parameters that you - /// specify in RunInstances override the same parameters in the launch template. - /// You can specify either the name or ID of a launch template, but not both. + /// The launch template. Any additional parameters that you specify for the new + /// instance overwrite the corresponding parameters included in the launch template. #[serde(default, skip_serializing_if = "Option::is_none", rename = "launchTemplate")] pub launch_template: Option, /// The license configurations. @@ -169,47 +164,45 @@ pub struct InstanceSpec { /// The maintenance and recovery options for the instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maintenanceOptions")] pub maintenance_options: Option, - /// The maximum number of instances to launch. If you specify more instances - /// than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches - /// the largest possible number of instances above MinCount. + /// The maximum number of instances to launch. If you specify a value that is + /// more capacity than Amazon EC2 can launch in the target Availability Zone, + /// Amazon EC2 launches the largest possible number of instances above the specified + /// minimum count. /// - /// Constraints: Between 1 and the maximum number you're allowed for the specified - /// instance type. For more information about the default limits, and how to - /// request an increase, see How many instances can I run in Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2) - /// in the Amazon EC2 FAQ. + /// Constraints: Between 1 and the quota for the specified instance type for + /// your account for this Region. For more information, see Amazon EC2 instance + /// type quotas (https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-instance-quotas.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxCount")] pub max_count: Option, /// The metadata options for the instance. For more information, see Instance /// metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadataOptions")] pub metadata_options: Option, - /// The minimum number of instances to launch. If you specify a minimum that - /// is more instances than Amazon EC2 can launch in the target Availability Zone, - /// Amazon EC2 launches no instances. + /// The minimum number of instances to launch. If you specify a value that is + /// more capacity than Amazon EC2 can provide in the target Availability Zone, + /// Amazon EC2 does not launch any instances. /// - /// Constraints: Between 1 and the maximum number you're allowed for the specified - /// instance type. For more information about the default limits, and how to - /// request an increase, see How many instances can I run in Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2) - /// in the Amazon EC2 General FAQ. + /// Constraints: Between 1 and the quota for the specified instance type for + /// your account for this Region. For more information, see Amazon EC2 instance + /// type quotas (https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-instance-quotas.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minCount")] pub min_count: Option, /// Specifies whether detailed monitoring is enabled for the instance. #[serde(default, skip_serializing_if = "Option::is_none")] pub monitoring: Option, - /// The network interfaces to associate with the instance. If you specify a network - /// interface, you must specify any security groups and subnets as part of the - /// network interface. + /// The network interfaces to associate with the instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkInterfaces")] pub network_interfaces: Option>, /// The placement for the instance. #[serde(default, skip_serializing_if = "Option::is_none")] pub placement: Option, /// The options for the instance hostname. The default values are inherited from - /// the subnet. + /// the subnet. Applies only if creating a network interface, not attaching an + /// existing one. #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateDNSNameOptions")] pub private_dns_name_options: Option, - /// [EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4 - /// address range of the subnet. + /// The primary IPv4 address. You must specify a value from the IPv4 address + /// range of the subnet. /// /// Only one private IP address can be designated as primary. You can't specify /// this option if you've specified the option to designate a private IP address @@ -234,22 +227,21 @@ pub struct InstanceSpec { /// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html). /// /// If you specify a network interface, you must specify any security groups - /// as part of the network interface. + /// as part of the network interface instead of using this parameter. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIDs")] pub security_group_i_ds: Option>, - /// [EC2-Classic, default VPC] The names of the security groups. For a nondefault - /// VPC, you must use security group IDs instead. + /// [Default VPC] The names of the security groups. /// /// If you specify a network interface, you must specify any security groups - /// as part of the network interface. + /// as part of the network interface instead of using this parameter. /// /// Default: Amazon EC2 uses the default security group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroups")] pub security_groups: Option>, - /// [EC2-VPC] The ID of the subnet to launch the instance into. + /// The ID of the subnet to launch the instance into. /// /// If you specify a network interface, you must specify any subnets as part - /// of the network interface. + /// of the network interface instead of using this parameter. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetID")] pub subnet_id: Option, /// The tags. The value parameter is required, but if you don't want the tag @@ -257,12 +249,10 @@ pub struct InstanceSpec { /// to an empty string. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, - /// The user data script to make available to the instance. For more information, - /// see Run commands on your Linux instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) - /// and Run commands on your Windows instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-user-data.html). - /// If you are using a command line tool, base64-encoding is performed for you, - /// and you can load the text from a file. Otherwise, you must provide base64-encoded - /// text. User data is limited to 16 KB. + /// The user data to make available to the instance. User data must be base64-encoded. + /// Depending on the tool or SDK that you're using, the base64-encoding might + /// be performed for you. For more information, see Work with instance user data + /// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-add-user-data.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "userData")] pub user_data: Option, } @@ -308,7 +298,7 @@ pub struct InstanceBlockDeviceMappingsEbs { /// Information about the Capacity Reservation targeting option. If you do not /// specify this parameter, the instance's Capacity Reservation preference defaults /// to open, which enables it to run in any open Capacity Reservation that has -/// matching attributes (instance type, platform, Availability Zone). +/// matching attributes (instance type, platform, Availability Zone, and tenancy). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceCapacityReservationSpecification { #[serde(default, skip_serializing_if = "Option::is_none", rename = "capacityReservationPreference")] @@ -353,6 +343,8 @@ pub struct InstanceCreditSpecification { pub cpu_credits: Option, } +/// Amazon Elastic Graphics reached end of life on January 8, 2024. +/// /// A specification for an Elastic Graphics accelerator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceElasticGpuSpecification { @@ -360,6 +352,8 @@ pub struct InstanceElasticGpuSpecification { pub r#type: Option, } +/// Amazon Elastic Inference is no longer available. +/// /// Describes an elastic inference accelerator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceElasticInferenceAccelerators { @@ -381,8 +375,9 @@ pub struct InstanceEnclaveOptions { pub enabled: Option, } -/// Indicates whether an instance is enabled for hibernation. For more information, -/// see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) +/// Indicates whether an instance is enabled for hibernation. This parameter +/// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). +/// For more information, see Hibernate your Amazon EC2 instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) /// in the Amazon EC2 User Guide. /// /// You can't enable hibernation and Amazon Web Services Nitro Enclaves on the @@ -437,9 +432,8 @@ pub struct InstanceIpv6Addresses { pub ipv6_address: Option, } -/// The launch template to use to launch the instances. Any parameters that you -/// specify in RunInstances override the same parameters in the launch template. -/// You can specify either the name or ID of a launch template, but not both. +/// The launch template. Any additional parameters that you specify for the new +/// instance overwrite the corresponding parameters included in the launch template. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceLaunchTemplate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "launchTemplateID")] @@ -580,7 +574,8 @@ pub struct InstancePlacement { } /// The options for the instance hostname. The default values are inherited from -/// the subnet. +/// the subnet. Applies only if creating a network interface, not attaching an +/// existing one. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstancePrivateDnsNameOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableResourceNameDNSAAAARecord")] @@ -615,23 +610,34 @@ pub struct InstanceStatus { /// The architecture of the image. #[serde(default, skip_serializing_if = "Option::is_none")] pub architecture: Option, - /// The boot mode of the instance. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + /// The boot mode that was specified by the AMI. If the value is uefi-preferred, + /// the AMI supports both UEFI and Legacy BIOS. The currentInstanceBootMode parameter + /// is the boot mode that is used to boot the instance at launch or start. + /// + /// The operating system contained in the AMI must be configured to support the + /// specified boot mode. + /// + /// For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) /// in the Amazon EC2 User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootMode")] pub boot_mode: Option, /// The ID of the Capacity Reservation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "capacityReservationID")] pub capacity_reservation_id: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The Elastic GPU associated with the instance. + /// Deprecated. + /// + /// Amazon Elastic Graphics reached end of life on January 8, 2024. #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticGPUAssociations")] pub elastic_gpu_associations: Option>, - /// The elastic inference accelerator associated with the instance. + /// Deprecated + /// + /// Amazon Elastic Inference is no longer available. #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticInferenceAcceleratorAssociations")] pub elastic_inference_accelerator_associations: Option>, /// Specifies whether enhanced networking with ENA is enabled. @@ -650,7 +656,9 @@ pub struct InstanceStatus { /// The IPv6 address assigned to the instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6Address")] pub ipv6_address: Option, - /// The time the instance was launched. + /// The time that the instance was last launched. To determine the time that + /// instance was first launched, see the attachment time for the primary network + /// interface. #[serde(default, skip_serializing_if = "Option::is_none", rename = "launchTime")] pub launch_time: Option, /// The license configurations for the instance. @@ -659,7 +667,8 @@ pub struct InstanceStatus { /// The Amazon Resource Name (ARN) of the Outpost. #[serde(default, skip_serializing_if = "Option::is_none", rename = "outpostARN")] pub outpost_arn: Option, - /// The value is Windows for Windows instances; otherwise blank. + /// The platform. This value is windows for Windows instances; otherwise, it + /// is empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub platform: Option, /// The platform details value for the instance. For more information, see AMI @@ -667,22 +676,22 @@ pub struct InstanceStatus { /// in the Amazon EC2 User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "platformDetails")] pub platform_details: Option, - /// (IPv4 only) The private DNS hostname name assigned to the instance. This + /// [IPv4 only] The private DNS hostname name assigned to the instance. This /// DNS hostname can only be used inside the Amazon EC2 network. This name is /// not available until the instance enters the running state. /// - /// [EC2-VPC] The Amazon-provided DNS server resolves Amazon-provided private - /// DNS hostnames if you've enabled DNS resolution and DNS hostnames in your - /// VPC. If you are not using the Amazon-provided DNS server in your VPC, your - /// custom domain name servers must resolve the hostname as appropriate. + /// The Amazon-provided DNS server resolves Amazon-provided private DNS hostnames + /// if you've enabled DNS resolution and DNS hostnames in your VPC. If you are + /// not using the Amazon-provided DNS server in your VPC, your custom domain + /// name servers must resolve the hostname as appropriate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateDNSName")] pub private_dns_name: Option, /// The product codes attached to this instance, if applicable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "productCodes")] pub product_codes: Option>, - /// (IPv4 only) The public DNS name assigned to the instance. This name is not - /// available until the instance enters the running state. For EC2-VPC, this - /// name is only available if you've enabled DNS hostnames for your VPC. + /// [IPv4 only] The public DNS name assigned to the instance. This name is not + /// available until the instance enters the running state. This name is only + /// available if you've enabled DNS hostnames for your VPC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicDNSName")] pub public_dns_name: Option, /// The public IPv4 address, or the Carrier IP address assigned to the instance, @@ -734,7 +743,7 @@ pub struct InstanceStatus { /// The virtualization type of the instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "virtualizationType")] pub virtualization_type: Option, - /// [EC2-VPC] The ID of the VPC in which the instance is running. + /// The ID of the VPC in which the instance is running. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcID")] pub vpc_id: Option, } @@ -761,6 +770,8 @@ pub struct InstanceStatusAckResourceMetadata { pub region: String, } +/// Amazon Elastic Graphics reached end of life on January 8, 2024. +/// /// Describes the association between an instance and an Elastic Graphics accelerator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceStatusElasticGpuAssociations { @@ -774,6 +785,8 @@ pub struct InstanceStatusElasticGpuAssociations { pub elastic_gpuid: Option, } +/// Amazon Elastic Inference is no longer available. +/// /// Describes the association between an instance and an elastic inference accelerator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceStatusElasticInferenceAcceleratorAssociations { diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs index 6b3132ae4..870cf1413 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs @@ -114,7 +114,7 @@ pub struct InternetGatewayStatus { /// Any VPCs attached to the internet gateway. #[serde(default, skip_serializing_if = "Option::is_none")] pub attachments: Option>, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs index e1289b8e9..de259a9a2 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs @@ -40,7 +40,7 @@ pub struct NATGatewaySpec { /// The default is public connectivity. #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectivityType")] pub connectivity_type: Option, - /// The subnet in which to create the NAT gateway. + /// The ID of the subnet in which to create the NAT gateway. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetID")] pub subnet_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -126,7 +126,7 @@ pub struct NATGatewayStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -173,8 +173,8 @@ pub struct NATGatewayStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "natGatewayID")] pub nat_gateway_id: Option, /// Reserved. If you need to sustain traffic greater than the documented limits - /// (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), - /// contact us through the Support Center (https://console.aws.amazon.com/support/home?). + /// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-gateways), + /// contact Amazon Web Services Support. #[serde(default, skip_serializing_if = "Option::is_none", rename = "provisionedBandwidth")] pub provisioned_bandwidth: Option, /// The state of the NAT gateway. @@ -237,8 +237,8 @@ pub struct NATGatewayStatusNatGatewayAddresses { } /// Reserved. If you need to sustain traffic greater than the documented limits -/// (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), -/// contact us through the Support Center (https://console.aws.amazon.com/support/home?). +/// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-gateways), +/// contact Amazon Web Services Support. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NATGatewayStatusProvisionedBandwidth { #[serde(default, skip_serializing_if = "Option::is_none", rename = "provisionTime")] diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs index 56c32b10d..2ac8d7492 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs @@ -226,10 +226,10 @@ pub struct RouteTableStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// The associations between the route table and one or more subnets or a gateway. + /// The associations between the route table and your subnets or gateways. #[serde(default, skip_serializing_if = "Option::is_none")] pub associations: Option>, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs index cb37e9ba2..16e980cd3 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs @@ -21,13 +21,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct SecurityGroupSpec { - /// A description for the security group. This is informational only. + /// A description for the security group. /// /// Constraints: Up to 255 characters in length /// - /// Constraints for EC2-Classic: ASCII characters - /// - /// Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* + /// Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* pub description: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "egressRules")] pub egress_rules: Option>, @@ -37,16 +35,14 @@ pub struct SecurityGroupSpec { /// /// Constraints: Up to 255 characters in length. Cannot start with sg-. /// - /// Constraints for EC2-Classic: ASCII characters - /// - /// Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* + /// Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* pub name: String, /// The tags. The value parameter is required, but if you don't want the tag /// to have a value, specify the parameter with no value, and we set the value /// to an empty string. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, - /// [EC2-VPC] The ID of the VPC. Required for EC2-VPC. + /// The ID of the VPC. Required for a nondefault VPC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcID")] pub vpc_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -60,7 +56,7 @@ pub struct SecurityGroupSpec { pub vpc_ref: Option, } -/// Describes a set of permissions for a security group rule. +/// Describes the permissions for a security group rule. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupEgressRules { #[serde(default, skip_serializing_if = "Option::is_none", rename = "fromPort")] @@ -79,7 +75,7 @@ pub struct SecurityGroupEgressRules { pub user_id_group_pairs: Option>, } -/// Describes an IPv4 range. +/// Describes an IPv4 address range. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupEgressRulesIpRanges { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrIP")] @@ -88,7 +84,7 @@ pub struct SecurityGroupEgressRulesIpRanges { pub description: Option, } -/// [EC2-VPC only] Describes an IPv6 range. +/// Describes an IPv6 address range. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupEgressRulesIpv6Ranges { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrIPv6")] @@ -107,11 +103,6 @@ pub struct SecurityGroupEgressRulesPrefixListIDs { } /// Describes a security group and Amazon Web Services account ID pair. -/// -/// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate -/// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic -/// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -/// in the Amazon Elastic Compute Cloud User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupEgressRulesUserIdGroupPairs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -174,7 +165,7 @@ pub struct SecurityGroupEgressRulesUserIdGroupPairsVpcRefFrom { pub namespace: Option, } -/// Describes a set of permissions for a security group rule. +/// Describes the permissions for a security group rule. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupIngressRules { #[serde(default, skip_serializing_if = "Option::is_none", rename = "fromPort")] @@ -193,7 +184,7 @@ pub struct SecurityGroupIngressRules { pub user_id_group_pairs: Option>, } -/// Describes an IPv4 range. +/// Describes an IPv4 address range. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupIngressRulesIpRanges { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrIP")] @@ -202,7 +193,7 @@ pub struct SecurityGroupIngressRulesIpRanges { pub description: Option, } -/// [EC2-VPC only] Describes an IPv6 range. +/// Describes an IPv6 address range. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupIngressRulesIpv6Ranges { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrIPv6")] @@ -221,11 +212,6 @@ pub struct SecurityGroupIngressRulesPrefixListIDs { } /// Describes a security group and Amazon Web Services account ID pair. -/// -/// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate -/// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic -/// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -/// in the Amazon Elastic Compute Cloud User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityGroupIngressRulesUserIdGroupPairs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -330,7 +316,7 @@ pub struct SecurityGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs index 05393cd2a..6f6fb7110 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs @@ -31,8 +31,7 @@ pub struct SubnetSpec { /// /// To create a subnet in a Local Zone, set this value to the Local Zone ID, /// for example us-west-2-lax-1a. For information about the Regions that support - /// Local Zones, see Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions) - /// in the Amazon Elastic Compute Cloud User Guide. + /// Local Zones, see Available Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/available-local-zones.html). /// /// To create a subnet in an Outpost, set this value to the Availability Zone /// for the Outpost and specify the Outpost ARN. @@ -58,10 +57,8 @@ pub struct SubnetSpec { pub enable_resource_name_dnsa_record: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostnameType")] pub hostname_type: Option, - /// The IPv6 network range for the subnet, in CIDR notation. The subnet size - /// must use a /64 prefix length. - /// - /// This parameter is required for an IPv6 only subnet. + /// The IPv6 network range for the subnet, in CIDR notation. This parameter is + /// required for an IPv6 only subnet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6CIDRBlock")] pub ipv6_cidr_block: Option, /// Indicates whether to create an IPv6 only subnet. @@ -167,7 +164,7 @@ pub struct SubnetStatus { /// for any stopped instances are considered unavailable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availableIPAddressCount")] pub available_ip_address_count: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/transitgateways.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/transitgateways.rs index 09f7d767d..e8514592b 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/transitgateways.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/transitgateways.rs @@ -72,7 +72,7 @@ pub struct TransitGatewayStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs index 6a402ce9c..c5825422f 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs @@ -48,24 +48,24 @@ pub struct VPCEndpointSpec { /// Default: true #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateDNSEnabled")] pub private_dns_enabled: Option, - /// (Gateway endpoint) One or more route table IDs. + /// (Gateway endpoint) The route table IDs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeTableIDs")] pub route_table_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeTableRefs")] pub route_table_refs: Option>, - /// (Interface endpoint) The ID of one or more security groups to associate with - /// the endpoint network interface. + /// (Interface endpoint) The IDs of the security groups to associate with the + /// endpoint network interfaces. If this parameter is not specified, we use the + /// default security group for the VPC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIDs")] pub security_group_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupRefs")] pub security_group_refs: Option>, - /// The service name. To get a list of available services, use the DescribeVpcEndpointServices - /// request, or get the name from the service provider. - #[serde(rename = "serviceName")] - pub service_name: String, - /// (Interface and Gateway Load Balancer endpoints) The ID of one or more subnets - /// in which to create an endpoint network interface. For a Gateway Load Balancer - /// endpoint, you can specify one subnet only. + /// The name of the endpoint service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] + pub service_name: Option, + /// (Interface and Gateway Load Balancer endpoints) The IDs of the subnets in + /// which to create endpoint network interfaces. For a Gateway Load Balancer + /// endpoint, you can specify only one subnet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetIDs")] pub subnet_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetRefs")] @@ -80,7 +80,7 @@ pub struct VPCEndpointSpec { /// Default: Gateway #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcEndpointType")] pub vpc_endpoint_type: Option, - /// The ID of the VPC in which the endpoint will be used. + /// The ID of the VPC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcID")] pub vpc_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -218,7 +218,7 @@ pub struct VPCEndpointStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -237,7 +237,7 @@ pub struct VPCEndpointStatus { /// The last error that occurred for endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastError")] pub last_error: Option, - /// (Interface endpoint) One or more network interfaces for the endpoint. + /// (Interface endpoint) The network interfaces for the endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkInterfaceIDs")] pub network_interface_i_ds: Option>, /// The ID of the Amazon Web Services account that owns the endpoint. diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcs.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcs.rs index f3bbfa563..00e285acd 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcs.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcs.rs @@ -116,7 +116,7 @@ pub struct VPCStatus { /// Information about the IPv4 CIDR blocks associated with the VPC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cidrBlockAssociationSet")] pub cidr_block_association_set: Option>, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/pullthroughcacherules.rs b/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/pullthroughcacherules.rs index b9ab60b6c..4b7695825 100644 --- a/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/pullthroughcacherules.rs +++ b/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/pullthroughcacherules.rs @@ -30,7 +30,20 @@ pub struct PullThroughCacheRuleSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "registryID")] pub registry_id: Option, /// The registry URL of the upstream public registry to use as the source for - /// the pull through cache rule. + /// the pull through cache rule. The following is the syntax to use for each + /// supported upstream registry. + /// + /// * Amazon ECR Public (ecr-public) - public.ecr.aws + /// + /// * Docker Hub (docker-hub) - registry-1.docker.io + /// + /// * Quay (quay) - quay.io + /// + /// * Kubernetes (k8s) - registry.k8s.io + /// + /// * GitHub Container Registry (github-container-registry) - ghcr.io + /// + /// * Microsoft Azure Container Registry (azure-container-registry) - .azurecr.io #[serde(rename = "upstreamRegistryURL")] pub upstream_registry_url: String, } @@ -43,7 +56,7 @@ pub struct PullThroughCacheRuleStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/repositories.rs b/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/repositories.rs index 22ad7c749..31decb731 100644 --- a/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/repositories.rs +++ b/kube-custom-resources-rs/src/ecr_services_k8s_aws/v1alpha1/repositories.rs @@ -41,6 +41,9 @@ pub struct RepositorySpec { /// The name to use for the repository. The repository name may be specified /// on its own (such as nginx-web-app) or it can be prepended with a namespace /// to group the repository into a category (such as project-a/nginx-web-app). + /// + /// The repository name must start with a letter and can only contain lowercase + /// letters, numbers, hyphens, underscores, and forward slashes. pub name: String, /// The JSON repository policy text to apply to the repository. For more information, /// see Amazon ECR repository policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) @@ -98,7 +101,7 @@ pub struct RepositoryStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs index 938972ba7..62f71feb3 100644 --- a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs +++ b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs @@ -172,7 +172,7 @@ pub struct AccessPointStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs index 91baab68e..9cfc36f66 100644 --- a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs +++ b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs @@ -19,10 +19,10 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct FileSystemSpec { - /// Used to create a One Zone file system. It specifies the Amazon Web Services - /// Availability Zone in which to create the file system. Use the format us-east-1a - /// to specify the Availability Zone. For more information about One Zone file - /// systems, see Using EFS storage classes (https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) + /// For One Zone file systems, specify the Amazon Web Services Availability Zone + /// in which to create the file system. Use the format us-east-1a to specify + /// the Availability Zone. For more information about One Zone file systems, + /// see EFS file system types (https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) /// in the Amazon EFS User Guide. /// /// One Zone file systems are not available in all Availability Zones in Amazon @@ -85,8 +85,8 @@ pub struct FileSystemSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyRef")] pub kms_key_ref: Option, /// An array of LifecyclePolicy objects that define the file system's LifecycleConfiguration - /// object. A LifecycleConfiguration object informs EFS Lifecycle management - /// of the following: + /// object. A LifecycleConfiguration object informs lifecycle management of the + /// following: /// /// * TransitionToIA – When to move files in the file system from primary /// storage (Standard storage class) into the Infrequent Access (IA) storage. @@ -96,8 +96,8 @@ pub struct FileSystemSpec { /// storage. File systems cannot transition into Archive storage before transitioning /// into IA storage. Therefore, TransitionToArchive must either not be set /// or must be later than TransitionToIA. The Archive storage class is available - /// only for file systems that use the Elastic Throughput mode and the General - /// Purpose Performance mode. + /// only for file systems that use the Elastic throughput mode and the General + /// Purpose performance mode. /// /// * TransitionToPrimaryStorageClass – Whether to move files in the file /// system back to primary storage (Standard storage class) after they are @@ -111,7 +111,7 @@ pub struct FileSystemSpec { /// for more information. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lifecyclePolicies")] pub lifecycle_policies: Option>, - /// The Performance mode of the file system. We recommend generalPurpose performance + /// The performance mode of the file system. We recommend generalPurpose performance /// mode for all file systems. File systems using the maxIO performance mode /// can scale to higher levels of aggregate throughput and operations per second /// with a tradeoff of slightly higher latencies for most file operations. The @@ -126,8 +126,8 @@ pub struct FileSystemSpec { pub performance_mode: Option, /// The FileSystemPolicy that you're creating. Accepts a JSON formatted policy /// definition. EFS file system policies have a 20,000 character limit. To find - /// out more about the elements that make up a file system policy, see EFS Resource-based - /// Policies (https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies). + /// out more about the elements that make up a file system policy, see Resource-based + /// policies within Amazon EFS (https://docs.aws.amazon.com/efs/latest/ug/security_iam_service-with-iam.html#security_iam_service-with-iam-resource-based-policies). #[serde(default, skip_serializing_if = "Option::is_none")] pub policy: Option, /// The throughput, measured in mebibytes per second (MiBps), that you want to @@ -197,7 +197,7 @@ pub struct FileSystemKmsKeyRefFrom { pub namespace: Option, } -/// Describes a policy used by Lifecycle management that specifies when to transition +/// Describes a policy used by lifecycle management that specifies when to transition /// files into and out of storage classes. For more information, see Managing /// file system storage (https://docs.aws.amazon.com/efs/latest/ug/lifecycle-management-efs.html). /// @@ -242,7 +242,7 @@ pub struct FileSystemStatus { /// account. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availabilityZoneID")] pub availability_zone_id: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs index eae41d526..f01c08577 100644 --- a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs +++ b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs @@ -150,7 +150,7 @@ pub struct MountTargetStatus { /// Services account. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availabilityZoneName")] pub availability_zone_name: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs index 9250d2669..323a505ee 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs @@ -27,7 +27,7 @@ pub struct AddonSpec { /// by DescribeAddonVersions (https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "addonVersion")] pub addon_version: Option, - /// A unique, case-sensitive identifier that you provide to ensure the idempotency + /// A unique, case-sensitive identifier that you provide to ensurethe idempotency /// of the request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientRequestToken")] pub client_request_token: Option, @@ -184,7 +184,7 @@ pub struct AddonStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs index 98c167e5e..142ebc85d 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs @@ -34,10 +34,16 @@ pub struct ClusterSpec { /// or self-manage the default networking add-ons. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrapSelfManagedAddons")] pub bootstrap_self_managed_addons: Option, - /// A unique, case-sensitive identifier that you provide to ensure the idempotency + /// A unique, case-sensitive identifier that you provide to ensurethe idempotency /// of the request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientRequestToken")] pub client_request_token: Option, + /// Enable or disable the compute capability of EKS Auto Mode when creating your + /// EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode + /// will create and delete EC2 Managed Instances in your Amazon Web Services + /// account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "computeConfig")] + pub compute_config: Option, /// The encryption configuration for the cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "encryptionConfig")] pub encryption_config: Option>, @@ -55,7 +61,11 @@ pub struct ClusterSpec { /// (http://aws.amazon.com/cloudwatch/pricing/). #[serde(default, skip_serializing_if = "Option::is_none")] pub logging: Option, - /// The unique name to give to your cluster. + /// The unique name to give to your cluster. The name can contain only alphanumeric + /// characters (case-sensitive),hyphens, and underscores. It must start with + /// an alphanumeric character and can't be longer than100 characters. The name + /// must be unique within the Amazon Web Services Region and Amazon Web Services + /// account that you're creating the cluster in. pub name: String, /// An object representing the configuration of your local Amazon EKS cluster /// on an Amazon Web Services Outpost. Before creating a local cluster on an @@ -65,6 +75,10 @@ pub struct ClusterSpec { /// EKS clusters on the Amazon Web Services cloud. #[serde(default, skip_serializing_if = "Option::is_none", rename = "outpostConfig")] pub outpost_config: Option, + /// The configuration in the cluster for EKS Hybrid Nodes. You can't change or + /// update this configuration after the cluster is created. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteNetworkConfig")] + pub remote_network_config: Option, /// The VPC configuration that's used by the cluster control plane. Amazon EKS /// VPC resources have specific requirements to work properly with Kubernetes. /// For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) @@ -90,6 +104,12 @@ pub struct ClusterSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleRef")] pub role_ref: Option, + /// Enable or disable the block storage capability of EKS Auto Mode when creating + /// your EKS Auto Mode cluster. If the block storage capability is enabled, EKS + /// Auto Mode will create and delete EBS volumes in your Amazon Web Services + /// account. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageConfig")] + pub storage_config: Option, /// Metadata that assists with categorization and organization. Each tag consists /// of a key and an optional value. You define both. Tags don't propagate to /// any other cluster or Amazon Web Services resources. @@ -105,6 +125,25 @@ pub struct ClusterSpec { /// The default version might not be the latest version available. #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, + /// Enable or disable ARC zonal shift for the cluster. If zonal shift is enabled, + /// Amazon Web Services configures zonal autoshift for the cluster. + /// + /// Zonal shift is a feature of Amazon Application Recovery Controller (ARC). + /// ARC zonal shift is designed to be a temporary measure that allows you to + /// move traffic for a resource away from an impaired AZ until the zonal shift + /// expires or you cancel it. You can extend the zonal shift if necessary. + /// + /// You can start a zonal shift for an EKS cluster, or you can allow Amazon Web + /// Services to do it for you by enabling zonal autoshift. This shift updates + /// the flow of east-to-west network traffic in your cluster to only consider + /// network endpoints for Pods running on worker nodes in healthy AZs. Additionally, + /// any ALB or NLB handling ingress traffic for applications in your EKS cluster + /// will automatically route traffic to targets in the healthy AZs. For more + /// information about zonal shift in EKS, see Learn about Amazon Application + /// Recovery Controller (ARC) Zonal Shift in Amazon EKS (https://docs.aws.amazon.com/eks/latest/userguide/zone-shift.html) + /// in the Amazon EKS User Guide . + #[serde(default, skip_serializing_if = "Option::is_none", rename = "zonalShiftConfig")] + pub zonal_shift_config: Option, } /// The access configuration for the cluster. @@ -116,6 +155,20 @@ pub struct ClusterAccessConfig { pub bootstrap_cluster_creator_admin_permissions: Option, } +/// Enable or disable the compute capability of EKS Auto Mode when creating your +/// EKS Auto Mode cluster. If the compute capability is enabled, EKS Auto Mode +/// will create and delete EC2 Managed Instances in your Amazon Web Services +/// account +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComputeConfig { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePools")] + pub node_pools: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeRoleARN")] + pub node_role_arn: Option, +} + /// The encryption configuration for the cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterEncryptionConfig { @@ -158,12 +211,28 @@ pub struct ClusterEncryptionConfigProviderKeyRefFrom { /// The Kubernetes network configuration for the cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterKubernetesNetworkConfig { + /// Indicates the current configuration of the load balancing capability on your + /// EKS Auto Mode cluster. For example, if the capability is enabled or disabled. + /// For more information, see EKS Auto Mode load balancing capability in the + /// EKS User Guide. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticLoadBalancing")] + pub elastic_load_balancing: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipFamily")] pub ip_family: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceIPv4CIDR")] pub service_i_pv4_cidr: Option, } +/// Indicates the current configuration of the load balancing capability on your +/// EKS Auto Mode cluster. For example, if the capability is enabled or disabled. +/// For more information, see EKS Auto Mode load balancing capability in the +/// EKS User Guide. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterKubernetesNetworkConfigElasticLoadBalancing { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// Enable or disable exporting the Kubernetes control plane logs for your cluster /// to CloudWatch Logs. By default, cluster control plane logs aren't exported /// to CloudWatch Logs. For more information, see Amazon EKS Cluster control @@ -219,6 +288,31 @@ pub struct ClusterOutpostConfigControlPlanePlacement { pub group_name: Option, } +/// The configuration in the cluster for EKS Hybrid Nodes. You can't change or +/// update this configuration after the cluster is created. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterRemoteNetworkConfig { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteNodeNetworks")] + pub remote_node_networks: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "remotePodNetworks")] + pub remote_pod_networks: Option>, +} + +/// A network CIDR that can contain hybrid nodes. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterRemoteNetworkConfigRemoteNodeNetworks { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidrs: Option>, +} + +/// A network CIDR that can contain pods that run Kubernetes webhooks on hybrid +/// nodes. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterRemoteNetworkConfigRemotePodNetworks { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidrs: Option>, +} + /// The VPC configuration that's used by the cluster control plane. Amazon EKS /// VPC resources have specific requirements to work properly with Kubernetes. /// For more information, see Cluster VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) @@ -321,6 +415,32 @@ pub struct ClusterRoleRefFrom { pub namespace: Option, } +/// Enable or disable the block storage capability of EKS Auto Mode when creating +/// your EKS Auto Mode cluster. If the block storage capability is enabled, EKS +/// Auto Mode will create and delete EBS volumes in your Amazon Web Services +/// account. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterStorageConfig { + /// Indicates the current configuration of the block storage capability on your + /// EKS Auto Mode cluster. For example, if the capability is enabled or disabled. + /// If the block storage capability is enabled, EKS Auto Mode will create and + /// delete EBS volumes in your Amazon Web Services account. For more information, + /// see EKS Auto Mode block storage capability in the EKS User Guide. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "blockStorage")] + pub block_storage: Option, +} + +/// Indicates the current configuration of the block storage capability on your +/// EKS Auto Mode cluster. For example, if the capability is enabled or disabled. +/// If the block storage capability is enabled, EKS Auto Mode will create and +/// delete EBS volumes in your Amazon Web Services account. For more information, +/// see EKS Auto Mode block storage capability in the EKS User Guide. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterStorageConfigBlockStorage { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// New clusters, by default, have extended support enabled. You can disable /// extended support when creating a cluster by setting this value to STANDARD. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -329,6 +449,29 @@ pub struct ClusterUpgradePolicy { pub support_type: Option, } +/// Enable or disable ARC zonal shift for the cluster. If zonal shift is enabled, +/// Amazon Web Services configures zonal autoshift for the cluster. +/// +/// Zonal shift is a feature of Amazon Application Recovery Controller (ARC). +/// ARC zonal shift is designed to be a temporary measure that allows you to +/// move traffic for a resource away from an impaired AZ until the zonal shift +/// expires or you cancel it. You can extend the zonal shift if necessary. +/// +/// You can start a zonal shift for an EKS cluster, or you can allow Amazon Web +/// Services to do it for you by enabling zonal autoshift. This shift updates +/// the flow of east-to-west network traffic in your cluster to only consider +/// network endpoints for Pods running on worker nodes in healthy AZs. Additionally, +/// any ALB or NLB handling ingress traffic for applications in your EKS cluster +/// will automatically route traffic to targets in the healthy AZs. For more +/// information about zonal shift in EKS, see Learn about Amazon Application +/// Recovery Controller (ARC) Zonal Shift in Amazon EKS (https://docs.aws.amazon.com/eks/latest/userguide/zone-shift.html) +/// in the Amazon EKS User Guide . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterZonalShiftConfig { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// ClusterStatus defines the observed state of Cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterStatus { @@ -340,7 +483,7 @@ pub struct ClusterStatus { /// The certificate-authority-data for your cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateAuthority")] pub certificate_authority: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs index a7f153b66..97ed3522c 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs @@ -22,7 +22,7 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct FargateProfileSpec { - /// A unique, case-sensitive identifier that you provide to ensure the idempotency + /// A unique, case-sensitive identifier that you provide to ensurethe idempotency /// of the request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientRequestToken")] pub client_request_token: Option, @@ -169,7 +169,7 @@ pub struct FargateProfileStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs index 2fdf6fd21..669d285f5 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs @@ -34,7 +34,7 @@ pub struct NodegroupSpec { /// The capacity type for your node group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "capacityType")] pub capacity_type: Option, - /// A unique, case-sensitive identifier that you provide to ensure the idempotency + /// A unique, case-sensitive identifier that you provide to ensurethe idempotency /// of the request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientRequestToken")] pub client_request_token: Option, @@ -345,7 +345,7 @@ pub struct NodegroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cacheparametergroups.rs b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cacheparametergroups.rs index 29ebb0cde..ff69882be 100644 --- a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cacheparametergroups.rs +++ b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cacheparametergroups.rs @@ -12,7 +12,6 @@ use self::prelude::*; /// CacheParameterGroupSpec defines the desired state of CacheParameterGroup. /// -/// /// Represents the output of a CreateCacheParameterGroup operation. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "elasticache.services.k8s.aws", version = "v1alpha1", kind = "CacheParameterGroup", plural = "cacheparametergroups")] @@ -25,9 +24,8 @@ pub struct CacheParameterGroupSpec { /// The name of the cache parameter group family that the cache parameter group /// can be used with. /// - /// /// Valid values are: memcached1.4 | memcached1.5 | memcached1.6 | redis2.6 | - /// redis2.8 | redis3.2 | redis4.0 | redis5.0 | redis6.x + /// redis2.8 | redis3.2 | redis4.0 | redis5.0 | redis6.x | redis7 #[serde(rename = "cacheParameterGroupFamily")] pub cache_parameter_group_family: String, /// A user-specified name for the cache parameter group. @@ -77,7 +75,7 @@ pub struct CacheParameterGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -106,7 +104,6 @@ pub struct CacheParameterGroupStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cachesubnetgroups.rs b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cachesubnetgroups.rs index e65ce410d..a098596a4 100644 --- a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cachesubnetgroups.rs +++ b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/cachesubnetgroups.rs @@ -12,13 +12,10 @@ use self::prelude::*; /// CacheSubnetGroupSpec defines the desired state of CacheSubnetGroup. /// -/// /// Represents the output of one of the following operations: /// -/// /// * CreateCacheSubnetGroup /// -/// /// * ModifyCacheSubnetGroup #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "elasticache.services.k8s.aws", version = "v1alpha1", kind = "CacheSubnetGroup", plural = "cachesubnetgroups")] @@ -33,10 +30,8 @@ pub struct CacheSubnetGroupSpec { pub cache_subnet_group_description: String, /// A name for the cache subnet group. This value is stored as a lowercase string. /// - /// /// Constraints: Must contain no more than 255 alphanumeric characters or hyphens. /// - /// /// Example: mysubnetgroup #[serde(rename = "cacheSubnetGroupName")] pub cache_subnet_group_name: String, @@ -56,7 +51,6 @@ pub struct CacheSubnetGroupSpec { /// Ex: /// APIIDRef: /// -/// /// from: /// name: my-api #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -73,6 +67,8 @@ pub struct CacheSubnetGroupSubnetRefs { pub struct CacheSubnetGroupSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// A tag that can be added to an ElastiCache cluster or replication group. Tags @@ -97,7 +93,7 @@ pub struct CacheSubnetGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -127,7 +123,6 @@ pub struct CacheSubnetGroupStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/replicationgroups.rs b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/replicationgroups.rs index b3756ea71..acbbff4b6 100644 --- a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/replicationgroups.rs +++ b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/replicationgroups.rs @@ -12,8 +12,8 @@ use self::prelude::*; /// ReplicationGroupSpec defines the desired state of ReplicationGroup. /// -/// -/// Contains all of the attributes of a specific Redis replication group. +/// Contains all of the attributes of a specific Valkey or Redis OSS replication +/// group. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "elasticache.services.k8s.aws", version = "v1alpha1", kind = "ReplicationGroup", plural = "replicationgroups")] #[kube(namespaced)] @@ -24,141 +24,114 @@ use self::prelude::*; pub struct ReplicationGroupSpec { /// A flag that enables encryption at rest when set to true. /// - /// /// You cannot modify the value of AtRestEncryptionEnabled after the replication /// group is created. To enable encryption at rest on a replication group you /// must set AtRestEncryptionEnabled to true when you create the replication /// group. /// - /// /// Required: Only available when creating a replication group in an Amazon VPC - /// using redis version 3.2.6, 4.x or later. - /// + /// using Redis OSS version 3.2.6, 4.x or later. /// /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "atRestEncryptionEnabled")] pub at_rest_encryption_enabled: Option, /// Reserved parameter. The password used to access a password protected server. /// - /// /// AuthToken can be specified only on replication groups where TransitEncryptionEnabled /// is true. /// - /// /// For HIPAA compliance, you must specify TransitEncryptionEnabled as true, /// an AuthToken, and a CacheSubnetGroup. /// - /// /// Password constraints: /// - /// /// * Must be only printable ASCII characters. /// - /// /// * Must be at least 16 characters and no more than 128 characters in length. - /// - /// - /// * The only permitted printable special characters are !, &, #, $, ^, <, - /// >, and -. Other printable special characters cannot be used in the AUTH - /// token. - /// - /// - /// For more information, see AUTH password (http://redis.io/commands/AUTH) at - /// http://redis.io/commands/AUTH. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authToken")] pub auth_token: Option, /// Specifies whether a read-only replica is automatically promoted to read/write /// primary if the existing primary fails. /// - /// - /// AutomaticFailoverEnabled must be enabled for Redis (cluster mode enabled) - /// replication groups. - /// + /// AutomaticFailoverEnabled must be enabled for Valkey or Redis OSS (cluster + /// mode enabled) replication groups. /// /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "automaticFailoverEnabled")] pub automatic_failover_enabled: Option, /// The compute and memory capacity of the nodes in the node group (shard). /// - /// /// The following node types are supported by ElastiCache. Generally speaking, /// the current generation types provide more memory and computational power /// at lower cost when compared to their equivalent previous generation counterparts. /// - /// - /// * General purpose: Current generation: M6g node types (available only - /// for Redis engine version 5.0.6 onward and for Memcached engine version - /// 1.5.16 onward): cache.m6g.large, cache.m6g.xlarge, cache.m6g.2xlarge, - /// cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, cache.m6g.16xlarge - /// For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) - /// M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, cache.m5.4xlarge, - /// cache.m5.12xlarge, cache.m5.24xlarge M4 node types: cache.m4.large, cache.m4.xlarge, - /// cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge T4g node types (available - /// only for Redis engine version 5.0.6 onward and Memcached engine version - /// 1.5.16 onward): cache.t4g.micro, cache.t4g.small, cache.t4g.medium T3 - /// node types: cache.t3.micro, cache.t3.small, cache.t3.medium T2 node types: - /// cache.t2.micro, cache.t2.small, cache.t2.medium Previous generation: (not - /// recommended. Existing clusters are still supported but creation of new - /// clusters is not supported for these types.) T1 node types: cache.t1.micro - /// M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, cache.m1.xlarge - /// M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, cache.m3.2xlarge - /// + /// * General purpose: Current generation: M7g node types: cache.m7g.large, + /// cache.m7g.xlarge, cache.m7g.2xlarge, cache.m7g.4xlarge, cache.m7g.8xlarge, + /// cache.m7g.12xlarge, cache.m7g.16xlarge For region availability, see Supported + /// Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) + /// M6g node types (available only for Redis OSS engine version 5.0.6 onward + /// and for Memcached engine version 1.5.16 onward): cache.m6g.large, cache.m6g.xlarge, + /// cache.m6g.2xlarge, cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, + /// cache.m6g.16xlarge M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, + /// cache.m5.4xlarge, cache.m5.12xlarge, cache.m5.24xlarge M4 node types: + /// cache.m4.large, cache.m4.xlarge, cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge + /// T4g node types (available only for Redis OSS engine version 5.0.6 onward + /// and Memcached engine version 1.5.16 onward): cache.t4g.micro, cache.t4g.small, + /// cache.t4g.medium T3 node types: cache.t3.micro, cache.t3.small, cache.t3.medium + /// T2 node types: cache.t2.micro, cache.t2.small, cache.t2.medium Previous + /// generation: (not recommended. Existing clusters are still supported but + /// creation of new clusters is not supported for these types.) T1 node types: + /// cache.t1.micro M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, + /// cache.m1.xlarge M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, + /// cache.m3.2xlarge /// /// * Compute optimized: Previous generation: (not recommended. Existing clusters /// are still supported but creation of new clusters is not supported for /// these types.) C1 node types: cache.c1.xlarge /// - /// - /// * Memory optimized with data tiering: Current generation: R6gd node types - /// (available only for Redis engine version 6.2 onward). cache.r6gd.xlarge, - /// cache.r6gd.2xlarge, cache.r6gd.4xlarge, cache.r6gd.8xlarge, cache.r6gd.12xlarge, - /// cache.r6gd.16xlarge - /// - /// - /// * Memory optimized: Current generation: R6g node types (available only - /// for Redis engine version 5.0.6 onward and for Memcached engine version - /// 1.5.16 onward). cache.r6g.large, cache.r6g.xlarge, cache.r6g.2xlarge, - /// cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, cache.r6g.16xlarge - /// For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) - /// R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, cache.r5.4xlarge, - /// cache.r5.12xlarge, cache.r5.24xlarge R4 node types: cache.r4.large, cache.r4.xlarge, - /// cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, cache.r4.16xlarge - /// Previous generation: (not recommended. Existing clusters are still supported - /// but creation of new clusters is not supported for these types.) M2 node - /// types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge R3 node types: - /// cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, cache.r3.8xlarge - /// + /// * Memory optimized: Current generation: R7g node types: cache.r7g.large, + /// cache.r7g.xlarge, cache.r7g.2xlarge, cache.r7g.4xlarge, cache.r7g.8xlarge, + /// cache.r7g.12xlarge, cache.r7g.16xlarge For region availability, see Supported + /// Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) + /// R6g node types (available only for Redis OSS engine version 5.0.6 onward + /// and for Memcached engine version 1.5.16 onward): cache.r6g.large, cache.r6g.xlarge, + /// cache.r6g.2xlarge, cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, + /// cache.r6g.16xlarge R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, + /// cache.r5.4xlarge, cache.r5.12xlarge, cache.r5.24xlarge R4 node types: + /// cache.r4.large, cache.r4.xlarge, cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, + /// cache.r4.16xlarge Previous generation: (not recommended. Existing clusters + /// are still supported but creation of new clusters is not supported for + /// these types.) M2 node types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge + /// R3 node types: cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, + /// cache.r3.8xlarge /// /// Additional node type info /// - /// /// * All current generation instance types are created in Amazon VPC by default. /// + /// * Valkey or Redis OSS append-only files (AOF) are not supported for T1 + /// or T2 instances. /// - /// * Redis append-only files (AOF) are not supported for T1 or T2 instances. + /// * Valkey or Redis OSS Multi-AZ with automatic failover is not supported + /// on T1 instances. /// - /// - /// * Redis Multi-AZ with automatic failover is not supported on T1 instances. - /// - /// - /// * Redis configuration variables appendonly and appendfsync are not supported - /// on Redis version 2.8.22 and later. + /// * The configuration variables appendonly and appendfsync are not supported + /// on Valkey, or on Redis OSS version 2.8.22 and later. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheNodeType")] pub cache_node_type: Option, /// The name of the parameter group to associate with this replication group. /// If this argument is omitted, the default cache parameter group for the specified /// engine is used. /// + /// If you are running Valkey or Redis OSS version 3.2.4 or later, only one node + /// group (shard), and want to use a default parameter group, we recommend that + /// you specify the parameter group by name. /// - /// If you are running Redis version 3.2.4 or later, only one node group (shard), - /// and want to use a default parameter group, we recommend that you specify - /// the parameter group by name. - /// - /// - /// * To create a Redis (cluster mode disabled) replication group, use CacheParameterGroupName=default.redis3.2. - /// + /// * To create a Valkey or Redis OSS (cluster mode disabled) replication + /// group, use CacheParameterGroupName=default.redis3.2. /// - /// * To create a Redis (cluster mode enabled) replication group, use CacheParameterGroupName=default.redis3.2.cluster.on. + /// * To create a Valkey or Redis OSS (cluster mode enabled) replication group, + /// use CacheParameterGroupName=default.redis3.2.cluster.on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheParameterGroupName")] pub cache_parameter_group_name: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -166,7 +139,6 @@ pub struct ReplicationGroupSpec { /// Ex: /// APIIDRef: /// - /// /// from: /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheParameterGroupRef")] @@ -176,10 +148,9 @@ pub struct ReplicationGroupSpec { pub cache_security_group_names: Option>, /// The name of the cache subnet group to be used for the replication group. /// - /// /// If you're going to launch your cluster in an Amazon VPC, you need to create /// a subnet group before you start creating a cluster. For more information, - /// see Subnets and Subnet Groups (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SubnetGroups.html). + /// see Subnets and Subnet Groups (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SubnetGroups.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSubnetGroupName")] pub cache_subnet_group_name: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -187,29 +158,27 @@ pub struct ReplicationGroupSpec { /// Ex: /// APIIDRef: /// - /// /// from: /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSubnetGroupRef")] pub cache_subnet_group_ref: Option, /// Enables data tiering. Data tiering is only supported for replication groups /// using the r6gd node type. This parameter must be set to true when using r6gd - /// nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html). + /// nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataTieringEnabled")] pub data_tiering_enabled: Option, /// A user-created description for the replication group. pub description: String, /// The name of the cache engine to be used for the clusters in this replication - /// group. Must be Redis. + /// group. The value must be set to Redis. #[serde(default, skip_serializing_if = "Option::is_none")] pub engine: Option, /// The version number of the cache engine to be used for the clusters in this /// replication group. To view the supported cache engine versions, use the DescribeCacheEngineVersions /// operation. /// - /// /// Important: You can upgrade to a newer engine version (see Selecting a Cache - /// Engine and Version (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html#VersionManagement)) + /// Engine and Version (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/SelectEngine.html#VersionManagement)) /// in the ElastiCache User Guide, but you cannot downgrade to an earlier engine /// version. If you want to use an earlier engine version, you must delete the /// existing cluster or replication group and create it anew with the earlier @@ -223,33 +192,31 @@ pub struct ReplicationGroupSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "logDeliveryConfigurations")] pub log_delivery_configurations: Option>, /// A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. - /// For more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html). + /// For more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiAZEnabled")] pub multi_az_enabled: Option, /// A list of node group (shard) configuration options. Each node group (shard) /// configuration has the following members: PrimaryAvailabilityZone, ReplicaAvailabilityZones, /// ReplicaCount, and Slots. /// - /// - /// If you're creating a Redis (cluster mode disabled) or a Redis (cluster mode - /// enabled) replication group, you can use this parameter to individually configure - /// each node group (shard), or you can omit this parameter. However, it is required - /// when seeding a Redis (cluster mode enabled) cluster from a S3 rdb file. You - /// must configure each node group (shard) using this parameter because you must - /// specify the slots for each node group. + /// If you're creating a Valkey or Redis OSS (cluster mode disabled) or a Valkey + /// or Redis OSS (cluster mode enabled) replication group, you can use this parameter + /// to individually configure each node group (shard), or you can omit this parameter. + /// However, it is required when seeding a Valkey or Redis OSS (cluster mode + /// enabled) cluster from a S3 rdb file. You must configure each node group (shard) + /// using this parameter because you must specify the slots for each node group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeGroupConfiguration")] pub node_group_configuration: Option>, /// The Amazon Resource Name (ARN) of the Amazon Simple Notification Service /// (SNS) topic to which notifications are sent. /// - /// /// The Amazon SNS topic owner must be the same as the cluster owner. #[serde(default, skip_serializing_if = "Option::is_none", rename = "notificationTopicARN")] pub notification_topic_arn: Option, /// An optional parameter that specifies the number of node groups (shards) for - /// this Redis (cluster mode enabled) replication group. For Redis (cluster mode - /// disabled) either omit this parameter or set it to 1. - /// + /// this Valkey or Redis OSS (cluster mode enabled) replication group. For Valkey + /// or Redis OSS (cluster mode disabled) either omit this parameter or set it + /// to 1. /// /// Default: 1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "numNodeGroups")] @@ -262,64 +229,44 @@ pub struct ReplicationGroupSpec { /// in which clusters are allocated. The primary cluster is created in the first /// AZ in the list. /// - /// /// This parameter is not used if there is more than one node group (shard). /// You should use NodeGroupConfiguration instead. /// - /// /// If you are creating your replication group in an Amazon VPC (recommended), /// you can only locate clusters in Availability Zones associated with the subnets /// in the selected subnet group. /// - /// /// The number of Availability Zones listed must equal the value of NumCacheClusters. /// - /// /// Default: system chosen Availability Zones. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredCacheClusterAZs")] pub preferred_cache_cluster_a_zs: Option>, /// Specifies the weekly time range during which maintenance on the cluster is /// performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi - /// (24H Clock UTC). The minimum maintenance window is a 60 minute period. Valid - /// values for ddd are: - /// - /// - /// Specifies the weekly time range during which maintenance on the cluster is - /// performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi /// (24H Clock UTC). The minimum maintenance window is a 60 minute period. /// - /// /// Valid values for ddd are: /// - /// /// * sun /// - /// /// * mon /// - /// /// * tue /// - /// /// * wed /// - /// /// * thu /// - /// /// * fri /// - /// /// * sat /// - /// /// Example: sun:23:00-mon:01:30 #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredMaintenanceWindow")] pub preferred_maintenance_window: Option, /// The identifier of the cluster that serves as the primary for this replication /// group. This cluster must already exist and have a status of available. /// - /// /// This parameter is not required if NumCacheClusters, NumNodeGroups, or ReplicasPerNodeGroup /// is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "primaryClusterID")] @@ -331,36 +278,30 @@ pub struct ReplicationGroupSpec { /// The replication group identifier. This parameter is stored as a lowercase /// string. /// - /// /// Constraints: /// - /// /// * A name must contain from 1 to 40 alphanumeric characters or hyphens. /// - /// /// * The first character must be a letter. /// - /// /// * A name cannot end with a hyphen or contain two consecutive hyphens. #[serde(rename = "replicationGroupID")] pub replication_group_id: String, /// One or more Amazon VPC security groups associated with this replication group. /// - /// /// Use this parameter only when you are creating a replication group in an Amazon /// Virtual Private Cloud (Amazon VPC). #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIDs")] pub security_group_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupRefs")] pub security_group_refs: Option>, - /// A list of Amazon Resource Names (ARN) that uniquely identify the Redis RDB - /// snapshot files stored in Amazon S3. The snapshot files are used to populate - /// the new replication group. The Amazon S3 object name in the ARN cannot contain - /// any commas. The new replication group will have the number of node groups - /// (console: shards) specified by the parameter NumNodeGroups or the number - /// of node groups configured by NodeGroupConfiguration regardless of the number - /// of ARNs specified here. - /// + /// A list of Amazon Resource Names (ARN) that uniquely identify the Valkey or + /// Redis OSS RDB snapshot files stored in Amazon S3. The snapshot files are + /// used to populate the new replication group. The Amazon S3 object name in + /// the ARN cannot contain any commas. The new replication group will have the + /// number of node groups (console: shards) specified by the parameter NumNodeGroups + /// or the number of node groups configured by NodeGroupConfiguration regardless + /// of the number of ARNs specified here. /// /// Example of an Amazon S3 ARN: arn:aws:s3:::my_bucket/snapshot1.rdb #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotARNs")] @@ -374,17 +315,14 @@ pub struct ReplicationGroupSpec { /// deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot /// that was taken today is retained for 5 days before being deleted. /// - /// /// Default: 0 (i.e., automatic backups are disabled for this cluster). #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotRetentionLimit")] pub snapshot_retention_limit: Option, /// The daily time range (in UTC) during which ElastiCache begins taking a daily /// snapshot of your node group (shard). /// - /// /// Example: 05:00-09:00 /// - /// /// If you do not specify this parameter, ElastiCache automatically chooses an /// appropriate time range. #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotWindow")] @@ -397,27 +335,17 @@ pub struct ReplicationGroupSpec { pub tags: Option>, /// A flag that enables in-transit encryption when set to true. /// - /// - /// You cannot modify the value of TransitEncryptionEnabled after the cluster - /// is created. To enable in-transit encryption on a cluster you must set TransitEncryptionEnabled - /// to true when you create a cluster. - /// - /// /// This parameter is valid only if the Engine parameter is redis, the EngineVersion /// parameter is 3.2.6, 4.x or later, and the cluster is being created in an /// Amazon VPC. /// - /// /// If you enable in-transit encryption, you must also specify a value for CacheSubnetGroup. /// - /// /// Required: Only available when creating a replication group in an Amazon VPC - /// using redis version 3.2.6, 4.x or later. - /// + /// using Redis OSS version 3.2.6, 4.x or later. /// /// Default: false /// - /// /// For HIPAA compliance, you must specify TransitEncryptionEnabled as true, /// an AuthToken, and a CacheSubnetGroup. #[serde(default, skip_serializing_if = "Option::is_none", rename = "transitEncryptionEnabled")] @@ -429,31 +357,17 @@ pub struct ReplicationGroupSpec { /// Reserved parameter. The password used to access a password protected server. /// -/// /// AuthToken can be specified only on replication groups where TransitEncryptionEnabled /// is true. /// -/// /// For HIPAA compliance, you must specify TransitEncryptionEnabled as true, /// an AuthToken, and a CacheSubnetGroup. /// -/// /// Password constraints: /// -/// /// * Must be only printable ASCII characters. /// -/// /// * Must be at least 16 characters and no more than 128 characters in length. -/// -/// -/// * The only permitted printable special characters are !, &, #, $, ^, <, -/// >, and -. Other printable special characters cannot be used in the AUTH -/// token. -/// -/// -/// For more information, see AUTH password (http://redis.io/commands/AUTH) at -/// http://redis.io/commands/AUTH. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationGroupAuthToken { /// Key is the key within the secret @@ -471,7 +385,6 @@ pub struct ReplicationGroupAuthToken { /// Ex: /// APIIDRef: /// -/// /// from: /// name: my-api #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -488,6 +401,8 @@ pub struct ReplicationGroupCacheParameterGroupRef { pub struct ReplicationGroupCacheParameterGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -495,7 +410,6 @@ pub struct ReplicationGroupCacheParameterGroupRefFrom { /// Ex: /// APIIDRef: /// -/// /// from: /// name: my-api #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -512,6 +426,8 @@ pub struct ReplicationGroupCacheSubnetGroupRef { pub struct ReplicationGroupCacheSubnetGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Specifies the destination, format and type of the logs. @@ -583,7 +499,6 @@ pub struct ReplicationGroupNodeGroupConfiguration { /// Ex: /// APIIDRef: /// -/// /// from: /// name: my-api #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -600,6 +515,8 @@ pub struct ReplicationGroupSecurityGroupRefs { pub struct ReplicationGroupSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// A tag that can be added to an ElastiCache cluster or replication group. Tags @@ -625,22 +542,21 @@ pub struct ReplicationGroupStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, /// A string list, each element of which specifies a cache node type which you - /// can use to scale your cluster or replication group. When scaling down a Redis - /// cluster or replication group using ModifyCacheCluster or ModifyReplicationGroup, + /// can use to scale your cluster or replication group. When scaling down a Valkey + /// or Redis OSS cluster or replication group using ModifyCacheCluster or ModifyReplicationGroup, /// use a value from this list for the CacheNodeType parameter. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedScaleDownModifications")] pub allowed_scale_down_modifications: Option>, /// A string list, each element of which specifies a cache node type which you /// can use to scale your cluster or replication group. /// - /// - /// When scaling up a Redis cluster or replication group using ModifyCacheCluster - /// or ModifyReplicationGroup, use a value from this list for the CacheNodeType - /// parameter. + /// When scaling up a Valkey or Redis OSS cluster or replication group using + /// ModifyCacheCluster or ModifyReplicationGroup, use a value from this list + /// for the CacheNodeType parameter. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedScaleUpModifications")] pub allowed_scale_up_modifications: Option>, - /// A flag that enables using an AuthToken (password) when issuing Redis commands. - /// + /// A flag that enables using an AuthToken (password) when issuing Valkey or + /// Redis OSS commands. /// /// Default: false #[serde(default, skip_serializing_if = "Option::is_none", rename = "authTokenEnabled")] @@ -648,23 +564,23 @@ pub struct ReplicationGroupStatus { /// The date the auth token was last modified #[serde(default, skip_serializing_if = "Option::is_none", rename = "authTokenLastModifiedDate")] pub auth_token_last_modified_date: Option, - /// If you are running Redis engine version 6.0 or later, set this parameter - /// to yes if you want to opt-in to the next auto minor version upgrade campaign. - /// This parameter is disabled for previous versions. + /// If you are running Valkey 7.2 and above, or Redis OSS engine version 6.0 + /// and above, set this parameter to yes if you want to opt-in to the next auto + /// minor version upgrade campaign. This parameter is disabled for previous versions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoMinorVersionUpgrade")] pub auto_minor_version_upgrade: Option, - /// Indicates the status of automatic failover for this Redis replication group. + /// Indicates the status of automatic failover for this Valkey or Redis OSS replication + /// group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "automaticFailover")] pub automatic_failover: Option, /// A flag indicating whether or not this replication group is cluster enabled; /// i.e., whether its data can be partitioned across multiple shards (API/CLI: /// node groups). /// - /// /// Valid values: true | false #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterEnabled")] pub cluster_enabled: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -676,7 +592,7 @@ pub struct ReplicationGroupStatus { pub configuration_endpoint: Option, /// Enables data tiering. Data tiering is only supported for replication groups /// using the r6gd node type. This parameter must be set to true when using r6gd - /// nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html). + /// nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataTiering")] pub data_tiering: Option, /// A list of events. Each element in the list contains detailed information @@ -697,13 +613,13 @@ pub struct ReplicationGroupStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "memberClustersOutpostARNs")] pub member_clusters_outpost_ar_ns: Option>, /// A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. - /// For more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html) + /// For more information, see Minimizing Downtime: Multi-AZ (http://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html) #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiAZ")] pub multi_az: Option, - /// A list of node groups in this replication group. For Redis (cluster mode - /// disabled) replication groups, this is a single-element list. For Redis (cluster - /// mode enabled) replication groups, the list contains an entry for each node - /// group (shard). + /// A list of node groups in this replication group. For Valkey or Redis OSS + /// (cluster mode disabled) replication groups, this is a single-element list. + /// For Valkey or Redis OSS (cluster mode enabled) replication groups, the list + /// contains an entry for each node group (shard). #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeGroups")] pub node_groups: Option>, /// A group of settings to be applied to the replication group, either immediately @@ -734,7 +650,6 @@ pub struct ReplicationGroupStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, @@ -836,11 +751,11 @@ pub struct ReplicationGroupStatusNodeGroups { #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeGroupMembers")] pub node_group_members: Option>, /// Represents the information required for client programs to connect to a cache - /// node. + /// node. This value is read-only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "primaryEndpoint")] pub primary_endpoint: Option, /// Represents the information required for client programs to connect to a cache - /// node. + /// node. This value is read-only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readerEndpoint")] pub reader_endpoint: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -863,13 +778,13 @@ pub struct ReplicationGroupStatusNodeGroupsNodeGroupMembers { #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredOutpostARN")] pub preferred_outpost_arn: Option, /// Represents the information required for client programs to connect to a cache - /// node. + /// node. This value is read-only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readEndpoint")] pub read_endpoint: Option, } /// Represents the information required for client programs to connect to a cache -/// node. +/// node. This value is read-only. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationGroupStatusNodeGroupsNodeGroupMembersReadEndpoint { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -879,7 +794,7 @@ pub struct ReplicationGroupStatusNodeGroupsNodeGroupMembersReadEndpoint { } /// Represents the information required for client programs to connect to a cache -/// node. +/// node. This value is read-only. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationGroupStatusNodeGroupsPrimaryEndpoint { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -889,7 +804,7 @@ pub struct ReplicationGroupStatusNodeGroupsPrimaryEndpoint { } /// Represents the information required for client programs to connect to a cache -/// node. +/// node. This value is read-only. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ReplicationGroupStatusNodeGroupsReaderEndpoint { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/snapshots.rs b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/snapshots.rs index ce96696dc..b1c0d7de4 100644 --- a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/snapshots.rs +++ b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/snapshots.rs @@ -12,9 +12,8 @@ use self::prelude::*; /// SnapshotSpec defines the desired state of Snapshot. /// -/// -/// Represents a copy of an entire Redis cluster as of the time when the snapshot -/// was taken. +/// Represents a copy of an entire Valkey or Redis OSS cluster as of the time +/// when the snapshot was taken. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "elasticache.services.k8s.aws", version = "v1alpha1", kind = "Snapshot", plural = "snapshots")] #[kube(namespaced)] @@ -68,13 +67,13 @@ pub struct SnapshotStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// If you are running Redis engine version 6.0 or later, set this parameter - /// to yes if you want to opt-in to the next auto minor version upgrade campaign. - /// This parameter is disabled for previous versions. + /// If you are running Valkey 7.2 and above or Redis OSS engine version 6.0 and + /// above, set this parameter to yes if you want to opt-in to the next auto minor + /// version upgrade campaign. This parameter is disabled for previous versions. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoMinorVersionUpgrade")] pub auto_minor_version_upgrade: Option, - /// Indicates the status of automatic failover for the source Redis replication - /// group. + /// Indicates the status of automatic failover for the source Valkey or Redis + /// OSS replication group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "automaticFailover")] pub automatic_failover: Option, /// The date and time when the source cluster was created. @@ -82,70 +81,62 @@ pub struct SnapshotStatus { pub cache_cluster_create_time: Option, /// The name of the compute and memory capacity node type for the source cluster. /// - /// /// The following node types are supported by ElastiCache. Generally speaking, /// the current generation types provide more memory and computational power /// at lower cost when compared to their equivalent previous generation counterparts. /// - /// - /// * General purpose: Current generation: M6g node types (available only - /// for Redis engine version 5.0.6 onward and for Memcached engine version - /// 1.5.16 onward). cache.m6g.large, cache.m6g.xlarge, cache.m6g.2xlarge, - /// cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, cache.m6g.16xlarge - /// For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) - /// M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, cache.m5.4xlarge, - /// cache.m5.12xlarge, cache.m5.24xlarge M4 node types: cache.m4.large, cache.m4.xlarge, - /// cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge T4g node types (available - /// only for Redis engine version 5.0.6 onward and Memcached engine version - /// 1.5.16 onward): cache.t4g.micro, cache.t4g.small, cache.t4g.medium T3 - /// node types: cache.t3.micro, cache.t3.small, cache.t3.medium T2 node types: - /// cache.t2.micro, cache.t2.small, cache.t2.medium Previous generation: (not - /// recommended. Existing clusters are still supported but creation of new - /// clusters is not supported for these types.) T1 node types: cache.t1.micro - /// M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, cache.m1.xlarge - /// M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, cache.m3.2xlarge - /// + /// * General purpose: Current generation: M7g node types: cache.m7g.large, + /// cache.m7g.xlarge, cache.m7g.2xlarge, cache.m7g.4xlarge, cache.m7g.8xlarge, + /// cache.m7g.12xlarge, cache.m7g.16xlarge For region availability, see Supported + /// Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) + /// M6g node types (available only for Redis OSS engine version 5.0.6 onward + /// and for Memcached engine version 1.5.16 onward): cache.m6g.large, cache.m6g.xlarge, + /// cache.m6g.2xlarge, cache.m6g.4xlarge, cache.m6g.8xlarge, cache.m6g.12xlarge, + /// cache.m6g.16xlarge M5 node types: cache.m5.large, cache.m5.xlarge, cache.m5.2xlarge, + /// cache.m5.4xlarge, cache.m5.12xlarge, cache.m5.24xlarge M4 node types: + /// cache.m4.large, cache.m4.xlarge, cache.m4.2xlarge, cache.m4.4xlarge, cache.m4.10xlarge + /// T4g node types (available only for Redis OSS engine version 5.0.6 onward + /// and Memcached engine version 1.5.16 onward): cache.t4g.micro, cache.t4g.small, + /// cache.t4g.medium T3 node types: cache.t3.micro, cache.t3.small, cache.t3.medium + /// T2 node types: cache.t2.micro, cache.t2.small, cache.t2.medium Previous + /// generation: (not recommended. Existing clusters are still supported but + /// creation of new clusters is not supported for these types.) T1 node types: + /// cache.t1.micro M1 node types: cache.m1.small, cache.m1.medium, cache.m1.large, + /// cache.m1.xlarge M3 node types: cache.m3.medium, cache.m3.large, cache.m3.xlarge, + /// cache.m3.2xlarge /// /// * Compute optimized: Previous generation: (not recommended. Existing clusters /// are still supported but creation of new clusters is not supported for /// these types.) C1 node types: cache.c1.xlarge /// - /// - /// * Memory optimized with data tiering: Current generation: R6gd node types - /// (available only for Redis engine version 6.2 onward). cache.r6gd.xlarge, - /// cache.r6gd.2xlarge, cache.r6gd.4xlarge, cache.r6gd.8xlarge, cache.r6gd.12xlarge, - /// cache.r6gd.16xlarge - /// - /// - /// * Memory optimized: Current generation: R6g node types (available only - /// for Redis engine version 5.0.6 onward and for Memcached engine version - /// 1.5.16 onward). cache.r6g.large, cache.r6g.xlarge, cache.r6g.2xlarge, - /// cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, cache.r6g.16xlarge - /// For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) - /// For region availability, see Supported Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) - /// R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, cache.r5.4xlarge, - /// cache.r5.12xlarge, cache.r5.24xlarge R4 node types: cache.r4.large, cache.r4.xlarge, - /// cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, cache.r4.16xlarge - /// Previous generation: (not recommended. Existing clusters are still supported - /// but creation of new clusters is not supported for these types.) M2 node - /// types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge R3 node types: - /// cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, cache.r3.8xlarge - /// + /// * Memory optimized: Current generation: R7g node types: cache.r7g.large, + /// cache.r7g.xlarge, cache.r7g.2xlarge, cache.r7g.4xlarge, cache.r7g.8xlarge, + /// cache.r7g.12xlarge, cache.r7g.16xlarge For region availability, see Supported + /// Node Types (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion) + /// R6g node types (available only for Redis OSS engine version 5.0.6 onward + /// and for Memcached engine version 1.5.16 onward): cache.r6g.large, cache.r6g.xlarge, + /// cache.r6g.2xlarge, cache.r6g.4xlarge, cache.r6g.8xlarge, cache.r6g.12xlarge, + /// cache.r6g.16xlarge R5 node types: cache.r5.large, cache.r5.xlarge, cache.r5.2xlarge, + /// cache.r5.4xlarge, cache.r5.12xlarge, cache.r5.24xlarge R4 node types: + /// cache.r4.large, cache.r4.xlarge, cache.r4.2xlarge, cache.r4.4xlarge, cache.r4.8xlarge, + /// cache.r4.16xlarge Previous generation: (not recommended. Existing clusters + /// are still supported but creation of new clusters is not supported for + /// these types.) M2 node types: cache.m2.xlarge, cache.m2.2xlarge, cache.m2.4xlarge + /// R3 node types: cache.r3.large, cache.r3.xlarge, cache.r3.2xlarge, cache.r3.4xlarge, + /// cache.r3.8xlarge /// /// Additional node type info /// - /// /// * All current generation instance types are created in Amazon VPC by default. /// + /// * Valkey or Redis OSS append-only files (AOF) are not supported for T1 + /// or T2 instances. /// - /// * Redis append-only files (AOF) are not supported for T1 or T2 instances. - /// - /// - /// * Redis Multi-AZ with automatic failover is not supported on T1 instances. - /// + /// * Valkey or Redis OSS Multi-AZ with automatic failover is not supported + /// on T1 instances. /// - /// * Redis configuration variables appendonly and appendfsync are not supported - /// on Redis version 2.8.22 and later. + /// * The configuration variables appendonly and appendfsync are not supported + /// on Valkey, or on Redis OSS version 2.8.22 and later. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheNodeType")] pub cache_node_type: Option, /// The cache parameter group that is associated with the source cluster. @@ -154,7 +145,7 @@ pub struct SnapshotStatus { /// The name of the cache subnet group associated with the source cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cacheSubnetGroupName")] pub cache_subnet_group_name: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -162,7 +153,7 @@ pub struct SnapshotStatus { pub conditions: Option>, /// Enables data tiering. Data tiering is only supported for replication groups /// using the r6gd node type. This parameter must be set to true when using r6gd - /// nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html). + /// nodes. For more information, see Data tiering (https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/data-tiering.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataTiering")] pub data_tiering: Option, /// The name of the cache engine (memcached or redis) used by the source cluster. @@ -176,9 +167,8 @@ pub struct SnapshotStatus { pub node_snapshots: Option>, /// The number of cache nodes in the source cluster. /// - /// - /// For clusters running Redis, this value must be 1. For clusters running Memcached, - /// this value must be between 1 and 40. + /// For clusters running Valkey or Redis OSS, this value must be 1. For clusters + /// running Memcached, this value must be between 1 and 40. #[serde(default, skip_serializing_if = "Option::is_none", rename = "numCacheNodes")] pub num_cache_nodes: Option, /// The number of node groups (shards) in this snapshot. When restoring from @@ -196,31 +186,22 @@ pub struct SnapshotStatus { /// performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi /// (24H Clock UTC). The minimum maintenance window is a 60 minute period. /// - /// /// Valid values for ddd are: /// - /// /// * sun /// - /// /// * mon /// - /// /// * tue /// - /// /// * wed /// - /// /// * thu /// - /// /// * fri /// - /// /// * sat /// - /// /// Example: sun:23:00-mon:01:30 #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredMaintenanceWindow")] pub preferred_maintenance_window: Option, @@ -233,13 +214,11 @@ pub struct SnapshotStatus { /// For an automatic snapshot, the number of days for which ElastiCache retains /// the snapshot before deleting it. /// - /// /// For manual snapshots, this field reflects the SnapshotRetentionLimit for /// the source cluster when the snapshot was created. This field is otherwise /// ignored: Manual snapshots do not expire, and can only be deleted using the /// DeleteSnapshot operation. /// - /// /// Important If the value of SnapshotRetentionLimit is set to zero (0), backups /// are turned off. #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotRetentionLimit")] @@ -277,7 +256,6 @@ pub struct SnapshotStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/usergroups.rs b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/usergroups.rs index b43d35c16..6187ea2c5 100644 --- a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/usergroups.rs +++ b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/usergroups.rs @@ -18,10 +18,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct UserGroupSpec { - /// The current supported value is Redis. + /// The current supported value is Redis user. pub engine: String, /// A list of tags to be added to this resource. A tag is a key-value pair. A - /// tag key must be accompanied by a tag value, although null is accepted. + /// tag key must be accompanied by a tag value, although null is accepted. Available + /// for Valkey and Redis OSS only. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, /// The ID of the user group. @@ -54,13 +55,13 @@ pub struct UserGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The minimum engine version required, which is Redis 6.0 + /// The minimum engine version required, which is Redis OSS 6.0 #[serde(default, skip_serializing_if = "Option::is_none", rename = "minimumEngineVersion")] pub minimum_engine_version: Option, /// A list of updates being applied to the user group. @@ -85,7 +86,6 @@ pub struct UserGroupStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/users.rs b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/users.rs index 246720062..2b3c7516a 100644 --- a/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/users.rs +++ b/kube-custom-resources-rs/src/elasticache_services_k8s_aws/v1alpha1/users.rs @@ -81,7 +81,7 @@ pub struct UserStatus { /// Denotes whether the user requires a password to authenticate. #[serde(default, skip_serializing_if = "Option::is_none")] pub authentication: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -93,7 +93,7 @@ pub struct UserStatus { /// Access permissions string used for this user. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastRequestedAccessString")] pub last_requested_access_string: Option, - /// The minimum engine version required, which is Redis 6.0 + /// The minimum engine version required, which is Redis OSS 6.0 #[serde(default, skip_serializing_if = "Option::is_none", rename = "minimumEngineVersion")] pub minimum_engine_version: Option, /// Indicates the user status. Can be "active", "modifying" or "deleting". @@ -115,7 +115,6 @@ pub struct UserStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/elbv2_k8s_aws/v1alpha1/targetgroupbindings.rs b/kube-custom-resources-rs/src/elbv2_k8s_aws/v1alpha1/targetgroupbindings.rs index 7168117b0..f4ee0eede 100644 --- a/kube-custom-resources-rs/src/elbv2_k8s_aws/v1alpha1/targetgroupbindings.rs +++ b/kube-custom-resources-rs/src/elbv2_k8s_aws/v1alpha1/targetgroupbindings.rs @@ -19,6 +19,12 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct TargetGroupBindingSpec { + /// IAM Role ARN to assume when calling AWS APIs. Needed to assume a role in another account and prevent the confused deputy problem. https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html + #[serde(default, skip_serializing_if = "Option::is_none", rename = "assumeRoleExternalId")] + pub assume_role_external_id: Option, + /// IAM Role ARN to assume when calling AWS APIs. Useful if the target group is in a different AWS account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "iamRoleArnToAssume")] + pub iam_role_arn_to_assume: Option, /// MultiClusterTargetGroup Denotes if the TargetGroup is shared among multiple clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiClusterTargetGroup")] pub multi_cluster_target_group: Option, @@ -29,8 +35,11 @@ pub struct TargetGroupBindingSpec { #[serde(rename = "serviceRef")] pub service_ref: TargetGroupBindingServiceRef, /// targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup. - #[serde(rename = "targetGroupARN")] - pub target_group_arn: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetGroupARN")] + pub target_group_arn: Option, + /// targetGroupName is the Name of the TargetGroup. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetGroupName")] + pub target_group_name: Option, /// targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetType")] pub target_type: Option, diff --git a/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/ingressclassparams.rs b/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/ingressclassparams.rs index 3e8b2ddc8..6ec39c173 100644 --- a/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/ingressclassparams.rs +++ b/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/ingressclassparams.rs @@ -35,6 +35,9 @@ pub struct IngressClassParamsSpec { /// LoadBalancerAttributes define the custom attributes to LoadBalancers for all Ingress that that belong to IngressClass with this IngressClassParams. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerAttributes")] pub load_balancer_attributes: Option>, + /// MinimumLoadBalancerCapacity define the capacity reservation for LoadBalancers for all Ingress that belong to IngressClass with this IngressClassParams. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minimumLoadBalancerCapacity")] + pub minimum_load_balancer_capacity: Option, /// NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. /// * if absent or present but empty, it selects all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] @@ -102,6 +105,14 @@ pub struct IngressClassParamsLoadBalancerAttributes { pub value: String, } +/// MinimumLoadBalancerCapacity define the capacity reservation for LoadBalancers for all Ingress that belong to IngressClass with this IngressClassParams. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IngressClassParamsMinimumLoadBalancerCapacity { + /// The Capacity Units Value. + #[serde(rename = "capacityUnits")] + pub capacity_units: i32, +} + /// NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams. /// * if absent or present but empty, it selects all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/targetgroupbindings.rs b/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/targetgroupbindings.rs index cc566351f..82042d574 100644 --- a/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/targetgroupbindings.rs +++ b/kube-custom-resources-rs/src/elbv2_k8s_aws/v1beta1/targetgroupbindings.rs @@ -20,6 +20,12 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct TargetGroupBindingSpec { + /// IAM Role ARN to assume when calling AWS APIs. Needed to assume a role in another account and prevent the confused deputy problem. https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html + #[serde(default, skip_serializing_if = "Option::is_none", rename = "assumeRoleExternalId")] + pub assume_role_external_id: Option, + /// IAM Role ARN to assume when calling AWS APIs. Useful if the target group is in a different AWS account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "iamRoleArnToAssume")] + pub iam_role_arn_to_assume: Option, /// ipAddressType specifies whether the target group is of type IPv4 or IPv6. If unspecified, it will be automatically inferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAddressType")] pub ip_address_type: Option, @@ -36,8 +42,11 @@ pub struct TargetGroupBindingSpec { #[serde(rename = "serviceRef")] pub service_ref: TargetGroupBindingServiceRef, /// targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup. - #[serde(rename = "targetGroupARN")] - pub target_group_arn: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetGroupARN")] + pub target_group_arn: Option, + /// targetGroupName is the Name of the TargetGroup. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetGroupName")] + pub target_group_name: Option, /// targetType is the TargetType of TargetGroup. If unspecified, it will be automatically inferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetType")] pub target_type: Option, diff --git a/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs b/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs index f41cdce36..7dbb72761 100644 --- a/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs +++ b/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs @@ -27,17 +27,17 @@ pub struct JobRunSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "configurationOverrides")] pub configuration_overrides: Option, /// The execution role ARN for the job run. - #[serde(rename = "executionRoleARN")] - pub execution_role_arn: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "executionRoleARN")] + pub execution_role_arn: Option, /// The job driver for the job run. - #[serde(rename = "jobDriver")] - pub job_driver: JobRunJobDriver, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobDriver")] + pub job_driver: Option, /// The name of the job run. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The Amazon EMR release version to use for the job run. - #[serde(rename = "releaseLabel")] - pub release_label: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "releaseLabel")] + pub release_label: Option, /// The tags assigned to job runs. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, @@ -107,7 +107,7 @@ pub struct JobRunStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/virtualclusters.rs b/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/virtualclusters.rs index b3dae8a70..bd158ad87 100644 --- a/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/virtualclusters.rs +++ b/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/virtualclusters.rs @@ -17,9 +17,9 @@ use self::prelude::*; /// namespace that Amazon EMR is registered with. Amazon EMR uses virtual clusters /// to run jobs and host endpoints. Multiple virtual clusters can be backed by /// the same physical cluster. However, each virtual cluster maps to one namespace -/// on an EKS cluster. Virtual clusters do not create any active resources that -/// contribute to your bill or that require lifecycle management outside the -/// service. +/// on an Amazon EKS cluster. Virtual clusters do not create any active resources +/// that contribute to your bill or that require lifecycle management outside +/// the service. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "emrcontainers.services.k8s.aws", version = "v1alpha1", kind = "VirtualCluster", plural = "virtualclusters")] #[kube(namespaced)] @@ -53,12 +53,12 @@ pub struct VirtualClusterContainerProvider { /// The information about the container used for a job run or a managed endpoint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VirtualClusterContainerProviderInfo { - /// The information about the EKS cluster. + /// The information about the Amazon EKS cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "eksInfo")] pub eks_info: Option, } -/// The information about the EKS cluster. +/// The information about the Amazon EKS cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VirtualClusterContainerProviderInfoEksInfo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -73,7 +73,7 @@ pub struct VirtualClusterStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/everest_percona_com/v1alpha1/databaseclusters.rs b/kube-custom-resources-rs/src/everest_percona_com/v1alpha1/databaseclusters.rs index b04b58257..c69ed9b05 100644 --- a/kube-custom-resources-rs/src/everest_percona_com/v1alpha1/databaseclusters.rs +++ b/kube-custom-resources-rs/src/everest_percona_com/v1alpha1/databaseclusters.rs @@ -20,6 +20,8 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct DatabaseClusterSpec { /// AllowUnsafeConfiguration field used to ensure that the user can create configurations unfit for production use. + /// + /// Deprecated: AllowUnsafeConfiguration will not be supported in the future releases. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowUnsafeConfiguration")] pub allow_unsafe_configuration: Option, /// Backup is the backup specification diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/clustersecretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/clustersecretstores.rs index 00419764b..48588acd3 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/clustersecretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/clustersecretstores.rs @@ -139,15 +139,15 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefKubernetesAuth { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefKubernetesAuthSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -165,8 +165,8 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefKubernetesAuthServiceA pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -178,11 +178,11 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessID")] pub access_id: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessType")] pub access_type: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessTypeParam")] pub access_type_param: Option, @@ -191,49 +191,49 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRefAccessId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRefAccessType { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRefAccessTypeParam { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -241,7 +241,7 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRefAccessTypePar /// The provider for the CA bundle to use to validate Akeyless Gateway certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -309,15 +309,15 @@ pub struct ClusterSecretStoreProviderAlibabaAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -325,15 +325,15 @@ pub struct ClusterSecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { /// The AccessKeySecret is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAlibabaAuthSecretRefAccessKeySecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -387,8 +387,8 @@ pub struct ClusterSecretStoreProviderAwsAuthJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -408,15 +408,15 @@ pub struct ClusterSecretStoreProviderAwsAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -424,15 +424,15 @@ pub struct ClusterSecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAwsAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -485,15 +485,15 @@ pub struct ClusterSecretStoreProviderAzurekvAuthSecretRef { /// The Azure clientId of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -501,15 +501,15 @@ pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientId { /// The Azure ClientSecret of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientSecret { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -533,8 +533,8 @@ pub struct ClusterSecretStoreProviderAzurekvServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -586,15 +586,15 @@ pub struct ClusterSecretStoreProviderGcpsmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderGcpsmAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -622,8 +622,8 @@ pub struct ClusterSecretStoreProviderGcpsmAuthWorkloadIdentityServiceAccountRef pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -658,15 +658,15 @@ pub struct ClusterSecretStoreProviderGitlabAuthSecretRef { /// AccessToken is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderGitlabAuthSecretRefAccessToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -698,15 +698,15 @@ pub struct ClusterSecretStoreProviderIbmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderIbmAuthSecretRefSecretApiKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -741,46 +741,46 @@ pub struct ClusterSecretStoreProviderKubernetesAuth { /// has both clientCert and clientKey as secretKeySelector #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthCert { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCert")] pub client_cert: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientKey")] pub client_key: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthCertClientKey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -803,8 +803,8 @@ pub struct ClusterSecretStoreProviderKubernetesAuthServiceAccountServiceAccount pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -812,25 +812,25 @@ pub struct ClusterSecretStoreProviderKubernetesAuthServiceAccountServiceAccount /// use static token to authenticate with #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthToken { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerToken")] pub bearer_token: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthTokenBearerToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -852,7 +852,7 @@ pub struct ClusterSecretStoreProviderKubernetesServer { /// see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesServerCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -929,15 +929,15 @@ pub struct ClusterSecretStoreProviderOracleAuthSecretRef { /// Fingerprint is the fingerprint of the API private key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderOracleAuthSecretRefFingerprint { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -945,15 +945,15 @@ pub struct ClusterSecretStoreProviderOracleAuthSecretRefFingerprint { /// PrivateKey is the user's API Signing Key in PEM format, used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderOracleAuthSecretRefPrivatekey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -979,8 +979,8 @@ pub struct ClusterSecretStoreProviderOracleServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1013,15 +1013,15 @@ pub struct ClusterSecretStoreProviderPassworddepotAuthSecretRef { /// Username / Password is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderPassworddepotAuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1124,15 +1124,15 @@ pub struct ClusterSecretStoreProviderVaultAuthAppRole { /// resource is used as the app role secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthAppRoleSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1155,15 +1155,15 @@ pub struct ClusterSecretStoreProviderVaultAuthCert { /// authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1172,15 +1172,15 @@ pub struct ClusterSecretStoreProviderVaultAuthCertClientCert { /// authenticate with Vault using the Cert authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1236,8 +1236,8 @@ pub struct ClusterSecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenSe pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1246,15 +1246,15 @@ pub struct ClusterSecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenSe /// authenticate with Vault using the JWT/OIDC authentication method. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthJwtSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1290,15 +1290,15 @@ pub struct ClusterSecretStoreProviderVaultAuthKubernetes { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthKubernetesSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1316,8 +1316,8 @@ pub struct ClusterSecretStoreProviderVaultAuthKubernetesServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1344,15 +1344,15 @@ pub struct ClusterSecretStoreProviderVaultAuthLdap { /// method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthLdapSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1360,15 +1360,15 @@ pub struct ClusterSecretStoreProviderVaultAuthLdapSecretRef { /// TokenSecretRef authenticates with Vault by presenting a token. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1376,7 +1376,7 @@ pub struct ClusterSecretStoreProviderVaultAuthTokenSecretRef { /// The provider for the CA bundle to use to validate Vault server certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterSecretStoreProviderVaultCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -1442,7 +1442,7 @@ pub struct ClusterSecretStoreProviderWebhook { /// The provider for the CA bundle to use to validate webhook server certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterSecretStoreProviderWebhookCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -1482,15 +1482,15 @@ pub struct ClusterSecretStoreProviderWebhookSecrets { /// Secret ref to fill in credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderWebhookSecretsSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1519,15 +1519,15 @@ pub struct ClusterSecretStoreProviderYandexlockboxAuth { /// The authorized key used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1535,25 +1535,25 @@ pub struct ClusterSecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { /// The provider for the CA bundle to use to validate Yandex.Cloud server certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexlockboxCaProvider { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexlockboxCaProviderCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/externalsecrets.rs b/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/externalsecrets.rs index 525d60145..40407f6ba 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/externalsecrets.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/externalsecrets.rs @@ -46,6 +46,7 @@ pub struct ExternalSecretData { /// ExternalSecretDataRemoteRef defines Provider data location. #[serde(rename = "remoteRef")] pub remote_ref: ExternalSecretDataRemoteRef, + /// The key in the Kubernetes Secret to store the value. #[serde(rename = "secretKey")] pub secret_key: String, } @@ -102,24 +103,31 @@ pub struct ExternalSecretSecretStoreRef { /// Kind of the SecretStore resource (SecretStore or ClusterSecretStore) /// Defaults to `SecretStore` #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: Option, /// Name of the SecretStore resource - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ExternalSecretSecretStoreRefKind { + SecretStore, + ClusterSecretStore, } /// ExternalSecretTarget defines the Kubernetes Secret to be created /// There can be only one target per ExternalSecret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTarget { - /// CreationPolicy defines rules on how to create the resulting Secret - /// Defaults to 'Owner' + /// CreationPolicy defines rules on how to create the resulting Secret. + /// Defaults to "Owner" #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationPolicy")] pub creation_policy: Option, /// Immutable defines if the final secret will be immutable #[serde(default, skip_serializing_if = "Option::is_none")] pub immutable: Option, - /// Name defines the name of the Secret resource to be managed - /// This field is immutable + /// The name of the Secret resource to be managed. /// Defaults to the .metadata.name of the ExternalSecret resource #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, @@ -184,23 +192,29 @@ pub struct ExternalSecretTargetTemplateTemplateFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromConfigMap { + /// A list of keys in the ConfigMap/Secret to use as templates for Secret data pub items: Vec, + /// The name of the ConfigMap/Secret resource pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromConfigMapItems { + /// A key in the ConfigMap/Secret pub key: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromSecret { + /// A list of keys in the ConfigMap/Secret to use as templates for Secret data pub items: Vec, + /// The name of the ConfigMap/Secret resource pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromSecretItems { + /// A key in the ConfigMap/Secret pub key: String, } diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/secretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/secretstores.rs index d0dbd85dc..a844abfdc 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/secretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1alpha1/secretstores.rs @@ -140,15 +140,15 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefKubernetesAuth { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefKubernetesAuthSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -166,8 +166,8 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefKubernetesAuthServiceAccountR pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -179,11 +179,11 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessID")] pub access_id: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessType")] pub access_type: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessTypeParam")] pub access_type_param: Option, @@ -192,49 +192,49 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRefAccessId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRefAccessType { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRefAccessTypeParam { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -242,7 +242,7 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRefAccessTypeParam { /// The provider for the CA bundle to use to validate Akeyless Gateway certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct SecretStoreProviderAkeylessCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -310,15 +310,15 @@ pub struct SecretStoreProviderAlibabaAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -326,15 +326,15 @@ pub struct SecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { /// The AccessKeySecret is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAlibabaAuthSecretRefAccessKeySecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -388,8 +388,8 @@ pub struct SecretStoreProviderAwsAuthJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -409,15 +409,15 @@ pub struct SecretStoreProviderAwsAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -425,15 +425,15 @@ pub struct SecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAwsAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -486,15 +486,15 @@ pub struct SecretStoreProviderAzurekvAuthSecretRef { /// The Azure clientId of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAzurekvAuthSecretRefClientId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -502,15 +502,15 @@ pub struct SecretStoreProviderAzurekvAuthSecretRefClientId { /// The Azure ClientSecret of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAzurekvAuthSecretRefClientSecret { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -534,8 +534,8 @@ pub struct SecretStoreProviderAzurekvServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -587,15 +587,15 @@ pub struct SecretStoreProviderGcpsmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderGcpsmAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -623,8 +623,8 @@ pub struct SecretStoreProviderGcpsmAuthWorkloadIdentityServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -659,15 +659,15 @@ pub struct SecretStoreProviderGitlabAuthSecretRef { /// AccessToken is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderGitlabAuthSecretRefAccessToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -699,15 +699,15 @@ pub struct SecretStoreProviderIbmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderIbmAuthSecretRefSecretApiKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -742,46 +742,46 @@ pub struct SecretStoreProviderKubernetesAuth { /// has both clientCert and clientKey as secretKeySelector #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthCert { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCert")] pub client_cert: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientKey")] pub client_key: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthCertClientKey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -804,8 +804,8 @@ pub struct SecretStoreProviderKubernetesAuthServiceAccountServiceAccount { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -813,25 +813,25 @@ pub struct SecretStoreProviderKubernetesAuthServiceAccountServiceAccount { /// use static token to authenticate with #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthToken { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerToken")] pub bearer_token: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthTokenBearerToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -853,7 +853,7 @@ pub struct SecretStoreProviderKubernetesServer { /// see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct SecretStoreProviderKubernetesServerCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -930,15 +930,15 @@ pub struct SecretStoreProviderOracleAuthSecretRef { /// Fingerprint is the fingerprint of the API private key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderOracleAuthSecretRefFingerprint { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -946,15 +946,15 @@ pub struct SecretStoreProviderOracleAuthSecretRefFingerprint { /// PrivateKey is the user's API Signing Key in PEM format, used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderOracleAuthSecretRefPrivatekey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -980,8 +980,8 @@ pub struct SecretStoreProviderOracleServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1014,15 +1014,15 @@ pub struct SecretStoreProviderPassworddepotAuthSecretRef { /// Username / Password is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderPassworddepotAuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1125,15 +1125,15 @@ pub struct SecretStoreProviderVaultAuthAppRole { /// resource is used as the app role secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthAppRoleSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1156,15 +1156,15 @@ pub struct SecretStoreProviderVaultAuthCert { /// authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1173,15 +1173,15 @@ pub struct SecretStoreProviderVaultAuthCertClientCert { /// authenticate with Vault using the Cert authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1237,8 +1237,8 @@ pub struct SecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenServiceAc pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1247,15 +1247,15 @@ pub struct SecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenServiceAc /// authenticate with Vault using the JWT/OIDC authentication method. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthJwtSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1291,15 +1291,15 @@ pub struct SecretStoreProviderVaultAuthKubernetes { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthKubernetesSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1317,8 +1317,8 @@ pub struct SecretStoreProviderVaultAuthKubernetesServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1345,15 +1345,15 @@ pub struct SecretStoreProviderVaultAuthLdap { /// method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthLdapSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1361,15 +1361,15 @@ pub struct SecretStoreProviderVaultAuthLdapSecretRef { /// TokenSecretRef authenticates with Vault by presenting a token. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1377,7 +1377,7 @@ pub struct SecretStoreProviderVaultAuthTokenSecretRef { /// The provider for the CA bundle to use to validate Vault server certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct SecretStoreProviderVaultCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -1443,7 +1443,7 @@ pub struct SecretStoreProviderWebhook { /// The provider for the CA bundle to use to validate webhook server certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct SecretStoreProviderWebhookCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -1483,15 +1483,15 @@ pub struct SecretStoreProviderWebhookSecrets { /// Secret ref to fill in credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderWebhookSecretsSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1520,15 +1520,15 @@ pub struct SecretStoreProviderYandexlockboxAuth { /// The authorized key used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1536,25 +1536,25 @@ pub struct SecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { /// The provider for the CA bundle to use to validate Yandex.Cloud server certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexlockboxCaProvider { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexlockboxCaProviderCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs index 28ca0c70c..9a3e56663 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clusterexternalsecrets.rs @@ -21,7 +21,8 @@ pub struct ClusterExternalSecretSpec { /// The metadata of the external secrets to be created #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalSecretMetadata")] pub external_secret_metadata: Option, - /// The name of the external secrets to be created defaults to the name of the ClusterExternalSecret + /// The name of the external secrets to be created. + /// Defaults to the name of the ClusterExternalSecret #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalSecretName")] pub external_secret_name: Option, /// The spec for the ExternalSecrets to be created @@ -61,8 +62,10 @@ pub struct ClusterExternalSecretExternalSecretSpec { /// If multiple entries are specified, the Secret keys are merged in the specified order #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataFrom")] pub data_from: Option>, - /// RefreshInterval is the amount of time before the values are read again from the SecretStore provider + /// RefreshInterval is the amount of time before the values are read again from the SecretStore provider, + /// specified as Golang Duration strings. /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h" + /// Example values: "1h", "2h30m", "5d", "10s" /// May be set to zero to fetch and create it once. Defaults to 1h. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, @@ -82,12 +85,11 @@ pub struct ClusterExternalSecretExternalSecretSpecData { /// which secret (version/property/..) to fetch. #[serde(rename = "remoteRef")] pub remote_ref: ClusterExternalSecretExternalSecretSpecDataRemoteRef, - /// SecretKey defines the key in which the controller stores - /// the value. This is the key in the Kind=Secret + /// The key in the Kubernetes Secret to store the value. #[serde(rename = "secretKey")] pub secret_key: String, /// SourceRef allows you to override the source - /// from which the value will pulled from. + /// from which the value will be pulled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceRef")] pub source_ref: Option, } @@ -143,7 +145,7 @@ pub enum ClusterExternalSecretExternalSecretSpecDataRemoteRefMetadataPolicy { } /// SourceRef allows you to override the source -/// from which the value will pulled from. +/// from which the value will be pulled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecDataSourceRef { /// GeneratorRef points to a generator custom resource. @@ -161,26 +163,60 @@ pub struct ClusterExternalSecretExternalSecretSpecDataSourceRef { /// /// Deprecated: The generatorRef is not implemented in .data[]. /// this will be removed with v1. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecDataSourceRefGeneratorRef { /// Specify the apiVersion of the generator resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - pub kind: String, + /// Specify the Kind of the generator resource + pub kind: ClusterExternalSecretExternalSecretSpecDataSourceRefGeneratorRefKind, /// Specify the name of the generator resource pub name: String, } +/// GeneratorRef points to a generator custom resource. +/// +/// Deprecated: The generatorRef is not implemented in .data[]. +/// this will be removed with v1. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterExternalSecretExternalSecretSpecDataSourceRefGeneratorRefKind { + #[serde(rename = "ACRAccessToken")] + AcrAccessToken, + ClusterGenerator, + #[serde(rename = "ECRAuthorizationToken")] + EcrAuthorizationToken, + Fake, + #[serde(rename = "GCRAccessToken")] + GcrAccessToken, + GithubAccessToken, + QuayAccessToken, + Password, + #[serde(rename = "STSSessionToken")] + StsSessionToken, + #[serde(rename = "UUID")] + Uuid, + VaultDynamicSecret, + Webhook, + Grafana, +} + /// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecDataSourceRefStoreRef { /// Kind of the SecretStore resource (SecretStore or ClusterSecretStore) /// Defaults to `SecretStore` #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: Option, /// Name of the SecretStore resource - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterExternalSecretExternalSecretSpecDataSourceRefStoreRefKind { + SecretStore, + ClusterSecretStore, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -353,26 +389,57 @@ pub struct ClusterExternalSecretExternalSecretSpecDataFromSourceRef { } /// GeneratorRef points to a generator custom resource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecDataFromSourceRefGeneratorRef { /// Specify the apiVersion of the generator resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - pub kind: String, + /// Specify the Kind of the generator resource + pub kind: ClusterExternalSecretExternalSecretSpecDataFromSourceRefGeneratorRefKind, /// Specify the name of the generator resource pub name: String, } +/// GeneratorRef points to a generator custom resource. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterExternalSecretExternalSecretSpecDataFromSourceRefGeneratorRefKind { + #[serde(rename = "ACRAccessToken")] + AcrAccessToken, + ClusterGenerator, + #[serde(rename = "ECRAuthorizationToken")] + EcrAuthorizationToken, + Fake, + #[serde(rename = "GCRAccessToken")] + GcrAccessToken, + GithubAccessToken, + QuayAccessToken, + Password, + #[serde(rename = "STSSessionToken")] + StsSessionToken, + #[serde(rename = "UUID")] + Uuid, + VaultDynamicSecret, + Webhook, + Grafana, +} + /// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecDataFromSourceRefStoreRef { /// Kind of the SecretStore resource (SecretStore or ClusterSecretStore) /// Defaults to `SecretStore` #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: Option, /// Name of the SecretStore resource - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterExternalSecretExternalSecretSpecDataFromSourceRefStoreRefKind { + SecretStore, + ClusterSecretStore, } /// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. @@ -381,28 +448,35 @@ pub struct ClusterExternalSecretExternalSecretSpecSecretStoreRef { /// Kind of the SecretStore resource (SecretStore or ClusterSecretStore) /// Defaults to `SecretStore` #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: Option, /// Name of the SecretStore resource - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterExternalSecretExternalSecretSpecSecretStoreRefKind { + SecretStore, + ClusterSecretStore, } /// ExternalSecretTarget defines the Kubernetes Secret to be created /// There can be only one target per ExternalSecret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecTarget { - /// CreationPolicy defines rules on how to create the resulting Secret - /// Defaults to 'Owner' + /// CreationPolicy defines rules on how to create the resulting Secret. + /// Defaults to "Owner" #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationPolicy")] pub creation_policy: Option, - /// DeletionPolicy defines rules on how to delete the resulting Secret - /// Defaults to 'Retain' + /// DeletionPolicy defines rules on how to delete the resulting Secret. + /// Defaults to "Retain" #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionPolicy")] pub deletion_policy: Option, /// Immutable defines if the final secret will be immutable #[serde(default, skip_serializing_if = "Option::is_none")] pub immutable: Option, - /// Name defines the name of the Secret resource to be managed - /// This field is immutable + /// The name of the Secret resource to be managed. /// Defaults to the .metadata.name of the ExternalSecret resource #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, @@ -490,12 +564,15 @@ pub struct ClusterExternalSecretExternalSecretSpecTargetTemplateTemplateFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecTargetTemplateTemplateFromConfigMap { + /// A list of keys in the ConfigMap/Secret to use as templates for Secret data pub items: Vec, + /// The name of the ConfigMap/Secret resource pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecTargetTemplateTemplateFromConfigMapItems { + /// A key in the ConfigMap/Secret pub key: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateAs")] pub template_as: Option, @@ -509,12 +586,15 @@ pub enum ClusterExternalSecretExternalSecretSpecTargetTemplateTemplateFromConfig #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecTargetTemplateTemplateFromSecret { + /// A list of keys in the ConfigMap/Secret to use as templates for Secret data pub items: Vec, + /// The name of the ConfigMap/Secret resource pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterExternalSecretExternalSecretSpecTargetTemplateTemplateFromSecretItems { + /// A key in the ConfigMap/Secret pub key: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateAs")] pub template_as: Option, diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs index 556e033ed..d4b7dd235 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs @@ -127,6 +127,9 @@ pub struct ClusterSecretStoreProvider { /// GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider #[serde(default, skip_serializing_if = "Option::is_none")] pub gcpsm: Option, + /// Github configures this store to push Github Action secrets using Github API provider + #[serde(default, skip_serializing_if = "Option::is_none")] + pub github: Option, /// GitLab configures this store to sync secrets using GitLab Variables provider #[serde(default, skip_serializing_if = "Option::is_none")] pub gitlab: Option, @@ -248,15 +251,15 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefKubernetesAuth { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefKubernetesAuthSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -274,8 +277,8 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefKubernetesAuthServiceA pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -287,11 +290,11 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessID")] pub access_id: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessType")] pub access_type: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessTypeParam")] pub access_type_param: Option, @@ -300,49 +303,49 @@ pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRefAccessId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRefAccessType { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAkeylessAuthSecretRefSecretRefAccessTypeParam { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -419,15 +422,15 @@ pub struct ClusterSecretStoreProviderAlibabaAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -435,15 +438,15 @@ pub struct ClusterSecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { /// The AccessKeySecret is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAlibabaAuthSecretRefAccessKeySecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -515,8 +518,8 @@ pub struct ClusterSecretStoreProviderAwsAuthJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -541,15 +544,15 @@ pub struct ClusterSecretStoreProviderAwsAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -557,15 +560,15 @@ pub struct ClusterSecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAwsAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -575,15 +578,15 @@ pub struct ClusterSecretStoreProviderAwsAuthSecretRefSecretAccessKeySecretRef { /// see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAwsAuthSecretRefSessionTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -673,15 +676,15 @@ pub struct ClusterSecretStoreProviderAzurekvAuthSecretRef { /// The Azure ClientCertificate of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientCertificate { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -689,15 +692,15 @@ pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientCertificate { /// The Azure clientId of the service principle or managed identity used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -705,15 +708,15 @@ pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientId { /// The Azure ClientSecret of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientSecret { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -721,15 +724,15 @@ pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefClientSecret { /// The Azure tenantId of the managed identity used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderAzurekvAuthSecretRefTenantId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -763,8 +766,8 @@ pub struct ClusterSecretStoreProviderAzurekvServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -781,19 +784,51 @@ pub struct ClusterSecretStoreProviderBeyondtrust { /// Auth configures how the operator authenticates with Beyondtrust. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuth { - /// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. + /// APIKey If not provided then ClientID/ClientSecret become required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] + pub api_key: Option, + /// Certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, /// Certificate private key (key.pem). For use when authenticating with an OAuth client Id #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateKey")] pub certificate_key: Option, - #[serde(rename = "clientId")] - pub client_id: ClusterSecretStoreProviderBeyondtrustAuthClientId, - #[serde(rename = "clientSecret")] - pub client_secret: ClusterSecretStoreProviderBeyondtrustAuthClientSecret, + /// ClientID is the API OAuth Client ID. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientId")] + pub client_id: Option, + /// ClientSecret is the API OAuth Client Secret. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientSecret")] + pub client_secret: Option, +} + +/// APIKey If not provided then ClientID/ClientSecret become required. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthApiKey { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthApiKeySecretRef { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } -/// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. +/// Certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificate { /// SecretRef references a key in a secret that will be used as value. @@ -807,15 +842,15 @@ pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificate { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificateSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -834,19 +869,20 @@ pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificateKey { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificateKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } +/// ClientID is the API OAuth Client ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuthClientId { /// SecretRef references a key in a secret that will be used as value. @@ -860,19 +896,20 @@ pub struct ClusterSecretStoreProviderBeyondtrustAuthClientId { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuthClientIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } +/// ClientSecret is the API OAuth Client Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuthClientSecret { /// SecretRef references a key in a secret that will be used as value. @@ -886,15 +923,15 @@ pub struct ClusterSecretStoreProviderBeyondtrustAuthClientSecret { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBeyondtrustAuthClientSecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -904,6 +941,8 @@ pub struct ClusterSecretStoreProviderBeyondtrustAuthClientSecretSecretRef { pub struct ClusterSecretStoreProviderBeyondtrustServer { #[serde(rename = "apiUrl")] pub api_url: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, /// Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientTimeOutSeconds")] pub client_time_out_seconds: Option, @@ -963,15 +1002,15 @@ pub struct ClusterSecretStoreProviderBitwardensecretsmanagerAuthSecretRef { /// AccessToken used for the bitwarden instance. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBitwardensecretsmanagerAuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1031,15 +1070,15 @@ pub struct ClusterSecretStoreProviderChefAuthSecretRef { /// SecretKey is the Signing Key in PEM format, used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderChefAuthSecretRefPrivateKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1069,46 +1108,46 @@ pub struct ClusterSecretStoreProviderConjurAuth { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderConjurAuthApikey { pub account: String, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "apiKeyRef")] pub api_key_ref: ClusterSecretStoreProviderConjurAuthApikeyApiKeyRef, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "userRef")] pub user_ref: ClusterSecretStoreProviderConjurAuthApikeyUserRef, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderConjurAuthApikeyApiKeyRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderConjurAuthApikeyUserRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1137,15 +1176,15 @@ pub struct ClusterSecretStoreProviderConjurAuthJwt { /// authenticate with Conjur using the JWT authentication method. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderConjurAuthJwtSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1161,8 +1200,8 @@ pub struct ClusterSecretStoreProviderConjurAuthJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1231,15 +1270,15 @@ pub struct ClusterSecretStoreProviderDelineaClientId { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderDelineaClientIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1258,15 +1297,15 @@ pub struct ClusterSecretStoreProviderDelineaClientSecret { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderDelineaClientSecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1297,15 +1336,15 @@ pub struct ClusterSecretStoreProviderDevice42AuthSecretRef { /// Username / Password is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderDevice42AuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1350,15 +1389,15 @@ pub struct ClusterSecretStoreProviderDopplerAuthSecretRef { /// The Key attribute defaults to dopplerToken if not specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderDopplerAuthSecretRefDopplerToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1435,15 +1474,15 @@ pub struct ClusterSecretStoreProviderFortanixApiKey { /// SecretRef is a reference to a secret containing the SDKMS API Key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderFortanixApiKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1481,15 +1520,15 @@ pub struct ClusterSecretStoreProviderGcpsmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderGcpsmAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1517,8 +1556,61 @@ pub struct ClusterSecretStoreProviderGcpsmAuthWorkloadIdentityServiceAccountRef pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Github configures this store to push Github Action secrets using Github API provider +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderGithub { + /// appID specifies the Github APP that will be used to authenticate the client + #[serde(rename = "appID")] + pub app_id: i64, + /// auth configures how secret-manager authenticates with a Github instance. + pub auth: ClusterSecretStoreProviderGithubAuth, + /// environment will be used to fetch secrets from a particular environment within a github repository + #[serde(default, skip_serializing_if = "Option::is_none")] + pub environment: Option, + /// installationID specifies the Github APP installation that will be used to authenticate the client + #[serde(rename = "installationID")] + pub installation_id: i64, + /// organization will be used to fetch secrets from the Github organization + pub organization: String, + /// repository will be used to fetch secrets from the Github repository within an organization + #[serde(default, skip_serializing_if = "Option::is_none")] + pub repository: Option, + /// Upload URL for enterprise instances. Default to URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "uploadURL")] + pub upload_url: Option, + /// URL configures the Github instance URL. Defaults to https://github.com/. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, +} + +/// auth configures how secret-manager authenticates with a Github instance. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderGithubAuth { + /// A reference to a specific 'key' within a Secret resource. + /// In some instances, `key` is a required field. + #[serde(rename = "privateKey")] + pub private_key: ClusterSecretStoreProviderGithubAuthPrivateKey, +} + +/// A reference to a specific 'key' within a Secret resource. +/// In some instances, `key` is a required field. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderGithubAuthPrivateKey { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1562,15 +1654,15 @@ pub struct ClusterSecretStoreProviderGitlabAuthSecretRef { /// AccessToken is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderGitlabAuthSecretRefAccessToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1617,15 +1709,15 @@ pub struct ClusterSecretStoreProviderIbmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderIbmAuthSecretRefSecretApiKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1650,46 +1742,46 @@ pub struct ClusterSecretStoreProviderInfisicalAuth { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderInfisicalAuthUniversalAuthCredentials { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "clientId")] pub client_id: ClusterSecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientId, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "clientSecret")] pub client_secret: ClusterSecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientSecret, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientSecret { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1709,7 +1801,7 @@ pub struct ClusterSecretStoreProviderInfisicalSecretsScope { /// KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKeepersecurity { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "authRef")] pub auth_ref: ClusterSecretStoreProviderKeepersecurityAuthRef, @@ -1717,19 +1809,19 @@ pub struct ClusterSecretStoreProviderKeepersecurity { pub folder_id: String, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKeepersecurityAuthRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1768,46 +1860,46 @@ pub struct ClusterSecretStoreProviderKubernetesAuth { /// has both clientCert and clientKey as secretKeySelector #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthCert { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCert")] pub client_cert: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientKey")] pub client_key: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthCertClientKey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1822,8 +1914,8 @@ pub struct ClusterSecretStoreProviderKubernetesAuthServiceAccount { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1831,25 +1923,25 @@ pub struct ClusterSecretStoreProviderKubernetesAuthServiceAccount { /// use static token to authenticate with #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthToken { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerToken")] pub bearer_token: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthTokenBearerToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1857,15 +1949,15 @@ pub struct ClusterSecretStoreProviderKubernetesAuthTokenBearerToken { /// A reference to a secret that contains the auth information. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderKubernetesAuthRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1938,15 +2030,15 @@ pub struct ClusterSecretStoreProviderOnboardbaseAuth { /// It is used to recognize and authorize access to a project and environment within onboardbase #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderOnboardbaseAuthApiKeyRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1954,15 +2046,15 @@ pub struct ClusterSecretStoreProviderOnboardbaseAuthApiKeyRef { /// OnboardbasePasscode is the passcode attached to the API Key #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderOnboardbaseAuthPasscodeRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1998,15 +2090,15 @@ pub struct ClusterSecretStoreProviderOnepasswordAuthSecretRef { /// The ConnectToken is used for authentication to a 1Password Connect Server. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderOnepasswordAuthSecretRefConnectTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2066,15 +2158,15 @@ pub struct ClusterSecretStoreProviderOracleAuthSecretRef { /// Fingerprint is the fingerprint of the API private key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderOracleAuthSecretRefFingerprint { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2082,15 +2174,15 @@ pub struct ClusterSecretStoreProviderOracleAuthSecretRefFingerprint { /// PrivateKey is the user's API Signing Key in PEM format, used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderOracleAuthSecretRefPrivatekey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2116,8 +2208,8 @@ pub struct ClusterSecretStoreProviderOracleServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2133,46 +2225,46 @@ pub struct ClusterSecretStoreProviderPassbolt { /// Auth defines the information necessary to authenticate against Passbolt Server #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderPassboltAuth { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "passwordSecretRef")] pub password_secret_ref: ClusterSecretStoreProviderPassboltAuthPasswordSecretRef, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "privateKeySecretRef")] pub private_key_secret_ref: ClusterSecretStoreProviderPassboltAuthPrivateKeySecretRef, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderPassboltAuthPasswordSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderPassboltAuthPrivateKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2205,15 +2297,15 @@ pub struct ClusterSecretStoreProviderPassworddepotAuthSecretRef { /// Username / Password is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderPassworddepotAuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2246,15 +2338,15 @@ pub struct ClusterSecretStoreProviderPreviderAuthSecretRef { /// The AccessToken is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderPreviderAuthSecretRefAccessToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2291,15 +2383,15 @@ pub struct ClusterSecretStoreProviderPulumiAccessToken { /// SecretRef is a reference to a secret containing the Pulumi API token. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderPulumiAccessTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2337,15 +2429,15 @@ pub struct ClusterSecretStoreProviderScalewayAccessKey { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderScalewayAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2364,15 +2456,15 @@ pub struct ClusterSecretStoreProviderScalewaySecretKey { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderScalewaySecretKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2405,15 +2497,15 @@ pub struct ClusterSecretStoreProviderSecretserverPassword { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderSecretserverPasswordSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2432,15 +2524,15 @@ pub struct ClusterSecretStoreProviderSecretserverUsername { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderSecretserverUsernameSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2464,25 +2556,25 @@ pub struct ClusterSecretStoreProviderSenhasegura { pub struct ClusterSecretStoreProviderSenhaseguraAuth { #[serde(rename = "clientId")] pub client_id: String, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "clientSecretSecretRef")] pub client_secret_secret_ref: ClusterSecretStoreProviderSenhaseguraAuthClientSecretSecretRef, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderSenhaseguraAuthClientSecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2615,15 +2707,15 @@ pub struct ClusterSecretStoreProviderVaultAuthAppRole { /// resource is used as the app role id. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthAppRoleRoleRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2634,15 +2726,15 @@ pub struct ClusterSecretStoreProviderVaultAuthAppRoleRoleRef { /// resource is used as the app role secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthAppRoleSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2665,15 +2757,15 @@ pub struct ClusterSecretStoreProviderVaultAuthCert { /// authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2682,15 +2774,15 @@ pub struct ClusterSecretStoreProviderVaultAuthCertClientCert { /// authenticate with Vault using the Cert authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2743,8 +2835,8 @@ pub struct ClusterSecretStoreProviderVaultAuthIamJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2768,15 +2860,15 @@ pub struct ClusterSecretStoreProviderVaultAuthIamSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthIamSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2784,15 +2876,15 @@ pub struct ClusterSecretStoreProviderVaultAuthIamSecretRefAccessKeyIdSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthIamSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2802,15 +2894,15 @@ pub struct ClusterSecretStoreProviderVaultAuthIamSecretRefSecretAccessKeySecretR /// see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthIamSecretRefSessionTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2868,8 +2960,8 @@ pub struct ClusterSecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenSe pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2878,15 +2970,15 @@ pub struct ClusterSecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenSe /// authenticate with Vault using the JWT/OIDC authentication method. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthJwtSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2922,15 +3014,15 @@ pub struct ClusterSecretStoreProviderVaultAuthKubernetes { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthKubernetesSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2948,8 +3040,8 @@ pub struct ClusterSecretStoreProviderVaultAuthKubernetesServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2966,7 +3058,7 @@ pub struct ClusterSecretStoreProviderVaultAuthLdap { /// method #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// Username is a LDAP user name used to authenticate using the LDAP Vault + /// Username is an LDAP username used to authenticate using the LDAP Vault /// authentication method pub username: String, } @@ -2976,15 +3068,15 @@ pub struct ClusterSecretStoreProviderVaultAuthLdap { /// method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthLdapSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2992,15 +3084,15 @@ pub struct ClusterSecretStoreProviderVaultAuthLdapSecretRef { /// TokenSecretRef authenticates with Vault by presenting a token. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3009,14 +3101,14 @@ pub struct ClusterSecretStoreProviderVaultAuthTokenSecretRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthUserPass { /// Path where the UserPassword authentication backend is mounted - /// in Vault, e.g: "user" + /// in Vault, e.g: "userpass" pub path: String, /// SecretRef to a key in a Secret resource containing password for the /// user used to authenticate with Vault using the UserPass authentication /// method #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// Username is a user name used to authenticate using the UserPass Vault + /// Username is a username used to authenticate using the UserPass Vault /// authentication method pub username: String, } @@ -3026,15 +3118,15 @@ pub struct ClusterSecretStoreProviderVaultAuthUserPass { /// method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultAuthUserPassSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3087,15 +3179,15 @@ pub struct ClusterSecretStoreProviderVaultTls { /// If no key for the Secret is specified, external-secret will default to 'tls.crt'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultTlsCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3105,15 +3197,15 @@ pub struct ClusterSecretStoreProviderVaultTlsCertSecretRef { /// If no key for the Secret is specified, external-secret will default to 'tls.key'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderVaultTlsKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3164,7 +3256,7 @@ pub struct ClusterSecretStoreProviderWebhook { /// The provider for the CA bundle to use to validate webhook server certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ClusterSecretStoreProviderWebhookCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -3204,15 +3296,15 @@ pub struct ClusterSecretStoreProviderWebhookSecrets { /// Secret ref to fill in credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderWebhookSecretsSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3241,15 +3333,15 @@ pub struct ClusterSecretStoreProviderYandexcertificatemanagerAuth { /// The authorized key used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexcertificatemanagerAuthAuthorizedKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3257,25 +3349,25 @@ pub struct ClusterSecretStoreProviderYandexcertificatemanagerAuthAuthorizedKeySe /// The provider for the CA bundle to use to validate Yandex.Cloud server certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexcertificatemanagerCaProvider { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexcertificatemanagerCaProviderCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3304,15 +3396,15 @@ pub struct ClusterSecretStoreProviderYandexlockboxAuth { /// The authorized key used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3320,25 +3412,25 @@ pub struct ClusterSecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { /// The provider for the CA bundle to use to validate Yandex.Cloud server certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexlockboxCaProvider { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderYandexlockboxCaProviderCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/externalsecrets.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/externalsecrets.rs index ad1d87640..521efd7f0 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/externalsecrets.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/externalsecrets.rs @@ -27,8 +27,10 @@ pub struct ExternalSecretSpec { /// If multiple entries are specified, the Secret keys are merged in the specified order #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataFrom")] pub data_from: Option>, - /// RefreshInterval is the amount of time before the values are read again from the SecretStore provider + /// RefreshInterval is the amount of time before the values are read again from the SecretStore provider, + /// specified as Golang Duration strings. /// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h" + /// Example values: "1h", "2h30m", "5d", "10s" /// May be set to zero to fetch and create it once. Defaults to 1h. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, @@ -48,12 +50,11 @@ pub struct ExternalSecretData { /// which secret (version/property/..) to fetch. #[serde(rename = "remoteRef")] pub remote_ref: ExternalSecretDataRemoteRef, - /// SecretKey defines the key in which the controller stores - /// the value. This is the key in the Kind=Secret + /// The key in the Kubernetes Secret to store the value. #[serde(rename = "secretKey")] pub secret_key: String, /// SourceRef allows you to override the source - /// from which the value will pulled from. + /// from which the value will be pulled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceRef")] pub source_ref: Option, } @@ -109,7 +110,7 @@ pub enum ExternalSecretDataRemoteRefMetadataPolicy { } /// SourceRef allows you to override the source -/// from which the value will pulled from. +/// from which the value will be pulled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretDataSourceRef { /// GeneratorRef points to a generator custom resource. @@ -127,26 +128,60 @@ pub struct ExternalSecretDataSourceRef { /// /// Deprecated: The generatorRef is not implemented in .data[]. /// this will be removed with v1. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ExternalSecretDataSourceRefGeneratorRef { /// Specify the apiVersion of the generator resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - pub kind: String, + /// Specify the Kind of the generator resource + pub kind: ExternalSecretDataSourceRefGeneratorRefKind, /// Specify the name of the generator resource pub name: String, } +/// GeneratorRef points to a generator custom resource. +/// +/// Deprecated: The generatorRef is not implemented in .data[]. +/// this will be removed with v1. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ExternalSecretDataSourceRefGeneratorRefKind { + #[serde(rename = "ACRAccessToken")] + AcrAccessToken, + ClusterGenerator, + #[serde(rename = "ECRAuthorizationToken")] + EcrAuthorizationToken, + Fake, + #[serde(rename = "GCRAccessToken")] + GcrAccessToken, + GithubAccessToken, + QuayAccessToken, + Password, + #[serde(rename = "STSSessionToken")] + StsSessionToken, + #[serde(rename = "UUID")] + Uuid, + VaultDynamicSecret, + Webhook, + Grafana, +} + /// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretDataSourceRefStoreRef { /// Kind of the SecretStore resource (SecretStore or ClusterSecretStore) /// Defaults to `SecretStore` #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: Option, /// Name of the SecretStore resource - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ExternalSecretDataSourceRefStoreRefKind { + SecretStore, + ClusterSecretStore, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -319,26 +354,57 @@ pub struct ExternalSecretDataFromSourceRef { } /// GeneratorRef points to a generator custom resource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct ExternalSecretDataFromSourceRefGeneratorRef { /// Specify the apiVersion of the generator resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - pub kind: String, + /// Specify the Kind of the generator resource + pub kind: ExternalSecretDataFromSourceRefGeneratorRefKind, /// Specify the name of the generator resource pub name: String, } +/// GeneratorRef points to a generator custom resource. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ExternalSecretDataFromSourceRefGeneratorRefKind { + #[serde(rename = "ACRAccessToken")] + AcrAccessToken, + ClusterGenerator, + #[serde(rename = "ECRAuthorizationToken")] + EcrAuthorizationToken, + Fake, + #[serde(rename = "GCRAccessToken")] + GcrAccessToken, + GithubAccessToken, + QuayAccessToken, + Password, + #[serde(rename = "STSSessionToken")] + StsSessionToken, + #[serde(rename = "UUID")] + Uuid, + VaultDynamicSecret, + Webhook, + Grafana, +} + /// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretDataFromSourceRefStoreRef { /// Kind of the SecretStore resource (SecretStore or ClusterSecretStore) /// Defaults to `SecretStore` #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: Option, /// Name of the SecretStore resource - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ExternalSecretDataFromSourceRefStoreRefKind { + SecretStore, + ClusterSecretStore, } /// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. @@ -347,28 +413,35 @@ pub struct ExternalSecretSecretStoreRef { /// Kind of the SecretStore resource (SecretStore or ClusterSecretStore) /// Defaults to `SecretStore` #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, + pub kind: Option, /// Name of the SecretStore resource - pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ExternalSecretSecretStoreRefKind { + SecretStore, + ClusterSecretStore, } /// ExternalSecretTarget defines the Kubernetes Secret to be created /// There can be only one target per ExternalSecret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTarget { - /// CreationPolicy defines rules on how to create the resulting Secret - /// Defaults to 'Owner' + /// CreationPolicy defines rules on how to create the resulting Secret. + /// Defaults to "Owner" #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationPolicy")] pub creation_policy: Option, - /// DeletionPolicy defines rules on how to delete the resulting Secret - /// Defaults to 'Retain' + /// DeletionPolicy defines rules on how to delete the resulting Secret. + /// Defaults to "Retain" #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionPolicy")] pub deletion_policy: Option, /// Immutable defines if the final secret will be immutable #[serde(default, skip_serializing_if = "Option::is_none")] pub immutable: Option, - /// Name defines the name of the Secret resource to be managed - /// This field is immutable + /// The name of the Secret resource to be managed. /// Defaults to the .metadata.name of the ExternalSecret resource #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, @@ -456,12 +529,15 @@ pub struct ExternalSecretTargetTemplateTemplateFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromConfigMap { + /// A list of keys in the ConfigMap/Secret to use as templates for Secret data pub items: Vec, + /// The name of the ConfigMap/Secret resource pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromConfigMapItems { + /// A key in the ConfigMap/Secret pub key: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateAs")] pub template_as: Option, @@ -475,12 +551,15 @@ pub enum ExternalSecretTargetTemplateTemplateFromConfigMapItemsTemplateAs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromSecret { + /// A list of keys in the ConfigMap/Secret to use as templates for Secret data pub items: Vec, + /// The name of the ConfigMap/Secret resource pub name: String, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExternalSecretTargetTemplateTemplateFromSecretItems { + /// A key in the ConfigMap/Secret pub key: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateAs")] pub template_as: Option, diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs index 4474db88a..9fec6d2f2 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs @@ -128,6 +128,9 @@ pub struct SecretStoreProvider { /// GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider #[serde(default, skip_serializing_if = "Option::is_none")] pub gcpsm: Option, + /// Github configures this store to push Github Action secrets using Github API provider + #[serde(default, skip_serializing_if = "Option::is_none")] + pub github: Option, /// GitLab configures this store to sync secrets using GitLab Variables provider #[serde(default, skip_serializing_if = "Option::is_none")] pub gitlab: Option, @@ -249,15 +252,15 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefKubernetesAuth { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefKubernetesAuthSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -275,8 +278,8 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefKubernetesAuthServiceAccountR pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -288,11 +291,11 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessID")] pub access_id: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessType")] pub access_type: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessTypeParam")] pub access_type_param: Option, @@ -301,49 +304,49 @@ pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRef { /// The SecretAccessID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRefAccessId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRefAccessType { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAkeylessAuthSecretRefSecretRefAccessTypeParam { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -420,15 +423,15 @@ pub struct SecretStoreProviderAlibabaAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -436,15 +439,15 @@ pub struct SecretStoreProviderAlibabaAuthSecretRefAccessKeyIdSecretRef { /// The AccessKeySecret is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAlibabaAuthSecretRefAccessKeySecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -516,8 +519,8 @@ pub struct SecretStoreProviderAwsAuthJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -542,15 +545,15 @@ pub struct SecretStoreProviderAwsAuthSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -558,15 +561,15 @@ pub struct SecretStoreProviderAwsAuthSecretRefAccessKeyIdSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAwsAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -576,15 +579,15 @@ pub struct SecretStoreProviderAwsAuthSecretRefSecretAccessKeySecretRef { /// see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAwsAuthSecretRefSessionTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -674,15 +677,15 @@ pub struct SecretStoreProviderAzurekvAuthSecretRef { /// The Azure ClientCertificate of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAzurekvAuthSecretRefClientCertificate { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -690,15 +693,15 @@ pub struct SecretStoreProviderAzurekvAuthSecretRefClientCertificate { /// The Azure clientId of the service principle or managed identity used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAzurekvAuthSecretRefClientId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -706,15 +709,15 @@ pub struct SecretStoreProviderAzurekvAuthSecretRefClientId { /// The Azure ClientSecret of the service principle used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAzurekvAuthSecretRefClientSecret { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -722,15 +725,15 @@ pub struct SecretStoreProviderAzurekvAuthSecretRefClientSecret { /// The Azure tenantId of the managed identity used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderAzurekvAuthSecretRefTenantId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -764,8 +767,8 @@ pub struct SecretStoreProviderAzurekvServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -782,19 +785,51 @@ pub struct SecretStoreProviderBeyondtrust { /// Auth configures how the operator authenticates with Beyondtrust. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuth { - /// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. + /// APIKey If not provided then ClientID/ClientSecret become required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] + pub api_key: Option, + /// Certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. #[serde(default, skip_serializing_if = "Option::is_none")] pub certificate: Option, /// Certificate private key (key.pem). For use when authenticating with an OAuth client Id #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateKey")] pub certificate_key: Option, - #[serde(rename = "clientId")] - pub client_id: SecretStoreProviderBeyondtrustAuthClientId, - #[serde(rename = "clientSecret")] - pub client_secret: SecretStoreProviderBeyondtrustAuthClientSecret, + /// ClientID is the API OAuth Client ID. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientId")] + pub client_id: Option, + /// ClientSecret is the API OAuth Client Secret. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientSecret")] + pub client_secret: Option, +} + +/// APIKey If not provided then ClientID/ClientSecret become required. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthApiKey { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthApiKeySecretRef { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } -/// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. +/// Certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuthCertificate { /// SecretRef references a key in a secret that will be used as value. @@ -808,15 +843,15 @@ pub struct SecretStoreProviderBeyondtrustAuthCertificate { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuthCertificateSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -835,19 +870,20 @@ pub struct SecretStoreProviderBeyondtrustAuthCertificateKey { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuthCertificateKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } +/// ClientID is the API OAuth Client ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuthClientId { /// SecretRef references a key in a secret that will be used as value. @@ -861,19 +897,20 @@ pub struct SecretStoreProviderBeyondtrustAuthClientId { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuthClientIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } +/// ClientSecret is the API OAuth Client Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuthClientSecret { /// SecretRef references a key in a secret that will be used as value. @@ -887,15 +924,15 @@ pub struct SecretStoreProviderBeyondtrustAuthClientSecret { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBeyondtrustAuthClientSecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -905,6 +942,8 @@ pub struct SecretStoreProviderBeyondtrustAuthClientSecretSecretRef { pub struct SecretStoreProviderBeyondtrustServer { #[serde(rename = "apiUrl")] pub api_url: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, /// Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientTimeOutSeconds")] pub client_time_out_seconds: Option, @@ -964,15 +1003,15 @@ pub struct SecretStoreProviderBitwardensecretsmanagerAuthSecretRef { /// AccessToken used for the bitwarden instance. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBitwardensecretsmanagerAuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1032,15 +1071,15 @@ pub struct SecretStoreProviderChefAuthSecretRef { /// SecretKey is the Signing Key in PEM format, used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderChefAuthSecretRefPrivateKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1070,46 +1109,46 @@ pub struct SecretStoreProviderConjurAuth { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderConjurAuthApikey { pub account: String, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "apiKeyRef")] pub api_key_ref: SecretStoreProviderConjurAuthApikeyApiKeyRef, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "userRef")] pub user_ref: SecretStoreProviderConjurAuthApikeyUserRef, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderConjurAuthApikeyApiKeyRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderConjurAuthApikeyUserRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1138,15 +1177,15 @@ pub struct SecretStoreProviderConjurAuthJwt { /// authenticate with Conjur using the JWT authentication method. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderConjurAuthJwtSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1162,8 +1201,8 @@ pub struct SecretStoreProviderConjurAuthJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1232,15 +1271,15 @@ pub struct SecretStoreProviderDelineaClientId { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderDelineaClientIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1259,15 +1298,15 @@ pub struct SecretStoreProviderDelineaClientSecret { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderDelineaClientSecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1298,15 +1337,15 @@ pub struct SecretStoreProviderDevice42AuthSecretRef { /// Username / Password is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderDevice42AuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1351,15 +1390,15 @@ pub struct SecretStoreProviderDopplerAuthSecretRef { /// The Key attribute defaults to dopplerToken if not specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderDopplerAuthSecretRefDopplerToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1436,15 +1475,15 @@ pub struct SecretStoreProviderFortanixApiKey { /// SecretRef is a reference to a secret containing the SDKMS API Key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderFortanixApiKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1482,15 +1521,15 @@ pub struct SecretStoreProviderGcpsmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderGcpsmAuthSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1518,8 +1557,61 @@ pub struct SecretStoreProviderGcpsmAuthWorkloadIdentityServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Github configures this store to push Github Action secrets using Github API provider +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderGithub { + /// appID specifies the Github APP that will be used to authenticate the client + #[serde(rename = "appID")] + pub app_id: i64, + /// auth configures how secret-manager authenticates with a Github instance. + pub auth: SecretStoreProviderGithubAuth, + /// environment will be used to fetch secrets from a particular environment within a github repository + #[serde(default, skip_serializing_if = "Option::is_none")] + pub environment: Option, + /// installationID specifies the Github APP installation that will be used to authenticate the client + #[serde(rename = "installationID")] + pub installation_id: i64, + /// organization will be used to fetch secrets from the Github organization + pub organization: String, + /// repository will be used to fetch secrets from the Github repository within an organization + #[serde(default, skip_serializing_if = "Option::is_none")] + pub repository: Option, + /// Upload URL for enterprise instances. Default to URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "uploadURL")] + pub upload_url: Option, + /// URL configures the Github instance URL. Defaults to https://github.com/. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, +} + +/// auth configures how secret-manager authenticates with a Github instance. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderGithubAuth { + /// A reference to a specific 'key' within a Secret resource. + /// In some instances, `key` is a required field. + #[serde(rename = "privateKey")] + pub private_key: SecretStoreProviderGithubAuthPrivateKey, +} + +/// A reference to a specific 'key' within a Secret resource. +/// In some instances, `key` is a required field. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderGithubAuthPrivateKey { + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1563,15 +1655,15 @@ pub struct SecretStoreProviderGitlabAuthSecretRef { /// AccessToken is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderGitlabAuthSecretRefAccessToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1618,15 +1710,15 @@ pub struct SecretStoreProviderIbmAuthSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderIbmAuthSecretRefSecretApiKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1651,46 +1743,46 @@ pub struct SecretStoreProviderInfisicalAuth { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderInfisicalAuthUniversalAuthCredentials { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "clientId")] pub client_id: SecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientId, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "clientSecret")] pub client_secret: SecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientSecret, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientId { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderInfisicalAuthUniversalAuthCredentialsClientSecret { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1710,7 +1802,7 @@ pub struct SecretStoreProviderInfisicalSecretsScope { /// KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKeepersecurity { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "authRef")] pub auth_ref: SecretStoreProviderKeepersecurityAuthRef, @@ -1718,19 +1810,19 @@ pub struct SecretStoreProviderKeepersecurity { pub folder_id: String, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKeepersecurityAuthRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1769,46 +1861,46 @@ pub struct SecretStoreProviderKubernetesAuth { /// has both clientCert and clientKey as secretKeySelector #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthCert { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCert")] pub client_cert: Option, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientKey")] pub client_key: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthCertClientKey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1823,8 +1915,8 @@ pub struct SecretStoreProviderKubernetesAuthServiceAccount { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1832,25 +1924,25 @@ pub struct SecretStoreProviderKubernetesAuthServiceAccount { /// use static token to authenticate with #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthToken { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerToken")] pub bearer_token: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthTokenBearerToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1858,15 +1950,15 @@ pub struct SecretStoreProviderKubernetesAuthTokenBearerToken { /// A reference to a secret that contains the auth information. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderKubernetesAuthRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1939,15 +2031,15 @@ pub struct SecretStoreProviderOnboardbaseAuth { /// It is used to recognize and authorize access to a project and environment within onboardbase #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderOnboardbaseAuthApiKeyRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1955,15 +2047,15 @@ pub struct SecretStoreProviderOnboardbaseAuthApiKeyRef { /// OnboardbasePasscode is the passcode attached to the API Key #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderOnboardbaseAuthPasscodeRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -1999,15 +2091,15 @@ pub struct SecretStoreProviderOnepasswordAuthSecretRef { /// The ConnectToken is used for authentication to a 1Password Connect Server. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderOnepasswordAuthSecretRefConnectTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2067,15 +2159,15 @@ pub struct SecretStoreProviderOracleAuthSecretRef { /// Fingerprint is the fingerprint of the API private key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderOracleAuthSecretRefFingerprint { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2083,15 +2175,15 @@ pub struct SecretStoreProviderOracleAuthSecretRefFingerprint { /// PrivateKey is the user's API Signing Key in PEM format, used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderOracleAuthSecretRefPrivatekey { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2117,8 +2209,8 @@ pub struct SecretStoreProviderOracleServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2134,46 +2226,46 @@ pub struct SecretStoreProviderPassbolt { /// Auth defines the information necessary to authenticate against Passbolt Server #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderPassboltAuth { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "passwordSecretRef")] pub password_secret_ref: SecretStoreProviderPassboltAuthPasswordSecretRef, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "privateKeySecretRef")] pub private_key_secret_ref: SecretStoreProviderPassboltAuthPrivateKeySecretRef, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderPassboltAuthPasswordSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderPassboltAuthPrivateKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2206,15 +2298,15 @@ pub struct SecretStoreProviderPassworddepotAuthSecretRef { /// Username / Password is used for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderPassworddepotAuthSecretRefCredentials { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2247,15 +2339,15 @@ pub struct SecretStoreProviderPreviderAuthSecretRef { /// The AccessToken is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderPreviderAuthSecretRefAccessToken { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2292,15 +2384,15 @@ pub struct SecretStoreProviderPulumiAccessToken { /// SecretRef is a reference to a secret containing the Pulumi API token. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderPulumiAccessTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2338,15 +2430,15 @@ pub struct SecretStoreProviderScalewayAccessKey { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderScalewayAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2365,15 +2457,15 @@ pub struct SecretStoreProviderScalewaySecretKey { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderScalewaySecretKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2406,15 +2498,15 @@ pub struct SecretStoreProviderSecretserverPassword { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderSecretserverPasswordSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2433,15 +2525,15 @@ pub struct SecretStoreProviderSecretserverUsername { /// SecretRef references a key in a secret that will be used as value. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderSecretserverUsernameSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2465,25 +2557,25 @@ pub struct SecretStoreProviderSenhasegura { pub struct SecretStoreProviderSenhaseguraAuth { #[serde(rename = "clientId")] pub client_id: String, - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(rename = "clientSecretSecretRef")] pub client_secret_secret_ref: SecretStoreProviderSenhaseguraAuthClientSecretSecretRef, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderSenhaseguraAuthClientSecretSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2616,15 +2708,15 @@ pub struct SecretStoreProviderVaultAuthAppRole { /// resource is used as the app role id. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthAppRoleRoleRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2635,15 +2727,15 @@ pub struct SecretStoreProviderVaultAuthAppRoleRoleRef { /// resource is used as the app role secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthAppRoleSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2666,15 +2758,15 @@ pub struct SecretStoreProviderVaultAuthCert { /// authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthCertClientCert { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2683,15 +2775,15 @@ pub struct SecretStoreProviderVaultAuthCertClientCert { /// authenticate with Vault using the Cert authentication method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2744,8 +2836,8 @@ pub struct SecretStoreProviderVaultAuthIamJwtServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2769,15 +2861,15 @@ pub struct SecretStoreProviderVaultAuthIamSecretRef { /// The AccessKeyID is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthIamSecretRefAccessKeyIdSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2785,15 +2877,15 @@ pub struct SecretStoreProviderVaultAuthIamSecretRefAccessKeyIdSecretRef { /// The SecretAccessKey is used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthIamSecretRefSecretAccessKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2803,15 +2895,15 @@ pub struct SecretStoreProviderVaultAuthIamSecretRefSecretAccessKeySecretRef { /// see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthIamSecretRefSessionTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2869,8 +2961,8 @@ pub struct SecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenServiceAc pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2879,15 +2971,15 @@ pub struct SecretStoreProviderVaultAuthJwtKubernetesServiceAccountTokenServiceAc /// authenticate with Vault using the JWT/OIDC authentication method. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthJwtSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2923,15 +3015,15 @@ pub struct SecretStoreProviderVaultAuthKubernetes { /// the controller will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthKubernetesSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2949,8 +3041,8 @@ pub struct SecretStoreProviderVaultAuthKubernetesServiceAccountRef { pub audiences: Option>, /// The name of the ServiceAccount resource being referred to. pub name: String, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// Namespace of the resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2967,7 +3059,7 @@ pub struct SecretStoreProviderVaultAuthLdap { /// method #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// Username is a LDAP user name used to authenticate using the LDAP Vault + /// Username is an LDAP username used to authenticate using the LDAP Vault /// authentication method pub username: String, } @@ -2977,15 +3069,15 @@ pub struct SecretStoreProviderVaultAuthLdap { /// method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthLdapSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -2993,15 +3085,15 @@ pub struct SecretStoreProviderVaultAuthLdapSecretRef { /// TokenSecretRef authenticates with Vault by presenting a token. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthTokenSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3010,14 +3102,14 @@ pub struct SecretStoreProviderVaultAuthTokenSecretRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthUserPass { /// Path where the UserPassword authentication backend is mounted - /// in Vault, e.g: "user" + /// in Vault, e.g: "userpass" pub path: String, /// SecretRef to a key in a Secret resource containing password for the /// user used to authenticate with Vault using the UserPass authentication /// method #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// Username is a user name used to authenticate using the UserPass Vault + /// Username is a username used to authenticate using the UserPass Vault /// authentication method pub username: String, } @@ -3027,15 +3119,15 @@ pub struct SecretStoreProviderVaultAuthUserPass { /// method #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultAuthUserPassSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3088,15 +3180,15 @@ pub struct SecretStoreProviderVaultTls { /// If no key for the Secret is specified, external-secret will default to 'tls.crt'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultTlsCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3106,15 +3198,15 @@ pub struct SecretStoreProviderVaultTlsCertSecretRef { /// If no key for the Secret is specified, external-secret will default to 'tls.key'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderVaultTlsKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3165,7 +3257,7 @@ pub struct SecretStoreProviderWebhook { /// The provider for the CA bundle to use to validate webhook server certificate. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct SecretStoreProviderWebhookCaProvider { - /// The key the value inside of the provider type to use, only used with "Secret" type + /// The key where the CA certificate can be found in the Secret or ConfigMap. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the object located at the provider type. @@ -3205,15 +3297,15 @@ pub struct SecretStoreProviderWebhookSecrets { /// Secret ref to fill in credentials #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderWebhookSecretsSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3242,15 +3334,15 @@ pub struct SecretStoreProviderYandexcertificatemanagerAuth { /// The authorized key used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexcertificatemanagerAuthAuthorizedKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3258,25 +3350,25 @@ pub struct SecretStoreProviderYandexcertificatemanagerAuthAuthorizedKeySecretRef /// The provider for the CA bundle to use to validate Yandex.Cloud server certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexcertificatemanagerCaProvider { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexcertificatemanagerCaProviderCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3305,15 +3397,15 @@ pub struct SecretStoreProviderYandexlockboxAuth { /// The authorized key used for authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -3321,25 +3413,25 @@ pub struct SecretStoreProviderYandexlockboxAuthAuthorizedKeySecretRef { /// The provider for the CA bundle to use to validate Yandex.Cloud server certificate. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexlockboxCaProvider { - /// A reference to a specific 'key' within a Secret resource, + /// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certSecretRef")] pub cert_secret_ref: Option, } -/// A reference to a specific 'key' within a Secret resource, +/// A reference to a specific 'key' within a Secret resource. /// In some instances, `key` is a required field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderYandexlockboxCaProviderCertSecretRef { - /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - /// defaulted, in others it may be required. + /// A key in the referenced Secret. + /// Some instances of this field may be defaulted, in others it may be required. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, /// The name of the Secret resource being referred to. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - /// to the namespace of the referent. + /// The namespace of the Secret resource being referred to. + /// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } diff --git a/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs b/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs index d92f4e902..88c3aeb43 100644 --- a/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs +++ b/kube-custom-resources-rs/src/flagger_app/v1beta1/canaries.rs @@ -241,6 +241,9 @@ pub struct CanaryAnalysisSessionAffinity { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CanaryAnalysisWebhooks { + /// Disable TLS verification for this webhook + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableTLS")] + pub disable_tls: Option, /// Metadata (key-value pairs) for this webhook #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option>, @@ -307,9 +310,9 @@ pub enum CanaryAutoscalerRefKind { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CanaryAutoscalerRefPrimaryScalerReplicas { #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxReplicas")] - pub max_replicas: Option, + pub max_replicas: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReplicas")] - pub min_replicas: Option, + pub min_replicas: Option, } /// Ingress selector @@ -372,6 +375,9 @@ pub struct CanaryService { /// Headers operations #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option, + /// Headless if set to true, generates headless Kubernetes services. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headless: Option, /// The list of host names for this service #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option>, diff --git a/kube-custom-resources-rs/src/flagger_app/v1beta1/metrictemplates.rs b/kube-custom-resources-rs/src/flagger_app/v1beta1/metrictemplates.rs index 2a7bd5505..a2072ddb4 100644 --- a/kube-custom-resources-rs/src/flagger_app/v1beta1/metrictemplates.rs +++ b/kube-custom-resources-rs/src/flagger_app/v1beta1/metrictemplates.rs @@ -70,5 +70,7 @@ pub enum MetricTemplateProviderType { Dynatrace, #[serde(rename = "keptn")] Keptn, + #[serde(rename = "splunk")] + Splunk, } diff --git a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs index 74db8dcca..3dfadc854 100644 --- a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs +++ b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs @@ -66,6 +66,8 @@ pub enum FlinkDeploymentFlinkVersion { V119, #[serde(rename = "v1_20")] V120, + #[serde(rename = "v2_0")] + V20, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -96,6 +98,8 @@ pub struct FlinkDeploymentJob { pub allow_non_restored_state: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoscalerResetNonce")] + pub autoscaler_reset_nonce: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "checkpointTriggerNonce")] pub checkpoint_trigger_nonce: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "entryClass")] @@ -11736,6 +11740,10 @@ pub enum FlinkDeploymentStatusJobStatusState { pub enum FlinkDeploymentStatusLifecycleState { #[serde(rename = "CREATED")] Created, + #[serde(rename = "DELETED")] + Deleted, + #[serde(rename = "DELETING")] + Deleting, #[serde(rename = "DEPLOYED")] Deployed, #[serde(rename = "FAILED")] diff --git a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs index 4d0aee6b6..108b76db1 100644 --- a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs +++ b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs @@ -34,6 +34,8 @@ pub struct FlinkSessionJobJob { pub allow_non_restored_state: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub args: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoscalerResetNonce")] + pub autoscaler_reset_nonce: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "checkpointTriggerNonce")] pub checkpoint_trigger_nonce: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "entryClass")] @@ -320,6 +322,10 @@ pub enum FlinkSessionJobStatusJobStatusState { pub enum FlinkSessionJobStatusLifecycleState { #[serde(rename = "CREATED")] Created, + #[serde(rename = "DELETED")] + Deleted, + #[serde(rename = "DELETING")] + Deleting, #[serde(rename = "DEPLOYED")] Deployed, #[serde(rename = "FAILED")] diff --git a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs index a3800129a..4cfc174d4 100644 --- a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs +++ b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobflows.rs @@ -21,7 +21,7 @@ pub struct JobFlowSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub flows: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobRetainPolicy")] - pub job_retain_policy: Option, + pub job_retain_policy: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -82,6 +82,14 @@ pub struct JobFlowFlowsDependsOnProbeTcpSocketList { pub task_name: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobFlowJobRetainPolicy { + #[serde(rename = "retain")] + Retain, + #[serde(rename = "delete")] + Delete, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobFlowStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "completedJobs")] diff --git a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs index 507947aac..61c504dd9 100644 --- a/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs +++ b/kube-custom-resources-rs/src/flow_volcano_sh/v1alpha1/jobtemplates.rs @@ -50,7 +50,7 @@ pub struct JobTemplatePolicies { #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub event: Option, + pub event: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCode")] @@ -59,6 +59,22 @@ pub struct JobTemplatePolicies { pub timeout: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobTemplatePoliciesEvent { + #[serde(rename = "*")] + KopiumVariant0, + PodPending, + PodRunning, + PodFailed, + PodEvicted, + Unknown, + TaskCompleted, + OutOfSync, + CommandIssued, + JobUpdated, + TaskFailed, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasks { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependsOn")] @@ -76,7 +92,7 @@ pub struct JobTemplateTasks { #[serde(default, skip_serializing_if = "Option::is_none")] pub template: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyPolicy")] - pub topology_policy: Option, + pub topology_policy: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -92,7 +108,7 @@ pub struct JobTemplateTasksPolicies { #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub event: Option, + pub event: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exitCode")] @@ -101,6 +117,22 @@ pub struct JobTemplateTasksPolicies { pub timeout: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobTemplateTasksPoliciesEvent { + #[serde(rename = "*")] + KopiumVariant0, + PodPending, + PodRunning, + PodFailed, + PodEvicted, + Unknown, + TaskCompleted, + OutOfSync, + CommandIssued, + JobUpdated, + TaskFailed, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateTasksTemplate { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3100,6 +3132,18 @@ pub struct JobTemplateTasksTemplateSpecVolumesVsphereVolume { pub volume_path: String, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobTemplateTasksTopologyPolicy { + #[serde(rename = "none")] + None, + #[serde(rename = "best-effort")] + BestEffort, + #[serde(rename = "restricted")] + Restricted, + #[serde(rename = "single-numa-node")] + SingleNumaNode, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobTemplateVolumes { #[serde(rename = "mountPath")] diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs index bd8cc72fe..4e004f5da 100644 --- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs +++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs @@ -109,6 +109,9 @@ pub struct FlowCollectorAgentEbpf { /// - `FlowRTT`: enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
/// - `NetworkEvents`: enable the Network events monitoring feature. This feature requires mounting /// the kernel debug filesystem, so the eBPF pod has to run as privileged. + /// - `PacketTranslation`: enable enriching flows with packet's translation information.
+ /// - `EbpfManager`: allow using eBPF manager to manage netobserv ebpf programs.
+ /// - `UDNMapping`, to enable interfaces mapping to udn.
#[serde(default, skip_serializing_if = "Option::is_none")] pub features: Option>, /// `flowFilter` defines the eBPF agent configuration regarding flow filtering @@ -164,54 +167,67 @@ pub struct FlowCollectorAgentEbpfDebug { /// `flowFilter` defines the eBPF agent configuration regarding flow filtering #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FlowCollectorAgentEbpfFlowFilter { - /// Action defines the action to perform on the flows that match the filter. + /// `action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, - /// CIDR defines the IP CIDR to filter flows by. - /// Example: 10.10.10.0/24 or 100:100:100:100::/64 + /// `cidr` defines the IP CIDR to filter flows by. + /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// DestPorts defines the destination ports to filter flows by. - /// To filter a single port, set a single port as an integer value. For example, destPorts: 80. - /// To filter a range of ports, use a "start-end" range in string format. For example, destPorts: "80-100". + /// `destPorts` optionally defines the destination ports to filter flows by. + /// To filter a single port, set a single port as an integer value. For example, `destPorts: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `destPorts: "80-100"`. /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destPorts")] pub dest_ports: Option, - /// Direction defines the direction to filter flows by. + /// `direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, - /// Set `enable` to `true` to enable eBPF flow filtering feature. + /// Set `enable` to `true` to enable the eBPF flow filtering feature. #[serde(default, skip_serializing_if = "Option::is_none")] pub enable: Option, - /// ICMPCode defines the ICMP code to filter flows by. + /// `icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by. #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] pub icmp_code: Option, - /// ICMPType defines the ICMP type to filter flows by. + /// `icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by. #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpType")] pub icmp_type: Option, - /// PeerIP defines the IP address to filter flows by. - /// Example: 10.10.10.10 + /// `peerCIDR` defines the Peer IP CIDR to filter flows by. + /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` + #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerCIDR")] + pub peer_cidr: Option, + /// `peerIP` optionally defines the remote IP address to filter flows by. + /// Example: `10.10.10.10`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerIP")] pub peer_ip: Option, - /// `pktDrops`, to filter flows with packet drops + /// `pktDrops` optionally filters only flows containing packet drops. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pktDrops")] pub pkt_drops: Option, - /// Ports defines the ports to filter flows by. it can be user for either source or destination ports. - /// To filter a single port, set a single port as an integer value. For example, ports: 80. - /// To filter a range of ports, use a "start-end" range in string format. For example, ports: "80-100". + /// `ports` optionally defines the ports to filter flows by. It is used both for source and destination ports. + /// To filter a single port, set a single port as an integer value. For example, `ports: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `ports: "80-100"`. /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option, - /// Protocol defines the protocol to filter flows by. + /// `protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// SourcePorts defines the source ports to filter flows by. - /// To filter a single port, set a single port as an integer value. For example, sourcePorts: 80. - /// To filter a range of ports, use a "start-end" range in string format. For example, sourcePorts: "80-100". + /// `rules` defines a list of filtering rules on the eBPF Agents. + /// When filtering is enabled, by default, flows that don't match any rule are rejected. + /// To change the default, you can define a rule that accepts everything: `{ action: "Accept", cidr: "0.0.0.0/0" }`, and then refine with rejecting rules. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option>, + /// `sampling` sampling rate for the matched flow + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, + /// `sourcePorts` optionally defines the source ports to filter flows by. + /// To filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `sourcePorts: "80-100"`. /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePorts")] pub source_ports: Option, - /// `tcpFlags` defines the TCP flags to filter flows by. + /// `tcpFlags` optionally defines TCP flags to filter flows by. + /// In addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpFlags")] pub tcp_flags: Option, } @@ -245,6 +261,120 @@ pub enum FlowCollectorAgentEbpfFlowFilterProtocol { Sctp, } +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorAgentEbpfFlowFilterRules { + /// `action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub action: Option, + /// `cidr` defines the IP CIDR to filter flows by. + /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidr: Option, + /// `destPorts` optionally defines the destination ports to filter flows by. + /// To filter a single port, set a single port as an integer value. For example, `destPorts: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `destPorts: "80-100"`. + /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "destPorts")] + pub dest_ports: Option, + /// `direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub direction: Option, + /// `icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] + pub icmp_code: Option, + /// `icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpType")] + pub icmp_type: Option, + /// `peerCIDR` defines the Peer IP CIDR to filter flows by. + /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` + #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerCIDR")] + pub peer_cidr: Option, + /// `peerIP` optionally defines the remote IP address to filter flows by. + /// Example: `10.10.10.10`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerIP")] + pub peer_ip: Option, + /// `pktDrops` optionally filters only flows containing packet drops. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pktDrops")] + pub pkt_drops: Option, + /// `ports` optionally defines the ports to filter flows by. It is used both for source and destination ports. + /// To filter a single port, set a single port as an integer value. For example, `ports: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `ports: "80-100"`. + /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option, + /// `protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, + /// `sampling` sampling rate for the matched flow + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, + /// `sourcePorts` optionally defines the source ports to filter flows by. + /// To filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `sourcePorts: "80-100"`. + /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePorts")] + pub source_ports: Option, + /// `tcpFlags` optionally defines TCP flags to filter flows by. + /// In addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpFlags")] + pub tcp_flags: Option, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesAction { + Accept, + Reject, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesDirection { + Ingress, + Egress, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesProtocol { + #[serde(rename = "TCP")] + Tcp, + #[serde(rename = "UDP")] + Udp, + #[serde(rename = "ICMP")] + Icmp, + #[serde(rename = "ICMPv6")] + IcmPv6, + #[serde(rename = "SCTP")] + Sctp, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesTcpFlags { + #[serde(rename = "SYN")] + Syn, + #[serde(rename = "SYN-ACK")] + SynAck, + #[serde(rename = "ACK")] + Ack, + #[serde(rename = "FIN")] + Fin, + #[serde(rename = "RST")] + Rst, + #[serde(rename = "URG")] + Urg, + #[serde(rename = "ECE")] + Ece, + #[serde(rename = "CWR")] + Cwr, + #[serde(rename = "FIN-ACK")] + FinAck, + #[serde(rename = "RST-ACK")] + RstAck, +} + /// `flowFilter` defines the eBPF agent configuration regarding flow filtering #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum FlowCollectorAgentEbpfFlowFilterTcpFlags { @@ -1535,12 +1665,18 @@ pub struct FlowCollectorProcessor { /// such as `GOGC` and `GOMAXPROCS` env vars. Set these values at your own risk. #[serde(default, skip_serializing_if = "Option::is_none")] pub debug: Option, + /// `deduper` allows to sample or drop flows identified as duplicates, in order to save on resource usage. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deduper: Option, /// `dropUnusedFields` [deprecated (*)] this setting is not used anymore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dropUnusedFields")] pub drop_unused_fields: Option, /// `enableKubeProbes` is a flag to enable or disable Kubernetes liveness and readiness probes #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableKubeProbes")] pub enable_kube_probes: Option, + /// `filters` let you define custom filters to limit the amount of generated flows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, /// `healthPort` is a collector HTTP port in the Pod that exposes the health check API #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthPort")] pub health_port: Option, @@ -1608,6 +1744,77 @@ pub struct FlowCollectorProcessorDebug { pub env: Option>, } +/// `deduper` allows to sample or drop flows identified as duplicates, in order to save on resource usage. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorProcessorDeduper { + /// Set the Processor deduper mode (de-duplication). It comes in addition to the Agent deduper because the Agent cannot de-duplicate same flows reported from different nodes.
+ /// - Use `Drop` to drop every flow considered as duplicates, allowing saving more on resource usage but potentially loosing some information such as the network interfaces used from peer.
+ /// - Use `Sample` to randomly keep only 1 flow on 50 (by default) among the ones considered as duplicates. This is a compromise between dropping every duplicates or keeping every duplicates. This sampling action comes in addition to the Agent-based sampling. If both Agent and Processor sampling are 50, the combined sampling is 1:2500.
+ /// - Use `Disabled` to turn off Processor-based de-duplication.
+ #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, + /// `sampling` is the sampling rate when deduper `mode` is `Sample`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, +} + +/// `deduper` allows to sample or drop flows identified as duplicates, in order to save on resource usage. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorProcessorDeduperMode { + Disabled, + Drop, + Sample, +} + +/// `FLPFilterSet` defines the desired configuration for FLP-based filtering satisfying all conditions +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorProcessorFilters { + /// `filters` is a list of matches that must be all satisfied in order to remove a flow. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allOf")] + pub all_of: Option>, + /// If specified, this filters only target a single output: `Loki`, `Metrics` or `Exporters`. By default, all outputs are targeted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "outputTarget")] + pub output_target: Option, + /// `sampling` is an optional sampling rate to apply to this filter. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, +} + +/// `FLPSingleFilter` defines the desired configuration for a single FLP-based filter +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct FlowCollectorProcessorFiltersAllOf { + /// Name of the field to filter on + /// Refer to the documentation for the list of available fields: https://docs.openshift.com/container-platform/latest/observability/network_observability/json-flows-format-reference.html. + pub field: String, + /// Type of matching to apply + #[serde(rename = "matchType")] + pub match_type: FlowCollectorProcessorFiltersAllOfMatchType, + /// Value to filter on. When `matchType` is `Equal` or `NotEqual`, you can use field injection with `$(SomeField)` to refer to any other field of the flow. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// `FLPSingleFilter` defines the desired configuration for a single FLP-based filter +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorProcessorFiltersAllOfMatchType { + Equal, + NotEqual, + Presence, + Absence, + MatchRegex, + NotMatchRegex, +} + +/// `FLPFilterSet` defines the desired configuration for FLP-based filtering satisfying all conditions +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorProcessorFiltersOutputTarget { + #[serde(rename = "")] + KopiumEmpty, + Loki, + Metrics, + Exporters, +} + /// `processor` defines the settings of the component that receives the flows from the agent, /// enriches them, generates metrics, and forwards them to the Loki persistence layer and/or any available exporter. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs index 8eb5f3917..af00abedc 100644 --- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs +++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs @@ -37,7 +37,7 @@ pub struct FlowCollectorSpec { /// Kafka can provide better scalability, resiliency, and high availability (for more details, see https://www.redhat.com/en/topics/integration/what-is-apache-kafka). #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentModel")] pub deployment_model: Option, - /// `exporters` define additional optional exporters for custom consumption or storage. + /// `exporters` defines additional optional exporters for custom consumption or storage. #[serde(default, skip_serializing_if = "Option::is_none")] pub exporters: Option>, /// Kafka configuration, allowing to use Kafka as a broker as part of the flow collection pipeline. Available when the `spec.deploymentModel` is `Kafka`. @@ -103,15 +103,20 @@ pub struct FlowCollectorAgentEbpf { #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludeInterfaces")] pub exclude_interfaces: Option>, /// List of additional features to enable. They are all disabled by default. Enabling additional features might have performance impacts. Possible values are:
- /// - `PacketDrop`: enable the packets drop flows logging feature. This feature requires mounting - /// the kernel debug filesystem, so the eBPF agent pods have to run as privileged. + /// - `PacketDrop`: Enable the packets drop flows logging feature. This feature requires mounting + /// the kernel debug filesystem, so the eBPF agent pods must run as privileged. /// If the `spec.agent.ebpf.privileged` parameter is not set, an error is reported.
- /// - `DNSTracking`: enable the DNS tracking feature.
- /// - `FlowRTT`: enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
- /// - `NetworkEvents`: enable the network events monitoring feature, such as correlating flows and network policies. - /// This feature requires mounting the kernel debug filesystem, so the eBPF agent pods have to run as privileged. + /// - `DNSTracking`: Enable the DNS tracking feature.
+ /// - `FlowRTT`: Enable flow latency (sRTT) extraction in the eBPF agent from TCP traffic.
+ /// - `NetworkEvents`: Enable the network events monitoring feature, such as correlating flows and network policies. + /// This feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged. + /// It requires using the OVN-Kubernetes network plugin with the Observability feature. + /// IMPORTANT: This feature is available as a Technology Preview.
+ /// - `PacketTranslation`: Enable enriching flows with packet translation information, such as Service NAT.
+ /// - `EbpfManager`: [Unsupported (*)]. Use eBPF Manager to manage NetObserv eBPF programs. Pre-requisite: the eBPF Manager operator (or upstream bpfman operator) must be installed.
+ /// - `UDNMapping`: [Unsupported (*)]. Enable interfaces mapping to User Defined Networks (UDN).
+ /// This feature requires mounting the kernel debug filesystem, so the eBPF agent pods must run as privileged. /// It requires using the OVN-Kubernetes network plugin with the Observability feature. - /// IMPORTANT: This feature is available as a Developer Preview.
#[serde(default, skip_serializing_if = "Option::is_none")] pub features: Option>, /// `flowFilter` defines the eBPF agent configuration regarding flow filtering. @@ -921,54 +926,68 @@ pub struct FlowCollectorAgentEbpfAdvancedSchedulingTolerations { /// `flowFilter` defines the eBPF agent configuration regarding flow filtering. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FlowCollectorAgentEbpfFlowFilter { - /// `action` defines the action to perform on the flows that match the filter. + /// `action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, /// `cidr` defines the IP CIDR to filter flows by. /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` #[serde(default, skip_serializing_if = "Option::is_none")] pub cidr: Option, - /// `destPorts` defines the destination ports to filter flows by. + /// `destPorts` optionally defines the destination ports to filter flows by. /// To filter a single port, set a single port as an integer value. For example, `destPorts: 80`. /// To filter a range of ports, use a "start-end" range in string format. For example, `destPorts: "80-100"`. /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destPorts")] pub dest_ports: Option, - /// `direction` defines the direction to filter flows by. + /// `direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`. #[serde(default, skip_serializing_if = "Option::is_none")] pub direction: Option, /// Set `enable` to `true` to enable the eBPF flow filtering feature. #[serde(default, skip_serializing_if = "Option::is_none")] pub enable: Option, - /// `icmpCode`, for Internet Control Message Protocol (ICMP) traffic, defines the ICMP code to filter flows by. + /// `icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by. #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] pub icmp_code: Option, - /// `icmpType`, for ICMP traffic, defines the ICMP type to filter flows by. + /// `icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by. #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpType")] pub icmp_type: Option, - /// `peerIP` defines the IP address to filter flows by. + /// `peerCIDR` defines the Peer IP CIDR to filter flows by. + /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` + #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerCIDR")] + pub peer_cidr: Option, + /// `peerIP` optionally defines the remote IP address to filter flows by. /// Example: `10.10.10.10`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerIP")] pub peer_ip: Option, - /// `pktDrops` filters flows with packet drops + /// `pktDrops` optionally filters only flows containing packet drops. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pktDrops")] pub pkt_drops: Option, - /// `ports` defines the ports to filter flows by. It is used both for source and destination ports. + /// `ports` optionally defines the ports to filter flows by. It is used both for source and destination ports. /// To filter a single port, set a single port as an integer value. For example, `ports: 80`. /// To filter a range of ports, use a "start-end" range in string format. For example, `ports: "80-100"`. /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option, - /// `protocol` defines the protocol to filter flows by. + /// `protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// `sourcePorts` defines the source ports to filter flows by. + /// `rules` defines a list of filtering rules on the eBPF Agents. + /// When filtering is enabled, by default, flows that don't match any rule are rejected. + /// To change the default, you can define a rule that accepts everything: `{ action: "Accept", cidr: "0.0.0.0/0" }`, and then refine with rejecting rules. + /// [Unsupported (*)]. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option>, + /// `sampling` sampling rate for the matched flows, overriding the global sampling defined at `spec.agent.ebpf.sampling`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, + /// `sourcePorts` optionally defines the source ports to filter flows by. /// To filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`. /// To filter a range of ports, use a "start-end" range in string format. For example, `sourcePorts: "80-100"`. /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePorts")] pub source_ports: Option, - /// `tcpFlags` defines the TCP flags to filter flows by. + /// `tcpFlags` optionally defines TCP flags to filter flows by. + /// In addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpFlags")] pub tcp_flags: Option, } @@ -1002,6 +1021,120 @@ pub enum FlowCollectorAgentEbpfFlowFilterProtocol { Sctp, } +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorAgentEbpfFlowFilterRules { + /// `action` defines the action to perform on the flows that match the filter. The available options are `Accept`, which is the default, and `Reject`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub action: Option, + /// `cidr` defines the IP CIDR to filter flows by. + /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cidr: Option, + /// `destPorts` optionally defines the destination ports to filter flows by. + /// To filter a single port, set a single port as an integer value. For example, `destPorts: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `destPorts: "80-100"`. + /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "destPorts")] + pub dest_ports: Option, + /// `direction` optionally defines a direction to filter flows by. The available options are `Ingress` and `Egress`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub direction: Option, + /// `icmpCode`, for Internet Control Message Protocol (ICMP) traffic, optionally defines the ICMP code to filter flows by. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpCode")] + pub icmp_code: Option, + /// `icmpType`, for ICMP traffic, optionally defines the ICMP type to filter flows by. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "icmpType")] + pub icmp_type: Option, + /// `peerCIDR` defines the Peer IP CIDR to filter flows by. + /// Examples: `10.10.10.0/24` or `100:100:100:100::/64` + #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerCIDR")] + pub peer_cidr: Option, + /// `peerIP` optionally defines the remote IP address to filter flows by. + /// Example: `10.10.10.10`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerIP")] + pub peer_ip: Option, + /// `pktDrops` optionally filters only flows containing packet drops. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pktDrops")] + pub pkt_drops: Option, + /// `ports` optionally defines the ports to filter flows by. It is used both for source and destination ports. + /// To filter a single port, set a single port as an integer value. For example, `ports: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `ports: "80-100"`. + /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ports: Option, + /// `protocol` optionally defines a protocol to filter flows by. The available options are `TCP`, `UDP`, `ICMP`, `ICMPv6`, and `SCTP`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocol: Option, + /// `sampling` sampling rate for the matched flows, overriding the global sampling defined at `spec.agent.ebpf.sampling`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, + /// `sourcePorts` optionally defines the source ports to filter flows by. + /// To filter a single port, set a single port as an integer value. For example, `sourcePorts: 80`. + /// To filter a range of ports, use a "start-end" range in string format. For example, `sourcePorts: "80-100"`. + /// To filter two ports, use a "port1,port2" in string format. For example, `ports: "80,100"`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePorts")] + pub source_ports: Option, + /// `tcpFlags` optionally defines TCP flags to filter flows by. + /// In addition to the standard flags (RFC-9293), you can also filter by one of the three following combinations: `SYN-ACK`, `FIN-ACK`, and `RST-ACK`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpFlags")] + pub tcp_flags: Option, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesAction { + Accept, + Reject, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesDirection { + Ingress, + Egress, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesProtocol { + #[serde(rename = "TCP")] + Tcp, + #[serde(rename = "UDP")] + Udp, + #[serde(rename = "ICMP")] + Icmp, + #[serde(rename = "ICMPv6")] + IcmPv6, + #[serde(rename = "SCTP")] + Sctp, +} + +/// `EBPFFlowFilterRule` defines the desired eBPF agent configuration regarding flow filtering rule. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterRulesTcpFlags { + #[serde(rename = "SYN")] + Syn, + #[serde(rename = "SYN-ACK")] + SynAck, + #[serde(rename = "ACK")] + Ack, + #[serde(rename = "FIN")] + Fin, + #[serde(rename = "RST")] + Rst, + #[serde(rename = "URG")] + Urg, + #[serde(rename = "ECE")] + Ece, + #[serde(rename = "CWR")] + Cwr, + #[serde(rename = "FIN-ACK")] + FinAck, + #[serde(rename = "RST-ACK")] + RstAck, +} + /// `flowFilter` defines the eBPF agent configuration regarding flow filtering. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum FlowCollectorAgentEbpfFlowFilterTcpFlags { @@ -1147,7 +1280,7 @@ pub struct FlowCollectorAgentEbpfMetricsServerTlsProvidedCaFile { /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Type for the file reference: "configmap" or "secret". + /// Type for the file reference: `configmap` or `secret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -2416,7 +2549,7 @@ pub struct FlowCollectorExporters { /// OpenTelemetry configuration, such as the IP address and port to send enriched logs or metrics to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTelemetry")] pub open_telemetry: Option, - /// `type` selects the type of exporters. The available options are `Kafka` and `IPFIX`. + /// `type` selects the type of exporters. The available options are `Kafka`, `IPFIX`, and `OpenTelemetry`. #[serde(rename = "type")] pub r#type: FlowCollectorExportersType, } @@ -2486,7 +2619,7 @@ pub struct FlowCollectorExportersKafkaSaslClientIdReference { /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Type for the file reference: "configmap" or "secret". + /// Type for the file reference: `configmap` or `secret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -2513,7 +2646,7 @@ pub struct FlowCollectorExportersKafkaSaslClientSecretReference { /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Type for the file reference: "configmap" or "secret". + /// Type for the file reference: `configmap` or `secret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -2812,7 +2945,7 @@ pub struct FlowCollectorKafkaSaslClientIdReference { /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Type for the file reference: "configmap" or "secret". + /// Type for the file reference: `configmap` or `secret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -2839,7 +2972,7 @@ pub struct FlowCollectorKafkaSaslClientSecretReference { /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Type for the file reference: "configmap" or "secret". + /// Type for the file reference: `configmap` or `secret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -3440,7 +3573,7 @@ pub struct FlowCollectorNetworkPolicy { pub additional_namespaces: Option>, /// Set `enable` to `true` to deploy network policies on the namespaces used by NetObserv (main and privileged). It is disabled by default. /// These network policies better isolate the NetObserv components to prevent undesired connections to them. - /// We recommend you either enable it, or create your own network policy for NetObserv. + /// To increase the security of connections, enable this option or create your own network policy. #[serde(default, skip_serializing_if = "Option::is_none")] pub enable: Option, } @@ -3461,6 +3594,16 @@ pub struct FlowCollectorProcessor { /// `clusterName` is the name of the cluster to appear in the flows data. This is useful in a multi-cluster context. When using OpenShift, leave empty to make it automatically determined. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterName")] pub cluster_name: Option, + /// `deduper` allows you to sample or drop flows identified as duplicates, in order to save on resource usage. + /// [Unsupported (*)]. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deduper: Option, + /// `filters` lets you define custom filters to limit the amount of generated flows. + /// These filters provide more flexibility than the eBPF Agent filters (in `spec.agent.ebpf.flowFilter`), such as allowing to filter by Kubernetes namespace, + /// but with a lesser improvement in performance. + /// [Unsupported (*)]. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, /// `imagePullPolicy` is the Kubernetes pull policy for the image defined above #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, @@ -3482,10 +3625,10 @@ pub struct FlowCollectorProcessor { #[serde(default, skip_serializing_if = "Option::is_none", rename = "logLevel")] pub log_level: Option, /// `logTypes` defines the desired record types to generate. Possible values are:
- /// - `Flows` (default) to export regular network flows
- /// - `Conversations` to generate events for started conversations, ended conversations as well as periodic "tick" updates
- /// - `EndedConversations` to generate only ended conversations events
- /// - `All` to generate both network flows and all conversations events
+ /// - `Flows` to export regular network flows. This is the default.
+ /// - `Conversations` to generate events for started conversations, ended conversations as well as periodic "tick" updates.
+ /// - `EndedConversations` to generate only ended conversations events.
+ /// - `All` to generate both network flows and all conversations events. It is not recommended due to the impact on resources footprint.
#[serde(default, skip_serializing_if = "Option::is_none", rename = "logTypes")] pub log_types: Option, /// `Metrics` define the processor configuration regarding metrics @@ -3545,7 +3688,7 @@ pub struct FlowCollectorProcessorAdvanced { /// scheduling controls how the pods are scheduled on nodes. #[serde(default, skip_serializing_if = "Option::is_none")] pub scheduling: Option, - /// Define secondary networks to be checked for resources identification. + /// Defines secondary networks to be checked for resources identification. /// To guarantee a correct identification, indexed values must form an unique identifier across the cluster. /// If the same index is used by several resources, those resources might be incorrectly labeled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secondaryNetworks")] @@ -4313,6 +4456,79 @@ pub struct FlowCollectorProcessorAdvancedSecondaryNetworks { pub name: String, } +/// `deduper` allows you to sample or drop flows identified as duplicates, in order to save on resource usage. +/// [Unsupported (*)]. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorProcessorDeduper { + /// Set the Processor de-duplication mode. It comes in addition to the Agent-based deduplication because the Agent cannot de-duplicate same flows reported from different nodes.
+ /// - Use `Drop` to drop every flow considered as duplicates, allowing saving more on resource usage but potentially losing some information such as the network interfaces used from peer, or network events.
+ /// - Use `Sample` to randomly keep only one flow on 50, which is the default, among the ones considered as duplicates. This is a compromise between dropping every duplicate or keeping every duplicate. This sampling action comes in addition to the Agent-based sampling. If both Agent and Processor sampling values are `50`, the combined sampling is 1:2500.
+ /// - Use `Disabled` to turn off Processor-based de-duplication.
+ #[serde(default, skip_serializing_if = "Option::is_none")] + pub mode: Option, + /// `sampling` is the sampling rate when deduper `mode` is `Sample`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, +} + +/// `deduper` allows you to sample or drop flows identified as duplicates, in order to save on resource usage. +/// [Unsupported (*)]. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorProcessorDeduperMode { + Disabled, + Drop, + Sample, +} + +/// `FLPFilterSet` defines the desired configuration for FLP-based filtering satisfying all conditions. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlowCollectorProcessorFilters { + /// `filters` is a list of matches that must be all satisfied in order to remove a flow. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allOf")] + pub all_of: Option>, + /// If specified, these filters only target a single output: `Loki`, `Metrics` or `Exporters`. By default, all outputs are targeted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "outputTarget")] + pub output_target: Option, + /// `sampling` is an optional sampling rate to apply to this filter. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sampling: Option, +} + +/// `FLPSingleFilter` defines the desired configuration for a single FLP-based filter. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct FlowCollectorProcessorFiltersAllOf { + /// Name of the field to filter on. + /// Refer to the documentation for the list of available fields: https://github.com/netobserv/network-observability-operator/blob/main/docs/flows-format.adoc. + pub field: String, + /// Type of matching to apply. + #[serde(rename = "matchType")] + pub match_type: FlowCollectorProcessorFiltersAllOfMatchType, + /// Value to filter on. When `matchType` is `Equal` or `NotEqual`, you can use field injection with `$(SomeField)` to refer to any other field of the flow. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// `FLPSingleFilter` defines the desired configuration for a single FLP-based filter. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorProcessorFiltersAllOfMatchType { + Equal, + NotEqual, + Presence, + Absence, + MatchRegex, + NotMatchRegex, +} + +/// `FLPFilterSet` defines the desired configuration for FLP-based filtering satisfying all conditions. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorProcessorFiltersOutputTarget { + #[serde(rename = "")] + KopiumEmpty, + Loki, + Metrics, + Exporters, +} + /// `processor` defines the settings of the component that receives the flows from the agent, /// enriches them, generates metrics, and forwards them to the Loki persistence layer and/or any available exporter. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -4586,7 +4802,8 @@ pub struct FlowCollectorProcessorMetrics { /// Metrics enabled by default are: /// `namespace_flows_total`, `node_ingress_bytes_total`, `node_egress_bytes_total`, `workload_ingress_bytes_total`, /// `workload_egress_bytes_total`, `namespace_drop_packets_total` (when `PacketDrop` feature is enabled), - /// `namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled). + /// `namespace_rtt_seconds` (when `FlowRTT` feature is enabled), `namespace_dns_latency_seconds` (when `DNSTracking` feature is enabled), + /// `namespace_network_policy_events_total` (when `NetworkEvents` feature is enabled). /// More information, with full list of available metrics: https://github.com/netobserv/network-observability-operator/blob/main/docs/Metrics.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "includeList")] pub include_list: Option>, @@ -4670,7 +4887,7 @@ pub struct FlowCollectorProcessorMetricsServerTlsProvidedCaFile { /// If the namespace is different, the config map or the secret is copied so that it can be mounted as required. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// Type for the file reference: "configmap" or "secret". + /// Type for the file reference: `configmap` or `secret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -4890,7 +5107,7 @@ pub enum FlowCollectorPrometheusQuerierMode { /// `FlowCollectorStatus` defines the observed state of FlowCollector #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FlowCollectorStatus { - /// `conditions` represent the latest available observations of an object's state + /// `conditions` represents the latest available observations of an object's state pub conditions: Vec, /// Namespace where console plugin and flowlogs-pipeline have been deployed. /// Deprecated: annotations are used instead diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs index ccb996251..4ef743692 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfilters.rs @@ -30,6 +30,9 @@ pub struct ClusterFilterSpec { /// Use this option if you want to use the full regex syntax. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchRegex")] pub match_regex: Option, + /// An ordinal to influence filter ordering + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ordinal: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfluentbitconfigs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfluentbitconfigs.rs index 83598943a..be29cfc82 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfluentbitconfigs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterfluentbitconfigs.rs @@ -219,7 +219,7 @@ pub struct ClusterFluentBitConfigService { pub emitter_storage_type: Option, /// Interval to flush output #[serde(default, skip_serializing_if = "Option::is_none", rename = "flushSeconds")] - pub flush_seconds: Option, + pub flush_seconds: Option, /// Wait time on exit #[serde(default, skip_serializing_if = "Option::is_none", rename = "graceSeconds")] pub grace_seconds: Option, diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs index 554d27e3b..25a761afa 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusterinputs.rs @@ -720,6 +720,10 @@ pub struct ClusterInputTail { /// Specify one or Multiline Parser definition to apply to the content. #[serde(default, skip_serializing_if = "Option::is_none", rename = "multilineParser")] pub multiline_parser: Option, + /// If enabled, Fluent Bit appends the offset of the current monitored file as part of the record. + /// The value assigned becomes the key in the map + #[serde(default, skip_serializing_if = "Option::is_none", rename = "offsetKey")] + pub offset_key: Option, /// Specify the name of a parser to interpret the entry as a structured message. #[serde(default, skip_serializing_if = "Option::is_none")] pub parser: Option, @@ -770,6 +774,9 @@ pub struct ClusterInputTail { /// Set a regex to exctract fields from the file #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagRegex")] pub tag_regex: Option, + /// Threaded mechanism allows input plugin to run in a separate thread which helps to desaturate the main pipeline. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub threaded: Option, } /// Tail defines Tail Input configuration. diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs index 2c2a2560a..0c1bf4639 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/clusteroutputs.rs @@ -2232,6 +2232,12 @@ pub struct ClusterOutputKafka { /// Instead if multiple topics exists, the one set in the record by Topic_Key will be used. #[serde(default, skip_serializing_if = "Option::is_none")] pub topics: Option, + /// Limit the maximum number of Chunks in the filesystem for the current output logical destination. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "totalLimitSize")] + pub total_limit_size: Option, + /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, } /// Kinesis defines Kinesis Output configuration. @@ -2342,9 +2348,15 @@ pub struct ClusterOutputLoki { /// Fluent Bit provides integrated support for Transport Layer Security (TLS) and it predecessor Secure Sockets Layer (SSL) respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, + /// Limit the maximum number of Chunks in the filesystem for the current output logical destination. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "totalLimitSize")] + pub total_limit_size: Option, /// Specify a custom HTTP URI. It must start with forward slash. #[serde(default, skip_serializing_if = "Option::is_none")] pub uri: Option, + /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, } /// Loki defines Loki Output configuration. @@ -2667,9 +2679,6 @@ pub struct ClusterOutputNull { /// OpenSearch defines OpenSearch Output configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOutputOpensearch { - /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "Workers")] - pub workers: Option, /// Enable AWS Sigv4 Authentication for Amazon OpenSearch Service. #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsAuth")] pub aws_auth: Option, @@ -2786,6 +2795,9 @@ pub struct ClusterOutputOpensearch { /// Type name #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, /// Operation to use to write in bulk requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "writeOperation")] pub write_operation: Option, @@ -3031,6 +3043,9 @@ pub struct ClusterOutputOpentelemetry { /// Log the response payload within the Fluent Bit log. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logResponsePayload")] pub log_response_payload: Option, + /// The log body key to look up in the log events body/message. Sets the Body field of the opentelemtry logs data model. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logsBodyKey")] + pub logs_body_key: Option, /// If true, remaining unmatched keys are added as attributes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logsBodyKeyAttributes")] pub logs_body_key_attributes: Option, diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs index 169114d57..2456081af 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/filters.rs @@ -31,6 +31,9 @@ pub struct FilterSpec { /// Use this option if you want to use the full regex syntax. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchRegex")] pub match_regex: Option, + /// An ordinal to influence filter ordering + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ordinal: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbitconfigs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbitconfigs.rs index 2fb459a9d..1dde140bf 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbitconfigs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbitconfigs.rs @@ -236,7 +236,7 @@ pub struct FluentBitConfigService { pub emitter_storage_type: Option, /// Interval to flush output #[serde(default, skip_serializing_if = "Option::is_none", rename = "flushSeconds")] - pub flush_seconds: Option, + pub flush_seconds: Option, /// Wait time on exit #[serde(default, skip_serializing_if = "Option::is_none", rename = "graceSeconds")] pub grace_seconds: Option, diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs index 985fe2373..3f2bc038d 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/fluentbits.rs @@ -53,6 +53,9 @@ pub struct FluentBitSpec { /// Fluentbitconfig object associated with this Fluentbit #[serde(default, skip_serializing_if = "Option::is_none", rename = "fluentBitConfigName")] pub fluent_bit_config_name: Option, + /// HostAliases is an optional list of IPs and hostnames that will be injected into the pod's hosts file if specified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] + pub host_aliases: Option>, /// Host networking is requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] pub host_network: Option, @@ -1129,6 +1132,17 @@ pub struct FluentBitEnvVarsValueFromSecretKeyRef { pub optional: Option, } +/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the +/// pod's hosts file. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentBitHostAliases { + /// Hostnames for the above IP address. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub hostnames: Option>, + /// IP address of the host file entry. + pub ip: String, +} + /// LocalObjectReference contains enough information to let you locate the /// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs index a850eaa5c..a8feddc86 100644 --- a/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs +++ b/kube-custom-resources-rs/src/fluentbit_fluent_io/v1alpha2/outputs.rs @@ -2233,6 +2233,12 @@ pub struct OutputKafka { /// Instead if multiple topics exists, the one set in the record by Topic_Key will be used. #[serde(default, skip_serializing_if = "Option::is_none")] pub topics: Option, + /// Limit the maximum number of Chunks in the filesystem for the current output logical destination. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "totalLimitSize")] + pub total_limit_size: Option, + /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, } /// Kinesis defines Kinesis Output configuration. @@ -2343,9 +2349,15 @@ pub struct OutputLoki { /// Fluent Bit provides integrated support for Transport Layer Security (TLS) and it predecessor Secure Sockets Layer (SSL) respectively. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, + /// Limit the maximum number of Chunks in the filesystem for the current output logical destination. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "totalLimitSize")] + pub total_limit_size: Option, /// Specify a custom HTTP URI. It must start with forward slash. #[serde(default, skip_serializing_if = "Option::is_none")] pub uri: Option, + /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, } /// Loki defines Loki Output configuration. @@ -2668,9 +2680,6 @@ pub struct OutputNull { /// OpenSearch defines OpenSearch Output configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OutputOpensearch { - /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "Workers")] - pub workers: Option, /// Enable AWS Sigv4 Authentication for Amazon OpenSearch Service. #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsAuth")] pub aws_auth: Option, @@ -2787,6 +2796,9 @@ pub struct OutputOpensearch { /// Type name #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// Enables dedicated thread(s) for this output. Default value is set since version 1.8.13. For previous versions is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub workers: Option, /// Operation to use to write in bulk requests. #[serde(default, skip_serializing_if = "Option::is_none", rename = "writeOperation")] pub write_operation: Option, @@ -3032,6 +3044,9 @@ pub struct OutputOpentelemetry { /// Log the response payload within the Fluent Bit log. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logResponsePayload")] pub log_response_payload: Option, + /// The log body key to look up in the log events body/message. Sets the Body field of the opentelemtry logs data model. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logsBodyKey")] + pub logs_body_key: Option, /// If true, remaining unmatched keys are added as attributes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logsBodyKeyAttributes")] pub logs_body_key_attributes: Option, diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs index 5de88f783..1f78fe2f3 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/clusteroutputs.rs @@ -647,6 +647,9 @@ pub struct ClusterOutputOutputsElasticsearch { /// Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnectOnError")] pub reconnect_on_error: Option, + /// Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadAfter")] + pub reload_after: Option, /// Optional, Automatically reload connection after 10000 documents (default: true) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadConnections")] pub reload_connections: Option, @@ -659,6 +662,9 @@ pub struct ClusterOutputOutputsElasticsearch { /// Specify https if your Elasticsearch endpoint supports SSL (default: http). #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, + /// Optional, Provide a different sniffer class name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "snifferClassName")] + pub sniffer_class_name: Option, /// Optional, Force certificate validation #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslVerify")] pub ssl_verify: Option, @@ -928,6 +934,9 @@ pub struct ClusterOutputOutputsElasticsearchDataStream { /// Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnectOnError")] pub reconnect_on_error: Option, + /// Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadAfter")] + pub reload_after: Option, /// Optional, Automatically reload connection after 10000 documents (default: true) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadConnections")] pub reload_connections: Option, @@ -940,6 +949,9 @@ pub struct ClusterOutputOutputsElasticsearchDataStream { /// Specify https if your Elasticsearch endpoint supports SSL (default: http). #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, + /// Optional, Provide a different sniffer class name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "snifferClassName")] + pub sniffer_class_name: Option, /// Optional, Force certificate validation #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslVerify")] pub ssl_verify: Option, diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs index 4e3722833..7213595a1 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/fluentds.rs @@ -48,6 +48,9 @@ pub struct FluentdSpec { /// By default will build the related service according to the globalinputs definition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableService")] pub disable_service: Option, + /// EnvFrom represent environment variables that can be passed to fluentd pods directly from secret or configmap + #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] + pub env_from: Option>, /// EnvVars represent environment variables that can be passed to fluentd pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "envVars")] pub env_vars: Option>, @@ -57,6 +60,9 @@ pub struct FluentdSpec { /// Fluentd global inputs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "globalInputs")] pub global_inputs: Option>, + /// HostAliases is an optional list of IPs and hostnames that will be injected into the pod's hosts file if specified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] + pub host_aliases: Option>, /// Fluentd image. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, @@ -1523,6 +1529,54 @@ pub struct FluentdDefaultOutputSelectorMatchExpressions { pub values: Option>, } +/// EnvFromSource represents the source of a set of ConfigMaps +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdEnvFrom { + /// The ConfigMap to select from + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] + pub config_map_ref: Option, + /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, + /// The Secret to select from + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, +} + +/// The ConfigMap to select from +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdEnvFromConfigMapRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// The Secret to select from +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdEnvFromSecretRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FluentdEnvVars { @@ -2489,6 +2543,17 @@ pub enum FluentdGlobalInputsTailParseType { MultilineGrok, } +/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the +/// pod's hosts file. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FluentdHostAliases { + /// Hostnames for the above IP address. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub hostnames: Option>, + /// IP address of the host file entry. + pub ip: String, +} + /// LocalObjectReference contains enough information to let you locate the /// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs index b68c546b2..0d8ce7b48 100644 --- a/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs +++ b/kube-custom-resources-rs/src/fluentd_fluent_io/v1alpha1/outputs.rs @@ -648,6 +648,9 @@ pub struct OutputOutputsElasticsearch { /// Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnectOnError")] pub reconnect_on_error: Option, + /// Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadAfter")] + pub reload_after: Option, /// Optional, Automatically reload connection after 10000 documents (default: true) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadConnections")] pub reload_connections: Option, @@ -660,6 +663,9 @@ pub struct OutputOutputsElasticsearch { /// Specify https if your Elasticsearch endpoint supports SSL (default: http). #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, + /// Optional, Provide a different sniffer class name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "snifferClassName")] + pub sniffer_class_name: Option, /// Optional, Force certificate validation #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslVerify")] pub ssl_verify: Option, @@ -929,6 +935,9 @@ pub struct OutputOutputsElasticsearchDataStream { /// Optional, Indicates that the plugin should reset connection on any error (reconnect on next send) (default: false) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnectOnError")] pub reconnect_on_error: Option, + /// Optional, When ReloadConnections true, this is the integer number of operations after which the plugin will reload the connections. The default value is 10000. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadAfter")] + pub reload_after: Option, /// Optional, Automatically reload connection after 10000 documents (default: true) #[serde(default, skip_serializing_if = "Option::is_none", rename = "reloadConnections")] pub reload_connections: Option, @@ -941,6 +950,9 @@ pub struct OutputOutputsElasticsearchDataStream { /// Specify https if your Elasticsearch endpoint supports SSL (default: http). #[serde(default, skip_serializing_if = "Option::is_none")] pub scheme: Option, + /// Optional, Provide a different sniffer class name + #[serde(default, skip_serializing_if = "Option::is_none", rename = "snifferClassName")] + pub sniffer_class_name: Option, /// Optional, Force certificate validation #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslVerify")] pub ssl_verify: Option, diff --git a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs index 08406ff88..9d601e974 100644 --- a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs +++ b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/migrations.rs @@ -151,6 +151,21 @@ pub struct MigrationStatusVms { /// Only relevant for an openshift source. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, + /// NetworkNameTemplate is a template for generating network interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise. + /// - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located. + /// - .NetworkType: type of the network ("Multus" or "Pod") + /// - .NetworkIndex: sequential index of the network interface (0-based) + /// The template can be used to customize network interface names based on target network configuration. + /// Note: + /// - This template will override at the plan level template + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "net-{{.NetworkIndex}}" + /// "{{if eq .NetworkType "Pod"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkNameTemplate")] + pub network_name_template: Option, /// The new name of the VM after matching DNS1123 requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "newName")] pub new_name: Option, @@ -161,6 +176,19 @@ pub struct MigrationStatusVms { pub phase: String, /// Migration pipeline. pub pipeline: Vec, + /// PVCNameTemplate is a template for generating PVC names for VM disks. + /// It follows Go template syntax and has access to the following variables: + /// - .VmName: name of the VM + /// - .PlanName: name of the migration plan + /// - .DiskIndex: initial volume index of the disk + /// - .RootDiskIndex: index of the root disk + /// Note: + /// This template overrides the plan level template. + /// Examples: + /// "{{.VmName}}-disk-{{.DiskIndex}}" + /// "{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pvcNameTemplate")] + pub pvc_name_template: Option, /// Source VM power state before migration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restorePowerState")] pub restore_power_state: Option, @@ -173,6 +201,18 @@ pub struct MigrationStatusVms { /// Type used to qualify the name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// VolumeNameTemplate is a template for generating volume interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .PVCName: name of the PVC mounted to the VM using this volume + /// - .VolumeIndex: sequential index of the volume interface (0-based) + /// Note: + /// - This template will override at the plan level template + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "disk-{{.VolumeIndex}}" + /// "pvc-{{.PVCName}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNameTemplate")] + pub volume_name_template: Option, /// Warm migration status #[serde(default, skip_serializing_if = "Option::is_none")] pub warm: Option, @@ -381,11 +421,24 @@ pub struct MigrationStatusVmsWarm { /// Precopy durations #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MigrationStatusVmsWarmPrecopies { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "createTaskId")] + pub create_task_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deltas: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub end: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "removeTaskId")] + pub remove_task_id: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub snapshot: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub start: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MigrationStatusVmsWarmPrecopiesDeltas { + #[serde(rename = "deltaId")] + pub delta_id: String, + pub disk: String, +} + diff --git a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs index 569c74c86..5ef0fd2c2 100644 --- a/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs +++ b/kube-custom-resources-rs/src/forklift_konveyor_io/v1beta1/plans.rs @@ -27,8 +27,28 @@ pub struct PlanSpec { /// Description #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, + /// Specify the disk bus which will be applied to all VMs disks in plan. + /// Possible options 'scsi', 'sata' and 'virtio'. + /// Defaults to 'virtio'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskBus")] + pub disk_bus: Option, /// Resource mapping. pub map: PlanMap, + /// NetworkNameTemplate is a template for generating network interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise. + /// - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located. + /// - .NetworkType: type of the network ("Multus" or "Pod") + /// - .NetworkIndex: sequential index of the network interface (0-based) + /// The template can be used to customize network interface names based on target network configuration. + /// Note: + /// - This template can be overridden at the individual VM level + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "net-{{.NetworkIndex}}" + /// "{{if eq .NetworkType "Pod"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkNameTemplate")] + pub network_name_template: Option, /// Preserve the CPU model and flags the VM runs with in its oVirt cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preserveClusterCpuModel")] pub preserve_cluster_cpu_model: Option, @@ -37,6 +57,19 @@ pub struct PlanSpec { pub preserve_static_i_ps: Option, /// Providers. pub provider: PlanProvider, + /// PVCNameTemplate is a template for generating PVC names for VM disks. + /// It follows Go template syntax and has access to the following variables: + /// - .VmName: name of the VM + /// - .PlanName: name of the migration plan + /// - .DiskIndex: initial volume index of the disk + /// - .RootDiskIndex: index of the root disk + /// Note: + /// This template can be overridden at the individual VM level. + /// Examples: + /// "{{.VmName}}-disk-{{.DiskIndex}}" + /// "{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pvcNameTemplate")] + pub pvc_name_template: Option, /// Target namespace. #[serde(rename = "targetNamespace")] pub target_namespace: String, @@ -45,6 +78,18 @@ pub struct PlanSpec { pub transfer_network: Option, /// List of VMs. pub vms: Vec, + /// VolumeNameTemplate is a template for generating volume interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .PVCName: name of the PVC mounted to the VM using this volume + /// - .VolumeIndex: sequential index of the volume interface (0-based) + /// Note: + /// - This template can be overridden at the individual VM level + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "disk-{{.VolumeIndex}}" + /// "pvc-{{.PVCName}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNameTemplate")] + pub volume_name_template: Option, /// Whether this is a warm migration. #[serde(default, skip_serializing_if = "Option::is_none")] pub warm: Option, @@ -284,12 +329,52 @@ pub struct PlanVms { /// Only relevant for an openshift source. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, + /// NetworkNameTemplate is a template for generating network interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise. + /// - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located. + /// - .NetworkType: type of the network ("Multus" or "Pod") + /// - .NetworkIndex: sequential index of the network interface (0-based) + /// The template can be used to customize network interface names based on target network configuration. + /// Note: + /// - This template will override at the plan level template + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "net-{{.NetworkIndex}}" + /// "{{if eq .NetworkType "Pod"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkNameTemplate")] + pub network_name_template: Option, + /// PVCNameTemplate is a template for generating PVC names for VM disks. + /// It follows Go template syntax and has access to the following variables: + /// - .VmName: name of the VM + /// - .PlanName: name of the migration plan + /// - .DiskIndex: initial volume index of the disk + /// - .RootDiskIndex: index of the root disk + /// Note: + /// This template overrides the plan level template. + /// Examples: + /// "{{.VmName}}-disk-{{.DiskIndex}}" + /// "{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pvcNameTemplate")] + pub pvc_name_template: Option, /// Choose the primary disk the VM boots from #[serde(default, skip_serializing_if = "Option::is_none", rename = "rootDisk")] pub root_disk: Option, /// Type used to qualify the name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// VolumeNameTemplate is a template for generating volume interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .PVCName: name of the PVC mounted to the VM using this volume + /// - .VolumeIndex: sequential index of the volume interface (0-based) + /// Note: + /// - This template will override at the plan level template + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "disk-{{.VolumeIndex}}" + /// "pvc-{{.PVCName}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNameTemplate")] + pub volume_name_template: Option, } /// Plan hook. @@ -552,6 +637,21 @@ pub struct PlanStatusMigrationVms { /// Only relevant for an openshift source. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, + /// NetworkNameTemplate is a template for generating network interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .NetworkName: If target network is multus, name of the Multus network attachment definition, empty otherwise. + /// - .NetworkNamespace: If target network is multus, namespace where the network attachment definition is located. + /// - .NetworkType: type of the network ("Multus" or "Pod") + /// - .NetworkIndex: sequential index of the network interface (0-based) + /// The template can be used to customize network interface names based on target network configuration. + /// Note: + /// - This template will override at the plan level template + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "net-{{.NetworkIndex}}" + /// "{{if eq .NetworkType "Pod"}}pod{{else}}multus-{{.NetworkIndex}}{{end}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkNameTemplate")] + pub network_name_template: Option, /// The new name of the VM after matching DNS1123 requirements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "newName")] pub new_name: Option, @@ -562,6 +662,19 @@ pub struct PlanStatusMigrationVms { pub phase: String, /// Migration pipeline. pub pipeline: Vec, + /// PVCNameTemplate is a template for generating PVC names for VM disks. + /// It follows Go template syntax and has access to the following variables: + /// - .VmName: name of the VM + /// - .PlanName: name of the migration plan + /// - .DiskIndex: initial volume index of the disk + /// - .RootDiskIndex: index of the root disk + /// Note: + /// This template overrides the plan level template. + /// Examples: + /// "{{.VmName}}-disk-{{.DiskIndex}}" + /// "{{if eq .DiskIndex .RootDiskIndex}}root{{else}}data{{end}}-{{.DiskIndex}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pvcNameTemplate")] + pub pvc_name_template: Option, /// Source VM power state before migration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "restorePowerState")] pub restore_power_state: Option, @@ -574,6 +687,18 @@ pub struct PlanStatusMigrationVms { /// Type used to qualify the name. #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// VolumeNameTemplate is a template for generating volume interface names in the target virtual machine. + /// It follows Go template syntax and has access to the following variables: + /// - .PVCName: name of the PVC mounted to the VM using this volume + /// - .VolumeIndex: sequential index of the volume interface (0-based) + /// Note: + /// - This template will override at the plan level template + /// - If not specified on VM level and on Plan leverl, default naming conventions will be used + /// Examples: + /// "disk-{{.VolumeIndex}}" + /// "pvc-{{.PVCName}}" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNameTemplate")] + pub volume_name_template: Option, /// Warm migration status #[serde(default, skip_serializing_if = "Option::is_none")] pub warm: Option, @@ -782,11 +907,24 @@ pub struct PlanStatusMigrationVmsWarm { /// Precopy durations #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PlanStatusMigrationVmsWarmPrecopies { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "createTaskId")] + pub create_task_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deltas: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub end: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "removeTaskId")] + pub remove_task_id: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub snapshot: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub start: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PlanStatusMigrationVmsWarmPrecopiesDeltas { + #[serde(rename = "deltaId")] + pub delta_id: String, + pub disk: String, +} + diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/gateways.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/gateways.rs index f0984fdc9..ce9a6bb55 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/gateways.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/gateways.rs @@ -40,8 +40,6 @@ pub struct GatewaySpec { /// GatewayStatus.Addresses. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub addresses: Option>, /// GatewayClassName used for this Gateway. This is the name of a @@ -57,6 +55,8 @@ pub struct GatewaySpec { /// logical endpoints that are bound on this Gateway's addresses. /// At least one Listener MUST be specified. /// + /// ## Distinct Listeners + /// /// Each Listener in a set of Listeners (for example, in a single Gateway) /// MUST be _distinct_, in that a traffic flow MUST be able to be assigned to /// exactly one listener. (This section uses "set of Listeners" rather than @@ -68,55 +68,76 @@ pub struct GatewaySpec { /// combination of Port, Protocol, and, if supported by the protocol, Hostname. /// /// Some combinations of port, protocol, and TLS settings are considered - /// Core support and MUST be supported by implementations based on their - /// targeted conformance profile: + /// Core support and MUST be supported by implementations based on the objects + /// they support: /// - /// HTTP Profile + /// HTTPRoute /// /// 1. HTTPRoute, Port: 80, Protocol: HTTP /// 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided /// - /// TLS Profile + /// TLSRoute /// /// 1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough /// /// "Distinct" Listeners have the following property: /// - /// The implementation can match inbound requests to a single distinct - /// Listener. When multiple Listeners share values for fields (for + /// **The implementation can match inbound requests to a single distinct + /// Listener**. + /// + /// When multiple Listeners share values for fields (for /// example, two Listeners with the same Port value), the implementation /// can match requests to only one of the Listeners using other /// Listener fields. /// - /// For example, the following Listener scenarios are distinct: + /// When multiple listeners have the same value for the Protocol field, then + /// each of the Listeners with matching Protocol values MUST have different + /// values for other fields. + /// + /// The set of fields that MUST be different for a Listener differs per protocol. + /// The following rules define the rules for what fields MUST be considered for + /// Listeners to be distinct with each protocol currently defined in the + /// Gateway API spec. + /// + /// The set of listeners that all share a protocol value MUST have _different_ + /// values for _at least one_ of these fields to be distinct: + /// + /// * **HTTP, HTTPS, TLS**: Port, Hostname + /// * **TCP, UDP**: Port + /// + /// One **very** important rule to call out involves what happens when an + /// implementation: /// - /// 1. Multiple Listeners with the same Port that all use the "HTTP" - /// Protocol that all have unique Hostname values. - /// 2. Multiple Listeners with the same Port that use either the "HTTPS" or - /// "TLS" Protocol that all have unique Hostname values. - /// 3. A mixture of "TCP" and "UDP" Protocol Listeners, where no Listener - /// with the same Protocol has the same Port value. + /// * Supports TCP protocol Listeners, as well as HTTP, HTTPS, or TLS protocol + /// Listeners, and + /// * sees HTTP, HTTPS, or TLS protocols with the same `port` as one with TCP + /// Protocol. /// - /// Some fields in the Listener struct have possible values that affect - /// whether the Listener is distinct. Hostname is particularly relevant - /// for HTTP or HTTPS protocols. + /// In this case all the Listeners that share a port with the + /// TCP Listener are not distinct and so MUST NOT be accepted. /// - /// When using the Hostname value to select between same-Port, same-Protocol - /// Listeners, the Hostname value must be different on each Listener for the - /// Listener to be distinct. + /// If an implementation does not support TCP Protocol Listeners, then the + /// previous rule does not apply, and the TCP Listeners SHOULD NOT be + /// accepted. /// - /// When the Listeners are distinct based on Hostname, inbound request + /// Note that the `tls` field is not used for determining if a listener is distinct, because + /// Listeners that _only_ differ on TLS config will still conflict in all cases. + /// + /// ### Listeners that are distinct only by Hostname + /// + /// When the Listeners are distinct based only on Hostname, inbound request /// hostnames MUST match from the most specific to least specific Hostname /// values to choose the correct Listener and its associated set of Routes. /// - /// Exact matches must be processed before wildcard matches, and wildcard - /// matches must be processed before fallback (empty Hostname value) + /// Exact matches MUST be processed before wildcard matches, and wildcard + /// matches MUST be processed before fallback (empty Hostname value) /// matches. For example, `"foo.example.com"` takes precedence over /// `"*.example.com"`, and `"*.example.com"` takes precedence over `""`. /// /// Additionally, if there are multiple wildcard entries, more specific /// wildcard entries must be processed before less specific wildcard entries. /// For example, `"*.foo.example.com"` takes precedence over `"*.example.com"`. + /// /// The precise definition here is that the higher the number of dots in the /// hostname to the right of the wildcard character, the higher the precedence. /// @@ -124,18 +145,26 @@ pub struct GatewaySpec { /// the left, however, so `"*.example.com"` will match both /// `"foo.bar.example.com"` _and_ `"bar.example.com"`. /// + /// ## Handling indistinct Listeners + /// /// If a set of Listeners contains Listeners that are not distinct, then those - /// Listeners are Conflicted, and the implementation MUST set the "Conflicted" + /// Listeners are _Conflicted_, and the implementation MUST set the "Conflicted" /// condition in the Listener Status to "True". /// + /// The words "indistinct" and "conflicted" are considered equivalent for the + /// purpose of this documentation. + /// /// Implementations MAY choose to accept a Gateway with some Conflicted /// Listeners only if they only accept the partial Listener set that contains - /// no Conflicted Listeners. To put this another way, implementations may - /// accept a partial Listener set only if they throw out *all* the conflicting - /// Listeners. No picking one of the conflicting listeners as the winner. - /// This also means that the Gateway must have at least one non-conflicting - /// Listener in this case, otherwise it violates the requirement that at - /// least one Listener must be present. + /// no Conflicted Listeners. + /// + /// Specifically, an implementation MAY accept a partial Listener set subject to + /// the following rules: + /// + /// * The implementation MUST NOT pick one conflicting Listener as the winner. + /// ALL indistinct Listeners must not be accepted for processing. + /// * At least one distinct Listener MUST be present, or else the Gateway effectively + /// contains _no_ Listeners, and must be rejected from processing as a whole. /// /// The implementation MUST set a "ListenersNotValid" condition on the /// Gateway Status when the Gateway contains Conflicted Listeners whether or @@ -144,7 +173,25 @@ pub struct GatewaySpec { /// Accepted. Additionally, the Listener status for those listeners SHOULD /// indicate which Listeners are conflicted and not Accepted. /// - /// A Gateway's Listeners are considered "compatible" if: + /// ## General Listener behavior + /// + /// Note that, for all distinct Listeners, requests SHOULD match at most one Listener. + /// For example, if Listeners are defined for "foo.example.com" and "*.example.com", a + /// request to "foo.example.com" SHOULD only be routed using routes attached + /// to the "foo.example.com" Listener (and not the "*.example.com" Listener). + /// + /// This concept is known as "Listener Isolation", and it is an Extended feature + /// of Gateway API. Implementations that do not support Listener Isolation MUST + /// clearly document this, and MUST NOT claim support for the + /// `GatewayHTTPListenerIsolation` feature. + /// + /// Implementations that _do_ support Listener Isolation SHOULD claim support + /// for the Extended `GatewayHTTPListenerIsolation` feature and pass the associated + /// conformance tests. + /// + /// ## Compatible Listeners + /// + /// A Gateway's Listeners are considered _compatible_ if: /// /// 1. They are distinct. /// 2. The implementation can serve them in compliance with the Addresses @@ -159,16 +206,11 @@ pub struct GatewaySpec { /// on the same address, or cannot mix HTTPS and generic TLS listens on the same port /// would not consider those cases compatible, even though they are distinct. /// - /// Note that requests SHOULD match at most one Listener. For example, if - /// Listeners are defined for "foo.example.com" and "*.example.com", a - /// request to "foo.example.com" SHOULD only be routed using routes attached - /// to the "foo.example.com" Listener (and not the "*.example.com" Listener). - /// This concept is known as "Listener Isolation". Implementations that do - /// not support Listener Isolation MUST clearly document this. - /// /// Implementations MAY merge separate Gateways onto a single set of /// Addresses if all Listeners across all Gateways are compatible. /// + /// In a future release the MinItems=1 requirement MAY be dropped. + /// /// Support: Core pub listeners: Vec, } @@ -224,6 +266,11 @@ pub struct GatewayInfrastructure { /// the merging behavior is implementation specific. /// It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. /// + /// If the referent cannot be found, refers to an unsupported kind, or when + /// the data within that resource is malformed, the Gateway SHOULD be + /// rejected with the "Accepted" status condition set to "False" and an + /// "InvalidParameters" reason. + /// /// Support: Implementation-specific #[serde(default, skip_serializing_if = "Option::is_none", rename = "parametersRef")] pub parameters_ref: Option, @@ -239,6 +286,11 @@ pub struct GatewayInfrastructure { /// the merging behavior is implementation specific. /// It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. /// +/// If the referent cannot be found, refers to an unsupported kind, or when +/// the data within that resource is malformed, the Gateway SHOULD be +/// rejected with the "Accepted" status condition set to "False" and an +/// "InvalidParameters" reason. +/// /// Support: Implementation-specific #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GatewayInfrastructureParametersRef { @@ -290,10 +342,31 @@ pub struct GatewayListeners { /// /// * TLS: The Listener Hostname MUST match the SNI. /// * HTTP: The Listener Hostname MUST match the Host header of the request. - /// * HTTPS: The Listener Hostname SHOULD match at both the TLS and HTTP - /// protocol layers as described above. If an implementation does not - /// ensure that both the SNI and Host header match the Listener hostname, - /// it MUST clearly document that. + /// * HTTPS: The Listener Hostname SHOULD match both the SNI and Host header. + /// Note that this does not require the SNI and Host header to be the same. + /// The semantics of this are described in more detail below. + /// + /// To ensure security, Section 11.1 of RFC-6066 emphasizes that server + /// implementations that rely on SNI hostname matching MUST also verify + /// hostnames within the application protocol. + /// + /// Section 9.1.2 of RFC-7540 provides a mechanism for servers to reject the + /// reuse of a connection by responding with the HTTP 421 Misdirected Request + /// status code. This indicates that the origin server has rejected the + /// request because it appears to have been misdirected. + /// + /// To detect misdirected requests, Gateways SHOULD match the authority of + /// the requests with all the SNI hostname(s) configured across all the + /// Gateway Listeners on the same port and protocol: + /// + /// * If another Listener has an exact match or more specific wildcard entry, + /// the Gateway SHOULD return a 421. + /// * If the current Listener (selected by SNI matching during ClientHello) + /// does not match the Host: + /// * If another Listener does match the Host the Gateway SHOULD return a + /// 421. + /// * If no other Listener matches the Host, the Gateway MUST return a + /// 404. /// /// For HTTPRoute and TLSRoute resources, there is an interaction with the /// `spec.hostnames` array. When both listener and route specify hostnames, @@ -429,6 +502,7 @@ pub enum GatewayListenersAllowedRoutesNamespacesFrom { All, Selector, Same, + None, } /// Selector must be specified when From is set to "Selector". In that case, @@ -595,8 +669,6 @@ pub struct GatewayStatus { /// * no addresses are specified, all addresses are dynamically assigned /// * a combination of specified and dynamic addresses are assigned /// * a specified address was unusable (e.g. already in use) - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub addresses: Option>, /// Conditions describe the current conditions of the Gateway. diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/grpcroutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/grpcroutes.rs index 3a996c78c..f5fe21743 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/grpcroutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/grpcroutes.rs @@ -121,18 +121,9 @@ pub struct GRPCRouteSpec { /// allowed by something in the namespace they are referring to. For example, /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable other kinds of cross-namespace reference. - /// - /// - /// - /// - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, /// Rules are a list of GRPC matchers, filters and actions. - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub rules: Option>, } @@ -182,8 +173,6 @@ pub struct GRPCRouteParentRefs { /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable any other kind of cross-namespace reference. /// - /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -198,8 +187,6 @@ pub struct GRPCRouteParentRefs { /// and SectionName are specified, the name and port of the selected listener /// must match both specified values. /// - /// - /// /// Implementations MAY choose to support other parent resources. /// Implementations supporting other types of parent resources MUST clearly /// document how/if Port is interpreted. @@ -295,7 +282,7 @@ pub struct GRPCRouteRules { /// Specifying the same filter multiple times is not supported unless explicitly /// indicated in the filter. /// - /// If an implementation can not support a combination of filters, it must clearly + /// If an implementation cannot support a combination of filters, it must clearly /// document that limitation. In cases where incompatible or unsupported /// filters are specified and cause the `Accepted` condition to be set to status /// `False`, implementations may use the `IncompatibleFilters` reason to specify @@ -363,24 +350,6 @@ pub struct GRPCRouteRules { /// ReferenceGrant object is required in the referent namespace to allow that /// namespace's owner to accept the reference. See the ReferenceGrant /// documentation for details. -/// -/// -/// -/// When the BackendRef points to a Kubernetes Service, implementations SHOULD -/// honor the appProtocol field if it is set for the target Service Port. -/// -/// Implementations supporting appProtocol SHOULD recognize the Kubernetes -/// Standard Application Protocols defined in KEP-3726. -/// -/// If a Service appProtocol isn't specified, an implementation MAY infer the -/// backend protocol through its own means. Implementations MAY infer the -/// protocol from the Route type referring to the backend Service. -/// -/// If a Route is not able to send traffic to the backend using the specified -/// protocol then the backend is considered invalid. Implementations MUST set the -/// "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesBackendRefs { /// Filters defined at this level MUST be executed if and only if the @@ -480,8 +449,6 @@ pub struct GRPCRouteRulesBackendRefsFilters { /// backends. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestMirror")] pub request_mirror: Option, /// ResponseHeaderModifier defines a schema for a filter that modifies response @@ -514,8 +481,6 @@ pub struct GRPCRouteRulesBackendRefsFilters { /// If a reference to a custom filter type cannot be resolved, the filter /// MUST NOT be skipped. Instead, requests that would have been processed by /// that filter MUST receive a HTTP error response. - /// - /// #[serde(rename = "type")] pub r#type: GRPCRouteRulesBackendRefsFiltersType, } @@ -605,7 +570,7 @@ pub struct GRPCRouteRulesBackendRefsFiltersRequestHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesBackendRefsFiltersRequestHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -621,7 +586,7 @@ pub struct GRPCRouteRulesBackendRefsFiltersRequestHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesBackendRefsFiltersRequestHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -642,8 +607,6 @@ pub struct GRPCRouteRulesBackendRefsFiltersRequestHeaderModifierSet { /// backends. /// /// Support: Extended -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesBackendRefsFiltersRequestMirror { /// BackendRef references a resource where mirrored requests are sent. @@ -806,7 +769,7 @@ pub struct GRPCRouteRulesBackendRefsFiltersResponseHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesBackendRefsFiltersResponseHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -822,7 +785,7 @@ pub struct GRPCRouteRulesBackendRefsFiltersResponseHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesBackendRefsFiltersResponseHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -881,8 +844,6 @@ pub struct GRPCRouteRulesFilters { /// backends. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestMirror")] pub request_mirror: Option, /// ResponseHeaderModifier defines a schema for a filter that modifies response @@ -915,8 +876,6 @@ pub struct GRPCRouteRulesFilters { /// If a reference to a custom filter type cannot be resolved, the filter /// MUST NOT be skipped. Instead, requests that would have been processed by /// that filter MUST receive a HTTP error response. - /// - /// #[serde(rename = "type")] pub r#type: GRPCRouteRulesFiltersType, } @@ -1006,7 +965,7 @@ pub struct GRPCRouteRulesFiltersRequestHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesFiltersRequestHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1022,7 +981,7 @@ pub struct GRPCRouteRulesFiltersRequestHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesFiltersRequestHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1043,8 +1002,6 @@ pub struct GRPCRouteRulesFiltersRequestHeaderModifierSet { /// backends. /// /// Support: Extended -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesFiltersRequestMirror { /// BackendRef references a resource where mirrored requests are sent. @@ -1207,7 +1164,7 @@ pub struct GRPCRouteRulesFiltersResponseHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesFiltersResponseHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1223,7 +1180,7 @@ pub struct GRPCRouteRulesFiltersResponseHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GRPCRouteRulesFiltersResponseHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1380,7 +1337,7 @@ pub struct GRPCRouteStatusParents { /// There are a number of cases where the "Accepted" condition may not be set /// due to lack of controller visibility, that includes when: /// - /// * The Route refers to a non-existent parent. + /// * The Route refers to a nonexistent parent. /// * The Route is of a type that the controller does not support. /// * The Route is in a namespace the controller does not have access to. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1441,8 +1398,6 @@ pub struct GRPCRouteStatusParentsParentRef { /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable any other kind of cross-namespace reference. /// - /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -1457,8 +1412,6 @@ pub struct GRPCRouteStatusParentsParentRef { /// and SectionName are specified, the name and port of the selected listener /// must match both specified values. /// - /// - /// /// Implementations MAY choose to support other parent resources. /// Implementations supporting other types of parent resources MUST clearly /// document how/if Port is interpreted. diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs index 2ca09e028..ec3939f8e 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs @@ -124,18 +124,9 @@ pub struct HTTPRouteSpec { /// allowed by something in the namespace they are referring to. For example, /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable other kinds of cross-namespace reference. - /// - /// - /// - /// - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, /// Rules are a list of HTTP matchers, filters and actions. - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub rules: Option>, } @@ -185,8 +176,6 @@ pub struct HTTPRouteParentRefs { /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable any other kind of cross-namespace reference. /// - /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -201,8 +190,6 @@ pub struct HTTPRouteParentRefs { /// and SectionName are specified, the name and port of the selected listener /// must match both specified values. /// - /// - /// /// Implementations MAY choose to support other parent resources. /// Implementations supporting other types of parent resources MUST clearly /// document how/if Port is interpreted. @@ -295,7 +282,7 @@ pub struct HTTPRouteRules { /// they are specified. /// /// Implementations MAY choose to implement this ordering strictly, rejecting - /// any combination or order of filters that can not be supported. If implementations + /// any combination or order of filters that cannot be supported. If implementations /// choose a strict interpretation of filter ordering, they MUST clearly document /// that behavior. /// @@ -317,7 +304,7 @@ pub struct HTTPRouteRules { /// /// All filters are expected to be compatible with each other except for the /// URLRewrite and RequestRedirect filters, which may not be combined. If an - /// implementation can not support other combinations of filters, they must clearly + /// implementation cannot support other combinations of filters, they must clearly /// document that limitation. In cases where incompatible or unsupported /// filters are specified and cause the `Accepted` condition to be set to status /// `False`, implementations may use the `IncompatibleFilters` reason to specify @@ -397,24 +384,6 @@ pub struct HTTPRouteRules { /// ReferenceGrant object is required in the referent namespace to allow that /// namespace's owner to accept the reference. See the ReferenceGrant /// documentation for details. -/// -/// -/// -/// When the BackendRef points to a Kubernetes Service, implementations SHOULD -/// honor the appProtocol field if it is set for the target Service Port. -/// -/// Implementations supporting appProtocol SHOULD recognize the Kubernetes -/// Standard Application Protocols defined in KEP-3726. -/// -/// If a Service appProtocol isn't specified, an implementation MAY infer the -/// backend protocol through its own means. Implementations MAY infer the -/// protocol from the Route type referring to the backend Service. -/// -/// If a Route is not able to send traffic to the backend using the specified -/// protocol then the backend is considered invalid. Implementations MUST set the -/// "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefs { /// Filters defined at this level should be executed if and only if the @@ -514,8 +483,6 @@ pub struct HTTPRouteRulesBackendRefsFilters { /// backends. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestMirror")] pub request_mirror: Option, /// RequestRedirect defines a schema for a filter that responds to the @@ -656,7 +623,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -672,7 +639,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -693,8 +660,6 @@ pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierSet { /// backends. /// /// Support: Extended -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersRequestMirror { /// BackendRef references a resource where mirrored requests are sent. @@ -1008,7 +973,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1024,7 +989,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1153,8 +1118,6 @@ pub struct HTTPRouteRulesFilters { /// backends. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestMirror")] pub request_mirror: Option, /// RequestRedirect defines a schema for a filter that responds to the @@ -1295,7 +1258,7 @@ pub struct HTTPRouteRulesFiltersRequestHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersRequestHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1311,7 +1274,7 @@ pub struct HTTPRouteRulesFiltersRequestHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersRequestHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1332,8 +1295,6 @@ pub struct HTTPRouteRulesFiltersRequestHeaderModifierSet { /// backends. /// /// Support: Extended -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersRequestMirror { /// BackendRef references a resource where mirrored requests are sent. @@ -1647,7 +1608,7 @@ pub struct HTTPRouteRulesFiltersResponseHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersResponseHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1663,7 +1624,7 @@ pub struct HTTPRouteRulesFiltersResponseHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersResponseHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1808,7 +1769,7 @@ pub struct HTTPRouteRulesMatches { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesMatchesHeaders { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, only the first /// entry with an equivalent name MUST be considered for a match. Subsequent @@ -2048,7 +2009,7 @@ pub struct HTTPRouteStatusParents { /// There are a number of cases where the "Accepted" condition may not be set /// due to lack of controller visibility, that includes when: /// - /// * The Route refers to a non-existent parent. + /// * The Route refers to a nonexistent parent. /// * The Route is of a type that the controller does not support. /// * The Route is in a namespace the controller does not have access to. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2109,8 +2070,6 @@ pub struct HTTPRouteStatusParentsParentRef { /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable any other kind of cross-namespace reference. /// - /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -2125,8 +2084,6 @@ pub struct HTTPRouteStatusParentsParentRef { /// and SectionName are specified, the name and port of the selected listener /// must match both specified values. /// - /// - /// /// Implementations MAY choose to support other parent resources. /// Implementations supporting other types of parent resources MUST clearly /// document how/if Port is interpreted. diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/backendlbpolicies.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/backendlbpolicies.rs index cd5285a3f..582a76522 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/backendlbpolicies.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/backendlbpolicies.rs @@ -98,6 +98,8 @@ pub struct BackendLBPolicySessionPersistenceCookieConfig { /// absolute lifetime of the cookie tracked by the gateway and /// is optional. /// + /// Defaults to "Session". + /// /// Support: Core for "Session" type /// /// Support: Extended for "Permanent" type diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs index a3a1ed709..b195ed5d4 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tcproutes.rs @@ -80,17 +80,9 @@ pub struct TCPRouteSpec { /// connections originating from the same namespace as the Route, for which /// the intended destination of the connections are a Service targeted as a /// ParentRef of the Route. - /// - /// - /// - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, /// Rules are a list of TCP matchers and actions. - /// - /// pub rules: Vec, } @@ -218,7 +210,7 @@ pub struct TCPRouteParentRefs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TCPRouteRules { /// BackendRefs defines the backend(s) where matching requests should be - /// sent. If unspecified or invalid (refers to a non-existent resource or a + /// sent. If unspecified or invalid (refers to a nonexistent resource or a /// Service with no endpoints), the underlying implementation MUST actively /// reject connection attempts to this backend. Connection rejections must /// respect weight; if an invalid backend is requested to have 80% of @@ -248,7 +240,6 @@ pub struct TCPRouteRules { /// namespace's owner to accept the reference. See the ReferenceGrant /// documentation for details. /// -/// /// /// When the BackendRef points to a Kubernetes Service, implementations SHOULD /// honor the appProtocol field if it is set for the target Service Port. @@ -264,7 +255,6 @@ pub struct TCPRouteRules { /// protocol then the backend is considered invalid. Implementations MUST set the /// "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. /// -/// /// /// Note that when the BackendTLSPolicy object is enabled by the implementation, /// there are some extra rules about validity to consider here. See the fields @@ -368,7 +358,7 @@ pub struct TCPRouteStatusParents { /// There are a number of cases where the "Accepted" condition may not be set /// due to lack of controller visibility, that includes when: /// - /// * The Route refers to a non-existent parent. + /// * The Route refers to a nonexistent parent. /// * The Route is of a type that the controller does not support. /// * The Route is in a namespace the controller does not have access to. #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs index 9b9d18d54..5c6734f3a 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/tlsroutes.rs @@ -115,17 +115,9 @@ pub struct TLSRouteSpec { /// connections originating from the same namespace as the Route, for which /// the intended destination of the connections are a Service targeted as a /// ParentRef of the Route. - /// - /// - /// - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, /// Rules are a list of TLS matchers and actions. - /// - /// pub rules: Vec, } @@ -253,7 +245,7 @@ pub struct TLSRouteParentRefs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TLSRouteRules { /// BackendRefs defines the backend(s) where matching requests should be - /// sent. If unspecified or invalid (refers to a non-existent resource or + /// sent. If unspecified or invalid (refers to a nonexistent resource or /// a Service with no endpoints), the rule performs no forwarding; if no /// filters are specified that would result in a response being sent, the /// underlying implementation must actively reject request attempts to this @@ -286,7 +278,6 @@ pub struct TLSRouteRules { /// namespace's owner to accept the reference. See the ReferenceGrant /// documentation for details. /// -/// /// /// When the BackendRef points to a Kubernetes Service, implementations SHOULD /// honor the appProtocol field if it is set for the target Service Port. @@ -302,7 +293,6 @@ pub struct TLSRouteRules { /// protocol then the backend is considered invalid. Implementations MUST set the /// "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. /// -/// /// /// Note that when the BackendTLSPolicy object is enabled by the implementation, /// there are some extra rules about validity to consider here. See the fields @@ -406,7 +396,7 @@ pub struct TLSRouteStatusParents { /// There are a number of cases where the "Accepted" condition may not be set /// due to lack of controller visibility, that includes when: /// - /// * The Route refers to a non-existent parent. + /// * The Route refers to a nonexistent parent. /// * The Route is of a type that the controller does not support. /// * The Route is in a namespace the controller does not have access to. #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs index 8771f3890..520c62b06 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha2/udproutes.rs @@ -80,17 +80,9 @@ pub struct UDPRouteSpec { /// connections originating from the same namespace as the Route, for which /// the intended destination of the connections are a Service targeted as a /// ParentRef of the Route. - /// - /// - /// - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, /// Rules are a list of UDP matchers and actions. - /// - /// pub rules: Vec, } @@ -218,7 +210,7 @@ pub struct UDPRouteParentRefs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct UDPRouteRules { /// BackendRefs defines the backend(s) where matching requests should be - /// sent. If unspecified or invalid (refers to a non-existent resource or a + /// sent. If unspecified or invalid (refers to a nonexistent resource or a /// Service with no endpoints), the underlying implementation MUST actively /// reject connection attempts to this backend. Packet drops must /// respect weight; if an invalid backend is requested to have 80% of @@ -248,7 +240,6 @@ pub struct UDPRouteRules { /// namespace's owner to accept the reference. See the ReferenceGrant /// documentation for details. /// -/// /// /// When the BackendRef points to a Kubernetes Service, implementations SHOULD /// honor the appProtocol field if it is set for the target Service Port. @@ -264,7 +255,6 @@ pub struct UDPRouteRules { /// protocol then the backend is considered invalid. Implementations MUST set the /// "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. /// -/// /// /// Note that when the BackendTLSPolicy object is enabled by the implementation, /// there are some extra rules about validity to consider here. See the fields @@ -368,7 +358,7 @@ pub struct UDPRouteStatusParents { /// There are a number of cases where the "Accepted" condition may not be set /// due to lack of controller visibility, that includes when: /// - /// * The Route refers to a non-existent parent. + /// * The Route refers to a nonexistent parent. /// * The Route is of a type that the controller does not support. /// * The Route is in a namespace the controller does not have access to. #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha3/backendtlspolicies.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha3/backendtlspolicies.rs index f1f293c53..358c035da 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha3/backendtlspolicies.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1alpha3/backendtlspolicies.rs @@ -39,6 +39,14 @@ pub struct BackendTLSPolicySpec { /// by default, but this default may change in the future to provide /// a more granular application of the policy. /// + /// TargetRefs must be _distinct_. This means either that: + /// + /// * They select different targets. If this is the case, then targetRef + /// entries are distinct. In terms of fields, this means that the + /// multi-part key defined by `group`, `kind`, and `name` must + /// be unique across all targetRef entries in the BackendTLSPolicy. + /// * They select different sectionNames in the same target. + /// /// Support: Extended for Kubernetes Service /// /// Support: Implementation-specific for any other resource @@ -89,7 +97,7 @@ pub struct BackendTLSPolicyValidation { /// /// If CACertificateRefs is empty or unspecified, then WellKnownCACertificates must be /// specified. Only one of CACertificateRefs or WellKnownCACertificates may be specified, - /// not both. If CACertifcateRefs is empty or unspecified, the configuration for + /// not both. If CACertificateRefs is empty or unspecified, the configuration for /// WellKnownCACertificates MUST be honored instead if supported by the implementation. /// /// References to a resource in a different namespace are invalid for the @@ -110,17 +118,17 @@ pub struct BackendTLSPolicyValidation { /// backends: /// /// 1. Hostname MUST be used as the SNI to connect to the backend (RFC 6066). - /// 2. If SubjectAltNames is not specified, Hostname MUST be used for + /// 2. Hostname MUST be used for authentication and MUST match the certificate served by the matching backend, unless SubjectAltNames is specified. /// authentication and MUST match the certificate served by the matching /// backend. /// /// Support: Core pub hostname: String, /// SubjectAltNames contains one or more Subject Alternative Names. - /// When specified, the certificate served from the backend MUST have at least one - /// Subject Alternate Name matching one of the specified SubjectAltNames. + /// When specified the certificate served from the backend MUST + /// have at least one Subject Alternate Name matching one of the specified SubjectAltNames. /// - /// Support: Core + /// Support: Extended #[serde(default, skip_serializing_if = "Option::is_none", rename = "subjectAltNames")] pub subject_alt_names: Option>, /// WellKnownCACertificates specifies whether system CA certificates may be used in diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/gateways.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/gateways.rs index f3c8420e8..169a7dc21 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/gateways.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/gateways.rs @@ -40,8 +40,6 @@ pub struct GatewaySpec { /// GatewayStatus.Addresses. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub addresses: Option>, /// GatewayClassName used for this Gateway. This is the name of a @@ -57,6 +55,8 @@ pub struct GatewaySpec { /// logical endpoints that are bound on this Gateway's addresses. /// At least one Listener MUST be specified. /// + /// ## Distinct Listeners + /// /// Each Listener in a set of Listeners (for example, in a single Gateway) /// MUST be _distinct_, in that a traffic flow MUST be able to be assigned to /// exactly one listener. (This section uses "set of Listeners" rather than @@ -68,55 +68,76 @@ pub struct GatewaySpec { /// combination of Port, Protocol, and, if supported by the protocol, Hostname. /// /// Some combinations of port, protocol, and TLS settings are considered - /// Core support and MUST be supported by implementations based on their - /// targeted conformance profile: + /// Core support and MUST be supported by implementations based on the objects + /// they support: /// - /// HTTP Profile + /// HTTPRoute /// /// 1. HTTPRoute, Port: 80, Protocol: HTTP /// 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided /// - /// TLS Profile + /// TLSRoute /// /// 1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough /// /// "Distinct" Listeners have the following property: /// - /// The implementation can match inbound requests to a single distinct - /// Listener. When multiple Listeners share values for fields (for + /// **The implementation can match inbound requests to a single distinct + /// Listener**. + /// + /// When multiple Listeners share values for fields (for /// example, two Listeners with the same Port value), the implementation /// can match requests to only one of the Listeners using other /// Listener fields. /// - /// For example, the following Listener scenarios are distinct: + /// When multiple listeners have the same value for the Protocol field, then + /// each of the Listeners with matching Protocol values MUST have different + /// values for other fields. + /// + /// The set of fields that MUST be different for a Listener differs per protocol. + /// The following rules define the rules for what fields MUST be considered for + /// Listeners to be distinct with each protocol currently defined in the + /// Gateway API spec. + /// + /// The set of listeners that all share a protocol value MUST have _different_ + /// values for _at least one_ of these fields to be distinct: + /// + /// * **HTTP, HTTPS, TLS**: Port, Hostname + /// * **TCP, UDP**: Port + /// + /// One **very** important rule to call out involves what happens when an + /// implementation: /// - /// 1. Multiple Listeners with the same Port that all use the "HTTP" - /// Protocol that all have unique Hostname values. - /// 2. Multiple Listeners with the same Port that use either the "HTTPS" or - /// "TLS" Protocol that all have unique Hostname values. - /// 3. A mixture of "TCP" and "UDP" Protocol Listeners, where no Listener - /// with the same Protocol has the same Port value. + /// * Supports TCP protocol Listeners, as well as HTTP, HTTPS, or TLS protocol + /// Listeners, and + /// * sees HTTP, HTTPS, or TLS protocols with the same `port` as one with TCP + /// Protocol. /// - /// Some fields in the Listener struct have possible values that affect - /// whether the Listener is distinct. Hostname is particularly relevant - /// for HTTP or HTTPS protocols. + /// In this case all the Listeners that share a port with the + /// TCP Listener are not distinct and so MUST NOT be accepted. /// - /// When using the Hostname value to select between same-Port, same-Protocol - /// Listeners, the Hostname value must be different on each Listener for the - /// Listener to be distinct. + /// If an implementation does not support TCP Protocol Listeners, then the + /// previous rule does not apply, and the TCP Listeners SHOULD NOT be + /// accepted. /// - /// When the Listeners are distinct based on Hostname, inbound request + /// Note that the `tls` field is not used for determining if a listener is distinct, because + /// Listeners that _only_ differ on TLS config will still conflict in all cases. + /// + /// ### Listeners that are distinct only by Hostname + /// + /// When the Listeners are distinct based only on Hostname, inbound request /// hostnames MUST match from the most specific to least specific Hostname /// values to choose the correct Listener and its associated set of Routes. /// - /// Exact matches must be processed before wildcard matches, and wildcard - /// matches must be processed before fallback (empty Hostname value) + /// Exact matches MUST be processed before wildcard matches, and wildcard + /// matches MUST be processed before fallback (empty Hostname value) /// matches. For example, `"foo.example.com"` takes precedence over /// `"*.example.com"`, and `"*.example.com"` takes precedence over `""`. /// /// Additionally, if there are multiple wildcard entries, more specific /// wildcard entries must be processed before less specific wildcard entries. /// For example, `"*.foo.example.com"` takes precedence over `"*.example.com"`. + /// /// The precise definition here is that the higher the number of dots in the /// hostname to the right of the wildcard character, the higher the precedence. /// @@ -124,18 +145,26 @@ pub struct GatewaySpec { /// the left, however, so `"*.example.com"` will match both /// `"foo.bar.example.com"` _and_ `"bar.example.com"`. /// + /// ## Handling indistinct Listeners + /// /// If a set of Listeners contains Listeners that are not distinct, then those - /// Listeners are Conflicted, and the implementation MUST set the "Conflicted" + /// Listeners are _Conflicted_, and the implementation MUST set the "Conflicted" /// condition in the Listener Status to "True". /// + /// The words "indistinct" and "conflicted" are considered equivalent for the + /// purpose of this documentation. + /// /// Implementations MAY choose to accept a Gateway with some Conflicted /// Listeners only if they only accept the partial Listener set that contains - /// no Conflicted Listeners. To put this another way, implementations may - /// accept a partial Listener set only if they throw out *all* the conflicting - /// Listeners. No picking one of the conflicting listeners as the winner. - /// This also means that the Gateway must have at least one non-conflicting - /// Listener in this case, otherwise it violates the requirement that at - /// least one Listener must be present. + /// no Conflicted Listeners. + /// + /// Specifically, an implementation MAY accept a partial Listener set subject to + /// the following rules: + /// + /// * The implementation MUST NOT pick one conflicting Listener as the winner. + /// ALL indistinct Listeners must not be accepted for processing. + /// * At least one distinct Listener MUST be present, or else the Gateway effectively + /// contains _no_ Listeners, and must be rejected from processing as a whole. /// /// The implementation MUST set a "ListenersNotValid" condition on the /// Gateway Status when the Gateway contains Conflicted Listeners whether or @@ -144,7 +173,25 @@ pub struct GatewaySpec { /// Accepted. Additionally, the Listener status for those listeners SHOULD /// indicate which Listeners are conflicted and not Accepted. /// - /// A Gateway's Listeners are considered "compatible" if: + /// ## General Listener behavior + /// + /// Note that, for all distinct Listeners, requests SHOULD match at most one Listener. + /// For example, if Listeners are defined for "foo.example.com" and "*.example.com", a + /// request to "foo.example.com" SHOULD only be routed using routes attached + /// to the "foo.example.com" Listener (and not the "*.example.com" Listener). + /// + /// This concept is known as "Listener Isolation", and it is an Extended feature + /// of Gateway API. Implementations that do not support Listener Isolation MUST + /// clearly document this, and MUST NOT claim support for the + /// `GatewayHTTPListenerIsolation` feature. + /// + /// Implementations that _do_ support Listener Isolation SHOULD claim support + /// for the Extended `GatewayHTTPListenerIsolation` feature and pass the associated + /// conformance tests. + /// + /// ## Compatible Listeners + /// + /// A Gateway's Listeners are considered _compatible_ if: /// /// 1. They are distinct. /// 2. The implementation can serve them in compliance with the Addresses @@ -159,16 +206,11 @@ pub struct GatewaySpec { /// on the same address, or cannot mix HTTPS and generic TLS listens on the same port /// would not consider those cases compatible, even though they are distinct. /// - /// Note that requests SHOULD match at most one Listener. For example, if - /// Listeners are defined for "foo.example.com" and "*.example.com", a - /// request to "foo.example.com" SHOULD only be routed using routes attached - /// to the "foo.example.com" Listener (and not the "*.example.com" Listener). - /// This concept is known as "Listener Isolation". Implementations that do - /// not support Listener Isolation MUST clearly document this. - /// /// Implementations MAY merge separate Gateways onto a single set of /// Addresses if all Listeners across all Gateways are compatible. /// + /// In a future release the MinItems=1 requirement MAY be dropped. + /// /// Support: Core pub listeners: Vec, } @@ -224,6 +266,11 @@ pub struct GatewayInfrastructure { /// the merging behavior is implementation specific. /// It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. /// + /// If the referent cannot be found, refers to an unsupported kind, or when + /// the data within that resource is malformed, the Gateway SHOULD be + /// rejected with the "Accepted" status condition set to "False" and an + /// "InvalidParameters" reason. + /// /// Support: Implementation-specific #[serde(default, skip_serializing_if = "Option::is_none", rename = "parametersRef")] pub parameters_ref: Option, @@ -239,6 +286,11 @@ pub struct GatewayInfrastructure { /// the merging behavior is implementation specific. /// It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. /// +/// If the referent cannot be found, refers to an unsupported kind, or when +/// the data within that resource is malformed, the Gateway SHOULD be +/// rejected with the "Accepted" status condition set to "False" and an +/// "InvalidParameters" reason. +/// /// Support: Implementation-specific #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GatewayInfrastructureParametersRef { @@ -290,10 +342,31 @@ pub struct GatewayListeners { /// /// * TLS: The Listener Hostname MUST match the SNI. /// * HTTP: The Listener Hostname MUST match the Host header of the request. - /// * HTTPS: The Listener Hostname SHOULD match at both the TLS and HTTP - /// protocol layers as described above. If an implementation does not - /// ensure that both the SNI and Host header match the Listener hostname, - /// it MUST clearly document that. + /// * HTTPS: The Listener Hostname SHOULD match both the SNI and Host header. + /// Note that this does not require the SNI and Host header to be the same. + /// The semantics of this are described in more detail below. + /// + /// To ensure security, Section 11.1 of RFC-6066 emphasizes that server + /// implementations that rely on SNI hostname matching MUST also verify + /// hostnames within the application protocol. + /// + /// Section 9.1.2 of RFC-7540 provides a mechanism for servers to reject the + /// reuse of a connection by responding with the HTTP 421 Misdirected Request + /// status code. This indicates that the origin server has rejected the + /// request because it appears to have been misdirected. + /// + /// To detect misdirected requests, Gateways SHOULD match the authority of + /// the requests with all the SNI hostname(s) configured across all the + /// Gateway Listeners on the same port and protocol: + /// + /// * If another Listener has an exact match or more specific wildcard entry, + /// the Gateway SHOULD return a 421. + /// * If the current Listener (selected by SNI matching during ClientHello) + /// does not match the Host: + /// * If another Listener does match the Host the Gateway SHOULD return a + /// 421. + /// * If no other Listener matches the Host, the Gateway MUST return a + /// 404. /// /// For HTTPRoute and TLSRoute resources, there is an interaction with the /// `spec.hostnames` array. When both listener and route specify hostnames, @@ -429,6 +502,7 @@ pub enum GatewayListenersAllowedRoutesNamespacesFrom { All, Selector, Same, + None, } /// Selector must be specified when From is set to "Selector". In that case, @@ -595,8 +669,6 @@ pub struct GatewayStatus { /// * no addresses are specified, all addresses are dynamically assigned /// * a combination of specified and dynamic addresses are assigned /// * a specified address was unusable (e.g. already in use) - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub addresses: Option>, /// Conditions describe the current conditions of the Gateway. diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs index aefa23f56..647adb783 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs @@ -124,18 +124,9 @@ pub struct HTTPRouteSpec { /// allowed by something in the namespace they are referring to. For example, /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable other kinds of cross-namespace reference. - /// - /// - /// - /// - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, /// Rules are a list of HTTP matchers, filters and actions. - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub rules: Option>, } @@ -185,8 +176,6 @@ pub struct HTTPRouteParentRefs { /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable any other kind of cross-namespace reference. /// - /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -201,8 +190,6 @@ pub struct HTTPRouteParentRefs { /// and SectionName are specified, the name and port of the selected listener /// must match both specified values. /// - /// - /// /// Implementations MAY choose to support other parent resources. /// Implementations supporting other types of parent resources MUST clearly /// document how/if Port is interpreted. @@ -295,7 +282,7 @@ pub struct HTTPRouteRules { /// they are specified. /// /// Implementations MAY choose to implement this ordering strictly, rejecting - /// any combination or order of filters that can not be supported. If implementations + /// any combination or order of filters that cannot be supported. If implementations /// choose a strict interpretation of filter ordering, they MUST clearly document /// that behavior. /// @@ -317,7 +304,7 @@ pub struct HTTPRouteRules { /// /// All filters are expected to be compatible with each other except for the /// URLRewrite and RequestRedirect filters, which may not be combined. If an - /// implementation can not support other combinations of filters, they must clearly + /// implementation cannot support other combinations of filters, they must clearly /// document that limitation. In cases where incompatible or unsupported /// filters are specified and cause the `Accepted` condition to be set to status /// `False`, implementations may use the `IncompatibleFilters` reason to specify @@ -397,24 +384,6 @@ pub struct HTTPRouteRules { /// ReferenceGrant object is required in the referent namespace to allow that /// namespace's owner to accept the reference. See the ReferenceGrant /// documentation for details. -/// -/// -/// -/// When the BackendRef points to a Kubernetes Service, implementations SHOULD -/// honor the appProtocol field if it is set for the target Service Port. -/// -/// Implementations supporting appProtocol SHOULD recognize the Kubernetes -/// Standard Application Protocols defined in KEP-3726. -/// -/// If a Service appProtocol isn't specified, an implementation MAY infer the -/// backend protocol through its own means. Implementations MAY infer the -/// protocol from the Route type referring to the backend Service. -/// -/// If a Route is not able to send traffic to the backend using the specified -/// protocol then the backend is considered invalid. Implementations MUST set the -/// "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefs { /// Filters defined at this level should be executed if and only if the @@ -514,8 +483,6 @@ pub struct HTTPRouteRulesBackendRefsFilters { /// backends. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestMirror")] pub request_mirror: Option, /// RequestRedirect defines a schema for a filter that responds to the @@ -656,7 +623,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -672,7 +639,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -693,8 +660,6 @@ pub struct HTTPRouteRulesBackendRefsFiltersRequestHeaderModifierSet { /// backends. /// /// Support: Extended -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersRequestMirror { /// BackendRef references a resource where mirrored requests are sent. @@ -1008,7 +973,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1024,7 +989,7 @@ pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesBackendRefsFiltersResponseHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1153,8 +1118,6 @@ pub struct HTTPRouteRulesFilters { /// backends. /// /// Support: Extended - /// - /// #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestMirror")] pub request_mirror: Option, /// RequestRedirect defines a schema for a filter that responds to the @@ -1295,7 +1258,7 @@ pub struct HTTPRouteRulesFiltersRequestHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersRequestHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1311,7 +1274,7 @@ pub struct HTTPRouteRulesFiltersRequestHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersRequestHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1332,8 +1295,6 @@ pub struct HTTPRouteRulesFiltersRequestHeaderModifierSet { /// backends. /// /// Support: Extended -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersRequestMirror { /// BackendRef references a resource where mirrored requests are sent. @@ -1647,7 +1608,7 @@ pub struct HTTPRouteRulesFiltersResponseHeaderModifier { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersResponseHeaderModifierAdd { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1663,7 +1624,7 @@ pub struct HTTPRouteRulesFiltersResponseHeaderModifierAdd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesFiltersResponseHeaderModifierSet { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, the first entry with /// an equivalent name MUST be considered for a match. Subsequent entries @@ -1808,7 +1769,7 @@ pub struct HTTPRouteRulesMatches { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesMatchesHeaders { /// Name is the name of the HTTP Header to be matched. Name matching MUST be - /// case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + /// case-insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). /// /// If multiple entries specify equivalent header names, only the first /// entry with an equivalent name MUST be considered for a match. Subsequent @@ -2048,7 +2009,7 @@ pub struct HTTPRouteStatusParents { /// There are a number of cases where the "Accepted" condition may not be set /// due to lack of controller visibility, that includes when: /// - /// * The Route refers to a non-existent parent. + /// * The Route refers to a nonexistent parent. /// * The Route is of a type that the controller does not support. /// * The Route is in a namespace the controller does not have access to. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2109,8 +2070,6 @@ pub struct HTTPRouteStatusParentsParentRef { /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a /// generic way to enable any other kind of cross-namespace reference. /// - /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, @@ -2125,8 +2084,6 @@ pub struct HTTPRouteStatusParentsParentRef { /// and SectionName are specified, the name and port of the selected listener /// must match both specified values. /// - /// - /// /// Implementations MAY choose to support other parent resources. /// Implementations supporting other types of parent resources MUST clearly /// document how/if Port is interpreted. diff --git a/kube-custom-resources-rs/src/gateway_nginx_org/mod.rs b/kube-custom-resources-rs/src/gateway_nginx_org/mod.rs index 32a5a9d4f..5550e626e 100644 --- a/kube-custom-resources-rs/src/gateway_nginx_org/mod.rs +++ b/kube-custom-resources-rs/src/gateway_nginx_org/mod.rs @@ -1 +1,2 @@ pub mod v1alpha1; +pub mod v1alpha2; diff --git a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs index 9977b9474..ba0a6b105 100644 --- a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs +++ b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha1/nginxproxies.rs @@ -27,6 +27,9 @@ pub struct NginxProxySpec { /// Logging defines logging related settings for NGINX. #[serde(default, skip_serializing_if = "Option::is_none")] pub logging: Option, + /// NginxPlus specifies NGINX Plus additional settings. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nginxPlus")] + pub nginx_plus: Option, /// RewriteClientIP defines configuration for rewriting the client IP to the original client's IP. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rewriteClientIP")] pub rewrite_client_ip: Option, @@ -78,6 +81,33 @@ pub enum NginxProxyLoggingErrorLevel { Emerg, } +/// NginxPlus specifies NGINX Plus additional settings. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct NginxProxyNginxPlus { + /// AllowedAddresses specifies IPAddresses or CIDR blocks to the allow list for accessing the NGINX Plus API. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedAddresses")] + pub allowed_addresses: Option>, +} + +/// NginxPlusAllowAddress specifies the address type and value for an NginxPlus allow address. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct NginxProxyNginxPlusAllowedAddresses { + /// Type specifies the type of address. + #[serde(rename = "type")] + pub r#type: NginxProxyNginxPlusAllowedAddressesType, + /// Value specifies the address value. + pub value: String, +} + +/// NginxPlusAllowAddress specifies the address type and value for an NginxPlus allow address. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum NginxProxyNginxPlusAllowedAddressesType { + #[serde(rename = "CIDR")] + Cidr, + #[serde(rename = "IPAddress")] + IpAddress, +} + /// RewriteClientIP defines configuration for rewriting the client IP to the original client's IP. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NginxProxyRewriteClientIp { @@ -119,7 +149,7 @@ pub enum NginxProxyRewriteClientIpMode { XForwardedFor, } -/// Address is a struct that specifies address type and value. +/// RewriteClientIPAddress specifies the address type and value for a RewriteClientIP address. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct NginxProxyRewriteClientIpTrustedAddresses { /// Type specifies the type of address. @@ -129,7 +159,7 @@ pub struct NginxProxyRewriteClientIpTrustedAddresses { pub value: String, } -/// Address is a struct that specifies address type and value. +/// RewriteClientIPAddress specifies the address type and value for a RewriteClientIP address. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum NginxProxyRewriteClientIpTrustedAddressesType { #[serde(rename = "CIDR")] diff --git a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/mod.rs b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/mod.rs new file mode 100644 index 000000000..f6a3cb56c --- /dev/null +++ b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/mod.rs @@ -0,0 +1 @@ +pub mod observabilitypolicies; diff --git a/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/observabilitypolicies.rs b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/observabilitypolicies.rs new file mode 100644 index 000000000..db8a9bcc4 --- /dev/null +++ b/kube-custom-resources-rs/src/gateway_nginx_org/v1alpha2/observabilitypolicies.rs @@ -0,0 +1,308 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/nginxinc/nginx-kubernetes-gateway/gateway.nginx.org/v1alpha2/observabilitypolicies.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; +} +use self::prelude::*; + +/// Spec defines the desired state of the ObservabilityPolicy. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "gateway.nginx.org", version = "v1alpha2", kind = "ObservabilityPolicy", plural = "observabilitypolicies")] +#[kube(namespaced)] +#[kube(status = "ObservabilityPolicyStatus")] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct ObservabilityPolicySpec { + /// TargetRefs identifies the API object(s) to apply the policy to. + /// Objects must be in the same namespace as the policy. + /// Support: HTTPRoute, GRPCRoute. + /// + /// TargetRefs must be _distinct_. This means that the multi-part key defined by `kind` and `name` must + /// be unique across all targetRef entries in the ObservabilityPolicy. + #[serde(rename = "targetRefs")] + pub target_refs: Vec, + /// Tracing allows for enabling and configuring tracing. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tracing: Option, +} + +/// LocalPolicyTargetReference identifies an API object to apply a direct or +/// inherited policy to. This should be used as part of Policy resources +/// that can target Gateway API resources. For more information on how this +/// policy attachment model works, and a sample Policy resource, refer to +/// the policy attachment documentation for Gateway API. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ObservabilityPolicyTargetRefs { + /// Group is the group of the target resource. + pub group: String, + /// Kind is kind of the target resource. + pub kind: String, + /// Name is the name of the target resource. + pub name: String, +} + +/// Tracing allows for enabling and configuring tracing. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ObservabilityPolicyTracing { + /// Context specifies how to propagate traceparent/tracestate headers. + /// Default: https://nginx.org/en/docs/ngx_otel_module.html#otel_trace_context + #[serde(default, skip_serializing_if = "Option::is_none")] + pub context: Option, + /// Ratio is the percentage of traffic that should be sampled. Integer from 0 to 100. + /// By default, 100% of http requests are traced. Not applicable for parent-based tracing. + /// If ratio is set to 0, tracing is disabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ratio: Option, + /// SpanAttributes are custom key/value attributes that are added to each span. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "spanAttributes")] + pub span_attributes: Option>, + /// SpanName defines the name of the Otel span. By default is the name of the location for a request. + /// If specified, applies to all locations that are created for a route. + /// Format: must have all '"' escaped and must not contain any '$' or end with an unescaped '\' + /// Examples of invalid names: some-$value, quoted-"value"-name, unescaped\ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "spanName")] + pub span_name: Option, + /// Strategy defines if tracing is ratio-based or parent-based. + pub strategy: ObservabilityPolicyTracingStrategy, +} + +/// Tracing allows for enabling and configuring tracing. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ObservabilityPolicyTracingContext { + #[serde(rename = "extract")] + Extract, + #[serde(rename = "inject")] + Inject, + #[serde(rename = "propagate")] + Propagate, + #[serde(rename = "ignore")] + Ignore, +} + +/// SpanAttribute is a key value pair to be added to a tracing span. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ObservabilityPolicyTracingSpanAttributes { + /// Key is the key for a span attribute. + /// Format: must have all '"' escaped and must not contain any '$' or end with an unescaped '\' + pub key: String, + /// Value is the value for a span attribute. + /// Format: must have all '"' escaped and must not contain any '$' or end with an unescaped '\' + pub value: String, +} + +/// Tracing allows for enabling and configuring tracing. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ObservabilityPolicyTracingStrategy { + #[serde(rename = "ratio")] + Ratio, + #[serde(rename = "parent")] + Parent, +} + +/// Status defines the state of the ObservabilityPolicy. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ObservabilityPolicyStatus { + /// Ancestors is a list of ancestor resources (usually Gateways) that are + /// associated with the policy, and the status of the policy with respect to + /// each ancestor. When this policy attaches to a parent, the controller that + /// manages the parent and the ancestors MUST add an entry to this list when + /// the controller first sees the policy and SHOULD update the entry as + /// appropriate when the relevant ancestor is modified. + /// + /// Note that choosing the relevant ancestor is left to the Policy designers; + /// an important part of Policy design is designing the right object level at + /// which to namespace this status. + /// + /// Note also that implementations MUST ONLY populate ancestor status for + /// the Ancestor resources they are responsible for. Implementations MUST + /// use the ControllerName field to uniquely identify the entries in this list + /// that they are responsible for. + /// + /// Note that to achieve this, the list of PolicyAncestorStatus structs + /// MUST be treated as a map with a composite key, made up of the AncestorRef + /// and ControllerName fields combined. + /// + /// A maximum of 16 ancestors will be represented in this list. An empty list + /// means the Policy is not relevant for any ancestors. + /// + /// If this slice is full, implementations MUST NOT add further entries. + /// Instead they MUST consider the policy unimplementable and signal that + /// on any related resources such as the ancestor that would be referenced + /// here. For example, if this list was full on BackendTLSPolicy, no + /// additional Gateways would be able to reference the Service targeted by + /// the BackendTLSPolicy. + pub ancestors: Vec, +} + +/// PolicyAncestorStatus describes the status of a route with respect to an +/// associated Ancestor. +/// +/// Ancestors refer to objects that are either the Target of a policy or above it +/// in terms of object hierarchy. For example, if a policy targets a Service, the +/// Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and +/// the GatewayClass. Almost always, in this hierarchy, the Gateway will be the most +/// useful object to place Policy status on, so we recommend that implementations +/// SHOULD use Gateway as the PolicyAncestorStatus object unless the designers +/// have a _very_ good reason otherwise. +/// +/// In the context of policy attachment, the Ancestor is used to distinguish which +/// resource results in a distinct application of this policy. For example, if a policy +/// targets a Service, it may have a distinct result per attached Gateway. +/// +/// Policies targeting the same resource may have different effects depending on the +/// ancestors of those resources. For example, different Gateways targeting the same +/// Service may have different capabilities, especially if they have different underlying +/// implementations. +/// +/// For example, in BackendTLSPolicy, the Policy attaches to a Service that is +/// used as a backend in a HTTPRoute that is itself attached to a Gateway. +/// In this case, the relevant object for status is the Gateway, and that is the +/// ancestor object referred to in this status. +/// +/// Note that a parent is also an ancestor, so for objects where the parent is the +/// relevant object for status, this struct SHOULD still be used. +/// +/// This struct is intended to be used in a slice that's effectively a map, +/// with a composite key made up of the AncestorRef and the ControllerName. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ObservabilityPolicyStatusAncestors { + /// AncestorRef corresponds with a ParentRef in the spec that this + /// PolicyAncestorStatus struct describes the status of. + #[serde(rename = "ancestorRef")] + pub ancestor_ref: ObservabilityPolicyStatusAncestorsAncestorRef, + /// Conditions describes the status of the Policy with respect to the given Ancestor. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ControllerName is a domain/path string that indicates the name of the + /// controller that wrote this status. This corresponds with the + /// controllerName field on GatewayClass. + /// + /// Example: "example.net/gateway-controller". + /// + /// The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are + /// valid Kubernetes names + /// (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). + /// + /// Controllers MUST populate this field when writing status. Controllers should ensure that + /// entries to status populated with their ControllerName are cleaned up when they are no + /// longer necessary. + #[serde(rename = "controllerName")] + pub controller_name: String, +} + +/// AncestorRef corresponds with a ParentRef in the spec that this +/// PolicyAncestorStatus struct describes the status of. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ObservabilityPolicyStatusAncestorsAncestorRef { + /// Group is the group of the referent. + /// When unspecified, "gateway.networking.k8s.io" is inferred. + /// To set the core API group (such as for a "Service" kind referent), + /// Group must be explicitly set to "" (empty string). + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind is kind of the referent. + /// + /// There are two kinds of parent resources with "Core" support: + /// + /// * Gateway (Gateway conformance profile) + /// * Service (Mesh conformance profile, ClusterIP Services only) + /// + /// Support for other resources is Implementation-Specific. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name is the name of the referent. + /// + /// Support: Core + pub name: String, + /// Namespace is the namespace of the referent. When unspecified, this refers + /// to the local namespace of the Route. + /// + /// Note that there are specific rules for ParentRefs which cross namespace + /// boundaries. Cross-namespace references are only valid if they are explicitly + /// allowed by something in the namespace they are referring to. For example: + /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a + /// generic way to enable any other kind of cross-namespace reference. + /// + /// + /// ParentRefs from a Route to a Service in the same namespace are "producer" + /// routes, which apply default routing rules to inbound connections from + /// any namespace to the Service. + /// + /// ParentRefs from a Route to a Service in a different namespace are + /// "consumer" routes, and these routing rules are only applied to outbound + /// connections originating from the same namespace as the Route, for which + /// the intended destination of the connections are a Service targeted as a + /// ParentRef of the Route. + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Port is the network port this Route targets. It can be interpreted + /// differently based on the type of parent resource. + /// + /// When the parent resource is a Gateway, this targets all listeners + /// listening on the specified port that also support this kind of Route(and + /// select this Route). It's not recommended to set `Port` unless the + /// networking behaviors specified in a Route must apply to a specific port + /// as opposed to a listener(s) whose port(s) may be changed. When both Port + /// and SectionName are specified, the name and port of the selected listener + /// must match both specified values. + /// + /// + /// When the parent resource is a Service, this targets a specific port in the + /// Service spec. When both Port (experimental) and SectionName are specified, + /// the name and port of the selected port must match both specified values. + /// + /// + /// Implementations MAY choose to support other parent resources. + /// Implementations supporting other types of parent resources MUST clearly + /// document how/if Port is interpreted. + /// + /// For the purpose of status, an attachment is considered successful as + /// long as the parent resource accepts it partially. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment + /// from the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, + /// the Route MUST be considered detached from the Gateway. + /// + /// Support: Extended + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// SectionName is the name of a section within the target resource. In the + /// following resources, SectionName is interpreted as the following: + /// + /// * Gateway: Listener name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// * Service: Port name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// + /// Implementations MAY choose to support attaching Routes to other resources. + /// If that is the case, they MUST clearly document how SectionName is + /// interpreted. + /// + /// When unspecified (empty string), this will reference the entire resource. + /// For the purpose of status, an attachment is considered successful if at + /// least one section in the parent resource accepts it. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + /// the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, the + /// Route MUST be considered detached from the Gateway. + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] + pub section_name: Option, +} + diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/authservices.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/authservices.rs index 8a4572053..7492be31b 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/authservices.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/authservices.rs @@ -28,8 +28,11 @@ pub struct AuthServiceSpec { pub allowed_authorization_headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub allowed_request_headers: Option>, - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, pub auth_service: String, @@ -54,7 +57,11 @@ pub struct AuthServiceSpec { pub timeout_ms: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. + /// V2ExplicitTLS controls some vanity/stylistic elements when converting + /// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any + /// way affect the runtime operation of Emissary; except that it may affect + /// internal names in the Envoy config, which may in turn affect stats + /// names. But it should not affect any end-user observable behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "v2ExplicitTLS")] pub v2_explicit_tls: Option, } @@ -112,21 +119,48 @@ pub struct AuthServiceStatusOnError { pub code: Option, } -/// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. +/// V2ExplicitTLS controls some vanity/stylistic elements when converting +/// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any +/// way affect the runtime operation of Emissary; except that it may affect +/// internal names in the Envoy config, which may in turn affect stats +/// names. But it should not affect any end-user observable behavior. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AuthServiceV2ExplicitTls { - /// ServiceScheme specifies how to spell and capitalize the scheme-part of the service URL. - /// Acceptable values are "http://" (case-insensitive), "https://" (case-insensitive), or "". The value is used if it agrees with whether or not this resource enables TLS origination, or if something else in the resource overrides the scheme. + /// ServiceScheme specifies how to spell and capitalize the scheme-part of the + /// service URL. + /// + /// Acceptable values are "http://" (case-insensitive), "https://" + /// (case-insensitive), or "". The value is used if it agrees with + /// whether or not this resource enables TLS origination, or if + /// something else in the resource overrides the scheme. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceScheme")] pub service_scheme: Option, - /// TLS controls whether and how to represent the "tls" field when its value could be implied by the "service" field. In v2, there were a lot of different ways to spell an "empty" value, and this field specifies which way to spell it (and will therefore only be used if the value will indeed be empty). - /// | Value | Representation | Meaning of representation | |--------------+---------------------------------------+------------------------------------| | "" | omit the field | defer to service (no TLSContext) | | "null" | store an explicit "null" in the field | defer to service (no TLSContext) | | "string" | store an empty string in the field | defer to service (no TLSContext) | | "bool:false" | store a Boolean "false" in the field | defer to service (no TLSContext) | | "bool:true" | store a Boolean "true" in the field | originate TLS (no TLSContext) | - /// If the meaning of the representation contradicts anything else (if a TLSContext is to be used, or in the case of "bool:true" if TLS is not to be originated), then this field is ignored. + /// TLS controls whether and how to represent the "tls" field when + /// its value could be implied by the "service" field. In v2, there + /// were a lot of different ways to spell an "empty" value, and this + /// field specifies which way to spell it (and will therefore only + /// be used if the value will indeed be empty). + /// + /// | Value | Representation | Meaning of representation | + /// |--------------+---------------------------------------+------------------------------------| + /// | "" | omit the field | defer to service (no TLSContext) | + /// | "null" | store an explicit "null" in the field | defer to service (no TLSContext) | + /// | "string" | store an empty string in the field | defer to service (no TLSContext) | + /// | "bool:false" | store a Boolean "false" in the field | defer to service (no TLSContext) | + /// | "bool:true" | store a Boolean "true" in the field | originate TLS (no TLSContext) | + /// + /// If the meaning of the representation contradicts anything else + /// (if a TLSContext is to be used, or in the case of "bool:true" if + /// TLS is not to be originated), then this field is ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. +/// V2ExplicitTLS controls some vanity/stylistic elements when converting +/// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any +/// way affect the runtime operation of Emissary; except that it may affect +/// internal names in the Envoy config, which may in turn affect stats +/// names. But it should not affect any end-user observable behavior. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AuthServiceV2ExplicitTlsTls { #[serde(rename = "")] diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/consulresolvers.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/consulresolvers.rs index 0aeb7056f..30db6208b 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/consulresolvers.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/consulresolvers.rs @@ -9,7 +9,9 @@ mod prelude { } use self::prelude::*; -/// ConsulResolver tells Ambassador to use Consul to resolve services. In addition to the AmbassadorID, it needs information about which Consul server and DC to use. +/// ConsulResolver tells Ambassador to use Consul to resolve services. In addition +/// to the AmbassadorID, it needs information about which Consul server and DC to +/// use. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "getambassador.io", version = "v3alpha1", kind = "ConsulResolver", plural = "consulresolvers")] #[kube(namespaced)] @@ -19,8 +21,11 @@ use self::prelude::*; pub struct ConsulResolverSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option, - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/devportals.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/devportals.rs index 8d46431ef..1fa020f93 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/devportals.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/devportals.rs @@ -18,8 +18,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct DevPortalSpec { - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, /// Content specifies where the content shown in the DevPortal come from @@ -34,7 +37,8 @@ pub struct DevPortalSpec { /// Describes how to display "services" in the DevPortal. Default namespace.name #[serde(default, skip_serializing_if = "Option::is_none")] pub naming_scheme: Option, - /// Configures this DevPortal to use server definitions from the openAPI doc instead of rewriting them based on the url used for the connection. + /// Configures this DevPortal to use server definitions from the openAPI doc instead of + /// rewriting them based on the url used for the connection. #[serde(default, skip_serializing_if = "Option::is_none")] pub preserve_servers: Option, /// DevPortalSearchSpec allows configuration over search functionality for the DevPortal @@ -56,13 +60,18 @@ pub struct DevPortalContent { pub url: Option, } -/// DevPortalDocsSpec is a static documentation definition: instead of using a Selector for finding documentation for services, users can provide a static list of : tuples. These services will be shown in the Dev Portal with the documentation obtained from this URL. +/// DevPortalDocsSpec is a static documentation definition: +/// instead of using a Selector for finding documentation for services, +/// users can provide a static list of : tuples. These services +/// will be shown in the Dev Portal with the documentation obtained from +/// this URL. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevPortalDocs { /// Service is the service being documented #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, - /// Timeout specifies the amount of time devportal will wait for the downstream service to report an openapi spec back + /// Timeout specifies the amount of time devportal will wait + /// for the downstream service to report an openapi spec back #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout_ms: Option, /// URL is the URL used for obtaining docs @@ -84,7 +93,11 @@ pub enum DevPortalNamingScheme { pub struct DevPortalSearch { #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// Type of search. "title-only" does a fuzzy search over openapi and page titles "all-content" will fuzzy search over all openapi and page content. "title-only" is the default. warning: using all-content may incur a larger memory footprint + /// Type of search. + /// "title-only" does a fuzzy search over openapi and page titles + /// "all-content" will fuzzy search over all openapi and page content. + /// "title-only" is the default. + /// warning: using all-content may incur a larger memory footprint #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -101,10 +114,12 @@ pub enum DevPortalSearchType { /// Selector is used for choosing what is shown in the DevPortal #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DevPortalSelector { - /// MatchLabels specifies the list of labels that must be present in Mappings for being present in this DevPortal. + /// MatchLabels specifies the list of labels that must be present + /// in Mappings for being present in this DevPortal. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, - /// MatchNamespaces is a list of namespaces that will be included in this DevPortal. + /// MatchNamespaces is a list of namespaces that will be included in + /// this DevPortal. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchNamespaces")] pub match_namespaces: Option>, } diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/hosts.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/hosts.rs index 15657eeb8..19a239fb6 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/hosts.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/hosts.rs @@ -28,7 +28,8 @@ pub struct HostSpec { /// Hostname by which the Ambassador can be reached. #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// Selector for Mappings we'll associate with this Host. At the moment, Selector and MappingSelector are synonyms, but that will change soon. + /// Selector for Mappings we'll associate with this Host. At the moment, Selector and + /// MappingSelector are synonyms, but that will change soon. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mappingSelector")] pub mapping_selector: Option, /// Configuration for the Preview URL feature of Service Preview. Defaults to preview URLs not enabled. @@ -40,14 +41,26 @@ pub struct HostSpec { /// DEPRECATED: Selector by which we can find further configuration. Use MappingSelector instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// TLS configuration. It is not valid to specify both `tlsContext` and `tls`. + /// TLS configuration. It is not valid to specify both + /// `tlsContext` and `tls`. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Name of the TLSContext the Host resource is linked with. It is not valid to specify both `tlsContext` and `tls`. - /// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. + /// Name of the TLSContext the Host resource is linked with. + /// It is not valid to specify both `tlsContext` and `tls`. + /// + /// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not + /// an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it + /// does not support referencing a Secret in another namespace (because most native + /// Kubernetes resources don't support that), but if we ever abandon that opinion + /// and decide to support non-local references it, it would be by adding a + /// `namespace:` field by changing it from a core.v1.LocalObjectReference to a + /// core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsContext")] pub tls_context: Option, - /// Name of the Kubernetes secret into which to save generated certificates. If ACME is enabled (see $acmeProvider), then the default is $hostname; otherwise the default is "". If the value is "", then we do not do TLS for this Host. + /// Name of the Kubernetes secret into which to save generated + /// certificates. If ACME is enabled (see $acmeProvider), then the + /// default is $hostname; otherwise the default is "". If the value + /// is "", then we do not do TLS for this Host. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsSecret")] pub tls_secret: Option, } @@ -55,13 +68,26 @@ pub struct HostSpec { /// Specifies whether/who to talk ACME with to automatically manage the $tlsSecret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostAcmeProvider { - /// Specifies who to talk ACME with to get certs. Defaults to Let's Encrypt; if "none" (case-insensitive), do not try to do ACME for this Host. + /// Specifies who to talk ACME with to get certs. Defaults to Let's + /// Encrypt; if "none" (case-insensitive), do not try to do ACME for + /// this Host. #[serde(default, skip_serializing_if = "Option::is_none")] pub authority: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub email: Option, - /// Specifies the Kubernetes Secret to use to store the private key of the ACME account (essentially, where to store the auto-generated password for the auto-created ACME account). You should not normally need to set this--the default value is based on a combination of the ACME authority being registered wit and the email address associated with the account. - /// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. + /// Specifies the Kubernetes Secret to use to store the private key of the ACME + /// account (essentially, where to store the auto-generated password for the + /// auto-created ACME account). You should not normally need to set this--the + /// default value is based on a combination of the ACME authority being registered + /// wit and the email address associated with the account. + /// + /// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not + /// an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it + /// does not support referencing a Secret in another namespace (because most native + /// Kubernetes resources don't support that), but if we ever abandon that opinion + /// and decide to support non-local references it, it would be by adding a + /// `namespace:` field by changing it from a core.v1.LocalObjectReference to a + /// core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateKeySecret")] pub private_key_secret: Option, /// This is normally set automatically @@ -69,34 +95,57 @@ pub struct HostAcmeProvider { pub registration: Option, } -/// Specifies the Kubernetes Secret to use to store the private key of the ACME account (essentially, where to store the auto-generated password for the auto-created ACME account). You should not normally need to set this--the default value is based on a combination of the ACME authority being registered wit and the email address associated with the account. -/// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. +/// Specifies the Kubernetes Secret to use to store the private key of the ACME +/// account (essentially, where to store the auto-generated password for the +/// auto-created ACME account). You should not normally need to set this--the +/// default value is based on a combination of the ACME authority being registered +/// wit and the email address associated with the account. +/// +/// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not +/// an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it +/// does not support referencing a Secret in another namespace (because most native +/// Kubernetes resources don't support that), but if we ever abandon that opinion +/// and decide to support non-local references it, it would be by adding a +/// `namespace:` field by changing it from a core.v1.LocalObjectReference to a +/// core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostAcmeProviderPrivateKeySecret { - /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// Selector for Mappings we'll associate with this Host. At the moment, Selector and MappingSelector are synonyms, but that will change soon. +/// Selector for Mappings we'll associate with this Host. At the moment, Selector and +/// MappingSelector are synonyms, but that will change soon. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostMappingSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostMappingSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -146,24 +195,32 @@ pub struct HostSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// TLS configuration. It is not valid to specify both `tlsContext` and `tls`. +/// TLS configuration. It is not valid to specify both +/// `tlsContext` and `tls`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostTls { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -194,16 +251,31 @@ pub struct HostTls { pub sni: Option, } -/// Name of the TLSContext the Host resource is linked with. It is not valid to specify both `tlsContext` and `tls`. -/// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it does not support referencing a Secret in another namespace (because most native Kubernetes resources don't support that), but if we ever abandon that opinion and decide to support non-local references it, it would be by adding a `namespace:` field by changing it from a core.v1.LocalObjectReference to a core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. +/// Name of the TLSContext the Host resource is linked with. +/// It is not valid to specify both `tlsContext` and `tls`. +/// +/// Note that this is a native-Kubernetes-style core.v1.LocalObjectReference, not +/// an Ambassador-style `{name}.{namespace}` string. Because we're opinionated, it +/// does not support referencing a Secret in another namespace (because most native +/// Kubernetes resources don't support that), but if we ever abandon that opinion +/// and decide to support non-local references it, it would be by adding a +/// `namespace:` field by changing it from a core.v1.LocalObjectReference to a +/// core.v1.SecretReference, not by adopting the `{name}.{namespace}` notation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostTlsContext { - /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// Name of the Kubernetes secret into which to save generated certificates. If ACME is enabled (see $acmeProvider), then the default is $hostname; otherwise the default is "". If the value is "", then we do not do TLS for this Host. +/// Name of the Kubernetes secret into which to save generated +/// certificates. If ACME is enabled (see $acmeProvider), then the +/// default is $hostname; otherwise the default is "". If the value +/// is "", then we do not do TLS for this Host. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HostTlsSecret { /// name is unique within a namespace to reference a secret resource. @@ -224,10 +296,12 @@ pub struct HostStatus { pub error_reason: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "errorTimestamp")] pub error_timestamp: Option, - /// phaseCompleted and phasePending are valid when state==Pending or state==Error. + /// phaseCompleted and phasePending are valid when state==Pending or + /// state==Error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "phaseCompleted")] pub phase_completed: Option, - /// phaseCompleted and phasePending are valid when state==Pending or state==Error. + /// phaseCompleted and phasePending are valid when state==Pending or + /// state==Error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "phasePending")] pub phase_pending: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesendpointresolvers.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesendpointresolvers.rs index c1b53b441..e2dd57b71 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesendpointresolvers.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesendpointresolvers.rs @@ -9,7 +9,9 @@ mod prelude { } use self::prelude::*; -/// KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints resources to resolve services. It actually has no spec other than the AmbassadorID. +/// KubernetesEndpointResolver tells Ambassador to use Kubernetes Endpoints +/// resources to resolve services. It actually has no spec other than the +/// AmbassadorID. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "getambassador.io", version = "v3alpha1", kind = "KubernetesEndpointResolver", plural = "kubernetesendpointresolvers")] #[kube(namespaced)] @@ -17,8 +19,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct KubernetesEndpointResolverSpec { - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, } diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesserviceresolvers.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesserviceresolvers.rs index e6d9b156c..38df40e31 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesserviceresolvers.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/kubernetesserviceresolvers.rs @@ -9,7 +9,9 @@ mod prelude { } use self::prelude::*; -/// KubernetesServiceResolver tells Ambassador to use Kubernetes Service resources to resolve services. It actually has no spec other than the AmbassadorID. +/// KubernetesServiceResolver tells Ambassador to use Kubernetes Service +/// resources to resolve services. It actually has no spec other than the +/// AmbassadorID. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "getambassador.io", version = "v3alpha1", kind = "KubernetesServiceResolver", plural = "kubernetesserviceresolvers")] #[kube(namespaced)] @@ -17,8 +19,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct KubernetesServiceResolverSpec { - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, } diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/listeners.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/listeners.rs index 71f65a0e3..6c931ddc5 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/listeners.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/listeners.rs @@ -17,28 +17,37 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct ListenerSpec { - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, /// HostBinding allows restricting which Hosts will be used for this Listener. #[serde(rename = "hostBinding")] pub host_binding: ListenerHostBinding, - /// L7Depth specifies how many layer 7 load balancers are between us and the edge of the network. + /// L7Depth specifies how many layer 7 load balancers are between us and the edge of + /// the network. #[serde(default, skip_serializing_if = "Option::is_none", rename = "l7Depth")] pub l7_depth: Option, /// Port is the network port. Only one Listener can use a given port. pub port: i32, - /// Protocol is a shorthand for certain predefined stacks. Exactly one of Protocol or ProtocolStack must be supplied. + /// Protocol is a shorthand for certain predefined stacks. Exactly one of Protocol + /// or ProtocolStack must be supplied. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// ProtocolStack explicitly specifies the protocol stack to set up. Exactly one of Protocol or ProtocolStack must be supplied. + /// ProtocolStack explicitly specifies the protocol stack to set up. Exactly one of Protocol + /// or ProtocolStack must be supplied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protocolStack")] pub protocol_stack: Option>, - /// SecurityModel specifies how to determine whether connections to this port are secure or insecure. + /// SecurityModel specifies how to determine whether connections to this port are secure + /// or insecure. #[serde(rename = "securityModel")] pub security_model: ListenerSecurityModel, - /// StatsPrefix specifies the prefix for statistics sent by Envoy about this Listener. The default depends on the protocol: "ingress-http", "ingress-https", "ingress-tls-$port", or "ingress-$port". + /// StatsPrefix specifies the prefix for statistics sent by Envoy about this + /// Listener. The default depends on the protocol: "ingress-http", + /// "ingress-https", "ingress-tls-$port", or "ingress-$port". #[serde(default, skip_serializing_if = "Option::is_none", rename = "statsPrefix")] pub stats_prefix: Option, } @@ -49,7 +58,9 @@ pub struct ListenerHostBinding { /// NamespaceBindingType defines we we specify which namespaces to look for Hosts in. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, - /// A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + /// A label selector is a label query over a set of resources. The result of matchLabels and + /// matchExpressions are ANDed. An empty label selector matches all objects. A null + /// label selector matches no objects. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, } @@ -73,25 +84,34 @@ pub enum ListenerHostBindingNamespaceFrom { Selector, } -/// A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. +/// A label selector is a label query over a set of resources. The result of matchLabels and +/// matchExpressions are ANDed. An empty label selector matches all objects. A null +/// label selector matches no objects. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ListenerHostBindingSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ListenerHostBindingSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/logservices.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/logservices.rs index 33a26ad19..c196b6ded 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/logservices.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/logservices.rs @@ -17,8 +17,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct LogServiceSpec { - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/modules.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/modules.rs index bfbdd1165..fc92c492e 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/modules.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/modules.rs @@ -17,8 +17,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ModuleSpec { - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, pub config: BTreeMap, diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/ratelimitservices.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/ratelimitservices.rs index 1e806f62b..67fc084f3 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/ratelimitservices.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/ratelimitservices.rs @@ -22,7 +22,8 @@ pub struct RateLimitServiceSpec { pub ambassador_id: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub domain: Option, - /// FailureModeDeny when set to true, envoy will deny traffic if it is unable to communicate with the rate limit service. + /// FailureModeDeny when set to true, envoy will deny traffic if it + /// is unable to communicate with the rate limit service. #[serde(default, skip_serializing_if = "Option::is_none")] pub failure_mode_deny: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -37,14 +38,20 @@ pub struct RateLimitServiceSpec { pub timeout_ms: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. + /// V2ExplicitTLS controls some vanity/stylistic elements when converting + /// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any + /// way affect the runtime operation of Emissary; except that it may affect + /// internal names in the Envoy config, which may in turn affect stats + /// names. But it should not affect any end-user observable behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "v2ExplicitTLS")] pub v2_explicit_tls: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RateLimitServiceGrpc { - /// UseResourceExhaustedCode, when set to true, will cause envoy to return a `RESOURCE_EXHAUSTED` gRPC code instead of the default `UNAVAILABLE` gRPC code. + /// UseResourceExhaustedCode, when set to true, will cause envoy + /// to return a `RESOURCE_EXHAUSTED` gRPC code instead of the default + /// `UNAVAILABLE` gRPC code. #[serde(default, skip_serializing_if = "Option::is_none")] pub use_resource_exhausted_code: Option, } @@ -58,21 +65,48 @@ pub enum RateLimitServiceProtocolVersion { V3, } -/// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. +/// V2ExplicitTLS controls some vanity/stylistic elements when converting +/// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any +/// way affect the runtime operation of Emissary; except that it may affect +/// internal names in the Envoy config, which may in turn affect stats +/// names. But it should not affect any end-user observable behavior. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RateLimitServiceV2ExplicitTls { - /// ServiceScheme specifies how to spell and capitalize the scheme-part of the service URL. - /// Acceptable values are "http://" (case-insensitive), "https://" (case-insensitive), or "". The value is used if it agrees with whether or not this resource enables TLS origination, or if something else in the resource overrides the scheme. + /// ServiceScheme specifies how to spell and capitalize the scheme-part of the + /// service URL. + /// + /// Acceptable values are "http://" (case-insensitive), "https://" + /// (case-insensitive), or "". The value is used if it agrees with + /// whether or not this resource enables TLS origination, or if + /// something else in the resource overrides the scheme. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceScheme")] pub service_scheme: Option, - /// TLS controls whether and how to represent the "tls" field when its value could be implied by the "service" field. In v2, there were a lot of different ways to spell an "empty" value, and this field specifies which way to spell it (and will therefore only be used if the value will indeed be empty). - /// | Value | Representation | Meaning of representation | |--------------+---------------------------------------+------------------------------------| | "" | omit the field | defer to service (no TLSContext) | | "null" | store an explicit "null" in the field | defer to service (no TLSContext) | | "string" | store an empty string in the field | defer to service (no TLSContext) | | "bool:false" | store a Boolean "false" in the field | defer to service (no TLSContext) | | "bool:true" | store a Boolean "true" in the field | originate TLS (no TLSContext) | - /// If the meaning of the representation contradicts anything else (if a TLSContext is to be used, or in the case of "bool:true" if TLS is not to be originated), then this field is ignored. + /// TLS controls whether and how to represent the "tls" field when + /// its value could be implied by the "service" field. In v2, there + /// were a lot of different ways to spell an "empty" value, and this + /// field specifies which way to spell it (and will therefore only + /// be used if the value will indeed be empty). + /// + /// | Value | Representation | Meaning of representation | + /// |--------------+---------------------------------------+------------------------------------| + /// | "" | omit the field | defer to service (no TLSContext) | + /// | "null" | store an explicit "null" in the field | defer to service (no TLSContext) | + /// | "string" | store an empty string in the field | defer to service (no TLSContext) | + /// | "bool:false" | store a Boolean "false" in the field | defer to service (no TLSContext) | + /// | "bool:true" | store a Boolean "true" in the field | originate TLS (no TLSContext) | + /// + /// If the meaning of the representation contradicts anything else + /// (if a TLSContext is to be used, or in the case of "bool:true" if + /// TLS is not to be originated), then this field is ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. +/// V2ExplicitTLS controls some vanity/stylistic elements when converting +/// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any +/// way affect the runtime operation of Emissary; except that it may affect +/// internal names in the Envoy config, which may in turn affect stats +/// names. But it should not affect any end-user observable behavior. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum RateLimitServiceV2ExplicitTlsTls { #[serde(rename = "")] diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tcpmappings.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tcpmappings.rs index fee4dd736..0449851cb 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tcpmappings.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tcpmappings.rs @@ -19,8 +19,11 @@ use self::prelude::*; pub struct TCPMappingSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub address: Option, - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -44,7 +47,11 @@ pub struct TCPMappingSpec { pub stats_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. + /// V2ExplicitTLS controls some vanity/stylistic elements when converting + /// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any + /// way affect the runtime operation of Emissary; except that it may affect + /// internal names in the Envoy config, which may in turn affect stats + /// names. But it should not affect any end-user observable behavior. #[serde(default, skip_serializing_if = "Option::is_none", rename = "v2ExplicitTLS")] pub v2_explicit_tls: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -73,21 +80,48 @@ pub enum TCPMappingCircuitBreakersPriority { High, } -/// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. +/// V2ExplicitTLS controls some vanity/stylistic elements when converting +/// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any +/// way affect the runtime operation of Emissary; except that it may affect +/// internal names in the Envoy config, which may in turn affect stats +/// names. But it should not affect any end-user observable behavior. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TCPMappingV2ExplicitTls { - /// ServiceScheme specifies how to spell and capitalize the scheme-part of the service URL. - /// Acceptable values are "http://" (case-insensitive), "https://" (case-insensitive), or "". The value is used if it agrees with whether or not this resource enables TLS origination, or if something else in the resource overrides the scheme. + /// ServiceScheme specifies how to spell and capitalize the scheme-part of the + /// service URL. + /// + /// Acceptable values are "http://" (case-insensitive), "https://" + /// (case-insensitive), or "". The value is used if it agrees with + /// whether or not this resource enables TLS origination, or if + /// something else in the resource overrides the scheme. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceScheme")] pub service_scheme: Option, - /// TLS controls whether and how to represent the "tls" field when its value could be implied by the "service" field. In v2, there were a lot of different ways to spell an "empty" value, and this field specifies which way to spell it (and will therefore only be used if the value will indeed be empty). - /// | Value | Representation | Meaning of representation | |--------------+---------------------------------------+------------------------------------| | "" | omit the field | defer to service (no TLSContext) | | "null" | store an explicit "null" in the field | defer to service (no TLSContext) | | "string" | store an empty string in the field | defer to service (no TLSContext) | | "bool:false" | store a Boolean "false" in the field | defer to service (no TLSContext) | | "bool:true" | store a Boolean "true" in the field | originate TLS (no TLSContext) | - /// If the meaning of the representation contradicts anything else (if a TLSContext is to be used, or in the case of "bool:true" if TLS is not to be originated), then this field is ignored. + /// TLS controls whether and how to represent the "tls" field when + /// its value could be implied by the "service" field. In v2, there + /// were a lot of different ways to spell an "empty" value, and this + /// field specifies which way to spell it (and will therefore only + /// be used if the value will indeed be empty). + /// + /// | Value | Representation | Meaning of representation | + /// |--------------+---------------------------------------+------------------------------------| + /// | "" | omit the field | defer to service (no TLSContext) | + /// | "null" | store an explicit "null" in the field | defer to service (no TLSContext) | + /// | "string" | store an empty string in the field | defer to service (no TLSContext) | + /// | "bool:false" | store a Boolean "false" in the field | defer to service (no TLSContext) | + /// | "bool:true" | store a Boolean "true" in the field | originate TLS (no TLSContext) | + /// + /// If the meaning of the representation contradicts anything else + /// (if a TLSContext is to be used, or in the case of "bool:true" if + /// TLS is not to be originated), then this field is ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } -/// V2ExplicitTLS controls some vanity/stylistic elements when converting from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any way affect the runtime operation of Emissary; except that it may affect internal names in the Envoy config, which may in turn affect stats names. But it should not affect any end-user observable behavior. +/// V2ExplicitTLS controls some vanity/stylistic elements when converting +/// from v3alpha1 to v2. The values in an V2ExplicitTLS should not in any +/// way affect the runtime operation of Emissary; except that it may affect +/// internal names in the Envoy config, which may in turn affect stats +/// names. But it should not affect any end-user observable behavior. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum TCPMappingV2ExplicitTlsTls { #[serde(rename = "")] diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tlscontexts.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tlscontexts.rs index 9d9ee64e2..46ea237a9 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tlscontexts.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tlscontexts.rs @@ -19,8 +19,11 @@ use self::prelude::*; pub struct TLSContextSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub alpn_protocols: Option, - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tracingservices.rs b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tracingservices.rs index 2550b5833..99f6d5ab8 100644 --- a/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tracingservices.rs +++ b/kube-custom-resources-rs/src/getambassador_io/v3alpha1/tracingservices.rs @@ -16,8 +16,11 @@ use self::prelude::*; #[kube(schema = "disabled")] #[kube(derive="PartialEq")] pub struct TracingServiceSpec { - /// AmbassadorID declares which Ambassador instances should pay attention to this resource. If no value is provided, the default is: - /// ambassador_id: - "default" + /// AmbassadorID declares which Ambassador instances should pay + /// attention to this resource. If no value is provided, the default is: + /// + /// ambassador_id: + /// - "default" #[serde(default, skip_serializing_if = "Option::is_none")] pub ambassador_id: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -30,7 +33,8 @@ pub struct TracingServiceSpec { pub service: String, #[serde(default, skip_serializing_if = "Option::is_none")] pub stats_name: Option, - /// Deprecated: tag_headers is deprecated. Use custom_tags instead. `tag_headers: ["header"]` can be defined as `custom_tags: [{"request_header": {"name": "header"}}]`. + /// Deprecated: tag_headers is deprecated. Use custom_tags instead. + /// `tag_headers: ["header"]` can be defined as `custom_tags: [{"request_header": {"name": "header"}}]`. #[serde(default, skip_serializing_if = "Option::is_none")] pub tag_headers: Option>, } @@ -70,19 +74,23 @@ pub enum TracingServiceConfigCollectorEndpointVersion { /// TracingCustomTag provides a data structure for capturing envoy's `type.tracing.v3.CustomTag` #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TracingServiceCustomTags { - /// Environment explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied. + /// Environment explicitly specifies the protocol stack to set up. Exactly one of Literal, + /// Environment or Header must be supplied. #[serde(default, skip_serializing_if = "Option::is_none")] pub environment: Option, - /// Literal explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied. + /// Literal explicitly specifies the protocol stack to set up. Exactly one of Literal, + /// Environment or Header must be supplied. #[serde(default, skip_serializing_if = "Option::is_none")] pub literal: Option, - /// Header explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied. + /// Header explicitly specifies the protocol stack to set up. Exactly one of Literal, + /// Environment or Header must be supplied. #[serde(default, skip_serializing_if = "Option::is_none")] pub request_header: Option, pub tag: String, } -/// Environment explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied. +/// Environment explicitly specifies the protocol stack to set up. Exactly one of Literal, +/// Environment or Header must be supplied. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TracingServiceCustomTagsEnvironment { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -90,13 +98,15 @@ pub struct TracingServiceCustomTagsEnvironment { pub name: String, } -/// Literal explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied. +/// Literal explicitly specifies the protocol stack to set up. Exactly one of Literal, +/// Environment or Header must be supplied. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TracingServiceCustomTagsLiteral { pub value: String, } -/// Header explicitly specifies the protocol stack to set up. Exactly one of Literal, Environment or Header must be supplied. +/// Header explicitly specifies the protocol stack to set up. Exactly one of Literal, +/// Environment or Header must be supplied. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TracingServiceCustomTagsRequestHeader { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs index eafbc75ff..dee94beb2 100644 --- a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs +++ b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadashboards.rs @@ -20,13 +20,13 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct GrafanaDashboardSpec { - /// allow to import this resources from an operator in a different namespace + /// Allow the Operator to match this resource with Grafanas outside the current namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowCrossNamespaceImport")] pub allow_cross_namespace_import: Option, - /// dashboard from configmap + /// model from configmap #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] pub config_map_ref: Option, - /// Cache duration for dashboards fetched from URLs + /// Cache duration for models fetched from URLs #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentCacheDuration")] pub content_cache_duration: Option, /// maps required data sources to existing ones @@ -50,13 +50,13 @@ pub struct GrafanaDashboardSpec { /// grafana.com/dashboards #[serde(default, skip_serializing_if = "Option::is_none", rename = "grafanaCom")] pub grafana_com: Option, - /// GzipJson the dashboard's JSON compressed with Gzip. Base64-encoded when in YAML. + /// GzipJson the model's JSON compressed with Gzip. Base64-encoded when in YAML. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gzipJson")] pub gzip_json: Option, - /// selects Grafanas for import + /// Selects Grafana instances for import #[serde(rename = "instanceSelector")] pub instance_selector: GrafanaDashboardInstanceSelector, - /// dashboard json + /// model json #[serde(default, skip_serializing_if = "Option::is_none")] pub json: Option, /// Jsonnet @@ -68,21 +68,22 @@ pub struct GrafanaDashboardSpec { /// plugins #[serde(default, skip_serializing_if = "Option::is_none")] pub plugins: Option>, - /// how often the dashboard is refreshed, defaults to 5m if not set + /// How often the resource is synced, defaults to 10m0s if not set #[serde(default, skip_serializing_if = "Option::is_none", rename = "resyncPeriod")] pub resync_period: Option, - /// Manually specify the uid for the dashboard, overwrites uids already present in the json model + /// Manually specify the uid, overwrites uids already present in the json model. + /// Can be any string consisting of alphanumeric characters, - and _ with a maximum length of 40. #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, - /// dashboard url + /// model url #[serde(default, skip_serializing_if = "Option::is_none")] pub url: Option, - /// authorization options for dashboard from url + /// authorization options for model from url #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlAuthorization")] pub url_authorization: Option, } -/// dashboard from configmap +/// model from configmap #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GrafanaDashboardConfigMapRef { /// The key to select. @@ -99,6 +100,8 @@ pub struct GrafanaDashboardConfigMapRef { pub optional: Option, } +/// GrafanaResourceDatasource is used to set the datasource name of any templated datasources in +/// content definitions (e.g., dashboard JSON). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GrafanaDashboardDatasources { #[serde(rename = "datasourceName")] @@ -215,7 +218,7 @@ pub struct GrafanaDashboardGrafanaCom { pub revision: Option, } -/// selects Grafanas for import +/// Selects Grafana instances for import #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GrafanaDashboardInstanceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -262,7 +265,7 @@ pub struct GrafanaDashboardPlugins { pub version: String, } -/// authorization options for dashboard from url +/// authorization options for model from url #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GrafanaDashboardUrlAuthorization { #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] @@ -319,6 +322,7 @@ pub struct GrafanaDashboardStatus { /// The dashboard instanceSelector can't find matching grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "NoMatchingInstances")] pub no_matching_instances: Option, + /// Results when synchonizing resource with Grafana instances #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentCache")] @@ -329,7 +333,7 @@ pub struct GrafanaDashboardStatus { pub content_url: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub hash: Option, - /// Last time the dashboard was resynced + /// Last time the resource was synchronized with Grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastResync")] pub last_resync: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadatasources.rs b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadatasources.rs index 3aab3a55b..d5992f572 100644 --- a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadatasources.rs +++ b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanadatasources.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -19,19 +20,24 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct GrafanaDatasourceSpec { - /// allow to import this resources from an operator in a different namespace + /// Allow the Operator to match this resource with Grafanas outside the current namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowCrossNamespaceImport")] pub allow_cross_namespace_import: Option, pub datasource: GrafanaDatasourceDatasource, - /// selects Grafana instances for import + /// Selects Grafana instances for import #[serde(rename = "instanceSelector")] pub instance_selector: GrafanaDatasourceInstanceSelector, /// plugins #[serde(default, skip_serializing_if = "Option::is_none")] pub plugins: Option>, - /// how often the datasource is refreshed, defaults to 5m if not set + /// How often the resource is synced, defaults to 10m0s if not set #[serde(default, skip_serializing_if = "Option::is_none", rename = "resyncPeriod")] pub resync_period: Option, + /// The UID, for the datasource, fallback to the deprecated spec.datasource.uid + /// and metadata.uid. Can be any string consisting of alphanumeric characters, + /// - and _ with a maximum length of 40 +optional + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uid: Option, /// environments variables from secrets or config maps #[serde(default, skip_serializing_if = "Option::is_none", rename = "valuesFrom")] pub values_from: Option>, @@ -47,7 +53,7 @@ pub struct GrafanaDatasourceDatasource { pub basic_auth_user: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub database: Option, - /// Deprecated field, it has no effect + /// Whether to enable/disable editing of the datasource in Grafana UI #[serde(default, skip_serializing_if = "Option::is_none")] pub editable: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "isDefault")] @@ -63,6 +69,7 @@ pub struct GrafanaDatasourceDatasource { pub secure_json_data: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, + /// Deprecated field, use spec.uid instead #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -71,7 +78,7 @@ pub struct GrafanaDatasourceDatasource { pub user: Option, } -/// selects Grafana instances for import +/// Selects Grafana instances for import #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GrafanaDatasourceInstanceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -165,11 +172,15 @@ pub struct GrafanaDatasourceStatus { /// The datasource instanceSelector can't find matching grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "NoMatchingInstances")] pub no_matching_instances: Option, + /// Results when synchonizing resource with Grafana instances + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub hash: Option, + /// Deprecated: Check status.conditions or operator logs #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastMessage")] pub last_message: Option, - /// Last time the datasource was resynced + /// Last time the resource was synchronized with Grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastResync")] pub last_resync: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs index c58bd2acc..5cb642b0d 100644 --- a/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs +++ b/kube-custom-resources-rs/src/grafana_integreatly_org/v1beta1/grafanafolders.rs @@ -20,10 +20,10 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct GrafanaFolderSpec { - /// Enable matching Grafana instances outside the current namespace + /// Allow the Operator to match this resource with Grafanas outside the current namespace #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowCrossNamespaceImport")] pub allow_cross_namespace_import: Option, - /// Selects Grafanas for import + /// Selects Grafana instances for import #[serde(rename = "instanceSelector")] pub instance_selector: GrafanaFolderInstanceSelector, /// Reference to an existing GrafanaFolder CR in the same namespace @@ -35,18 +35,18 @@ pub struct GrafanaFolderSpec { /// Raw json with folder permissions, potentially exported from Grafana #[serde(default, skip_serializing_if = "Option::is_none")] pub permissions: Option, - /// How often the folder is synced, defaults to 5m if not set + /// How often the resource is synced, defaults to 10m0s if not set #[serde(default, skip_serializing_if = "Option::is_none", rename = "resyncPeriod")] pub resync_period: Option, /// Display name of the folder in Grafana #[serde(default, skip_serializing_if = "Option::is_none")] pub title: Option, - /// Manually specify the UID the Folder is created with + /// Manually specify the UID the Folder is created with. Can be any string consisting of alphanumeric characters, - and _ with a maximum length of 40 #[serde(default, skip_serializing_if = "Option::is_none")] pub uid: Option, } -/// Selects Grafanas for import +/// Selects Grafana instances for import #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GrafanaFolderInstanceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -82,13 +82,12 @@ pub struct GrafanaFolderStatus { /// The folder instanceSelector can't find matching grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "NoMatchingInstances")] pub no_matching_instances: Option, + /// Results when synchonizing resource with Grafana instances #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster - /// Important: Run "make" to regenerate code after modifying this file #[serde(default, skip_serializing_if = "Option::is_none")] pub hash: Option, - /// Last time the folder was resynced + /// Last time the resource was synchronized with Grafana instances #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastResync")] pub last_resync: Option, } diff --git a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/mod.rs b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/mod.rs index 32a5a9d4f..87218411e 100644 --- a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/mod.rs +++ b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/mod.rs @@ -1 +1,2 @@ pub mod v1alpha1; +pub mod v1beta1; diff --git a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/mod.rs b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/mod.rs new file mode 100644 index 000000000..76d54816f --- /dev/null +++ b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/mod.rs @@ -0,0 +1,3 @@ +pub mod volumegroupsnapshotclasses; +pub mod volumegroupsnapshotcontents; +pub mod volumegroupsnapshots; diff --git a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotclasses.rs b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotclasses.rs new file mode 100644 index 000000000..b97801bd7 --- /dev/null +++ b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotclasses.rs @@ -0,0 +1,11 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotclasses.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; + pub use std::collections::BTreeMap; +} + diff --git a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotcontents.rs b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotcontents.rs new file mode 100644 index 000000000..a00eceebd --- /dev/null +++ b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshotcontents.rs @@ -0,0 +1,229 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshotcontents.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; + pub use k8s_openapi::api::core::v1::ObjectReference; +} +use self::prelude::*; + +/// Spec defines properties of a VolumeGroupSnapshotContent created by the underlying storage system. +/// Required. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)] +#[kube(group = "groupsnapshot.storage.k8s.io", version = "v1beta1", kind = "VolumeGroupSnapshotContent", plural = "volumegroupsnapshotcontents")] +#[kube(status = "VolumeGroupSnapshotContentStatus")] +#[kube(schema = "disabled")] +#[kube(derive="PartialEq")] +pub struct VolumeGroupSnapshotContentSpec { + /// DeletionPolicy determines whether this VolumeGroupSnapshotContent and the + /// physical group snapshot on the underlying storage system should be deleted + /// when the bound VolumeGroupSnapshot is deleted. + /// Supported values are "Retain" and "Delete". + /// "Retain" means that the VolumeGroupSnapshotContent and its physical group + /// snapshot on underlying storage system are kept. + /// "Delete" means that the VolumeGroupSnapshotContent and its physical group + /// snapshot on underlying storage system are deleted. + /// For dynamically provisioned group snapshots, this field will automatically + /// be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field + /// defined in the corresponding VolumeGroupSnapshotClass. + /// For pre-existing snapshots, users MUST specify this field when creating the + /// VolumeGroupSnapshotContent object. + /// Required. + #[serde(rename = "deletionPolicy")] + pub deletion_policy: VolumeGroupSnapshotContentDeletionPolicy, + /// Driver is the name of the CSI driver used to create the physical group snapshot on + /// the underlying storage system. + /// This MUST be the same as the name returned by the CSI GetPluginName() call for + /// that driver. + /// Required. + pub driver: String, + /// Source specifies whether the snapshot is (or should be) dynamically provisioned + /// or already exists, and just requires a Kubernetes object representation. + /// This field is immutable after creation. + /// Required. + pub source: VolumeGroupSnapshotContentSource, + /// VolumeGroupSnapshotClassName is the name of the VolumeGroupSnapshotClass from + /// which this group snapshot was (or will be) created. + /// Note that after provisioning, the VolumeGroupSnapshotClass may be deleted or + /// recreated with different set of values, and as such, should not be referenced + /// post-snapshot creation. + /// For dynamic provisioning, this field must be set. + /// This field may be unset for pre-provisioned snapshots. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeGroupSnapshotClassName")] + pub volume_group_snapshot_class_name: Option, + /// VolumeGroupSnapshotRef specifies the VolumeGroupSnapshot object to which this + /// VolumeGroupSnapshotContent object is bound. + /// VolumeGroupSnapshot.Spec.VolumeGroupSnapshotContentName field must reference to + /// this VolumeGroupSnapshotContent's name for the bidirectional binding to be valid. + /// For a pre-existing VolumeGroupSnapshotContent object, name and namespace of the + /// VolumeGroupSnapshot object MUST be provided for binding to happen. + /// This field is immutable after creation. + /// Required. + #[serde(rename = "volumeGroupSnapshotRef")] + pub volume_group_snapshot_ref: ObjectReference, +} + +/// Spec defines properties of a VolumeGroupSnapshotContent created by the underlying storage system. +/// Required. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum VolumeGroupSnapshotContentDeletionPolicy { + Delete, + Retain, +} + +/// Source specifies whether the snapshot is (or should be) dynamically provisioned +/// or already exists, and just requires a Kubernetes object representation. +/// This field is immutable after creation. +/// Required. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotContentSource { + /// GroupSnapshotHandles specifies the CSI "group_snapshot_id" of a pre-existing + /// group snapshot and a list of CSI "snapshot_id" of pre-existing snapshots + /// on the underlying storage system for which a Kubernetes object + /// representation was (or should be) created. + /// This field is immutable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupSnapshotHandles")] + pub group_snapshot_handles: Option, + /// VolumeHandles is a list of volume handles on the backend to be snapshotted + /// together. It is specified for dynamic provisioning of the VolumeGroupSnapshot. + /// This field is immutable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeHandles")] + pub volume_handles: Option>, +} + +/// GroupSnapshotHandles specifies the CSI "group_snapshot_id" of a pre-existing +/// group snapshot and a list of CSI "snapshot_id" of pre-existing snapshots +/// on the underlying storage system for which a Kubernetes object +/// representation was (or should be) created. +/// This field is immutable. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotContentSourceGroupSnapshotHandles { + /// VolumeGroupSnapshotHandle specifies the CSI "group_snapshot_id" of a pre-existing + /// group snapshot on the underlying storage system for which a Kubernetes object + /// representation was (or should be) created. + /// This field is immutable. + /// Required. + #[serde(rename = "volumeGroupSnapshotHandle")] + pub volume_group_snapshot_handle: String, + /// VolumeSnapshotHandles is a list of CSI "snapshot_id" of pre-existing + /// snapshots on the underlying storage system for which Kubernetes objects + /// representation were (or should be) created. + /// This field is immutable. + /// Required. + #[serde(rename = "volumeSnapshotHandles")] + pub volume_snapshot_handles: Vec, +} + +/// VolumeGroupSnapshotRef specifies the VolumeGroupSnapshot object to which this +/// VolumeGroupSnapshotContent object is bound. +/// VolumeGroupSnapshot.Spec.VolumeGroupSnapshotContentName field must reference to +/// this VolumeGroupSnapshotContent's name for the bidirectional binding to be valid. +/// For a pre-existing VolumeGroupSnapshotContent object, name and namespace of the +/// VolumeGroupSnapshot object MUST be provided for binding to happen. +/// This field is immutable after creation. +/// Required. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotContentVolumeGroupSnapshotRef { + /// API version of the referent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// If referring to a piece of an object instead of an entire object, this string + /// should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + /// For example, if the object reference is to a container within a pod, this would take on a value like: + /// "spec.containers{name}" (where "name" refers to the name of the container that triggered + /// the event) or if no container name is specified "spec.containers[2]" (container with + /// index 2 in this pod). This syntax is chosen only to have some well-defined way of + /// referencing a part of an object. + /// TODO: this design is not final and this field is subject to change in the future. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] + pub field_path: Option, + /// Kind of the referent. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Specific resourceVersion to which this reference is made, if any. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceVersion")] + pub resource_version: Option, + /// UID of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uid: Option, +} + +/// status represents the current information of a group snapshot. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotContentStatus { + /// CreationTime is the timestamp when the point-in-time group snapshot is taken + /// by the underlying storage system. + /// If not specified, it indicates the creation time is unknown. + /// If not specified, it means the readiness of a group snapshot is unknown. + /// The format of this field is a Unix nanoseconds time encoded as an int64. + /// On Unix, the command date +%s%N returns the current time in nanoseconds + /// since 1970-01-01 00:00:00 UTC. + /// This field is the source for the CreationTime field in VolumeGroupSnapshotStatus + #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationTime")] + pub creation_time: Option, + /// Error is the last observed error during group snapshot creation, if any. + /// Upon success after retry, this error field will be cleared. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub error: Option, + /// ReadyToUse indicates if all the individual snapshots in the group are ready to be + /// used to restore a group of volumes. + /// ReadyToUse becomes true when ReadyToUse of all individual snapshots become true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyToUse")] + pub ready_to_use: Option, + /// VolumeGroupSnapshotHandle is a unique id returned by the CSI driver + /// to identify the VolumeGroupSnapshot on the storage system. + /// If a storage system does not provide such an id, the + /// CSI driver can choose to return the VolumeGroupSnapshot name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeGroupSnapshotHandle")] + pub volume_group_snapshot_handle: Option, + /// VolumeSnapshotHandlePairList is a list of CSI "volume_id" and "snapshot_id" + /// pair returned by the CSI driver to identify snapshots and their source volumes + /// on the storage system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSnapshotHandlePairList")] + pub volume_snapshot_handle_pair_list: Option>, +} + +/// Error is the last observed error during group snapshot creation, if any. +/// Upon success after retry, this error field will be cleared. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotContentStatusError { + /// message is a string detailing the encountered error during snapshot + /// creation if specified. + /// NOTE: message may be logged, and it should not contain sensitive + /// information. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// time is the timestamp when the error was encountered. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub time: Option, +} + +/// VolumeSnapshotHandlePair defines a pair of a source volume handle and a snapshot handle +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotContentStatusVolumeSnapshotHandlePairList { + /// SnapshotHandle is a unique id returned by the CSI driver to identify a volume + /// snapshot on the storage system + /// Required. + #[serde(rename = "snapshotHandle")] + pub snapshot_handle: String, + /// VolumeHandle is a unique id returned by the CSI driver to identify a volume + /// on the storage system + /// Required. + #[serde(rename = "volumeHandle")] + pub volume_handle: String, +} + diff --git a/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshots.rs b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshots.rs new file mode 100644 index 000000000..c8561af7c --- /dev/null +++ b/kube-custom-resources-rs/src/groupsnapshot_storage_k8s_io/v1beta1/volumegroupsnapshots.rs @@ -0,0 +1,156 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/kubernetes-csi/external-snapshotter/groupsnapshot.storage.k8s.io/v1beta1/volumegroupsnapshots.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; + pub use std::collections::BTreeMap; +} +use self::prelude::*; + +/// Spec defines the desired characteristics of a group snapshot requested by a user. +/// Required. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "groupsnapshot.storage.k8s.io", version = "v1beta1", kind = "VolumeGroupSnapshot", plural = "volumegroupsnapshots")] +#[kube(namespaced)] +#[kube(status = "VolumeGroupSnapshotStatus")] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct VolumeGroupSnapshotSpec { + /// Source specifies where a group snapshot will be created from. + /// This field is immutable after creation. + /// Required. + pub source: VolumeGroupSnapshotSource, + /// VolumeGroupSnapshotClassName is the name of the VolumeGroupSnapshotClass + /// requested by the VolumeGroupSnapshot. + /// VolumeGroupSnapshotClassName may be left nil to indicate that the default + /// class will be used. + /// Empty string is not allowed for this field. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeGroupSnapshotClassName")] + pub volume_group_snapshot_class_name: Option, +} + +/// Source specifies where a group snapshot will be created from. +/// This field is immutable after creation. +/// Required. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotSource { + /// Selector is a label query over persistent volume claims that are to be + /// grouped together for snapshotting. + /// This labelSelector will be used to match the label added to a PVC. + /// If the label is added or removed to a volume after a group snapshot + /// is created, the existing group snapshots won't be modified. + /// Once a VolumeGroupSnapshotContent is created and the sidecar starts to process + /// it, the volume list will not change with retries. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// VolumeGroupSnapshotContentName specifies the name of a pre-existing VolumeGroupSnapshotContent + /// object representing an existing volume group snapshot. + /// This field should be set if the volume group snapshot already exists and + /// only needs a representation in Kubernetes. + /// This field is immutable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeGroupSnapshotContentName")] + pub volume_group_snapshot_content_name: Option, +} + +/// Selector is a label query over persistent volume claims that are to be +/// grouped together for snapshotting. +/// This labelSelector will be used to match the label added to a PVC. +/// If the label is added or removed to a volume after a group snapshot +/// is created, the existing group snapshots won't be modified. +/// Once a VolumeGroupSnapshotContent is created and the sidecar starts to process +/// it, the volume list will not change with retries. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotSourceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotSourceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Status represents the current information of a group snapshot. +/// Consumers must verify binding between VolumeGroupSnapshot and +/// VolumeGroupSnapshotContent objects is successful (by validating that both +/// VolumeGroupSnapshot and VolumeGroupSnapshotContent point to each other) before +/// using this object. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotStatus { + /// BoundVolumeGroupSnapshotContentName is the name of the VolumeGroupSnapshotContent + /// object to which this VolumeGroupSnapshot object intends to bind to. + /// If not specified, it indicates that the VolumeGroupSnapshot object has not + /// been successfully bound to a VolumeGroupSnapshotContent object yet. + /// NOTE: To avoid possible security issues, consumers must verify binding between + /// VolumeGroupSnapshot and VolumeGroupSnapshotContent objects is successful + /// (by validating that both VolumeGroupSnapshot and VolumeGroupSnapshotContent + /// point at each other) before using this object. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "boundVolumeGroupSnapshotContentName")] + pub bound_volume_group_snapshot_content_name: Option, + /// CreationTime is the timestamp when the point-in-time group snapshot is taken + /// by the underlying storage system. + /// If not specified, it may indicate that the creation time of the group snapshot + /// is unknown. + /// The format of this field is a Unix nanoseconds time encoded as an int64. + /// On Unix, the command date +%s%N returns the current time in nanoseconds + /// since 1970-01-01 00:00:00 UTC. + /// This field is updated based on the CreationTime field in VolumeGroupSnapshotContentStatus + #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationTime")] + pub creation_time: Option, + /// Error is the last observed error during group snapshot creation, if any. + /// This field could be helpful to upper level controllers (i.e., application + /// controller) to decide whether they should continue on waiting for the group + /// snapshot to be created based on the type of error reported. + /// The snapshot controller will keep retrying when an error occurs during the + /// group snapshot creation. Upon success, this error field will be cleared. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub error: Option, + /// ReadyToUse indicates if all the individual snapshots in the group are ready + /// to be used to restore a group of volumes. + /// ReadyToUse becomes true when ReadyToUse of all individual snapshots become true. + /// If not specified, it means the readiness of a group snapshot is unknown. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyToUse")] + pub ready_to_use: Option, +} + +/// Error is the last observed error during group snapshot creation, if any. +/// This field could be helpful to upper level controllers (i.e., application +/// controller) to decide whether they should continue on waiting for the group +/// snapshot to be created based on the type of error reported. +/// The snapshot controller will keep retrying when an error occurs during the +/// group snapshot creation. Upon success, this error field will be cleared. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VolumeGroupSnapshotStatusError { + /// message is a string detailing the encountered error during snapshot + /// creation if specified. + /// NOTE: message may be logged, and it should not contain sensitive + /// information. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// time is the timestamp when the error was encountered. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub time: Option, +} + diff --git a/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2/helmreleases.rs b/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2/helmreleases.rs index 2c8b43f20..5f97dc147 100644 --- a/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2/helmreleases.rs +++ b/kube-custom-resources-rs/src/helm_toolkit_fluxcd_io/v2/helmreleases.rs @@ -412,6 +412,10 @@ pub struct HelmReleaseInstall { /// the values against the JSON Schema. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableSchemaValidation")] pub disable_schema_validation: Option, + /// DisableTakeOwnership disables taking ownership of existing resources + /// during the Helm install action. Defaults to false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableTakeOwnership")] + pub disable_take_ownership: Option, /// DisableWait disables the waiting for resources to be ready after a Helm /// install has been performed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWait")] @@ -728,6 +732,10 @@ pub struct HelmReleaseUpgrade { /// the values against the JSON Schema. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableSchemaValidation")] pub disable_schema_validation: Option, + /// DisableTakeOwnership disables taking ownership of existing resources + /// during the Helm upgrade action. Defaults to false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableTakeOwnership")] + pub disable_take_ownership: Option, /// DisableWait disables the waiting for resources to be ready after a Helm /// upgrade has been performed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableWait")] diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs index 327d36e8d..69d17e5cf 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs @@ -627,6 +627,13 @@ pub struct ClusterDeploymentPlatformGcp { /// CredentialsSecretRef refers to a secret that contains the GCP account access credentials. #[serde(default, skip_serializing_if = "Option::is_none", rename = "credentialsSecretRef")] pub credentials_secret_ref: Option, + /// DiscardLocalSsdOnHibernate passes the specified value through to the GCP API to indicate + /// whether the content of any local SSDs should be preserved or discarded. See + /// https://cloud.google.com/compute/docs/disks/local-ssd#stop_instance + /// This field is required when attempting to hibernate clusters with instances possessing + /// SSDs -- e.g. those with GPUs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "discardLocalSsdOnHibernate")] + pub discard_local_ssd_on_hibernate: Option, /// PrivateSericeConnect allows users to enable access to the cluster's API server using GCP /// Private Service Connect. It includes a forwarding rule paired with a Service Attachment /// across GCP accounts and allows clients to connect to services using GCP internal networking diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs index 6492ffe98..cb02b2f23 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs @@ -491,6 +491,13 @@ pub struct ClusterPoolPlatformGcp { /// CredentialsSecretRef refers to a secret that contains the GCP account access credentials. #[serde(default, skip_serializing_if = "Option::is_none", rename = "credentialsSecretRef")] pub credentials_secret_ref: Option, + /// DiscardLocalSsdOnHibernate passes the specified value through to the GCP API to indicate + /// whether the content of any local SSDs should be preserved or discarded. See + /// https://cloud.google.com/compute/docs/disks/local-ssd#stop_instance + /// This field is required when attempting to hibernate clusters with instances possessing + /// SSDs -- e.g. those with GPUs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "discardLocalSsdOnHibernate")] + pub discard_local_ssd_on_hibernate: Option, /// PrivateSericeConnect allows users to enable access to the cluster's API server using GCP /// Private Service Connect. It includes a forwarding rule paired with a Service Attachment /// across GCP accounts and allows clients to connect to services using GCP internal networking diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs index bc6aa2600..18dbd1b03 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs @@ -214,6 +214,9 @@ pub struct MachinePoolPlatformAzure { /// OSImage defines the image to use for the OS. #[serde(default, skip_serializing_if = "Option::is_none", rename = "osImage")] pub os_image: Option, + /// OutboundType is a strategy for how egress from cluster is achieved. When not specified default is "Loadbalancer". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "outboundType")] + pub outbound_type: Option, /// InstanceType defines the azure instance type. /// eg. Standard_DS_V2 #[serde(rename = "type")] @@ -353,24 +356,15 @@ pub struct MachinePoolPlatformGcpOsDisk { #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskSizeGB")] pub disk_size_gb: Option, /// DiskType defines the type of disk. - /// The valid values are pd-standard and pd-ssd. + /// The valid values at this time are: pd-standard, pd-ssd, local-ssd, pd-balanced, hyperdisk-balanced. /// Defaulted internally to pd-ssd. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskType")] - pub disk_type: Option, + pub disk_type: Option, /// EncryptionKey defines the KMS key to be used to encrypt the disk. #[serde(default, skip_serializing_if = "Option::is_none", rename = "encryptionKey")] pub encryption_key: Option, } -/// OSDisk defines the storage for instances. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum MachinePoolPlatformGcpOsDiskDiskType { - #[serde(rename = "pd-ssd")] - PdSsd, - #[serde(rename = "pd-standard")] - PdStandard, -} - /// EncryptionKey defines the KMS key to be used to encrypt the disk. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolPlatformGcpOsDiskEncryptionKey { @@ -477,7 +471,7 @@ pub struct MachinePoolPlatformIbmcloudDedicatedHosts { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolPlatformOpenstack { /// AdditionalSecurityGroupIDs contains IDs of additional security groups for machines, where each ID - /// is presented in the format sg-xxxx. + /// is presented in the UUID format. #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalSecurityGroupIDs")] pub additional_security_group_i_ds: Option>, /// Flavor defines the OpenStack Nova flavor. diff --git a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/groups.rs b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/groups.rs index 616657d60..4b1019a50 100644 --- a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/groups.rs +++ b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/groups.rs @@ -92,7 +92,7 @@ pub struct GroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/instanceprofiles.rs b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/instanceprofiles.rs index 00ab309db..314ceaab3 100644 --- a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/instanceprofiles.rs +++ b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/instanceprofiles.rs @@ -119,7 +119,7 @@ pub struct InstanceProfileStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/openidconnectproviders.rs b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/openidconnectproviders.rs index ccb49ba49..bc25f1dc4 100644 --- a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/openidconnectproviders.rs +++ b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/openidconnectproviders.rs @@ -47,11 +47,14 @@ pub struct OpenIDConnectProviderSpec { /// lets you maintain multiple thumbprints if the identity provider is rotating /// certificates. /// + /// This parameter is optional. If it is not included, IAM will retrieve and + /// use the top intermediate certificate authority (CA) thumbprint of the OpenID + /// Connect identity provider server certificate. + /// /// The server certificate thumbprint is the hex-encoded SHA-1 hash value of /// the X.509 certificate used by the domain where the OpenID Connect provider /// makes its keys available. It is always a 40-character string. /// - /// You must provide at least one thumbprint when creating an IAM OIDC provider. /// For example, assume that the OIDC provider is server.example.com and the /// provider stores its keys at https://keys.server.example.com/openid-connect. /// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value @@ -60,7 +63,8 @@ pub struct OpenIDConnectProviderSpec { /// For more information about obtaining the OIDC provider thumbprint, see Obtaining /// the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html) /// in the IAM user Guide. - pub thumbprints: Vec, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub thumbprints: Option>, /// The URL of the identity provider. The URL must begin with https:// and should /// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per /// the OIDC standard, path components are allowed but query parameters are not. @@ -94,7 +98,7 @@ pub struct OpenIDConnectProviderStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/policies.rs b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/policies.rs index 03cb50bec..5ce2284b2 100644 --- a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/policies.rs +++ b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/policies.rs @@ -126,7 +126,7 @@ pub struct PolicyStatus { /// to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachmentCount")] pub attachment_count: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/roles.rs b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/roles.rs index d8608aa6f..3c240110a 100644 --- a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/roles.rs +++ b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/roles.rs @@ -200,7 +200,7 @@ pub struct RoleStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/users.rs b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/users.rs index a129591ee..ef315c020 100644 --- a/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/users.rs +++ b/kube-custom-resources-rs/src/iam_services_k8s_aws/v1alpha1/users.rs @@ -161,7 +161,7 @@ pub struct UserStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs index ec4fdeb26..4e078fd1c 100644 --- a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs +++ b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha1/terraforms.rs @@ -555,7 +555,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -566,7 +566,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -676,7 +676,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -687,7 +687,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -828,7 +828,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -839,7 +839,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -949,7 +949,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSc /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -960,7 +960,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSc /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1099,9 +1099,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1144,9 +1142,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1175,9 +1171,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvFromConfigMapRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1192,9 +1186,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvFromSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1418,9 +1410,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromConfigMapKeyR /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1463,9 +1453,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromSecretKeyRef /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1494,9 +1482,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromConfigMapRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1511,9 +1497,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1550,23 +1534,23 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1578,7 +1562,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1611,7 +1595,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartHttpGet pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1619,8 +1603,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1643,23 +1627,23 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartTcpSock /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1671,7 +1655,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1704,7 +1688,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopHttpGetHt pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -1712,8 +1696,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1731,17 +1715,17 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopTcpSocket /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1756,7 +1740,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1778,7 +1762,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1790,7 +1774,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1798,13 +1782,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1837,7 +1820,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeHttpGetHttpH pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1882,17 +1865,17 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1907,7 +1890,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1929,7 +1912,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1941,7 +1924,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1949,13 +1932,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1988,7 +1970,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeHttpGetHttp pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2021,11 +2003,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2048,6 +2028,11 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -2081,7 +2066,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2204,7 +2189,6 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextSeccompPro /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2249,17 +2233,17 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextWindowsOpt /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2274,7 +2258,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2296,7 +2280,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2308,7 +2292,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2316,13 +2300,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2355,7 +2338,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeHttpGetHttpHe pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2401,10 +2384,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// RecursiveReadOnly specifies whether read-only mounts should be handled /// recursively. /// - /// /// If ReadOnly is false, this field has no meaning and must be unspecified. /// - /// /// If ReadOnly is true, and this field is set to Disabled, the mount is not made /// recursively read-only. If this field is set to IfPossible, the mount is made /// recursively read-only, if it is supported by the container runtime. If this @@ -2412,11 +2393,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// supported by the container runtime, otherwise the pod will not be started and /// an error will be generated to indicate the reason. /// - /// /// If this field is set to IfPossible or Enabled, MountPropagation must be set to /// None (or be unspecified, which defaults to None). /// - /// /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, @@ -2486,10 +2465,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// RecursiveReadOnly specifies whether read-only mounts should be handled /// recursively. /// - /// /// If ReadOnly is false, this field has no meaning and must be unspecified. /// - /// /// If ReadOnly is true, and this field is set to Disabled, the mount is not made /// recursively read-only. If this field is set to IfPossible, the mount is made /// recursively read-only, if it is supported by the container runtime. If this @@ -2497,11 +2474,9 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// supported by the container runtime, otherwise the pod will not be started and /// an error will be generated to indicate the reason. /// - /// /// If this field is set to IfPossible or Enabled, MountPropagation must be set to /// None (or be unspecified, which defaults to None). /// - /// /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, @@ -2522,26 +2497,35 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { pub struct TerraformRunnerPodTemplateSpecVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -2555,7 +2539,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -2566,17 +2549,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2586,23 +2566,28 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -2611,11 +2596,24 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -2634,23 +2632,30 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -2658,15 +2663,20 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesAwsElasticBlockStore { @@ -2674,7 +2684,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAwsElasticBlockStore { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -2694,6 +2703,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -2720,6 +2731,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -2734,7 +2747,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -2770,14 +2784,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCephfsSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCinder { @@ -2810,9 +2824,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCinderSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2842,9 +2854,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesConfigMap { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -2872,7 +2882,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -2911,9 +2921,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCsiNodePublishSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3007,7 +3015,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEmptyDir { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -3018,17 +3025,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEmptyDir { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3041,7 +3045,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -3051,11 +3054,9 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -3069,7 +3070,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -3079,11 +3079,9 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplate { @@ -3176,7 +3174,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -3305,7 +3303,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -3326,6 +3323,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -3362,14 +3360,13 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolumeSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -3383,6 +3380,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesGcePersistentDisk { @@ -3390,7 +3389,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGcePersistentDisk { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -3412,7 +3410,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3431,6 +3429,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesGlusterfs { @@ -3452,9 +3451,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGlusterfs { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesHostPath { /// path of the directory on the host. @@ -3468,6 +3464,39 @@ pub struct TerraformRunnerPodTemplateSpecVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -3483,7 +3512,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -3523,9 +3551,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesIscsiSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3562,7 +3588,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -3575,7 +3602,10 @@ pub struct TerraformRunnerPodTemplateSpecVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -3603,25 +3633,24 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// - /// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// - /// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// - /// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -3646,14 +3675,11 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// -/// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// -/// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// -/// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -3736,9 +3762,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesConfigMap { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3837,9 +3861,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesSecret { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -3889,7 +3911,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesServiceAccountTo pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesQuobyte { /// group to map volume access to @@ -3917,6 +3940,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesRbd { @@ -3924,7 +3948,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -3971,14 +3994,13 @@ pub struct TerraformRunnerPodTemplateSpecVolumesRbdSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -4026,9 +4048,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesScaleIoSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4085,6 +4105,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesStorageos { /// fsType is the filesystem type to mount. @@ -4122,14 +4143,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumesStorageosSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -4188,15 +4209,12 @@ pub enum TerraformStoreReadablePlan { pub struct TerraformTfstate { /// ForceUnlock a Terraform state if it has become locked for any reason. Defaults to `no`. /// - /// /// This is an Enum and has the expected values of: /// - /// /// - auto /// - yes /// - no /// - /// /// WARNING: Only use `auto` in the cases where you are absolutely certain that /// no other system is using this state, you could otherwise end up in a bad place /// See https://www.terraform.io/language/state/locking#force-unlock for more @@ -4206,11 +4224,9 @@ pub struct TerraformTfstate { /// LockIdentifier holds the Identifier required by Terraform to unlock the state /// if it ever gets into a locked state. /// - /// /// You'll need to put the Lock Identifier in here while setting ForceUnlock to /// either `yes` or `auto`. /// - /// /// Leave this empty to do nothing, set this to the value of the `Lock Info: ID: [value]`, /// e.g. `f2ab685b-f84d-ac0b-a125-378a22877e8d`, to force unlock the state. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lockIdentifier")] @@ -4267,9 +4283,7 @@ pub struct TerraformVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4312,9 +4326,7 @@ pub struct TerraformVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4358,8 +4370,8 @@ pub struct TerraformWebhooks { #[serde(default, skip_serializing_if = "Option::is_none", rename = "payloadType")] pub payload_type: Option, pub stage: TerraformWebhooksStage, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "testExpression")] - pub test_expression: Option, + #[serde(rename = "testExpression")] + pub test_expression: String, pub url: String, } diff --git a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs index 010103267..96835073f 100644 --- a/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs +++ b/kube-custom-resources-rs/src/infra_contrib_fluxcd_io/v1alpha2/terraforms.rs @@ -141,6 +141,9 @@ pub struct TerraformSpec { /// TFStateSpec allows the user to set ForceUnlock #[serde(default, skip_serializing_if = "Option::is_none")] pub tfstate: Option, + /// UpgradeOnInit configures to upgrade modules and providers on initialization of a stack + #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeOnInit")] + pub upgrade_on_init: Option, /// Values map to the Terraform variable "values", which is an object of arbitrary values. /// It is a convenient way to pass values to Terraform resources without having to define /// a variable for each value. To use this feature, your Terraform file must define the variable "values". @@ -620,7 +623,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -631,7 +634,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityPreferredDuringSched /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -741,7 +744,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -752,7 +755,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAffinityRequiredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -893,7 +896,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -904,7 +907,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityPreferredDuringS /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1014,7 +1017,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSc /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1025,7 +1028,7 @@ pub struct TerraformRunnerPodTemplateSpecAffinityPodAntiAffinityRequiredDuringSc /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1164,9 +1167,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1209,9 +1210,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1240,9 +1239,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvFromConfigMapRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1257,9 +1254,7 @@ pub struct TerraformRunnerPodTemplateSpecEnvFromSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1494,9 +1489,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromConfigMapKeyR /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1539,9 +1532,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvValueFromSecretKeyRef /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1570,9 +1561,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromConfigMapRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1587,9 +1576,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersEnvFromSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1626,23 +1613,23 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1654,7 +1641,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1687,7 +1674,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartHttpGet pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1695,8 +1682,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1719,23 +1706,23 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePostStartTcpSock /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1747,7 +1734,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1780,7 +1767,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopHttpGetHt pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -1788,8 +1775,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1807,17 +1794,17 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLifecyclePreStopTcpSocket /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1832,7 +1819,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1854,7 +1841,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1866,7 +1853,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1874,13 +1861,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1913,7 +1899,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeHttpGetHttpH pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1958,17 +1944,17 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1983,7 +1969,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2005,7 +1991,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2017,7 +2003,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2025,13 +2011,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2064,7 +2049,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeHttpGetHttp pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2097,11 +2082,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2124,6 +2107,11 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -2157,7 +2145,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2280,7 +2268,6 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextSeccompPro /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2325,17 +2312,17 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersSecurityContextWindowsOpt /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2350,7 +2337,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2372,7 +2359,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2384,7 +2371,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2392,13 +2379,12 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2431,7 +2417,7 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeHttpGetHttpHe pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2477,10 +2463,8 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// RecursiveReadOnly specifies whether read-only mounts should be handled /// recursively. /// - /// /// If ReadOnly is false, this field has no meaning and must be unspecified. /// - /// /// If ReadOnly is true, and this field is set to Disabled, the mount is not made /// recursively read-only. If this field is set to IfPossible, the mount is made /// recursively read-only, if it is supported by the container runtime. If this @@ -2488,11 +2472,9 @@ pub struct TerraformRunnerPodTemplateSpecInitContainersVolumeMounts { /// supported by the container runtime, otherwise the pod will not be started and /// an error will be generated to indicate the reason. /// - /// /// If this field is set to IfPossible or Enabled, MountPropagation must be set to /// None (or be unspecified, which defaults to None). /// - /// /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, @@ -2514,11 +2496,9 @@ pub struct TerraformRunnerPodTemplateSpecResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2541,6 +2521,11 @@ pub struct TerraformRunnerPodTemplateSpecResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Set SecurityContext for the Runner Pod container @@ -2572,7 +2557,7 @@ pub struct TerraformRunnerPodTemplateSpecSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2695,7 +2680,6 @@ pub struct TerraformRunnerPodTemplateSpecSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2785,10 +2769,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// RecursiveReadOnly specifies whether read-only mounts should be handled /// recursively. /// - /// /// If ReadOnly is false, this field has no meaning and must be unspecified. /// - /// /// If ReadOnly is true, and this field is set to Disabled, the mount is not made /// recursively read-only. If this field is set to IfPossible, the mount is made /// recursively read-only, if it is supported by the container runtime. If this @@ -2796,11 +2778,9 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { /// supported by the container runtime, otherwise the pod will not be started and /// an error will be generated to indicate the reason. /// - /// /// If this field is set to IfPossible or Enabled, MountPropagation must be set to /// None (or be unspecified, which defaults to None). /// - /// /// If this field is not specified, it is treated as an equivalent of Disabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] pub recursive_read_only: Option, @@ -2821,26 +2801,35 @@ pub struct TerraformRunnerPodTemplateSpecVolumeMounts { pub struct TerraformRunnerPodTemplateSpecVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -2854,7 +2843,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -2865,17 +2853,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2885,23 +2870,28 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -2910,11 +2900,24 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -2933,23 +2936,30 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -2957,15 +2967,20 @@ pub struct TerraformRunnerPodTemplateSpecVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesAwsElasticBlockStore { @@ -2973,7 +2988,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAwsElasticBlockStore { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -2993,6 +3007,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -3019,6 +3035,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -3033,7 +3051,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -3069,14 +3088,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCephfsSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCinder { @@ -3109,9 +3128,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCinderSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3141,9 +3158,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesConfigMap { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -3171,7 +3186,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -3210,9 +3225,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesCsiNodePublishSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3306,7 +3319,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEmptyDir { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -3317,17 +3329,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEmptyDir { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3340,7 +3349,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -3350,11 +3358,9 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -3368,7 +3374,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -3378,11 +3383,9 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplate { @@ -3475,7 +3478,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -3604,7 +3607,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -3625,6 +3627,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -3661,14 +3664,13 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFlexVolumeSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -3682,6 +3684,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesGcePersistentDisk { @@ -3689,7 +3693,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGcePersistentDisk { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -3711,7 +3714,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3730,6 +3733,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesGlusterfs { @@ -3751,9 +3755,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesGlusterfs { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesHostPath { /// path of the directory on the host. @@ -3767,6 +3768,39 @@ pub struct TerraformRunnerPodTemplateSpecVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TerraformRunnerPodTemplateSpecVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -3782,7 +3816,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -3822,9 +3855,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesIscsiSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3861,7 +3892,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -3874,7 +3906,10 @@ pub struct TerraformRunnerPodTemplateSpecVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -3902,25 +3937,24 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// - /// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// - /// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// - /// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -3945,14 +3979,11 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// -/// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// -/// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// -/// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -4035,9 +4066,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesConfigMap { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -4136,9 +4165,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesSecret { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -4188,7 +4215,8 @@ pub struct TerraformRunnerPodTemplateSpecVolumesProjectedSourcesServiceAccountTo pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesQuobyte { /// group to map volume access to @@ -4216,6 +4244,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesRbd { @@ -4223,7 +4252,6 @@ pub struct TerraformRunnerPodTemplateSpecVolumesRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -4270,14 +4298,13 @@ pub struct TerraformRunnerPodTemplateSpecVolumesRbdSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -4325,9 +4352,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesScaleIoSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4384,6 +4409,7 @@ pub struct TerraformRunnerPodTemplateSpecVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesStorageos { /// fsType is the filesystem type to mount. @@ -4421,14 +4447,14 @@ pub struct TerraformRunnerPodTemplateSpecVolumesStorageosSecretRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TerraformRunnerPodTemplateSpecVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -4487,15 +4513,12 @@ pub enum TerraformStoreReadablePlan { pub struct TerraformTfstate { /// ForceUnlock a Terraform state if it has become locked for any reason. Defaults to `no`. /// - /// /// This is an Enum and has the expected values of: /// - /// /// - auto /// - yes /// - no /// - /// /// WARNING: Only use `auto` in the cases where you are absolutely certain that /// no other system is using this state, you could otherwise end up in a bad place /// See https://www.terraform.io/language/state/locking#force-unlock for more @@ -4505,11 +4528,9 @@ pub struct TerraformTfstate { /// LockIdentifier holds the Identifier required by Terraform to unlock the state /// if it ever gets into a locked state. /// - /// /// You'll need to put the Lock Identifier in here while setting ForceUnlock to /// either `yes` or `auto`. /// - /// /// Leave this empty to do nothing, set this to the value of the `Lock Info: ID: [value]`, /// e.g. `f2ab685b-f84d-ac0b-a125-378a22877e8d`, to force unlock the state. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lockIdentifier")] @@ -4518,7 +4539,6 @@ pub struct TerraformTfstate { /// time before returning an error. The duration syntax is a number followed by a time unit letter, such as `3s` for /// three seconds. /// - /// /// Defaults to `0s` which will behave as though `LockTimeout` was not set #[serde(default, skip_serializing_if = "Option::is_none", rename = "lockTimeout")] pub lock_timeout: Option, @@ -4574,9 +4594,7 @@ pub struct TerraformVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4619,9 +4637,7 @@ pub struct TerraformVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4665,8 +4681,8 @@ pub struct TerraformWebhooks { #[serde(default, skip_serializing_if = "Option::is_none", rename = "payloadType")] pub payload_type: Option, pub stage: TerraformWebhooksStage, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "testExpression")] - pub test_expression: Option, + #[serde(rename = "testExpression")] + pub test_expression: String, pub url: String, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclusters.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclusters.rs index 83123903d..706967e0a 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclusters.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclusters.rs @@ -90,7 +90,6 @@ pub struct KubevirtClusterInfraClusterSecretRef { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. @@ -143,7 +142,6 @@ pub struct KubevirtClusterSshKeysConfigRef { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. @@ -186,10 +184,10 @@ pub struct KubevirtClusterStatus { /// will use this if we populate it. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtClusterStatusFailureDomains { - /// Attributes is a free form map of attributes an infrastructure provider might use or require. + /// attributes is a free form map of attributes an infrastructure provider might use or require. #[serde(default, skip_serializing_if = "Option::is_none")] pub attributes: Option>, - /// ControlPlane determines if this failure domain is suitable for use by control plane machines. + /// controlPlane determines if this failure domain is suitable for use by control plane machines. #[serde(default, skip_serializing_if = "Option::is_none", rename = "controlPlane")] pub control_plane: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclustertemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclustertemplates.rs index 492b00ffe..e8c316ea4 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclustertemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtclustertemplates.rs @@ -29,26 +29,22 @@ pub struct KubevirtClusterTemplateTemplate { /// ObjectMeta is metadata that all persisted resources must have, which includes all objects /// users must create. This is a copy of customizable fields from metav1.ObjectMeta. /// - /// /// ObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` and `MachineSet.Template`, /// which are not top-level Kubernetes objects. Given that metav1.ObjectMeta has lots of special cases /// and read-only fields which end up in the generated CRD validation, having it as a subset simplifies /// the API and some issues that can impact user experience. /// - /// /// During the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054) /// for v1alpha2, we noticed a failure would occur running Cluster API test suite against the new CRDs, /// specifically `spec.metadata.creationTimestamp in body must be of type string: "null"`. /// The investigation showed that `controller-tools@v2` behaves differently than its previous version /// when handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) package. /// - /// /// In more details, we found that embedded (non-top level) types that embedded `metav1.ObjectMeta` /// had validation properties, including for `creationTimestamp` (metav1.Time). /// The `metav1.Time` type specifies a custom json marshaller that, when IsZero() is true, returns `null` /// which breaks validation because the field isn't marked as nullable. /// - /// /// In future versions, controller-tools@v2 might allow overriding the type and validation for embedded /// types. When that happens, this hack should be revisited. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -60,31 +56,27 @@ pub struct KubevirtClusterTemplateTemplate { /// ObjectMeta is metadata that all persisted resources must have, which includes all objects /// users must create. This is a copy of customizable fields from metav1.ObjectMeta. /// -/// /// ObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` and `MachineSet.Template`, /// which are not top-level Kubernetes objects. Given that metav1.ObjectMeta has lots of special cases /// and read-only fields which end up in the generated CRD validation, having it as a subset simplifies /// the API and some issues that can impact user experience. /// -/// /// During the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054) /// for v1alpha2, we noticed a failure would occur running Cluster API test suite against the new CRDs, /// specifically `spec.metadata.creationTimestamp in body must be of type string: "null"`. /// The investigation showed that `controller-tools@v2` behaves differently than its previous version /// when handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) package. /// -/// /// In more details, we found that embedded (non-top level) types that embedded `metav1.ObjectMeta` /// had validation properties, including for `creationTimestamp` (metav1.Time). /// The `metav1.Time` type specifies a custom json marshaller that, when IsZero() is true, returns `null` /// which breaks validation because the field isn't marked as nullable. /// -/// /// In future versions, controller-tools@v2 might allow overriding the type and validation for embedded /// types. When that happens, this hack should be revisited. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtClusterTemplateTemplateMetadata { - /// Annotations is an unstructured key value map stored with a resource that may be + /// annotations is an unstructured key value map stored with a resource that may be /// set by external tools to store and retrieve arbitrary metadata. They are not /// queryable and should be preserved when modifying objects. /// More info: http://kubernetes.io/docs/user-guide/annotations @@ -170,7 +162,6 @@ pub struct KubevirtClusterTemplateTemplateSpecInfraClusterSecretRef { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. @@ -223,7 +214,6 @@ pub struct KubevirtClusterTemplateTemplateSpecSshKeysConfigRef { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachines.rs index 8c93dd275..072c68ea2 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachines.rs @@ -51,7 +51,6 @@ pub struct KubevirtMachineInfraClusterSecretRef { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. @@ -124,10 +123,14 @@ pub struct KubevirtMachineVirtualMachineTemplateSpec { pub run_strategy: Option, /// Running controls whether the associatied VirtualMachineInstance is created or not /// Mutually exclusive with RunStrategy + /// Deprecated: VirtualMachineInstance field "Running" is now deprecated, please use RunStrategy instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub running: Option, /// Template is the direct specification of VirtualMachineInstance pub template: KubevirtMachineVirtualMachineTemplateSpecTemplate, + /// UpdateVolumesStrategy is the strategy to apply on volumes updates + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateVolumesStrategy")] + pub update_volumes_strategy: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -272,7 +275,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecDataVolumeTemplatesSpecPvc { /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -653,17 +656,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecDataVolumeTemplatesSpecStora /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecDataVolumeTemplatesSpecStorageResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -676,15 +668,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecDataVolumeTemplatesSpecStora pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct KubevirtMachineVirtualMachineTemplateSpecDataVolumeTemplatesSpecStorageResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// A label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecDataVolumeTemplatesSpecStorageSelector { @@ -1210,7 +1193,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1221,7 +1204,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1331,7 +1314,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1342,7 +1325,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1483,7 +1466,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1494,7 +1477,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1604,7 +1587,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1615,7 +1598,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecAffinityPodAntiA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1731,9 +1714,11 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2311,22 +2296,25 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInt /// Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF. #[serde(default, skip_serializing_if = "Option::is_none", rename = "macAddress")] pub mac_address: Option, - /// Deprecated, please refer to Kubevirt user guide for alternatives. + /// DeprecatedMacvtap is an alias to the deprecated Macvtap interface, + /// please refer to Kubevirt user guide for alternatives. + /// Deprecated: Removed in v1.3 #[serde(default, skip_serializing_if = "Option::is_none")] pub macvtap: Option, /// InterfaceMasquerade connects to a given network using netfilter rules to nat the traffic. #[serde(default, skip_serializing_if = "Option::is_none")] pub masquerade: Option, /// Interface model. - /// One of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio. + /// One of: e1000, e1000e, igb, ne2k_pci, pcnet, rtl8139, virtio. /// Defaults to virtio. - /// TODO:(ihar) switch to enums once opengen-api supports them. See: https://github.com/kubernetes/kube-openapi/issues/51 #[serde(default, skip_serializing_if = "Option::is_none")] pub model: Option, /// Logical name of the interface as well as a reference to the associated networks. /// Must match the Name of a Network. pub name: String, - /// Deprecated, please refer to Kubevirt user guide for alternatives. + /// DeprecatedPasst is an alias to the deprecated Passt interface, + /// please refer to Kubevirt user guide for alternatives. + /// Deprecated: Removed in v1.3 #[serde(default, skip_serializing_if = "Option::is_none")] pub passt: Option, /// If specified, the virtual network interface will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10 @@ -2335,7 +2323,8 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInt /// List of ports to be forwarded to the virtual machine. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// InterfaceSlirp connects to a given network using QEMU user networking mode. + /// DeprecatedSlirp is an alias to the deprecated Slirp interface + /// Deprecated: Removed in v1.3 #[serde(default, skip_serializing_if = "Option::is_none")] pub slirp: Option, /// InterfaceSRIOV connects to a given network by passing-through an SR-IOV PCI device via vfio. @@ -2393,7 +2382,9 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInt pub value: String, } -/// Deprecated, please refer to Kubevirt user guide for alternatives. +/// DeprecatedMacvtap is an alias to the deprecated Macvtap interface, +/// please refer to Kubevirt user guide for alternatives. +/// Deprecated: Removed in v1.3 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesMacvtap { } @@ -2403,7 +2394,9 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInt pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesMasquerade { } -/// Deprecated, please refer to Kubevirt user guide for alternatives. +/// DeprecatedPasst is an alias to the deprecated Passt interface, +/// please refer to Kubevirt user guide for alternatives. +/// Deprecated: Removed in v1.3 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesPasst { } @@ -2427,7 +2420,8 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInt pub protocol: Option, } -/// InterfaceSlirp connects to a given network using QEMU user networking mode. +/// DeprecatedSlirp is an alias to the deprecated Slirp interface +/// Deprecated: Removed in v1.3 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesSlirp { } @@ -2495,6 +2489,12 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainFeatures { /// Defaults to the machine type setting. #[serde(default, skip_serializing_if = "Option::is_none")] pub hyperv: Option, + /// This enables all supported hyperv flags automatically. + /// Bear in mind that if this enabled hyperV features cannot + /// be enabled explicitly. In addition, a Virtual Machine + /// using it will be non-migratable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hypervPassthrough")] + pub hyperv_passthrough: Option, /// Configure how KVM presence is exposed to the guest. #[serde(default, skip_serializing_if = "Option::is_none")] pub kvm: Option, @@ -2749,6 +2749,16 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainFeaturesHy pub enabled: Option, } +/// This enables all supported hyperv flags automatically. +/// Bear in mind that if this enabled hyperV features cannot +/// be enabled explicitly. In addition, a Virtual Machine +/// using it will be non-migratable. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainFeaturesHypervPassthrough { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// Configure how KVM presence is exposed to the guest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecDomainFeaturesKvm { @@ -3004,7 +3014,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecLivenessProbe { pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported - /// TODO: implement a realistic TCP lifecycle hook #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Number of seconds after which the probe times out. @@ -3072,7 +3081,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecLivenessProbeHtt /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported -/// TODO: implement a realistic TCP lifecycle hook #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3161,7 +3169,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecReadinessProbe { pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported - /// TODO: implement a realistic TCP lifecycle hook #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Number of seconds after which the probe times out. @@ -3229,7 +3236,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecReadinessProbeHt /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported -/// TODO: implement a realistic TCP lifecycle hook #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3288,7 +3294,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecTopologySpreadCo /// Keys that don't exist in the incoming pod labels will /// be ignored. A null or empty list means only match against labelSelector. /// - /// /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, @@ -3322,7 +3327,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecTopologySpreadCo /// Valid values are integers greater than 0. /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. /// - /// /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same /// labelSelector spread as 2/2/2: /// | zone1 | zone2 | zone3 | @@ -3338,7 +3342,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecTopologySpreadCo /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. /// - /// /// If this value is nil, the behavior is equivalent to the Honor policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] @@ -3349,7 +3352,6 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecTopologySpreadCo /// has a toleration, are included. /// - Ignore: node taints are ignored. All nodes are included. /// - /// /// If this value is nil, the behavior is equivalent to the Ignore policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] @@ -3520,9 +3522,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecVolumesCloudInit /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3534,9 +3534,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecVolumesCloudInit /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3573,9 +3571,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecVolumesCloudInit /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3587,9 +3583,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecVolumesCloudInit /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3602,9 +3596,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecVolumesConfigMap /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or it's keys must be defined @@ -3847,9 +3839,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecVolumesSysprepCo /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3861,9 +3851,7 @@ pub struct KubevirtMachineVirtualMachineTemplateSpecTemplateSpecVolumesSysprepSe /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3881,7 +3869,6 @@ pub struct KubevirtMachineStatus { /// reconciling the Machine and will contain a more verbose string suitable /// for logging and human consumption. /// - /// /// This field should not be set for transitive errors that a controller /// faces that are expected to be fixed automatically over /// time (like service outages), but instead indicate that something is @@ -3891,7 +3878,6 @@ pub struct KubevirtMachineStatus { /// spec, values that are unsupported by the controller, or the /// responsible controller itself being critically misconfigured. /// - /// /// Any transient errors that occur during the reconciliation of Machines /// can be added as events to the Machine object and/or logged in the /// controller's output. @@ -3901,7 +3887,6 @@ pub struct KubevirtMachineStatus { /// reconciling the Machine and will contain a succinct value suitable /// for machine interpretation. /// - /// /// This field should not be set for transitive errors that a controller /// faces that are expected to be fixed automatically over /// time (like service outages), but instead indicate that something is @@ -3911,7 +3896,6 @@ pub struct KubevirtMachineStatus { /// spec, values that are unsupported by the controller, or the /// responsible controller itself being critically misconfigured. /// - /// /// Any transient errors that occur during the reconciliation of Machines /// can be added as events to the Machine object and/or logged in the /// controller's output. diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachinetemplates.rs index 2fa02b7b9..921129d00 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1alpha1/kubevirtmachinetemplates.rs @@ -63,7 +63,6 @@ pub struct KubevirtMachineTemplateTemplateSpecInfraClusterSecretRef { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. @@ -136,10 +135,14 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpec { pub run_strategy: Option, /// Running controls whether the associatied VirtualMachineInstance is created or not /// Mutually exclusive with RunStrategy + /// Deprecated: VirtualMachineInstance field "Running" is now deprecated, please use RunStrategy instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub running: Option, /// Template is the direct specification of VirtualMachineInstance pub template: KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate, + /// UpdateVolumesStrategy is the strategy to apply on volumes updates + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateVolumesStrategy")] + pub update_volumes_strategy: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -284,7 +287,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecDataVolu /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -665,17 +668,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecDataVolu /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecDataVolumeTemplatesSpecStorageResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -688,15 +680,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecDataVolu pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecDataVolumeTemplatesSpecStorageResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// A label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecDataVolumeTemplatesSpecStorageSelector { @@ -1222,7 +1205,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1233,7 +1216,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1343,7 +1326,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1354,7 +1337,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1495,7 +1478,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1506,7 +1489,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1616,7 +1599,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1627,7 +1610,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1743,9 +1726,11 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2323,22 +2308,25 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF. #[serde(default, skip_serializing_if = "Option::is_none", rename = "macAddress")] pub mac_address: Option, - /// Deprecated, please refer to Kubevirt user guide for alternatives. + /// DeprecatedMacvtap is an alias to the deprecated Macvtap interface, + /// please refer to Kubevirt user guide for alternatives. + /// Deprecated: Removed in v1.3 #[serde(default, skip_serializing_if = "Option::is_none")] pub macvtap: Option, /// InterfaceMasquerade connects to a given network using netfilter rules to nat the traffic. #[serde(default, skip_serializing_if = "Option::is_none")] pub masquerade: Option, /// Interface model. - /// One of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio. + /// One of: e1000, e1000e, igb, ne2k_pci, pcnet, rtl8139, virtio. /// Defaults to virtio. - /// TODO:(ihar) switch to enums once opengen-api supports them. See: https://github.com/kubernetes/kube-openapi/issues/51 #[serde(default, skip_serializing_if = "Option::is_none")] pub model: Option, /// Logical name of the interface as well as a reference to the associated networks. /// Must match the Name of a Network. pub name: String, - /// Deprecated, please refer to Kubevirt user guide for alternatives. + /// DeprecatedPasst is an alias to the deprecated Passt interface, + /// please refer to Kubevirt user guide for alternatives. + /// Deprecated: Removed in v1.3 #[serde(default, skip_serializing_if = "Option::is_none")] pub passt: Option, /// If specified, the virtual network interface will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10 @@ -2347,7 +2335,8 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// List of ports to be forwarded to the virtual machine. #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, - /// InterfaceSlirp connects to a given network using QEMU user networking mode. + /// DeprecatedSlirp is an alias to the deprecated Slirp interface + /// Deprecated: Removed in v1.3 #[serde(default, skip_serializing_if = "Option::is_none")] pub slirp: Option, /// InterfaceSRIOV connects to a given network by passing-through an SR-IOV PCI device via vfio. @@ -2405,7 +2394,9 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate pub value: String, } -/// Deprecated, please refer to Kubevirt user guide for alternatives. +/// DeprecatedMacvtap is an alias to the deprecated Macvtap interface, +/// please refer to Kubevirt user guide for alternatives. +/// Deprecated: Removed in v1.3 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesMacvtap { } @@ -2415,7 +2406,9 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesMasquerade { } -/// Deprecated, please refer to Kubevirt user guide for alternatives. +/// DeprecatedPasst is an alias to the deprecated Passt interface, +/// please refer to Kubevirt user guide for alternatives. +/// Deprecated: Removed in v1.3 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesPasst { } @@ -2439,7 +2432,8 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate pub protocol: Option, } -/// InterfaceSlirp connects to a given network using QEMU user networking mode. +/// DeprecatedSlirp is an alias to the deprecated Slirp interface +/// Deprecated: Removed in v1.3 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecDomainDevicesInterfacesSlirp { } @@ -2507,6 +2501,12 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// Defaults to the machine type setting. #[serde(default, skip_serializing_if = "Option::is_none")] pub hyperv: Option, + /// This enables all supported hyperv flags automatically. + /// Bear in mind that if this enabled hyperV features cannot + /// be enabled explicitly. In addition, a Virtual Machine + /// using it will be non-migratable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hypervPassthrough")] + pub hyperv_passthrough: Option, /// Configure how KVM presence is exposed to the guest. #[serde(default, skip_serializing_if = "Option::is_none")] pub kvm: Option, @@ -2761,6 +2761,16 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate pub enabled: Option, } +/// This enables all supported hyperv flags automatically. +/// Bear in mind that if this enabled hyperV features cannot +/// be enabled explicitly. In addition, a Virtual Machine +/// using it will be non-migratable. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecDomainFeaturesHypervPassthrough { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// Configure how KVM presence is exposed to the guest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecDomainFeaturesKvm { @@ -3016,7 +3026,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported - /// TODO: implement a realistic TCP lifecycle hook #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Number of seconds after which the probe times out. @@ -3084,7 +3093,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported -/// TODO: implement a realistic TCP lifecycle hook #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3173,7 +3181,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate pub success_threshold: Option, /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported - /// TODO: implement a realistic TCP lifecycle hook #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Number of seconds after which the probe times out. @@ -3241,7 +3248,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// TCPSocket specifies an action involving a TCP port. /// TCP hooks not yet supported -/// TODO: implement a realistic TCP lifecycle hook #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplateSpecReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3300,7 +3306,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// Keys that don't exist in the incoming pod labels will /// be ignored. A null or empty list means only match against labelSelector. /// - /// /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, @@ -3334,7 +3339,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// Valid values are integers greater than 0. /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. /// - /// /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same /// labelSelector spread as 2/2/2: /// | zone1 | zone2 | zone3 | @@ -3350,7 +3354,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. /// - /// /// If this value is nil, the behavior is equivalent to the Honor policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] @@ -3361,7 +3364,6 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// has a toleration, are included. /// - Ignore: node taints are ignored. All nodes are included. /// - /// /// If this value is nil, the behavior is equivalent to the Ignore policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] @@ -3532,9 +3534,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3546,9 +3546,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3585,9 +3583,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3599,9 +3595,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3614,9 +3608,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or it's keys must be defined @@ -3859,9 +3851,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -3873,9 +3863,7 @@ pub struct KubevirtMachineTemplateTemplateSpecVirtualMachineTemplateSpecTemplate /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsclustertemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsclustertemplates.rs index 9e0468822..cb090639c 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsclustertemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsclustertemplates.rs @@ -37,7 +37,7 @@ pub struct IBMPowerVSClusterTemplateTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IBMPowerVSClusterTemplateTemplateMetadata { - /// Annotations is an unstructured key value map stored with a resource that may be + /// annotations is an unstructured key value map stored with a resource that may be /// set by external tools to store and retrieve arbitrary metadata. They are not /// queryable and should be preserved when modifying objects. /// More info: http://kubernetes.io/docs/user-guide/annotations diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachines.rs index e518efd3f..2422808d3 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachines.rs @@ -74,9 +74,7 @@ pub struct IBMPowerVSMachineImageRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -109,7 +107,6 @@ pub struct IBMPowerVSMachineStatus { /// reconciling the Machine and will contain a more verbose string suitable /// for logging and human consumption. /// - /// /// This field should not be set for transitive errors that a controller /// faces that are expected to be fixed automatically over /// time (like service outages), but instead indicate that something is @@ -119,7 +116,6 @@ pub struct IBMPowerVSMachineStatus { /// spec, values that are unsupported by the controller, or the /// responsible controller itself being critically misconfigured. /// - /// /// Any transient errors that occur during the reconciliation of Machines /// can be added as events to the Machine object and/or logged in the /// controller's output. @@ -129,7 +125,6 @@ pub struct IBMPowerVSMachineStatus { /// reconciling the Machine and will contain a succinct value suitable /// for machine interpretation. /// - /// /// This field should not be set for transitive errors that a controller /// faces that are expected to be fixed automatically over /// time (like service outages), but instead indicate that something is @@ -139,7 +134,6 @@ pub struct IBMPowerVSMachineStatus { /// spec, values that are unsupported by the controller, or the /// responsible controller itself being critically misconfigured. /// - /// /// Any transient errors that occur during the reconciliation of Machines /// can be added as events to the Machine object and/or logged in the /// controller's output. diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachinetemplates.rs index ae74e2845..751f2cc9b 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmpowervsmachinetemplates.rs @@ -89,9 +89,7 @@ pub struct IBMPowerVSMachineTemplateTemplateSpecImageRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachines.rs index 8d7bbe470..ddaf04129 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachines.rs @@ -35,7 +35,6 @@ pub struct IBMVPCMachineSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "primaryNetworkInterface")] pub primary_network_interface: Option, /// Profile indicates the flavor of instance. Example: bx2-8x32 means 8 vCPUs 32 GB RAM 16 Gbps - /// TODO: add a reference link of profile #[serde(default, skip_serializing_if = "Option::is_none")] pub profile: Option, /// ProviderID is the unique identifier as specified by the cloud provider. @@ -48,7 +47,6 @@ pub struct IBMVPCMachineSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option>, /// Zone is the place where the instance should be created. Example: us-south-3 - /// TODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2 pub zone: String, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachinetemplates.rs index da06e2c93..eb23150ed 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/ibmvpcmachinetemplates.rs @@ -48,7 +48,6 @@ pub struct IBMVPCMachineTemplateTemplateSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "primaryNetworkInterface")] pub primary_network_interface: Option, /// Profile indicates the flavor of instance. Example: bx2-8x32 means 8 vCPUs 32 GB RAM 16 Gbps - /// TODO: add a reference link of profile #[serde(default, skip_serializing_if = "Option::is_none")] pub profile: Option, /// ProviderID is the unique identifier as specified by the cloud provider. @@ -61,7 +60,6 @@ pub struct IBMVPCMachineTemplateTemplateSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option>, /// Zone is the place where the instance should be created. Example: us-south-3 - /// TODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2 pub zone: String, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachines.rs index be70eab79..cb8a847fa 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachines.rs @@ -67,12 +67,21 @@ pub struct TinkerbellMachineSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TinkerbellMachineBootOptions { /// BootMode is the type of booting that will be done. + /// Must be one of "none", "netboot", or "iso". #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootMode")] pub boot_mode: Option, /// ISOURL is the URL of the ISO that will be one-time booted. - /// When this field is set, the controller will create a job.bmc.tinkerbell.org object - /// for getting the associated hardware into a CDROM booting state. /// A HardwareRef that contains a spec.BmcRef must be provided. + /// + /// The format of the ISOURL must be http://$IP:$Port/iso/hook.iso + /// The name of the ISO file must have the .iso extension, but the name can be anything. + /// The $IP and $Port should generally point to the IP and Port of the Smee server + /// as this is where the ISO patching endpoint lives. + /// The controller will append the MAC address of the hardware in the ISO URL + /// right before the iso file name in the URL. + /// MAC address is then used to retrieve hardware specific information such as + /// IPAM info, custom kernel cmd line args and populate the worker ID for the tink worker/agent. + /// For ex. the above format would be replaced to http://$IP:$Port/iso//hook.iso #[serde(default, skip_serializing_if = "Option::is_none", rename = "isoURL")] pub iso_url: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachinetemplates.rs index 0dde3a370..0ff894dea 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/tinkerbellmachinetemplates.rs @@ -80,12 +80,21 @@ pub struct TinkerbellMachineTemplateTemplateSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TinkerbellMachineTemplateTemplateSpecBootOptions { /// BootMode is the type of booting that will be done. + /// Must be one of "none", "netboot", or "iso". #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootMode")] pub boot_mode: Option, /// ISOURL is the URL of the ISO that will be one-time booted. - /// When this field is set, the controller will create a job.bmc.tinkerbell.org object - /// for getting the associated hardware into a CDROM booting state. /// A HardwareRef that contains a spec.BmcRef must be provided. + /// + /// The format of the ISOURL must be http://$IP:$Port/iso/hook.iso + /// The name of the ISO file must have the .iso extension, but the name can be anything. + /// The $IP and $Port should generally point to the IP and Port of the Smee server + /// as this is where the ISO patching endpoint lives. + /// The controller will append the MAC address of the hardware in the ISO URL + /// right before the iso file name in the URL. + /// MAC address is then used to retrieve hardware specific information such as + /// IPAM info, custom kernel cmd line args and populate the worker ID for the tink worker/agent. + /// For ex. the above format would be replaced to http://$IP:$Port/iso//hook.iso #[serde(default, skip_serializing_if = "Option::is_none", rename = "isoURL")] pub iso_url: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherefailuredomains.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherefailuredomains.rs index de0389ab4..ddff0842b 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherefailuredomains.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherefailuredomains.rs @@ -64,6 +64,9 @@ pub struct VSphereFailureDomainTopology { /// Hosts has information required for placement of machines on VSphere hosts. #[serde(default, skip_serializing_if = "Option::is_none")] pub hosts: Option, + /// NetworkConfigurations is a list of network configurations within this failure domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkConfigurations")] + pub network_configurations: Option>, /// Networks is the list of networks within this failure domain #[serde(default, skip_serializing_if = "Option::is_none")] pub networks: Option>, @@ -80,6 +83,162 @@ pub struct VSphereFailureDomainTopologyHosts { pub vm_group_name: String, } +/// NetworkConfiguration defines a network configuration that should be used when consuming +/// a failure domain. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereFailureDomainTopologyNetworkConfigurations { + /// AddressesFromPools is a list of IPAddressPools that should be assigned + /// to IPAddressClaims. The machine's cloud-init metadata will be populated + /// with IPAddresses fulfilled by an IPAM provider. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "addressesFromPools")] + pub addresses_from_pools: Option>, + /// DHCP4 is a flag that indicates whether or not to use DHCP for IPv4. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dhcp4: Option, + /// DHCP4Overrides allows for the control over several DHCP behaviors. + /// Overrides will only be applied when the corresponding DHCP flag is set. + /// Only configured values will be sent, omitted values will default to + /// distribution defaults. + /// Dependent on support in the network stack for your distribution. + /// For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dhcp4Overrides")] + pub dhcp4_overrides: Option, + /// DHCP6 is a flag that indicates whether or not to use DHCP for IPv6. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dhcp6: Option, + /// DHCP6Overrides allows for the control over several DHCP behaviors. + /// Overrides will only be applied when the corresponding DHCP flag is set. + /// Only configured values will be sent, omitted values will default to + /// distribution defaults. + /// Dependent on support in the network stack for your distribution. + /// For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dhcp6Overrides")] + pub dhcp6_overrides: Option, + /// Nameservers is a list of IPv4 and/or IPv6 addresses used as DNS + /// nameservers. + /// Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub nameservers: Option>, + /// NetworkName is the network name for this machine's VM. + #[serde(rename = "networkName")] + pub network_name: String, + /// SearchDomains is a list of search domains used when resolving IP + /// addresses with DNS. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "searchDomains")] + pub search_domains: Option>, +} + +/// TypedLocalObjectReference contains enough information to let you locate the +/// typed referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereFailureDomainTopologyNetworkConfigurationsAddressesFromPools { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, +} + +/// DHCP4Overrides allows for the control over several DHCP behaviors. +/// Overrides will only be applied when the corresponding DHCP flag is set. +/// Only configured values will be sent, omitted values will default to +/// distribution defaults. +/// Dependent on support in the network stack for your distribution. +/// For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereFailureDomainTopologyNetworkConfigurationsDhcp4Overrides { + /// Hostname is the name which will be sent to the DHCP server instead of + /// the machine's hostname. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub hostname: Option, + /// RouteMetric is used to prioritize routes for devices. A lower metric for + /// an interface will have a higher priority. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeMetric")] + pub route_metric: Option, + /// SendHostname when `true`, the hostname of the machine will be sent to the + /// DHCP server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sendHostname")] + pub send_hostname: Option, + /// UseDNS when `true`, the DNS servers in the DHCP server will be used and + /// take precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useDNS")] + pub use_dns: Option, + /// UseDomains can take the values `true`, `false`, or `route`. When `true`, + /// the domain name from the DHCP server will be used as the DNS search + /// domain for this device. When `route`, the domain name from the DHCP + /// response will be used for routing DNS only, not for searching. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useDomains")] + pub use_domains: Option, + /// UseHostname when `true`, the hostname from the DHCP server will be set + /// as the transient hostname of the machine. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useHostname")] + pub use_hostname: Option, + /// UseMTU when `true`, the MTU from the DHCP server will be set as the + /// MTU of the device. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useMTU")] + pub use_mtu: Option, + /// UseNTP when `true`, the NTP servers from the DHCP server will be used + /// by systemd-timesyncd and take precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useNTP")] + pub use_ntp: Option, + /// UseRoutes when `true`, the routes from the DHCP server will be installed + /// in the routing table. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useRoutes")] + pub use_routes: Option, +} + +/// DHCP6Overrides allows for the control over several DHCP behaviors. +/// Overrides will only be applied when the corresponding DHCP flag is set. +/// Only configured values will be sent, omitted values will default to +/// distribution defaults. +/// Dependent on support in the network stack for your distribution. +/// For more information see the netplan reference (https://netplan.io/reference#dhcp-overrides) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereFailureDomainTopologyNetworkConfigurationsDhcp6Overrides { + /// Hostname is the name which will be sent to the DHCP server instead of + /// the machine's hostname. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub hostname: Option, + /// RouteMetric is used to prioritize routes for devices. A lower metric for + /// an interface will have a higher priority. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "routeMetric")] + pub route_metric: Option, + /// SendHostname when `true`, the hostname of the machine will be sent to the + /// DHCP server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sendHostname")] + pub send_hostname: Option, + /// UseDNS when `true`, the DNS servers in the DHCP server will be used and + /// take precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useDNS")] + pub use_dns: Option, + /// UseDomains can take the values `true`, `false`, or `route`. When `true`, + /// the domain name from the DHCP server will be used as the DNS search + /// domain for this device. When `route`, the domain name from the DHCP + /// response will be used for routing DNS only, not for searching. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useDomains")] + pub use_domains: Option, + /// UseHostname when `true`, the hostname from the DHCP server will be set + /// as the transient hostname of the machine. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useHostname")] + pub use_hostname: Option, + /// UseMTU when `true`, the MTU from the DHCP server will be set as the + /// MTU of the device. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useMTU")] + pub use_mtu: Option, + /// UseNTP when `true`, the NTP servers from the DHCP server will be used + /// by systemd-timesyncd and take precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useNTP")] + pub use_ntp: Option, + /// UseRoutes when `true`, the routes from the DHCP server will be installed + /// in the routing table. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useRoutes")] + pub use_routes: Option, +} + /// Zone defines the name and type of a zone #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct VSphereFailureDomainZone { diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs index 1807d81c8..02948e0a7 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachines.rs @@ -39,13 +39,16 @@ pub struct VSphereMachineSpec { /// Defaults to empty map #[serde(default, skip_serializing_if = "Option::is_none", rename = "customVMXKeys")] pub custom_vmx_keys: Option>, - /// Datacenter is the name or inventory path of the datacenter in which the - /// virtual machine is created/located. + /// DataDisks are additional disks to add to the VM that are not part of the VM's OVA template. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataDisks")] + pub data_disks: Option>, + /// Datacenter is the name, inventory path, managed object reference or the managed + /// object ID of the datacenter in which the virtual machine is created/located. /// Defaults to * which selects the default datacenter. #[serde(default, skip_serializing_if = "Option::is_none")] pub datacenter: Option, - /// Datastore is the name or inventory path of the datastore in which the - /// virtual machine is created/located. + /// Datastore is the name, inventory path, managed object reference or the managed + /// object ID of the datastore in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none")] pub datastore: Option, /// DiskGiB is the size of a virtual machine's disk, in GiB. @@ -57,8 +60,8 @@ pub struct VSphereMachineSpec { /// For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomain")] pub failure_domain: Option, - /// Folder is the name or inventory path of the folder in which the - /// virtual machine is created/located. + /// Folder is the name, inventory path, managed object reference or the managed + /// object ID of the folder in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none")] pub folder: Option, /// GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. @@ -81,6 +84,9 @@ pub struct VSphereMachineSpec { /// virtual machine is cloned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryMiB")] pub memory_mi_b: Option, + /// NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namingStrategy")] + pub naming_strategy: Option, /// Network is the network configuration for this machine's VM. pub network: VSphereMachineNetwork, /// NumCPUs is the number of virtual processors in a virtual machine. @@ -118,8 +124,8 @@ pub struct VSphereMachineSpec { /// vsphere://12345678-1234-1234-1234-123456789abc #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerID")] pub provider_id: Option, - /// ResourcePool is the name or inventory path of the resource pool in which - /// the virtual machine is created/located. + /// ResourcePool is the name, inventory path, managed object reference or the managed + /// object ID in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePool")] pub resource_pool: Option, /// Server is the IP address or FQDN of the vSphere server on which @@ -139,8 +145,8 @@ pub struct VSphereMachineSpec { /// must use URN-notation instead of display names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagIDs")] pub tag_i_ds: Option>, - /// Template is the name or inventory path of the template used to clone - /// the virtual machine. + /// Template is the name, inventory path, managed object reference or the managed + /// object ID of the template used to clone the virtual machine. pub template: String, /// Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate /// When this is set to empty, this VirtualMachine would be created @@ -150,6 +156,50 @@ pub struct VSphereMachineSpec { pub thumbprint: Option, } +/// VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereMachineDataDisks { + /// Name is used to identify the disk definition. Name is required and needs to be unique so that it can be used to + /// clearly identify purpose of the disk. + pub name: String, + /// ProvisioningMode specifies the provisioning type to be used by this vSphere data disk. + /// If not set, the setting will be provided by the default storage policy. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "provisioningMode")] + pub provisioning_mode: Option, + /// SizeGiB is the size of the disk in GiB. + #[serde(rename = "sizeGiB")] + pub size_gi_b: i32, +} + +/// VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum VSphereMachineDataDisksProvisioningMode { + Thin, + Thick, + EagerlyZeroed, +} + +/// NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereMachineNamingStrategy { + /// Template defines the template to use for generating the name of the VSphereVM object. + /// If not defined, it will fall back to `{{ .machine.name }}`. + /// The templating has the following data available: + /// * `.machine.name`: The name of the Machine object. + /// The templating also has the following funcs available: + /// * `trimSuffix`: same as strings.TrimSuffix + /// * `trunc`: truncates a string, e.g. `trunc 2 "hello"` or `trunc -2 "hello"` + /// Notes: + /// * While the template offers some flexibility, we would like the name to link to the Machine name + /// to ensure better user experience when troubleshooting + /// * Generated names must be valid Kubernetes names as they are used to create a VSphereVM object + /// and usually also as the name of the Node object. + /// * Names are automatically truncated at 63 characters. Please note that this can lead to name conflicts, + /// so we highly recommend to use a template which leads to a name shorter than 63 characters. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, +} + /// Network is the network configuration for this machine's VM. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VSphereMachineNetwork { @@ -235,8 +285,8 @@ pub struct VSphereMachineNetworkDevices { /// Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, - /// NetworkName is the name of the vSphere network to which the device - /// will be connected. + /// NetworkName is the name, managed object reference or the managed + /// object ID of the vSphere network to which the device will be connected. #[serde(rename = "networkName")] pub network_name: String, /// Routes is a list of optional, static routes applied to the device. @@ -485,9 +535,9 @@ pub struct VSphereMachineStatus { /// MachineAddress contains information for the node's address. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VSphereMachineStatusAddresses { - /// The machine address. + /// address is the machine address. pub address: String, - /// Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + /// type is the machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. #[serde(rename = "type")] pub r#type: String, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs index 12911f2dc..42f9ca029 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspheremachinetemplates.rs @@ -43,7 +43,7 @@ pub struct VSphereMachineTemplateTemplateMetadata { /// More info: http://kubernetes.io/docs/user-guide/annotations #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Map of string keys and values that can be used to organize and categorize + /// labels is a map of string keys and values that can be used to organize and categorize /// (scope and select) objects. May match selectors of replication controllers /// and services. /// More info: http://kubernetes.io/docs/user-guide/labels @@ -73,13 +73,16 @@ pub struct VSphereMachineTemplateTemplateSpec { /// Defaults to empty map #[serde(default, skip_serializing_if = "Option::is_none", rename = "customVMXKeys")] pub custom_vmx_keys: Option>, - /// Datacenter is the name or inventory path of the datacenter in which the - /// virtual machine is created/located. + /// DataDisks are additional disks to add to the VM that are not part of the VM's OVA template. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataDisks")] + pub data_disks: Option>, + /// Datacenter is the name, inventory path, managed object reference or the managed + /// object ID of the datacenter in which the virtual machine is created/located. /// Defaults to * which selects the default datacenter. #[serde(default, skip_serializing_if = "Option::is_none")] pub datacenter: Option, - /// Datastore is the name or inventory path of the datastore in which the - /// virtual machine is created/located. + /// Datastore is the name, inventory path, managed object reference or the managed + /// object ID of the datastore in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none")] pub datastore: Option, /// DiskGiB is the size of a virtual machine's disk, in GiB. @@ -91,8 +94,8 @@ pub struct VSphereMachineTemplateTemplateSpec { /// For this infrastructure provider, the name is equivalent to the name of the VSphereDeploymentZone. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureDomain")] pub failure_domain: Option, - /// Folder is the name or inventory path of the folder in which the - /// virtual machine is created/located. + /// Folder is the name, inventory path, managed object reference or the managed + /// object ID of the folder in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none")] pub folder: Option, /// GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. @@ -115,6 +118,9 @@ pub struct VSphereMachineTemplateTemplateSpec { /// virtual machine is cloned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memoryMiB")] pub memory_mi_b: Option, + /// NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namingStrategy")] + pub naming_strategy: Option, /// Network is the network configuration for this machine's VM. pub network: VSphereMachineTemplateTemplateSpecNetwork, /// NumCPUs is the number of virtual processors in a virtual machine. @@ -152,8 +158,8 @@ pub struct VSphereMachineTemplateTemplateSpec { /// vsphere://12345678-1234-1234-1234-123456789abc #[serde(default, skip_serializing_if = "Option::is_none", rename = "providerID")] pub provider_id: Option, - /// ResourcePool is the name or inventory path of the resource pool in which - /// the virtual machine is created/located. + /// ResourcePool is the name, inventory path, managed object reference or the managed + /// object ID in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePool")] pub resource_pool: Option, /// Server is the IP address or FQDN of the vSphere server on which @@ -173,8 +179,8 @@ pub struct VSphereMachineTemplateTemplateSpec { /// must use URN-notation instead of display names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagIDs")] pub tag_i_ds: Option>, - /// Template is the name or inventory path of the template used to clone - /// the virtual machine. + /// Template is the name, inventory path, managed object reference or the managed + /// object ID of the template used to clone the virtual machine. pub template: String, /// Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate /// When this is set to empty, this VirtualMachine would be created @@ -184,6 +190,50 @@ pub struct VSphereMachineTemplateTemplateSpec { pub thumbprint: Option, } +/// VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereMachineTemplateTemplateSpecDataDisks { + /// Name is used to identify the disk definition. Name is required and needs to be unique so that it can be used to + /// clearly identify purpose of the disk. + pub name: String, + /// ProvisioningMode specifies the provisioning type to be used by this vSphere data disk. + /// If not set, the setting will be provided by the default storage policy. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "provisioningMode")] + pub provisioning_mode: Option, + /// SizeGiB is the size of the disk in GiB. + #[serde(rename = "sizeGiB")] + pub size_gi_b: i32, +} + +/// VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum VSphereMachineTemplateTemplateSpecDataDisksProvisioningMode { + Thin, + Thick, + EagerlyZeroed, +} + +/// NamingStrategy allows configuring the naming strategy used when calculating the name of the VSphereVM. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereMachineTemplateTemplateSpecNamingStrategy { + /// Template defines the template to use for generating the name of the VSphereVM object. + /// If not defined, it will fall back to `{{ .machine.name }}`. + /// The templating has the following data available: + /// * `.machine.name`: The name of the Machine object. + /// The templating also has the following funcs available: + /// * `trimSuffix`: same as strings.TrimSuffix + /// * `trunc`: truncates a string, e.g. `trunc 2 "hello"` or `trunc -2 "hello"` + /// Notes: + /// * While the template offers some flexibility, we would like the name to link to the Machine name + /// to ensure better user experience when troubleshooting + /// * Generated names must be valid Kubernetes names as they are used to create a VSphereVM object + /// and usually also as the name of the Node object. + /// * Names are automatically truncated at 63 characters. Please note that this can lead to name conflicts, + /// so we highly recommend to use a template which leads to a name shorter than 63 characters. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, +} + /// Network is the network configuration for this machine's VM. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VSphereMachineTemplateTemplateSpecNetwork { @@ -269,8 +319,8 @@ pub struct VSphereMachineTemplateTemplateSpecNetworkDevices { /// Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, - /// NetworkName is the name of the vSphere network to which the device - /// will be connected. + /// NetworkName is the name, managed object reference or the managed + /// object ID of the vSphere network to which the device will be connected. #[serde(rename = "networkName")] pub network_name: String, /// Routes is a list of optional, static routes applied to the device. diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs index fab4a7081..169e7ff89 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta1/vspherevms.rs @@ -52,13 +52,16 @@ pub struct VSphereVMSpec { /// Defaults to empty map #[serde(default, skip_serializing_if = "Option::is_none", rename = "customVMXKeys")] pub custom_vmx_keys: Option>, - /// Datacenter is the name or inventory path of the datacenter in which the - /// virtual machine is created/located. + /// DataDisks are additional disks to add to the VM that are not part of the VM's OVA template. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataDisks")] + pub data_disks: Option>, + /// Datacenter is the name, inventory path, managed object reference or the managed + /// object ID of the datacenter in which the virtual machine is created/located. /// Defaults to * which selects the default datacenter. #[serde(default, skip_serializing_if = "Option::is_none")] pub datacenter: Option, - /// Datastore is the name or inventory path of the datastore in which the - /// virtual machine is created/located. + /// Datastore is the name, inventory path, managed object reference or the managed + /// object ID of the datastore in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none")] pub datastore: Option, /// DiskGiB is the size of a virtual machine's disk, in GiB. @@ -66,8 +69,8 @@ pub struct VSphereVMSpec { /// virtual machine is cloned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskGiB")] pub disk_gi_b: Option, - /// Folder is the name or inventory path of the folder in which the - /// virtual machine is created/located. + /// Folder is the name, inventory path, managed object reference or the managed + /// object ID of the folder in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none")] pub folder: Option, /// GuestSoftPowerOffTimeout sets the wait timeout for shutdown in the VM guest. @@ -123,8 +126,8 @@ pub struct VSphereVMSpec { /// If omitted, the mode defaults to hard. #[serde(default, skip_serializing_if = "Option::is_none", rename = "powerOffMode")] pub power_off_mode: Option, - /// ResourcePool is the name or inventory path of the resource pool in which - /// the virtual machine is created/located. + /// ResourcePool is the name, inventory path, managed object reference or the managed + /// object ID in which the virtual machine is created/located. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourcePool")] pub resource_pool: Option, /// Server is the IP address or FQDN of the vSphere server on which @@ -144,8 +147,8 @@ pub struct VSphereVMSpec { /// must use URN-notation instead of display names. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagIDs")] pub tag_i_ds: Option>, - /// Template is the name or inventory path of the template used to clone - /// the virtual machine. + /// Template is the name, inventory path, managed object reference or the managed + /// object ID of the template used to clone the virtual machine. pub template: String, /// Thumbprint is the colon-separated SHA-1 checksum of the given vCenter server's host certificate /// When this is set to empty, this VirtualMachine would be created @@ -195,6 +198,29 @@ pub struct VSphereVMBootstrapRef { pub uid: Option, } +/// VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct VSphereVMDataDisks { + /// Name is used to identify the disk definition. Name is required and needs to be unique so that it can be used to + /// clearly identify purpose of the disk. + pub name: String, + /// ProvisioningMode specifies the provisioning type to be used by this vSphere data disk. + /// If not set, the setting will be provided by the default storage policy. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "provisioningMode")] + pub provisioning_mode: Option, + /// SizeGiB is the size of the disk in GiB. + #[serde(rename = "sizeGiB")] + pub size_gi_b: i32, +} + +/// VSphereDisk is an additional disk to add to the VM that is not part of the VM OVA template. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum VSphereVMDataDisksProvisioningMode { + Thin, + Thick, + EagerlyZeroed, +} + /// Network is the network configuration for this machine's VM. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VSphereVMNetwork { @@ -280,8 +306,8 @@ pub struct VSphereVMNetworkDevices { /// Please note that Linux allows only three nameservers (https://linux.die.net/man/5/resolv.conf). #[serde(default, skip_serializing_if = "Option::is_none")] pub nameservers: Option>, - /// NetworkName is the name of the vSphere network to which the device - /// will be connected. + /// NetworkName is the name, managed object reference or the managed + /// object ID of the vSphere network to which the device will be connected. #[serde(rename = "networkName")] pub network_name: String, /// Routes is a list of optional, static routes applied to the device. diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsclustertemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsclustertemplates.rs index 0e7a01706..71bdc61e6 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsclustertemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsclustertemplates.rs @@ -37,7 +37,7 @@ pub struct IBMPowerVSClusterTemplateTemplate { /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IBMPowerVSClusterTemplateTemplateMetadata { - /// Annotations is an unstructured key value map stored with a resource that may be + /// annotations is an unstructured key value map stored with a resource that may be /// set by external tools to store and retrieve arbitrary metadata. They are not /// queryable and should be preserved when modifying objects. /// More info: http://kubernetes.io/docs/user-guide/annotations diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachines.rs index ed22c34af..e5d4e3903 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachines.rs @@ -119,9 +119,7 @@ pub struct IBMPowerVSMachineImageRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -201,7 +199,6 @@ pub struct IBMPowerVSMachineStatus { /// reconciling the Machine and will contain a more verbose string suitable /// for logging and human consumption. /// - /// /// This field should not be set for transitive errors that a controller /// faces that are expected to be fixed automatically over /// time (like service outages), but instead indicate that something is @@ -211,7 +208,6 @@ pub struct IBMPowerVSMachineStatus { /// spec, values that are unsupported by the controller, or the /// responsible controller itself being critically misconfigured. /// - /// /// Any transient errors that occur during the reconciliation of Machines /// can be added as events to the Machine object and/or logged in the /// controller's output. @@ -221,7 +217,6 @@ pub struct IBMPowerVSMachineStatus { /// reconciling the Machine and will contain a succinct value suitable /// for machine interpretation. /// - /// /// This field should not be set for transitive errors that a controller /// faces that are expected to be fixed automatically over /// time (like service outages), but instead indicate that something is @@ -231,7 +226,6 @@ pub struct IBMPowerVSMachineStatus { /// spec, values that are unsupported by the controller, or the /// responsible controller itself being critically misconfigured. /// - /// /// Any transient errors that occur during the reconciliation of Machines /// can be added as events to the Machine object and/or logged in the /// controller's output. diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachinetemplates.rs index 1040be4e3..10a391fe2 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmpowervsmachinetemplates.rs @@ -133,9 +133,7 @@ pub struct IBMPowerVSMachineTemplateTemplateSpecImageRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachines.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachines.rs index 4d0a376a7..0082265f1 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachines.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachines.rs @@ -42,7 +42,6 @@ pub struct IBMVPCMachineSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "primaryNetworkInterface")] pub primary_network_interface: Option, /// Profile indicates the flavor of instance. Example: bx2-8x32 means 8 vCPUs 32 GB RAM 16 Gbps - /// TODO: add a reference link of profile #[serde(default, skip_serializing_if = "Option::is_none")] pub profile: Option, /// ProviderID is the unique identifier as specified by the cloud provider. @@ -53,7 +52,6 @@ pub struct IBMVPCMachineSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option>, /// Zone is the place where the instance should be created. Example: us-south-3 - /// TODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2 pub zone: String, } diff --git a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachinetemplates.rs b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachinetemplates.rs index 4f50c776f..c4efdc6ba 100644 --- a/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachinetemplates.rs +++ b/kube-custom-resources-rs/src/infrastructure_cluster_x_k8s_io/v1beta2/ibmvpcmachinetemplates.rs @@ -57,7 +57,6 @@ pub struct IBMVPCMachineTemplateTemplateSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "primaryNetworkInterface")] pub primary_network_interface: Option, /// Profile indicates the flavor of instance. Example: bx2-8x32 means 8 vCPUs 32 GB RAM 16 Gbps - /// TODO: add a reference link of profile #[serde(default, skip_serializing_if = "Option::is_none")] pub profile: Option, /// ProviderID is the unique identifier as specified by the cloud provider. @@ -68,7 +67,6 @@ pub struct IBMVPCMachineTemplateTemplateSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "sshKeys")] pub ssh_keys: Option>, /// Zone is the place where the instance should be created. Example: us-south-3 - /// TODO: Actually zone is transparent to user. The field user can access is location. Example: Dallas 2 pub zone: String, } diff --git a/kube-custom-resources-rs/src/installation_mattermost_com/v1beta1/mattermosts.rs b/kube-custom-resources-rs/src/installation_mattermost_com/v1beta1/mattermosts.rs index 85bcfe62b..dc06164c4 100644 --- a/kube-custom-resources-rs/src/installation_mattermost_com/v1beta1/mattermosts.rs +++ b/kube-custom-resources-rs/src/installation_mattermost_com/v1beta1/mattermosts.rs @@ -60,6 +60,9 @@ pub struct MattermostSpec { /// Deprecated: Use Spec.Ingress.Host instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressName")] pub ingress_name: Option, + /// JobServer defines configuration for the Mattermost job server. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobServer")] + pub job_server: Option, /// LicenseSecret is the name of the secret containing a Mattermost license. #[serde(default, skip_serializing_if = "Option::is_none", rename = "licenseSecret")] pub license_secret: Option, @@ -473,6 +476,17 @@ pub struct MattermostIngressHosts { pub host_name: Option, } +/// JobServer defines configuration for the Mattermost job server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MattermostJobServer { + /// Determines whether to create a dedicated Mattermost server deployment + /// which is configured to run scheduled jobs. This deployment will recieve + /// no user traffic and the primary Mattermost deployment will no longer be + /// configured to run jobs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dedicatedJobServer")] + pub dedicated_job_server: Option, +} + /// EnvVar represents an environment variable present in a Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MattermostMattermostEnv { diff --git a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs index 6a6afc9e9..e96c74245 100644 --- a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs +++ b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs @@ -54,6 +54,7 @@ pub struct JobSetSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicatedJobs")] pub replicated_jobs: Option>, /// StartupPolicy, if set, configures in what order jobs must be started + /// Deprecated: StartupPolicy is deprecated, please use the DependsOn API. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupPolicy")] pub startup_policy: Option, /// SuccessPolicy configures when to declare the JobSet as @@ -181,6 +182,17 @@ pub struct JobSetNetwork { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobs { + /// DependsOn is an optional list that specifies the preceding ReplicatedJobs upon which + /// the current ReplicatedJob depends. If specified, the ReplicatedJob will be created + /// only after the referenced ReplicatedJobs reach their desired state. + /// The Order of ReplicatedJobs is defined by their enumeration in the slice. + /// Note, that the first ReplicatedJob in the slice cannot use the DependsOn API. + /// Currently, only a single item is supported in the DependsOn list. + /// If JobSet is suspended the all active ReplicatedJobs will be suspended. When JobSet is + /// resumed the Job sequence starts again. + /// This API is mutually exclusive with the StartupPolicy API. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependsOn")] + pub depends_on: Option>, /// Name is the name of the entry and will be used as a suffix /// for the Job name. pub name: String, @@ -192,6 +204,22 @@ pub struct JobSetReplicatedJobs { pub template: JobSetReplicatedJobsTemplate, } +/// DependsOn defines the dependency on the previous ReplicatedJob status. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct JobSetReplicatedJobsDependsOn { + /// Name of the previous ReplicatedJob. + pub name: String, + /// Status defines the condition for the ReplicatedJob. Only Ready or Complete status can be set. + pub status: JobSetReplicatedJobsDependsOnStatus, +} + +/// DependsOn defines the dependency on the previous ReplicatedJob status. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum JobSetReplicatedJobsDependsOnStatus { + Ready, + Complete, +} + /// Template defines the template of the Job that will be created. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplate { @@ -288,8 +316,8 @@ pub struct JobSetReplicatedJobsTemplateSpec { /// characters as defined by RFC 3986. The value cannot exceed 63 characters. /// This field is immutable. /// - /// This field is alpha-level. The job controller accepts setting the field - /// when the feature gate JobManagedBy is enabled (disabled by default). + /// This field is beta-level. The job controller accepts setting the field + /// when the feature gate JobManagedBy is enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedBy")] pub managed_by: Option, /// manualSelector controls generation of pod labels and pod selectors. @@ -775,6 +803,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpec { /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaims")] pub resource_claims: Option>, + /// Resources is the total amount of CPU and Memory resources required by all + /// containers in the pod. It supports specifying Requests and Limits for + /// "cpu" and "memory" resource names only. ResourceClaims are not supported. + /// + /// This field enables fine-grained control over resource allocation for the + /// entire pod, allowing resource sharing among containers in a pod. + /// + /// This is an alpha field and requires enabling the PodLevelResources feature + /// gate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, /// Restart policy for all containers within the pod. /// One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. /// Default to Always. @@ -1894,23 +1933,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1922,7 +1961,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostSt pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1955,7 +1994,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostSt pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1963,8 +2002,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostSt } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1987,23 +2026,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePostSt /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2015,7 +2054,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreSto pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2048,7 +2087,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreSto pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2056,8 +2095,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreSto } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2075,17 +2114,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLifecyclePreSto /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2100,7 +2139,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2122,7 +2161,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2134,7 +2173,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbeEx pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2147,7 +2186,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbeGr pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2180,7 +2219,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbeHt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2225,17 +2264,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2250,7 +2289,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbe /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2272,7 +2311,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbe pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2284,7 +2323,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbeE pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2297,7 +2336,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbeG pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2330,7 +2369,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbeH pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2593,17 +2632,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersSecurityContext /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2618,7 +2657,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2640,7 +2679,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2652,7 +2691,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbeExe pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2665,7 +2704,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbeGrp pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2698,7 +2737,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbeHtt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2797,9 +2836,11 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3123,23 +3164,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3151,7 +3192,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3184,7 +3225,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -3192,8 +3233,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3216,23 +3257,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3244,7 +3285,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3277,7 +3318,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -3285,8 +3326,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3301,17 +3342,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLifecy /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3326,7 +3367,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivene /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3348,7 +3389,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivene pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3360,7 +3401,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivene pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3373,7 +3414,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivene pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3406,7 +3447,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivene pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3448,17 +3489,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersPorts /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3473,7 +3514,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadin /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3495,7 +3536,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadin pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3507,7 +3548,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadin pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3520,7 +3561,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadin pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3553,7 +3594,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadin pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3808,17 +3849,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersSecuri /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3833,7 +3874,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartu /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3855,7 +3896,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartu pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3867,7 +3908,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartu pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3880,7 +3921,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartu pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3913,7 +3954,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartu pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4350,23 +4391,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4378,7 +4419,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePo pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4411,7 +4452,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePo pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -4419,8 +4460,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePo } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4443,23 +4484,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePo /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4471,7 +4512,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePr pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4504,7 +4545,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePr pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -4512,8 +4553,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePr } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4531,17 +4572,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLifecyclePr /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4556,7 +4597,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessPro /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4578,7 +4619,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessPro pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4590,7 +4631,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessPro pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4603,7 +4644,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessPro pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4636,7 +4677,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessPro pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4681,17 +4722,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4706,7 +4747,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessPr /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4728,7 +4769,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessPr pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4740,7 +4781,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessPr pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4753,7 +4794,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessPr pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4786,7 +4827,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessPr pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5049,17 +5090,17 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersSecurityCon /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -5074,7 +5115,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProb /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -5096,7 +5137,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProb pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5108,7 +5149,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProb pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -5121,7 +5162,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProb pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5154,7 +5195,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProb pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5312,6 +5353,52 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecResourceClaims { pub resource_claim_template_name: Option, } +/// Resources is the total amount of CPU and Memory resources required by all +/// containers in the pod. It supports specifying Requests and Limits for +/// "cpu" and "memory" resource names only. ResourceClaims are not supported. +/// +/// This field enables fine-grained control over resource allocation for the +/// entire pod, allowing resource sharing among containers in a pod. +/// +/// This is an alpha field and requires enabling the PodLevelResources feature +/// gate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, +} + /// PodSchedulingGate is associated to a Pod to guard its scheduling. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecSchedulingGates { @@ -5373,6 +5460,31 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -5694,26 +5806,35 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecTopologySpreadConstraints pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -5754,23 +5875,28 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -5815,23 +5941,30 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -5839,15 +5972,20 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesAwsElasticBlockStore { @@ -5874,6 +6012,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesAwsElasticBlockSto } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -5900,6 +6040,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -5914,7 +6056,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -5956,6 +6099,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCinder { @@ -6046,7 +6191,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -6497,6 +6642,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -6538,7 +6684,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesFlexVolumeSecretRe pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -6552,6 +6699,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesGcePersistentDisk { @@ -6580,7 +6729,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesGcePersistentDisk } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6599,6 +6748,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesGlusterfs { @@ -6757,7 +6907,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesPersistentVolumeCl pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -6770,7 +6921,10 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesPhotonPersistentDi pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -7076,7 +7230,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesProjectedSourcesSe pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesQuobyte { /// group to map volume access to @@ -7104,6 +7259,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesRbd { @@ -7163,6 +7319,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -7267,6 +7424,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesStorageos { /// fsType is the filesystem type to mount. @@ -7309,7 +7467,9 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesStorageosSecretRef pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -7329,6 +7489,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesVsphereVolume { } /// StartupPolicy, if set, configures in what order jobs must be started +/// Deprecated: StartupPolicy is deprecated, please use the DependsOn API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct JobSetStartupPolicy { /// StartupPolicyOrder determines the startup order of the ReplicatedJobs. @@ -7340,6 +7501,7 @@ pub struct JobSetStartupPolicy { } /// StartupPolicy, if set, configures in what order jobs must be started +/// Deprecated: StartupPolicy is deprecated, please use the DependsOn API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum JobSetStartupPolicyStartupPolicyOrder { AnyOrder, diff --git a/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs b/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs index dec33eb1d..3f782cc91 100644 --- a/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs +++ b/kube-custom-resources-rs/src/k8gb_absa_oss/v1beta1/gslbs.rs @@ -328,7 +328,7 @@ pub struct GslbStrategy { /// Primary Geo Tag. Valid for failover strategy only #[serde(default, skip_serializing_if = "Option::is_none", rename = "primaryGeoTag")] pub primary_geo_tag: Option, - /// Split brain TXT record expiration in seconds + /// Split brain TXT record expiration in seconds. The field is deprecated and not used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "splitBrainThresholdSeconds")] pub split_brain_threshold_seconds: Option, /// Load balancing strategy type:(roundRobin|failover) diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs index 9b6376b18..33270ba50 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/backups.rs @@ -705,8 +705,8 @@ pub struct BackupStoragePersistentVolumeClaimSelectorMatchExpressions { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStorageS3 { /// AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id. - #[serde(rename = "accessKeyIdSecretKeyRef")] - pub access_key_id_secret_key_ref: BackupStorageS3AccessKeyIdSecretKeyRef, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKeyIdSecretKeyRef")] + pub access_key_id_secret_key_ref: Option, /// Bucket is the name Name of the bucket to store backups. pub bucket: String, /// Endpoint is the S3 API endpoint without scheme. @@ -718,8 +718,8 @@ pub struct BackupStorageS3 { #[serde(default, skip_serializing_if = "Option::is_none")] pub region: Option, /// AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key. - #[serde(rename = "secretAccessKeySecretKeyRef")] - pub secret_access_key_secret_key_ref: BackupStorageS3SecretAccessKeySecretKeyRef, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretAccessKeySecretKeyRef")] + pub secret_access_key_secret_key_ref: Option, /// SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionTokenSecretKeyRef")] pub session_token_secret_key_ref: Option, diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs index 3f8bcf62e..d5d7e8b18 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/connections.rs @@ -39,9 +39,10 @@ pub struct ConnectionSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub params: Option>, /// PasswordSecretKeyRef is a reference to the password to use for configuring the Connection. + /// Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. /// If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. - #[serde(rename = "passwordSecretKeyRef")] - pub password_secret_key_ref: ConnectionPasswordSecretKeyRef, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordSecretKeyRef")] + pub password_secret_key_ref: Option, /// Port to connect to. If not provided, it defaults to the MariaDB port or to the first MaxScale listener. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, @@ -54,6 +55,12 @@ pub struct ConnectionSpec { /// ServiceName to be used in the Connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] pub service_name: Option, + /// TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when checking the connection health. + /// Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. + /// If not provided, the client certificate provided by the referred MariaDB is used if TLS is enabled. + /// If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the client certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsClientCertSecretRef")] + pub tls_client_cert_secret_ref: Option, /// Username to use for configuring the Connection. pub username: String, } @@ -91,6 +98,7 @@ pub struct ConnectionMaxScaleRef { } /// PasswordSecretKeyRef is a reference to the password to use for configuring the Connection. +/// Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. /// If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConnectionPasswordSecretKeyRef { @@ -139,6 +147,16 @@ pub struct ConnectionSecretTemplateMetadata { pub labels: Option>, } +/// TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when checking the connection health. +/// Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. +/// If not provided, the client certificate provided by the referred MariaDB is used if TLS is enabled. +/// If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the client certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConnectionTlsClientCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// ConnectionStatus defines the observed state of Connection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConnectionStatus { diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs index 3d25b6259..dd3e687cf 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs @@ -173,6 +173,9 @@ pub struct MariaDBSpec { /// SidecarContainers to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sidecarContainers")] pub sidecar_containers: Option>, + /// StartupProbe to be used in the Container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] + pub startup_probe: Option, /// Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB. #[serde(default, skip_serializing_if = "Option::is_none")] pub storage: Option, @@ -183,6 +186,9 @@ pub struct MariaDBSpec { /// TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeZone")] pub time_zone: Option, + /// TLS defines the PKI to be used with MariaDB. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, /// Tolerations to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, @@ -192,7 +198,7 @@ pub struct MariaDBSpec { /// UpdateStrategy defines how a MariaDB resource is updated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] pub update_strategy: Option, - /// Username is the initial username to be created by the operator once MariaDB is ready. It has all privileges on the initial database. + /// Username is the initial username to be created by the operator once MariaDB is ready. /// The initial User will have ALL PRIVILEGES in the initial Database. #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, @@ -635,8 +641,8 @@ pub struct MariaDBBootstrapFromRestoreJobResources { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBBootstrapFromS3 { /// AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id. - #[serde(rename = "accessKeyIdSecretKeyRef")] - pub access_key_id_secret_key_ref: MariaDBBootstrapFromS3AccessKeyIdSecretKeyRef, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKeyIdSecretKeyRef")] + pub access_key_id_secret_key_ref: Option, /// Bucket is the name Name of the bucket to store backups. pub bucket: String, /// Endpoint is the S3 API endpoint without scheme. @@ -648,8 +654,8 @@ pub struct MariaDBBootstrapFromS3 { #[serde(default, skip_serializing_if = "Option::is_none")] pub region: Option, /// AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key. - #[serde(rename = "secretAccessKeySecretKeyRef")] - pub secret_access_key_secret_key_ref: MariaDBBootstrapFromS3SecretAccessKeySecretKeyRef, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretAccessKeySecretKeyRef")] + pub secret_access_key_secret_key_ref: Option, /// SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionTokenSecretKeyRef")] pub session_token_secret_key_ref: Option, @@ -1146,9 +1152,12 @@ pub struct MariaDBGaleraAgent { /// LivenessProbe to be used in the Container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] pub liveness_probe: Option, - /// Port where the agent will be listening for connections. + /// Port where the agent will be listening for API connections. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, + /// Port where the agent will be listening for probe connections. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "probePort")] + pub probe_port: Option, /// ReadinessProbe to be used in the Container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, @@ -1158,6 +1167,9 @@ pub struct MariaDBGaleraAgent { /// SecurityContext holds security configuration that will be applied to a container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe to be used in the Container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] + pub startup_probe: Option, /// VolumeMounts to be used in the Container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, @@ -1303,6 +1315,9 @@ pub struct MariaDBGaleraAgentLivenessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1327,6 +1342,14 @@ pub struct MariaDBGaleraAgentLivenessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraAgentLivenessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// ReadinessProbe to be used in the Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraAgentReadinessProbe { @@ -1344,6 +1367,9 @@ pub struct MariaDBGaleraAgentReadinessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1368,6 +1394,14 @@ pub struct MariaDBGaleraAgentReadinessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraAgentReadinessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// Resouces describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraAgentResources { @@ -1410,6 +1444,58 @@ pub struct MariaDBGaleraAgentSecurityContextCapabilities { pub drop: Option>, } +/// StartupProbe to be used in the Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraAgentStartupProbe { + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] + pub initial_delay_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] + pub period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraAgentStartupProbeExec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraAgentStartupProbeHttpGet { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + pub port: IntOrString, + /// URIScheme identifies the scheme used for connection to a host for Get actions + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraAgentStartupProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#volumemount-v1-core. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraAgentVolumeMounts { @@ -1545,6 +1631,9 @@ pub struct MariaDBGaleraInitContainer { /// SecurityContext holds security configuration that will be applied to a container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, + /// StartupProbe to be used in the Container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] + pub startup_probe: Option, /// VolumeMounts to be used in the Container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] pub volume_mounts: Option>, @@ -1653,6 +1742,9 @@ pub struct MariaDBGaleraInitContainerLivenessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1677,6 +1769,14 @@ pub struct MariaDBGaleraInitContainerLivenessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraInitContainerLivenessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// ReadinessProbe to be used in the Container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraInitContainerReadinessProbe { @@ -1694,6 +1794,9 @@ pub struct MariaDBGaleraInitContainerReadinessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1718,6 +1821,14 @@ pub struct MariaDBGaleraInitContainerReadinessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraInitContainerReadinessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// Resouces describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraInitContainerResources { @@ -1760,6 +1871,58 @@ pub struct MariaDBGaleraInitContainerSecurityContextCapabilities { pub drop: Option>, } +/// StartupProbe to be used in the Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraInitContainerStartupProbe { + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] + pub initial_delay_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] + pub period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraInitContainerStartupProbeExec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraInitContainerStartupProbeHttpGet { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + pub port: IntOrString, + /// URIScheme identifies the scheme used for connection to a host for Get actions + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBGaleraInitContainerStartupProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#volumemount-v1-core. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBGaleraInitContainerVolumeMounts { @@ -2064,6 +2227,9 @@ pub struct MariaDBLivenessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -2088,6 +2254,14 @@ pub struct MariaDBLivenessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBLivenessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// MaxScale is the MaxScale specification that defines the MaxScale resource to be used with the current MariaDB. /// When enabling this field, MaxScaleRef is automatically set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2138,6 +2312,9 @@ pub struct MariaDBMaxScale { /// Services define how the traffic is forwarded to the MariaDB servers. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, + /// TLS defines the PKI to be used with MaxScale. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, /// UpdateStrategy defines the update strategy for the StatefulSet object. #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] pub update_strategy: Option, @@ -3117,6 +3294,150 @@ pub enum MariaDBMaxScaleServicesRouter { Readconnroute, } +/// TLS defines the PKI to be used with MaxScale. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTls { + /// AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI. + /// One of: + /// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. + /// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided. + /// If not provided, a self-signed CA will be provisioned to issue the server certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminCASecretRef")] + pub admin_ca_secret_ref: Option, + /// AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster. + /// It is mutually exclusive with adminCertSecretRef. + /// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminCertIssuerRef")] + pub admin_cert_issuer_ref: Option, + /// AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminCertSecretRef")] + pub admin_cert_secret_ref: Option, + /// Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance. + /// It is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners. + /// One of: + /// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. + /// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided. + /// If not provided, a self-signed CA will be provisioned to issue the listener certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerCASecretRef")] + pub listener_ca_secret_ref: Option, + /// ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster. + /// It is mutually exclusive with listenerCertSecretRef. + /// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerCertIssuerRef")] + pub listener_cert_issuer_ref: Option, + /// ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerCertSecretRef")] + pub listener_cert_secret_ref: Option, + /// ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration. + /// It is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled. + /// If the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicationSSLEnabled")] + pub replication_ssl_enabled: Option, + /// ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers. + /// The Secret should contain a 'ca.crt' key in order to establish trust. + /// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCASecretRef")] + pub server_ca_secret_ref: Option, + /// ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers. + /// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCertSecretRef")] + pub server_cert_secret_ref: Option, + /// VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA. + /// It is disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyPeerCertificate")] + pub verify_peer_certificate: Option, + /// VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host. + /// It is disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyPeerHost")] + pub verify_peer_host: Option, +} + +/// AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI. +/// One of: +/// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. +/// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided. +/// If not provided, a self-signed CA will be provisioned to issue the server certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsAdminCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster. +/// It is mutually exclusive with adminCertSecretRef. +/// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsAdminCertIssuerRef { + /// Group of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the resource being referred to. + pub name: String, +} + +/// AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsAdminCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners. +/// One of: +/// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. +/// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided. +/// If not provided, a self-signed CA will be provisioned to issue the listener certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsListenerCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster. +/// It is mutually exclusive with listenerCertSecretRef. +/// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsListenerCertIssuerRef { + /// Group of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the resource being referred to. + pub name: String, +} + +/// ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsListenerCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers. +/// The Secret should contain a 'ca.crt' key in order to establish trust. +/// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsServerCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers. +/// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBMaxScaleTlsServerCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// UpdateStrategy defines the update strategy for the StatefulSet object. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBMaxScaleUpdateStrategy { @@ -3920,6 +4241,9 @@ pub struct MariaDBReadinessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -3944,6 +4268,14 @@ pub struct MariaDBReadinessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBReadinessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// Replication configures high availability via replication. This feature is still in alpha, use Galera if you are looking for a more production-ready HA. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBReplication { @@ -4372,6 +4704,58 @@ pub struct MariaDBSidecarContainersVolumeMounts { pub sub_path: Option, } +/// StartupProbe to be used in the Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStartupProbe { + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] + pub initial_delay_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] + pub period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStartupProbeExec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStartupProbeHttpGet { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + pub port: IntOrString, + /// URIScheme identifies the scheme used for connection to a host for Get actions + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStartupProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MariaDBStorage { @@ -4382,10 +4766,10 @@ pub struct MariaDBStorage { /// It defaults to true. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizeInUseVolumes")] pub resize_in_use_volumes: Option, - /// Size of the PVCs to be mounted by MariaDB. Required if not provided in 'VolumeClaimTemplate'. It superseeds the storage size specified in 'VolumeClaimTemplate'. + /// Size of the PVCs to be mounted by MariaDB. Required if not provided in 'VolumeClaimTemplate'. It supersedes the storage size specified in 'VolumeClaimTemplate'. #[serde(default, skip_serializing_if = "Option::is_none")] pub size: Option, - /// StorageClassName to be used to provision the PVCS. It superseeds the 'StorageClassName' specified in 'VolumeClaimTemplate'. + /// StorageClassName to be used to provision the PVCS. It supersedes the 'StorageClassName' specified in 'VolumeClaimTemplate'. /// If not provided, the default 'StorageClass' configured in the cluster is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, @@ -4476,6 +4860,124 @@ pub struct MariaDBStorageVolumeClaimTemplateSelectorMatchExpressions { pub values: Option>, } +/// TLS defines the PKI to be used with MariaDB. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBTls { + /// ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates. + /// One of: + /// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. + /// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided. + /// If not provided, a self-signed CA will be provisioned to issue the client certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCASecretRef")] + pub client_ca_secret_ref: Option, + /// ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster. + /// It is mutually exclusive with clientCertSecretRef. + /// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCertIssuerRef")] + pub client_cert_issuer_ref: Option, + /// ClientCertSecretRef is a reference to a TLS Secret containing the client certificate. + /// It is mutually exclusive with clientCertIssuerRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCertSecretRef")] + pub client_cert_secret_ref: Option, + /// Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MariaDB instance. + /// It is enabled by default. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// GaleraSSTEnabled determines whether Galera SST connections should use TLS. + /// It disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "galeraSSTEnabled")] + pub galera_sst_enabled: Option, + /// Required specifies whether TLS must be enforced for all connections. + /// User TLS requirements take precedence over this. + /// It disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub required: Option, + /// ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates. + /// One of: + /// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. + /// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided. + /// If not provided, a self-signed CA will be provisioned to issue the server certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCASecretRef")] + pub server_ca_secret_ref: Option, + /// ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster. + /// It is mutually exclusive with serverCertSecretRef. + /// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCertIssuerRef")] + pub server_cert_issuer_ref: Option, + /// ServerCertSecretRef is a reference to a TLS Secret containing the server certificate. + /// It is mutually exclusive with serverCertIssuerRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCertSecretRef")] + pub server_cert_secret_ref: Option, +} + +/// ClientCASecretRef is a reference to a Secret containing the client certificate authority keypair. It is used to establish trust and issue client certificates. +/// One of: +/// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. +/// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either clientCertSecretRef or clientCertIssuerRef fields must be provided. +/// If not provided, a self-signed CA will be provisioned to issue the client certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBTlsClientCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ClientCertIssuerRef is a reference to a cert-manager issuer object used to issue the client certificate. cert-manager must be installed previously in the cluster. +/// It is mutually exclusive with clientCertSecretRef. +/// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via clientCASecretRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBTlsClientCertIssuerRef { + /// Group of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the resource being referred to. + pub name: String, +} + +/// ClientCertSecretRef is a reference to a TLS Secret containing the client certificate. +/// It is mutually exclusive with clientCertIssuerRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBTlsClientCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ServerCASecretRef is a reference to a Secret containing the server certificate authority keypair. It is used to establish trust and issue server certificates. +/// One of: +/// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. +/// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either serverCertSecretRef or serverCertIssuerRef must be provided. +/// If not provided, a self-signed CA will be provisioned to issue the server certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBTlsServerCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ServerCertIssuerRef is a reference to a cert-manager issuer object used to issue the server certificate. cert-manager must be installed previously in the cluster. +/// It is mutually exclusive with serverCertSecretRef. +/// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via serverCASecretRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBTlsServerCertIssuerRef { + /// Group of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the resource being referred to. + pub name: String, +} + +/// ServerCertSecretRef is a reference to a TLS Secret containing the server certificate. +/// It is mutually exclusive with serverCertIssuerRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBTlsServerCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -4725,6 +5227,11 @@ pub struct MariaDBStatus { /// CurrentPrimaryPodIndex is the primary Pod index. #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentPrimaryPodIndex")] pub current_primary_pod_index: Option, + /// DefaultVersion is the MariaDB version used by the operator when it cannot infer the version + /// from spec.image. This can happen if the image uses a digest (e.g. sha256) instead + /// of a version tag. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultVersion")] + pub default_version: Option, /// GaleraRecovery is the Galera recovery current state. #[serde(default, skip_serializing_if = "Option::is_none", rename = "galeraRecovery")] pub galera_recovery: Option, @@ -4734,6 +5241,9 @@ pub struct MariaDBStatus { /// ReplicationStatus is the replication current state for each Pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicationStatus")] pub replication_status: Option>, + /// TLS aggregates the status of the certificates used by the MariaDB instance. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, } /// GaleraRecovery is the Galera recovery current state. @@ -4784,3 +5294,62 @@ pub struct MariaDBStatusGaleraRecoveryState { pub version: Option, } +/// TLS aggregates the status of the certificates used by the MariaDB instance. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStatusTls { + /// CABundle is the status of the Certificate Authority bundle. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option>, + /// ClientCert is the status of the client certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCert")] + pub client_cert: Option, + /// ServerCert is the status of the server certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCert")] + pub server_cert: Option, +} + +/// CertificateStatus represents the current status of a TLS certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStatusTlsCaBundle { + /// Issuer is the issuer of the current certificate. + pub issuer: String, + /// NotAfter indicates that the certificate is not valid after the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")] + pub not_after: Option, + /// NotBefore indicates that the certificate is not valid before the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")] + pub not_before: Option, + /// Subject is the subject of the current certificate. + pub subject: String, +} + +/// ClientCert is the status of the client certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStatusTlsClientCert { + /// Issuer is the issuer of the current certificate. + pub issuer: String, + /// NotAfter indicates that the certificate is not valid after the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")] + pub not_after: Option, + /// NotBefore indicates that the certificate is not valid before the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")] + pub not_before: Option, + /// Subject is the subject of the current certificate. + pub subject: String, +} + +/// ServerCert is the status of the server certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MariaDBStatusTlsServerCert { + /// Issuer is the issuer of the current certificate. + pub issuer: String, + /// NotAfter indicates that the certificate is not valid after the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")] + pub not_after: Option, + /// NotBefore indicates that the certificate is not valid before the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")] + pub not_before: Option, + /// Subject is the subject of the current certificate. + pub subject: String, +} + diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs index 41882935b..18e2b9301 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs @@ -118,10 +118,16 @@ pub struct MaxScaleSpec { /// Services define how the traffic is forwarded to the MariaDB servers. It is defaulted if not provided. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, + /// StartupProbe to be used in the Container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] + pub startup_probe: Option, /// Suspend indicates whether the current resource should be suspended or not. /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, + /// TLS defines the PKI to be used with MaxScale. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, /// Tolerations to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, @@ -864,6 +870,9 @@ pub struct MaxScaleLivenessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -888,6 +897,14 @@ pub struct MaxScaleLivenessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleLivenessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// MariaDBRef is a reference to the MariaDB that MaxScale points to. It is used to initialize the servers field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleMariaDbRef { @@ -1494,6 +1511,9 @@ pub struct MaxScaleReadinessProbe { pub period_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, } @@ -1518,6 +1538,14 @@ pub struct MaxScaleReadinessProbeHttpGet { pub scheme: Option, } +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleReadinessProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + /// Resouces describes the compute resource requirements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MaxScaleResources { @@ -1637,6 +1665,202 @@ pub enum MaxScaleServicesRouter { Readconnroute, } +/// StartupProbe to be used in the Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStartupProbe { + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] + pub initial_delay_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] + pub period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + /// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#execaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStartupProbeExec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#httpgetaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStartupProbeHttpGet { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + pub port: IntOrString, + /// URIScheme identifies the scheme used for connection to a host for Get actions + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +/// Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#tcpsocketaction-v1-core. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStartupProbeTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + +/// TLS defines the PKI to be used with MaxScale. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTls { + /// AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI. + /// One of: + /// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. + /// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided. + /// If not provided, a self-signed CA will be provisioned to issue the server certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminCASecretRef")] + pub admin_ca_secret_ref: Option, + /// AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster. + /// It is mutually exclusive with adminCertSecretRef. + /// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminCertIssuerRef")] + pub admin_cert_issuer_ref: Option, + /// AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminCertSecretRef")] + pub admin_cert_secret_ref: Option, + /// Enabled indicates whether TLS is enabled, determining if certificates should be issued and mounted to the MaxScale instance. + /// It is enabled by default when the referred MariaDB instance (via mariaDbRef) has TLS enabled and enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners. + /// One of: + /// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. + /// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided. + /// If not provided, a self-signed CA will be provisioned to issue the listener certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerCASecretRef")] + pub listener_ca_secret_ref: Option, + /// ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster. + /// It is mutually exclusive with listenerCertSecretRef. + /// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerCertIssuerRef")] + pub listener_cert_issuer_ref: Option, + /// ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerCertSecretRef")] + pub listener_cert_secret_ref: Option, + /// ReplicationSSLEnabled specifies whether the replication SSL is enabled. If enabled, the SSL options will be added to the server configuration. + /// It is enabled by default when the referred MariaDB instance (via mariaDbRef) has replication enabled. + /// If the MariaDB servers are manually provided by the user via the 'servers' field, this must be set by the user as well. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicationSSLEnabled")] + pub replication_ssl_enabled: Option, + /// ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers. + /// The Secret should contain a 'ca.crt' key in order to establish trust. + /// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCASecretRef")] + pub server_ca_secret_ref: Option, + /// ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers. + /// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCertSecretRef")] + pub server_cert_secret_ref: Option, + /// VerifyPeerCertificate specifies whether the peer certificate's signature should be validated against the CA. + /// It is disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyPeerCertificate")] + pub verify_peer_certificate: Option, + /// VerifyPeerHost specifies whether the peer certificate's SANs should match the peer host. + /// It is disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyPeerHost")] + pub verify_peer_host: Option, +} + +/// AdminCASecretRef is a reference to a Secret containing the admin certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's administrative REST API and GUI. +/// One of: +/// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. +/// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either adminCertSecretRef or adminCertIssuerRef fields must be provided. +/// If not provided, a self-signed CA will be provisioned to issue the server certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsAdminCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// AdminCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's administrative REST API and GUI certificate. cert-manager must be installed previously in the cluster. +/// It is mutually exclusive with adminCertSecretRef. +/// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via adminCASecretRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsAdminCertIssuerRef { + /// Group of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the resource being referred to. + pub name: String, +} + +/// AdminCertSecretRef is a reference to a TLS Secret used by the MaxScale's administrative REST API and GUI. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsAdminCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ListenerCASecretRef is a reference to a Secret containing the listener certificate authority keypair. It is used to establish trust and issue certificates for the MaxScale's listeners. +/// One of: +/// - Secret containing both the 'ca.crt' and 'ca.key' keys. This allows you to bring your own CA to Kubernetes to issue certificates. +/// - Secret containing only the 'ca.crt' in order to establish trust. In this case, either listenerCertSecretRef or listenerCertIssuerRef fields must be provided. +/// If not provided, a self-signed CA will be provisioned to issue the listener certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsListenerCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ListenerCertIssuerRef is a reference to a cert-manager issuer object used to issue the MaxScale's listeners certificate. cert-manager must be installed previously in the cluster. +/// It is mutually exclusive with listenerCertSecretRef. +/// By default, the Secret field 'ca.crt' provisioned by cert-manager will be added to the trust chain. A custom trust bundle may be specified via listenerCASecretRef. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsListenerCertIssuerRef { + /// Group of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind of the resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name of the resource being referred to. + pub name: String, +} + +/// ListenerCertSecretRef is a reference to a TLS Secret used by the MaxScale's listeners. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsListenerCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ServerCASecretRef is a reference to a Secret containing the MariaDB server CA certificates. It is used to establish trust with MariaDB servers. +/// The Secret should contain a 'ca.crt' key in order to establish trust. +/// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB CA bundle. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsServerCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// ServerCertSecretRef is a reference to a TLS Secret used by MaxScale to connect to the MariaDB servers. +/// If not provided, and the reference to a MariaDB resource is set (mariaDbRef), it will be defaulted to the referred MariaDB client certificate (clientCertSecretRef). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleTlsServerCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1797,6 +2021,9 @@ pub struct MaxScaleStatus { /// Services is the state of the services in the MaxScale API. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, + /// TLS aggregates the status of the certificates used by the MaxScale instance. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, } /// ConfigSync is the state of config sync. @@ -1836,3 +2063,80 @@ pub struct MaxScaleStatusServices { pub state: String, } +/// TLS aggregates the status of the certificates used by the MaxScale instance. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStatusTls { + /// AdminCert is the status of the admin certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "adminCert")] + pub admin_cert: Option, + /// CABundle is the status of the Certificate Authority bundle. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] + pub ca_bundle: Option>, + /// ListenerCert is the status of the listener certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerCert")] + pub listener_cert: Option, + /// ServerCert is the status of the MariaDB server certificate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverCert")] + pub server_cert: Option, +} + +/// AdminCert is the status of the admin certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStatusTlsAdminCert { + /// Issuer is the issuer of the current certificate. + pub issuer: String, + /// NotAfter indicates that the certificate is not valid after the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")] + pub not_after: Option, + /// NotBefore indicates that the certificate is not valid before the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")] + pub not_before: Option, + /// Subject is the subject of the current certificate. + pub subject: String, +} + +/// CertificateStatus represents the current status of a TLS certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStatusTlsCaBundle { + /// Issuer is the issuer of the current certificate. + pub issuer: String, + /// NotAfter indicates that the certificate is not valid after the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")] + pub not_after: Option, + /// NotBefore indicates that the certificate is not valid before the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")] + pub not_before: Option, + /// Subject is the subject of the current certificate. + pub subject: String, +} + +/// ListenerCert is the status of the listener certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStatusTlsListenerCert { + /// Issuer is the issuer of the current certificate. + pub issuer: String, + /// NotAfter indicates that the certificate is not valid after the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")] + pub not_after: Option, + /// NotBefore indicates that the certificate is not valid before the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")] + pub not_before: Option, + /// Subject is the subject of the current certificate. + pub subject: String, +} + +/// ServerCert is the status of the MariaDB server certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MaxScaleStatusTlsServerCert { + /// Issuer is the issuer of the current certificate. + pub issuer: String, + /// NotAfter indicates that the certificate is not valid after the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notAfter")] + pub not_after: Option, + /// NotBefore indicates that the certificate is not valid before the given date. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "notBefore")] + pub not_before: Option, + /// Subject is the subject of the current certificate. + pub subject: String, +} + diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs index 415be7116..d244f60a6 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/restores.rs @@ -425,8 +425,8 @@ pub enum RestoreRestartPolicy { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreS3 { /// AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 access key id. - #[serde(rename = "accessKeyIdSecretKeyRef")] - pub access_key_id_secret_key_ref: RestoreS3AccessKeyIdSecretKeyRef, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKeyIdSecretKeyRef")] + pub access_key_id_secret_key_ref: Option, /// Bucket is the name Name of the bucket to store backups. pub bucket: String, /// Endpoint is the S3 API endpoint without scheme. @@ -438,8 +438,8 @@ pub struct RestoreS3 { #[serde(default, skip_serializing_if = "Option::is_none")] pub region: Option, /// AccessKeyIdSecretKeyRef is a reference to a Secret key containing the S3 secret key. - #[serde(rename = "secretAccessKeySecretKeyRef")] - pub secret_access_key_secret_key_ref: RestoreS3SecretAccessKeySecretKeyRef, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretAccessKeySecretKeyRef")] + pub secret_access_key_secret_key_ref: Option, /// SessionTokenSecretKeyRef is a reference to a Secret key containing the S3 session token. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sessionTokenSecretKeyRef")] pub session_token_secret_key_ref: Option, diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs index d43a07255..b56d26ba7 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/sqljobs.rs @@ -91,6 +91,14 @@ pub struct SqlJobSpec { /// TimeZone defines the timezone associated with the cron expression. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeZone")] pub time_zone: Option, + /// TLSCACertSecretRef is a reference toa CA Secret used to establish trust when executing the SqlJob. + /// If not provided, the CA bundle provided by the referred MariaDB is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsCASecretRef")] + pub tls_ca_secret_ref: Option, + /// TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when executing the SqlJob. + /// If not provided, the client certificate provided by the referred MariaDB is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsClientCertSecretRef")] + pub tls_client_cert_secret_ref: Option, /// Tolerations to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, @@ -485,6 +493,22 @@ pub struct SqlJobSqlConfigMapKeyRef { pub name: Option, } +/// TLSCACertSecretRef is a reference toa CA Secret used to establish trust when executing the SqlJob. +/// If not provided, the CA bundle provided by the referred MariaDB is used. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SqlJobTlsCaSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when executing the SqlJob. +/// If not provided, the client certificate provided by the referred MariaDB is used. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SqlJobTlsClientCertSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs index 8ac8bd359..aedd3fbbe 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/users.rs @@ -49,6 +49,9 @@ pub struct UserSpec { /// RequeueInterval is used to perform requeue reconciliations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requeueInterval")] pub requeue_interval: Option, + /// Require specifies TLS requirements for the user to connect. See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub require: Option, /// RetryInterval is the interval used to perform retries. #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")] pub retry_interval: Option, @@ -123,6 +126,23 @@ pub struct UserPasswordSecretKeyRef { pub name: Option, } +/// Require specifies TLS requirements for the user to connect. See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct UserRequire { + /// Issuer indicates that the TLS certificate provided by the user must be issued by a specific issuer. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub issuer: Option, + /// SSL indicates that the user must connect via TLS. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ssl: Option, + /// Subject indicates that the TLS certificate provided by the user must have a specific subject. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub subject: Option, + /// X509 indicates that the user must provide a valid x509 certificate to connect. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub x509: Option, +} + /// UserStatus defines the observed state of User #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct UserStatus { diff --git a/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs b/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs index 419c83aec..dda1985f2 100644 --- a/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs +++ b/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs @@ -173,6 +173,9 @@ pub struct PolicyOidc { pub struct PolicyRateLimit { #[serde(default, skip_serializing_if = "Option::is_none")] pub burst: Option, + /// RateLimitCondition defines a condition for a rate limit policy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub condition: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub delay: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dryRun")] @@ -193,6 +196,24 @@ pub struct PolicyRateLimit { pub zone_size: Option, } +/// RateLimitCondition defines a condition for a rate limit policy. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PolicyRateLimitCondition { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default: Option, + /// JWTCondition defines a condition for a rate limit by JWT claim. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub jwt: Option, +} + +/// JWTCondition defines a condition for a rate limit by JWT claim. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PolicyRateLimitConditionJwt { + pub claim: String, + #[serde(rename = "match")] + pub r#match: String, +} + /// WAF defines an WAF policy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PolicyWaf { diff --git a/kube-custom-resources-rs/src/k8up_io/v1/backups.rs b/kube-custom-resources-rs/src/k8up_io/v1/backups.rs index 056f14824..b02cb9727 100644 --- a/kube-custom-resources-rs/src/k8up_io/v1/backups.rs +++ b/kube-custom-resources-rs/src/k8up_io/v1/backups.rs @@ -40,6 +40,10 @@ pub struct BackupSpec { /// Deprecated: Use FailedJobsHistoryLimit and SuccessfulJobsHistoryLimit respectively. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keepJobs")] pub keep_jobs: Option, + /// LabelSelectors is a list of selectors that we filter for. + /// When defined, only PVCs and PreBackupPods matching them are backed up. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] + pub label_selectors: Option>, /// PodConfigRef describes the pod spec with wich this action shall be executed. /// It takes precedence over the Resources or PodSecurityContext field. /// It does not allow changing the image or the command of the resulting pod. @@ -427,6 +431,38 @@ pub struct BackupBackendVolumeMounts { pub sub_path_expr: Option, } +/// A label selector is a label query over a set of resources. The result of matchLabels and +/// matchExpressions are ANDed. An empty label selector matches all objects. A null +/// label selector matches no objects. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupLabelSelectors { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupLabelSelectorsMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// PodConfigRef describes the pod spec with wich this action shall be executed. /// It takes precedence over the Resources or PodSecurityContext field. /// It does not allow changing the image or the command of the resulting pod. diff --git a/kube-custom-resources-rs/src/k8up_io/v1/schedules.rs b/kube-custom-resources-rs/src/k8up_io/v1/schedules.rs index 4aae01730..be5529641 100644 --- a/kube-custom-resources-rs/src/k8up_io/v1/schedules.rs +++ b/kube-custom-resources-rs/src/k8up_io/v1/schedules.rs @@ -1316,6 +1316,10 @@ pub struct ScheduleBackup { /// Deprecated: Use FailedJobsHistoryLimit and SuccessfulJobsHistoryLimit respectively. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keepJobs")] pub keep_jobs: Option, + /// LabelSelectors is a list of selectors that we filter for. + /// When defined, only PVCs and PreBackupPods matching them are backed up. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelectors")] + pub label_selectors: Option>, /// PodConfigRef describes the pod spec with wich this action shall be executed. /// It takes precedence over the Resources or PodSecurityContext field. /// It does not allow changing the image or the command of the resulting pod. @@ -1706,6 +1710,38 @@ pub struct ScheduleBackupBackendVolumeMounts { pub sub_path_expr: Option, } +/// A label selector is a label query over a set of resources. The result of matchLabels and +/// matchExpressions are ANDed. An empty label selector matches all objects. A null +/// label selector matches no objects. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduleBackupLabelSelectors { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduleBackupLabelSelectorsMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// PodConfigRef describes the pod spec with wich this action shall be executed. /// It takes precedence over the Resources or PodSecurityContext field. /// It does not allow changing the image or the command of the resulting pod. diff --git a/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs index 5833a81c2..ee37d932f 100644 --- a/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs @@ -13,8 +13,7 @@ use self::prelude::*; /// ClusterSpec defines the desired state of Cluster. /// -/// Returns information about a cluster of either the provisioned or the serverless -/// type. +/// Returns information about a cluster. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "kafka.services.k8s.aws", version = "v1alpha1", kind = "Cluster", plural = "clusters")] #[kube(namespaced)] @@ -27,13 +26,14 @@ pub struct ClusterSpec { pub associated_scram_secret_refs: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "associatedSCRAMSecrets")] pub associated_scram_secrets: Option>, - /// Information about the brokers. + /// Information about the broker nodes in the cluster. #[serde(rename = "brokerNodeGroupInfo")] pub broker_node_group_info: ClusterBrokerNodeGroupInfo, /// Includes all client authentication related information. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientAuthentication")] pub client_authentication: Option, - /// Represents the configuration that you want MSK to use for the cluster. + /// Represents the configuration that you want MSK to use for the brokers in + /// a cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configurationInfo")] pub configuration_info: Option, /// Includes all encryption-related information. @@ -46,12 +46,11 @@ pub struct ClusterSpec { /// The version of Apache Kafka. #[serde(rename = "kafkaVersion")] pub kafka_version: String, - /// LoggingInfo details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loggingInfo")] pub logging_info: Option, /// The name of the cluster. pub name: String, - /// The number of Apache Kafka broker nodes in the Amazon MSK cluster. + /// The number of broker nodes in the cluster. #[serde(rename = "numberOfBrokerNodes")] pub number_of_broker_nodes: i64, /// The settings for open monitoring. @@ -90,13 +89,16 @@ pub struct ClusterAssociatedScramSecretRefsFrom { pub namespace: Option, } -/// Information about the brokers. +/// Information about the broker nodes in the cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterBrokerNodeGroupInfo { - /// The distribution of broker nodes across Availability Zones. By default, broker - /// nodes are distributed among the Availability Zones of your Region. Currently, - /// the only supported value is DEFAULT. You can either specify this value explicitly - /// or leave it out. + /// The distribution of broker nodes across Availability Zones. This is an optional + /// parameter. If you don't specify it, Amazon MSK gives it the value DEFAULT. + /// You can also explicitly set this parameter to the value DEFAULT. No other + /// values are currently allowed. + /// + /// Amazon MSK distributes the broker nodes evenly across the Availability Zones + /// that correspond to the subnets you provide when you create the cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "brokerAZDistribution")] pub broker_az_distribution: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientSubnets")] @@ -116,12 +118,12 @@ pub struct ClusterBrokerNodeGroupInfo { /// Information about the broker access configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterBrokerNodeGroupInfoConnectivityInfo { - /// Broker public access control. + /// Public access control for brokers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicAccess")] pub public_access: Option, } -/// Broker public access control. +/// Public access control for brokers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess { #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] @@ -162,30 +164,35 @@ pub struct ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThrough /// Includes all client authentication related information. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClientAuthentication { + /// Details for client authentication using SASL. #[serde(default, skip_serializing_if = "Option::is_none")] pub sasl: Option, /// Details for client authentication using TLS. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Contains information about unauthenticated traffic to the cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub unauthenticated: Option, } +/// Details for client authentication using SASL. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClientAuthenticationSasl { + /// Details for IAM access control. #[serde(default, skip_serializing_if = "Option::is_none")] pub iam: Option, + /// Details for SASL/SCRAM client authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub scram: Option, } +/// Details for IAM access control. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClientAuthenticationSaslIam { #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, } +/// Details for SASL/SCRAM client authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClientAuthenticationSaslScram { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -201,14 +208,14 @@ pub struct ClusterClientAuthenticationTls { pub enabled: Option, } -/// Contains information about unauthenticated traffic to the cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterClientAuthenticationUnauthenticated { #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, } -/// Represents the configuration that you want MSK to use for the cluster. +/// Represents the configuration that you want MSK to use for the brokers in +/// a cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterConfigurationInfo { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -245,29 +252,22 @@ pub struct ClusterEncryptionInfoEncryptionInTransit { pub in_cluster: Option, } -/// LoggingInfo details. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterLoggingInfo { - /// The broker logs configuration for this MSK cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "brokerLogs")] pub broker_logs: Option, } -/// The broker logs configuration for this MSK cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterLoggingInfoBrokerLogs { - /// Details of the CloudWatch Logs destination for broker logs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudWatchLogs")] pub cloud_watch_logs: Option, - /// Firehose details for BrokerLogs. #[serde(default, skip_serializing_if = "Option::is_none")] pub firehose: Option, - /// The details of the Amazon S3 destination for broker logs. #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, } -/// Details of the CloudWatch Logs destination for broker logs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterLoggingInfoBrokerLogsCloudWatchLogs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -276,7 +276,6 @@ pub struct ClusterLoggingInfoBrokerLogsCloudWatchLogs { pub log_group: Option, } -/// Firehose details for BrokerLogs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterLoggingInfoBrokerLogsFirehose { #[serde(default, skip_serializing_if = "Option::is_none", rename = "deliveryStream")] @@ -285,7 +284,6 @@ pub struct ClusterLoggingInfoBrokerLogsFirehose { pub enabled: Option, } -/// The details of the Amazon S3 destination for broker logs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterLoggingInfoBrokerLogsS3 { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -307,22 +305,22 @@ pub struct ClusterOpenMonitoring { /// Prometheus settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOpenMonitoringPrometheus { - /// Indicates whether you want to enable or disable the JMX Exporter. + /// Indicates whether you want to turn on or turn off the JMX Exporter. #[serde(default, skip_serializing_if = "Option::is_none", rename = "jmxExporter")] pub jmx_exporter: Option, - /// Indicates whether you want to enable or disable the Node Exporter. + /// Indicates whether you want to turn on or turn off the Node Exporter. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeExporter")] pub node_exporter: Option, } -/// Indicates whether you want to enable or disable the JMX Exporter. +/// Indicates whether you want to turn on or turn off the JMX Exporter. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOpenMonitoringPrometheusJmxExporter { #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledInBroker")] pub enabled_in_broker: Option, } -/// Indicates whether you want to enable or disable the Node Exporter. +/// Indicates whether you want to turn on or turn off the Node Exporter. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOpenMonitoringPrometheusNodeExporter { #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledInBroker")] @@ -357,7 +355,7 @@ pub struct ClusterStatus { pub bootstrap_broker_string_vpc_connectivity_saslscram: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrapBrokerStringVPCConnectivityTLS")] pub bootstrap_broker_string_vpc_connectivity_tls: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs index 31660fe2c..379e7f4a7 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkabridges.rs @@ -1395,6 +1395,9 @@ pub struct KafkaBridgeTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -1432,6 +1435,27 @@ pub struct KafkaBridgeTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaBridgeTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaBridgeTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaBridgeTemplatePodVolumesEmptyDir { diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs index 7f35c429a..9861cf8bf 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkaconnects.rs @@ -271,7 +271,7 @@ pub struct KafkaConnectBuild { /// Configures where should the newly built image be stored. Required. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct KafkaConnectBuildOutput { - /// Configures additional options which will be passed to the Kaniko executor when building the new Connect image. Allowed options are: --customPlatform, --insecure, --insecure-pull, --insecure-registry, --log-format, --log-timestamp, --registry-mirror, --reproducible, --single-snapshot, --skip-tls-verify, --skip-tls-verify-pull, --skip-tls-verify-registry, --verbosity, --snapshotMode, --use-new-run. These options will be used only on Kubernetes where the Kaniko executor is used. They will be ignored on OpenShift. The options are described in the link:https://github.com/GoogleContainerTools/kaniko[Kaniko GitHub repository^]. Changing this field does not trigger new build of the Kafka Connect image. + /// Configures additional options which will be passed to the Kaniko executor when building the new Connect image. Allowed options are: --customPlatform, --custom-platform, --insecure, --insecure-pull, --insecure-registry, --log-format, --log-timestamp, --registry-mirror, --reproducible, --single-snapshot, --skip-tls-verify, --skip-tls-verify-pull, --skip-tls-verify-registry, --verbosity, --snapshotMode, --use-new-run, --registry-certificate, --registry-client-cert. These options will be used only on Kubernetes where the Kaniko executor is used. They will be ignored on OpenShift. The options are described in the link:https://github.com/GoogleContainerTools/kaniko[Kaniko GitHub repository^]. Changing this field does not trigger new build of the Kafka Connect image. #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalKanikoOptions")] pub additional_kaniko_options: Option>, /// The name of the image which will be built. Required. @@ -1461,6 +1461,9 @@ pub struct KafkaConnectTemplateBuildPodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -1498,6 +1501,27 @@ pub struct KafkaConnectTemplateBuildPodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplateBuildPodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplateBuildPodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplateBuildPodVolumesEmptyDir { @@ -2506,6 +2530,9 @@ pub struct KafkaConnectTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -2543,6 +2570,27 @@ pub struct KafkaConnectTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaConnectTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaConnectTemplatePodVolumesEmptyDir { diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs index b5ead75f9..e27b60067 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkamirrormakers.rs @@ -1399,6 +1399,9 @@ pub struct KafkaMirrorMakerTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -1436,6 +1439,27 @@ pub struct KafkaMirrorMakerTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaMirrorMakerTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaMirrorMakerTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaMirrorMakerTemplatePodVolumesEmptyDir { diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkanodepools.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkanodepools.rs index 95c29a352..72f4bad24 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkanodepools.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkanodepools.rs @@ -1147,6 +1147,9 @@ pub struct KafkaNodePoolTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -1184,6 +1187,27 @@ pub struct KafkaNodePoolTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaNodePoolTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaNodePoolTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaNodePoolTemplatePodVolumesEmptyDir { diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkarebalances.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkarebalances.rs index 90db0b627..cddf0aba0 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkarebalances.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkarebalances.rs @@ -44,9 +44,13 @@ pub struct KafkaRebalanceSpec { /// * `full` mode runs the rebalancing across all the brokers in the cluster. /// * `add-brokers` mode can be used after scaling up the cluster to move some replicas to the newly added brokers. /// * `remove-brokers` mode can be used before scaling down the cluster to move replicas out of the brokers to be removed. - /// + /// * `remove-disks` mode can be used to move data across the volumes within the same broker + /// . #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// List of brokers and their corresponding volumes from which replicas need to be moved. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "moveReplicasOffVolumes")] + pub move_replicas_off_volumes: Option>, /// Enables intra-broker disk balancing, which balances disk space utilization between disks on the same broker. Only applies to Kafka deployments that use JBOD storage with multiple disks. When enabled, inter-broker balancing is disabled. Default is false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rebalanceDisk")] pub rebalance_disk: Option, @@ -70,6 +74,18 @@ pub enum KafkaRebalanceMode { AddBrokers, #[serde(rename = "remove-brokers")] RemoveBrokers, + #[serde(rename = "remove-disks")] + RemoveDisks, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaRebalanceMoveReplicasOffVolumes { + /// ID of the broker that contains the disk from which you want to move the partition replicas. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "brokerId")] + pub broker_id: Option, + /// IDs of the disks from which the partition replicas need to be moved. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeIds")] + pub volume_ids: Option>, } /// The status of the Kafka rebalance. diff --git a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs index d76db81e1..562f3bf63 100644 --- a/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs +++ b/kube-custom-resources-rs/src/kafka_strimzi_io/v1beta2/kafkas.rs @@ -1190,6 +1190,9 @@ pub struct KafkaCruiseControlTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -1227,6 +1230,27 @@ pub struct KafkaCruiseControlTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaCruiseControlTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaCruiseControlTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaCruiseControlTemplatePodVolumesEmptyDir { @@ -2197,6 +2221,9 @@ pub struct KafkaEntityOperatorTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -2234,6 +2261,27 @@ pub struct KafkaEntityOperatorTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaEntityOperatorTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaEntityOperatorTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaEntityOperatorTemplatePodVolumesEmptyDir { @@ -4063,6 +4111,9 @@ pub struct KafkaJmxTransTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -4100,6 +4151,27 @@ pub struct KafkaJmxTransTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaJmxTransTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaJmxTransTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaJmxTransTemplatePodVolumesEmptyDir { @@ -4603,6 +4675,11 @@ pub struct KafkaKafkaListenersConfiguration { /// Configures the template for generating the advertised hostnames of the individual brokers. Valid placeholders that you can use in the template are `{nodeId}` and `{nodePodName}`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "advertisedHostTemplate")] pub advertised_host_template: Option, + /// Configures whether to allocate NodePort automatically for the `Service` with type `LoadBalancer`. + /// This is a one to one with the `spec.allocateLoadBalancerNodePorts` configuration in the `Service` type + /// For `loadbalancer` listeners only. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] + pub allocate_load_balancer_node_ports: Option, /// Bootstrap configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub bootstrap: Option, @@ -6307,6 +6384,9 @@ pub struct KafkaKafkaTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -6344,6 +6424,27 @@ pub struct KafkaKafkaTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaTemplatePodVolumesEmptyDir { @@ -7346,6 +7447,9 @@ pub struct KafkaKafkaExporterTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -7383,6 +7487,27 @@ pub struct KafkaKafkaExporterTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaExporterTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaKafkaExporterTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaKafkaExporterTemplatePodVolumesEmptyDir { @@ -8425,6 +8550,9 @@ pub struct KafkaZookeeperTemplatePodVolumes { /// ConfigMap to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, + /// CSIVolumeSource object to use to populate the volume. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub csi: Option, /// EmptyDir to use to populate the volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, @@ -8462,6 +8590,27 @@ pub struct KafkaZookeeperTemplatePodVolumesConfigMapItems { pub path: Option, } +/// CSIVolumeSource object to use to populate the volume. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaZookeeperTemplatePodVolumesCsi { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub driver: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] + pub fs_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] + pub node_publish_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] + pub read_only: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] + pub volume_attributes: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KafkaZookeeperTemplatePodVolumesCsiNodePublishSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// EmptyDir to use to populate the volume. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KafkaZookeeperTemplatePodVolumesEmptyDir { diff --git a/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs b/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs index 98c9ff29c..8a9d070f3 100644 --- a/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs +++ b/kube-custom-resources-rs/src/karpenter_k8s_aws/v1/ec2nodeclasses.rs @@ -37,6 +37,10 @@ pub struct EC2NodeClassSpec { /// BlockDeviceMappings to be applied to provisioned nodes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "blockDeviceMappings")] pub block_device_mappings: Option>, + /// CapacityReservationSelectorTerms is a list of capacity reservation selector terms. Each term is ORed together to + /// determine the set of eligible capacity reservations. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "capacityReservationSelectorTerms")] + pub capacity_reservation_selector_terms: Option>, /// Context is a Reserved field in EC2 APIs /// https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html #[serde(default, skip_serializing_if = "Option::is_none")] @@ -81,10 +85,10 @@ pub struct EC2NodeClassSpec { /// for the old instance profiles on an update. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, - /// SecurityGroupSelectorTerms is a list of or security group selector terms. The terms are ORed. + /// SecurityGroupSelectorTerms is a list of security group selector terms. The terms are ORed. #[serde(rename = "securityGroupSelectorTerms")] pub security_group_selector_terms: Vec, - /// SubnetSelectorTerms is a list of or subnet selector terms. The terms are ORed. + /// SubnetSelectorTerms is a list of subnet selector terms. The terms are ORed. #[serde(rename = "subnetSelectorTerms")] pub subnet_selector_terms: Vec, /// Tags to be applied on ec2 resources like instances and launch templates. @@ -134,7 +138,7 @@ pub struct EC2NodeClassAmiSelectorTerms { /// You can specify a combination of AWS account IDs, "self", "amazon", and "aws-marketplace" #[serde(default, skip_serializing_if = "Option::is_none")] pub owner: Option, - /// Tags is a map of key/value tags used to select subnets + /// Tags is a map of key/value tags used to select amis. /// Specifying '*' for a value selects all values for a given tag key. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, @@ -235,6 +239,20 @@ pub enum EC2NodeClassBlockDeviceMappingsEbsVolumeType { Gp3, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct EC2NodeClassCapacityReservationSelectorTerms { + /// ID is the capacity reservation id in EC2 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + /// Owner is the owner id for the ami. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ownerID")] + pub owner_id: Option, + /// Tags is a map of key/value tags used to select capacity reservations. + /// Specifying '*' for a value selects all values for a given tag key. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tags: Option>, +} + /// EC2NodeClassSpec is the top level specification for the AWS Karpenter Provider. /// This will contain configuration necessary to launch instances in AWS. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -429,7 +447,7 @@ pub struct EC2NodeClassSecurityGroupSelectorTerms { /// This value is the name field, which is different from the name tag. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Tags is a map of key/value tags used to select subnets + /// Tags is a map of key/value tags used to select security groups. /// Specifying '*' for a value selects all values for a given tag key. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, @@ -455,17 +473,21 @@ pub struct EC2NodeClassStatus { /// cluster under the AMI selectors. #[serde(default, skip_serializing_if = "Option::is_none")] pub amis: Option>, + /// CapacityReservations contains the current capacity reservation values that are available to this NodeClass under the + /// CapacityReservation selectors. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "capacityReservations")] + pub capacity_reservations: Option>, /// Conditions contains signals for health and readiness #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// InstanceProfile contains the resolved instance profile for the role #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceProfile")] pub instance_profile: Option, - /// SecurityGroups contains the current Security Groups values that are available to the + /// SecurityGroups contains the current security group values that are available to the /// cluster under the SecurityGroups selectors. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroups")] pub security_groups: Option>, - /// Subnets contains the current Subnet values that are available to the + /// Subnets contains the current subnet values that are available to the /// cluster under the subnet selectors. #[serde(default, skip_serializing_if = "Option::is_none")] pub subnets: Option>, @@ -474,6 +496,9 @@ pub struct EC2NodeClassStatus { /// AMI contains resolved AMI selector values utilized for node launch #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct EC2NodeClassStatusAmis { + /// Deprecation status of the AMI + #[serde(default, skip_serializing_if = "Option::is_none")] + pub deprecated: Option, /// ID of the AMI pub id: String, /// Name of the AMI @@ -501,6 +526,36 @@ pub struct EC2NodeClassStatusAmisRequirements { pub values: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct EC2NodeClassStatusCapacityReservations { + /// The availability zone the capacity reservation is available in. + #[serde(rename = "availabilityZone")] + pub availability_zone: String, + /// The time at which the capacity reservation expires. Once expired, the reserved capacity is released and Karpenter + /// will no longer be able to launch instances into that reservation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endTime")] + pub end_time: Option, + /// The id for the capacity reservation. + pub id: String, + /// Indicates the type of instance launches the capacity reservation accepts. + #[serde(rename = "instanceMatchCriteria")] + pub instance_match_criteria: EC2NodeClassStatusCapacityReservationsInstanceMatchCriteria, + /// The instance type for the capacity reservation. + #[serde(rename = "instanceType")] + pub instance_type: String, + /// The ID of the AWS account that owns the capacity reservation. + #[serde(rename = "ownerID")] + pub owner_id: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum EC2NodeClassStatusCapacityReservationsInstanceMatchCriteria { + #[serde(rename = "open")] + Open, + #[serde(rename = "targeted")] + Targeted, +} + /// SecurityGroup contains resolved SecurityGroup selector values utilized for node launch #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct EC2NodeClassStatusSecurityGroups { diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs b/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs index ff19f6db4..35a1c4e66 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs @@ -82,7 +82,7 @@ pub struct NodePoolDisruptionBudgets { pub nodes: String, /// Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods. /// Otherwise, this will apply to each reason defined. - /// allowed reasons are Underutilized, Empty, and Drifted and additional CloudProvider-specific reasons. + /// allowed reasons are Underutilized, Empty, and Drifted. #[serde(default, skip_serializing_if = "Option::is_none")] pub reasons: Option>, /// Schedule specifies when a budget begins being active, following diff --git a/kube-custom-resources-rs/src/keda_sh/v1alpha1/clustertriggerauthentications.rs b/kube-custom-resources-rs/src/keda_sh/v1alpha1/clustertriggerauthentications.rs index 60b90732c..038206d35 100644 --- a/kube-custom-resources-rs/src/keda_sh/v1alpha1/clustertriggerauthentications.rs +++ b/kube-custom-resources-rs/src/keda_sh/v1alpha1/clustertriggerauthentications.rs @@ -170,6 +170,8 @@ pub enum ClusterTriggerAuthenticationAwsSecretManagerPodIdentityProvider { pub struct ClusterTriggerAuthenticationAwsSecretManagerSecrets { pub name: String, pub parameter: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] + pub secret_key: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "versionId")] pub version_id: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "versionStage")] diff --git a/kube-custom-resources-rs/src/keda_sh/v1alpha1/scaledobjects.rs b/kube-custom-resources-rs/src/keda_sh/v1alpha1/scaledobjects.rs index ee66d4769..c434cf2dc 100644 --- a/kube-custom-resources-rs/src/keda_sh/v1alpha1/scaledobjects.rs +++ b/kube-custom-resources-rs/src/keda_sh/v1alpha1/scaledobjects.rs @@ -183,11 +183,26 @@ pub struct ScaledObjectAdvancedScalingModifiers { /// Fallback is the spec for fallback options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScaledObjectFallback { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub behavior: Option, #[serde(rename = "failureThreshold")] pub failure_threshold: i32, pub replicas: i32, } +/// Fallback is the spec for fallback options +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScaledObjectFallbackBehavior { + #[serde(rename = "static")] + Static, + #[serde(rename = "currentReplicas")] + CurrentReplicas, + #[serde(rename = "currentReplicasIfHigher")] + CurrentReplicasIfHigher, + #[serde(rename = "currentReplicasIfLower")] + CurrentReplicasIfLower, +} + /// ScaleTarget holds the reference to the scale target Object #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScaledObjectScaleTargetRef { diff --git a/kube-custom-resources-rs/src/keda_sh/v1alpha1/triggerauthentications.rs b/kube-custom-resources-rs/src/keda_sh/v1alpha1/triggerauthentications.rs index 08a542a81..5616806ca 100644 --- a/kube-custom-resources-rs/src/keda_sh/v1alpha1/triggerauthentications.rs +++ b/kube-custom-resources-rs/src/keda_sh/v1alpha1/triggerauthentications.rs @@ -171,6 +171,8 @@ pub enum TriggerAuthenticationAwsSecretManagerPodIdentityProvider { pub struct TriggerAuthenticationAwsSecretManagerSecrets { pub name: String, pub parameter: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] + pub secret_key: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "versionId")] pub version_id: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "versionStage")] diff --git a/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/keyspaces.rs b/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/keyspaces.rs index 097e4fd38..d562f5db2 100644 --- a/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/keyspaces.rs +++ b/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/keyspaces.rs @@ -85,7 +85,7 @@ pub struct KeyspaceStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/tables.rs b/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/tables.rs index 1cd45aef1..893e95e09 100644 --- a/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/tables.rs +++ b/kube-custom-resources-rs/src/keyspaces_services_k8s_aws/v1alpha1/tables.rs @@ -346,7 +346,7 @@ pub struct TableStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/kinesis_services_k8s_aws/v1alpha1/streams.rs b/kube-custom-resources-rs/src/kinesis_services_k8s_aws/v1alpha1/streams.rs index 67b149c7c..2409a5774 100644 --- a/kube-custom-resources-rs/src/kinesis_services_k8s_aws/v1alpha1/streams.rs +++ b/kube-custom-resources-rs/src/kinesis_services_k8s_aws/v1alpha1/streams.rs @@ -55,7 +55,7 @@ pub struct StreamStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/modules.rs b/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/modules.rs index c4aa0931a..100ae02f3 100644 --- a/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/modules.rs +++ b/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/modules.rs @@ -34,6 +34,9 @@ pub struct ModuleSpec { pub module_loader: ModuleModuleLoader, /// Selector describes on which nodes the Module should be loaded and optionally built. pub selector: BTreeMap, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, } /// DevicePlugin allows overriding some properties of the container that deploys the device plugin on the node. @@ -290,26 +293,35 @@ pub struct ModuleDevicePluginContainerVolumeMounts { pub struct ModuleDevicePluginVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -350,23 +362,28 @@ pub struct ModuleDevicePluginVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -411,23 +428,30 @@ pub struct ModuleDevicePluginVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -435,15 +459,20 @@ pub struct ModuleDevicePluginVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesAwsElasticBlockStore { @@ -470,6 +499,8 @@ pub struct ModuleDevicePluginVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -496,6 +527,8 @@ pub struct ModuleDevicePluginVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -510,7 +543,8 @@ pub struct ModuleDevicePluginVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -552,6 +586,8 @@ pub struct ModuleDevicePluginVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesCinder { @@ -642,7 +678,7 @@ pub struct ModuleDevicePluginVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -1083,6 +1119,7 @@ pub struct ModuleDevicePluginVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -1124,7 +1161,8 @@ pub struct ModuleDevicePluginVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -1138,6 +1176,8 @@ pub struct ModuleDevicePluginVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesGcePersistentDisk { @@ -1166,7 +1206,7 @@ pub struct ModuleDevicePluginVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1185,6 +1225,7 @@ pub struct ModuleDevicePluginVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesGlusterfs { @@ -1343,7 +1384,8 @@ pub struct ModuleDevicePluginVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -1356,7 +1398,10 @@ pub struct ModuleDevicePluginVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -1662,7 +1707,8 @@ pub struct ModuleDevicePluginVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesQuobyte { /// group to map volume access to @@ -1690,6 +1736,7 @@ pub struct ModuleDevicePluginVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesRbd { @@ -1749,6 +1796,7 @@ pub struct ModuleDevicePluginVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -1853,6 +1901,7 @@ pub struct ModuleDevicePluginVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesStorageos { /// fsType is the filesystem type to mount. @@ -1895,7 +1944,9 @@ pub struct ModuleDevicePluginVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleDevicePluginVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -2368,6 +2419,36 @@ pub struct ModuleModuleLoaderContainerSignUnsignedImageRegistryTls { pub insecure_skip_tls_verify: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ModuleTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + /// ModuleStatus defines the observed state of Module. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ModuleStatus { diff --git a/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/nodemodulesconfigs.rs b/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/nodemodulesconfigs.rs index 8b0801082..1c0bd2c56 100644 --- a/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/nodemodulesconfigs.rs +++ b/kube-custom-resources-rs/src/kmm_sigs_x_k8s_io/v1beta1/nodemodulesconfigs.rs @@ -35,6 +35,9 @@ pub struct NodeModulesConfigModules { pub namespace: String, #[serde(rename = "serviceAccountName")] pub service_account_name: String, + /// tolerations define which tolerations should be added for every load/unload pod running on the node + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -42,8 +45,8 @@ pub struct NodeModulesConfigModulesConfig { #[serde(rename = "containerImage")] pub container_image: String, /// PullPolicy describes a policy for if/when to pull a container image - #[serde(rename = "imagePullPolicy")] - pub image_pull_policy: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] + pub image_pull_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "inTreeModuleToRemove")] pub in_tree_module_to_remove: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "inTreeModulesToRemove")] @@ -136,6 +139,36 @@ pub struct NodeModulesConfigModulesImageRepoSecret { pub name: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct NodeModulesConfigModulesTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + /// NodeModuleConfigStatus is the most recently observed status of the KMM modules on node. /// It is populated by the system and is read-only. /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status @@ -160,6 +193,9 @@ pub struct NodeModulesConfigStatusModules { pub namespace: String, #[serde(rename = "serviceAccountName")] pub service_account_name: String, + /// tolerations define which tolerations should be added for every load/unload pod running on the node + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -167,8 +203,8 @@ pub struct NodeModulesConfigStatusModulesConfig { #[serde(rename = "containerImage")] pub container_image: String, /// PullPolicy describes a policy for if/when to pull a container image - #[serde(rename = "imagePullPolicy")] - pub image_pull_policy: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] + pub image_pull_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "inTreeModuleToRemove")] pub in_tree_module_to_remove: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "inTreeModulesToRemove")] @@ -261,3 +297,33 @@ pub struct NodeModulesConfigStatusModulesImageRepoSecret { pub name: Option, } +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct NodeModulesConfigStatusModulesTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + diff --git a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs index 6a5233501..13c11ceac 100644 --- a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs +++ b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs @@ -22,6 +22,9 @@ pub struct AliasSpec { /// Specifies the alias name. This value must begin with alias/ followed by a /// name, such as alias/ExampleAlias. /// + /// Do not include confidential or sensitive information in this field. This + /// field may be displayed in plaintext in CloudTrail logs and other output. + /// /// The AliasName value must be string of 1-256 characters. It can contain only /// alphanumeric characters, forward slashes (/), underscores (_), and dashes /// (-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is @@ -91,7 +94,7 @@ pub struct AliasStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs index 800ff743b..bc2869d20 100644 --- a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs +++ b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs @@ -22,19 +22,13 @@ use self::prelude::*; pub struct GrantSpec { /// Specifies a grant constraint. /// - /// KMS supports the EncryptionContextEquals and EncryptionContextSubset grant - /// constraints. Each constraint value can include up to 8 encryption context - /// pairs. The encryption context value in each constraint cannot exceed 384 - /// characters. For information about grant constraints, see Using grant constraints - /// (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints) - /// in the Key Management Service Developer Guide. For more information about - /// encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) - /// in the Key Management Service Developer Guide . + /// Do not include confidential or sensitive information in this field. This + /// field may be displayed in plaintext in CloudTrail logs and other output. /// - /// The encryption context grant constraints allow the permissions in the grant - /// only when the encryption context in the request matches (EncryptionContextEquals) - /// or includes (EncryptionContextSubset) the encryption context specified in - /// this structure. + /// KMS supports the EncryptionContextEquals and EncryptionContextSubset grant + /// constraints, which allow the permissions in the grant only when the encryption + /// context in the request matches (EncryptionContextEquals) or includes (EncryptionContextSubset) + /// the encryption context specified in the constraint. /// /// The encryption context grant constraints are supported only on grant operations /// (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations) @@ -46,8 +40,15 @@ pub struct GrantSpec { /// permission have an equally strict or stricter encryption context constraint. /// /// You cannot use an encryption context grant constraint for cryptographic operations - /// with asymmetric KMS keys or HMAC KMS keys. These keys don't support an encryption - /// context. + /// with asymmetric KMS keys or HMAC KMS keys. Operations with these keys don't + /// support an encryption context. + /// + /// Each constraint value can include up to 8 encryption context pairs. The encryption + /// context value in each constraint cannot exceed 384 characters. For information + /// about grant constraints, see Using grant constraints (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints) + /// in the Key Management Service Developer Guide. For more information about + /// encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + /// in the Key Management Service Developer Guide . #[serde(default, skip_serializing_if = "Option::is_none")] pub constraints: Option, /// A list of grant tokens. @@ -61,19 +62,17 @@ pub struct GrantSpec { pub grant_tokens: Option>, /// The identity that gets the permissions specified in the grant. /// - /// To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - /// of an Amazon Web Services principal. Valid Amazon Web Services principals - /// include Amazon Web Services accounts (root), IAM users, IAM roles, federated - /// users, and assumed role users. For examples of the ARN syntax to use for - /// specifying a principal, see Amazon Web Services Identity and Access Management - /// (IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) - /// in the Example ARNs section of the Amazon Web Services General Reference. + /// To specify the grantee principal, use the Amazon Resource Name (ARN) of an + /// Amazon Web Services principal. Valid principals include Amazon Web Services + /// accounts, IAM users, IAM roles, federated users, and assumed role users. + /// For help with the ARN syntax for a principal, see IAM ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns) + /// in the Identity and Access Management User Guide . #[serde(rename = "granteePrincipal")] pub grantee_principal: String, /// Identifies the KMS key for the grant. The grant gives principals permission /// to use this KMS key. /// - /// Specify the key ID or key ARN of the KMS key. To specify a KMS key in a different + /// Specify the key ID or key ARN of the KMS key. To specify a KMS key in adifferent /// Amazon Web Services account, you must use the key ARN. /// /// For example: @@ -97,6 +96,9 @@ pub struct GrantSpec { /// A friendly name for the grant. Use this value to prevent the unintended creation /// of duplicate grants when retrying this request. /// + /// Do not include confidential or sensitive information in this field. This + /// field may be displayed in plaintext in CloudTrail logs and other output. + /// /// When this value is absent, all CreateGrant requests result in a new grant /// with a unique GrantId even if all the supplied parameters are identical. /// This can result in unintended duplicates when you retry the CreateGrant request. @@ -122,12 +124,10 @@ pub struct GrantSpec { /// the grant. /// /// To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - /// of an Amazon Web Services principal. Valid Amazon Web Services principals - /// include Amazon Web Services accounts (root), IAM users, federated users, - /// and assumed role users. For examples of the ARN syntax to use for specifying - /// a principal, see Amazon Web Services Identity and Access Management (IAM) - /// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) - /// in the Example ARNs section of the Amazon Web Services General Reference. + /// of an Amazon Web Services principal. Valid principals include Amazon Web + /// Services accounts, IAM users, IAM roles, federated users, and assumed role + /// users. For help with the ARN syntax for a principal, see IAM ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns) + /// in the Identity and Access Management User Guide . /// /// The grant determines the retiring principal. Other principals might have /// permission to retire the grant or revoke the grant. For details, see RevokeGrant @@ -139,19 +139,13 @@ pub struct GrantSpec { /// Specifies a grant constraint. /// -/// KMS supports the EncryptionContextEquals and EncryptionContextSubset grant -/// constraints. Each constraint value can include up to 8 encryption context -/// pairs. The encryption context value in each constraint cannot exceed 384 -/// characters. For information about grant constraints, see Using grant constraints -/// (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints) -/// in the Key Management Service Developer Guide. For more information about -/// encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) -/// in the Key Management Service Developer Guide . +/// Do not include confidential or sensitive information in this field. This +/// field may be displayed in plaintext in CloudTrail logs and other output. /// -/// The encryption context grant constraints allow the permissions in the grant -/// only when the encryption context in the request matches (EncryptionContextEquals) -/// or includes (EncryptionContextSubset) the encryption context specified in -/// this structure. +/// KMS supports the EncryptionContextEquals and EncryptionContextSubset grant +/// constraints, which allow the permissions in the grant only when the encryption +/// context in the request matches (EncryptionContextEquals) or includes (EncryptionContextSubset) +/// the encryption context specified in the constraint. /// /// The encryption context grant constraints are supported only on grant operations /// (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations) @@ -163,8 +157,15 @@ pub struct GrantSpec { /// permission have an equally strict or stricter encryption context constraint. /// /// You cannot use an encryption context grant constraint for cryptographic operations -/// with asymmetric KMS keys or HMAC KMS keys. These keys don't support an encryption -/// context. +/// with asymmetric KMS keys or HMAC KMS keys. Operations with these keys don't +/// support an encryption context. +/// +/// Each constraint value can include up to 8 encryption context pairs. The encryption +/// context value in each constraint cannot exceed 384 characters. For information +/// about grant constraints, see Using grant constraints (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints) +/// in the Key Management Service Developer Guide. For more information about +/// encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) +/// in the Key Management Service Developer Guide . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GrantConstraints { #[serde(default, skip_serializing_if = "Option::is_none", rename = "encryptionContextEquals")] @@ -206,7 +207,7 @@ pub struct GrantStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/keys.rs b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/keys.rs index a5f4f7be0..92c26e113 100644 --- a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/keys.rs +++ b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/keys.rs @@ -19,45 +19,40 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct KeySpec { - /// A flag to indicate whether to bypass the key policy lockout safety check. + /// Skips ("bypasses") the key policy lockout safety check. The default value + /// is false. /// /// Setting this value to true increases the risk that the KMS key becomes unmanageable. /// Do not set this value to true indiscriminately. /// - /// For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - /// section in the Key Management Service Developer Guide . - /// - /// Use this parameter only when you include a policy in the request and you - /// intend to prevent the principal that is making the request from making a - /// subsequent PutKeyPolicy request on the KMS key. + /// For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + /// in the Key Management Service Developer Guide. /// - /// The default value is false. + /// Use this parameter only when you intend to prevent the principal that is + /// making the request from making a subsequent PutKeyPolicy (https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) + /// request on the KMS key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bypassPolicyLockoutSafetyCheck")] pub bypass_policy_lockout_safety_check: Option, - /// Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) - /// and the key material in its associated CloudHSM cluster. To create a KMS - /// key in a custom key store, you must also specify the Origin parameter with - /// a value of AWS_CLOUDHSM. The CloudHSM cluster that is associated with the - /// custom key store must have at least two active HSMs, each in a different - /// Availability Zone in the Region. + /// Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). + /// The ConnectionState of the custom key store must be CONNECTED. To find the + /// CustomKeyStoreID and ConnectionState use the DescribeCustomKeyStores operation. /// /// This parameter is valid only for symmetric encryption KMS keys in a single /// Region. You cannot create any other type of KMS key in a custom key store. /// - /// To find the ID of a custom key store, use the DescribeCustomKeyStores operation. - /// - /// The response includes the custom key store ID and the ID of the CloudHSM - /// cluster. - /// - /// This operation is part of the custom key store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) - /// feature in KMS, which combines the convenience and extensive integration - /// of KMS with the isolation and control of a single-tenant key store. + /// When you create a KMS key in an CloudHSM key store, KMS generates a non-exportable + /// 256-bit symmetric key in its associated CloudHSM cluster and associates it + /// with the KMS key. When you create a KMS key in an external key store, you + /// must use the XksKeyId parameter to specify an external key that serves as + /// key material for the KMS key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customKeyStoreID")] pub custom_key_store_id: Option, - /// A description of the KMS key. + /// A description of the KMS key. Use a description that helps you decide whether + /// the KMS key is appropriate for a task. The default value is an empty string + /// (no description). /// - /// Use a description that helps you decide whether the KMS key is appropriate - /// for a task. The default value is an empty string (no description). + /// Do not include confidential or sensitive information in this field. This + /// field may be displayed in plaintext in CloudTrail logs and other output. /// /// To set or change the description after the key is created, use UpdateKeyDescription. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -72,11 +67,11 @@ pub struct KeySpec { /// in the Key Management Service Developer Guide . /// /// The KeySpec determines whether the KMS key contains a symmetric key or an - /// asymmetric key pair. It also determines the cryptographic algorithms that - /// the KMS key supports. You can't change the KeySpec after the KMS key is created. - /// To further restrict the algorithms that can be used with the KMS key, use - /// a condition key in its key policy or IAM policy. For more information, see - /// kms:EncryptionAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm), + /// asymmetric key pair. It also determines the algorithms that the KMS key supports. + /// You can't change the KeySpec after the KMS key is created. To further restrict + /// the algorithms that can be used with the KMS key, use a condition key in + /// its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm + /// (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm), /// kms:MacAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm) /// or kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm) /// in the Key Management Service Developer Guide . @@ -91,15 +86,18 @@ pub struct KeySpec { /// /// * HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512 /// - /// * Asymmetric RSA key pairs RSA_2048 RSA_3072 RSA_4096 + /// * Asymmetric RSA key pairs (encryption and decryption -or- signing and + /// verification) RSA_2048 RSA_3072 RSA_4096 /// - /// * Asymmetric NIST-recommended elliptic curve key pairs ECC_NIST_P256 (secp256r1) - /// ECC_NIST_P384 (secp384r1) ECC_NIST_P521 (secp521r1) + /// * Asymmetric NIST-recommended elliptic curve key pairs (signing and verification + /// -or- deriving shared secrets) ECC_NIST_P256 (secp256r1) ECC_NIST_P384 + /// (secp384r1) ECC_NIST_P521 (secp521r1) /// - /// * Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1), - /// commonly used for cryptocurrencies. + /// * Other asymmetric elliptic curve key pairs (signing and verification) + /// ECC_SECG_P256K1 (secp256k1), commonly used for cryptocurrencies. /// - /// * SM2 key pairs (China Regions only) SM2 + /// * SM2 key pairs (encryption and decryption -or- signing and verification + /// -or- deriving shared secrets) SM2 (China Regions only) #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySpec")] pub key_spec: Option, /// Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) @@ -114,13 +112,16 @@ pub struct KeySpec { /// /// * For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC. /// - /// * For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT + /// * For asymmetric KMS keys with RSA key pairs, specify ENCRYPT_DECRYPT /// or SIGN_VERIFY. /// - /// * For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY. + /// * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, + /// specify SIGN_VERIFY or KEY_AGREEMENT. + /// + /// * For asymmetric KMS keys with ECC_SECG_P256K1 key pairs specify SIGN_VERIFY. /// - /// * For asymmetric KMS keys with SM2 key material (China Regions only), - /// specify ENCRYPT_DECRYPT or SIGN_VERIFY. + /// * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify + /// ENCRYPT_DECRYPT, SIGN_VERIFY, or KEY_AGREEMENT. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyUsage")] pub key_usage: Option, /// Creates a multi-Region primary key that you can replicate into other Amazon @@ -142,73 +143,70 @@ pub struct KeySpec { /// This value creates a primary key, not a replica. To create a replica key, /// use the ReplicateKey operation. /// - /// You can create a multi-Region version of a symmetric encryption KMS key, - /// an HMAC KMS key, an asymmetric KMS key, or a KMS key with imported key material. - /// However, you cannot create a multi-Region key in a custom key store. + /// You can create a symmetric or asymmetric multi-Region key, and you can create + /// a multi-Region key with imported key material. However, you cannot create + /// a multi-Region key in a custom key store. #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiRegion")] pub multi_region: Option, /// The source of the key material for the KMS key. You cannot change the origin /// after you create the KMS key. The default is AWS_KMS, which means that KMS /// creates the key material. /// - /// To create a KMS key with no key material (for imported key material), set - /// the value to EXTERNAL. For more information about importing key material - /// into KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) - /// in the Key Management Service Developer Guide. This value is valid only for - /// symmetric encryption KMS keys. + /// To create a KMS key with no key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) + /// (for imported key material), set this value to EXTERNAL. For more information + /// about importing key material into KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) + /// in the Key Management Service Developer Guide. The EXTERNAL origin value + /// is valid only for symmetric KMS keys. /// - /// To create a KMS key in an KMS custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) + /// To create a KMS key in an CloudHSM key store (https://docs.aws.amazon.com/kms/latest/developerguide/create-cmk-keystore.html) /// and create its key material in the associated CloudHSM cluster, set this /// value to AWS_CLOUDHSM. You must also use the CustomKeyStoreId parameter to - /// identify the custom key store. This value is valid only for symmetric encryption - /// KMS keys. + /// identify the CloudHSM key store. The KeySpec value must be SYMMETRIC_DEFAULT. + /// + /// To create a KMS key in an external key store (https://docs.aws.amazon.com/kms/latest/developerguide/create-xks-keys.html), + /// set this value to EXTERNAL_KEY_STORE. You must also use the CustomKeyStoreId + /// parameter to identify the external key store and the XksKeyId parameter to + /// identify the associated external key. The KeySpec value must be SYMMETRIC_DEFAULT. #[serde(default, skip_serializing_if = "Option::is_none")] pub origin: Option, - /// The key policy to attach to the KMS key. If you do not specify a key policy, - /// KMS attaches a default key policy to the KMS key. For more information, see - /// Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) - /// in the Key Management Service Developer Guide. + /// The key policy to attach to the KMS key. /// /// If you provide a key policy, it must meet the following criteria: /// - /// * If you don't set BypassPolicyLockoutSafetyCheck to True, the key policy - /// must allow the principal that is making the CreateKey request to make - /// a subsequent PutKeyPolicy request on the KMS key. This reduces the risk - /// that the KMS key becomes unmanageable. For more information, refer to - /// the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - /// section of the Key Management Service Developer Guide . + /// * The key policy must allow the calling principal to make a subsequent + /// PutKeyPolicy request on the KMS key. This reduces the risk that the KMS + /// key becomes unmanageable. For more information, see Default key policy + /// (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + /// in the Key Management Service Developer Guide. (To omit this condition, + /// set BypassPolicyLockoutSafetyCheck to true.) /// /// * Each statement in the key policy must contain one or more principals. /// The principals in the key policy must exist and be visible to KMS. When - /// you create a new Amazon Web Services principal (for example, an IAM user - /// or role), you might need to enforce a delay before including the new principal - /// in a key policy because the new principal might not be immediately visible - /// to KMS. For more information, see Changes that I make are not always immediately - /// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) + /// you create a new Amazon Web Services principal, you might need to enforce + /// a delay before including the new principal in a key policy because the + /// new principal might not be immediately visible to KMS. For more information, + /// see Changes that I make are not always immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) /// in the Amazon Web Services Identity and Access Management User Guide. /// - /// A key policy document can include only the following characters: - /// - /// * Printable ASCII characters from the space character (\u0020) through - /// the end of the ASCII character range. - /// - /// * Printable characters in the Basic Latin and Latin-1 Supplement character - /// set (through \u00FF). + /// If you do not provide a key policy, KMS attaches a default key policy to + /// the KMS key. For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) + /// in the Key Management Service Developer Guide. /// - /// * The tab (\u0009), line feed (\u000A), and carriage return (\u000D) special - /// characters + /// The key policy size quota is 32 kilobytes (32768 bytes). /// - /// For information about key policies, see Key policies in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) - /// in the Key Management Service Developer Guide. For help writing and formatting - /// a JSON policy document, see the IAM JSON Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html) + /// For help writing and formatting a JSON policy document, see the IAM JSON + /// Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html) /// in the Identity and Access Management User Guide . #[serde(default, skip_serializing_if = "Option::is_none")] pub policy: Option, /// Assigns one or more tags to the KMS key. Use this parameter to tag the KMS /// key when it is created. To tag an existing KMS key, use the TagResource operation. /// + /// Do not include confidential or sensitive information in this field. This + /// field may be displayed in plaintext in CloudTrail logs and other output. + /// /// Tagging or untagging a KMS key can allow or deny permission to the KMS key. - /// For details, see ABAC in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) + /// For details, see ABAC for KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) /// in the Key Management Service Developer Guide. /// /// To use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html) @@ -231,6 +229,9 @@ pub struct KeySpec { /// A key-value pair. A tag consists of a tag key and a tag value. Tag keys and /// tag values are both required, but tag values can be empty (null) strings. /// +/// Do not include confidential or sensitive information in this field. This +/// field may be displayed in plaintext in CloudTrail logs and other output. +/// /// For information about the rules that apply to tag keys and tag values, see /// User-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) /// in the Amazon Web Services Billing and Cost Management User Guide. @@ -255,12 +256,13 @@ pub struct KeyStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsAccountID")] pub aws_account_id: Option, /// The cluster ID of the CloudHSM cluster that contains the key material for - /// the KMS key. When you create a KMS key in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html), + /// the KMS key. When you create a KMS key in an CloudHSM custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html), /// KMS creates the key material for the KMS key in the associated CloudHSM cluster. - /// This value is present only when the KMS key is created in a custom key store. + /// This field is present only when the KMS key is created in an CloudHSM key + /// store. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloudHsmClusterID")] pub cloud_hsm_cluster_id: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/kuadrant_io/mod.rs b/kube-custom-resources-rs/src/kuadrant_io/mod.rs index d9018c91d..df673c0f8 100644 --- a/kube-custom-resources-rs/src/kuadrant_io/mod.rs +++ b/kube-custom-resources-rs/src/kuadrant_io/mod.rs @@ -1,3 +1,4 @@ +pub mod v1; pub mod v1alpha1; pub mod v1beta1; pub mod v1beta2; diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1/authpolicies.rs b/kube-custom-resources-rs/src/kuadrant_io/v1/authpolicies.rs new file mode 100644 index 000000000..982864712 --- /dev/null +++ b/kube-custom-resources-rs/src/kuadrant_io/v1/authpolicies.rs @@ -0,0 +1,7376 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/authpolicies.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; + pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; +} +use self::prelude::*; + +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "kuadrant.io", version = "v1", kind = "AuthPolicy", plural = "authpolicies")] +#[kube(namespaced)] +#[kube(status = "AuthPolicyStatus")] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct AuthPolicySpec { + /// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides. + /// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub defaults: Option, + /// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides. + /// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub overrides: Option, + /// Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub patterns: Option>, + /// The auth rules of the policy. + /// See Authorino's AuthConfig CRD for more details. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option, + /// Reference to the object to which this policy applies. + #[serde(rename = "targetRef")] + pub target_ref: AuthPolicyTargetRef, + /// Overall conditions for the policy to be enforced. + /// If omitted, the policy will be enforced at all requests to the protected routes. + /// If present, all conditions must match for the policy to be enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaults { + /// Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub patterns: Option>, + /// The auth rules of the policy. + /// See Authorino's AuthConfig CRD for more details. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option, + /// Strategy defines the merge strategy to apply when merging this policy with other policies. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub strategy: Option, + /// Overall conditions for the policy to be enforced. + /// If omitted, the policy will be enforced at all requests to the protected routes. + /// If present, all conditions must match for the policy to be enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsPatterns { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allOf")] + pub all_of: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsPatternsAllOf { + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsPatternsAllOfOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// The auth rules of the policy. +/// See Authorino's AuthConfig CRD for more details. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRules { + /// Authentication configs. + /// At least one config MUST evaluate to a valid identity object for the auth request to be successful. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authentication: Option>, + /// Authorization policies. + /// All policies MUST evaluate to "allowed = true" for the auth request be successful. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option>, + /// Callback functions. + /// Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub callbacks: Option>, + /// Metadata sources. + /// Authorino fetches auth metadata as JSON from sources specified in this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option>, + /// Response items. + /// Authorino builds custom responses to the client of the auth request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub response: Option, +} + +/// Authentication configs. +/// At least one config MUST evaluate to a valid identity object for the auth request to be successful. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthentication { + /// Anonymous access. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub anonymous: Option, + /// Authentication based on API keys stored in Kubernetes secrets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] + pub api_key: Option, + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Defines where credentials are required to be passed in the request for authentication based on this config. + /// If omitted, it defaults to credentials passed in the HTTP Authorization header and the "Bearer" prefix prepended to the secret credential value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Set default property values (claims) for the resolved identity object, that are set before appending the object to + /// the authorization JSON. If the property is already present in the resolved identity object, the default value is ignored. + /// It requires the resolved identity object to always be a JSON object. + /// Do not use this option with identity objects of other JSON types (array, string, etc). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub defaults: Option>, + /// Authentication based on JWT tokens. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub jwt: Option, + /// Authentication by Kubernetes token review. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesTokenReview")] + pub kubernetes_token_review: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Authentication by OAuth2 token introspection. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "oauth2Introspection")] + pub oauth2_introspection: Option, + /// Overrides the resolved identity object by setting the additional properties (claims) specified in this config, + /// before appending the object to the authorization JSON. + /// It requires the resolved identity object to always be a JSON object. + /// Do not use this option with identity objects of other JSON types (array, string, etc). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub overrides: Option>, + /// Identity object extracted from the context. + /// Use this method when authentication is performed beforehand by a proxy and the resulting object passed to Authorino as JSON in the auth request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authentication based on client X.509 certificates. + /// The certificates presented by the clients must be signed by a trusted CA whose certificates are stored in Kubernetes secrets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub x509: Option, +} + +/// Anonymous access. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationAnonymous { +} + +/// Authentication based on API keys stored in Kubernetes secrets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationApiKey { + /// Whether Authorino should look for API key secrets in all namespaces or only in the same namespace as the AuthConfig. + /// Enabling this option in namespaced Authorino instances has no effect. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allNamespaces")] + pub all_namespaces: Option, + /// Label selector used by Authorino to match secrets from the cluster storing valid credentials to authenticate to this service + pub selector: AuthPolicyDefaultsRulesAuthenticationApiKeySelector, +} + +/// Label selector used by Authorino to match secrets from the cluster storing valid credentials to authenticate to this service +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationApiKeySelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationApiKeySelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyDefaultsRulesAuthenticationCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Defines where credentials are required to be passed in the request for authentication based on this config. +/// If omitted, it defaults to credentials passed in the HTTP Authorization header and the "Bearer" prefix prepended to the secret credential value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationCredentialsQueryString { + pub name: String, +} + +/// Set default property values (claims) for the resolved identity object, that are set before appending the object to +/// the authorization JSON. If the property is already present in the resolved identity object, the default value is ignored. +/// It requires the resolved identity object to always be a JSON object. +/// Do not use this option with identity objects of other JSON types (array, string, etc). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationDefaults { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Authentication based on JWT tokens. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationJwt { + /// URL of the issuer of the JWT. + /// If `jwksUrl` is omitted, Authorino will append the path to the OpenID Connect Well-Known Discovery endpoint + /// (i.e. "/.well-known/openid-configuration") to this URL, to discover the OIDC configuration where to obtain + /// the "jkws_uri" claim from. + /// The value must coincide with the value of the "iss" (issuer) claim of the discovered OpenID Connect configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "issuerUrl")] + pub issuer_url: Option, + /// Decides how long to wait before refreshing the JWKS (in seconds). + /// If omitted, Authorino will never refresh the JWKS. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Authentication by Kubernetes token review. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationKubernetesTokenReview { + /// The list of audiences (scopes) that must be claimed in a Kubernetes authentication token supplied in the request, and reviewed by Authorino. + /// If omitted, Authorino will review tokens expecting the host name of the requested protected service amongst the audiences. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, +} + +/// Authentication by OAuth2 token introspection. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationOauth2Introspection { + /// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the OAuth2 server. + #[serde(rename = "credentialsRef")] + pub credentials_ref: AuthPolicyDefaultsRulesAuthenticationOauth2IntrospectionCredentialsRef, + /// The full URL of the token introspection endpoint. + pub endpoint: String, + /// The token type hint for the token introspection. + /// If omitted, it defaults to "access_token". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenTypeHint")] + pub token_type_hint: Option, +} + +/// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the OAuth2 server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationOauth2IntrospectionCredentialsRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Overrides the resolved identity object by setting the additional properties (claims) specified in this config, +/// before appending the object to the authorization JSON. +/// It requires the resolved identity object to always be a JSON object. +/// Do not use this option with identity objects of other JSON types (array, string, etc). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationOverrides { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Identity object extracted from the context. +/// Use this method when authentication is performed beforehand by a proxy and the resulting object passed to Authorino as JSON in the auth request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value that represents an identity. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesAuthenticationWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authentication based on client X.509 certificates. +/// The certificates presented by the clients must be signed by a trusted CA whose certificates are stored in Kubernetes secrets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationX509 { + /// Whether Authorino should look for TLS secrets in all namespaces or only in the same namespace as the AuthConfig. + /// Enabling this option in namespaced Authorino instances has no effect. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allNamespaces")] + pub all_namespaces: Option, + /// Label selector used by Authorino to match secrets from the cluster storing trusted CA certificates to validate + /// clients trying to authenticate to this service + pub selector: AuthPolicyDefaultsRulesAuthenticationX509Selector, +} + +/// Label selector used by Authorino to match secrets from the cluster storing trusted CA certificates to validate +/// clients trying to authenticate to this service +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationX509Selector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthenticationX509SelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Authorization policies. +/// All policies MUST evaluate to "allowed = true" for the auth request be successful. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorization { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Authorization by Kubernetes SubjectAccessReview + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesSubjectAccessReview")] + pub kubernetes_subject_access_review: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Open Policy Agent (OPA) Rego policy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub opa: Option, + /// Pattern-matching authorization rules. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternMatching")] + pub pattern_matching: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Authorization decision delegated to external Authzed/SpiceDB server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spicedb: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyDefaultsRulesAuthorizationCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Authorization by Kubernetes SubjectAccessReview +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReview { + /// Groups to check for existing permission in the Kubernetes RBAC alternatively to a specific user. This is typically obtained from a list of groups the user is a member of. Must be a static list of group names or dynamically resolve to one from the Authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationGroups")] + pub authorization_groups: Option, + /// Groups the user must be a member of or, if `user` is omitted, the groups to check for authorization in the Kubernetes RBAC. + /// Deprecated: Use authorizationGroups instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub groups: Option>, + /// Use resourceAttributes to check permissions on Kubernetes resources. + /// If omitted, it performs a non-resource SubjectAccessReview, with verb and path inferred from the request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] + pub resource_attributes: Option, + /// User to check for authorization in the Kubernetes RBAC. + /// Omit it to check for group authorization only. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// Groups to check for existing permission in the Kubernetes RBAC alternatively to a specific user. This is typically obtained from a list of groups the user is a member of. Must be a static list of group names or dynamically resolve to one from the Authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewAuthorizationGroups { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Use resourceAttributes to check permissions on Kubernetes resources. +/// If omitted, it performs a non-resource SubjectAccessReview, with verb and path inferred from the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributes { + /// API group of the resource. + /// Use '*' for all API groups. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Resource name + /// Omit it to check for authorization on all resources of the specified kind. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace where the user must have permissions on the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Resource kind + /// Use '*' for all resource kinds. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resource: Option, + /// Subresource kind + #[serde(default, skip_serializing_if = "Option::is_none")] + pub subresource: Option, + /// Verb to check for authorization on the resource. + /// Use '*' for all verbs. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verb: Option, +} + +/// API group of the resource. +/// Use '*' for all API groups. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesGroup { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Resource name +/// Omit it to check for authorization on all resources of the specified kind. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Namespace where the user must have permissions on the resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesNamespace { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Resource kind +/// Use '*' for all resource kinds. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesResource { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Subresource kind +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesSubresource { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Verb to check for authorization on the resource. +/// Use '*' for all verbs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesVerb { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// User to check for authorization in the Kubernetes RBAC. +/// Omit it to check for group authorization only. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationKubernetesSubjectAccessReviewUser { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Open Policy Agent (OPA) Rego policy. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpa { + /// Returns the value of all Rego rules in the virtual document. Values can be read in subsequent evaluators/phases of the Auth Pipeline. + /// Otherwise, only the default `allow` rule will be exposed. + /// Returning all Rego rules can affect performance of OPA policies during reconciliation (policy precompile) and at runtime. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allValues")] + pub all_values: Option, + /// Settings for fetching the OPA policy from an external registry. + /// Use it alternatively to 'rego'. + /// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', + /// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalPolicy")] + pub external_policy: Option, + /// Authorization policy as a Rego language document. + /// The Rego document must include the "allow" condition, set by Authorino to "false" by default (i.e. requests are unauthorized unless changed). + /// The Rego document must NOT include the "package" declaration in line 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rego: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicy { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicyOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationOpaExternalPolicySharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Pattern-matching authorization rules. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationPatternMatching { + pub patterns: Vec, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationPatternMatchingPatterns { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesAuthorizationPatternMatchingPatternsOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorization decision delegated to external Authzed/SpiceDB server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedb { + /// Hostname and port number to the GRPC interface of the SpiceDB server (e.g. spicedb:50051). + pub endpoint: String, + /// Insecure HTTP connection (i.e. disables TLS verification) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub insecure: Option, + /// The name of the permission (or relation) on which to execute the check. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub permission: Option, + /// The resource on which to check the permission or relation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resource: Option, + /// Reference to a Secret key whose value will be used by Authorino to authenticate with the Authzed service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// The subject that will be checked for the permission or relation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub subject: Option, +} + +/// The name of the permission (or relation) on which to execute the check. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbPermission { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// The resource on which to check the permission or relation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbResource { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbResourceKind { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbResourceName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Reference to a Secret key whose value will be used by Authorino to authenticate with the Authzed service. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// The subject that will be checked for the permission or relation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbSubject { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbSubjectKind { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationSpicedbSubjectName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesAuthorizationWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesAuthorizationWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Callback functions. +/// Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacks { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Settings of the external HTTP request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyDefaultsRulesCallbacksCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttp { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesCallbacksHttpContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesCallbacksHttpMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyDefaultsRulesCallbacksHttpOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksHttpSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesCallbacksWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesCallbacksWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Metadata sources. +/// Authorino fetches auth metadata as JSON from sources specified in this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadata { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// External source of auth metadata via HTTP request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// User-Managed Access (UMA) source of resource data. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uma: Option, + /// OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "userInfo")] + pub user_info: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyDefaultsRulesMetadataCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttp { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesMetadataHttpContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesMetadataHttpMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyDefaultsRulesMetadataHttpOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataHttpSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// User-Managed Access (UMA) source of resource data. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataUma { + /// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the resource registration API of the UMA server. + #[serde(rename = "credentialsRef")] + pub credentials_ref: AuthPolicyDefaultsRulesMetadataUmaCredentialsRef, + /// The endpoint of the UMA server. + /// The value must coincide with the "issuer" claim of the UMA config discovered from the well-known uma configuration endpoint. + pub endpoint: String, +} + +/// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the resource registration API of the UMA server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataUmaCredentialsRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataUserInfo { + /// The name of an OIDC-enabled JWT authentication config whose OpenID Connect configuration discovered includes the OIDC "userinfo_endpoint" claim. + #[serde(rename = "identitySource")] + pub identity_source: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesMetadataWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesMetadataWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Response items. +/// Authorino builds custom responses to the client of the auth request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponse { + /// Response items to be included in the auth response when the request is authenticated and authorized. + /// For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub success: Option, + /// Customizations on the denial status attributes when the request is unauthenticated. + /// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. + /// Default: 401 Unauthorized + #[serde(default, skip_serializing_if = "Option::is_none")] + pub unauthenticated: Option, + /// Customizations on the denial status attributes when the request is unauthorized. + /// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. + /// Default: 403 Forbidden + #[serde(default, skip_serializing_if = "Option::is_none")] + pub unauthorized: Option, +} + +/// Response items to be included in the auth response when the request is authenticated and authorized. +/// For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccess { + /// Custom data made available to other filters managed by Kuadrant (i.e. Rate Limit) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, + /// Custom headers to inject in the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, +} + +/// Custom data made available to other filters managed by Kuadrant (i.e. Rate Limit) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFilters { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// JSON object + /// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option, + /// The key used to add the custom response item (name of the HTTP header or root property of the Dynamic Metadata object). + /// If omitted, it will be set to the name of the response config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Plain text content + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authorino Festival Wristband token + #[serde(default, skip_serializing_if = "Option::is_none")] + pub wristband: Option, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyDefaultsRulesResponseSuccessFiltersCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// JSON object +/// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersJson { + pub properties: BTreeMap, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersJsonProperties { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Plain text content +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesResponseSuccessFiltersWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorino Festival Wristband token +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersWristband { + /// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customClaims")] + pub custom_claims: Option>, + /// The endpoint to the Authorino service that issues the wristband (format: ://:/, where = /, + /// Time span of the wristband token, in seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenDuration")] + pub token_duration: Option, +} + +/// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersWristbandCustomClaims { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessFiltersWristbandSigningKeyRefs { + /// Algorithm to sign the wristband token using the signing key provided + pub algorithm: AuthPolicyDefaultsRulesResponseSuccessFiltersWristbandSigningKeyRefsAlgorithm, + /// Name of the signing key. + /// The value is used to reference the Kubernetes secret that stores the key and in the `kid` claim of the wristband token header. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesResponseSuccessFiltersWristbandSigningKeyRefsAlgorithm { + #[serde(rename = "ES256")] + Es256, + #[serde(rename = "ES384")] + Es384, + #[serde(rename = "ES512")] + Es512, + #[serde(rename = "RS256")] + Rs256, + #[serde(rename = "RS384")] + Rs384, + #[serde(rename = "RS512")] + Rs512, +} + +/// Custom headers to inject in the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeaders { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// JSON object + /// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option, + /// The key used to add the custom response item (name of the HTTP header or root property of the Dynamic Metadata object). + /// If omitted, it will be set to the name of the response config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Plain text content + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authorino Festival Wristband token + #[serde(default, skip_serializing_if = "Option::is_none")] + pub wristband: Option, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyDefaultsRulesResponseSuccessHeadersCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// JSON object +/// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersJson { + pub properties: BTreeMap, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersJsonProperties { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Plain text content +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesResponseSuccessHeadersWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorino Festival Wristband token +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersWristband { + /// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customClaims")] + pub custom_claims: Option>, + /// The endpoint to the Authorino service that issues the wristband (format: ://:/, where = /, + /// Time span of the wristband token, in seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenDuration")] + pub token_duration: Option, +} + +/// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersWristbandCustomClaims { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseSuccessHeadersWristbandSigningKeyRefs { + /// Algorithm to sign the wristband token using the signing key provided + pub algorithm: AuthPolicyDefaultsRulesResponseSuccessHeadersWristbandSigningKeyRefsAlgorithm, + /// Name of the signing key. + /// The value is used to reference the Kubernetes secret that stores the key and in the `kid` claim of the wristband token header. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsRulesResponseSuccessHeadersWristbandSigningKeyRefsAlgorithm { + #[serde(rename = "ES256")] + Es256, + #[serde(rename = "ES384")] + Es384, + #[serde(rename = "ES512")] + Es512, + #[serde(rename = "RS256")] + Rs256, + #[serde(rename = "RS384")] + Rs384, + #[serde(rename = "RS512")] + Rs512, +} + +/// Customizations on the denial status attributes when the request is unauthenticated. +/// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. +/// Default: 401 Unauthorized +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthenticated { + /// HTTP response body to override the default denial body. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// HTTP status code to override the default denial status code. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub code: Option, + /// HTTP response headers to override the default denial headers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP message to override the default denial message. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, +} + +/// HTTP response body to override the default denial body. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthenticatedBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP response headers to override the default denial headers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthenticatedHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP message to override the default denial message. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthenticatedMessage { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Customizations on the denial status attributes when the request is unauthorized. +/// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. +/// Default: 403 Forbidden +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthorized { + /// HTTP response body to override the default denial body. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// HTTP status code to override the default denial status code. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub code: Option, + /// HTTP response headers to override the default denial headers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP message to override the default denial message. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, +} + +/// HTTP response body to override the default denial body. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthorizedBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP response headers to override the default denial headers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthorizedHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP message to override the default denial message. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsRulesResponseUnauthorizedMessage { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyDefaultsStrategy { + #[serde(rename = "atomic")] + Atomic, + #[serde(rename = "merge")] + Merge, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyDefaultsWhen { + pub predicate: String, +} + +/// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverrides { + /// Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub patterns: Option>, + /// The auth rules of the policy. + /// See Authorino's AuthConfig CRD for more details. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option, + /// Strategy defines the merge strategy to apply when merging this policy with other policies. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub strategy: Option, + /// Overall conditions for the policy to be enforced. + /// If omitted, the policy will be enforced at all requests to the protected routes. + /// If present, all conditions must match for the policy to be enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesPatterns { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allOf")] + pub all_of: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesPatternsAllOf { + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesPatternsAllOfOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// The auth rules of the policy. +/// See Authorino's AuthConfig CRD for more details. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRules { + /// Authentication configs. + /// At least one config MUST evaluate to a valid identity object for the auth request to be successful. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authentication: Option>, + /// Authorization policies. + /// All policies MUST evaluate to "allowed = true" for the auth request be successful. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option>, + /// Callback functions. + /// Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub callbacks: Option>, + /// Metadata sources. + /// Authorino fetches auth metadata as JSON from sources specified in this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option>, + /// Response items. + /// Authorino builds custom responses to the client of the auth request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub response: Option, +} + +/// Authentication configs. +/// At least one config MUST evaluate to a valid identity object for the auth request to be successful. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthentication { + /// Anonymous access. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub anonymous: Option, + /// Authentication based on API keys stored in Kubernetes secrets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] + pub api_key: Option, + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Defines where credentials are required to be passed in the request for authentication based on this config. + /// If omitted, it defaults to credentials passed in the HTTP Authorization header and the "Bearer" prefix prepended to the secret credential value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Set default property values (claims) for the resolved identity object, that are set before appending the object to + /// the authorization JSON. If the property is already present in the resolved identity object, the default value is ignored. + /// It requires the resolved identity object to always be a JSON object. + /// Do not use this option with identity objects of other JSON types (array, string, etc). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub defaults: Option>, + /// Authentication based on JWT tokens. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub jwt: Option, + /// Authentication by Kubernetes token review. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesTokenReview")] + pub kubernetes_token_review: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Authentication by OAuth2 token introspection. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "oauth2Introspection")] + pub oauth2_introspection: Option, + /// Overrides the resolved identity object by setting the additional properties (claims) specified in this config, + /// before appending the object to the authorization JSON. + /// It requires the resolved identity object to always be a JSON object. + /// Do not use this option with identity objects of other JSON types (array, string, etc). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub overrides: Option>, + /// Identity object extracted from the context. + /// Use this method when authentication is performed beforehand by a proxy and the resulting object passed to Authorino as JSON in the auth request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authentication based on client X.509 certificates. + /// The certificates presented by the clients must be signed by a trusted CA whose certificates are stored in Kubernetes secrets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub x509: Option, +} + +/// Anonymous access. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationAnonymous { +} + +/// Authentication based on API keys stored in Kubernetes secrets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationApiKey { + /// Whether Authorino should look for API key secrets in all namespaces or only in the same namespace as the AuthConfig. + /// Enabling this option in namespaced Authorino instances has no effect. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allNamespaces")] + pub all_namespaces: Option, + /// Label selector used by Authorino to match secrets from the cluster storing valid credentials to authenticate to this service + pub selector: AuthPolicyOverridesRulesAuthenticationApiKeySelector, +} + +/// Label selector used by Authorino to match secrets from the cluster storing valid credentials to authenticate to this service +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationApiKeySelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationApiKeySelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyOverridesRulesAuthenticationCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Defines where credentials are required to be passed in the request for authentication based on this config. +/// If omitted, it defaults to credentials passed in the HTTP Authorization header and the "Bearer" prefix prepended to the secret credential value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationCredentialsQueryString { + pub name: String, +} + +/// Set default property values (claims) for the resolved identity object, that are set before appending the object to +/// the authorization JSON. If the property is already present in the resolved identity object, the default value is ignored. +/// It requires the resolved identity object to always be a JSON object. +/// Do not use this option with identity objects of other JSON types (array, string, etc). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationDefaults { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Authentication based on JWT tokens. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationJwt { + /// URL of the issuer of the JWT. + /// If `jwksUrl` is omitted, Authorino will append the path to the OpenID Connect Well-Known Discovery endpoint + /// (i.e. "/.well-known/openid-configuration") to this URL, to discover the OIDC configuration where to obtain + /// the "jkws_uri" claim from. + /// The value must coincide with the value of the "iss" (issuer) claim of the discovered OpenID Connect configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "issuerUrl")] + pub issuer_url: Option, + /// Decides how long to wait before refreshing the JWKS (in seconds). + /// If omitted, Authorino will never refresh the JWKS. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Authentication by Kubernetes token review. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationKubernetesTokenReview { + /// The list of audiences (scopes) that must be claimed in a Kubernetes authentication token supplied in the request, and reviewed by Authorino. + /// If omitted, Authorino will review tokens expecting the host name of the requested protected service amongst the audiences. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, +} + +/// Authentication by OAuth2 token introspection. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationOauth2Introspection { + /// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the OAuth2 server. + #[serde(rename = "credentialsRef")] + pub credentials_ref: AuthPolicyOverridesRulesAuthenticationOauth2IntrospectionCredentialsRef, + /// The full URL of the token introspection endpoint. + pub endpoint: String, + /// The token type hint for the token introspection. + /// If omitted, it defaults to "access_token". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenTypeHint")] + pub token_type_hint: Option, +} + +/// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the OAuth2 server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationOauth2IntrospectionCredentialsRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Overrides the resolved identity object by setting the additional properties (claims) specified in this config, +/// before appending the object to the authorization JSON. +/// It requires the resolved identity object to always be a JSON object. +/// Do not use this option with identity objects of other JSON types (array, string, etc). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationOverrides { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Identity object extracted from the context. +/// Use this method when authentication is performed beforehand by a proxy and the resulting object passed to Authorino as JSON in the auth request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value that represents an identity. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesAuthenticationWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authentication based on client X.509 certificates. +/// The certificates presented by the clients must be signed by a trusted CA whose certificates are stored in Kubernetes secrets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationX509 { + /// Whether Authorino should look for TLS secrets in all namespaces or only in the same namespace as the AuthConfig. + /// Enabling this option in namespaced Authorino instances has no effect. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allNamespaces")] + pub all_namespaces: Option, + /// Label selector used by Authorino to match secrets from the cluster storing trusted CA certificates to validate + /// clients trying to authenticate to this service + pub selector: AuthPolicyOverridesRulesAuthenticationX509Selector, +} + +/// Label selector used by Authorino to match secrets from the cluster storing trusted CA certificates to validate +/// clients trying to authenticate to this service +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationX509Selector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthenticationX509SelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Authorization policies. +/// All policies MUST evaluate to "allowed = true" for the auth request be successful. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorization { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Authorization by Kubernetes SubjectAccessReview + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesSubjectAccessReview")] + pub kubernetes_subject_access_review: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Open Policy Agent (OPA) Rego policy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub opa: Option, + /// Pattern-matching authorization rules. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternMatching")] + pub pattern_matching: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Authorization decision delegated to external Authzed/SpiceDB server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spicedb: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyOverridesRulesAuthorizationCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Authorization by Kubernetes SubjectAccessReview +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReview { + /// Groups to check for existing permission in the Kubernetes RBAC alternatively to a specific user. This is typically obtained from a list of groups the user is a member of. Must be a static list of group names or dynamically resolve to one from the Authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationGroups")] + pub authorization_groups: Option, + /// Groups the user must be a member of or, if `user` is omitted, the groups to check for authorization in the Kubernetes RBAC. + /// Deprecated: Use authorizationGroups instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub groups: Option>, + /// Use resourceAttributes to check permissions on Kubernetes resources. + /// If omitted, it performs a non-resource SubjectAccessReview, with verb and path inferred from the request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] + pub resource_attributes: Option, + /// User to check for authorization in the Kubernetes RBAC. + /// Omit it to check for group authorization only. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// Groups to check for existing permission in the Kubernetes RBAC alternatively to a specific user. This is typically obtained from a list of groups the user is a member of. Must be a static list of group names or dynamically resolve to one from the Authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewAuthorizationGroups { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Use resourceAttributes to check permissions on Kubernetes resources. +/// If omitted, it performs a non-resource SubjectAccessReview, with verb and path inferred from the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributes { + /// API group of the resource. + /// Use '*' for all API groups. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Resource name + /// Omit it to check for authorization on all resources of the specified kind. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace where the user must have permissions on the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Resource kind + /// Use '*' for all resource kinds. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resource: Option, + /// Subresource kind + #[serde(default, skip_serializing_if = "Option::is_none")] + pub subresource: Option, + /// Verb to check for authorization on the resource. + /// Use '*' for all verbs. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verb: Option, +} + +/// API group of the resource. +/// Use '*' for all API groups. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesGroup { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Resource name +/// Omit it to check for authorization on all resources of the specified kind. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Namespace where the user must have permissions on the resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesNamespace { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Resource kind +/// Use '*' for all resource kinds. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesResource { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Subresource kind +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesSubresource { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Verb to check for authorization on the resource. +/// Use '*' for all verbs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesVerb { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// User to check for authorization in the Kubernetes RBAC. +/// Omit it to check for group authorization only. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationKubernetesSubjectAccessReviewUser { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Open Policy Agent (OPA) Rego policy. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpa { + /// Returns the value of all Rego rules in the virtual document. Values can be read in subsequent evaluators/phases of the Auth Pipeline. + /// Otherwise, only the default `allow` rule will be exposed. + /// Returning all Rego rules can affect performance of OPA policies during reconciliation (policy precompile) and at runtime. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allValues")] + pub all_values: Option, + /// Settings for fetching the OPA policy from an external registry. + /// Use it alternatively to 'rego'. + /// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', + /// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalPolicy")] + pub external_policy: Option, + /// Authorization policy as a Rego language document. + /// The Rego document must include the "allow" condition, set by Authorino to "false" by default (i.e. requests are unauthorized unless changed). + /// The Rego document must NOT include the "package" declaration in line 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rego: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicy { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicyOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationOpaExternalPolicySharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Pattern-matching authorization rules. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationPatternMatching { + pub patterns: Vec, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationPatternMatchingPatterns { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesAuthorizationPatternMatchingPatternsOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorization decision delegated to external Authzed/SpiceDB server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedb { + /// Hostname and port number to the GRPC interface of the SpiceDB server (e.g. spicedb:50051). + pub endpoint: String, + /// Insecure HTTP connection (i.e. disables TLS verification) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub insecure: Option, + /// The name of the permission (or relation) on which to execute the check. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub permission: Option, + /// The resource on which to check the permission or relation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resource: Option, + /// Reference to a Secret key whose value will be used by Authorino to authenticate with the Authzed service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// The subject that will be checked for the permission or relation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub subject: Option, +} + +/// The name of the permission (or relation) on which to execute the check. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbPermission { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// The resource on which to check the permission or relation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbResource { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbResourceKind { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbResourceName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Reference to a Secret key whose value will be used by Authorino to authenticate with the Authzed service. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// The subject that will be checked for the permission or relation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbSubject { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbSubjectKind { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationSpicedbSubjectName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesAuthorizationWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesAuthorizationWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Callback functions. +/// Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacks { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Settings of the external HTTP request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyOverridesRulesCallbacksCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttp { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesCallbacksHttpContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesCallbacksHttpMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyOverridesRulesCallbacksHttpOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksHttpSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesCallbacksWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesCallbacksWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Metadata sources. +/// Authorino fetches auth metadata as JSON from sources specified in this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadata { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// External source of auth metadata via HTTP request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// User-Managed Access (UMA) source of resource data. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uma: Option, + /// OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "userInfo")] + pub user_info: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyOverridesRulesMetadataCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttp { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesMetadataHttpContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesMetadataHttpMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyOverridesRulesMetadataHttpOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataHttpSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// User-Managed Access (UMA) source of resource data. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataUma { + /// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the resource registration API of the UMA server. + #[serde(rename = "credentialsRef")] + pub credentials_ref: AuthPolicyOverridesRulesMetadataUmaCredentialsRef, + /// The endpoint of the UMA server. + /// The value must coincide with the "issuer" claim of the UMA config discovered from the well-known uma configuration endpoint. + pub endpoint: String, +} + +/// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the resource registration API of the UMA server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataUmaCredentialsRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataUserInfo { + /// The name of an OIDC-enabled JWT authentication config whose OpenID Connect configuration discovered includes the OIDC "userinfo_endpoint" claim. + #[serde(rename = "identitySource")] + pub identity_source: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesMetadataWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesMetadataWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Response items. +/// Authorino builds custom responses to the client of the auth request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponse { + /// Response items to be included in the auth response when the request is authenticated and authorized. + /// For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub success: Option, + /// Customizations on the denial status attributes when the request is unauthenticated. + /// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. + /// Default: 401 Unauthorized + #[serde(default, skip_serializing_if = "Option::is_none")] + pub unauthenticated: Option, + /// Customizations on the denial status attributes when the request is unauthorized. + /// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. + /// Default: 403 Forbidden + #[serde(default, skip_serializing_if = "Option::is_none")] + pub unauthorized: Option, +} + +/// Response items to be included in the auth response when the request is authenticated and authorized. +/// For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccess { + /// Custom data made available to other filters managed by Kuadrant (i.e. Rate Limit) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, + /// Custom headers to inject in the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, +} + +/// Custom data made available to other filters managed by Kuadrant (i.e. Rate Limit) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFilters { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// JSON object + /// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option, + /// The key used to add the custom response item (name of the HTTP header or root property of the Dynamic Metadata object). + /// If omitted, it will be set to the name of the response config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Plain text content + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authorino Festival Wristband token + #[serde(default, skip_serializing_if = "Option::is_none")] + pub wristband: Option, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyOverridesRulesResponseSuccessFiltersCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// JSON object +/// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersJson { + pub properties: BTreeMap, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersJsonProperties { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Plain text content +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesResponseSuccessFiltersWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorino Festival Wristband token +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersWristband { + /// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customClaims")] + pub custom_claims: Option>, + /// The endpoint to the Authorino service that issues the wristband (format: ://:/, where = /, + /// Time span of the wristband token, in seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenDuration")] + pub token_duration: Option, +} + +/// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersWristbandCustomClaims { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessFiltersWristbandSigningKeyRefs { + /// Algorithm to sign the wristband token using the signing key provided + pub algorithm: AuthPolicyOverridesRulesResponseSuccessFiltersWristbandSigningKeyRefsAlgorithm, + /// Name of the signing key. + /// The value is used to reference the Kubernetes secret that stores the key and in the `kid` claim of the wristband token header. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesResponseSuccessFiltersWristbandSigningKeyRefsAlgorithm { + #[serde(rename = "ES256")] + Es256, + #[serde(rename = "ES384")] + Es384, + #[serde(rename = "ES512")] + Es512, + #[serde(rename = "RS256")] + Rs256, + #[serde(rename = "RS384")] + Rs384, + #[serde(rename = "RS512")] + Rs512, +} + +/// Custom headers to inject in the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeaders { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// JSON object + /// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option, + /// The key used to add the custom response item (name of the HTTP header or root property of the Dynamic Metadata object). + /// If omitted, it will be set to the name of the response config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Plain text content + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authorino Festival Wristband token + #[serde(default, skip_serializing_if = "Option::is_none")] + pub wristband: Option, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyOverridesRulesResponseSuccessHeadersCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// JSON object +/// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersJson { + pub properties: BTreeMap, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersJsonProperties { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Plain text content +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesResponseSuccessHeadersWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorino Festival Wristband token +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersWristband { + /// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customClaims")] + pub custom_claims: Option>, + /// The endpoint to the Authorino service that issues the wristband (format: ://:/, where = /, + /// Time span of the wristband token, in seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenDuration")] + pub token_duration: Option, +} + +/// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersWristbandCustomClaims { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseSuccessHeadersWristbandSigningKeyRefs { + /// Algorithm to sign the wristband token using the signing key provided + pub algorithm: AuthPolicyOverridesRulesResponseSuccessHeadersWristbandSigningKeyRefsAlgorithm, + /// Name of the signing key. + /// The value is used to reference the Kubernetes secret that stores the key and in the `kid` claim of the wristband token header. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesRulesResponseSuccessHeadersWristbandSigningKeyRefsAlgorithm { + #[serde(rename = "ES256")] + Es256, + #[serde(rename = "ES384")] + Es384, + #[serde(rename = "ES512")] + Es512, + #[serde(rename = "RS256")] + Rs256, + #[serde(rename = "RS384")] + Rs384, + #[serde(rename = "RS512")] + Rs512, +} + +/// Customizations on the denial status attributes when the request is unauthenticated. +/// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. +/// Default: 401 Unauthorized +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthenticated { + /// HTTP response body to override the default denial body. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// HTTP status code to override the default denial status code. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub code: Option, + /// HTTP response headers to override the default denial headers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP message to override the default denial message. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, +} + +/// HTTP response body to override the default denial body. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthenticatedBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP response headers to override the default denial headers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthenticatedHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP message to override the default denial message. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthenticatedMessage { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Customizations on the denial status attributes when the request is unauthorized. +/// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. +/// Default: 403 Forbidden +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthorized { + /// HTTP response body to override the default denial body. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// HTTP status code to override the default denial status code. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub code: Option, + /// HTTP response headers to override the default denial headers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP message to override the default denial message. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, +} + +/// HTTP response body to override the default denial body. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthorizedBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP response headers to override the default denial headers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthorizedHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP message to override the default denial message. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesRulesResponseUnauthorizedMessage { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyOverridesStrategy { + #[serde(rename = "atomic")] + Atomic, + #[serde(rename = "merge")] + Merge, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyOverridesWhen { + pub predicate: String, +} + +/// Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyPatterns { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allOf")] + pub all_of: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyPatternsAllOf { + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyPatternsAllOfOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// The auth rules of the policy. +/// See Authorino's AuthConfig CRD for more details. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRules { + /// Authentication configs. + /// At least one config MUST evaluate to a valid identity object for the auth request to be successful. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authentication: Option>, + /// Authorization policies. + /// All policies MUST evaluate to "allowed = true" for the auth request be successful. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option>, + /// Callback functions. + /// Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub callbacks: Option>, + /// Metadata sources. + /// Authorino fetches auth metadata as JSON from sources specified in this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option>, + /// Response items. + /// Authorino builds custom responses to the client of the auth request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub response: Option, +} + +/// Authentication configs. +/// At least one config MUST evaluate to a valid identity object for the auth request to be successful. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthentication { + /// Anonymous access. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub anonymous: Option, + /// Authentication based on API keys stored in Kubernetes secrets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] + pub api_key: Option, + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Defines where credentials are required to be passed in the request for authentication based on this config. + /// If omitted, it defaults to credentials passed in the HTTP Authorization header and the "Bearer" prefix prepended to the secret credential value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Set default property values (claims) for the resolved identity object, that are set before appending the object to + /// the authorization JSON. If the property is already present in the resolved identity object, the default value is ignored. + /// It requires the resolved identity object to always be a JSON object. + /// Do not use this option with identity objects of other JSON types (array, string, etc). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub defaults: Option>, + /// Authentication based on JWT tokens. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub jwt: Option, + /// Authentication by Kubernetes token review. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesTokenReview")] + pub kubernetes_token_review: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Authentication by OAuth2 token introspection. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "oauth2Introspection")] + pub oauth2_introspection: Option, + /// Overrides the resolved identity object by setting the additional properties (claims) specified in this config, + /// before appending the object to the authorization JSON. + /// It requires the resolved identity object to always be a JSON object. + /// Do not use this option with identity objects of other JSON types (array, string, etc). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub overrides: Option>, + /// Identity object extracted from the context. + /// Use this method when authentication is performed beforehand by a proxy and the resulting object passed to Authorino as JSON in the auth request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authentication based on client X.509 certificates. + /// The certificates presented by the clients must be signed by a trusted CA whose certificates are stored in Kubernetes secrets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub x509: Option, +} + +/// Anonymous access. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationAnonymous { +} + +/// Authentication based on API keys stored in Kubernetes secrets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationApiKey { + /// Whether Authorino should look for API key secrets in all namespaces or only in the same namespace as the AuthConfig. + /// Enabling this option in namespaced Authorino instances has no effect. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allNamespaces")] + pub all_namespaces: Option, + /// Label selector used by Authorino to match secrets from the cluster storing valid credentials to authenticate to this service + pub selector: AuthPolicyRulesAuthenticationApiKeySelector, +} + +/// Label selector used by Authorino to match secrets from the cluster storing valid credentials to authenticate to this service +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationApiKeySelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationApiKeySelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyRulesAuthenticationCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Defines where credentials are required to be passed in the request for authentication based on this config. +/// If omitted, it defaults to credentials passed in the HTTP Authorization header and the "Bearer" prefix prepended to the secret credential value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationCredentialsQueryString { + pub name: String, +} + +/// Set default property values (claims) for the resolved identity object, that are set before appending the object to +/// the authorization JSON. If the property is already present in the resolved identity object, the default value is ignored. +/// It requires the resolved identity object to always be a JSON object. +/// Do not use this option with identity objects of other JSON types (array, string, etc). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationDefaults { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Authentication based on JWT tokens. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationJwt { + /// URL of the issuer of the JWT. + /// If `jwksUrl` is omitted, Authorino will append the path to the OpenID Connect Well-Known Discovery endpoint + /// (i.e. "/.well-known/openid-configuration") to this URL, to discover the OIDC configuration where to obtain + /// the "jkws_uri" claim from. + /// The value must coincide with the value of the "iss" (issuer) claim of the discovered OpenID Connect configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "issuerUrl")] + pub issuer_url: Option, + /// Decides how long to wait before refreshing the JWKS (in seconds). + /// If omitted, Authorino will never refresh the JWKS. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Authentication by Kubernetes token review. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationKubernetesTokenReview { + /// The list of audiences (scopes) that must be claimed in a Kubernetes authentication token supplied in the request, and reviewed by Authorino. + /// If omitted, Authorino will review tokens expecting the host name of the requested protected service amongst the audiences. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub audiences: Option>, +} + +/// Authentication by OAuth2 token introspection. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationOauth2Introspection { + /// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the OAuth2 server. + #[serde(rename = "credentialsRef")] + pub credentials_ref: AuthPolicyRulesAuthenticationOauth2IntrospectionCredentialsRef, + /// The full URL of the token introspection endpoint. + pub endpoint: String, + /// The token type hint for the token introspection. + /// If omitted, it defaults to "access_token". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenTypeHint")] + pub token_type_hint: Option, +} + +/// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the OAuth2 server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationOauth2IntrospectionCredentialsRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// Overrides the resolved identity object by setting the additional properties (claims) specified in this config, +/// before appending the object to the authorization JSON. +/// It requires the resolved identity object to always be a JSON object. +/// Do not use this option with identity objects of other JSON types (array, string, etc). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationOverrides { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Identity object extracted from the context. +/// Use this method when authentication is performed beforehand by a proxy and the resulting object passed to Authorino as JSON in the auth request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value that represents an identity. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesAuthenticationWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authentication based on client X.509 certificates. +/// The certificates presented by the clients must be signed by a trusted CA whose certificates are stored in Kubernetes secrets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationX509 { + /// Whether Authorino should look for TLS secrets in all namespaces or only in the same namespace as the AuthConfig. + /// Enabling this option in namespaced Authorino instances has no effect. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allNamespaces")] + pub all_namespaces: Option, + /// Label selector used by Authorino to match secrets from the cluster storing trusted CA certificates to validate + /// clients trying to authenticate to this service + pub selector: AuthPolicyRulesAuthenticationX509Selector, +} + +/// Label selector used by Authorino to match secrets from the cluster storing trusted CA certificates to validate +/// clients trying to authenticate to this service +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationX509Selector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthenticationX509SelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Authorization policies. +/// All policies MUST evaluate to "allowed = true" for the auth request be successful. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorization { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Authorization by Kubernetes SubjectAccessReview + #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesSubjectAccessReview")] + pub kubernetes_subject_access_review: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Open Policy Agent (OPA) Rego policy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub opa: Option, + /// Pattern-matching authorization rules. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternMatching")] + pub pattern_matching: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Authorization decision delegated to external Authzed/SpiceDB server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spicedb: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyRulesAuthorizationCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Authorization by Kubernetes SubjectAccessReview +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReview { + /// Groups to check for existing permission in the Kubernetes RBAC alternatively to a specific user. This is typically obtained from a list of groups the user is a member of. Must be a static list of group names or dynamically resolve to one from the Authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationGroups")] + pub authorization_groups: Option, + /// Groups the user must be a member of or, if `user` is omitted, the groups to check for authorization in the Kubernetes RBAC. + /// Deprecated: Use authorizationGroups instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub groups: Option>, + /// Use resourceAttributes to check permissions on Kubernetes resources. + /// If omitted, it performs a non-resource SubjectAccessReview, with verb and path inferred from the request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] + pub resource_attributes: Option, + /// User to check for authorization in the Kubernetes RBAC. + /// Omit it to check for group authorization only. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// Groups to check for existing permission in the Kubernetes RBAC alternatively to a specific user. This is typically obtained from a list of groups the user is a member of. Must be a static list of group names or dynamically resolve to one from the Authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewAuthorizationGroups { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Use resourceAttributes to check permissions on Kubernetes resources. +/// If omitted, it performs a non-resource SubjectAccessReview, with verb and path inferred from the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributes { + /// API group of the resource. + /// Use '*' for all API groups. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Resource name + /// Omit it to check for authorization on all resources of the specified kind. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace where the user must have permissions on the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Resource kind + /// Use '*' for all resource kinds. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resource: Option, + /// Subresource kind + #[serde(default, skip_serializing_if = "Option::is_none")] + pub subresource: Option, + /// Verb to check for authorization on the resource. + /// Use '*' for all verbs. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub verb: Option, +} + +/// API group of the resource. +/// Use '*' for all API groups. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesGroup { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Resource name +/// Omit it to check for authorization on all resources of the specified kind. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Namespace where the user must have permissions on the resource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesNamespace { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Resource kind +/// Use '*' for all resource kinds. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesResource { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Subresource kind +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesSubresource { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Verb to check for authorization on the resource. +/// Use '*' for all verbs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewResourceAttributesVerb { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// User to check for authorization in the Kubernetes RBAC. +/// Omit it to check for group authorization only. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationKubernetesSubjectAccessReviewUser { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Open Policy Agent (OPA) Rego policy. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpa { + /// Returns the value of all Rego rules in the virtual document. Values can be read in subsequent evaluators/phases of the Auth Pipeline. + /// Otherwise, only the default `allow` rule will be exposed. + /// Returning all Rego rules can affect performance of OPA policies during reconciliation (policy precompile) and at runtime. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allValues")] + pub all_values: Option, + /// Settings for fetching the OPA policy from an external registry. + /// Use it alternatively to 'rego'. + /// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', + /// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalPolicy")] + pub external_policy: Option, + /// Authorization policy as a Rego language document. + /// The Rego document must include the "allow" condition, set by Authorino to "false" by default (i.e. requests are unauthorized unless changed). + /// The Rego document must NOT include the "package" declaration in line 1. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rego: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicy { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesAuthorizationOpaExternalPolicyContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings for fetching the OPA policy from an external registry. +/// Use it alternatively to 'rego'. +/// For the configurations of the HTTP request, the following options are not implemented: 'method', 'body', 'bodyParameters', +/// 'contentType', 'headers', 'oauth2'. Use it only with: 'url', 'sharedSecret', 'credentials'. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesAuthorizationOpaExternalPolicyMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyRulesAuthorizationOpaExternalPolicyOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicyOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationOpaExternalPolicySharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Pattern-matching authorization rules. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationPatternMatching { + pub patterns: Vec, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationPatternMatchingPatterns { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesAuthorizationPatternMatchingPatternsOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorization decision delegated to external Authzed/SpiceDB server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedb { + /// Hostname and port number to the GRPC interface of the SpiceDB server (e.g. spicedb:50051). + pub endpoint: String, + /// Insecure HTTP connection (i.e. disables TLS verification) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub insecure: Option, + /// The name of the permission (or relation) on which to execute the check. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub permission: Option, + /// The resource on which to check the permission or relation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resource: Option, + /// Reference to a Secret key whose value will be used by Authorino to authenticate with the Authzed service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// The subject that will be checked for the permission or relation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub subject: Option, +} + +/// The name of the permission (or relation) on which to execute the check. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbPermission { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// The resource on which to check the permission or relation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbResource { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbResourceKind { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbResourceName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Reference to a Secret key whose value will be used by Authorino to authenticate with the Authzed service. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// The subject that will be checked for the permission or relation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbSubject { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbSubjectKind { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationSpicedbSubjectName { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesAuthorizationWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesAuthorizationWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Callback functions. +/// Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacks { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// Settings of the external HTTP request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyRulesCallbacksCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttp { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesCallbacksHttpContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Settings of the external HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesCallbacksHttpMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyRulesCallbacksHttpOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksHttpSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesCallbacksWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesCallbacksWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Metadata sources. +/// Authorino fetches auth metadata as JSON from sources specified in this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadata { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// External source of auth metadata via HTTP request + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// User-Managed Access (UMA) source of resource data. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uma: Option, + /// OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "userInfo")] + pub user_info: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyRulesMetadataCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttp { + /// Raw body of the HTTP request. + /// Supersedes 'bodyParameters'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Custom parameters to encode in the body of the HTTP request. + /// Superseded by 'body'; use either one or the other. + /// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodyParameters")] + pub body_parameters: Option>, + /// Content-Type of the request body. Shapes how 'bodyParameters' are encoded. + /// Use it with method=POST; for GET requests, Content-Type is automatically set to 'text/plain'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "contentType")] + pub content_type: Option, + /// Defines where client credentials will be passed in the request to the service. + /// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Custom headers in the HTTP request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP verb used in the request to the service. Accepted values: GET (default), POST. + /// When the request method is POST, the authorization JSON is passed in the body of the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub method: Option, + /// Authentication with the HTTP service by OAuth2 Client Credentials grant. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// Reference to a Secret key whose value will be passed by Authorino in the request. + /// The HTTP service can use the shared secret to authenticate the origin of the request. + /// Ignored if used together with oauth2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharedSecretRef")] + pub shared_secret_ref: Option, + /// Endpoint URL of the HTTP service. + /// The value can include variable placeholders in the format "{selector}", where "selector" is any pattern supported + /// by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. + /// E.g. https://ext-auth-server.io/metadata?p={request.path} + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// A Common Expression Language (CEL) expression that evaluates to a string endpoint URL of the HTTP service to call. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlExpression")] + pub url_expression: Option, +} + +/// Raw body of the HTTP request. +/// Supersedes 'bodyParameters'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Custom parameters to encode in the body of the HTTP request. +/// Superseded by 'body'; use either one or the other. +/// Use it with method=POST; for GET requests, set parameters as query string in the 'endpoint' (placeholders can be used). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpBodyParameters { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesMetadataHttpContentType { + #[serde(rename = "application/x-www-form-urlencoded")] + ApplicationXWwwFormUrlencoded, + #[serde(rename = "application/json")] + ApplicationJson, +} + +/// Defines where client credentials will be passed in the request to the service. +/// If omitted, it defaults to client credentials passed in the HTTP Authorization header and the "Bearer" prefix expected prepended to the secret value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpCredentials { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationHeader")] + pub authorization_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cookie: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHeader")] + pub custom_header: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryString")] + pub query_string: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpCredentialsAuthorizationHeader { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub prefix: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpCredentialsCookie { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpCredentialsCustomHeader { + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpCredentialsQueryString { + pub name: String, +} + +/// Custom headers in the HTTP request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// External source of auth metadata via HTTP request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesMetadataHttpMethod { + #[serde(rename = "GET")] + Get, + #[serde(rename = "POST")] + Post, + #[serde(rename = "PUT")] + Put, + #[serde(rename = "PATCH")] + Patch, + #[serde(rename = "DELETE")] + Delete, + #[serde(rename = "HEAD")] + Head, + #[serde(rename = "OPTIONS")] + Options, + #[serde(rename = "CONNECT")] + Connect, + #[serde(rename = "TRACE")] + Trace, +} + +/// Authentication with the HTTP service by OAuth2 Client Credentials grant. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpOauth2 { + /// Caches and reuses the token until expired. + /// Set it to false to force fetch the token at every authorization request regardless of expiration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// OAuth2 Client ID. + #[serde(rename = "clientId")] + pub client_id: String, + /// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. + #[serde(rename = "clientSecretRef")] + pub client_secret_ref: AuthPolicyRulesMetadataHttpOauth2ClientSecretRef, + /// Optional extra parameters for the requests to the token URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "extraParams")] + pub extra_params: Option>, + /// Optional scopes for the client credentials grant, if supported by he OAuth2 server. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// Token endpoint URL of the OAuth2 resource server. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// Reference to a Kuberentes Secret key that stores that OAuth2 Client Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpOauth2ClientSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// Reference to a Secret key whose value will be passed by Authorino in the request. +/// The HTTP service can use the shared secret to authenticate the origin of the request. +/// Ignored if used together with oauth2. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataHttpSharedSecretRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the Authorino's namespace to select from. + pub name: String, +} + +/// User-Managed Access (UMA) source of resource data. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataUma { + /// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the resource registration API of the UMA server. + #[serde(rename = "credentialsRef")] + pub credentials_ref: AuthPolicyRulesMetadataUmaCredentialsRef, + /// The endpoint of the UMA server. + /// The value must coincide with the "issuer" claim of the UMA config discovered from the well-known uma configuration endpoint. + pub endpoint: String, +} + +/// Reference to a Kubernetes secret in the same namespace, that stores client credentials to the resource registration API of the UMA server. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataUmaCredentialsRef { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataUserInfo { + /// The name of an OIDC-enabled JWT authentication config whose OpenID Connect configuration discovered includes the OIDC "userinfo_endpoint" claim. + #[serde(rename = "identitySource")] + pub identity_source: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesMetadataWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesMetadataWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Response items. +/// Authorino builds custom responses to the client of the auth request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponse { + /// Response items to be included in the auth response when the request is authenticated and authorized. + /// For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub success: Option, + /// Customizations on the denial status attributes when the request is unauthenticated. + /// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. + /// Default: 401 Unauthorized + #[serde(default, skip_serializing_if = "Option::is_none")] + pub unauthenticated: Option, + /// Customizations on the denial status attributes when the request is unauthorized. + /// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. + /// Default: 403 Forbidden + #[serde(default, skip_serializing_if = "Option::is_none")] + pub unauthorized: Option, +} + +/// Response items to be included in the auth response when the request is authenticated and authorized. +/// For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccess { + /// Custom data made available to other filters managed by Kuadrant (i.e. Rate Limit) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, + /// Custom headers to inject in the request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, +} + +/// Custom data made available to other filters managed by Kuadrant (i.e. Rate Limit) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFilters { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// JSON object + /// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option, + /// The key used to add the custom response item (name of the HTTP header or root property of the Dynamic Metadata object). + /// If omitted, it will be set to the name of the response config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Plain text content + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authorino Festival Wristband token + #[serde(default, skip_serializing_if = "Option::is_none")] + pub wristband: Option, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyRulesResponseSuccessFiltersCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// JSON object +/// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersJson { + pub properties: BTreeMap, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersJsonProperties { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Plain text content +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesResponseSuccessFiltersWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorino Festival Wristband token +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersWristband { + /// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customClaims")] + pub custom_claims: Option>, + /// The endpoint to the Authorino service that issues the wristband (format: ://:/, where = /, + /// Time span of the wristband token, in seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenDuration")] + pub token_duration: Option, +} + +/// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersWristbandCustomClaims { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessFiltersWristbandSigningKeyRefs { + /// Algorithm to sign the wristband token using the signing key provided + pub algorithm: AuthPolicyRulesResponseSuccessFiltersWristbandSigningKeyRefsAlgorithm, + /// Name of the signing key. + /// The value is used to reference the Kubernetes secret that stores the key and in the `kid` claim of the wristband token header. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesResponseSuccessFiltersWristbandSigningKeyRefsAlgorithm { + #[serde(rename = "ES256")] + Es256, + #[serde(rename = "ES384")] + Es384, + #[serde(rename = "ES512")] + Es512, + #[serde(rename = "RS256")] + Rs256, + #[serde(rename = "RS384")] + Rs384, + #[serde(rename = "RS512")] + Rs512, +} + +/// Custom headers to inject in the request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeaders { + /// Caching options for the resolved object returned when applying this config. + /// Omit it to avoid caching objects for this config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cache: Option, + /// JSON object + /// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option, + /// The key used to add the custom response item (name of the HTTP header or root property of the Dynamic Metadata object). + /// If omitted, it will be set to the name of the response config. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// Whether this config should generate individual observability metrics + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + /// Plain text content + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + /// Priority group of the config. + /// All configs in the same priority group are evaluated concurrently; consecutive priority groups are evaluated sequentially. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, + /// Conditions for Authorino to enforce this config. + /// If omitted, the config will be enforced for all requests. + /// If present, all conditions must match for the config to be enforced; otherwise, the config will be skipped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, + /// Authorino Festival Wristband token + #[serde(default, skip_serializing_if = "Option::is_none")] + pub wristband: Option, +} + +/// Caching options for the resolved object returned when applying this config. +/// Omit it to avoid caching objects for this config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersCache { + /// Key used to store the entry in the cache. + /// The resolved key must be unique within the scope of this particular config. + pub key: AuthPolicyRulesResponseSuccessHeadersCacheKey, + /// Duration (in seconds) of the external data in the cache before pulled again from the source. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ttl: Option, +} + +/// Key used to store the entry in the cache. +/// The resolved key must be unique within the scope of this particular config. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersCacheKey { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// JSON object +/// Specify it as the list of properties of the object, whose values can combine static values and values selected from the authorization JSON. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersJson { + pub properties: BTreeMap, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersJsonProperties { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Plain text content +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersPlain { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersWhen { + /// A list of pattern expressions to be evaluated as a logical AND. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub all: Option>, + /// A list of pattern expressions to be evaluated as a logical OR. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub any: Option>, + /// The binary operator to be applied to the content fetched from the authorization JSON, for comparison with "value". + /// Possible values are: "eq" (equal to), "neq" (not equal to), "incl" (includes; for arrays), "excl" (excludes; for arrays), "matches" (regex) + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// Reference to a named set of pattern expressions + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patternRef")] + pub pattern_ref: Option, + /// A Common Expression Language (CEL) expression that evaluates to a boolean. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub predicate: Option, + /// Path selector to fetch content from the authorization JSON (e.g. 'request.method'). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// Authorino custom JSON path modifiers are also supported. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// The value of reference for the comparison with the content fetched from the authorization JSON. + /// If used with the "matches" operator, the value must compile to a valid Golang regex. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesResponseSuccessHeadersWhenOperator { + #[serde(rename = "eq")] + Eq, + #[serde(rename = "neq")] + Neq, + #[serde(rename = "incl")] + Incl, + #[serde(rename = "excl")] + Excl, + #[serde(rename = "matches")] + Matches, +} + +/// Authorino Festival Wristband token +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersWristband { + /// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "customClaims")] + pub custom_claims: Option>, + /// The endpoint to the Authorino service that issues the wristband (format: ://:/, where = /, + /// Time span of the wristband token, in seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenDuration")] + pub token_duration: Option, +} + +/// Any claims to be added to the wristband token apart from the standard JWT claims (iss, iat, exp) added by default. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersWristbandCustomClaims { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AuthPolicyRulesResponseSuccessHeadersWristbandSigningKeyRefs { + /// Algorithm to sign the wristband token using the signing key provided + pub algorithm: AuthPolicyRulesResponseSuccessHeadersWristbandSigningKeyRefsAlgorithm, + /// Name of the signing key. + /// The value is used to reference the Kubernetes secret that stores the key and in the `kid` claim of the wristband token header. + pub name: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AuthPolicyRulesResponseSuccessHeadersWristbandSigningKeyRefsAlgorithm { + #[serde(rename = "ES256")] + Es256, + #[serde(rename = "ES384")] + Es384, + #[serde(rename = "ES512")] + Es512, + #[serde(rename = "RS256")] + Rs256, + #[serde(rename = "RS384")] + Rs384, + #[serde(rename = "RS512")] + Rs512, +} + +/// Customizations on the denial status attributes when the request is unauthenticated. +/// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. +/// Default: 401 Unauthorized +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthenticated { + /// HTTP response body to override the default denial body. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// HTTP status code to override the default denial status code. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub code: Option, + /// HTTP response headers to override the default denial headers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP message to override the default denial message. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, +} + +/// HTTP response body to override the default denial body. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthenticatedBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP response headers to override the default denial headers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthenticatedHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP message to override the default denial message. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthenticatedMessage { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Customizations on the denial status attributes when the request is unauthorized. +/// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config. +/// Default: 403 Forbidden +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthorized { + /// HTTP response body to override the default denial body. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// HTTP status code to override the default denial status code. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub code: Option, + /// HTTP response headers to override the default denial headers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option>, + /// HTTP message to override the default denial message. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, +} + +/// HTTP response body to override the default denial body. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthorizedBody { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP response headers to override the default denial headers. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthorizedHeaders { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// HTTP message to override the default denial message. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyRulesResponseUnauthorizedMessage { + /// A Common Expression Language (CEL) expression that evaluates to a value. + /// String expressions are supported (https://pkg.go.dev/github.com/google/cel-go/ext#Strings). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub expression: Option, + /// Simple path selector to fetch content from the authorization JSON (e.g. 'request.method') or a string template with variables that resolve to patterns (e.g. "Hello, {auth.identity.name}!"). + /// Any pattern supported by https://pkg.go.dev/github.com/tidwall/gjson can be used. + /// The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// Static value + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// Reference to the object to which this policy applies. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyTargetRef { + /// Group is the group of the target resource. + pub group: String, + /// Kind is kind of the target resource. + pub kind: String, + /// Name is the name of the target resource. + pub name: String, + /// SectionName is the name of a section within the target resource. When + /// unspecified, this targetRef targets the entire resource. In the following + /// resources, SectionName is interpreted as the following: + /// + /// * Gateway: Listener name + /// * HTTPRoute: HTTPRouteRule name + /// * Service: Port name + /// + /// If a SectionName is specified, but does not exist on the targeted object, + /// the Policy must fail to attach, and the policy implementation should record + /// a `ResolvedRefs` or similar Condition in the Policy's status. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] + pub section_name: Option, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyWhen { + pub predicate: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AuthPolicyStatus { + /// Represents the observations of a foo's current state. + /// Known .status.conditions.type are: "Available" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration reflects the generation of the most recently observed spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, +} + diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1/mod.rs b/kube-custom-resources-rs/src/kuadrant_io/v1/mod.rs new file mode 100644 index 000000000..0c781fc75 --- /dev/null +++ b/kube-custom-resources-rs/src/kuadrant_io/v1/mod.rs @@ -0,0 +1,2 @@ +pub mod authpolicies; +pub mod ratelimitpolicies; diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1/ratelimitpolicies.rs b/kube-custom-resources-rs/src/kuadrant_io/v1/ratelimitpolicies.rs new file mode 100644 index 000000000..c58788913 --- /dev/null +++ b/kube-custom-resources-rs/src/kuadrant_io/v1/ratelimitpolicies.rs @@ -0,0 +1,272 @@ +// WARNING: generated by kopium - manual changes will be overwritten +// kopium command: kopium --docs --filename=./crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/ratelimitpolicies.yaml --derive=Default --derive=PartialEq --smart-derive-elision +// kopium version: 0.21.1 + +#[allow(unused_imports)] +mod prelude { + pub use kube::CustomResource; + pub use serde::{Serialize, Deserialize}; + pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; +} +use self::prelude::*; + +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "kuadrant.io", version = "v1", kind = "RateLimitPolicy", plural = "ratelimitpolicies")] +#[kube(namespaced)] +#[kube(status = "RateLimitPolicyStatus")] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct RateLimitPolicySpec { + /// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides. + /// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub defaults: Option, + /// Limits holds the struct of limits indexed by a unique name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides. + /// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub overrides: Option, + /// Reference to the object to which this policy applies. + #[serde(rename = "targetRef")] + pub target_ref: RateLimitPolicyTargetRef, + /// Overall conditions for the policy to be enforced. + /// If omitted, the policy will be enforced at all requests to the protected routes. + /// If present, all conditions must match for the policy to be enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyDefaults { + /// Limits holds the struct of limits indexed by a unique name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Strategy defines the merge strategy to apply when merging this policy with other policies. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub strategy: Option, + /// Overall conditions for the policy to be enforced. + /// If omitted, the policy will be enforced at all requests to the protected routes. + /// If present, all conditions must match for the policy to be enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Limits holds the struct of limits indexed by a unique name +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyDefaultsLimits { + /// Counters defines additional rate limit counters based on CEL expressions which can reference well known selectors + #[serde(default, skip_serializing_if = "Option::is_none")] + pub counters: Option>, + /// Rates holds the list of limit rates + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rates: Option>, + /// When holds a list of "limit-level" `Predicate`s + /// Called also "soft" conditions as route selectors must also match + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyDefaultsLimitsCounters { + /// Expression defines one CEL expression + /// Expression can use well known attributes + /// Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes + /// Well-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors + /// They are named by a dot-separated path (e.g. request.path) + /// Example: "request.path" -> The path portion of the URL + pub expression: String, +} + +/// Rate defines the actual rate limit that will be used when there is a match +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyDefaultsLimitsRates { + /// Limit defines the max value allowed for a given period of time + pub limit: i64, + /// Window defines the time period for which the Limit specified above applies. + pub window: String, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyDefaultsLimitsWhen { + pub predicate: String, +} + +/// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum RateLimitPolicyDefaultsStrategy { + #[serde(rename = "atomic")] + Atomic, + #[serde(rename = "merge")] + Merge, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyDefaultsWhen { + pub predicate: String, +} + +/// Limits holds the struct of limits indexed by a unique name +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyLimits { + /// Counters defines additional rate limit counters based on CEL expressions which can reference well known selectors + #[serde(default, skip_serializing_if = "Option::is_none")] + pub counters: Option>, + /// Rates holds the list of limit rates + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rates: Option>, + /// When holds a list of "limit-level" `Predicate`s + /// Called also "soft" conditions as route selectors must also match + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyLimitsCounters { + /// Expression defines one CEL expression + /// Expression can use well known attributes + /// Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes + /// Well-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors + /// They are named by a dot-separated path (e.g. request.path) + /// Example: "request.path" -> The path portion of the URL + pub expression: String, +} + +/// Rate defines the actual rate limit that will be used when there is a match +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyLimitsRates { + /// Limit defines the max value allowed for a given period of time + pub limit: i64, + /// Window defines the time period for which the Limit specified above applies. + pub window: String, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyLimitsWhen { + pub predicate: String, +} + +/// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyOverrides { + /// Limits holds the struct of limits indexed by a unique name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Strategy defines the merge strategy to apply when merging this policy with other policies. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub strategy: Option, + /// Overall conditions for the policy to be enforced. + /// If omitted, the policy will be enforced at all requests to the protected routes. + /// If present, all conditions must match for the policy to be enforced. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +/// Limits holds the struct of limits indexed by a unique name +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyOverridesLimits { + /// Counters defines additional rate limit counters based on CEL expressions which can reference well known selectors + #[serde(default, skip_serializing_if = "Option::is_none")] + pub counters: Option>, + /// Rates holds the list of limit rates + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rates: Option>, + /// When holds a list of "limit-level" `Predicate`s + /// Called also "soft" conditions as route selectors must also match + #[serde(default, skip_serializing_if = "Option::is_none")] + pub when: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyOverridesLimitsCounters { + /// Expression defines one CEL expression + /// Expression can use well known attributes + /// Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes + /// Well-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors + /// They are named by a dot-separated path (e.g. request.path) + /// Example: "request.path" -> The path portion of the URL + pub expression: String, +} + +/// Rate defines the actual rate limit that will be used when there is a match +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyOverridesLimitsRates { + /// Limit defines the max value allowed for a given period of time + pub limit: i64, + /// Window defines the time period for which the Limit specified above applies. + pub window: String, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyOverridesLimitsWhen { + pub predicate: String, +} + +/// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides. +/// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults). +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum RateLimitPolicyOverridesStrategy { + #[serde(rename = "atomic")] + Atomic, + #[serde(rename = "merge")] + Merge, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyOverridesWhen { + pub predicate: String, +} + +/// Reference to the object to which this policy applies. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyTargetRef { + /// Group is the group of the target resource. + pub group: String, + /// Kind is kind of the target resource. + pub kind: String, + /// Name is the name of the target resource. + pub name: String, + /// SectionName is the name of a section within the target resource. When + /// unspecified, this targetRef targets the entire resource. In the following + /// resources, SectionName is interpreted as the following: + /// + /// * Gateway: Listener name + /// * HTTPRoute: HTTPRouteRule name + /// * Service: Port name + /// + /// If a SectionName is specified, but does not exist on the targeted object, + /// the Policy must fail to attach, and the policy implementation should record + /// a `ResolvedRefs` or similar Condition in the Policy's status. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] + pub section_name: Option, +} + +/// Predicate defines one CEL expression that must be evaluated to bool +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyWhen { + pub predicate: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RateLimitPolicyStatus { + /// Represents the observations of a foo's current state. + /// Known .status.conditions.type are: "Available" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration reflects the generation of the most recently observed spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, +} + diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs b/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs index 0d8afe865..e9de2e781 100644 --- a/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs +++ b/kube-custom-resources-rs/src/kuadrant_io/v1alpha1/dnsrecords.rs @@ -87,9 +87,11 @@ pub struct DNSRecordHealthCheck { #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalHeadersRef")] pub additional_headers_ref: Option, /// FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy + /// Defaults to 5 #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, /// Interval defines how frequently this probe should execute + /// Defaults to 5 minutes #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, /// Path is the path to append to the host to reach the expected health check. @@ -97,9 +99,11 @@ pub struct DNSRecordHealthCheck { #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// Port to connect to the host on. Must be either 80, 443 or 1024-49151 + /// Defaults to port 443 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// Protocol to use when connecting to the host, valid values are "HTTP" or "HTTPS" + /// Defaults to HTTPS #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, } diff --git a/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs b/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs index 40649988a..59b30f27e 100644 --- a/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs +++ b/kube-custom-resources-rs/src/kuadrant_io/v1beta1/kuadrants.rs @@ -19,6 +19,14 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct KuadrantSpec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub observability: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KuadrantObservability { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enable: Option, } /// KuadrantStatus defines the observed state of Kuadrant diff --git a/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs b/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs index c9891a258..405ec2843 100644 --- a/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs +++ b/kube-custom-resources-rs/src/kube_green_com/v1alpha1/sleepinfos.rs @@ -32,7 +32,6 @@ pub struct SleepInfoSpec { pub patches: Option>, /// Hours:Minutes /// - /// /// Accept cron schedule for both hour and minute. /// For example, *:*/2 is set to configure a run every even minute. #[serde(rename = "sleepAt")] @@ -44,8 +43,8 @@ pub struct SleepInfoSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "suspendDeployments")] pub suspend_deployments: Option, /// If SuspendStatefulSets is set to false, on sleep the statefulset of the namespace will not be suspended. By default StatefulSet will be suspended. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "suspendStatefulsets")] - pub suspend_statefulsets: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "suspendStatefulSets")] + pub suspend_stateful_sets: Option, /// Time zone to set the schedule, in IANA time zone identifier. /// It is not required, default to UTC. /// For example, for the Italy time zone set Europe/Rome. @@ -53,7 +52,6 @@ pub struct SleepInfoSpec { pub time_zone: Option, /// Hours:Minutes /// - /// /// Accept cron schedule for both hour and minute. /// For example, *:*/2 is set to configure a run every even minute. /// It is not required. @@ -61,7 +59,6 @@ pub struct SleepInfoSpec { pub wake_up_at: Option, /// Weekdays are in cron notation. /// - /// /// For example, to configure a schedule from monday to friday, set it to "1-5" pub weekdays: String, } diff --git a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1alpha1/cohorts.rs b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1alpha1/cohorts.rs index edb457ec9..1ca914c9d 100644 --- a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1alpha1/cohorts.rs +++ b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1alpha1/cohorts.rs @@ -17,6 +17,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct CohortSpec { + /// fairSharing defines the properties of the Cohort when + /// participating in FairSharing. The values are only relevant + /// if FairSharing is enabled in the Kueue configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fairSharing")] + pub fair_sharing: Option, /// Parent references the name of the Cohort's parent, if /// any. It satisfies one of three cases: /// 1) Unset. This Cohort is the root of its Cohort tree. @@ -49,6 +54,25 @@ pub struct CohortSpec { pub resource_groups: Option>, } +/// fairSharing defines the properties of the Cohort when +/// participating in FairSharing. The values are only relevant +/// if FairSharing is enabled in the Kueue configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CohortFairSharing { + /// weight gives a comparative advantage to this ClusterQueue + /// or Cohort when competing for unused resources in the + /// Cohort. The share is based on the dominant resource usage + /// above nominal quotas for each resource, divided by the + /// weight. Admission prioritizes scheduling workloads from + /// ClusterQueues and Cohorts with the lowest share and + /// preempting workloads from the ClusterQueues and Cohorts + /// with the highest share. A zero weight implies infinite + /// share value, meaning that this Node will always be at + /// disadvantage against other ClusterQueues and Cohorts. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub weight: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CohortResourceGroups { /// coveredResources is the list of resources covered by the flavors in this diff --git a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs index 01363f223..7caf62d01 100644 --- a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs +++ b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/clusterqueues.rs @@ -45,8 +45,9 @@ pub struct ClusterQueueSpec { /// subdomain in DNS (RFC 1123). #[serde(default, skip_serializing_if = "Option::is_none")] pub cohort: Option, - /// fairSharing defines the properties of the ClusterQueue when participating in fair sharing. - /// The values are only relevant if fair sharing is enabled in the Kueue configuration. + /// fairSharing defines the properties of the ClusterQueue when + /// participating in FairSharing. The values are only relevant + /// if FairSharing is enabled in the Kueue configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fairSharing")] pub fair_sharing: Option, /// flavorFungibility defines whether a workload should try the next flavor @@ -73,7 +74,7 @@ pub struct ClusterQueueSpec { /// and there are admitted Workloads in the ClusterQueue with lower priority. /// /// The preemption algorithm tries to find a minimal set of Workloads to - /// preempt to accomomdate the pending Workload, preempting Workloads with + /// preempt to accommodate the pending Workload, preempting Workloads with /// lower priority first. #[serde(default, skip_serializing_if = "Option::is_none")] pub preemption: Option, @@ -128,18 +129,21 @@ pub struct ClusterQueueAdmissionChecksStrategyAdmissionChecks { pub on_flavors: Option>, } -/// fairSharing defines the properties of the ClusterQueue when participating in fair sharing. -/// The values are only relevant if fair sharing is enabled in the Kueue configuration. +/// fairSharing defines the properties of the ClusterQueue when +/// participating in FairSharing. The values are only relevant +/// if FairSharing is enabled in the Kueue configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterQueueFairSharing { - /// weight gives a comparative advantage to this ClusterQueue when competing for unused - /// resources in the cohort against other ClusterQueues. - /// The share of a ClusterQueue is based on the dominant resource usage above nominal - /// quotas for each resource, divided by the weight. - /// Admission prioritizes scheduling workloads from ClusterQueues with the lowest share - /// and preempting workloads from the ClusterQueues with the highest share. - /// A zero weight implies infinite share value, meaning that this ClusterQueue will always - /// be at disadvantage against other ClusterQueues. + /// weight gives a comparative advantage to this ClusterQueue + /// or Cohort when competing for unused resources in the + /// Cohort. The share is based on the dominant resource usage + /// above nominal quotas for each resource, divided by the + /// weight. Admission prioritizes scheduling workloads from + /// ClusterQueues and Cohorts with the lowest share and + /// preempting workloads from the ClusterQueues and Cohorts + /// with the highest share. A zero weight implies infinite + /// share value, meaning that this Node will always be at + /// disadvantage against other ClusterQueues and Cohorts. #[serde(default, skip_serializing_if = "Option::is_none")] pub weight: Option, } @@ -230,7 +234,7 @@ pub struct ClusterQueueNamespaceSelectorMatchExpressions { /// and there are admitted Workloads in the ClusterQueue with lower priority. /// /// The preemption algorithm tries to find a minimal set of Workloads to -/// preempt to accomomdate the pending Workload, preempting Workloads with +/// preempt to accommodate the pending Workload, preempting Workloads with /// lower priority first. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterQueuePreemption { @@ -312,7 +316,7 @@ pub enum ClusterQueuePreemptionBorrowWithinCohortPolicy { /// and there are admitted Workloads in the ClusterQueue with lower priority. /// /// The preemption algorithm tries to find a minimal set of Workloads to -/// preempt to accomomdate the pending Workload, preempting Workloads with +/// preempt to accommodate the pending Workload, preempting Workloads with /// lower priority first. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterQueuePreemptionReclaimWithinCohort { @@ -334,7 +338,7 @@ pub enum ClusterQueuePreemptionReclaimWithinCohort { /// and there are admitted Workloads in the ClusterQueue with lower priority. /// /// The preemption algorithm tries to find a minimal set of Workloads to -/// preempt to accomomdate the pending Workload, preempting Workloads with +/// preempt to accommodate the pending Workload, preempting Workloads with /// lower priority first. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterQueuePreemptionWithinClusterQueue { @@ -473,12 +477,13 @@ pub struct ClusterQueueStatus { /// FairSharing contains the information about the current status of fair sharing. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterQueueStatusFairSharing { - /// WeightedShare represent the maximum of the ratios of usage above nominal - /// quota to the lendable resources in the cohort, among all the resources - /// provided by the ClusterQueue, and divided by the weight. - /// If zero, it means that the usage of the ClusterQueue is below the nominal quota. - /// If the ClusterQueue has a weight of zero, this will return 9223372036854775807, - /// the maximum possible share value. + /// WeightedShare represent the maximum of the ratios of usage + /// above nominal quota to the lendable resources in the + /// Cohort, among all the resources provided by the Node, and + /// divided by the weight. If zero, it means that the usage of + /// the Node is below the nominal quota. If the Node has a + /// weight of zero, this will return 9223372036854775807, the + /// maximum possible share value. #[serde(rename = "weightedShare")] pub weighted_share: i64, } diff --git a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/resourceflavors.rs b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/resourceflavors.rs index 0db344102..f9c36b130 100644 --- a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/resourceflavors.rs +++ b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/resourceflavors.rs @@ -33,6 +33,8 @@ pub struct ResourceFlavorSpec { /// have. /// Workloads' podsets must have tolerations for these nodeTaints in order to /// get assigned this ResourceFlavor during admission. + /// Only the 'NoSchedule' and 'NoExecute' taint effects are evaluated, + /// while 'PreferNoSchedule' is ignored. /// /// An example of a nodeTaint is /// cloud.provider.com/preemptible="true":NoSchedule diff --git a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs index ba96ec53f..2f7f518b3 100644 --- a/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs +++ b/kube-custom-resources-rs/src/kueue_x_k8s_io/v1beta1/workloads.rs @@ -334,6 +334,17 @@ pub struct WorkloadPodSetsTemplateSpec { /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaims")] pub resource_claims: Option>, + /// Resources is the total amount of CPU and Memory resources required by all + /// containers in the pod. It supports specifying Requests and Limits for + /// "cpu" and "memory" resource names only. ResourceClaims are not supported. + /// + /// This field enables fine-grained control over resource allocation for the + /// entire pod, allowing resource sharing among containers in a pod. + /// + /// This is an alpha field and requires enabling the PodLevelResources feature + /// gate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, /// Restart policy for all containers within the pod. /// One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. /// Default to Always. @@ -1453,23 +1464,23 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1481,7 +1492,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1514,7 +1525,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartHttpGetHttpHea pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1522,8 +1533,8 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1546,23 +1557,23 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1574,7 +1585,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1607,7 +1618,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopHttpGetHttpHeade pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -1615,8 +1626,8 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1634,17 +1645,17 @@ pub struct WorkloadPodSetsTemplateSpecContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1659,7 +1670,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1681,7 +1692,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1693,7 +1704,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1706,7 +1717,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1739,7 +1750,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1784,17 +1795,17 @@ pub struct WorkloadPodSetsTemplateSpecContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1809,7 +1820,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1831,7 +1842,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1843,7 +1854,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1856,7 +1867,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1889,7 +1900,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2152,17 +2163,17 @@ pub struct WorkloadPodSetsTemplateSpecContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2177,7 +2188,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2199,7 +2210,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2211,7 +2222,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2224,7 +2235,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2257,7 +2268,7 @@ pub struct WorkloadPodSetsTemplateSpecContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2356,9 +2367,11 @@ pub struct WorkloadPodSetsTemplateSpecDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -2682,23 +2695,23 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2710,7 +2723,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartExec pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2743,7 +2756,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartHttpG pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2751,8 +2764,8 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartSleep } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2775,23 +2788,23 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePostStartTcpSo /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2803,7 +2816,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2836,7 +2849,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopHttpGet pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2844,8 +2857,8 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2860,17 +2873,17 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLifecyclePreStopTcpSock /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2885,7 +2898,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2907,7 +2920,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2919,7 +2932,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2932,7 +2945,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2965,7 +2978,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbeHttpGetHtt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3007,17 +3020,17 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersPorts { /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3032,7 +3045,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3054,7 +3067,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3066,7 +3079,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3079,7 +3092,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3112,7 +3125,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbeHttpGetHt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3367,17 +3380,17 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersSecurityContextWindowsO /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3392,7 +3405,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3414,7 +3427,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3426,7 +3439,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3439,7 +3452,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3472,7 +3485,7 @@ pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbeHttpGetHttp pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecEphemeralContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3909,23 +3922,23 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3937,7 +3950,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3970,7 +3983,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartHttpGetHtt pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -3978,8 +3991,8 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4002,23 +4015,23 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePostStartTcpSocket /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4030,7 +4043,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4063,7 +4076,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopHttpGetHttpH pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -4071,8 +4084,8 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4090,17 +4103,17 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4115,7 +4128,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4137,7 +4150,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4149,7 +4162,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4162,7 +4175,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4195,7 +4208,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbeHttpGetHttpHead pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4240,17 +4253,17 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4265,7 +4278,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4287,7 +4300,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4299,7 +4312,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4312,7 +4325,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4345,7 +4358,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbeHttpGetHttpHea pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4608,17 +4621,17 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersSecurityContextWindowsOption /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4633,7 +4646,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4655,7 +4668,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4667,7 +4680,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4680,7 +4693,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4713,7 +4726,7 @@ pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbeHttpGetHttpHeade pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4871,6 +4884,52 @@ pub struct WorkloadPodSetsTemplateSpecResourceClaims { pub resource_claim_template_name: Option, } +/// Resources is the total amount of CPU and Memory resources required by all +/// containers in the pod. It supports specifying Requests and Limits for +/// "cpu" and "memory" resource names only. ResourceClaims are not supported. +/// +/// This field enables fine-grained control over resource allocation for the +/// entire pod, allowing resource sharing among containers in a pod. +/// +/// This is an alpha field and requires enabling the PodLevelResources feature +/// gate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct WorkloadPodSetsTemplateSpecResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct WorkloadPodSetsTemplateSpecResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, +} + /// PodSchedulingGate is associated to a Pod to guard its scheduling. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecSchedulingGates { @@ -4932,6 +4991,31 @@ pub struct WorkloadPodSetsTemplateSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -5253,26 +5337,35 @@ pub struct WorkloadPodSetsTemplateSpecTopologySpreadConstraintsLabelSelectorMatc pub struct WorkloadPodSetsTemplateSpecVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -5313,23 +5406,28 @@ pub struct WorkloadPodSetsTemplateSpecVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -5374,23 +5472,30 @@ pub struct WorkloadPodSetsTemplateSpecVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -5398,15 +5503,20 @@ pub struct WorkloadPodSetsTemplateSpecVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesAwsElasticBlockStore { @@ -5433,6 +5543,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -5459,6 +5571,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -5473,7 +5587,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -5515,6 +5630,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesCinder { @@ -5605,7 +5722,7 @@ pub struct WorkloadPodSetsTemplateSpecVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -6056,6 +6173,7 @@ pub struct WorkloadPodSetsTemplateSpecVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -6097,7 +6215,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -6111,6 +6230,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesGcePersistentDisk { @@ -6139,7 +6260,7 @@ pub struct WorkloadPodSetsTemplateSpecVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6158,6 +6279,7 @@ pub struct WorkloadPodSetsTemplateSpecVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesGlusterfs { @@ -6316,7 +6438,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -6329,7 +6452,10 @@ pub struct WorkloadPodSetsTemplateSpecVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -6635,7 +6761,8 @@ pub struct WorkloadPodSetsTemplateSpecVolumesProjectedSourcesServiceAccountToken pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesQuobyte { /// group to map volume access to @@ -6663,6 +6790,7 @@ pub struct WorkloadPodSetsTemplateSpecVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesRbd { @@ -6722,6 +6850,7 @@ pub struct WorkloadPodSetsTemplateSpecVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -6826,6 +6955,7 @@ pub struct WorkloadPodSetsTemplateSpecVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesStorageos { /// fsType is the filesystem type to mount. @@ -6868,7 +6998,9 @@ pub struct WorkloadPodSetsTemplateSpecVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTemplateSpecVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -6890,6 +7022,13 @@ pub struct WorkloadPodSetsTemplateSpecVolumesVsphereVolume { /// topologyRequest defines the topology request for the PodSet. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadPodSetsTopologyRequest { + /// PodIndexLabel indicates the name of the label indexing the pods. + /// For example, in the context of + /// - kubernetes job this is: kubernetes.io/job-completion-index + /// - JobSet: kubernetes.io/job-completion-index (inherited from Job) + /// - Kubeflow: training.kubeflow.org/replica-index + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podIndexLabel")] + pub pod_index_label: Option, /// preferred indicates the topology level preferred by the PodSet, as /// indicated by the `kueue.x-k8s.io/podset-preferred-topology` PodSet /// annotation. @@ -6900,6 +7039,14 @@ pub struct WorkloadPodSetsTopologyRequest { /// annotation. #[serde(default, skip_serializing_if = "Option::is_none")] pub required: Option, + /// SubGroupIndexLabel indicates the count of replicated Jobs (groups) within a PodSet. + /// For example, in the context of JobSet this value is read from jobset.sigs.k8s.io/replicatedjob-replicas. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subGroupCount")] + pub sub_group_count: Option, + /// SubGroupIndexLabel indicates the name of the label indexing the instances of replicated Jobs (groups) + /// within a PodSet. For example, in the context of JobSet this is jobset.sigs.k8s.io/job-index. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subGroupIndexLabel")] + pub sub_group_index_label: Option, } /// WorkloadSpec defines the desired state of Workload @@ -6994,7 +7141,9 @@ pub struct WorkloadStatusAdmissionPodSetAssignments { /// domain and specifies the node selectors for each topology domain, in the /// following way: the node selector keys are specified by the levels field /// (same for all domains), and the corresponding node selector value is - /// specified by the domains.values subfield. + /// specified by the domains.values subfield. If the TopologySpec.Levels field contains + /// "kubernetes.io/hostname" label, topologyAssignment will contain data only for + /// this label, and omit higher levels in the topology /// /// Example: /// @@ -7015,6 +7164,21 @@ pub struct WorkloadStatusAdmissionPodSetAssignments { /// - 2 Pods are to be scheduled on nodes matching the node selector: /// cloud.provider.com/topology-block: block-1 /// cloud.provider.com/topology-rack: rack-2 + /// + /// Example: + /// Below there is an equivalent of the above example assuming, Topology + /// object defines kubernetes.io/hostname as the lowest level in topology. + /// Hence we omit higher level of topologies, since the hostname label + /// is sufficient to explicitly identify a proper node. + /// + /// topologyAssignment: + /// levels: + /// - kubernetes.io/hostname + /// domains: + /// - values: [hostname-1] + /// count: 4 + /// - values: [hostname-2] + /// count: 2 #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologyAssignment")] pub topology_assignment: Option, } @@ -7025,7 +7189,9 @@ pub struct WorkloadStatusAdmissionPodSetAssignments { /// domain and specifies the node selectors for each topology domain, in the /// following way: the node selector keys are specified by the levels field /// (same for all domains), and the corresponding node selector value is -/// specified by the domains.values subfield. +/// specified by the domains.values subfield. If the TopologySpec.Levels field contains +/// "kubernetes.io/hostname" label, topologyAssignment will contain data only for +/// this label, and omit higher levels in the topology /// /// Example: /// @@ -7046,6 +7212,21 @@ pub struct WorkloadStatusAdmissionPodSetAssignments { /// - 2 Pods are to be scheduled on nodes matching the node selector: /// cloud.provider.com/topology-block: block-1 /// cloud.provider.com/topology-rack: rack-2 +/// +/// Example: +/// Below there is an equivalent of the above example assuming, Topology +/// object defines kubernetes.io/hostname as the lowest level in topology. +/// Hence we omit higher level of topologies, since the hostname label +/// is sufficient to explicitly identify a proper node. +/// +/// topologyAssignment: +/// levels: +/// - kubernetes.io/hostname +/// domains: +/// - values: [hostname-1] +/// count: 4 +/// - values: [hostname-2] +/// count: 2 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkloadStatusAdmissionPodSetAssignmentsTopologyAssignment { /// domains is a list of topology assignments split by topology domains at diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshaccesslogs.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshaccesslogs.rs index 26e0ba94e..6d84851fb 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshaccesslogs.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshaccesslogs.rs @@ -21,6 +21,10 @@ pub struct MeshAccessLogSpec { /// From list makes a match between clients and corresponding configurations #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, + /// Rules defines inbound access log configurations. Currently limited to + /// selecting all inbound traffic, as L7 matching is not yet implemented. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option>, /// TargetRef is a reference to the resource the policy takes an effect on. /// The resource could be either a real store object or virtual resource /// defined in-place. @@ -35,8 +39,7 @@ pub struct MeshAccessLogSpec { pub struct MeshAccessLogFrom { /// Default is a configuration specific to the group of clients referenced in /// 'targetRef' - #[serde(default, skip_serializing_if = "Option::is_none")] - pub default: Option, + pub default: MeshAccessLogFromDefault, /// TargetRef is a reference to the resource that represents a group of /// clients. #[serde(rename = "targetRef")] @@ -93,10 +96,8 @@ pub struct MeshAccessLogFromDefaultBackendsFileFormat { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshAccessLogFromDefaultBackendsFileFormatJson { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub key: String, + pub value: String, } /// Format of access logs. Placeholders available on @@ -126,10 +127,8 @@ pub struct MeshAccessLogFromDefaultBackendsOpenTelemetry { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshAccessLogFromDefaultBackendsOpenTelemetryAttributes { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub key: String, + pub value: String, } /// TCPBackend defines a TCP logging backend. @@ -159,10 +158,8 @@ pub struct MeshAccessLogFromDefaultBackendsTcpFormat { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshAccessLogFromDefaultBackendsTcpFormatJson { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub key: String, + pub value: String, } /// Format of access logs. Placeholders available on @@ -229,6 +226,143 @@ pub enum MeshAccessLogFromTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRules { + /// Default contains configuration of the inbound access logging + pub default: MeshAccessLogRulesDefault, +} + +/// Default contains configuration of the inbound access logging +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRulesDefault { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub backends: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackends { + /// FileBackend defines configuration for file based access logs + #[serde(default, skip_serializing_if = "Option::is_none")] + pub file: Option, + /// Defines an OpenTelemetry logging backend. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "openTelemetry")] + pub open_telemetry: Option, + /// TCPBackend defines a TCP logging backend. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tcp: Option, + #[serde(rename = "type")] + pub r#type: MeshAccessLogRulesDefaultBackendsType, +} + +/// FileBackend defines configuration for file based access logs +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsFile { + /// Format of access logs. Placeholders available on + /// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators + #[serde(default, skip_serializing_if = "Option::is_none")] + pub format: Option, + /// Path to a file that logs will be written to + pub path: String, +} + +/// Format of access logs. Placeholders available on +/// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsFileFormat { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "omitEmptyValues")] + pub omit_empty_values: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + #[serde(rename = "type")] + pub r#type: MeshAccessLogRulesDefaultBackendsFileFormatType, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsFileFormatJson { + pub key: String, + pub value: String, +} + +/// Format of access logs. Placeholders available on +/// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum MeshAccessLogRulesDefaultBackendsFileFormatType { + Plain, + Json, +} + +/// Defines an OpenTelemetry logging backend. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsOpenTelemetry { + /// Attributes can contain placeholders available on + /// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators + #[serde(default, skip_serializing_if = "Option::is_none")] + pub attributes: Option>, + /// Body is a raw string or an OTLP any value as described at + /// https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/logs/data-model.md#field-body + /// It can contain placeholders available on + /// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators + #[serde(default, skip_serializing_if = "Option::is_none")] + pub body: Option, + /// Endpoint of OpenTelemetry collector. An empty port defaults to 4317. + pub endpoint: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsOpenTelemetryAttributes { + pub key: String, + pub value: String, +} + +/// TCPBackend defines a TCP logging backend. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsTcp { + /// Address of the TCP logging backend + pub address: String, + /// Format of access logs. Placeholders available on + /// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators + #[serde(default, skip_serializing_if = "Option::is_none")] + pub format: Option, +} + +/// Format of access logs. Placeholders available on +/// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsTcpFormat { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub json: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "omitEmptyValues")] + pub omit_empty_values: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub plain: Option, + #[serde(rename = "type")] + pub r#type: MeshAccessLogRulesDefaultBackendsTcpFormatType, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshAccessLogRulesDefaultBackendsTcpFormatJson { + pub key: String, + pub value: String, +} + +/// Format of access logs. Placeholders available on +/// https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum MeshAccessLogRulesDefaultBackendsTcpFormatType { + Plain, + Json, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum MeshAccessLogRulesDefaultBackendsType { + Tcp, + File, + OpenTelemetry, } /// TargetRef is a reference to the resource the policy takes an effect on. @@ -282,14 +416,14 @@ pub enum MeshAccessLogTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshAccessLogTo { /// Default is a configuration specific to the group of destinations referenced in /// 'targetRef' - #[serde(default, skip_serializing_if = "Option::is_none")] - pub default: Option, + pub default: MeshAccessLogToDefault, /// TargetRef is a reference to the resource that represents a group of /// destinations. #[serde(rename = "targetRef")] @@ -346,10 +480,8 @@ pub struct MeshAccessLogToDefaultBackendsFileFormat { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshAccessLogToDefaultBackendsFileFormatJson { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub key: String, + pub value: String, } /// Format of access logs. Placeholders available on @@ -379,10 +511,8 @@ pub struct MeshAccessLogToDefaultBackendsOpenTelemetry { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshAccessLogToDefaultBackendsOpenTelemetryAttributes { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub key: String, + pub value: String, } /// TCPBackend defines a TCP logging backend. @@ -412,10 +542,8 @@ pub struct MeshAccessLogToDefaultBackendsTcpFormat { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshAccessLogToDefaultBackendsTcpFormatJson { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, + pub key: String, + pub value: String, } /// Format of access logs. Placeholders available on @@ -482,5 +610,6 @@ pub enum MeshAccessLogToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshcircuitbreakers.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshcircuitbreakers.rs index eade7a793..f43ca8a85 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshcircuitbreakers.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshcircuitbreakers.rs @@ -22,6 +22,10 @@ pub struct MeshCircuitBreakerSpec { /// From list makes a match between clients and corresponding configurations #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, + /// Rules defines inbound circuit breaker configurations. Currently limited to + /// selecting all inbound traffic, as L7 matching is not yet implemented. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option>, /// TargetRef is a reference to the resource the policy takes an effect on. /// The resource could be either a real store object or virtual resource /// defined in place. @@ -114,6 +118,11 @@ pub struct MeshCircuitBreakerFromDefaultOutlierDetection { /// When set to true, outlierDetection configuration won't take any effect #[serde(default, skip_serializing_if = "Option::is_none")] pub disabled: Option, + /// Allows to configure panic threshold for Envoy cluster. If not specified, + /// the default is 50%. To disable panic mode, set to 0%. + /// Either int or decimal represented as string. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthyPanicThreshold")] + pub healthy_panic_threshold: Option, /// The time interval between ejection analysis sweeps. This can result in /// both new ejections and hosts being returned to service. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -380,6 +389,304 @@ pub enum MeshCircuitBreakerFromTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRules { + /// Default contains configuration of the inbound circuit breaker + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default: Option, +} + +/// Default contains configuration of the inbound circuit breaker +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefault { + /// ConnectionLimits contains configuration of each circuit breaking limit, + /// which when exceeded makes the circuit breaker to become open (no traffic + /// is allowed like no current is allowed in the circuits when physical + /// circuit breaker ir open) + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionLimits")] + pub connection_limits: Option, + /// OutlierDetection contains the configuration of the process of dynamically + /// determining whether some number of hosts in an upstream cluster are + /// performing unlike the others and removing them from the healthy load + /// balancing set. Performance might be along different axes such as + /// consecutive failures, temporal success rate, temporal latency, etc. + /// Outlier detection is a form of passive health checking. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "outlierDetection")] + pub outlier_detection: Option, +} + +/// ConnectionLimits contains configuration of each circuit breaking limit, +/// which when exceeded makes the circuit breaker to become open (no traffic +/// is allowed like no current is allowed in the circuits when physical +/// circuit breaker ir open) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultConnectionLimits { + /// The maximum number of connection pools per cluster that are concurrently + /// supported at once. Set this for clusters which create a large number of + /// connection pools. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConnectionPools")] + pub max_connection_pools: Option, + /// The maximum number of connections allowed to be made to the upstream + /// cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConnections")] + pub max_connections: Option, + /// The maximum number of pending requests that are allowed to the upstream + /// cluster. This limit is applied as a connection limit for non-HTTP + /// traffic. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxPendingRequests")] + pub max_pending_requests: Option, + /// The maximum number of parallel requests that are allowed to be made + /// to the upstream cluster. This limit does not apply to non-HTTP traffic. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRequests")] + pub max_requests: Option, + /// The maximum number of parallel retries that will be allowed to + /// the upstream cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] + pub max_retries: Option, +} + +/// OutlierDetection contains the configuration of the process of dynamically +/// determining whether some number of hosts in an upstream cluster are +/// performing unlike the others and removing them from the healthy load +/// balancing set. Performance might be along different axes such as +/// consecutive failures, temporal success rate, temporal latency, etc. +/// Outlier detection is a form of passive health checking. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultOutlierDetection { + /// The base time that a host is ejected for. The real time is equal to + /// the base time multiplied by the number of times the host has been + /// ejected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseEjectionTime")] + pub base_ejection_time: Option, + /// Contains configuration for supported outlier detectors + #[serde(default, skip_serializing_if = "Option::is_none")] + pub detectors: Option, + /// When set to true, outlierDetection configuration won't take any effect + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, + /// Allows to configure panic threshold for Envoy cluster. If not specified, + /// the default is 50%. To disable panic mode, set to 0%. + /// Either int or decimal represented as string. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthyPanicThreshold")] + pub healthy_panic_threshold: Option, + /// The time interval between ejection analysis sweeps. This can result in + /// both new ejections and hosts being returned to service. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub interval: Option, + /// The maximum % of an upstream cluster that can be ejected due to outlier + /// detection. Defaults to 10% but will eject at least one host regardless of + /// the value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxEjectionPercent")] + pub max_ejection_percent: Option, + /// Determines whether to distinguish local origin failures from external + /// errors. If set to true the following configuration parameters are taken + /// into account: detectors.localOriginFailures.consecutive + #[serde(default, skip_serializing_if = "Option::is_none", rename = "splitExternalAndLocalErrors")] + pub split_external_and_local_errors: Option, +} + +/// Contains configuration for supported outlier detectors +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultOutlierDetectionDetectors { + /// Failure Percentage based outlier detection functions similarly to success + /// rate detection, in that it relies on success rate data from each host in + /// a cluster. However, rather than compare those values to the mean success + /// rate of the cluster as a whole, they are compared to a flat + /// user-configured threshold. This threshold is configured via the + /// outlierDetection.failurePercentageThreshold field. + /// The other configuration fields for failure percentage based detection are + /// similar to the fields for success rate detection. As with success rate + /// detection, detection will not be performed for a host if its request + /// volume over the aggregation interval is less than the + /// outlierDetection.detectors.failurePercentage.requestVolume value. + /// Detection also will not be performed for a cluster if the number of hosts + /// with the minimum required request volume in an interval is less than the + /// outlierDetection.detectors.failurePercentage.minimumHosts value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePercentage")] + pub failure_percentage: Option, + /// In the default mode (outlierDetection.splitExternalLocalOriginErrors is + /// false) this detection type takes into account a subset of 5xx errors, + /// called "gateway errors" (502, 503 or 504 status code) and local origin + /// failures, such as timeout, TCP reset etc. + /// In split mode (outlierDetection.splitExternalLocalOriginErrors is true) + /// this detection type takes into account a subset of 5xx errors, called + /// "gateway errors" (502, 503 or 504 status code) and is supported only by + /// the http router. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gatewayFailures")] + pub gateway_failures: Option, + /// This detection type is enabled only when + /// outlierDetection.splitExternalLocalOriginErrors is true and takes into + /// account only locally originated errors (timeout, reset, etc). + /// If Envoy repeatedly cannot connect to an upstream host or communication + /// with the upstream host is repeatedly interrupted, it will be ejected. + /// Various locally originated problems are detected: timeout, TCP reset, + /// ICMP errors, etc. This detection type is supported by http router and + /// tcp proxy. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localOriginFailures")] + pub local_origin_failures: Option, + /// Success Rate based outlier detection aggregates success rate data from + /// every host in a cluster. Then at given intervals ejects hosts based on + /// statistical outlier detection. Success Rate outlier detection will not be + /// calculated for a host if its request volume over the aggregation interval + /// is less than the outlierDetection.detectors.successRate.requestVolume + /// value. + /// Moreover, detection will not be performed for a cluster if the number of + /// hosts with the minimum required request volume in an interval is less + /// than the outlierDetection.detectors.successRate.minimumHosts value. + /// In the default configuration mode + /// (outlierDetection.splitExternalLocalOriginErrors is false) this detection + /// type takes into account all types of errors: locally and externally + /// originated. + /// In split mode (outlierDetection.splitExternalLocalOriginErrors is true), + /// locally originated errors and externally originated (transaction) errors + /// are counted and treated separately. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successRate")] + pub success_rate: Option, + /// In the default mode (outlierDetection.splitExternalAndLocalErrors is + /// false) this detection type takes into account all generated errors: + /// locally originated and externally originated (transaction) errors. + /// In split mode (outlierDetection.splitExternalLocalOriginErrors is true) + /// this detection type takes into account only externally originated + /// (transaction) errors, ignoring locally originated errors. + /// If an upstream host is an HTTP-server, only 5xx types of error are taken + /// into account (see Consecutive Gateway Failure for exceptions). + /// Properly formatted responses, even when they carry an operational error + /// (like index not found, access denied) are not taken into account. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "totalFailures")] + pub total_failures: Option, +} + +/// Failure Percentage based outlier detection functions similarly to success +/// rate detection, in that it relies on success rate data from each host in +/// a cluster. However, rather than compare those values to the mean success +/// rate of the cluster as a whole, they are compared to a flat +/// user-configured threshold. This threshold is configured via the +/// outlierDetection.failurePercentageThreshold field. +/// The other configuration fields for failure percentage based detection are +/// similar to the fields for success rate detection. As with success rate +/// detection, detection will not be performed for a host if its request +/// volume over the aggregation interval is less than the +/// outlierDetection.detectors.failurePercentage.requestVolume value. +/// Detection also will not be performed for a cluster if the number of hosts +/// with the minimum required request volume in an interval is less than the +/// outlierDetection.detectors.failurePercentage.minimumHosts value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultOutlierDetectionDetectorsFailurePercentage { + /// The minimum number of hosts in a cluster in order to perform failure + /// percentage-based ejection. If the total number of hosts in the cluster is + /// less than this value, failure percentage-based ejection will not be + /// performed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minimumHosts")] + pub minimum_hosts: Option, + /// The minimum number of total requests that must be collected in one + /// interval (as defined by the interval duration above) to perform failure + /// percentage-based ejection for this host. If the volume is lower than this + /// setting, failure percentage-based ejection will not be performed for this + /// host. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestVolume")] + pub request_volume: Option, + /// The failure percentage to use when determining failure percentage-based + /// outlier detection. If the failure percentage of a given host is greater + /// than or equal to this value, it will be ejected. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub threshold: Option, +} + +/// In the default mode (outlierDetection.splitExternalLocalOriginErrors is +/// false) this detection type takes into account a subset of 5xx errors, +/// called "gateway errors" (502, 503 or 504 status code) and local origin +/// failures, such as timeout, TCP reset etc. +/// In split mode (outlierDetection.splitExternalLocalOriginErrors is true) +/// this detection type takes into account a subset of 5xx errors, called +/// "gateway errors" (502, 503 or 504 status code) and is supported only by +/// the http router. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultOutlierDetectionDetectorsGatewayFailures { + /// The number of consecutive gateway failures (502, 503, 504 status codes) + /// before a consecutive gateway failure ejection occurs. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub consecutive: Option, +} + +/// This detection type is enabled only when +/// outlierDetection.splitExternalLocalOriginErrors is true and takes into +/// account only locally originated errors (timeout, reset, etc). +/// If Envoy repeatedly cannot connect to an upstream host or communication +/// with the upstream host is repeatedly interrupted, it will be ejected. +/// Various locally originated problems are detected: timeout, TCP reset, +/// ICMP errors, etc. This detection type is supported by http router and +/// tcp proxy. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultOutlierDetectionDetectorsLocalOriginFailures { + /// The number of consecutive locally originated failures before ejection + /// occurs. Parameter takes effect only when splitExternalAndLocalErrors + /// is set to true. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub consecutive: Option, +} + +/// Success Rate based outlier detection aggregates success rate data from +/// every host in a cluster. Then at given intervals ejects hosts based on +/// statistical outlier detection. Success Rate outlier detection will not be +/// calculated for a host if its request volume over the aggregation interval +/// is less than the outlierDetection.detectors.successRate.requestVolume +/// value. +/// Moreover, detection will not be performed for a cluster if the number of +/// hosts with the minimum required request volume in an interval is less +/// than the outlierDetection.detectors.successRate.minimumHosts value. +/// In the default configuration mode +/// (outlierDetection.splitExternalLocalOriginErrors is false) this detection +/// type takes into account all types of errors: locally and externally +/// originated. +/// In split mode (outlierDetection.splitExternalLocalOriginErrors is true), +/// locally originated errors and externally originated (transaction) errors +/// are counted and treated separately. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultOutlierDetectionDetectorsSuccessRate { + /// The number of hosts in a cluster that must have enough request volume to + /// detect success rate outliers. If the number of hosts is less than this + /// setting, outlier detection via success rate statistics is not performed + /// for any host in the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minimumHosts")] + pub minimum_hosts: Option, + /// The minimum number of total requests that must be collected in one + /// interval (as defined by the interval duration configured in + /// outlierDetection section) to include this host in success rate based + /// outlier detection. If the volume is lower than this setting, outlier + /// detection via success rate statistics is not performed for that host. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestVolume")] + pub request_volume: Option, + /// This factor is used to determine the ejection threshold for success rate + /// outlier ejection. The ejection threshold is the difference between + /// the mean success rate, and the product of this factor and the standard + /// deviation of the mean success rate: mean - (standard_deviation * + /// success_rate_standard_deviation_factor). + /// Either int or decimal represented as string. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "standardDeviationFactor")] + pub standard_deviation_factor: Option, +} + +/// In the default mode (outlierDetection.splitExternalAndLocalErrors is +/// false) this detection type takes into account all generated errors: +/// locally originated and externally originated (transaction) errors. +/// In split mode (outlierDetection.splitExternalLocalOriginErrors is true) +/// this detection type takes into account only externally originated +/// (transaction) errors, ignoring locally originated errors. +/// If an upstream host is an HTTP-server, only 5xx types of error are taken +/// into account (see Consecutive Gateway Failure for exceptions). +/// Properly formatted responses, even when they carry an operational error +/// (like index not found, access denied) are not taken into account. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshCircuitBreakerRulesDefaultOutlierDetectionDetectorsTotalFailures { + /// The number of consecutive server-side error responses (for HTTP traffic, + /// 5xx responses; for TCP traffic, connection failures; for Redis, failure + /// to respond PONG; etc.) before a consecutive total failure ejection + /// occurs. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub consecutive: Option, } /// TargetRef is a reference to the resource the policy takes an effect on. @@ -433,6 +740,7 @@ pub enum MeshCircuitBreakerTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -516,6 +824,11 @@ pub struct MeshCircuitBreakerToDefaultOutlierDetection { /// When set to true, outlierDetection configuration won't take any effect #[serde(default, skip_serializing_if = "Option::is_none")] pub disabled: Option, + /// Allows to configure panic threshold for Envoy cluster. If not specified, + /// the default is 50%. To disable panic mode, set to 0%. + /// Either int or decimal represented as string. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthyPanicThreshold")] + pub healthy_panic_threshold: Option, /// The time interval between ejection analysis sweeps. This can result in /// both new ejections and hosts being returned to service. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -782,5 +1095,6 @@ pub enum MeshCircuitBreakerToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshfaultinjections.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshfaultinjections.rs index af7c708fc..682533969 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshfaultinjections.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshfaultinjections.rs @@ -154,6 +154,7 @@ pub enum MeshFaultInjectionFromTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } /// TargetRef is a reference to the resource the policy takes an effect on. @@ -207,6 +208,7 @@ pub enum MeshFaultInjectionTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -331,5 +333,6 @@ pub enum MeshFaultInjectionToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayinstances.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayinstances.rs index 8a07dc49f..06feeb236 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayinstances.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshgatewayinstances.rs @@ -238,6 +238,7 @@ pub struct MeshGatewayInstanceStatusLoadBalancerIngress { pub ports: Option>, } +/// PortStatus represents the error condition of a service port #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshGatewayInstanceStatusLoadBalancerIngressPorts { /// Error is to record the problem with the service port diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhealthchecks.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhealthchecks.rs index 0eab967ae..52b1831fb 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhealthchecks.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhealthchecks.rs @@ -80,6 +80,7 @@ pub enum MeshHealthCheckTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -120,9 +121,12 @@ pub struct MeshHealthCheckToDefault { /// Allows to configure panic threshold for Envoy cluster. If not specified, /// the default is 50%. To disable panic mode, set to 0%. /// Either int or decimal represented as string. + /// Deprecated: the setting has been moved to MeshCircuitBreaker policy, + /// please use MeshCircuitBreaker policy instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthyPanicThreshold")] pub healthy_panic_threshold: Option, /// Number of consecutive healthy checks before considering a host healthy. + /// If not specified then the default value is 1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthyThreshold")] pub healthy_threshold: Option, /// HttpHealthCheck defines HTTP configuration which will instruct the service @@ -135,6 +139,7 @@ pub struct MeshHealthCheckToDefault { #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialJitter")] pub initial_jitter: Option, /// Interval between consecutive health checks. + /// If not specified then the default value is 1m #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, /// If specified, during every interval Envoy will add IntervalJitter to the @@ -165,10 +170,12 @@ pub struct MeshHealthCheckToDefault { #[serde(default, skip_serializing_if = "Option::is_none")] pub tcp: Option, /// Maximum time to wait for a health check response. + /// If not specified then the default value is 15s #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout: Option, /// Number of consecutive unhealthy checks before considering a host /// unhealthy. + /// If not specified then the default value is 5 #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyThreshold")] pub unhealthy_threshold: Option, } @@ -201,6 +208,7 @@ pub struct MeshHealthCheckToDefaultHttp { pub expected_statuses: Option>, /// The HTTP path which will be requested during the health check /// (ie. /health) + /// If not specified then the default value is "/" #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, /// The list of HTTP headers which should be added to each health check @@ -298,5 +306,6 @@ pub enum MeshHealthCheckToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhttproutes.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhttproutes.rs index e117cc60e..2b328fc67 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhttproutes.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshhttproutes.rs @@ -80,6 +80,7 @@ pub enum MeshHTTPRouteTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -92,12 +93,11 @@ pub struct MeshHTTPRouteTo { pub hostnames: Option>, /// Rules contains the routing rules applies to a combination of top-level /// targetRef and the targetRef in this entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rules: Option>, + pub rules: Vec, /// TargetRef is a reference to the resource that represents a group of /// request destinations. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetRef")] - pub target_ref: Option, + #[serde(rename = "targetRef")] + pub target_ref: MeshHTTPRouteToTargetRef, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -172,6 +172,7 @@ pub enum MeshHTTPRouteToRulesDefaultBackendRefsKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] @@ -284,6 +285,7 @@ pub enum MeshHTTPRouteToRulesDefaultFiltersRequestMirrorBackendRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -566,5 +568,6 @@ pub enum MeshHTTPRouteToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshloadbalancingstrategies.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshloadbalancingstrategies.rs index b54617b36..c910d8628 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshloadbalancingstrategies.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshloadbalancingstrategies.rs @@ -80,6 +80,7 @@ pub enum MeshLoadBalancingStrategyTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -243,6 +244,7 @@ pub struct MeshLoadBalancingStrategyToDefaultLoadBalancerMaglevHashPoliciesQuery pub enum MeshLoadBalancingStrategyToDefaultLoadBalancerMaglevHashPoliciesType { Header, Cookie, + Connection, #[serde(rename = "SourceIP")] SourceIp, QueryParameter, @@ -361,6 +363,7 @@ pub struct MeshLoadBalancingStrategyToDefaultLoadBalancerRingHashHashPoliciesQue pub enum MeshLoadBalancingStrategyToDefaultLoadBalancerRingHashHashPoliciesType { Header, Cookie, + Connection, #[serde(rename = "SourceIP")] SourceIp, QueryParameter, @@ -530,5 +533,6 @@ pub enum MeshLoadBalancingStrategyToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshproxypatches.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshproxypatches.rs index 05171c18a..4f06519ce 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshproxypatches.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshproxypatches.rs @@ -33,8 +33,8 @@ pub struct MeshProxyPatchSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshProxyPatchDefault { /// AppendModifications is a list of modifications applied on the selected proxy. - #[serde(rename = "appendModifications")] - pub append_modifications: Vec, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appendModifications")] + pub append_modifications: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -532,5 +532,6 @@ pub enum MeshProxyPatchTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshratelimits.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshratelimits.rs index eb032ff52..0cc31d4d1 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshratelimits.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshratelimits.rs @@ -21,6 +21,10 @@ pub struct MeshRateLimitSpec { /// From list makes a match between clients and corresponding configurations #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, + /// Rules defines inbound rate limiting configurations. Currently limited to + /// selecting all inbound traffic, as L7 matching is not yet implemented. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option>, /// TargetRef is a reference to the resource the policy takes an effect on. /// The resource could be either a real store object or virtual resource /// defined inplace. @@ -194,6 +198,115 @@ pub enum MeshRateLimitFromTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRules { + /// Default contains configuration of the inbound rate limits + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default: Option, +} + +/// Default contains configuration of the inbound rate limits +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefault { + /// LocalConf defines local http or/and tcp rate limit configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub local: Option, +} + +/// LocalConf defines local http or/and tcp rate limit configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocal { + /// LocalHTTP defines configuration of local HTTP rate limiting + /// https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/local_rate_limit_filter + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// LocalTCP defines confguration of local TCP rate limiting + /// https://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/local_rate_limit_filter + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tcp: Option, +} + +/// LocalHTTP defines configuration of local HTTP rate limiting +/// https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/local_rate_limit_filter +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalHttp { + /// Define if rate limiting should be disabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, + /// Describes the actions to take on a rate limit event + #[serde(default, skip_serializing_if = "Option::is_none", rename = "onRateLimit")] + pub on_rate_limit: Option, + /// Defines how many requests are allowed per interval. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestRate")] + pub request_rate: Option, +} + +/// Describes the actions to take on a rate limit event +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalHttpOnRateLimit { + /// The Headers to be added to the HTTP response on a rate limit event + #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers: Option, + /// The HTTP status code to be set on a rate limit event + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, +} + +/// The Headers to be added to the HTTP response on a rate limit event +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalHttpOnRateLimitHeaders { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub add: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub set: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalHttpOnRateLimitHeadersAdd { + pub name: String, + pub value: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalHttpOnRateLimitHeadersSet { + pub name: String, + pub value: String, +} + +/// Defines how many requests are allowed per interval. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalHttpRequestRate { + /// The interval the number of units is accounted for. + pub interval: String, + /// Number of units per interval (depending on usage it can be a number of requests, + /// or a number of connections). + pub num: i32, +} + +/// LocalTCP defines confguration of local TCP rate limiting +/// https://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/local_rate_limit_filter +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalTcp { + /// Defines how many connections are allowed per interval. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionRate")] + pub connection_rate: Option, + /// Define if rate limiting should be disabled. + /// Default: false + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, +} + +/// Defines how many connections are allowed per interval. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshRateLimitRulesDefaultLocalTcpConnectionRate { + /// The interval the number of units is accounted for. + pub interval: String, + /// Number of units per interval (depending on usage it can be a number of requests, + /// or a number of connections). + pub num: i32, } /// TargetRef is a reference to the resource the policy takes an effect on. @@ -247,6 +360,7 @@ pub enum MeshRateLimitTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -412,5 +526,6 @@ pub enum MeshRateLimitToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshretries.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshretries.rs index 86ce89ce1..c5e94ff37 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshretries.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshretries.rs @@ -79,6 +79,7 @@ pub enum MeshRetryTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -139,6 +140,7 @@ pub struct MeshRetryToDefaultGrpc { pub struct MeshRetryToDefaultGrpcBackOff { /// BaseInterval is an amount of time which should be taken between retries. /// Must be greater than zero. Values less than 1 ms are rounded up to 1 ms. + /// If not specified then the default value is "25ms". #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseInterval")] pub base_interval: Option, /// MaxInterval is a maximal amount of time which will be taken between retries. @@ -152,6 +154,7 @@ pub struct MeshRetryToDefaultGrpcBackOff { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshRetryToDefaultGrpcRateLimitedBackOff { /// MaxInterval is a maximal amount of time which will be taken between retries. + /// If not specified then the default value is "300s". #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxInterval")] pub max_interval: Option, /// ResetHeaders specifies the list of headers (like Retry-After or X-RateLimit-Reset) @@ -232,6 +235,7 @@ pub struct MeshRetryToDefaultHttp { pub struct MeshRetryToDefaultHttpBackOff { /// BaseInterval is an amount of time which should be taken between retries. /// Must be greater than zero. Values less than 1 ms are rounded up to 1 ms. + /// If not specified then the default value is "25ms". #[serde(default, skip_serializing_if = "Option::is_none", rename = "baseInterval")] pub base_interval: Option, /// MaxInterval is a maximal amount of time which will be taken between retries. @@ -266,6 +270,7 @@ pub enum MeshRetryToDefaultHttpHostSelectionPredicate { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshRetryToDefaultHttpRateLimitedBackOff { /// MaxInterval is a maximal amount of time which will be taken between retries. + /// If not specified then the default value is "300s". #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxInterval")] pub max_interval: Option, /// ResetHeaders specifies the list of headers (like Retry-After or X-RateLimit-Reset) @@ -400,5 +405,6 @@ pub enum MeshRetryToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtcproutes.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtcproutes.rs index 89c83f96d..6eaebadd7 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtcproutes.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtcproutes.rs @@ -80,14 +80,14 @@ pub enum MeshTCPRouteTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshTCPRouteTo { /// Rules contains the routing rules applies to a combination of top-level /// targetRef and the targetRef in this entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rules: Option>, + pub rules: Vec, /// TargetRef is a reference to the resource that represents a group of /// destinations. #[serde(rename = "targetRef")] @@ -105,8 +105,8 @@ pub struct MeshTCPRouteToRules { /// policies. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MeshTCPRouteToRulesDefault { - #[serde(rename = "backendRefs")] - pub backend_refs: Vec, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backendRefs")] + pub backend_refs: Option>, } /// BackendRef defines where to forward traffic. @@ -161,6 +161,7 @@ pub enum MeshTCPRouteToRulesDefaultBackendRefsKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } /// TargetRef is a reference to the resource that represents a group of @@ -212,5 +213,6 @@ pub enum MeshTCPRouteToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtimeouts.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtimeouts.rs index 732102cd6..6bba353b9 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtimeouts.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtimeouts.rs @@ -21,6 +21,10 @@ pub struct MeshTimeoutSpec { /// From list makes a match between clients and corresponding configurations #[serde(default, skip_serializing_if = "Option::is_none")] pub from: Option>, + /// Rules defines inbound timeout configurations. Currently limited to exactly one rule containing + /// default timeouts that apply to all inbound traffic, as L7 matching is not yet implemented. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rules: Option>, /// TargetRef is a reference to the resource the policy takes an effect on. /// The resource could be either a real store object or virtual resource /// defined inplace. @@ -140,6 +144,61 @@ pub enum MeshTimeoutFromTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshTimeoutRules { + /// Default contains configuration of the inbound timeouts + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default: Option, +} + +/// Default contains configuration of the inbound timeouts +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshTimeoutRulesDefault { + /// ConnectionTimeout specifies the amount of time proxy will wait for an TCP connection to be established. + /// Default value is 5 seconds. Cannot be set to 0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionTimeout")] + pub connection_timeout: Option, + /// Http provides configuration for HTTP specific timeouts + #[serde(default, skip_serializing_if = "Option::is_none")] + pub http: Option, + /// IdleTimeout is defined as the period in which there are no bytes sent or received on connection + /// Setting this timeout to 0 will disable it. Be cautious when disabling it because + /// it can lead to connection leaking. Default value is 1h. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "idleTimeout")] + pub idle_timeout: Option, +} + +/// Http provides configuration for HTTP specific timeouts +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct MeshTimeoutRulesDefaultHttp { + /// MaxConnectionDuration is the time after which a connection will be drained and/or closed, + /// starting from when it was first established. Setting this timeout to 0 will disable it. + /// Disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConnectionDuration")] + pub max_connection_duration: Option, + /// MaxStreamDuration is the maximum time that a stream’s lifetime will span. + /// Setting this timeout to 0 will disable it. Disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxStreamDuration")] + pub max_stream_duration: Option, + /// RequestHeadersTimeout The amount of time that proxy will wait for the request headers to be received. The timer is + /// activated when the first byte of the headers is received, and is disarmed when the last byte of + /// the headers has been received. If not specified or set to 0, this timeout is disabled. + /// Disabled by default. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestHeadersTimeout")] + pub request_headers_timeout: Option, + /// RequestTimeout The amount of time that proxy will wait for the entire request to be received. + /// The timer is activated when the request is initiated, and is disarmed when the last byte of the request is sent, + /// OR when the response is initiated. Setting this timeout to 0 will disable it. + /// Default is 15s. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requestTimeout")] + pub request_timeout: Option, + /// StreamIdleTimeout is the amount of time that proxy will allow a stream to exist with no activity. + /// Setting this timeout to 0 will disable it. Default is 30m + #[serde(default, skip_serializing_if = "Option::is_none", rename = "streamIdleTimeout")] + pub stream_idle_timeout: Option, } /// TargetRef is a reference to the resource the policy takes an effect on. @@ -193,6 +252,7 @@ pub enum MeshTimeoutTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -304,5 +364,6 @@ pub enum MeshTimeoutToTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtraces.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtraces.rs index 823c6824d..a1d10cef2 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtraces.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtraces.rs @@ -133,6 +133,7 @@ pub struct MeshTraceDefaultSampling { /// 'x-client-trace-id' header is set. Mirror of client_sampling in Envoy /// https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L127-L133 /// Either int or decimal represented as string. + /// If not specified then the default value is 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub client: Option, /// Target percentage of requests will be traced @@ -144,6 +145,7 @@ pub struct MeshTraceDefaultSampling { /// overall_sampling in Envoy /// https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L142-L150 /// Either int or decimal represented as string. + /// If not specified then the default value is 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub overall: Option, /// Target percentage of requests that will be randomly selected for trace @@ -151,6 +153,7 @@ pub struct MeshTraceDefaultSampling { /// Mirror of random_sampling in Envoy /// https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L135-L140 /// Either int or decimal represented as string. + /// If not specified then the default value is 100. #[serde(default, skip_serializing_if = "Option::is_none")] pub random: Option, } @@ -232,5 +235,6 @@ pub enum MeshTraceTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtrafficpermissions.rs b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtrafficpermissions.rs index 9abca883b..9e935a781 100644 --- a/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtrafficpermissions.rs +++ b/kube-custom-resources-rs/src/kuma_io/v1alpha1/meshtrafficpermissions.rs @@ -107,6 +107,7 @@ pub enum MeshTrafficPermissionFromTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } /// TargetRef is a reference to the resource the policy takes an effect on. @@ -160,5 +161,6 @@ pub enum MeshTrafficPermissionTargetRefKind { MeshServiceSubset, #[serde(rename = "MeshHTTPRoute")] MeshHttpRoute, + Dataplane, } diff --git a/kube-custom-resources-rs/src/kustomize_toolkit_fluxcd_io/v1/kustomizations.rs b/kube-custom-resources-rs/src/kustomize_toolkit_fluxcd_io/v1/kustomizations.rs index 0296a19df..dcb3a3742 100644 --- a/kube-custom-resources-rs/src/kustomize_toolkit_fluxcd_io/v1/kustomizations.rs +++ b/kube-custom-resources-rs/src/kustomize_toolkit_fluxcd_io/v1/kustomizations.rs @@ -31,6 +31,12 @@ pub struct KustomizationSpec { /// Decrypt Kubernetes secrets before applying them on the cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub decryption: Option, + /// DeletionPolicy can be used to control garbage collection when this + /// Kustomization is deleted. Valid values are ('MirrorPrune', 'Delete', + /// 'Orphan'). 'MirrorPrune' mirrors the Prune field (orphan if false, + /// delete if true). Defaults to 'MirrorPrune'. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionPolicy")] + pub deletion_policy: Option, /// DependsOn may contain a meta.NamespacedObjectReference slice /// with references to Kustomization resources that must be ready before this /// Kustomization can be reconciled. @@ -40,6 +46,11 @@ pub struct KustomizationSpec { /// when patching fails due to an immutable field change. #[serde(default, skip_serializing_if = "Option::is_none")] pub force: Option, + /// HealthCheckExprs is a list of healthcheck expressions for evaluating the + /// health of custom resources using Common Expression Language (CEL). + /// The expressions are evaluated only when Wait or HealthChecks are specified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckExprs")] + pub health_check_exprs: Option>, /// A list of resources to be included in the health assessment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthChecks")] pub health_checks: Option>, @@ -149,6 +160,15 @@ pub struct KustomizationDecryptionSecretRef { pub name: String, } +/// KustomizationSpec defines the configuration to calculate the desired state +/// from a Source using Kustomize. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum KustomizationDeletionPolicy { + MirrorPrune, + Delete, + Orphan, +} + /// NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any /// namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -160,6 +180,27 @@ pub struct KustomizationDependsOn { pub namespace: Option, } +/// CustomHealthCheck defines the health check for custom resources. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct KustomizationHealthCheckExprs { + /// APIVersion of the custom resource under evaluation. + #[serde(rename = "apiVersion")] + pub api_version: String, + /// Current is the CEL expression that determines if the status + /// of the custom resource has reached the desired state. + pub current: String, + /// Failed is the CEL expression that determines if the status + /// of the custom resource has failed to reach the desired state. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub failed: Option, + /// InProgress is the CEL expression that determines if the status + /// of the custom resource has not yet reached the desired state. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "inProgress")] + pub in_progress: Option, + /// Kind of the custom resource under evaluation. + pub kind: String, +} + /// NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object /// in any namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -358,6 +399,13 @@ pub struct KustomizationStatus { /// have been successfully applied. #[serde(default, skip_serializing_if = "Option::is_none")] pub inventory: Option, + /// The last successfully applied origin revision. + /// Equals the origin revision of the applied Artifact from the referenced Source. + /// Usually present on the Metadata of the applied Artifact and depends on the + /// Source type, e.g. for OCI it's the value associated with the key + /// "org.opencontainers.image.revision". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastAppliedOriginRevision")] + pub last_applied_origin_revision: Option, /// The last successfully applied revision. /// Equals the Revision of the applied Artifact from the referenced Source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastAppliedRevision")] diff --git a/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs b/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs index 6fdebf672..ae80c76f4 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs @@ -148,7 +148,7 @@ pub struct ClusterPolicyRules { pub verify_images: Option>, } -/// MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook. +/// MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPolicyRulesCelPreconditions { /// Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. @@ -1794,11 +1794,11 @@ pub struct ClusterPolicyRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -1825,11 +1825,11 @@ pub struct ClusterPolicyRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a @@ -4431,7 +4431,7 @@ pub struct ClusterPolicyStatusAutogenRules { pub verify_images: Option>, } -/// MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook. +/// MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPolicyStatusAutogenRulesCelPreconditions { /// Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. @@ -6077,11 +6077,11 @@ pub struct ClusterPolicyStatusAutogenRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -6108,11 +6108,11 @@ pub struct ClusterPolicyStatusAutogenRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a diff --git a/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs b/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs index 7ddfb1098..e44e2cc95 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs @@ -149,7 +149,7 @@ pub struct PolicyRules { pub verify_images: Option>, } -/// MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook. +/// MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PolicyRulesCelPreconditions { /// Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. @@ -1795,11 +1795,11 @@ pub struct PolicyRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -1826,11 +1826,11 @@ pub struct PolicyRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a @@ -4432,7 +4432,7 @@ pub struct PolicyStatusAutogenRules { pub verify_images: Option>, } -/// MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook. +/// MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PolicyStatusAutogenRulesCelPreconditions { /// Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. @@ -6078,11 +6078,11 @@ pub struct PolicyStatusAutogenRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -6109,11 +6109,11 @@ pub struct PolicyStatusAutogenRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a diff --git a/kube-custom-resources-rs/src/kyverno_io/v2alpha1/globalcontextentries.rs b/kube-custom-resources-rs/src/kyverno_io/v2alpha1/globalcontextentries.rs index 285cf938b..ec736ac8e 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v2alpha1/globalcontextentries.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v2alpha1/globalcontextentries.rs @@ -30,6 +30,9 @@ pub struct GlobalContextEntrySpec { /// Mutually exclusive with APICall. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kubernetesResource")] pub kubernetes_resource: Option, + /// Projections defines the list of JMESPath expressions to extract values from the cached resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub projections: Option>, } /// Stores results from an API call which will be cached. @@ -136,6 +139,15 @@ pub struct GlobalContextEntryKubernetesResource { pub version: String, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct GlobalContextEntryProjections { + /// JMESPath is the JMESPath expression to extract the value from the cached resource. + #[serde(rename = "jmesPath")] + pub jmes_path: String, + /// Name is the name to use for the extracted value in the context. + pub name: String, +} + /// Status contains globalcontextentry runtime data. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GlobalContextEntryStatus { diff --git a/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs b/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs index 13fd8d41d..2cfec7954 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs @@ -1495,11 +1495,11 @@ pub struct ClusterPolicyRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -1526,11 +1526,11 @@ pub struct ClusterPolicyRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a @@ -4291,7 +4291,7 @@ pub struct ClusterPolicyStatusAutogenRules { pub verify_images: Option>, } -/// MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook. +/// MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPolicyStatusAutogenRulesCelPreconditions { /// Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. @@ -5937,11 +5937,11 @@ pub struct ClusterPolicyStatusAutogenRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -5968,11 +5968,11 @@ pub struct ClusterPolicyStatusAutogenRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a diff --git a/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs b/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs index 69ba63440..a6e2bd102 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs @@ -1496,11 +1496,11 @@ pub struct PolicyRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -1527,11 +1527,11 @@ pub struct PolicyRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a @@ -4292,7 +4292,7 @@ pub struct PolicyStatusAutogenRules { pub verify_images: Option>, } -/// MatchCondition represents a condition which must be fulfilled for a request to be sent to a webhook. +/// MatchCondition represents a condition which must by fulfilled for a request to be sent to a webhook. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PolicyStatusAutogenRulesCelPreconditions { /// Expression represents the expression which will be evaluated by CEL. Must evaluate to bool. @@ -5938,11 +5938,11 @@ pub struct PolicyStatusAutogenRulesMutate { pub mutate_existing_on_policy_update: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// Targets defines the target resources to be mutated. @@ -5969,11 +5969,11 @@ pub struct PolicyStatusAutogenRulesMutateForeach { pub order: Option, /// PatchStrategicMerge is a strategic merge patch used to modify resources. /// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ - /// and https://kubectl.docs.kubernetes.io/references/kustomize/patchesstrategicmerge/. + /// and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchStrategicMerge")] pub patch_strategic_merge: Option, /// PatchesJSON6902 is a list of RFC 6902 JSON Patch declarations used to modify resources. - /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/patchesjson6902/. + /// See https://tools.ietf.org/html/rfc6902 and https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/. #[serde(default, skip_serializing_if = "Option::is_none", rename = "patchesJson6902")] pub patches_json6902: Option, /// AnyAllConditions are used to determine if a policy rule should be applied by evaluating a diff --git a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/codesigningconfigs.rs b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/codesigningconfigs.rs index 4d07a523e..e35aa08e8 100644 --- a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/codesigningconfigs.rs +++ b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/codesigningconfigs.rs @@ -59,7 +59,7 @@ pub struct CodeSigningConfigStatus { /// Unique identifer for the Code signing configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "codeSigningConfigID")] pub code_signing_config_id: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/eventsourcemappings.rs b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/eventsourcemappings.rs index eac3ffd3a..b5e61a790 100644 --- a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/eventsourcemappings.rs +++ b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/eventsourcemappings.rs @@ -41,14 +41,17 @@ pub struct EventSourceMappingSpec { /// * Self-managed Apache Kafka – Default 100. Max 10,000. /// /// * Amazon MQ (ActiveMQ and RabbitMQ) – Default 100. Max 10,000. + /// + /// * DocumentDB – Default 100. Max 10,000. #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchSize")] pub batch_size: Option, - /// (Streams only) If the function returns an error, split the batch in two and - /// retry. + /// (Kinesis and DynamoDB Streams only) If the function returns an error, split + /// the batch in two and retry. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bisectBatchOnFunctionError")] pub bisect_batch_on_function_error: Option, - /// (Streams only) An Amazon SQS queue or Amazon SNS topic destination for discarded - /// records. + /// (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Kafka only) A configuration + /// object that specifies the destination of an event after Lambda processes + /// it. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationConfig")] pub destination_config: Option, /// When true, the event source mapping is active. When false, Lambda pauses @@ -65,9 +68,13 @@ pub struct EventSourceMappingSpec { /// /// * Amazon Simple Queue Service – The ARN of the queue. /// - /// * Amazon Managed Streaming for Apache Kafka – The ARN of the cluster. + /// * Amazon Managed Streaming for Apache Kafka – The ARN of the cluster + /// or the ARN of the VPC connection (for cross-account event source mappings + /// (https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)). /// /// * Amazon MQ – The ARN of the broker. + /// + /// * Amazon DocumentDB – The ARN of the DocumentDB change stream. #[serde(default, skip_serializing_if = "Option::is_none", rename = "eventSourceARN")] pub event_source_arn: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -84,7 +91,7 @@ pub struct EventSourceMappingSpec { /// (https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "filterCriteria")] pub filter_criteria: Option, - /// The name of the Lambda function. + /// The name or ARN of the Lambda function. /// /// Name formats /// @@ -109,37 +116,38 @@ pub struct EventSourceMappingSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "functionRef")] pub function_ref: Option, - /// (Streams and Amazon SQS) A list of current response type enums applied to - /// the event source mapping. + /// (Kinesis, DynamoDB Streams, and Amazon SQS) A list of current response type + /// enums applied to the event source mapping. #[serde(default, skip_serializing_if = "Option::is_none", rename = "functionResponseTypes")] pub function_response_types: Option>, /// The maximum amount of time, in seconds, that Lambda spends gathering records /// before invoking the function. You can configure MaximumBatchingWindowInSeconds /// to any value from 0 seconds to 300 seconds in increments of seconds. /// - /// For streams and Amazon SQS event sources, the default batching window is - /// 0 seconds. For Amazon MSK, Self-managed Apache Kafka, and Amazon MQ event - /// sources, the default batching window is 500 ms. Note that because you can - /// only change MaximumBatchingWindowInSeconds in increments of seconds, you - /// cannot revert back to the 500 ms default batching window after you have changed - /// it. To restore the default batching window, you must create a new event source - /// mapping. + /// For Kinesis, DynamoDB, and Amazon SQS event sources, the default batching + /// window is 0 seconds. For Amazon MSK, Self-managed Apache Kafka, Amazon MQ, + /// and DocumentDB event sources, the default batching window is 500 ms. Note + /// that because you can only change MaximumBatchingWindowInSeconds in increments + /// of seconds, you cannot revert back to the 500 ms default batching window + /// after you have changed it. To restore the default batching window, you must + /// create a new event source mapping. /// - /// Related setting: For streams and Amazon SQS event sources, when you set BatchSize - /// to a value greater than 10, you must set MaximumBatchingWindowInSeconds to - /// at least 1. + /// Related setting: For Kinesis, DynamoDB, and Amazon SQS event sources, when + /// you set BatchSize to a value greater than 10, you must set MaximumBatchingWindowInSeconds + /// to at least 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maximumBatchingWindowInSeconds")] pub maximum_batching_window_in_seconds: Option, - /// (Streams only) Discard records older than the specified age. The default - /// value is infinite (-1). + /// (Kinesis and DynamoDB Streams only) Discard records older than the specified + /// age. The default value is infinite (-1). #[serde(default, skip_serializing_if = "Option::is_none", rename = "maximumRecordAgeInSeconds")] pub maximum_record_age_in_seconds: Option, - /// (Streams only) Discard records after the specified number of retries. The - /// default value is infinite (-1). When set to infinite (-1), failed records - /// are retried until the record expires. + /// (Kinesis and DynamoDB Streams only) Discard records after the specified number + /// of retries. The default value is infinite (-1). When set to infinite (-1), + /// failed records are retried until the record expires. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maximumRetryAttempts")] pub maximum_retry_attempts: Option, - /// (Streams only) The number of batches to process from each shard concurrently. + /// (Kinesis and DynamoDB Streams only) The number of batches to process from + /// each shard concurrently. #[serde(default, skip_serializing_if = "Option::is_none", rename = "parallelizationFactor")] pub parallelization_factor: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "queueRefs")] @@ -163,18 +171,21 @@ pub struct EventSourceMappingSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceAccessConfigurations")] pub source_access_configurations: Option>, /// The position in a stream from which to start reading. Required for Amazon - /// Kinesis, Amazon DynamoDB, and Amazon MSK Streams sources. AT_TIMESTAMP is - /// supported only for Amazon Kinesis streams. + /// Kinesis and Amazon DynamoDB Stream event sources. AT_TIMESTAMP is supported + /// only for Amazon Kinesis streams, Amazon DocumentDB, Amazon MSK, and self-managed + /// Apache Kafka. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startingPosition")] pub starting_position: Option, /// With StartingPosition set to AT_TIMESTAMP, the time from which to start reading. + /// StartingPositionTimestamp cannot be in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startingPositionTimestamp")] pub starting_position_timestamp: Option, /// The name of the Kafka topic. #[serde(default, skip_serializing_if = "Option::is_none")] pub topics: Option>, - /// (Streams only) The duration in seconds of a processing window. The range - /// is between 1 second and 900 seconds. + /// (Kinesis and DynamoDB Streams only) The duration in seconds of a processing + /// window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds + /// indicates no tumbling window. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tumblingWindowInSeconds")] pub tumbling_window_in_seconds: Option, } @@ -187,14 +198,19 @@ pub struct EventSourceMappingAmazonManagedKafkaEventSourceConfig { pub consumer_group_id: Option, } -/// (Streams only) An Amazon SQS queue or Amazon SNS topic destination for discarded -/// records. +/// (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Kafka only) A configuration +/// object that specifies the destination of an event after Lambda processes +/// it. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct EventSourceMappingDestinationConfig { /// A destination for events that failed processing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onFailure")] pub on_failure: Option, /// A destination for events that were processed successfully. + /// + /// To retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), + /// you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, + /// or Amazon EventBridge event bus as the destination. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onSuccess")] pub on_success: Option, } @@ -207,6 +223,10 @@ pub struct EventSourceMappingDestinationConfigOnFailure { } /// A destination for events that were processed successfully. +/// +/// To retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), +/// you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, +/// or Amazon EventBridge event bus as the destination. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct EventSourceMappingDestinationConfigOnSuccess { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -346,7 +366,7 @@ pub struct EventSourceMappingStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functions.rs b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functions.rs index 74298f159..becada0ea 100644 --- a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functions.rs +++ b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functions.rs @@ -28,7 +28,7 @@ pub struct FunctionSpec { /// The code for the function. pub code: FunctionCode, /// To enable code signing for this function, specify the ARN of a code-signing - /// configuration. A code-signing configuration includes a set of signing profiles, + /// configuration. A code-signing configurationincludes a set of signing profiles, /// which define the trusted publishers for this function. #[serde(default, skip_serializing_if = "Option::is_none", rename = "codeSigningConfigARN")] pub code_signing_config_arn: Option, @@ -44,7 +44,8 @@ pub struct FunctionSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub environment: Option, /// The size of the function's /tmp directory in MB. The default value is 512, - /// but can be any whole number between 512 and 10,240 MB. + /// but can be any whole number between 512 and 10,240 MB. For more information, + /// see Configuring ephemeral storage (console) (https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-ephemeral-storage). #[serde(default, skip_serializing_if = "Option::is_none", rename = "ephemeralStorage")] pub ephemeral_storage: Option, /// Connection settings for an Amazon EFS file system. @@ -75,13 +76,30 @@ pub struct FunctionSpec { /// (https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html). #[serde(default, skip_serializing_if = "Option::is_none")] pub handler: Option, - /// Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/configuration-images.html#configuration-images-settings) + /// Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) /// that override the values in the container image Dockerfile. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageConfig")] pub image_config: Option, - /// The ARN of the Key Management Service (KMS) key that's used to encrypt your - /// function's environment variables. If it's not provided, Lambda uses a default - /// service key. + /// The ARN of the Key Management Service (KMS) customer managed key that's used + /// to encrypt the following resources: + /// + /// * The function's environment variables (https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). + /// + /// * The function's Lambda SnapStart (https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) + /// snapshots. + /// + /// * When used with SourceKMSKeyArn, the unzipped version of the .zip deployment + /// package that's used for function invocations. For more information, see + /// Specifying a customer managed key for Lambda (https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption). + /// + /// * The optimized version of the container image that's used for function + /// invocations. Note that this is not the same key that's used to protect + /// your container image in the Amazon Elastic Container Registry (Amazon + /// ECR). For more information, see Function lifecycle (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle). + /// + /// If you don't provide a customer managed key, Lambda uses an Amazon Web Services + /// owned key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) + /// or an Amazon Web Services managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyARN")] pub kms_key_arn: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -103,7 +121,7 @@ pub struct FunctionSpec { /// The default value is 128 MB. The value can be any multiple of 1 MB. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memorySize")] pub memory_size: Option, - /// The name of the Lambda function. + /// The name or ARN of the Lambda function. /// /// Name formats /// @@ -139,7 +157,15 @@ pub struct FunctionSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleRef")] pub role_ref: Option, /// The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). - /// Runtime is required if the deployment package is a .zip file archive. + /// Runtime is required if the deployment package is a .zip file archive. Specifying + /// a runtime results in an error if you're deploying a function using a container + /// image. + /// + /// The following list includes deprecated runtimes. Lambda blocks creating new + /// functions and updating existing functions shortly after each runtime is deprecated. + /// For more information, see Runtime use after deprecation (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels). + /// + /// For a list of all currently supported runtimes, see Supported runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported). #[serde(default, skip_serializing_if = "Option::is_none")] pub runtime: Option, /// The function's SnapStart (https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) @@ -155,8 +181,8 @@ pub struct FunctionSpec { /// For more information, see Lambda execution environment (https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html). #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout: Option, - /// Set Mode to Active to sample and trace a subset of incoming requests with - /// X-Ray (https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html). + /// Set Mode to Active to sample and trace a subset of incoming requests withX-Ray + /// (https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfig")] pub tracing_config: Option, /// For network connectivity to Amazon Web Services resources in a VPC, specify @@ -224,7 +250,8 @@ pub struct FunctionEnvironment { } /// The size of the function's /tmp directory in MB. The default value is 512, -/// but can be any whole number between 512 and 10,240 MB. +/// but can be any whole number between 512 and 10,240 MB. For more information, +/// see Configuring ephemeral storage (console) (https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-ephemeral-storage). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FunctionEphemeralStorage { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -281,6 +308,10 @@ pub struct FunctionFunctionEventInvokeConfigDestinationConfig { #[serde(default, skip_serializing_if = "Option::is_none", rename = "onFailure")] pub on_failure: Option, /// A destination for events that were processed successfully. + /// + /// To retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), + /// you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, + /// or Amazon EventBridge event bus as the destination. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onSuccess")] pub on_success: Option, } @@ -293,13 +324,17 @@ pub struct FunctionFunctionEventInvokeConfigDestinationConfigOnFailure { } /// A destination for events that were processed successfully. +/// +/// To retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), +/// you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, +/// or Amazon EventBridge event bus as the destination. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FunctionFunctionEventInvokeConfigDestinationConfigOnSuccess { #[serde(default, skip_serializing_if = "Option::is_none")] pub destination: Option, } -/// Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/configuration-images.html#configuration-images-settings) +/// Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) /// that override the values in the container image Dockerfile. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FunctionImageConfig { @@ -369,8 +404,8 @@ pub struct FunctionSnapStart { pub apply_on: Option, } -/// Set Mode to Active to sample and trace a subset of incoming requests with -/// X-Ray (https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html). +/// Set Mode to Active to sample and trace a subset of incoming requests withX-Ray +/// (https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FunctionTracingConfig { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -460,7 +495,7 @@ pub struct FunctionStatus { /// The size of the function's deployment package, in bytes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "codeSize")] pub code_size: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functionurlconfigs.rs b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functionurlconfigs.rs index 1f8d2e874..3d8c1ab97 100644 --- a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functionurlconfigs.rs +++ b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/functionurlconfigs.rs @@ -22,16 +22,16 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct FunctionURLConfigSpec { /// The type of authentication that your function URL uses. Set to AWS_IAM if - /// you want to restrict access to authenticated IAM users only. Set to NONE - /// if you want to bypass IAM authentication to create a public endpoint. For - /// more information, see Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). + /// you want to restrict access to authenticated users only. Set to NONE if you + /// want to bypass IAM authentication to create a public endpoint. For more information, + /// see Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). #[serde(rename = "authType")] pub auth_type: String, /// The cross-origin resource sharing (CORS) (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) /// settings for your function URL. #[serde(default, skip_serializing_if = "Option::is_none")] pub cors: Option, - /// The name of the Lambda function. + /// The name or ARN of the Lambda function. /// /// Name formats /// @@ -110,7 +110,7 @@ pub struct FunctionURLConfigStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/layerversions.rs b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/layerversions.rs index f074fa942..5c05c89df 100644 --- a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/layerversions.rs +++ b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/layerversions.rs @@ -24,6 +24,9 @@ pub struct LayerVersionSpec { pub compatible_architectures: Option>, /// A list of compatible function runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). /// Used for filtering with ListLayers and ListLayerVersions. + /// + /// The following list includes deprecated runtimes. For more information, see + /// Runtime deprecation policy (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy). #[serde(default, skip_serializing_if = "Option::is_none", rename = "compatibleRuntimes")] pub compatible_runtimes: Option>, /// The function layer archive. @@ -67,7 +70,7 @@ pub struct LayerVersionStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/versions.rs b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/versions.rs index e7f5c2950..a77e7e9c3 100644 --- a/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/versions.rs +++ b/kube-custom-resources-rs/src/lambda_services_k8s_aws/v1alpha1/versions.rs @@ -31,7 +31,7 @@ pub struct VersionSpec { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "functionEventInvokeConfig")] pub function_event_invoke_config: Option, - /// The name of the Lambda function. + /// The name or ARN of the Lambda function. /// /// Name formats /// @@ -87,6 +87,10 @@ pub struct VersionFunctionEventInvokeConfigDestinationConfig { #[serde(default, skip_serializing_if = "Option::is_none", rename = "onFailure")] pub on_failure: Option, /// A destination for events that were processed successfully. + /// + /// To retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), + /// you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, + /// or Amazon EventBridge event bus as the destination. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onSuccess")] pub on_success: Option, } @@ -99,6 +103,10 @@ pub struct VersionFunctionEventInvokeConfigDestinationConfigOnFailure { } /// A destination for events that were processed successfully. +/// +/// To retain records of successful asynchronous invocations (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), +/// you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, +/// or Amazon EventBridge event bus as the destination. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VersionFunctionEventInvokeConfigDestinationConfigOnSuccess { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -156,7 +164,7 @@ pub struct VersionStatus { /// The size of the function's deployment package, in bytes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "codeSize")] pub code_size: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -169,8 +177,9 @@ pub struct VersionStatus { /// Omitted from CloudTrail logs. #[serde(default, skip_serializing_if = "Option::is_none")] pub environment: Option, - /// The size of the function’s /tmp directory in MB. The default value is 512, - /// but it can be any whole number between 512 and 10,240 MB. + /// The size of the function's /tmp directory in MB. The default value is 512, + /// but can be any whole number between 512 and 10,240 MB. For more information, + /// see Configuring ephemeral storage (console) (https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-ephemeral-storage). #[serde(default, skip_serializing_if = "Option::is_none", rename = "ephemeralStorage")] pub ephemeral_storage: Option, /// Connection settings for an Amazon EFS file system (https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html). @@ -185,8 +194,26 @@ pub struct VersionStatus { /// The function's image configuration values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageConfigResponse")] pub image_config_response: Option, - /// The KMS key that's used to encrypt the function's environment variables. - /// This key is returned only if you've configured a customer managed key. + /// The ARN of the Key Management Service (KMS) customer managed key that's used + /// to encrypt the following resources: + /// + /// * The function's environment variables (https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). + /// + /// * The function's Lambda SnapStart (https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) + /// snapshots. + /// + /// * When used with SourceKMSKeyArn, the unzipped version of the .zip deployment + /// package that's used for function invocations. For more information, see + /// Specifying a customer managed key for Lambda (https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption). + /// + /// * The optimized version of the container image that's used for function + /// invocations. Note that this is not the same key that's used to protect + /// your container image in the Amazon Elastic Container Registry (Amazon + /// ECR). For more information, see Function lifecycle (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle). + /// + /// If you don't provide a customer managed key, Lambda uses an Amazon Web Services + /// owned key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) + /// or an Amazon Web Services managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyARN")] pub kms_key_arn: Option, /// The date and time that the function was last updated, in ISO-8601 format @@ -222,7 +249,16 @@ pub struct VersionStatus { /// The function's execution role. #[serde(default, skip_serializing_if = "Option::is_none")] pub role: Option, - /// The runtime environment for the Lambda function. + /// The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). + /// Runtime is required if the deployment package is a .zip file archive. Specifying + /// a runtime results in an error if you're deploying a function using a container + /// image. + /// + /// The following list includes deprecated runtimes. Lambda blocks creating new + /// functions and updating existing functions shortly after each runtime is deprecated. + /// For more information, see Runtime use after deprecation (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels). + /// + /// For a list of all currently supported runtimes, see Supported runtimes (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported). #[serde(default, skip_serializing_if = "Option::is_none")] pub runtime: Option, /// The ARN of the signing job. @@ -311,8 +347,9 @@ pub struct VersionStatusEnvironmentError { pub message: Option, } -/// The size of the function’s /tmp directory in MB. The default value is 512, -/// but it can be any whole number between 512 and 10,240 MB. +/// The size of the function's /tmp directory in MB. The default value is 512, +/// but can be any whole number between 512 and 10,240 MB. For more information, +/// see Configuring ephemeral storage (console) (https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-ephemeral-storage). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VersionStatusEphemeralStorage { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -396,6 +433,8 @@ pub struct VersionStatusTracingConfig { /// The function's networking configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VersionStatusVpcConfig { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipv6AllowedForDualStack")] + pub ipv6_allowed_for_dual_stack: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIDs")] pub security_group_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetIDs")] diff --git a/kube-custom-resources-rs/src/lib.rs b/kube-custom-resources-rs/src/lib.rs index 5ff673e2a..9de35fa6f 100644 --- a/kube-custom-resources-rs/src/lib.rs +++ b/kube-custom-resources-rs/src/lib.rs @@ -106,6 +106,9 @@ apiVersion `api.clever-cloud.com/v1`: - `PostgreSql` - `Redis` +apiVersion `api.clever-cloud.com/v1alpha1`: +- `KV` + apiVersion `api.clever-cloud.com/v1beta1`: - `Pulsar` @@ -920,6 +923,9 @@ apiVersion `crd.projectcalico.org/v1`: - `IPReservation` - `KubeControllersConfiguration` - `NetworkSet` +- `StagedGlobalNetworkPolicy` +- `StagedKubernetesNetworkPolicy` +- `StagedNetworkPolicy` - `Tier` ## data_fluid_io @@ -1321,6 +1327,9 @@ apiVersion `gateway.nginx.org/v1alpha1`: - `NginxProxy` - `ObservabilityPolicy` +apiVersion `gateway.nginx.org/v1alpha2`: +- `ObservabilityPolicy` + ## getambassador_io apiVersion `getambassador.io/v3alpha1`: @@ -1357,6 +1366,11 @@ apiVersion `groupsnapshot.storage.k8s.io/v1alpha1`: - `VolumeGroupSnapshotContent` - `VolumeGroupSnapshot` +apiVersion `groupsnapshot.storage.k8s.io/v1beta1`: +- `VolumeGroupSnapshotClass` +- `VolumeGroupSnapshotContent` +- `VolumeGroupSnapshot` + ## hazelcast_com apiVersion `hazelcast.com/v1alpha1`: @@ -1799,6 +1813,10 @@ apiVersion `kms.services.k8s.aws/v1alpha1`: ## kuadrant_io +apiVersion `kuadrant.io/v1`: +- `AuthPolicy` +- `RateLimitPolicy` + apiVersion `kuadrant.io/v1alpha1`: - `DNSRecord` - `ManagedZone` diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusterflows.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusterflows.rs index ac7f23ff0..004650774 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusterflows.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusterflows.rs @@ -46,8 +46,6 @@ pub struct ClusterFlowFilters { pub detect_exceptions: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch_genid: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enhanceK8s")] - pub enhance_k8s: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub geoip: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -65,8 +63,6 @@ pub struct ClusterFlowFilters { #[serde(default, skip_serializing_if = "Option::is_none")] pub stdout: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub tag_normaliser: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub throttle: Option, @@ -166,164 +162,6 @@ pub struct ClusterFlowFiltersElasticsearchGenid { pub use_record_as_seed: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8s { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub api_groups: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub bearer_token_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh_variation: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_ttl: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_cert: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub core_api_versions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_namespace_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_pod_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kubernetes_url: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret_dir: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ssl_partial_chain: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCert { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKey { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterFlowFiltersGeoip { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -929,62 +767,6 @@ pub struct ClusterFlowFiltersStdout { pub output_type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_value: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_container_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_facility_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_host_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_namespace_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_pod_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_priority_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_unit_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_replace_dash: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_annotation_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_label_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_namespace: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod_id: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterFlowFiltersTagNormaliser { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs index a8e31e378..19c210fbe 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/clusteroutputs.rs @@ -28,8 +28,6 @@ pub struct ClusterOutputSpec { pub datadog: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledNamespaces")] - pub enabled_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub file: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -77,8 +75,6 @@ pub struct ClusterOutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub sqs: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub syslog: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "vmwareLogInsight")] pub vmware_log_insight: Option, @@ -2982,6 +2978,8 @@ pub struct ClusterOutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub buffer: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compress: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, pub endpoint: String, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2991,6 +2989,8 @@ pub struct ClusterOutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers_from_placeholders: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub http_method: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub json_array: Option, @@ -3003,6 +3003,8 @@ pub struct ClusterOutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub retryable_response_codes: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub reuse_connections: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub slow_flush_log_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub ssl_timeout: Option, @@ -3419,6 +3421,8 @@ pub struct ClusterOutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub principal: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub rdkafka_options: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub required_acks: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub sasl_over_ssl: Option, @@ -3626,6 +3630,194 @@ pub struct ClusterOutputKafkaPasswordValueFromSecretKeyRef { pub optional: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterOutputKafkaRdkafkaOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allow.auto.create.topics")] + pub allow_auto_create_topics: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.fallback.ms")] + pub api_version_fallback_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request")] + pub api_version_request: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request.timeout.ms")] + pub api_version_request_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub background_event_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrap.servers")] + pub bootstrap_servers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.family")] + pub broker_address_family: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.ttl")] + pub broker_address_ttl: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.version.fallback")] + pub broker_version_fallback: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtin.features")] + pub builtin_features: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "client.id")] + pub client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub closesocket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub connect_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connections.max.idle.ms")] + pub connections_max_idle_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub debug: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default_topic_conf: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.random.seed")] + pub enable_random_seed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.sasl.oauthbearer.unsecure.jwt")] + pub enable_sasl_oauthbearer_unsecure_jwt: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.ssl.certificate.verification")] + pub enable_ssl_certificate_verification: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled_events: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub error_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub interceptors: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "internal.termination.signal")] + pub internal_termination_signal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.connection.close")] + pub log_connection_close: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.queue")] + pub log_queue: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.thread.name")] + pub log_thread_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight")] + pub max_in_flight: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight.requests.per.connection")] + pub max_in_flight_requests_per_connection: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.copy.max.bytes")] + pub message_copy_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.max.bytes")] + pub message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.broker.list")] + pub metadata_broker_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.max.age.ms")] + pub metadata_max_age_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauthbearer_token_refresh_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub opaque: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub open_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "plugin.library.paths")] + pub plugin_library_paths: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "receive.message.max.bytes")] + pub receive_message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.max.ms")] + pub reconnect_backoff_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.ms")] + pub reconnect_backoff_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resolve_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.keytab")] + pub sasl_kerberos_keytab: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.kinit.cmd")] + pub sasl_kerberos_kinit_cmd: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.min.time.before.relogin")] + pub sasl_kerberos_min_time_before_relogin: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.principal")] + pub sasl_kerberos_principal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.service.name")] + pub sasl_kerberos_service_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.mechanisms")] + pub sasl_mechanisms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.id")] + pub sasl_oauthbearer_client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.secret")] + pub sasl_oauthbearer_client_secret: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.config")] + pub sasl_oauthbearer_config: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.extensions")] + pub sasl_oauthbearer_extensions: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.method")] + pub sasl_oauthbearer_method: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.scope")] + pub sasl_oauthbearer_scope: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.token.endpoint.url")] + pub sasl_oauthbearer_token_endpoint_url: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.password")] + pub sasl_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.username")] + pub sasl_username: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "security.protocol")] + pub security_protocol: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.blocking.max.ms")] + pub socket_blocking_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.connection.setup.timeout.ms")] + pub socket_connection_setup_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.keepalive.enable")] + pub socket_keepalive_enable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.max.fails")] + pub socket_max_fails: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.nagle.disable")] + pub socket_nagle_disable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.receive.buffer.bytes")] + pub socket_receive_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.send.buffer.bytes")] + pub socket_send_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.timeout.ms")] + pub socket_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub socket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.location")] + pub ssl_ca_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.pem")] + pub ssl_ca_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.location")] + pub ssl_certificate_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.pem")] + pub ssl_certificate_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.cipher.suites")] + pub ssl_cipher_suites: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.crl.location")] + pub ssl_crl_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.curves.list")] + pub ssl_curves_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.endpoint.identification.algorithm")] + pub ssl_endpoint_identification_algorithm: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.id")] + pub ssl_engine_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.location")] + pub ssl_engine_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.location")] + pub ssl_key_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.password")] + pub ssl_key_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.pem")] + pub ssl_key_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.location")] + pub ssl_keystore_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.password")] + pub ssl_keystore_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.providers")] + pub ssl_providers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.sigalgs.list")] + pub ssl_sigalgs_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statistics.interval.ms")] + pub statistics_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub stats_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub throttle_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.blacklist")] + pub topic_blacklist: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.propagation.max.ms")] + pub topic_metadata_propagation_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.fast.interval.ms")] + pub topic_metadata_refresh_fast_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.interval.ms")] + pub topic_metadata_refresh_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.sparse")] + pub topic_metadata_refresh_sparse: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOutputKafkaSslCaCert { #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] @@ -7253,164 +7445,6 @@ pub struct ClusterOutputSqsBuffer { pub r#type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add_timestamp: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub buffer: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress_encoding: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_dimensions: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_fields: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delimiter: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_cookies: Option, - pub endpoint: ClusterOutputSumologicEndpoint, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metric_data_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub open_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub proxy_uri: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub slow_flush_log_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - pub source_name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumo_client: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timestamp_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicBuffer { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_full_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_records: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delayed_commit_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_chunk_backup: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disabled: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_at_shutdown: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_burst_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_count: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub overflow_action: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queue_limit_length: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queued_chunks_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_exponential_backoff_base: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_forever: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_times: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_randomize: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_secondary_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tags: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_use_utc: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_zone: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub total_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpoint { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOutputSyslog { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/flows.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/flows.rs index 28bd8836e..4ad5106d7 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/flows.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/flows.rs @@ -48,8 +48,6 @@ pub struct FlowFilters { pub detect_exceptions: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch_genid: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enhanceK8s")] - pub enhance_k8s: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub geoip: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -67,8 +65,6 @@ pub struct FlowFilters { #[serde(default, skip_serializing_if = "Option::is_none")] pub stdout: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub tag_normaliser: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub throttle: Option, @@ -168,164 +164,6 @@ pub struct FlowFiltersElasticsearchGenid { pub use_record_as_seed: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8s { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub api_groups: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub bearer_token_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh_variation: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_ttl: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_cert: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub core_api_versions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_namespace_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_pod_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kubernetes_url: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret_dir: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ssl_partial_chain: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCert { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKey { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FlowFiltersGeoip { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -931,62 +769,6 @@ pub struct FlowFiltersStdout { pub output_type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_value: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_container_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_facility_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_host_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_namespace_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_pod_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_priority_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_unit_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_replace_dash: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_annotation_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_label_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_namespace: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod_id: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FlowFiltersTagNormaliser { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs index 4d964a742..eac050c30 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1alpha1/outputs.rs @@ -69,8 +69,6 @@ pub struct OutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub sqs: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub syslog: Option, } @@ -2970,6 +2968,8 @@ pub struct OutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub buffer: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compress: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, pub endpoint: String, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2979,6 +2979,8 @@ pub struct OutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers_from_placeholders: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub http_method: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub json_array: Option, @@ -2991,6 +2993,8 @@ pub struct OutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub retryable_response_codes: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub reuse_connections: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub slow_flush_log_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub ssl_timeout: Option, @@ -3407,6 +3411,8 @@ pub struct OutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub principal: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub rdkafka_options: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub required_acks: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub sasl_over_ssl: Option, @@ -3614,6 +3620,194 @@ pub struct OutputKafkaPasswordValueFromSecretKeyRef { pub optional: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OutputKafkaRdkafkaOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allow.auto.create.topics")] + pub allow_auto_create_topics: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.fallback.ms")] + pub api_version_fallback_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request")] + pub api_version_request: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request.timeout.ms")] + pub api_version_request_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub background_event_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrap.servers")] + pub bootstrap_servers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.family")] + pub broker_address_family: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.ttl")] + pub broker_address_ttl: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.version.fallback")] + pub broker_version_fallback: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtin.features")] + pub builtin_features: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "client.id")] + pub client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub closesocket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub connect_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connections.max.idle.ms")] + pub connections_max_idle_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub debug: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default_topic_conf: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.random.seed")] + pub enable_random_seed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.sasl.oauthbearer.unsecure.jwt")] + pub enable_sasl_oauthbearer_unsecure_jwt: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.ssl.certificate.verification")] + pub enable_ssl_certificate_verification: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled_events: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub error_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub interceptors: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "internal.termination.signal")] + pub internal_termination_signal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.connection.close")] + pub log_connection_close: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.queue")] + pub log_queue: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.thread.name")] + pub log_thread_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight")] + pub max_in_flight: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight.requests.per.connection")] + pub max_in_flight_requests_per_connection: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.copy.max.bytes")] + pub message_copy_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.max.bytes")] + pub message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.broker.list")] + pub metadata_broker_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.max.age.ms")] + pub metadata_max_age_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauthbearer_token_refresh_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub opaque: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub open_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "plugin.library.paths")] + pub plugin_library_paths: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "receive.message.max.bytes")] + pub receive_message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.max.ms")] + pub reconnect_backoff_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.ms")] + pub reconnect_backoff_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resolve_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.keytab")] + pub sasl_kerberos_keytab: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.kinit.cmd")] + pub sasl_kerberos_kinit_cmd: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.min.time.before.relogin")] + pub sasl_kerberos_min_time_before_relogin: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.principal")] + pub sasl_kerberos_principal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.service.name")] + pub sasl_kerberos_service_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.mechanisms")] + pub sasl_mechanisms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.id")] + pub sasl_oauthbearer_client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.secret")] + pub sasl_oauthbearer_client_secret: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.config")] + pub sasl_oauthbearer_config: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.extensions")] + pub sasl_oauthbearer_extensions: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.method")] + pub sasl_oauthbearer_method: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.scope")] + pub sasl_oauthbearer_scope: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.token.endpoint.url")] + pub sasl_oauthbearer_token_endpoint_url: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.password")] + pub sasl_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.username")] + pub sasl_username: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "security.protocol")] + pub security_protocol: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.blocking.max.ms")] + pub socket_blocking_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.connection.setup.timeout.ms")] + pub socket_connection_setup_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.keepalive.enable")] + pub socket_keepalive_enable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.max.fails")] + pub socket_max_fails: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.nagle.disable")] + pub socket_nagle_disable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.receive.buffer.bytes")] + pub socket_receive_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.send.buffer.bytes")] + pub socket_send_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.timeout.ms")] + pub socket_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub socket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.location")] + pub ssl_ca_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.pem")] + pub ssl_ca_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.location")] + pub ssl_certificate_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.pem")] + pub ssl_certificate_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.cipher.suites")] + pub ssl_cipher_suites: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.crl.location")] + pub ssl_crl_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.curves.list")] + pub ssl_curves_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.endpoint.identification.algorithm")] + pub ssl_endpoint_identification_algorithm: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.id")] + pub ssl_engine_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.location")] + pub ssl_engine_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.location")] + pub ssl_key_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.password")] + pub ssl_key_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.pem")] + pub ssl_key_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.location")] + pub ssl_keystore_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.password")] + pub ssl_keystore_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.providers")] + pub ssl_providers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.sigalgs.list")] + pub ssl_sigalgs_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statistics.interval.ms")] + pub statistics_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub stats_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub throttle_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.blacklist")] + pub topic_blacklist: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.propagation.max.ms")] + pub topic_metadata_propagation_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.fast.interval.ms")] + pub topic_metadata_refresh_fast_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.interval.ms")] + pub topic_metadata_refresh_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.sparse")] + pub topic_metadata_refresh_sparse: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OutputKafkaSslCaCert { #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] @@ -6874,164 +7068,6 @@ pub struct OutputSqsBuffer { pub r#type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add_timestamp: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub buffer: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress_encoding: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_dimensions: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_fields: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delimiter: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_cookies: Option, - pub endpoint: OutputSumologicEndpoint, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metric_data_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub open_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub proxy_uri: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub slow_flush_log_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - pub source_name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumo_client: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timestamp_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicBuffer { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_full_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_records: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delayed_commit_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_chunk_backup: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disabled: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_at_shutdown: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_burst_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_count: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub overflow_action: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queue_limit_length: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queued_chunks_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_exponential_backoff_base: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_forever: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_times: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_randomize: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_secondary_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tags: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_use_utc: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_zone: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub total_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpoint { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OutputSyslog { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusterflows.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusterflows.rs index ad6561fec..5890aa467 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusterflows.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusterflows.rs @@ -46,8 +46,6 @@ pub struct ClusterFlowFilters { pub detect_exceptions: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch_genid: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enhanceK8s")] - pub enhance_k8s: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub geoip: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -65,8 +63,6 @@ pub struct ClusterFlowFilters { #[serde(default, skip_serializing_if = "Option::is_none")] pub stdout: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub tag_normaliser: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub throttle: Option, @@ -166,164 +162,6 @@ pub struct ClusterFlowFiltersElasticsearchGenid { pub use_record_as_seed: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8s { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub api_groups: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub bearer_token_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh_variation: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_ttl: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_cert: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub core_api_versions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_namespace_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_pod_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kubernetes_url: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret_dir: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ssl_partial_chain: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sCaFileValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCert { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientCertValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKey { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersEnhanceK8sClientKeyValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterFlowFiltersGeoip { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -929,62 +767,6 @@ pub struct ClusterFlowFiltersStdout { pub output_type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterFlowFiltersSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_value: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_container_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_facility_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_host_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_namespace_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_pod_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_priority_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_unit_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_replace_dash: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_annotation_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_label_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_namespace: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod_id: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterFlowFiltersTagNormaliser { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs index 03f74d74e..791271449 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/clusteroutputs.rs @@ -28,8 +28,6 @@ pub struct ClusterOutputSpec { pub datadog: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledNamespaces")] - pub enabled_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub file: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -77,8 +75,6 @@ pub struct ClusterOutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub sqs: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub syslog: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "vmwareLogInsight")] pub vmware_log_insight: Option, @@ -2982,6 +2978,8 @@ pub struct ClusterOutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub buffer: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compress: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, pub endpoint: String, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2991,6 +2989,8 @@ pub struct ClusterOutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers_from_placeholders: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub http_method: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub json_array: Option, @@ -3003,6 +3003,8 @@ pub struct ClusterOutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub retryable_response_codes: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub reuse_connections: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub slow_flush_log_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub ssl_timeout: Option, @@ -3419,6 +3421,8 @@ pub struct ClusterOutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub principal: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub rdkafka_options: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub required_acks: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub sasl_over_ssl: Option, @@ -3626,6 +3630,194 @@ pub struct ClusterOutputKafkaPasswordValueFromSecretKeyRef { pub optional: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterOutputKafkaRdkafkaOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allow.auto.create.topics")] + pub allow_auto_create_topics: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.fallback.ms")] + pub api_version_fallback_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request")] + pub api_version_request: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request.timeout.ms")] + pub api_version_request_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub background_event_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrap.servers")] + pub bootstrap_servers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.family")] + pub broker_address_family: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.ttl")] + pub broker_address_ttl: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.version.fallback")] + pub broker_version_fallback: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtin.features")] + pub builtin_features: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "client.id")] + pub client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub closesocket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub connect_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connections.max.idle.ms")] + pub connections_max_idle_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub debug: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default_topic_conf: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.random.seed")] + pub enable_random_seed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.sasl.oauthbearer.unsecure.jwt")] + pub enable_sasl_oauthbearer_unsecure_jwt: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.ssl.certificate.verification")] + pub enable_ssl_certificate_verification: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled_events: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub error_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub interceptors: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "internal.termination.signal")] + pub internal_termination_signal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.connection.close")] + pub log_connection_close: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.queue")] + pub log_queue: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.thread.name")] + pub log_thread_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight")] + pub max_in_flight: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight.requests.per.connection")] + pub max_in_flight_requests_per_connection: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.copy.max.bytes")] + pub message_copy_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.max.bytes")] + pub message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.broker.list")] + pub metadata_broker_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.max.age.ms")] + pub metadata_max_age_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauthbearer_token_refresh_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub opaque: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub open_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "plugin.library.paths")] + pub plugin_library_paths: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "receive.message.max.bytes")] + pub receive_message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.max.ms")] + pub reconnect_backoff_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.ms")] + pub reconnect_backoff_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resolve_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.keytab")] + pub sasl_kerberos_keytab: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.kinit.cmd")] + pub sasl_kerberos_kinit_cmd: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.min.time.before.relogin")] + pub sasl_kerberos_min_time_before_relogin: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.principal")] + pub sasl_kerberos_principal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.service.name")] + pub sasl_kerberos_service_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.mechanisms")] + pub sasl_mechanisms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.id")] + pub sasl_oauthbearer_client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.secret")] + pub sasl_oauthbearer_client_secret: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.config")] + pub sasl_oauthbearer_config: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.extensions")] + pub sasl_oauthbearer_extensions: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.method")] + pub sasl_oauthbearer_method: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.scope")] + pub sasl_oauthbearer_scope: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.token.endpoint.url")] + pub sasl_oauthbearer_token_endpoint_url: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.password")] + pub sasl_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.username")] + pub sasl_username: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "security.protocol")] + pub security_protocol: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.blocking.max.ms")] + pub socket_blocking_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.connection.setup.timeout.ms")] + pub socket_connection_setup_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.keepalive.enable")] + pub socket_keepalive_enable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.max.fails")] + pub socket_max_fails: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.nagle.disable")] + pub socket_nagle_disable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.receive.buffer.bytes")] + pub socket_receive_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.send.buffer.bytes")] + pub socket_send_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.timeout.ms")] + pub socket_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub socket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.location")] + pub ssl_ca_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.pem")] + pub ssl_ca_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.location")] + pub ssl_certificate_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.pem")] + pub ssl_certificate_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.cipher.suites")] + pub ssl_cipher_suites: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.crl.location")] + pub ssl_crl_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.curves.list")] + pub ssl_curves_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.endpoint.identification.algorithm")] + pub ssl_endpoint_identification_algorithm: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.id")] + pub ssl_engine_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.location")] + pub ssl_engine_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.location")] + pub ssl_key_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.password")] + pub ssl_key_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.pem")] + pub ssl_key_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.location")] + pub ssl_keystore_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.password")] + pub ssl_keystore_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.providers")] + pub ssl_providers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.sigalgs.list")] + pub ssl_sigalgs_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statistics.interval.ms")] + pub statistics_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub stats_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub throttle_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.blacklist")] + pub topic_blacklist: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.propagation.max.ms")] + pub topic_metadata_propagation_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.fast.interval.ms")] + pub topic_metadata_refresh_fast_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.interval.ms")] + pub topic_metadata_refresh_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.sparse")] + pub topic_metadata_refresh_sparse: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOutputKafkaSslCaCert { #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] @@ -7253,164 +7445,6 @@ pub struct ClusterOutputSqsBuffer { pub r#type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add_timestamp: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub buffer: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress_encoding: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_dimensions: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_fields: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delimiter: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_cookies: Option, - pub endpoint: ClusterOutputSumologicEndpoint, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metric_data_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub open_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub proxy_uri: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub slow_flush_log_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - pub source_name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumo_client: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timestamp_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicBuffer { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_full_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_records: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delayed_commit_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_chunk_backup: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disabled: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_at_shutdown: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_burst_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_count: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub overflow_action: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queue_limit_length: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queued_chunks_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_exponential_backoff_base: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_forever: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_times: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_randomize: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_secondary_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tags: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_use_utc: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_zone: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub total_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpoint { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterOutputSumologicEndpointValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOutputSyslog { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/flows.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/flows.rs index 30bd4a275..bd12d6ae9 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/flows.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/flows.rs @@ -48,8 +48,6 @@ pub struct FlowFilters { pub detect_exceptions: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub elasticsearch_genid: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enhanceK8s")] - pub enhance_k8s: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub geoip: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -67,8 +65,6 @@ pub struct FlowFilters { #[serde(default, skip_serializing_if = "Option::is_none")] pub stdout: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub tag_normaliser: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub throttle: Option, @@ -168,164 +164,6 @@ pub struct FlowFiltersElasticsearchGenid { pub use_record_as_seed: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8s { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub api_groups: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub bearer_token_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca_file: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_refresh_variation: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cache_ttl: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_cert: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub client_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub core_api_versions: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_namespace_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub in_pod_path: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kubernetes_url: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret_dir: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ssl_partial_chain: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFile { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sCaFileValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCert { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientCertValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKey { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersEnhanceK8sClientKeyValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FlowFiltersGeoip { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -931,62 +769,6 @@ pub struct FlowFiltersStdout { pub output_type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct FlowFiltersSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub collector_value: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_container_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_facility_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_host_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_namespace_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_pod_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_priority_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exclude_unit_regex: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category_replace_dash: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_annotation_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_container_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_host: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_label_prefix: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_namespace: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tracing_pod_id: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FlowFiltersTagNormaliser { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs index d186736ad..dbe9c233a 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/outputs.rs @@ -73,8 +73,6 @@ pub struct OutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub sqs: Option, #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumologic: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] pub syslog: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "vmwareLogInsight")] pub vmware_log_insight: Option, @@ -2978,6 +2976,8 @@ pub struct OutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub buffer: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub compress: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub content_type: Option, pub endpoint: String, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2987,6 +2987,8 @@ pub struct OutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub headers: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub headers_from_placeholders: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] pub http_method: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub json_array: Option, @@ -2999,6 +3001,8 @@ pub struct OutputHttp { #[serde(default, skip_serializing_if = "Option::is_none")] pub retryable_response_codes: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] + pub reuse_connections: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub slow_flush_log_threshold: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub ssl_timeout: Option, @@ -3415,6 +3419,8 @@ pub struct OutputKafka { #[serde(default, skip_serializing_if = "Option::is_none")] pub principal: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub rdkafka_options: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub required_acks: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub sasl_over_ssl: Option, @@ -3622,6 +3628,194 @@ pub struct OutputKafkaPasswordValueFromSecretKeyRef { pub optional: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OutputKafkaRdkafkaOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allow.auto.create.topics")] + pub allow_auto_create_topics: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.fallback.ms")] + pub api_version_fallback_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request")] + pub api_version_request: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "api.version.request.timeout.ms")] + pub api_version_request_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub background_event_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "bootstrap.servers")] + pub bootstrap_servers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.family")] + pub broker_address_family: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.address.ttl")] + pub broker_address_ttl: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "broker.version.fallback")] + pub broker_version_fallback: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtin.features")] + pub builtin_features: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "client.id")] + pub client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub closesocket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub connect_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "connections.max.idle.ms")] + pub connections_max_idle_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub debug: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub default_topic_conf: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.random.seed")] + pub enable_random_seed: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.sasl.oauthbearer.unsecure.jwt")] + pub enable_sasl_oauthbearer_unsecure_jwt: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enable.ssl.certificate.verification")] + pub enable_ssl_certificate_verification: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled_events: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub error_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub interceptors: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "internal.termination.signal")] + pub internal_termination_signal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.connection.close")] + pub log_connection_close: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.queue")] + pub log_queue: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "log.thread.name")] + pub log_thread_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub log_level: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight")] + pub max_in_flight: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "max.in.flight.requests.per.connection")] + pub max_in_flight_requests_per_connection: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.copy.max.bytes")] + pub message_copy_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "message.max.bytes")] + pub message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.broker.list")] + pub metadata_broker_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "metadata.max.age.ms")] + pub metadata_max_age_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauthbearer_token_refresh_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub opaque: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub open_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "plugin.library.paths")] + pub plugin_library_paths: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "receive.message.max.bytes")] + pub receive_message_max_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.max.ms")] + pub reconnect_backoff_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconnect.backoff.ms")] + pub reconnect_backoff_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resolve_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.keytab")] + pub sasl_kerberos_keytab: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.kinit.cmd")] + pub sasl_kerberos_kinit_cmd: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.min.time.before.relogin")] + pub sasl_kerberos_min_time_before_relogin: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.principal")] + pub sasl_kerberos_principal: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.kerberos.service.name")] + pub sasl_kerberos_service_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.mechanisms")] + pub sasl_mechanisms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.id")] + pub sasl_oauthbearer_client_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.client.secret")] + pub sasl_oauthbearer_client_secret: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.config")] + pub sasl_oauthbearer_config: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.extensions")] + pub sasl_oauthbearer_extensions: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.method")] + pub sasl_oauthbearer_method: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.scope")] + pub sasl_oauthbearer_scope: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.oauthbearer.token.endpoint.url")] + pub sasl_oauthbearer_token_endpoint_url: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.password")] + pub sasl_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sasl.username")] + pub sasl_username: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "security.protocol")] + pub security_protocol: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.blocking.max.ms")] + pub socket_blocking_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.connection.setup.timeout.ms")] + pub socket_connection_setup_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.keepalive.enable")] + pub socket_keepalive_enable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.max.fails")] + pub socket_max_fails: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.nagle.disable")] + pub socket_nagle_disable: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.receive.buffer.bytes")] + pub socket_receive_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.send.buffer.bytes")] + pub socket_send_buffer_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "socket.timeout.ms")] + pub socket_timeout_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub socket_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.location")] + pub ssl_ca_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.ca.pem")] + pub ssl_ca_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.location")] + pub ssl_certificate_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.certificate.pem")] + pub ssl_certificate_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.cipher.suites")] + pub ssl_cipher_suites: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.crl.location")] + pub ssl_crl_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.curves.list")] + pub ssl_curves_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.endpoint.identification.algorithm")] + pub ssl_endpoint_identification_algorithm: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.id")] + pub ssl_engine_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.engine.location")] + pub ssl_engine_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.location")] + pub ssl_key_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.password")] + pub ssl_key_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.key.pem")] + pub ssl_key_pem: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.location")] + pub ssl_keystore_location: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.keystore.password")] + pub ssl_keystore_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.providers")] + pub ssl_providers: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ssl.sigalgs.list")] + pub ssl_sigalgs_list: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statistics.interval.ms")] + pub statistics_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub stats_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub throttle_cb: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.blacklist")] + pub topic_blacklist: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.propagation.max.ms")] + pub topic_metadata_propagation_max_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.fast.interval.ms")] + pub topic_metadata_refresh_fast_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.interval.ms")] + pub topic_metadata_refresh_interval_ms: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "topic.metadata.refresh.sparse")] + pub topic_metadata_refresh_sparse: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OutputKafkaSslCaCert { #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] @@ -7249,164 +7443,6 @@ pub struct OutputSqsBuffer { pub r#type: Option, } -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologic { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add_timestamp: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub buffer: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress_encoding: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_dimensions: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub custom_fields: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub data_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delimiter: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_cookies: Option, - pub endpoint: OutputSumologicEndpoint, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub log_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metric_data_format: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub open_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub proxy_uri: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub slow_flush_log_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_category: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_host: Option, - pub source_name: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source_name_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sumo_client: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timestamp_key: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub verify_ssl: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicBuffer { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_full_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_records: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub chunk_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub compress: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub delayed_commit_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disable_chunk_backup: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub disabled: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_at_shutdown: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_mode: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_burst_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_count: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flush_thread_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub overflow_action: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queue_limit_length: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queued_chunks_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_exponential_backoff_base: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_forever: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_interval: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_max_times: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_randomize: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_secondary_threshold: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_timeout: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_type: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub retry_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tags: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_use_utc: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_wait: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub timekey_zone: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub total_limit_size: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpoint { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] - pub mount_from: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointMountFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointMountFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointValueFrom { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OutputSumologicEndpointValueFromSecretKeyRef { - pub key: String, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OutputSyslog { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs index 966968917..72a39aa3e 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs @@ -22,8 +22,6 @@ pub struct SyslogNGClusterOutputSpec { pub elasticsearch: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticsearch-datastream")] pub elasticsearch_datastream: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledNamespaces")] - pub enabled_namespaces: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub file: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_extensions_banzaicloud_io/v1alpha1/hosttailers.rs b/kube-custom-resources-rs/src/logging_extensions_banzaicloud_io/v1alpha1/hosttailers.rs index 66aadff9e..8424d3328 100644 --- a/kube-custom-resources-rs/src/logging_extensions_banzaicloud_io/v1alpha1/hosttailers.rs +++ b/kube-custom-resources-rs/src/logging_extensions_banzaicloud_io/v1alpha1/hosttailers.rs @@ -26,8 +26,8 @@ pub struct HostTailerSpec { pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemdTailers")] pub systemd_tailers: Option>, - #[serde(rename = "workloadMetaOverrides")] - pub workload_meta_overrides: HostTailerWorkloadMetaOverrides, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadMetaOverrides")] + pub workload_meta_overrides: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadOverrides")] pub workload_overrides: Option, } @@ -1508,6 +1508,8 @@ pub struct HostTailerWorkloadOverridesSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] diff --git a/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs b/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs index 078b74800..051075adc 100644 --- a/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs +++ b/kube-custom-resources-rs/src/loki_grafana_com/v1/lokistacks.rs @@ -180,24 +180,30 @@ pub struct LokiStackLimitsGlobalIngestion { /// enforce the use of some required attributes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LokiStackLimitsGlobalOtlp { + /// Drop configures which attributes are dropped from the log entry. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub drop: Option, /// StreamLabels configures which resource attributes are converted to Loki stream labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "streamLabels")] pub stream_labels: Option, - /// StructuredMetadata configures which attributes are saved in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "structuredMetadata")] - pub structured_metadata: Option, } -/// StreamLabels configures which resource attributes are converted to Loki stream labels. +/// Drop configures which attributes are dropped from the log entry. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsGlobalOtlpStreamLabels { - /// ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels. +pub struct LokiStackLimitsGlobalOtlpDrop { + /// LogAttributes lists the names of log attributes that should be included in structured metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logAttributes")] + pub log_attributes: Option>, + /// ResourceAttributes lists the names of resource attributes that should be included in structured metadata. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] - pub resource_attributes: Option>, + pub resource_attributes: Option>, + /// ScopeAttributes lists the names of scope attributes that should be included in structured metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scopeAttributes")] + pub scope_attributes: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsGlobalOtlpStreamLabelsResourceAttributes { +pub struct LokiStackLimitsGlobalOtlpDropLogAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -205,22 +211,8 @@ pub struct LokiStackLimitsGlobalOtlpStreamLabelsResourceAttributes { pub regex: Option, } -/// StructuredMetadata configures which attributes are saved in structured metadata. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsGlobalOtlpStructuredMetadata { - /// LogAttributes lists the names of log attributes that should be included in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "logAttributes")] - pub log_attributes: Option>, - /// ResourceAttributes lists the names of resource attributes that should be included in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] - pub resource_attributes: Option>, - /// ScopeAttributes lists the names of scope attributes that should be included in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scopeAttributes")] - pub scope_attributes: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsGlobalOtlpStructuredMetadataLogAttributes { +pub struct LokiStackLimitsGlobalOtlpDropResourceAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -229,7 +221,7 @@ pub struct LokiStackLimitsGlobalOtlpStructuredMetadataLogAttributes { } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsGlobalOtlpStructuredMetadataResourceAttributes { +pub struct LokiStackLimitsGlobalOtlpDropScopeAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -237,8 +229,16 @@ pub struct LokiStackLimitsGlobalOtlpStructuredMetadataResourceAttributes { pub regex: Option, } +/// StreamLabels configures which resource attributes are converted to Loki stream labels. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LokiStackLimitsGlobalOtlpStreamLabels { + /// ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] + pub resource_attributes: Option>, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsGlobalOtlpStructuredMetadataScopeAttributes { +pub struct LokiStackLimitsGlobalOtlpStreamLabelsResourceAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -256,7 +256,7 @@ pub struct LokiStackLimitsGlobalQueries { /// that can be fetched by a single query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxChunksPerQuery")] pub max_chunks_per_query: Option, - /// MaxEntriesLimitsPerQuery defines the maximum number of log entries + /// MaxEntriesLimitPerQuery defines the maximum number of log entries /// that will be returned for a query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxEntriesLimitPerQuery")] pub max_entries_limit_per_query: Option, @@ -366,24 +366,30 @@ pub struct LokiStackLimitsTenantsIngestion { /// The per-tenant configuration for OTLP attributes will be merged with the global configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LokiStackLimitsTenantsOtlp { + /// Drop configures which attributes are dropped from the log entry. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub drop: Option, /// StreamLabels configures which resource attributes are converted to Loki stream labels. #[serde(default, skip_serializing_if = "Option::is_none", rename = "streamLabels")] pub stream_labels: Option, - /// StructuredMetadata configures which attributes are saved in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "structuredMetadata")] - pub structured_metadata: Option, } -/// StreamLabels configures which resource attributes are converted to Loki stream labels. +/// Drop configures which attributes are dropped from the log entry. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsTenantsOtlpStreamLabels { - /// ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels. +pub struct LokiStackLimitsTenantsOtlpDrop { + /// LogAttributes lists the names of log attributes that should be included in structured metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logAttributes")] + pub log_attributes: Option>, + /// ResourceAttributes lists the names of resource attributes that should be included in structured metadata. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] - pub resource_attributes: Option>, + pub resource_attributes: Option>, + /// ScopeAttributes lists the names of scope attributes that should be included in structured metadata. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scopeAttributes")] + pub scope_attributes: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsTenantsOtlpStreamLabelsResourceAttributes { +pub struct LokiStackLimitsTenantsOtlpDropLogAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -391,22 +397,8 @@ pub struct LokiStackLimitsTenantsOtlpStreamLabelsResourceAttributes { pub regex: Option, } -/// StructuredMetadata configures which attributes are saved in structured metadata. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsTenantsOtlpStructuredMetadata { - /// LogAttributes lists the names of log attributes that should be included in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "logAttributes")] - pub log_attributes: Option>, - /// ResourceAttributes lists the names of resource attributes that should be included in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] - pub resource_attributes: Option>, - /// ScopeAttributes lists the names of scope attributes that should be included in structured metadata. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scopeAttributes")] - pub scope_attributes: Option>, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsTenantsOtlpStructuredMetadataLogAttributes { +pub struct LokiStackLimitsTenantsOtlpDropResourceAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -415,7 +407,7 @@ pub struct LokiStackLimitsTenantsOtlpStructuredMetadataLogAttributes { } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsTenantsOtlpStructuredMetadataResourceAttributes { +pub struct LokiStackLimitsTenantsOtlpDropScopeAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -423,8 +415,16 @@ pub struct LokiStackLimitsTenantsOtlpStructuredMetadataResourceAttributes { pub regex: Option, } +/// StreamLabels configures which resource attributes are converted to Loki stream labels. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LokiStackLimitsTenantsOtlpStreamLabels { + /// ResourceAttributes lists the names of the resource attributes that should be converted into Loki stream labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceAttributes")] + pub resource_attributes: Option>, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct LokiStackLimitsTenantsOtlpStructuredMetadataScopeAttributes { +pub struct LokiStackLimitsTenantsOtlpStreamLabelsResourceAttributes { /// Name contains either a verbatim name of an attribute or a regular expression matching many attributes. pub name: String, /// If Regex is true, then Name is treated as a regular expression instead of as a verbatim attribute name. @@ -445,7 +445,7 @@ pub struct LokiStackLimitsTenantsQueries { /// that can be fetched by a single query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxChunksPerQuery")] pub max_chunks_per_query: Option, - /// MaxEntriesLimitsPerQuery defines the maximum number of log entries + /// MaxEntriesLimitPerQuery defines the maximum number of log entries /// that will be returned for a query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxEntriesLimitPerQuery")] pub max_entries_limit_per_query: Option, @@ -3156,18 +3156,16 @@ pub struct LokiStackTenantsOpenshift { /// OTLP contains settings for ingesting data using OTLP in the OpenShift tenancy mode. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LokiStackTenantsOpenshiftOtlp { - /// DisableRecommendedAttributes can be used to reduce the number of attributes used for stream labels and structured - /// metadata. + /// DisableRecommendedAttributes can be used to reduce the number of attributes used as stream labels. /// /// Enabling this setting removes the "recommended attributes" from the generated Loki configuration. This will cause - /// meta information to not be available as stream labels or structured metadata, potentially making queries more - /// expensive and less performant. + /// some stream labels to disappear from the index, potentially making queries more expensive and less performant. /// /// Note that there is a set of "required attributes", needed for OpenShift Logging to work properly. Those will be /// added to the configuration, even if this field is set to true. /// - /// This option is supposed to be combined with a custom label configuration customizing the labels for the specific - /// usecase. + /// This option is supposed to be combined with a custom attribute configuration listing the stream labels that + /// should continue to exist. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableRecommendedAttributes")] pub disable_recommended_attributes: Option, } diff --git a/kube-custom-resources-rs/src/loki_grafana_com/v1beta1/lokistacks.rs b/kube-custom-resources-rs/src/loki_grafana_com/v1beta1/lokistacks.rs index 2398bfb9f..4d0c928c2 100644 --- a/kube-custom-resources-rs/src/loki_grafana_com/v1beta1/lokistacks.rs +++ b/kube-custom-resources-rs/src/loki_grafana_com/v1beta1/lokistacks.rs @@ -108,7 +108,7 @@ pub struct LokiStackLimitsGlobalQueries { /// that can be fetched by a single query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxChunksPerQuery")] pub max_chunks_per_query: Option, - /// MaxEntriesLimitsPerQuery defines the maximum number of log entries + /// MaxEntriesLimitPerQuery defines the maximum number of log entries /// that will be returned for a query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxEntriesLimitPerQuery")] pub max_entries_limit_per_query: Option, @@ -168,7 +168,7 @@ pub struct LokiStackLimitsTenantsQueries { /// that can be fetched by a single query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxChunksPerQuery")] pub max_chunks_per_query: Option, - /// MaxEntriesLimitsPerQuery defines the maximum number of log entries + /// MaxEntriesLimitPerQuery defines the maximum number of log entries /// that will be returned for a query. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxEntriesLimitPerQuery")] pub max_entries_limit_per_query: Option, diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs index 9f998c73f..2b4032f6f 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backingimages.rs @@ -21,6 +21,8 @@ use self::prelude::*; pub struct BackingImageSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub checksum: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngine")] + pub data_engine: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskFileSpecMap")] pub disk_file_spec_map: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskSelector")] @@ -42,12 +44,31 @@ pub struct BackingImageSpec { pub source_type: Option, } +/// BackingImageSpec defines the desired state of the Longhorn backing image +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BackingImageDataEngine { + #[serde(rename = "v1")] + V1, + #[serde(rename = "v2")] + V2, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackingImageDiskFileSpecMap { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngine")] + pub data_engine: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "evictionRequested")] pub eviction_requested: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BackingImageDiskFileSpecMapDataEngine { + #[serde(rename = "v1")] + V1, + #[serde(rename = "v2")] + V2, +} + /// BackingImageSpec defines the desired state of the Longhorn backing image #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum BackingImageSourceType { @@ -81,6 +102,11 @@ pub struct BackingImageStatus { pub size: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub uuid: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "v2FirstCopyDisk")] + pub v2_first_copy_disk: Option, + /// It is pending -> in-progress -> ready/failed + #[serde(default, skip_serializing_if = "Option::is_none", rename = "v2FirstCopyStatus")] + pub v2_first_copy_status: Option, /// Virtual size of image in bytes, which may be larger than physical size. Will be zero until known (e.g. while a backing image is uploading) #[serde(default, skip_serializing_if = "Option::is_none", rename = "virtualSize")] pub virtual_size: Option, @@ -88,6 +114,8 @@ pub struct BackingImageStatus { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackingImageStatusDiskFileStatusMap { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngine")] + pub data_engine: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastStateTransitionTime")] pub last_state_transition_time: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -98,3 +126,11 @@ pub struct BackingImageStatusDiskFileStatusMap { pub state: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BackingImageStatusDiskFileStatusMapDataEngine { + #[serde(rename = "v1")] + V1, + #[serde(rename = "v2")] + V2, +} + diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs index 9cc552402..fdb241841 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupbackingimages.rs @@ -19,6 +19,12 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct BackupBackingImageSpec { + /// The backing image name. + #[serde(rename = "backingImage")] + pub backing_image: String, + /// The backup target name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupTargetName")] + pub backup_target_name: Option, /// The labels of backing image backup. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, @@ -26,7 +32,6 @@ pub struct BackupBackingImageSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncRequestedAt")] pub sync_requested_at: Option, /// Is this CR created by user through API or UI. - /// Required #[serde(rename = "userCreated")] pub user_created: bool, } diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs index b56754d1c..5ba3a2cda 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backups.rs @@ -51,6 +51,9 @@ pub struct BackupStatus { /// The snapshot backup upload finished time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupCreatedAt")] pub backup_created_at: Option, + /// The backup target name. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupTargetName")] + pub backup_target_name: Option, /// Compression method #[serde(default, skip_serializing_if = "Option::is_none", rename = "compressionMethod")] pub compression_method: Option, diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupvolumes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupvolumes.rs index 39144175f..067374972 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupvolumes.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/backupvolumes.rs @@ -19,9 +19,15 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct BackupVolumeSpec { + /// The backup target name that the backup volume was synced. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupTargetName")] + pub backup_target_name: Option, /// The time to request run sync the remote backup volume. #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncRequestedAt")] pub sync_requested_at: Option, + /// The volume name that the backup volume was used to backup. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, } /// BackupVolumeStatus defines the observed state of the Longhorn backup volume diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs index f12351381..e6f581af9 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/instancemanagers.rs @@ -61,6 +61,8 @@ pub struct InstanceManagerStatus { pub api_min_version: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backingImages")] + pub backing_images: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentState")] pub current_state: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngineStatus")] @@ -82,6 +84,26 @@ pub struct InstanceManagerStatus { pub proxy_api_version: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceManagerStatusBackingImages { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentChecksum")] + pub current_checksum: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "diskUUID")] + pub disk_uuid: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub progress: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub state: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uuid: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceManagerStatusDataEngineStatus { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs index 8986b51be..c0f2c81d9 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/recurringjobs.rs @@ -35,14 +35,14 @@ pub struct RecurringJobSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The parameters of the snapshot/backup. - /// Support parameters: "full-backup-interval". + /// Support parameters: "full-backup-interval", "volume-backup-policy". #[serde(default, skip_serializing_if = "Option::is_none")] pub parameters: Option>, /// The retain count of the snapshot/backup. #[serde(default, skip_serializing_if = "Option::is_none")] pub retain: Option, /// The recurring job task. - /// Can be "snapshot", "snapshot-force-create", "snapshot-cleanup", "snapshot-delete", "backup", "backup-force-create" or "filesystem-trim" + /// Can be "snapshot", "snapshot-force-create", "snapshot-cleanup", "snapshot-delete", "backup", "backup-force-create", "filesystem-trim" or "system-backup". #[serde(default, skip_serializing_if = "Option::is_none")] pub task: Option, } @@ -64,6 +64,8 @@ pub enum RecurringJobTask { BackupForceCreate, #[serde(rename = "filesystem-trim")] FilesystemTrim, + #[serde(rename = "system-backup")] + SystemBackup, } /// RecurringJobStatus defines the observed state of the Longhorn recurring job diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs index 3468c2b47..e7e7743e6 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/replicas.rs @@ -80,6 +80,10 @@ pub struct ReplicaSpec { pub last_healthy_at: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "logRequested")] pub log_requested: Option, + /// MigrationEngineName is indicating the migrating engine which current connected to this replica. This is only + /// used for live migration of v2 data engine + #[serde(default, skip_serializing_if = "Option::is_none", rename = "migrationEngineName")] + pub migration_engine_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeID")] pub node_id: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "rebuildRetryCount")] diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs index a833b21fa..711030cc4 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/snapshots.rs @@ -27,7 +27,6 @@ pub struct SnapshotSpec { pub labels: Option>, /// the volume that this snapshot belongs to. /// This field is immutable after creation. - /// Required pub volume: String, } diff --git a/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs b/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs index b4d615b77..1d8915986 100644 --- a/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs +++ b/kube-custom-resources-rs/src/longhorn_io/v1beta2/volumes.rs @@ -30,6 +30,9 @@ pub struct VolumeSpec { pub backing_image: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupCompressionMethod")] pub backup_compression_method: Option, + /// The backup target name that the volume will be backed up to or is synced. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupTargetName")] + pub backup_target_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataEngine")] pub data_engine: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataLocality")] diff --git a/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs b/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs index 72e2d0f05..fb390de5a 100644 --- a/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs +++ b/kube-custom-resources-rs/src/minio_min_io/v2/tenants.rs @@ -150,6 +150,8 @@ pub struct TenantAdditionalVolumes { #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, pub name: String, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -504,6 +506,14 @@ pub struct TenantAdditionalVolumesHostPath { pub r#type: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantAdditionalVolumesImage { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantAdditionalVolumesIscsi { #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] @@ -1358,6 +1368,8 @@ pub struct TenantInitContainersResources { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantInitContainersResourcesClaims { pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2032,6 +2044,8 @@ pub struct TenantKesResources { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantKesResourcesClaims { pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2054,6 +2068,8 @@ pub struct TenantKesSecurityContext { pub seccomp_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] @@ -2754,6 +2770,8 @@ pub struct TenantPoolsResources { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantPoolsResourcesClaims { pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2776,6 +2794,8 @@ pub struct TenantPoolsSecurityContext { pub seccomp_profile: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] @@ -3496,6 +3516,8 @@ pub struct TenantSideCarsContainersResources { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantSideCarsContainersResourcesClaims { pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3674,6 +3696,8 @@ pub struct TenantSideCarsResources { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantSideCarsResourcesClaims { pub name: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3832,6 +3856,8 @@ pub struct TenantSideCarsVolumes { #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, pub name: String, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4186,6 +4212,14 @@ pub struct TenantSideCarsVolumesHostPath { pub r#type: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TenantSideCarsVolumesImage { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TenantSideCarsVolumesIscsi { #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs index 425da539f..e532b7873 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs @@ -179,6 +179,12 @@ pub struct AlertmanagerSpec { /// goint to be performed, except for delete actions. #[serde(default, skip_serializing_if = "Option::is_none")] pub paused: Option, + /// The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + /// The default behavior is all PVCs are retained. + /// This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. + /// It requires enabling the StatefulSetAutoDeletePVC feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaimRetentionPolicy")] + pub persistent_volume_claim_retention_policy: Option, /// PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. /// /// The following items are reserved and cannot be overridden: @@ -229,6 +235,13 @@ pub struct AlertmanagerSpec { /// Prometheus Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, + /// The name of the service name used by the underlying StatefulSet(s) as the governing service. + /// If defined, the Service must be created before the Alertmanager resource in the same namespace and it must define a selector that matches the pod labels. + /// If empty, the operator will create and manage a headless service named `alertmanager-operated` for Alermanager resources. + /// When deploying multiple Alertmanager resources in the same namespace, it is recommended to specify a different value for each. + /// See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] + pub service_name: Option, /// SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. /// Similar to a tag, but the SHA explicitly deploys an immutable container image. /// Version and Tag are ignored if SHA is set. @@ -2236,23 +2249,23 @@ pub struct AlertmanagerContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2264,7 +2277,7 @@ pub struct AlertmanagerContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2297,7 +2310,7 @@ pub struct AlertmanagerContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2305,8 +2318,8 @@ pub struct AlertmanagerContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2329,23 +2342,23 @@ pub struct AlertmanagerContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2357,7 +2370,7 @@ pub struct AlertmanagerContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2390,7 +2403,7 @@ pub struct AlertmanagerContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2398,8 +2411,8 @@ pub struct AlertmanagerContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2417,17 +2430,17 @@ pub struct AlertmanagerContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2442,7 +2455,7 @@ pub struct AlertmanagerContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2464,7 +2477,7 @@ pub struct AlertmanagerContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2476,7 +2489,7 @@ pub struct AlertmanagerContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2489,7 +2502,7 @@ pub struct AlertmanagerContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2522,7 +2535,7 @@ pub struct AlertmanagerContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2567,17 +2580,17 @@ pub struct AlertmanagerContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2592,7 +2605,7 @@ pub struct AlertmanagerContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2614,7 +2627,7 @@ pub struct AlertmanagerContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2626,7 +2639,7 @@ pub struct AlertmanagerContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2639,7 +2652,7 @@ pub struct AlertmanagerContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2672,7 +2685,7 @@ pub struct AlertmanagerContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2935,17 +2948,17 @@ pub struct AlertmanagerContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2960,7 +2973,7 @@ pub struct AlertmanagerContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2982,7 +2995,7 @@ pub struct AlertmanagerContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2994,7 +3007,7 @@ pub struct AlertmanagerContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3007,7 +3020,7 @@ pub struct AlertmanagerContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3040,7 +3053,7 @@ pub struct AlertmanagerContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3526,23 +3539,23 @@ pub struct AlertmanagerInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3554,7 +3567,7 @@ pub struct AlertmanagerInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3587,7 +3600,7 @@ pub struct AlertmanagerInitContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -3595,8 +3608,8 @@ pub struct AlertmanagerInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3619,23 +3632,23 @@ pub struct AlertmanagerInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3647,7 +3660,7 @@ pub struct AlertmanagerInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3680,7 +3693,7 @@ pub struct AlertmanagerInitContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -3688,8 +3701,8 @@ pub struct AlertmanagerInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3707,17 +3720,17 @@ pub struct AlertmanagerInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3732,7 +3745,7 @@ pub struct AlertmanagerInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3754,7 +3767,7 @@ pub struct AlertmanagerInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3766,7 +3779,7 @@ pub struct AlertmanagerInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3779,7 +3792,7 @@ pub struct AlertmanagerInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3812,7 +3825,7 @@ pub struct AlertmanagerInitContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3857,17 +3870,17 @@ pub struct AlertmanagerInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3882,7 +3895,7 @@ pub struct AlertmanagerInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3904,7 +3917,7 @@ pub struct AlertmanagerInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3916,7 +3929,7 @@ pub struct AlertmanagerInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3929,7 +3942,7 @@ pub struct AlertmanagerInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3962,7 +3975,7 @@ pub struct AlertmanagerInitContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4225,17 +4238,17 @@ pub struct AlertmanagerInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4250,7 +4263,7 @@ pub struct AlertmanagerInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4272,7 +4285,7 @@ pub struct AlertmanagerInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4284,7 +4297,7 @@ pub struct AlertmanagerInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4297,7 +4310,7 @@ pub struct AlertmanagerInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4330,7 +4343,7 @@ pub struct AlertmanagerInitContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4431,6 +4444,27 @@ pub enum AlertmanagerLogLevel { Error, } +/// The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. +/// The default behavior is all PVCs are retained. +/// This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. +/// It requires enabling the StatefulSetAutoDeletePVC feature gate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerPersistentVolumeClaimRetentionPolicy { + /// WhenDeleted specifies what happens to PVCs created from StatefulSet + /// VolumeClaimTemplates when the StatefulSet is deleted. The default policy + /// of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + /// `Delete` policy causes those PVCs to be deleted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "whenDeleted")] + pub when_deleted: Option, + /// WhenScaled specifies what happens to PVCs created from StatefulSet + /// VolumeClaimTemplates when the StatefulSet is scaled down. The default + /// policy of `Retain` causes PVCs to not be affected by a scaledown. The + /// `Delete` policy causes the associated PVCs for any excess pods above + /// the replica count to be deleted. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "whenScaled")] + pub when_scaled: Option, +} + /// PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. /// /// The following items are reserved and cannot be overridden: @@ -4555,6 +4589,31 @@ pub struct AlertmanagerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -5596,26 +5655,35 @@ pub struct AlertmanagerVolumeMounts { pub struct AlertmanagerVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -5656,23 +5724,28 @@ pub struct AlertmanagerVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -5717,23 +5790,30 @@ pub struct AlertmanagerVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -5741,15 +5821,20 @@ pub struct AlertmanagerVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesAwsElasticBlockStore { @@ -5776,6 +5861,8 @@ pub struct AlertmanagerVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -5802,6 +5889,8 @@ pub struct AlertmanagerVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -5816,7 +5905,8 @@ pub struct AlertmanagerVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -5858,6 +5948,8 @@ pub struct AlertmanagerVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesCinder { @@ -5948,7 +6040,7 @@ pub struct AlertmanagerVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -6389,6 +6481,7 @@ pub struct AlertmanagerVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -6430,7 +6523,8 @@ pub struct AlertmanagerVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -6444,6 +6538,8 @@ pub struct AlertmanagerVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesGcePersistentDisk { @@ -6472,7 +6568,7 @@ pub struct AlertmanagerVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6491,6 +6587,7 @@ pub struct AlertmanagerVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesGlusterfs { @@ -6649,7 +6746,8 @@ pub struct AlertmanagerVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -6662,7 +6760,10 @@ pub struct AlertmanagerVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -6968,7 +7069,8 @@ pub struct AlertmanagerVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesQuobyte { /// group to map volume access to @@ -6996,6 +7098,7 @@ pub struct AlertmanagerVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesRbd { @@ -7055,6 +7158,7 @@ pub struct AlertmanagerVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -7159,6 +7263,7 @@ pub struct AlertmanagerVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesStorageos { /// fsType is the filesystem type to mount. @@ -7201,7 +7306,9 @@ pub struct AlertmanagerVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -7304,57 +7411,86 @@ pub enum AlertmanagerWebHttpConfigHeadersXFrameOptions { /// Defines the TLS parameters for HTTPS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerWebTlsConfig { - /// Contains the TLS certificate for the server. + /// Secret or ConfigMap containing the TLS certificate for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `certFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, - /// Path to the TLS certificate file in the Prometheus container for the server. - /// Mutually exclusive with `cert`. + /// Path to the TLS certificate file in the container for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `cert`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certFile")] pub cert_file: Option, - /// List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - /// Go default cipher suites are used. Available cipher suites are documented - /// in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + /// List of supported cipher suites for TLS versions up to TLS 1.2. + /// + /// If not defined, the Go default cipher suites are used. + /// Available cipher suites are documented in the Go documentation: + /// https://golang.org/pkg/crypto/tls/#pkg-constants #[serde(default, skip_serializing_if = "Option::is_none", rename = "cipherSuites")] pub cipher_suites: Option>, - /// Server policy for client authentication. Maps to ClientAuth Policies. + /// The server policy for client TLS authentication. + /// /// For more detail on clientAuth options: /// https://golang.org/pkg/crypto/tls/#ClientAuthType #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientAuthType")] pub client_auth_type: Option, - /// Path to the CA certificate file for client certificate authentication to the server. - /// Mutually exclusive with `client_ca`. + /// Path to the CA certificate file for client certificate authentication to + /// the server. + /// + /// It is mutually exclusive with `client_ca`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCAFile")] pub client_ca_file: Option, - /// Contains the CA certificate for client certificate authentication to the server. + /// Secret or ConfigMap containing the CA certificate for client certificate + /// authentication to the server. + /// + /// It is mutually exclusive with `clientCAFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub client_ca: Option, /// Elliptic curves that will be used in an ECDHE handshake, in preference - /// order. Available curves are documented in the go documentation: + /// order. + /// + /// Available curves are documented in the Go documentation: /// https://golang.org/pkg/crypto/tls/#CurveID #[serde(default, skip_serializing_if = "Option::is_none", rename = "curvePreferences")] pub curve_preferences: Option>, - /// Path to the TLS key file in the Prometheus container for the server. - /// Mutually exclusive with `keySecret`. + /// Path to the TLS private key file in the container for the web server. + /// + /// If defined, either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keySecret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyFile")] pub key_file: Option, - /// Secret containing the TLS key for the server. + /// Secret containing the TLS private key for the web server. + /// + /// Either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keyFile`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, - /// Maximum TLS version that is acceptable. Defaults to TLS13. + /// Maximum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] pub max_version: Option, - /// Minimum TLS version that is acceptable. Defaults to TLS12. + /// Minimum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] pub min_version: Option, - /// Controls whether the server selects the - /// client's most preferred cipher suite, or the server's most preferred - /// cipher suite. If true then the server's preference, as expressed in + /// Controls whether the server selects the client's most preferred cipher + /// suite, or the server's most preferred cipher suite. + /// + /// If true then the server's preference, as expressed in /// the order of elements in cipherSuites, is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferServerCipherSuites")] pub prefer_server_cipher_suites: Option, } -/// Contains the TLS certificate for the server. +/// Secret or ConfigMap containing the TLS certificate for the web server. +/// +/// Either `keySecret` or `keyFile` must be defined. +/// +/// It is mutually exclusive with `certFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerWebTlsConfigCert { /// ConfigMap containing data to use for the targets. @@ -7399,7 +7535,10 @@ pub struct AlertmanagerWebTlsConfigCertSecret { pub optional: Option, } -/// Contains the CA certificate for client certificate authentication to the server. +/// Secret or ConfigMap containing the CA certificate for client certificate +/// authentication to the server. +/// +/// It is mutually exclusive with `clientCAFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerWebTlsConfigClientCa { /// ConfigMap containing data to use for the targets. @@ -7444,7 +7583,11 @@ pub struct AlertmanagerWebTlsConfigClientCaSecret { pub optional: Option, } -/// Secret containing the TLS key for the server. +/// Secret containing the TLS private key for the web server. +/// +/// Either `cert` or `certFile` must be defined. +/// +/// It is mutually exclusive with `keyFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerWebTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs index ec5cc9183..a257f8121 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs @@ -31,6 +31,11 @@ pub struct PodMonitorSpec { /// It requires Prometheus >= v2.28.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bodySizeLimit")] pub body_size_limit: Option, + /// The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackScrapeProtocol")] + pub fallback_scrape_protocol: Option, /// The label to use to retrieve the job name from. /// `jobLabel` selects the label from the associated Kubernetes `Pod` /// object which will be used as the `job` label for all metrics. @@ -106,6 +111,14 @@ pub struct PodMonitorSpec { pub scrape_protocols: Option>, /// Label selector to select the Kubernetes `Pod` objects to scrape metrics from. pub selector: PodMonitorSelector, + /// Mechanism used to select the endpoints to scrape. + /// By default, the selection process relies on relabel configurations to filter the discovered targets. + /// Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. + /// Which strategy is best for your use case needs to be carefully evaluated. + /// + /// It requires Prometheus >= v2.17.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "selectorMechanism")] + pub selector_mechanism: Option, /// `targetLimit` defines a limit on the number of scraped targets that will /// be accepted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetLimit")] @@ -127,6 +140,20 @@ pub struct PodMonitorAttachMetadata { pub node: Option, } +/// Specification of desired Pod selection for target discovery by Prometheus. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PodMonitorFallbackScrapeProtocol { + PrometheusProto, + #[serde(rename = "OpenMetricsText0.0.1")] + OpenMetricsText001, + #[serde(rename = "OpenMetricsText1.0.0")] + OpenMetricsText100, + #[serde(rename = "PrometheusText0.0.4")] + PrometheusText004, + #[serde(rename = "PrometheusText1.0.0")] + PrometheusText100, +} + /// `namespaceSelector` defines in which namespace(s) Prometheus should discover the pods. /// By default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -210,11 +237,14 @@ pub struct PodMonitorPodMetricsEndpoints { /// If empty, Prometheus uses the default value (e.g. `/metrics`). #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// Name of the Pod port which this endpoint refers to. + /// The `Pod` port name which exposes the endpoint. /// - /// It takes precedence over `targetPort`. + /// It takes precedence over the `portNumber` and `targetPort` fields. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, + /// The `Pod` port number which exposes the endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "portNumber")] + pub port_number: Option, /// `proxyURL` configures the HTTP Proxy URL (e.g. /// "http://proxyserver:2195") to go through when scraping the target. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] @@ -241,12 +271,13 @@ pub struct PodMonitorPodMetricsEndpoints { /// /// If empty, Prometheus uses the global scrape timeout unless it is less /// than the target's scrape interval value in which the latter is used. + /// The value cannot be greater than the scrape interval otherwise the operator will reject the resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// Name or number of the target port of the `Pod` object behind the Service, the /// port must be specified with container port property. /// - /// Deprecated: use 'port' instead. + /// Deprecated: use 'port' or 'portNumber' instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] pub target_port: Option, /// TLS configuration to use when scraping the target. @@ -1055,3 +1086,10 @@ pub struct PodMonitorSelectorMatchExpressions { pub values: Option>, } +/// Specification of desired Pod selection for target discovery by Prometheus. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PodMonitorSelectorMechanism { + RelabelConfig, + RoleSelector, +} + diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs index f60c6dd3f..be385c9a6 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs @@ -31,6 +31,11 @@ pub struct ProbeSpec { /// the Prometheus Operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bearerTokenSecret")] pub bearer_token_secret: Option, + /// The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackScrapeProtocol")] + pub fallback_scrape_protocol: Option, /// Interval at which targets are probed using the configured prober. /// If not specified Prometheus' global scrape interval is used. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -101,6 +106,7 @@ pub struct ProbeSpec { pub scrape_protocols: Option>, /// Timeout for scraping metrics from the Prometheus exporter. /// If not specified, the Prometheus global scrape timeout is used. + /// The value cannot be greater than the scrape interval otherwise the operator will reject the resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// TargetLimit defines a limit on the number of scraped targets that will be accepted. @@ -215,6 +221,20 @@ pub struct ProbeBearerTokenSecret { pub optional: Option, } +/// Specification of desired Ingress selection for target discovery by Prometheus. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ProbeFallbackScrapeProtocol { + PrometheusProto, + #[serde(rename = "OpenMetricsText0.0.1")] + OpenMetricsText001, + #[serde(rename = "OpenMetricsText1.0.0")] + OpenMetricsText100, + #[serde(rename = "PrometheusText0.0.4")] + PrometheusText004, + #[serde(rename = "PrometheusText1.0.0")] + PrometheusText100, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs index 63a7a273d..ed9731c14 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs @@ -151,6 +151,8 @@ pub struct PrometheusSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub containers: Option>, /// When true, the Prometheus compaction is disabled. + /// When `spec.thanos.objectStorageConfig` or `spec.objectStorageConfigFile` are defined, the operator automatically + /// disables block compaction to avoid race conditions during block uploads (as the Thanos documentation recommends). #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableCompaction")] pub disable_compaction: Option, /// Defines the DNS configuration for the pods. @@ -179,6 +181,13 @@ pub struct PrometheusSpec { /// For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableFeatures")] pub enable_features: Option>, + /// Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + /// + /// Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. + /// + /// It requires Prometheus >= v2.47.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableOTLPReceiver")] + pub enable_otlp_receiver: Option, /// Enable Prometheus to be used as a receiver for the Prometheus remote /// write protocol. /// @@ -441,6 +450,9 @@ pub struct PrometheusSpec { /// enabling the StatefulSetMinReadySeconds feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] pub min_ready_seconds: Option, + /// Specifies the validation scheme for metric and label names. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nameValidationScheme")] + pub name_validation_scheme: Option, /// Defines on which Nodes the Pods are scheduled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, @@ -664,6 +676,16 @@ pub struct PrometheusSpec { /// Note that the ScrapeConfig custom resource definition is currently at Alpha level. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeConfigSelector")] pub scrape_config_selector: Option, + /// File to which scrape failures are logged. + /// Reloading the configuration will reopen the file. + /// + /// If the filename has an empty path, e.g. 'file.log', The Prometheus Pods + /// will mount the file into an emptyDir volume at `/var/log/prometheus`. + /// If a full path is provided, e.g. '/var/log/prometheus/file.log', you + /// must mount a volume in the specified directory and it must be writable. + /// It requires Prometheus >= v2.55.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeFailureLogFile")] + pub scrape_failure_log_file: Option, /// Interval between consecutive scrapes. /// /// Default: "30s" @@ -675,9 +697,12 @@ pub struct PrometheusSpec { /// If unset, Prometheus uses its default value. /// /// It requires Prometheus >= v2.49.0. + /// + /// `PrometheusText1.0.0` requires Prometheus >= v3.0.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeProtocols")] pub scrape_protocols: Option>, /// Number of seconds to wait until a scrape request times out. + /// The value cannot be greater than the scrape interval otherwise the operator will reject the resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// Secrets is a list of Secrets in the same namespace as the Prometheus @@ -719,22 +744,39 @@ pub struct PrometheusSpec { /// `spec.additionalScrapeConfigs` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceMonitorSelector")] pub service_monitor_selector: Option, + /// The name of the service name used by the underlying StatefulSet(s) as the governing service. + /// If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels. + /// If empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources, + /// or `prometheus-agent-operated` for PrometheusAgent resources. + /// When deploying multiple Prometheus/PrometheusAgent resources in the same namespace, it is recommended to specify a different value for each. + /// See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] + pub service_name: Option, /// Deprecated: use 'spec.image' instead. The image's digest can be specified as part of the image name. #[serde(default, skip_serializing_if = "Option::is_none")] pub sha: Option, - /// Number of shards to distribute targets onto. `spec.replicas` - /// multiplied by `spec.shards` is the total number of Pods created. + /// Number of shards to distribute the scraped targets onto. /// - /// Note that scaling down shards will not reshard data onto remaining + /// `spec.replicas` multiplied by `spec.shards` is the total number of Pods + /// being created. + /// + /// When not defined, the operator assumes only one shard. + /// + /// Note that scaling down shards will not reshard data onto the remaining /// instances, it must be manually moved. Increasing shards will not reshard /// data either but it will continue to be available from the same - /// instances. To query globally, use Thanos sidecar and Thanos querier or - /// remote write data to a central location. + /// instances. To query globally, use either + /// * Thanos sidecar + querier for query federation and Thanos Ruler for rules. + /// * Remote-write to send metrics to a central location. /// - /// Sharding is performed on the content of the `__address__` target meta-label - /// for PodMonitors and ServiceMonitors and `__param_target__` for Probes. + /// By default, the sharding of targets is performed on: + /// * The `__address__` target's metadata label for PodMonitor, + /// ServiceMonitor and ScrapeConfig resources. + /// * The `__param_target__` label for Probe resources. /// - /// Default: 1 + /// Users can define their own sharding implementation by setting the + /// `__tmp_hash` label during the target discovery with relabeling + /// configuration (either in the monitoring resources or via scrape class). #[serde(default, skip_serializing_if = "Option::is_none")] pub shards: Option, /// Storage defines the storage used by Prometheus. @@ -1614,9 +1656,10 @@ pub struct PrometheusAlertingAlertmanagers { #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertRelabelings")] pub alert_relabelings: Option>, /// Version of the Alertmanager API that Prometheus uses to send alerts. - /// It can be "v1" or "v2". + /// It can be "V1" or "V2". + /// The field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, + pub api_version: Option, /// Authorization section for Alertmanager. /// /// Cannot be set at the same time as `basicAuth`, `bearerTokenFile` or `sigv4`. @@ -1645,11 +1688,32 @@ pub struct PrometheusAlertingAlertmanagers { /// Prometheus object. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, /// Prefix for the HTTP path alerts are pushed to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pathPrefix")] pub path_prefix: Option, /// Port on which the Alertmanager API is exposed. pub port: IntOrString, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// Relabel configuration applied to the discovered Alertmanagers. #[serde(default, skip_serializing_if = "Option::is_none")] pub relabelings: Option>, @@ -1763,6 +1827,20 @@ pub enum PrometheusAlertingAlertmanagersAlertRelabelingsAction { DropEqual, } +/// AlertmanagerEndpoints defines a selection of a single Endpoints object +/// containing Alertmanager IPs to fire alerts against. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusAlertingAlertmanagersApiVersion { + #[serde(rename = "v1")] + V1, + #[serde(rename = "V1")] + V1X, + #[serde(rename = "v2")] + V2, + #[serde(rename = "V2")] + V2X, +} + /// Authorization section for Alertmanager. /// /// Cannot be set at the same time as `basicAuth`, `bearerTokenFile` or `sigv4`. @@ -1848,6 +1926,23 @@ pub struct PrometheusAlertingAlertmanagersBasicAuthUsername { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAlertingAlertmanagersProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// @@ -2832,23 +2927,23 @@ pub struct PrometheusContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2860,7 +2955,7 @@ pub struct PrometheusContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2893,7 +2988,7 @@ pub struct PrometheusContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2901,8 +2996,8 @@ pub struct PrometheusContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2925,23 +3020,23 @@ pub struct PrometheusContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2953,7 +3048,7 @@ pub struct PrometheusContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2986,7 +3081,7 @@ pub struct PrometheusContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2994,8 +3089,8 @@ pub struct PrometheusContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3013,17 +3108,17 @@ pub struct PrometheusContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3038,7 +3133,7 @@ pub struct PrometheusContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3060,7 +3155,7 @@ pub struct PrometheusContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3072,7 +3167,7 @@ pub struct PrometheusContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3085,7 +3180,7 @@ pub struct PrometheusContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3118,7 +3213,7 @@ pub struct PrometheusContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3163,17 +3258,17 @@ pub struct PrometheusContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3188,7 +3283,7 @@ pub struct PrometheusContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3210,7 +3305,7 @@ pub struct PrometheusContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3222,7 +3317,7 @@ pub struct PrometheusContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3235,7 +3330,7 @@ pub struct PrometheusContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3268,7 +3363,7 @@ pub struct PrometheusContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3531,17 +3626,17 @@ pub struct PrometheusContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3556,7 +3651,7 @@ pub struct PrometheusContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3578,7 +3673,7 @@ pub struct PrometheusContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3590,7 +3685,7 @@ pub struct PrometheusContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3603,7 +3698,7 @@ pub struct PrometheusContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3636,7 +3731,7 @@ pub struct PrometheusContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4175,23 +4270,23 @@ pub struct PrometheusInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4203,7 +4298,7 @@ pub struct PrometheusInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4236,7 +4331,7 @@ pub struct PrometheusInitContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -4244,8 +4339,8 @@ pub struct PrometheusInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4268,23 +4363,23 @@ pub struct PrometheusInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4296,7 +4391,7 @@ pub struct PrometheusInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4329,7 +4424,7 @@ pub struct PrometheusInitContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -4337,8 +4432,8 @@ pub struct PrometheusInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4356,17 +4451,17 @@ pub struct PrometheusInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4381,7 +4476,7 @@ pub struct PrometheusInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4403,7 +4498,7 @@ pub struct PrometheusInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4415,7 +4510,7 @@ pub struct PrometheusInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4428,7 +4523,7 @@ pub struct PrometheusInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4461,7 +4556,7 @@ pub struct PrometheusInitContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4506,17 +4601,17 @@ pub struct PrometheusInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4531,7 +4626,7 @@ pub struct PrometheusInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4553,7 +4648,7 @@ pub struct PrometheusInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4565,7 +4660,7 @@ pub struct PrometheusInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4578,7 +4673,7 @@ pub struct PrometheusInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4611,7 +4706,7 @@ pub struct PrometheusInitContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4874,17 +4969,17 @@ pub struct PrometheusInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4899,7 +4994,7 @@ pub struct PrometheusInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4921,7 +5016,7 @@ pub struct PrometheusInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4933,7 +5028,7 @@ pub struct PrometheusInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4946,7 +5041,7 @@ pub struct PrometheusInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4979,7 +5074,7 @@ pub struct PrometheusInitContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5080,13 +5175,42 @@ pub enum PrometheusLogLevel { Error, } +/// Specification of the desired behavior of the Prometheus cluster. More info: +/// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusNameValidationScheme { + #[serde(rename = "UTF8")] + Utf8, + Legacy, +} + /// Settings related to the OTLP receiver feature. /// It requires Prometheus >= v2.55.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusOtlp { + /// Enables adding `service.name`, `service.namespace` and `service.instance.id` + /// resource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels. + /// + /// It requires Prometheus >= v3.1.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keepIdentifyingResourceAttributes")] + pub keep_identifying_resource_attributes: Option, /// List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. #[serde(default, skip_serializing_if = "Option::is_none", rename = "promoteResourceAttributes")] pub promote_resource_attributes: Option>, + /// Configures how the OTLP receiver endpoint translates the incoming metrics. + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "translationStrategy")] + pub translation_strategy: Option, +} + +/// Settings related to the OTLP receiver feature. +/// It requires Prometheus >= v2.55.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusOtlpTranslationStrategy { + #[serde(rename = "NoUTF8EscapingWithSuffixes")] + NoUtf8EscapingWithSuffixes, + UnderscoreEscapingWithSuffixes, } /// The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. @@ -6108,6 +6232,20 @@ pub struct PrometheusRemoteWrite { /// Timeout for requests to the remote write endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteTimeout")] pub remote_timeout: Option, + /// When enabled: + /// - The remote-write mechanism will resolve the hostname via DNS. + /// - It will randomly select one of the resolved IP addresses and connect to it. + /// + /// When disabled (default behavior): + /// - The Go standard library will handle hostname resolution. + /// - It will attempt connections to each resolved IP address sequentially. + /// + /// Note: The connection timeout applies to the entire resolution and connection process. + /// If disabled, the timeout is distributed across all connection attempts. + /// + /// It requires Prometheus >= v3.1.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "roundRobinDNS")] + pub round_robin_dns: Option, /// Enables sending of exemplars over remote write. Note that /// exemplar-storage itself must be enabled using the `spec.enableFeatures` /// option for exemplars to be scraped in the first place. @@ -7176,12 +7314,22 @@ pub struct PrometheusScrapeClasses { /// precedence over the scrape class configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] pub attach_metadata: Option, + /// Authorization section for the ScrapeClass. + /// It will only apply if the scrape resource doesn't specify any Authorization. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, /// Default indicates that the scrape applies to all scrape objects that /// don't configure an explicit scrape class name. /// /// Only one scrape class can be set as the default. #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, + /// The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + /// It will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackScrapeProtocol")] + pub fallback_scrape_protocol: Option, /// MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. /// /// The Operator adds the scrape class metric relabelings defined here. @@ -7226,6 +7374,55 @@ pub struct PrometheusScrapeClassesAttachMetadata { pub node: Option, } +/// Authorization section for the ScrapeClass. +/// It will only apply if the scrape resource doesn't specify any Authorization. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusScrapeClassesAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// File to read a secret from, mutually exclusive with `credentials`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "credentialsFile")] + pub credentials_file: Option, + /// Defines the authentication type. The value is case-insensitive. + /// + /// "Basic" is not a supported value. + /// + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusScrapeClassesAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusScrapeClassesFallbackScrapeProtocol { + PrometheusProto, + #[serde(rename = "OpenMetricsText0.0.1")] + OpenMetricsText001, + #[serde(rename = "OpenMetricsText1.0.0")] + OpenMetricsText100, + #[serde(rename = "PrometheusText0.0.4")] + PrometheusText004, + #[serde(rename = "PrometheusText1.0.0")] + PrometheusText100, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// @@ -7723,6 +7920,31 @@ pub struct PrometheusSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -9578,26 +9800,35 @@ pub struct PrometheusVolumeMounts { pub struct PrometheusVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -9638,23 +9869,28 @@ pub struct PrometheusVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -9699,23 +9935,30 @@ pub struct PrometheusVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -9723,15 +9966,20 @@ pub struct PrometheusVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesAwsElasticBlockStore { @@ -9758,6 +10006,8 @@ pub struct PrometheusVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -9784,6 +10034,8 @@ pub struct PrometheusVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -9798,7 +10050,8 @@ pub struct PrometheusVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -9840,6 +10093,8 @@ pub struct PrometheusVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesCinder { @@ -9930,7 +10185,7 @@ pub struct PrometheusVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -10371,6 +10626,7 @@ pub struct PrometheusVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -10412,7 +10668,8 @@ pub struct PrometheusVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -10426,6 +10683,8 @@ pub struct PrometheusVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesGcePersistentDisk { @@ -10454,7 +10713,7 @@ pub struct PrometheusVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -10473,6 +10732,7 @@ pub struct PrometheusVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesGlusterfs { @@ -10631,7 +10891,8 @@ pub struct PrometheusVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -10644,7 +10905,10 @@ pub struct PrometheusVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -10950,7 +11214,8 @@ pub struct PrometheusVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesQuobyte { /// group to map volume access to @@ -10978,6 +11243,7 @@ pub struct PrometheusVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesRbd { @@ -11037,6 +11303,7 @@ pub struct PrometheusVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -11141,6 +11408,7 @@ pub struct PrometheusVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesStorageos { /// fsType is the filesystem type to mount. @@ -11183,7 +11451,9 @@ pub struct PrometheusVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -11285,57 +11555,86 @@ pub enum PrometheusWebHttpConfigHeadersXFrameOptions { /// Defines the TLS parameters for HTTPS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusWebTlsConfig { - /// Contains the TLS certificate for the server. + /// Secret or ConfigMap containing the TLS certificate for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `certFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, - /// Path to the TLS certificate file in the Prometheus container for the server. - /// Mutually exclusive with `cert`. + /// Path to the TLS certificate file in the container for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `cert`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certFile")] pub cert_file: Option, - /// List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - /// Go default cipher suites are used. Available cipher suites are documented - /// in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + /// List of supported cipher suites for TLS versions up to TLS 1.2. + /// + /// If not defined, the Go default cipher suites are used. + /// Available cipher suites are documented in the Go documentation: + /// https://golang.org/pkg/crypto/tls/#pkg-constants #[serde(default, skip_serializing_if = "Option::is_none", rename = "cipherSuites")] pub cipher_suites: Option>, - /// Server policy for client authentication. Maps to ClientAuth Policies. + /// The server policy for client TLS authentication. + /// /// For more detail on clientAuth options: /// https://golang.org/pkg/crypto/tls/#ClientAuthType #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientAuthType")] pub client_auth_type: Option, - /// Path to the CA certificate file for client certificate authentication to the server. - /// Mutually exclusive with `client_ca`. + /// Path to the CA certificate file for client certificate authentication to + /// the server. + /// + /// It is mutually exclusive with `client_ca`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCAFile")] pub client_ca_file: Option, - /// Contains the CA certificate for client certificate authentication to the server. + /// Secret or ConfigMap containing the CA certificate for client certificate + /// authentication to the server. + /// + /// It is mutually exclusive with `clientCAFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub client_ca: Option, /// Elliptic curves that will be used in an ECDHE handshake, in preference - /// order. Available curves are documented in the go documentation: + /// order. + /// + /// Available curves are documented in the Go documentation: /// https://golang.org/pkg/crypto/tls/#CurveID #[serde(default, skip_serializing_if = "Option::is_none", rename = "curvePreferences")] pub curve_preferences: Option>, - /// Path to the TLS key file in the Prometheus container for the server. - /// Mutually exclusive with `keySecret`. + /// Path to the TLS private key file in the container for the web server. + /// + /// If defined, either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keySecret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyFile")] pub key_file: Option, - /// Secret containing the TLS key for the server. + /// Secret containing the TLS private key for the web server. + /// + /// Either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keyFile`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, - /// Maximum TLS version that is acceptable. Defaults to TLS13. + /// Maximum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] pub max_version: Option, - /// Minimum TLS version that is acceptable. Defaults to TLS12. + /// Minimum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] pub min_version: Option, - /// Controls whether the server selects the - /// client's most preferred cipher suite, or the server's most preferred - /// cipher suite. If true then the server's preference, as expressed in + /// Controls whether the server selects the client's most preferred cipher + /// suite, or the server's most preferred cipher suite. + /// + /// If true then the server's preference, as expressed in /// the order of elements in cipherSuites, is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferServerCipherSuites")] pub prefer_server_cipher_suites: Option, } -/// Contains the TLS certificate for the server. +/// Secret or ConfigMap containing the TLS certificate for the web server. +/// +/// Either `keySecret` or `keyFile` must be defined. +/// +/// It is mutually exclusive with `certFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusWebTlsConfigCert { /// ConfigMap containing data to use for the targets. @@ -11380,7 +11679,10 @@ pub struct PrometheusWebTlsConfigCertSecret { pub optional: Option, } -/// Contains the CA certificate for client certificate authentication to the server. +/// Secret or ConfigMap containing the CA certificate for client certificate +/// authentication to the server. +/// +/// It is mutually exclusive with `clientCAFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusWebTlsConfigClientCa { /// ConfigMap containing data to use for the targets. @@ -11425,7 +11727,11 @@ pub struct PrometheusWebTlsConfigClientCaSecret { pub optional: Option, } -/// Secret containing the TLS key for the server. +/// Secret containing the TLS private key for the web server. +/// +/// Either `cert` or `certFile` must be defined. +/// +/// It is mutually exclusive with `keyFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusWebTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheusrules.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheusrules.rs index 1679f28ab..1924047a1 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheusrules.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheusrules.rs @@ -30,6 +30,13 @@ pub struct PrometheusRuleGroups { /// Interval determines how often rules in the group are evaluated. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, + /// Labels to add or overwrite before storing the result for its rules. + /// The labels defined at the rule level take precedence. + /// + /// It requires Prometheus >= 3.0.0. + /// The field is ignored for Thanos Ruler. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, /// Limit the number of alerts an alerting rule and series a recording /// rule can produce. /// Limit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs index 26516bf8a..9c34f69ec 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs @@ -36,6 +36,11 @@ pub struct ServiceMonitorSpec { /// Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. /// In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels. pub endpoints: Vec, + /// The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackScrapeProtocol")] + pub fallback_scrape_protocol: Option, /// `jobLabel` selects the label from the associated Kubernetes `Service` /// object which will be used as the `job` label for all metrics. /// @@ -108,6 +113,14 @@ pub struct ServiceMonitorSpec { pub scrape_protocols: Option>, /// Label selector to select the Kubernetes `Endpoints` objects to scrape metrics from. pub selector: ServiceMonitorSelector, + /// Mechanism used to select the endpoints to scrape. + /// By default, the selection process relies on relabel configurations to filter the discovered targets. + /// Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. + /// Which strategy is best for your use case needs to be carefully evaluated. + /// + /// It requires Prometheus >= v2.17.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "selectorMechanism")] + pub selector_mechanism: Option, /// `targetLabels` defines the labels which are transferred from the /// associated Kubernetes `Service` object onto the ingested metrics. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetLabels")] @@ -239,6 +252,7 @@ pub struct ServiceMonitorEndpoints { /// /// If empty, Prometheus uses the global scrape timeout unless it is less /// than the target's scrape interval value in which the latter is used. + /// The value cannot be greater than the scrape interval otherwise the operator will reject the resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// Name or number of the target port of the `Pod` object behind the @@ -1030,6 +1044,21 @@ pub enum ServiceMonitorEndpointsTlsConfigMinVersion { Tls13, } +/// Specification of desired Service selection for target discovery by +/// Prometheus. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ServiceMonitorFallbackScrapeProtocol { + PrometheusProto, + #[serde(rename = "OpenMetricsText0.0.1")] + OpenMetricsText001, + #[serde(rename = "OpenMetricsText1.0.0")] + OpenMetricsText100, + #[serde(rename = "PrometheusText0.0.4")] + PrometheusText004, + #[serde(rename = "PrometheusText1.0.0")] + PrometheusText100, +} + /// `namespaceSelector` defines in which namespace(s) Prometheus should discover the services. /// By default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1073,3 +1102,11 @@ pub struct ServiceMonitorSelectorMatchExpressions { pub values: Option>, } +/// Specification of desired Service selection for target discovery by +/// Prometheus. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ServiceMonitorSelectorMechanism { + RelabelConfig, + RoleSelector, +} + diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/thanosrulers.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/thanosrulers.rs index 44d3d691b..816bf555f 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/thanosrulers.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/thanosrulers.rs @@ -35,8 +35,10 @@ pub struct ThanosRulerSpec { /// If specified, the pod's scheduling constraints. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts. - /// The replica label `thanos_ruler_replica` will always be dropped in alerts. + /// Configures the label names which should be dropped in Thanos Ruler + /// alerts. + /// + /// The replica label `thanos_ruler_replica` will always be dropped from the alerts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertDropLabels")] pub alert_drop_labels: Option>, /// The external Query URL the Thanos Ruler will set in the 'Source' field @@ -44,24 +46,44 @@ pub struct ThanosRulerSpec { /// Maps to the '--alert.query-url' CLI arg. #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertQueryUrl")] pub alert_query_url: Option, - /// AlertRelabelConfigFile specifies the path of the alert relabeling configuration file. - /// When used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence. + /// Configures the path to the alert relabeling configuration file. + /// + /// Alert relabel configuration must have the form as specified in the + /// official Prometheus documentation: + /// https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs + /// + /// The operator performs no validation of the configuration file. + /// + /// This field takes precedence over `alertRelabelConfig`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertRelabelConfigFile")] pub alert_relabel_config_file: Option, - /// AlertRelabelConfigs configures alert relabeling in ThanosRuler. - /// Alert relabel configurations must have the form as specified in the official Prometheus documentation: + /// Configures alert relabeling in Thanos Ruler. + /// + /// Alert relabel configuration must have the form as specified in the + /// official Prometheus documentation: /// https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs - /// Alternative to AlertRelabelConfigFile, and lower order priority. + /// + /// The operator performs no validation of the configuration. + /// + /// `alertRelabelConfigFile` takes precedence over this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertRelabelConfigs")] pub alert_relabel_configs: Option, - /// Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 - /// and higher. Maps to the `alertmanagers.config` arg. + /// Configures the list of Alertmanager endpoints to send alerts to. + /// + /// The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. + /// + /// It requires Thanos >= v0.10.0. + /// + /// The operator performs no validation of the configuration. + /// + /// This field takes precedence over `alertmanagersUrl`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertmanagersConfig")] pub alertmanagers_config: Option, - /// Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, - /// AlertManagersConfig should be used instead. Note: this field will be ignored - /// if AlertManagersConfig is specified. - /// Maps to the `alertmanagers.url` arg. + /// Configures the list of Alertmanager endpoints to send alerts to. + /// + /// For Thanos >= v0.10.0, it is recommended to use `alertmanagersConfig` instead. + /// + /// `alertmanagersConfig` takes precedence over this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "alertmanagersUrl")] pub alertmanagers_url: Option>, /// Containers allows injecting additional containers or modifying operator generated @@ -127,8 +149,10 @@ pub struct ThanosRulerSpec { /// at any time without notice. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] pub init_containers: Option>, - /// Labels configure the external label pairs to ThanosRuler. A default replica label - /// `thanos_ruler_replica` will be always added as a label with the value of the pod's name and it will be dropped in the alerts. + /// Configures the external label pairs of the ThanosRuler resource. + /// + /// A default replica label `thanos_ruler_replica` will be always added as a + /// label with the value of the pod's name. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, /// ListenLocal makes the Thanos ruler listen on loopback, so that it @@ -150,12 +174,22 @@ pub struct ThanosRulerSpec { /// Define which Nodes the Pods are scheduled on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, - /// ObjectStorageConfig configures object storage in Thanos. - /// Alternative to ObjectStorageConfigFile, and lower order priority. + /// Configures object storage. + /// + /// The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + /// + /// The operator performs no validation of the configuration. + /// + /// `objectStorageConfigFile` takes precedence over this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectStorageConfig")] pub object_storage_config: Option, - /// ObjectStorageConfigFile specifies the path of the object storage configuration file. - /// When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence. + /// Configures the path of the object storage configuration file. + /// + /// The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + /// + /// The operator performs no validation of the configuration file. + /// + /// This field takes precedence over `objectStorageConfig`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectStorageConfigFile")] pub object_storage_config_file: Option, /// When a ThanosRuler deployment is paused, no actions except for deletion @@ -185,14 +219,22 @@ pub struct ThanosRulerSpec { /// Deprecated: use excludedFromEnforcement instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "prometheusRulesExcludedFromEnforce")] pub prometheus_rules_excluded_from_enforce: Option>, - /// Define configuration for connecting to thanos query instances. - /// If this is defined, the QueryEndpoints field will be ignored. - /// Maps to the `query.config` CLI argument. - /// Only available with thanos v0.11.0 and higher. + /// Configures the list of Thanos Query endpoints from which to query metrics. + /// + /// The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api + /// + /// It requires Thanos >= v0.11.0. + /// + /// The operator performs no validation of the configuration. + /// + /// This field takes precedence over `queryEndpoints`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryConfig")] pub query_config: Option, - /// QueryEndpoints defines Thanos querier endpoints from which to query metrics. - /// Maps to the --query flag of thanos ruler. + /// Configures the list of Thanos Query endpoints from which to query metrics. + /// + /// For Thanos >= v0.11.0, it is recommended to use `queryConfig` instead. + /// + /// `queryConfig` takes precedence over this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryEndpoints")] pub query_endpoints: Option>, /// Number of thanos ruler instances to deploy. @@ -213,8 +255,9 @@ pub struct ThanosRulerSpec { /// the same namespace as the ThanosRuler object is in is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleNamespaceSelector")] pub rule_namespace_selector: Option, - /// A label selector to select which PrometheusRules to mount for alerting and - /// recording. + /// PrometheusRule objects to be selected for rule evaluation. An empty + /// label selector matches all objects. A null label selector matches no + /// objects. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ruleSelector")] pub rule_selector: Option, /// SecurityContext holds pod-level security attributes and common container settings. @@ -225,6 +268,13 @@ pub struct ThanosRulerSpec { /// Thanos Ruler Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, + /// The name of the service name used by the underlying StatefulSet(s) as the governing service. + /// If defined, the Service must be created before the ThanosRuler resource in the same namespace and it must define a selector that matches the pod labels. + /// If empty, the operator will create and manage a headless service named `thanos-ruler-operated` for ThanosRuler resources. + /// When deploying multiple ThanosRuler resources in the same namespace, it is recommended to specify a different value for each. + /// See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] + pub service_name: Option, /// Storage spec to specify how storage shall be used. #[serde(default, skip_serializing_if = "Option::is_none")] pub storage: Option, @@ -234,20 +284,28 @@ pub struct ThanosRulerSpec { /// If specified, the pod's topology spread constraints. #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] pub topology_spread_constraints: Option>, - /// TracingConfig configures tracing in Thanos. + /// Configures tracing. /// - /// `tracingConfigFile` takes precedence over this field. + /// The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration /// /// This is an *experimental feature*, it may change in any upcoming release /// in a breaking way. + /// + /// The operator performs no validation of the configuration. + /// + /// `tracingConfigFile` takes precedence over this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfig")] pub tracing_config: Option, - /// TracingConfig specifies the path of the tracing configuration file. + /// Configures the path of the tracing configuration file. /// - /// This field takes precedence over `tracingConfig`. + /// The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration /// /// This is an *experimental feature*, it may change in any upcoming release /// in a breaking way. + /// + /// The operator performs no validation of the configuration file. + /// + /// This field takes precedence over `tracingConfig`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfigFile")] pub tracing_config_file: Option, /// Version of Thanos to be deployed. @@ -978,10 +1036,15 @@ pub struct ThanosRulerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuri pub values: Option>, } -/// AlertRelabelConfigs configures alert relabeling in ThanosRuler. -/// Alert relabel configurations must have the form as specified in the official Prometheus documentation: +/// Configures alert relabeling in Thanos Ruler. +/// +/// Alert relabel configuration must have the form as specified in the +/// official Prometheus documentation: /// https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs -/// Alternative to AlertRelabelConfigFile, and lower order priority. +/// +/// The operator performs no validation of the configuration. +/// +/// `alertRelabelConfigFile` takes precedence over this field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerAlertRelabelConfigs { /// The key of the secret to select from. Must be a valid secret key. @@ -998,8 +1061,15 @@ pub struct ThanosRulerAlertRelabelConfigs { pub optional: Option, } -/// Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 -/// and higher. Maps to the `alertmanagers.config` arg. +/// Configures the list of Alertmanager endpoints to send alerts to. +/// +/// The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. +/// +/// It requires Thanos >= v0.10.0. +/// +/// The operator performs no validation of the configuration. +/// +/// This field takes precedence over `alertmanagersUrl`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerAlertmanagersConfig { /// The key of the secret to select from. Must be a valid secret key. @@ -1356,23 +1426,23 @@ pub struct ThanosRulerContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1384,7 +1454,7 @@ pub struct ThanosRulerContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1417,7 +1487,7 @@ pub struct ThanosRulerContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1425,8 +1495,8 @@ pub struct ThanosRulerContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1449,23 +1519,23 @@ pub struct ThanosRulerContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1477,7 +1547,7 @@ pub struct ThanosRulerContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1510,7 +1580,7 @@ pub struct ThanosRulerContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -1518,8 +1588,8 @@ pub struct ThanosRulerContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1537,17 +1607,17 @@ pub struct ThanosRulerContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1562,7 +1632,7 @@ pub struct ThanosRulerContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1584,7 +1654,7 @@ pub struct ThanosRulerContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1596,7 +1666,7 @@ pub struct ThanosRulerContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1609,7 +1679,7 @@ pub struct ThanosRulerContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1642,7 +1712,7 @@ pub struct ThanosRulerContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1687,17 +1757,17 @@ pub struct ThanosRulerContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1712,7 +1782,7 @@ pub struct ThanosRulerContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1734,7 +1804,7 @@ pub struct ThanosRulerContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1746,7 +1816,7 @@ pub struct ThanosRulerContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1759,7 +1829,7 @@ pub struct ThanosRulerContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1792,7 +1862,7 @@ pub struct ThanosRulerContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2055,17 +2125,17 @@ pub struct ThanosRulerContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2080,7 +2150,7 @@ pub struct ThanosRulerContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2102,7 +2172,7 @@ pub struct ThanosRulerContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2114,7 +2184,7 @@ pub struct ThanosRulerContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2127,7 +2197,7 @@ pub struct ThanosRulerContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2160,7 +2230,7 @@ pub struct ThanosRulerContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2865,23 +2935,23 @@ pub struct ThanosRulerInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2893,7 +2963,7 @@ pub struct ThanosRulerInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2926,7 +2996,7 @@ pub struct ThanosRulerInitContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2934,8 +3004,8 @@ pub struct ThanosRulerInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2958,23 +3028,23 @@ pub struct ThanosRulerInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2986,7 +3056,7 @@ pub struct ThanosRulerInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3019,7 +3089,7 @@ pub struct ThanosRulerInitContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -3027,8 +3097,8 @@ pub struct ThanosRulerInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3046,17 +3116,17 @@ pub struct ThanosRulerInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3071,7 +3141,7 @@ pub struct ThanosRulerInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3093,7 +3163,7 @@ pub struct ThanosRulerInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3105,7 +3175,7 @@ pub struct ThanosRulerInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3118,7 +3188,7 @@ pub struct ThanosRulerInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3151,7 +3221,7 @@ pub struct ThanosRulerInitContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3196,17 +3266,17 @@ pub struct ThanosRulerInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3221,7 +3291,7 @@ pub struct ThanosRulerInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3243,7 +3313,7 @@ pub struct ThanosRulerInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3255,7 +3325,7 @@ pub struct ThanosRulerInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3268,7 +3338,7 @@ pub struct ThanosRulerInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3301,7 +3371,7 @@ pub struct ThanosRulerInitContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3564,17 +3634,17 @@ pub struct ThanosRulerInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3589,7 +3659,7 @@ pub struct ThanosRulerInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3611,7 +3681,7 @@ pub struct ThanosRulerInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3623,7 +3693,7 @@ pub struct ThanosRulerInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3636,7 +3706,7 @@ pub struct ThanosRulerInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3669,7 +3739,7 @@ pub struct ThanosRulerInitContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3770,8 +3840,13 @@ pub enum ThanosRulerLogLevel { Error, } -/// ObjectStorageConfig configures object storage in Thanos. -/// Alternative to ObjectStorageConfigFile, and lower order priority. +/// Configures object storage. +/// +/// The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage +/// +/// The operator performs no validation of the configuration. +/// +/// `objectStorageConfigFile` takes precedence over this field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerObjectStorageConfig { /// The key of the secret to select from. Must be a valid secret key. @@ -3833,10 +3908,15 @@ pub struct ThanosRulerPrometheusRulesExcludedFromEnforce { pub rule_namespace: String, } -/// Define configuration for connecting to thanos query instances. -/// If this is defined, the QueryEndpoints field will be ignored. -/// Maps to the `query.config` CLI argument. -/// Only available with thanos v0.11.0 and higher. +/// Configures the list of Thanos Query endpoints from which to query metrics. +/// +/// The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api +/// +/// It requires Thanos >= v0.11.0. +/// +/// The operator performs no validation of the configuration. +/// +/// This field takes precedence over `queryEndpoints`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerQueryConfig { /// The key of the secret to select from. Must be a valid secret key. @@ -3923,8 +4003,9 @@ pub struct ThanosRulerRuleNamespaceSelectorMatchExpressions { pub values: Option>, } -/// A label selector to select which PrometheusRules to mount for alerting and -/// recording. +/// PrometheusRule objects to be selected for rule evaluation. An empty +/// label selector matches all objects. A null label selector matches no +/// objects. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerRuleSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4007,6 +4088,31 @@ pub struct ThanosRulerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -4991,12 +5097,16 @@ pub struct ThanosRulerTopologySpreadConstraintsLabelSelectorMatchExpressions { pub values: Option>, } -/// TracingConfig configures tracing in Thanos. +/// Configures tracing. /// -/// `tracingConfigFile` takes precedence over this field. +/// The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration /// /// This is an *experimental feature*, it may change in any upcoming release /// in a breaking way. +/// +/// The operator performs no validation of the configuration. +/// +/// `tracingConfigFile` takes precedence over this field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerTracingConfig { /// The key of the secret to select from. Must be a valid secret key. @@ -5069,26 +5179,35 @@ pub struct ThanosRulerVolumeMounts { pub struct ThanosRulerVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -5129,23 +5248,28 @@ pub struct ThanosRulerVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -5190,23 +5314,30 @@ pub struct ThanosRulerVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -5214,15 +5345,20 @@ pub struct ThanosRulerVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesAwsElasticBlockStore { @@ -5249,6 +5385,8 @@ pub struct ThanosRulerVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -5275,6 +5413,8 @@ pub struct ThanosRulerVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -5289,7 +5429,8 @@ pub struct ThanosRulerVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -5331,6 +5472,8 @@ pub struct ThanosRulerVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesCinder { @@ -5421,7 +5564,7 @@ pub struct ThanosRulerVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -5862,6 +6005,7 @@ pub struct ThanosRulerVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -5903,7 +6047,8 @@ pub struct ThanosRulerVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -5917,6 +6062,8 @@ pub struct ThanosRulerVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesGcePersistentDisk { @@ -5945,7 +6092,7 @@ pub struct ThanosRulerVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -5964,6 +6111,7 @@ pub struct ThanosRulerVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesGlusterfs { @@ -6122,7 +6270,8 @@ pub struct ThanosRulerVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -6135,7 +6284,10 @@ pub struct ThanosRulerVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -6441,7 +6593,8 @@ pub struct ThanosRulerVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesQuobyte { /// group to map volume access to @@ -6469,6 +6622,7 @@ pub struct ThanosRulerVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesRbd { @@ -6528,6 +6682,7 @@ pub struct ThanosRulerVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -6632,6 +6787,7 @@ pub struct ThanosRulerVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesStorageos { /// fsType is the filesystem type to mount. @@ -6674,7 +6830,9 @@ pub struct ThanosRulerVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -6769,57 +6927,86 @@ pub enum ThanosRulerWebHttpConfigHeadersXFrameOptions { /// Defines the TLS parameters for HTTPS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerWebTlsConfig { - /// Contains the TLS certificate for the server. + /// Secret or ConfigMap containing the TLS certificate for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `certFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, - /// Path to the TLS certificate file in the Prometheus container for the server. - /// Mutually exclusive with `cert`. + /// Path to the TLS certificate file in the container for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `cert`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certFile")] pub cert_file: Option, - /// List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - /// Go default cipher suites are used. Available cipher suites are documented - /// in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + /// List of supported cipher suites for TLS versions up to TLS 1.2. + /// + /// If not defined, the Go default cipher suites are used. + /// Available cipher suites are documented in the Go documentation: + /// https://golang.org/pkg/crypto/tls/#pkg-constants #[serde(default, skip_serializing_if = "Option::is_none", rename = "cipherSuites")] pub cipher_suites: Option>, - /// Server policy for client authentication. Maps to ClientAuth Policies. + /// The server policy for client TLS authentication. + /// /// For more detail on clientAuth options: /// https://golang.org/pkg/crypto/tls/#ClientAuthType #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientAuthType")] pub client_auth_type: Option, - /// Path to the CA certificate file for client certificate authentication to the server. - /// Mutually exclusive with `client_ca`. + /// Path to the CA certificate file for client certificate authentication to + /// the server. + /// + /// It is mutually exclusive with `client_ca`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCAFile")] pub client_ca_file: Option, - /// Contains the CA certificate for client certificate authentication to the server. + /// Secret or ConfigMap containing the CA certificate for client certificate + /// authentication to the server. + /// + /// It is mutually exclusive with `clientCAFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub client_ca: Option, /// Elliptic curves that will be used in an ECDHE handshake, in preference - /// order. Available curves are documented in the go documentation: + /// order. + /// + /// Available curves are documented in the Go documentation: /// https://golang.org/pkg/crypto/tls/#CurveID #[serde(default, skip_serializing_if = "Option::is_none", rename = "curvePreferences")] pub curve_preferences: Option>, - /// Path to the TLS key file in the Prometheus container for the server. - /// Mutually exclusive with `keySecret`. + /// Path to the TLS private key file in the container for the web server. + /// + /// If defined, either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keySecret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyFile")] pub key_file: Option, - /// Secret containing the TLS key for the server. + /// Secret containing the TLS private key for the web server. + /// + /// Either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keyFile`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, - /// Maximum TLS version that is acceptable. Defaults to TLS13. + /// Maximum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] pub max_version: Option, - /// Minimum TLS version that is acceptable. Defaults to TLS12. + /// Minimum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] pub min_version: Option, - /// Controls whether the server selects the - /// client's most preferred cipher suite, or the server's most preferred - /// cipher suite. If true then the server's preference, as expressed in + /// Controls whether the server selects the client's most preferred cipher + /// suite, or the server's most preferred cipher suite. + /// + /// If true then the server's preference, as expressed in /// the order of elements in cipherSuites, is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferServerCipherSuites")] pub prefer_server_cipher_suites: Option, } -/// Contains the TLS certificate for the server. +/// Secret or ConfigMap containing the TLS certificate for the web server. +/// +/// Either `keySecret` or `keyFile` must be defined. +/// +/// It is mutually exclusive with `certFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerWebTlsConfigCert { /// ConfigMap containing data to use for the targets. @@ -6864,7 +7051,10 @@ pub struct ThanosRulerWebTlsConfigCertSecret { pub optional: Option, } -/// Contains the CA certificate for client certificate authentication to the server. +/// Secret or ConfigMap containing the CA certificate for client certificate +/// authentication to the server. +/// +/// It is mutually exclusive with `clientCAFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerWebTlsConfigClientCa { /// ConfigMap containing data to use for the targets. @@ -6909,7 +7099,11 @@ pub struct ThanosRulerWebTlsConfigClientCaSecret { pub optional: Option, } -/// Secret containing the TLS key for the server. +/// Secret containing the TLS private key for the web server. +/// +/// Either `cert` or `certFile` must be defined. +/// +/// It is mutually exclusive with `keyFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ThanosRulerWebTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs index 58d4d1423..76e7e7d34 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs @@ -304,9 +304,14 @@ pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -1219,9 +1224,14 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -1945,9 +1955,14 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -2660,9 +2675,14 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -3422,9 +3442,14 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -4220,9 +4245,14 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -4887,9 +4917,14 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -5638,9 +5673,14 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -6341,9 +6381,14 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -6992,9 +7037,14 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -7645,9 +7695,14 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -8348,9 +8403,14 @@ pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs index 52c8e93a9..7b806fc28 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs @@ -121,6 +121,13 @@ pub struct PrometheusAgentSpec { /// For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableFeatures")] pub enable_features: Option>, + /// Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + /// + /// Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. + /// + /// It requires Prometheus >= v2.47.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableOTLPReceiver")] + pub enable_otlp_receiver: Option, /// Enable Prometheus to be used as a receiver for the Prometheus remote /// write protocol. /// @@ -376,11 +383,13 @@ pub struct PrometheusAgentSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] pub min_ready_seconds: Option, /// Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s). - /// For now this field has no effect. /// /// (Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, + /// Specifies the validation scheme for metric and label names. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nameValidationScheme")] + pub name_validation_scheme: Option, /// Defines on which Nodes the Pods are scheduled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, @@ -515,6 +524,9 @@ pub struct PrometheusAgentSpec { /// for use with `kubectl proxy`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "routePrefix")] pub route_prefix: Option, + /// RuntimeConfig configures the values for the Prometheus process behavior + #[serde(default, skip_serializing_if = "Option::is_none")] + pub runtime: Option, /// SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. /// Only valid in Prometheus versions 2.45.0 and newer. /// @@ -551,6 +563,16 @@ pub struct PrometheusAgentSpec { /// Note that the ScrapeConfig custom resource definition is currently at Alpha level. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeConfigSelector")] pub scrape_config_selector: Option, + /// File to which scrape failures are logged. + /// Reloading the configuration will reopen the file. + /// + /// If the filename has an empty path, e.g. 'file.log', The Prometheus Pods + /// will mount the file into an emptyDir volume at `/var/log/prometheus`. + /// If a full path is provided, e.g. '/var/log/prometheus/file.log', you + /// must mount a volume in the specified directory and it must be writable. + /// It requires Prometheus >= v2.55.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeFailureLogFile")] + pub scrape_failure_log_file: Option, /// Interval between consecutive scrapes. /// /// Default: "30s" @@ -562,9 +584,12 @@ pub struct PrometheusAgentSpec { /// If unset, Prometheus uses its default value. /// /// It requires Prometheus >= v2.49.0. + /// + /// `PrometheusText1.0.0` requires Prometheus >= v3.0.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeProtocols")] pub scrape_protocols: Option>, /// Number of seconds to wait until a scrape request times out. + /// The value cannot be greater than the scrape interval otherwise the operator will reject the resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// Secrets is a list of Secrets in the same namespace as the Prometheus @@ -606,19 +631,36 @@ pub struct PrometheusAgentSpec { /// `spec.additionalScrapeConfigs` instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceMonitorSelector")] pub service_monitor_selector: Option, - /// Number of shards to distribute targets onto. `spec.replicas` - /// multiplied by `spec.shards` is the total number of Pods created. + /// The name of the service name used by the underlying StatefulSet(s) as the governing service. + /// If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels. + /// If empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources, + /// or `prometheus-agent-operated` for PrometheusAgent resources. + /// When deploying multiple Prometheus/PrometheusAgent resources in the same namespace, it is recommended to specify a different value for each. + /// See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceName")] + pub service_name: Option, + /// Number of shards to distribute the scraped targets onto. + /// + /// `spec.replicas` multiplied by `spec.shards` is the total number of Pods + /// being created. /// - /// Note that scaling down shards will not reshard data onto remaining + /// When not defined, the operator assumes only one shard. + /// + /// Note that scaling down shards will not reshard data onto the remaining /// instances, it must be manually moved. Increasing shards will not reshard /// data either but it will continue to be available from the same - /// instances. To query globally, use Thanos sidecar and Thanos querier or - /// remote write data to a central location. + /// instances. To query globally, use either + /// * Thanos sidecar + querier for query federation and Thanos Ruler for rules. + /// * Remote-write to send metrics to a central location. /// - /// Sharding is performed on the content of the `__address__` target meta-label - /// for PodMonitors and ServiceMonitors and `__param_target__` for Probes. + /// By default, the sharding of targets is performed on: + /// * The `__address__` target's metadata label for PodMonitor, + /// ServiceMonitor and ScrapeConfig resources. + /// * The `__param_target__` label for Probe resources. /// - /// Default: 1 + /// Users can define their own sharding implementation by setting the + /// `__tmp_hash` label during the target discovery with relabeling + /// configuration (either in the monitoring resources or via scrape class). #[serde(default, skip_serializing_if = "Option::is_none")] pub shards: Option, /// Storage defines the storage used by Prometheus. @@ -2074,23 +2116,23 @@ pub struct PrometheusAgentContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2102,7 +2144,7 @@ pub struct PrometheusAgentContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2135,7 +2177,7 @@ pub struct PrometheusAgentContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2143,8 +2185,8 @@ pub struct PrometheusAgentContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2167,23 +2209,23 @@ pub struct PrometheusAgentContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2195,7 +2237,7 @@ pub struct PrometheusAgentContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2228,7 +2270,7 @@ pub struct PrometheusAgentContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2236,8 +2278,8 @@ pub struct PrometheusAgentContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2255,17 +2297,17 @@ pub struct PrometheusAgentContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2280,7 +2322,7 @@ pub struct PrometheusAgentContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2302,7 +2344,7 @@ pub struct PrometheusAgentContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2314,7 +2356,7 @@ pub struct PrometheusAgentContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2327,7 +2369,7 @@ pub struct PrometheusAgentContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2360,7 +2402,7 @@ pub struct PrometheusAgentContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2405,17 +2447,17 @@ pub struct PrometheusAgentContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2430,7 +2472,7 @@ pub struct PrometheusAgentContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2452,7 +2494,7 @@ pub struct PrometheusAgentContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2464,7 +2506,7 @@ pub struct PrometheusAgentContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2477,7 +2519,7 @@ pub struct PrometheusAgentContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2510,7 +2552,7 @@ pub struct PrometheusAgentContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2773,17 +2815,17 @@ pub struct PrometheusAgentContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2798,7 +2840,7 @@ pub struct PrometheusAgentContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2820,7 +2862,7 @@ pub struct PrometheusAgentContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2832,7 +2874,7 @@ pub struct PrometheusAgentContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2845,7 +2887,7 @@ pub struct PrometheusAgentContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2878,7 +2920,7 @@ pub struct PrometheusAgentContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3402,23 +3444,23 @@ pub struct PrometheusAgentInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3430,7 +3472,7 @@ pub struct PrometheusAgentInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3463,7 +3505,7 @@ pub struct PrometheusAgentInitContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -3471,8 +3513,8 @@ pub struct PrometheusAgentInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3495,23 +3537,23 @@ pub struct PrometheusAgentInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3523,7 +3565,7 @@ pub struct PrometheusAgentInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3556,7 +3598,7 @@ pub struct PrometheusAgentInitContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -3564,8 +3606,8 @@ pub struct PrometheusAgentInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3583,17 +3625,17 @@ pub struct PrometheusAgentInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3608,7 +3650,7 @@ pub struct PrometheusAgentInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3630,7 +3672,7 @@ pub struct PrometheusAgentInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3642,7 +3684,7 @@ pub struct PrometheusAgentInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3655,7 +3697,7 @@ pub struct PrometheusAgentInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3688,7 +3730,7 @@ pub struct PrometheusAgentInitContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3733,17 +3775,17 @@ pub struct PrometheusAgentInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3758,7 +3800,7 @@ pub struct PrometheusAgentInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3780,7 +3822,7 @@ pub struct PrometheusAgentInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3792,7 +3834,7 @@ pub struct PrometheusAgentInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3805,7 +3847,7 @@ pub struct PrometheusAgentInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3838,7 +3880,7 @@ pub struct PrometheusAgentInitContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4101,17 +4143,17 @@ pub struct PrometheusAgentInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4126,7 +4168,7 @@ pub struct PrometheusAgentInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4148,7 +4190,7 @@ pub struct PrometheusAgentInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4160,7 +4202,7 @@ pub struct PrometheusAgentInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4173,7 +4215,7 @@ pub struct PrometheusAgentInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4206,7 +4248,7 @@ pub struct PrometheusAgentInitContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4315,13 +4357,42 @@ pub enum PrometheusAgentMode { DaemonSet, } +/// Specification of the desired behavior of the Prometheus agent. More info: +/// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusAgentNameValidationScheme { + #[serde(rename = "UTF8")] + Utf8, + Legacy, +} + /// Settings related to the OTLP receiver feature. /// It requires Prometheus >= v2.55.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentOtlp { + /// Enables adding `service.name`, `service.namespace` and `service.instance.id` + /// resource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels. + /// + /// It requires Prometheus >= v3.1.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keepIdentifyingResourceAttributes")] + pub keep_identifying_resource_attributes: Option, /// List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. #[serde(default, skip_serializing_if = "Option::is_none", rename = "promoteResourceAttributes")] pub promote_resource_attributes: Option>, + /// Configures how the OTLP receiver endpoint translates the incoming metrics. + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "translationStrategy")] + pub translation_strategy: Option, +} + +/// Settings related to the OTLP receiver feature. +/// It requires Prometheus >= v2.55.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusAgentOtlpTranslationStrategy { + #[serde(rename = "NoUTF8EscapingWithSuffixes")] + NoUtf8EscapingWithSuffixes, + UnderscoreEscapingWithSuffixes, } /// The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. @@ -4638,6 +4709,20 @@ pub struct PrometheusAgentRemoteWrite { /// Timeout for requests to the remote write endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "remoteTimeout")] pub remote_timeout: Option, + /// When enabled: + /// - The remote-write mechanism will resolve the hostname via DNS. + /// - It will randomly select one of the resolved IP addresses and connect to it. + /// + /// When disabled (default behavior): + /// - The Go standard library will handle hostname resolution. + /// - It will attempt connections to each resolved IP address sequentially. + /// + /// Note: The connection timeout applies to the entire resolution and connection process. + /// If disabled, the timeout is distributed across all connection attempts. + /// + /// It requires Prometheus >= v3.1.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "roundRobinDNS")] + pub round_robin_dns: Option, /// Enables sending of exemplars over remote write. Note that /// exemplar-storage itself must be enabled using the `spec.enableFeatures` /// option for exemplars to be scraped in the first place. @@ -5595,6 +5680,15 @@ pub struct PrometheusAgentResourcesClaims { pub request: Option, } +/// RuntimeConfig configures the values for the Prometheus process behavior +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRuntime { + /// The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + /// See: https://tip.golang.org/doc/gc-guide#GOGC + #[serde(default, skip_serializing_if = "Option::is_none", rename = "goGC")] + pub go_gc: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentScrapeClasses { /// AttachMetadata configures additional metadata to the discovered targets. @@ -5602,12 +5696,22 @@ pub struct PrometheusAgentScrapeClasses { /// precedence over the scrape class configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] pub attach_metadata: Option, + /// Authorization section for the ScrapeClass. + /// It will only apply if the scrape resource doesn't specify any Authorization. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, /// Default indicates that the scrape applies to all scrape objects that /// don't configure an explicit scrape class name. /// /// Only one scrape class can be set as the default. #[serde(default, skip_serializing_if = "Option::is_none")] pub default: Option, + /// The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + /// It will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackScrapeProtocol")] + pub fallback_scrape_protocol: Option, /// MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. /// /// The Operator adds the scrape class metric relabelings defined here. @@ -5652,6 +5756,55 @@ pub struct PrometheusAgentScrapeClassesAttachMetadata { pub node: Option, } +/// Authorization section for the ScrapeClass. +/// It will only apply if the scrape resource doesn't specify any Authorization. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentScrapeClassesAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// File to read a secret from, mutually exclusive with `credentials`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "credentialsFile")] + pub credentials_file: Option, + /// Defines the authentication type. The value is case-insensitive. + /// + /// "Basic" is not a supported value. + /// + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentScrapeClassesAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusAgentScrapeClassesFallbackScrapeProtocol { + PrometheusProto, + #[serde(rename = "OpenMetricsText0.0.1")] + OpenMetricsText001, + #[serde(rename = "OpenMetricsText1.0.0")] + OpenMetricsText100, + #[serde(rename = "PrometheusText0.0.4")] + PrometheusText004, + #[serde(rename = "PrometheusText1.0.0")] + PrometheusText100, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// @@ -6149,6 +6302,31 @@ pub struct PrometheusAgentSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -7520,26 +7698,35 @@ pub struct PrometheusAgentVolumeMounts { pub struct PrometheusAgentVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -7580,23 +7767,28 @@ pub struct PrometheusAgentVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -7641,23 +7833,30 @@ pub struct PrometheusAgentVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -7665,15 +7864,20 @@ pub struct PrometheusAgentVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesAwsElasticBlockStore { @@ -7700,6 +7904,8 @@ pub struct PrometheusAgentVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -7726,6 +7932,8 @@ pub struct PrometheusAgentVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -7740,7 +7948,8 @@ pub struct PrometheusAgentVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -7782,6 +7991,8 @@ pub struct PrometheusAgentVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesCinder { @@ -7872,7 +8083,7 @@ pub struct PrometheusAgentVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -8313,6 +8524,7 @@ pub struct PrometheusAgentVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -8354,7 +8566,8 @@ pub struct PrometheusAgentVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -8368,6 +8581,8 @@ pub struct PrometheusAgentVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesGcePersistentDisk { @@ -8396,7 +8611,7 @@ pub struct PrometheusAgentVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -8415,6 +8630,7 @@ pub struct PrometheusAgentVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesGlusterfs { @@ -8573,7 +8789,8 @@ pub struct PrometheusAgentVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -8586,7 +8803,10 @@ pub struct PrometheusAgentVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -8892,7 +9112,8 @@ pub struct PrometheusAgentVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesQuobyte { /// group to map volume access to @@ -8920,6 +9141,7 @@ pub struct PrometheusAgentVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesRbd { @@ -8979,6 +9201,7 @@ pub struct PrometheusAgentVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -9083,6 +9306,7 @@ pub struct PrometheusAgentVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesStorageos { /// fsType is the filesystem type to mount. @@ -9125,7 +9349,9 @@ pub struct PrometheusAgentVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -9227,57 +9453,86 @@ pub enum PrometheusAgentWebHttpConfigHeadersXFrameOptions { /// Defines the TLS parameters for HTTPS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentWebTlsConfig { - /// Contains the TLS certificate for the server. + /// Secret or ConfigMap containing the TLS certificate for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `certFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub cert: Option, - /// Path to the TLS certificate file in the Prometheus container for the server. - /// Mutually exclusive with `cert`. + /// Path to the TLS certificate file in the container for the web server. + /// + /// Either `keySecret` or `keyFile` must be defined. + /// + /// It is mutually exclusive with `cert`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certFile")] pub cert_file: Option, - /// List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - /// Go default cipher suites are used. Available cipher suites are documented - /// in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + /// List of supported cipher suites for TLS versions up to TLS 1.2. + /// + /// If not defined, the Go default cipher suites are used. + /// Available cipher suites are documented in the Go documentation: + /// https://golang.org/pkg/crypto/tls/#pkg-constants #[serde(default, skip_serializing_if = "Option::is_none", rename = "cipherSuites")] pub cipher_suites: Option>, - /// Server policy for client authentication. Maps to ClientAuth Policies. + /// The server policy for client TLS authentication. + /// /// For more detail on clientAuth options: /// https://golang.org/pkg/crypto/tls/#ClientAuthType #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientAuthType")] pub client_auth_type: Option, - /// Path to the CA certificate file for client certificate authentication to the server. - /// Mutually exclusive with `client_ca`. + /// Path to the CA certificate file for client certificate authentication to + /// the server. + /// + /// It is mutually exclusive with `client_ca`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientCAFile")] pub client_ca_file: Option, - /// Contains the CA certificate for client certificate authentication to the server. + /// Secret or ConfigMap containing the CA certificate for client certificate + /// authentication to the server. + /// + /// It is mutually exclusive with `clientCAFile`. #[serde(default, skip_serializing_if = "Option::is_none")] pub client_ca: Option, /// Elliptic curves that will be used in an ECDHE handshake, in preference - /// order. Available curves are documented in the go documentation: + /// order. + /// + /// Available curves are documented in the Go documentation: /// https://golang.org/pkg/crypto/tls/#CurveID #[serde(default, skip_serializing_if = "Option::is_none", rename = "curvePreferences")] pub curve_preferences: Option>, - /// Path to the TLS key file in the Prometheus container for the server. - /// Mutually exclusive with `keySecret`. + /// Path to the TLS private key file in the container for the web server. + /// + /// If defined, either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keySecret`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyFile")] pub key_file: Option, - /// Secret containing the TLS key for the server. + /// Secret containing the TLS private key for the web server. + /// + /// Either `cert` or `certFile` must be defined. + /// + /// It is mutually exclusive with `keyFile`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] pub key_secret: Option, - /// Maximum TLS version that is acceptable. Defaults to TLS13. + /// Maximum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] pub max_version: Option, - /// Minimum TLS version that is acceptable. Defaults to TLS12. + /// Minimum TLS version that is acceptable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] pub min_version: Option, - /// Controls whether the server selects the - /// client's most preferred cipher suite, or the server's most preferred - /// cipher suite. If true then the server's preference, as expressed in + /// Controls whether the server selects the client's most preferred cipher + /// suite, or the server's most preferred cipher suite. + /// + /// If true then the server's preference, as expressed in /// the order of elements in cipherSuites, is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferServerCipherSuites")] pub prefer_server_cipher_suites: Option, } -/// Contains the TLS certificate for the server. +/// Secret or ConfigMap containing the TLS certificate for the web server. +/// +/// Either `keySecret` or `keyFile` must be defined. +/// +/// It is mutually exclusive with `certFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentWebTlsConfigCert { /// ConfigMap containing data to use for the targets. @@ -9322,7 +9577,10 @@ pub struct PrometheusAgentWebTlsConfigCertSecret { pub optional: Option, } -/// Contains the CA certificate for client certificate authentication to the server. +/// Secret or ConfigMap containing the CA certificate for client certificate +/// authentication to the server. +/// +/// It is mutually exclusive with `clientCAFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentWebTlsConfigClientCa { /// ConfigMap containing data to use for the targets. @@ -9367,7 +9625,11 @@ pub struct PrometheusAgentWebTlsConfigClientCaSecret { pub optional: Option, } -/// Secret containing the TLS key for the server. +/// Secret containing the TLS private key for the web server. +/// +/// Either `cert` or `certFile` must be defined. +/// +/// It is mutually exclusive with `keyFile`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentWebTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs index 3bdafaafc..e94734840 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs @@ -53,9 +53,17 @@ pub struct ScrapeConfigSpec { /// If unset, Prometheus uses true by default. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableCompression")] pub enable_compression: Option, + /// Whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, /// EurekaSDConfigs defines a list of Eureka service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "eurekaSDConfigs")] pub eureka_sd_configs: Option>, + /// The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + /// + /// It requires Prometheus >= v3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackScrapeProtocol")] + pub fallback_scrape_protocol: Option, /// FileSDConfigs defines a list of file service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fileSDConfigs")] pub file_sd_configs: Option>, @@ -204,6 +212,7 @@ pub struct ScrapeConfigSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeProtocols")] pub scrape_protocols: Option>, /// ScrapeTimeout is the number of seconds to wait until a scrape request times out. + /// The value cannot be greater than the scrape interval otherwise the operator will reject the resource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeTimeout")] pub scrape_timeout: Option, /// StaticConfigs defines a list of static targets with a common label set. @@ -265,138 +274,30 @@ pub struct ScrapeConfigAzureSdConfigs { /// See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "authenticationMethod")] pub authentication_method: Option, + /// Authorization header configuration to authenticate against the target HTTP endpoint. + /// Cannot be set at the same time as `oAuth2`, or `basicAuth`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// BasicAuth information to authenticate against the target HTTP endpoint. + /// More info: https://prometheus.io/docs/operating/configuration/#endpoints + /// Cannot be set at the same time as `authorization`, or `oAuth2`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, /// Optional client ID. Only required with the OAuth authentication method. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientID")] pub client_id: Option, /// Optional client secret. Only required with the OAuth authentication method. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientSecret")] pub client_secret: Option, - /// The Azure environment. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub environment: Option, - /// The port to scrape metrics from. If using the public IP address, this must - /// instead be specified in the relabeling rule. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// Optional resource group name. Limits discovery to this resource group. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroup")] - pub resource_group: Option, - /// The subscription ID. Always required. - #[serde(rename = "subscriptionID")] - pub subscription_id: String, - /// Optional tenant ID. Only required with the OAuth authentication method. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tenantID")] - pub tenant_id: Option, -} - -/// AzureSDConfig allow retrieving scrape targets from Azure VMs. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#azure_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigAzureSdConfigsAuthenticationMethod { - OAuth, - ManagedIdentity, - #[serde(rename = "SDK")] - Sdk, -} - -/// Optional client secret. Only required with the OAuth authentication method. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigAzureSdConfigsClientSecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// BasicAuth information to use on every scrape request. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigBasicAuth { - /// `password` specifies a key of a Secret containing the password for - /// authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, - /// `username` specifies a key of a Secret containing the username for - /// authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, -} - -/// `password` specifies a key of a Secret containing the password for -/// authentication. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigBasicAuthPassword { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// `username` specifies a key of a Secret containing the username for -/// authentication. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigBasicAuthUsername { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// ConsulSDConfig defines a Consul service discovery configuration -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigs { - /// Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul. - /// If unset, Prometheus uses its default value. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowStale")] - pub allow_stale: Option, - /// Authorization header configuration to authenticate against the Consul Server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// BasicAuth information to authenticate against the Consul Server. - /// More info: https://prometheus.io/docs/operating/configuration/#endpoints - #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, - /// Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub datacenter: Option, /// Whether to enable HTTP2. - /// If unset, Prometheus uses its default value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, + /// The Azure environment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub environment: Option, /// Configure whether HTTP requests follow HTTP 3xx redirects. - /// If unset, Prometheus uses its default value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] pub follow_redirects: Option, - /// Namespaces are only supported in Consul Enterprise. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names /// that should be excluded from proxying. IP and domain names can /// contain port numbers. @@ -404,21 +305,20 @@ pub struct ScrapeConfigConsulSdConfigs { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, - /// Node metadata key/value pairs to filter nodes for a given service. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeMeta")] - pub node_meta: Option>, - /// Optional OAuth 2.0 configuration. + /// Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + /// Cannot be set at the same time as `authorization`, or `basicAuth`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, - /// Admin Partitions are only supported in Consul Enterprise. + pub oauth2: Option, + /// The port to scrape metrics from. If using the public IP address, this must + /// instead be specified in the relabeling rule. #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, + pub port: Option, /// ProxyConnectHeader optionally specifies headers to send to /// proxies during CONNECT requests. /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -427,40 +327,41 @@ pub struct ScrapeConfigConsulSdConfigs { /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// The time after which the provided names are refreshed. - /// On large setup it might be a good idea to increase this value because the catalog will change all the time. - /// If unset, Prometheus uses its default value. + /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, - /// HTTP Scheme default "http" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, - /// A valid string consisting of a hostname or IP followed by an optional port number. - pub server: String, - /// A list of services for which targets are retrieved. If omitted, all services are scraped. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub services: Option>, - /// The string by which Consul tags are joined into the tag label. - /// If unset, Prometheus uses its default value. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagSeparator")] - pub tag_separator: Option, - /// An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tags: Option>, - /// TLS Config + /// Optional resource group name. Limits discovery to this resource group. + /// Requires Prometheus v2.35.0 and above + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceGroup")] + pub resource_group: Option, + /// The subscription ID. Always required. + #[serde(rename = "subscriptionID")] + pub subscription_id: String, + /// Optional tenant ID. Only required with the OAuth authentication method. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tenantID")] + pub tenant_id: Option, + /// TLS configuration applying to the target HTTP endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, - /// Consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenRef")] - pub token_ref: Option, + pub tls_config: Option, +} + +/// AzureSDConfig allow retrieving scrape targets from Azure VMs. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#azure_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigAzureSdConfigsAuthenticationMethod { + OAuth, + ManagedIdentity, + #[serde(rename = "SDK")] + Sdk, } -/// Authorization header configuration to authenticate against the Consul Server. +/// Authorization header configuration to authenticate against the target HTTP endpoint. +/// Cannot be set at the same time as `oAuth2`, or `basicAuth`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsAuthorization { +pub struct ScrapeConfigAzureSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// /// "Basic" is not a supported value. @@ -472,7 +373,7 @@ pub struct ScrapeConfigConsulSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsAuthorizationCredentials { +pub struct ScrapeConfigAzureSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -487,24 +388,25 @@ pub struct ScrapeConfigConsulSdConfigsAuthorizationCredentials { pub optional: Option, } -/// BasicAuth information to authenticate against the Consul Server. +/// BasicAuth information to authenticate against the target HTTP endpoint. /// More info: https://prometheus.io/docs/operating/configuration/#endpoints +/// Cannot be set at the same time as `authorization`, or `oAuth2`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsBasicAuth { +pub struct ScrapeConfigAzureSdConfigsBasicAuth { /// `password` specifies a key of a Secret containing the password for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, + pub password: Option, /// `username` specifies a key of a Secret containing the username for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, + pub username: Option, } /// `password` specifies a key of a Secret containing the password for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsBasicAuthPassword { +pub struct ScrapeConfigAzureSdConfigsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -522,7 +424,7 @@ pub struct ScrapeConfigConsulSdConfigsBasicAuthPassword { /// `username` specifies a key of a Secret containing the username for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsBasicAuthUsername { +pub struct ScrapeConfigAzureSdConfigsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -537,17 +439,35 @@ pub struct ScrapeConfigConsulSdConfigsBasicAuthUsername { pub optional: Option, } -/// Optional OAuth 2.0 configuration. +/// Optional client secret. Only required with the OAuth authentication method. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2 { +pub struct ScrapeConfigAzureSdConfigsClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. +/// Cannot be set at the same time as `authorization`, or `basicAuth`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigAzureSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[serde(rename = "clientId")] - pub client_id: ScrapeConfigConsulSdConfigsOauth2ClientId, + pub client_id: ScrapeConfigAzureSdConfigsOauth2ClientId, /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigConsulSdConfigsOauth2ClientSecret, + pub client_secret: ScrapeConfigAzureSdConfigsOauth2ClientSecret, /// `endpointParams` configures the HTTP parameters to append to the token /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] @@ -564,7 +484,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2 { /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -579,7 +499,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2 { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -588,18 +508,18 @@ pub struct ScrapeConfigConsulSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2ClientId { +pub struct ScrapeConfigAzureSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2ClientIdConfigMap { +pub struct ScrapeConfigAzureSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -616,7 +536,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2ClientIdConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2ClientIdSecret { +pub struct ScrapeConfigAzureSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -634,7 +554,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2ClientIdSecret { /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2ClientSecret { +pub struct ScrapeConfigAzureSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -651,7 +571,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2ProxyConnectHeader { +pub struct ScrapeConfigAzureSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -669,29 +589,29 @@ pub struct ScrapeConfigConsulSdConfigsOauth2ProxyConnectHeader { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfig { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -699,18 +619,18 @@ pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCa { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaConfigMap { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -727,7 +647,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaSecret { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -744,18 +664,18 @@ pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCert { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertConfigMap { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -772,7 +692,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertSecret { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -789,7 +709,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigKeySecret { +pub struct ScrapeConfigAzureSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -807,7 +727,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigKeySecret { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMaxVersion { +pub enum ScrapeConfigAzureSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -821,7 +741,7 @@ pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMaxVersion { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMinVersion { +pub enum ScrapeConfigAzureSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -834,7 +754,7 @@ pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMinVersion { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsProxyConnectHeader { +pub struct ScrapeConfigAzureSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -849,41 +769,31 @@ pub struct ScrapeConfigConsulSdConfigsProxyConnectHeader { pub optional: Option, } -/// ConsulSDConfig defines a Consul service discovery configuration -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigConsulSdConfigsScheme { - #[serde(rename = "HTTP")] - Http, - #[serde(rename = "HTTPS")] - Https, -} - -/// TLS Config +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfig { +pub struct ScrapeConfigAzureSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -891,18 +801,18 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCa { +pub struct ScrapeConfigAzureSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigAzureSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -919,7 +829,7 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigAzureSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -936,18 +846,18 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCert { +pub struct ScrapeConfigAzureSdConfigsTlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigAzureSdConfigsTlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -964,7 +874,7 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigAzureSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -981,7 +891,7 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigAzureSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -996,9 +906,9 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS Config +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigConsulSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigAzureSdConfigsTlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1009,9 +919,9 @@ pub enum ScrapeConfigConsulSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS Config +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigConsulSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigAzureSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1022,9 +932,23 @@ pub enum ScrapeConfigConsulSdConfigsTlsConfigMinVersion { Tls13, } -/// Consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent. +/// BasicAuth information to use on every scrape request. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTokenRef { +pub struct ScrapeConfigBasicAuth { + /// `password` specifies a key of a Secret containing the password for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for +/// authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1039,21 +963,62 @@ pub struct ScrapeConfigConsulSdConfigsTokenRef { pub optional: Option, } -/// DigitalOceanSDConfig allow retrieving scrape targets from DigitalOcean's Droplets API. -/// This service discovery uses the public IPv4 address by default, by that can be changed with relabeling -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#digitalocean_sd_config +/// `username` specifies a key of a Secret containing the username for +/// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigs { - /// Authorization header configuration to authenticate against the DigitalOcean API. - /// Cannot be set at the same time as `oauth2`. +pub struct ScrapeConfigBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// ConsulSDConfig defines a Consul service discovery configuration +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigs { + /// Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul. + /// If unset, Prometheus uses its default value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowStale")] + pub allow_stale: Option, + /// Optional Authorization header configuration to authenticate against the Consul Server. + /// Cannot be set at the same time as `basicAuth`, or `oauth2`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// Optional BasicAuth information to authenticate against the Consul Server. + /// More info: https://prometheus.io/docs/operating/configuration/#endpoints + /// Cannot be set at the same time as `authorization`, or `oauth2`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, + /// Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub datacenter: Option, /// Whether to enable HTTP2. + /// If unset, Prometheus uses its default value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, + /// Filter expression used to filter the catalog results. + /// See https://www.consul.io/api-docs/catalog#list-services + /// It requires Prometheus >= 3.0.0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filter: Option, /// Configure whether HTTP requests follow HTTP 3xx redirects. + /// If unset, Prometheus uses its default value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] pub follow_redirects: Option, + /// Namespaces are only supported in Consul Enterprise. + /// + /// It requires Prometheus >= 2.28.0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names /// that should be excluded from proxying. IP and domain names can /// contain port numbers. @@ -1061,19 +1026,28 @@ pub struct ScrapeConfigDigitalOceanSdConfigs { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, - /// Optional OAuth 2.0 configuration. - /// Cannot be set at the same time as `authorization`. + /// Node metadata key/value pairs to filter nodes for a given service. + /// Starting with Consul 1.14, it is recommended to use `filter` with the `NodeMeta` selector instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeMeta")] + pub node_meta: Option>, + /// Optional OAuth2.0 configuration. + /// Cannot be set at the same time as `basicAuth`, or `authorization`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, - /// The port to scrape metrics from. + pub oauth2: Option, + /// Admin Partitions are only supported in Consul Enterprise. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, + pub partition: Option, + /// Prefix for URIs for when consul is behind an API gateway (reverse proxy). + /// + /// It requires Prometheus >= 2.45.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pathPrefix")] + pub path_prefix: Option, /// ProxyConnectHeader optionally specifies headers to send to /// proxies during CONNECT requests. /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -1082,21 +1056,42 @@ pub struct ScrapeConfigDigitalOceanSdConfigs { /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// Refresh interval to re-read the instance list. + /// The time after which the provided names are refreshed. + /// On large setup it might be a good idea to increase this value because the catalog will change all the time. + /// If unset, Prometheus uses its default value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, - /// TLS configuration applying to the target HTTP endpoint. + /// HTTP Scheme default "http" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, + /// Consul server address. A valid string consisting of a hostname or IP followed by an optional port number. + pub server: String, + /// A list of services for which targets are retrieved. If omitted, all services are scraped. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub services: Option>, + /// The string by which Consul tags are joined into the tag label. + /// If unset, Prometheus uses its default value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagSeparator")] + pub tag_separator: Option, + /// An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. + /// Starting with Consul 1.14, it is recommended to use `filter` with the `ServiceTags` selector instead. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tags: Option>, + /// TLS configuration to connect to the Consul API. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, + /// Consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenRef")] + pub token_ref: Option, } -/// Authorization header configuration to authenticate against the DigitalOcean API. -/// Cannot be set at the same time as `oauth2`. +/// Optional Authorization header configuration to authenticate against the Consul Server. +/// Cannot be set at the same time as `basicAuth`, or `oauth2`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsAuthorization { +pub struct ScrapeConfigConsulSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// /// "Basic" is not a supported value. @@ -1108,7 +1103,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsAuthorizationCredentials { +pub struct ScrapeConfigConsulSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1123,18 +1118,69 @@ pub struct ScrapeConfigDigitalOceanSdConfigsAuthorizationCredentials { pub optional: Option, } -/// Optional OAuth 2.0 configuration. -/// Cannot be set at the same time as `authorization`. +/// Optional BasicAuth information to authenticate against the Consul Server. +/// More info: https://prometheus.io/docs/operating/configuration/#endpoints +/// Cannot be set at the same time as `authorization`, or `oauth2`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2 { +pub struct ScrapeConfigConsulSdConfigsBasicAuth { + /// `password` specifies a key of a Secret containing the password for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for +/// authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsBasicAuthPassword { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for +/// authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Optional OAuth2.0 configuration. +/// Cannot be set at the same time as `basicAuth`, or `authorization`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[serde(rename = "clientId")] - pub client_id: ScrapeConfigDigitalOceanSdConfigsOauth2ClientId, + pub client_id: ScrapeConfigConsulSdConfigsOauth2ClientId, /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigDigitalOceanSdConfigsOauth2ClientSecret, + pub client_secret: ScrapeConfigConsulSdConfigsOauth2ClientSecret, /// `endpointParams` configures the HTTP parameters to append to the token /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] @@ -1151,7 +1197,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2 { /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -1166,7 +1212,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2 { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1175,18 +1221,18 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientId { +pub struct ScrapeConfigConsulSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientIdConfigMap { +pub struct ScrapeConfigConsulSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1203,7 +1249,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientIdConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientIdSecret { +pub struct ScrapeConfigConsulSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1221,7 +1267,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientIdSecret { /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientSecret { +pub struct ScrapeConfigConsulSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1238,7 +1284,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ProxyConnectHeader { +pub struct ScrapeConfigConsulSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1256,29 +1302,29 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ProxyConnectHeader { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfig { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1286,18 +1332,18 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCa { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaConfigMap { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1314,7 +1360,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaSecret { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1331,18 +1377,18 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCert { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertConfigMap { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1359,7 +1405,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertSecret { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1376,7 +1422,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigKeySecret { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1394,7 +1440,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigKeySecret { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMaxVersion { +pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1408,7 +1454,7 @@ pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMaxVersion { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMinVersion { +pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1421,7 +1467,7 @@ pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMinVersion { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsProxyConnectHeader { +pub struct ScrapeConfigConsulSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1436,31 +1482,41 @@ pub struct ScrapeConfigDigitalOceanSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// ConsulSDConfig defines a Consul service discovery configuration +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigConsulSdConfigsScheme { + #[serde(rename = "HTTP")] + Http, + #[serde(rename = "HTTPS")] + Https, +} + +/// TLS configuration to connect to the Consul API. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfig { +pub struct ScrapeConfigConsulSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1468,18 +1524,18 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCa { +pub struct ScrapeConfigConsulSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigConsulSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1496,7 +1552,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigConsulSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1513,18 +1569,18 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCert { +pub struct ScrapeConfigConsulSdConfigsTlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigConsulSdConfigsTlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1541,7 +1597,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigConsulSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1558,7 +1614,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigConsulSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1573,9 +1629,9 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to connect to the Consul API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigConsulSdConfigsTlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1586,9 +1642,9 @@ pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to connect to the Consul API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigConsulSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1599,78 +1655,38 @@ pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMinVersion { Tls13, } -/// DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. -/// The DNS servers to be contacted are read from /etc/resolv.conf. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config +/// Consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDnsSdConfigs { - /// A list of DNS domain names to be queried. - pub names: Vec, - /// The port number used if the query type is not SRV - /// Ignored for SRV records +pub struct ScrapeConfigConsulSdConfigsTokenRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// RefreshInterval configures the time after which the provided names are refreshed. - /// If not set, Prometheus uses its default value. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// The type of DNS query to perform. One of SRV, A, AAAA, MX or NS. - /// If not set, Prometheus uses its default value. - /// - /// When set to NS, it requires Prometheus >= v2.49.0. - /// When set to MX, it requires Prometheus >= v2.38.0 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. -/// The DNS servers to be contacted are read from /etc/resolv.conf. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDnsSdConfigsType { - A, - #[serde(rename = "AAAA")] - Aaaa, - #[serde(rename = "MX")] - Mx, - #[serde(rename = "NS")] - Ns, - #[serde(rename = "SRV")] - Srv, + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, } -/// Docker SD configurations allow retrieving scrape targets from Docker Engine hosts. -/// This SD discovers "containers" and will create a target for each network IP and -/// port the container is configured to expose. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#docker_sd_config +/// DigitalOceanSDConfig allow retrieving scrape targets from DigitalOcean's Droplets API. +/// This service discovery uses the public IPv4 address by default, by that can be changed with relabeling +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#digitalocean_sd_config #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigs { - /// Authorization header configuration to authenticate against the Docker API. +pub struct ScrapeConfigDigitalOceanSdConfigs { + /// Authorization header configuration to authenticate against the DigitalOcean API. /// Cannot be set at the same time as `oauth2`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// BasicAuth information to use on every scrape request. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, + pub authorization: Option, /// Whether to enable HTTP2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, - /// Optional filters to limit the discovery process to a subset of the available resources. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub filters: Option>, /// Configure whether HTTP requests follow HTTP 3xx redirects. #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] pub follow_redirects: Option, - /// Address of the docker daemon - pub host: String, - /// The host to use if the container is in host networking mode. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetworkingHost")] - pub host_networking_host: Option, - /// Configure whether to match the first network if the container has multiple networks defined. - /// If unset, Prometheus uses true by default. - /// It requires Prometheus >= v2.54.1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFirstNetwork")] - pub match_first_network: Option, /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names /// that should be excluded from proxying. IP and domain names can /// contain port numbers. @@ -1681,16 +1697,16 @@ pub struct ScrapeConfigDockerSdConfigs { /// Optional OAuth 2.0 configuration. /// Cannot be set at the same time as `authorization`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, + pub oauth2: Option, /// The port to scrape metrics from. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, + pub port: Option, /// ProxyConnectHeader optionally specifies headers to send to /// proxies during CONNECT requests. /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -1699,21 +1715,21 @@ pub struct ScrapeConfigDockerSdConfigs { /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// Time after which the container is refreshed. + /// Refresh interval to re-read the instance list. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, /// TLS configuration applying to the target HTTP endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, } -/// Authorization header configuration to authenticate against the Docker API. +/// Authorization header configuration to authenticate against the DigitalOcean API. /// Cannot be set at the same time as `oauth2`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsAuthorization { +pub struct ScrapeConfigDigitalOceanSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// /// "Basic" is not a supported value. @@ -1725,56 +1741,7 @@ pub struct ScrapeConfigDockerSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsAuthorizationCredentials { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// BasicAuth information to use on every scrape request. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsBasicAuth { - /// `password` specifies a key of a Secret containing the password for - /// authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, - /// `username` specifies a key of a Secret containing the username for - /// authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, -} - -/// `password` specifies a key of a Secret containing the password for -/// authentication. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsBasicAuthPassword { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// `username` specifies a key of a Secret containing the username for -/// authentication. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsBasicAuthUsername { +pub struct ScrapeConfigDigitalOceanSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1789,27 +1756,18 @@ pub struct ScrapeConfigDockerSdConfigsBasicAuthUsername { pub optional: Option, } -/// Filter name and value pairs to limit the discovery process to a subset of available resources. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsFilters { - /// Name of the Filter. - pub name: String, - /// Value to filter on. - pub values: Vec, -} - /// Optional OAuth 2.0 configuration. /// Cannot be set at the same time as `authorization`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2 { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[serde(rename = "clientId")] - pub client_id: ScrapeConfigDockerSdConfigsOauth2ClientId, + pub client_id: ScrapeConfigDigitalOceanSdConfigsOauth2ClientId, /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigDockerSdConfigsOauth2ClientSecret, + pub client_secret: ScrapeConfigDigitalOceanSdConfigsOauth2ClientSecret, /// `endpointParams` configures the HTTP parameters to append to the token /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] @@ -1826,7 +1784,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2 { /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -1841,7 +1799,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2 { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1850,18 +1808,18 @@ pub struct ScrapeConfigDockerSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2ClientId { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdConfigMap { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1878,7 +1836,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1896,7 +1854,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdSecret { /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2ClientSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1913,7 +1871,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2ProxyConnectHeader { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1931,29 +1889,29 @@ pub struct ScrapeConfigDockerSdConfigsOauth2ProxyConnectHeader { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfig { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1961,18 +1919,18 @@ pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCa { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaConfigMap { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1989,7 +1947,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2006,18 +1964,18 @@ pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCert { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertConfigMap { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2034,7 +1992,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2051,7 +2009,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigKeySecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2069,7 +2027,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigKeySecret { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMaxVersion { +pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2083,7 +2041,7 @@ pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMaxVersion { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMinVersion { +pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2096,7 +2054,7 @@ pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMinVersion { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsProxyConnectHeader { +pub struct ScrapeConfigDigitalOceanSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2113,29 +2071,29 @@ pub struct ScrapeConfigDockerSdConfigsProxyConnectHeader { /// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfig { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2143,18 +2101,18 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCa { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2171,7 +2129,7 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2188,18 +2146,18 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCert { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2216,7 +2174,7 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2233,7 +2191,7 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2250,7 +2208,7 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigKeySecret { /// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2263,7 +2221,7 @@ pub enum ScrapeConfigDockerSdConfigsTlsConfigMaxVersion { /// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2274,32 +2232,78 @@ pub enum ScrapeConfigDockerSdConfigsTlsConfigMinVersion { Tls13, } -/// DockerSwarmSDConfig configurations allow retrieving scrape targets from Docker Swarm engine. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config +/// DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. +/// The DNS servers to be contacted are read from /etc/resolv.conf. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDnsSdConfigs { + /// A list of DNS domain names to be queried. + pub names: Vec, + /// The port number used if the query type is not SRV + /// Ignored for SRV records + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// RefreshInterval configures the time after which the provided names are refreshed. + /// If not set, Prometheus uses its default value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The type of DNS query to perform. One of SRV, A, AAAA, MX or NS. + /// If not set, Prometheus uses its default value. + /// + /// When set to NS, it requires Prometheus >= v2.49.0. + /// When set to MX, it requires Prometheus >= v2.38.0 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. +/// The DNS servers to be contacted are read from /etc/resolv.conf. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigs { - /// Authorization header configuration to authenticate against the target HTTP endpoint. +pub enum ScrapeConfigDnsSdConfigsType { + A, + #[serde(rename = "AAAA")] + Aaaa, + #[serde(rename = "MX")] + Mx, + #[serde(rename = "NS")] + Ns, + #[serde(rename = "SRV")] + Srv, +} + +/// Docker SD configurations allow retrieving scrape targets from Docker Engine hosts. +/// This SD discovers "containers" and will create a target for each network IP and +/// port the container is configured to expose. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#docker_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigs { + /// Authorization header configuration to authenticate against the Docker API. + /// Cannot be set at the same time as `oauth2`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// Optional HTTP basic authentication information. + pub authorization: Option, + /// BasicAuth information to use on every scrape request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, + pub basic_auth: Option, /// Whether to enable HTTP2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, - /// Optional filters to limit the discovery process to a subset of available - /// resources. - /// The available filters are listed in the upstream documentation: - /// Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList - /// Tasks: https://docs.docker.com/engine/api/v1.40/#operation/TaskList - /// Nodes: https://docs.docker.com/engine/api/v1.40/#operation/NodeList + /// Optional filters to limit the discovery process to a subset of the available resources. #[serde(default, skip_serializing_if = "Option::is_none")] - pub filters: Option>, + pub filters: Option>, /// Configure whether HTTP requests follow HTTP 3xx redirects. #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] pub follow_redirects: Option, - /// Address of the Docker daemon + /// Address of the docker daemon pub host: String, + /// The host to use if the container is in host networking mode. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetworkingHost")] + pub host_networking_host: Option, + /// Configure whether to match the first network if the container has multiple networks defined. + /// If unset, Prometheus uses true by default. + /// It requires Prometheus >= v2.54.1. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFirstNetwork")] + pub match_first_network: Option, /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names /// that should be excluded from proxying. IP and domain names can /// contain port numbers. @@ -2308,19 +2312,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigs { #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, /// Optional OAuth 2.0 configuration. - /// Cannot be set at the same time as `authorization`, or `basicAuth`. + /// Cannot be set at the same time as `authorization`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, - /// The port to scrape metrics from, when `role` is nodes, and for discovered - /// tasks and services that don't have published ports. + pub oauth2: Option, + /// The port to scrape metrics from. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, + pub port: Option, /// ProxyConnectHeader optionally specifies headers to send to /// proxies during CONNECT requests. /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -2329,22 +2332,21 @@ pub struct ScrapeConfigDockerSwarmSdConfigs { /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// The time after which the service discovery data is refreshed. + /// Time after which the container is refreshed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, - /// Role of the targets to retrieve. Must be `Services`, `Tasks`, or `Nodes`. - pub role: ScrapeConfigDockerSwarmSdConfigsRole, - /// TLS configuration to use on every scrape request + /// TLS configuration applying to the target HTTP endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, } -/// Authorization header configuration to authenticate against the target HTTP endpoint. +/// Authorization header configuration to authenticate against the Docker API. +/// Cannot be set at the same time as `oauth2`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsAuthorization { +pub struct ScrapeConfigDockerSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// /// "Basic" is not a supported value. @@ -2356,7 +2358,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsAuthorizationCredentials { +pub struct ScrapeConfigDockerSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2371,23 +2373,23 @@ pub struct ScrapeConfigDockerSwarmSdConfigsAuthorizationCredentials { pub optional: Option, } -/// Optional HTTP basic authentication information. +/// BasicAuth information to use on every scrape request. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuth { +pub struct ScrapeConfigDockerSdConfigsBasicAuth { /// `password` specifies a key of a Secret containing the password for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, + pub password: Option, /// `username` specifies a key of a Secret containing the username for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, + pub username: Option, } /// `password` specifies a key of a Secret containing the password for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuthPassword { +pub struct ScrapeConfigDockerSdConfigsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2405,7 +2407,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuthPassword { /// `username` specifies a key of a Secret containing the username for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuthUsername { +pub struct ScrapeConfigDockerSdConfigsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2422,7 +2424,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuthUsername { /// Filter name and value pairs to limit the discovery process to a subset of available resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsFilters { +pub struct ScrapeConfigDockerSdConfigsFilters { /// Name of the Filter. pub name: String, /// Value to filter on. @@ -2430,17 +2432,17 @@ pub struct ScrapeConfigDockerSwarmSdConfigsFilters { } /// Optional OAuth 2.0 configuration. -/// Cannot be set at the same time as `authorization`, or `basicAuth`. +/// Cannot be set at the same time as `authorization`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2 { +pub struct ScrapeConfigDockerSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[serde(rename = "clientId")] - pub client_id: ScrapeConfigDockerSwarmSdConfigsOauth2ClientId, + pub client_id: ScrapeConfigDockerSdConfigsOauth2ClientId, /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigDockerSwarmSdConfigsOauth2ClientSecret, + pub client_secret: ScrapeConfigDockerSdConfigsOauth2ClientSecret, /// `endpointParams` configures the HTTP parameters to append to the token /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] @@ -2457,7 +2459,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2 { /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -2472,7 +2474,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2 { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2481,18 +2483,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientId { +pub struct ScrapeConfigDockerSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientIdConfigMap { +pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2509,7 +2511,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientIdConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientIdSecret { +pub struct ScrapeConfigDockerSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2527,7 +2529,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientIdSecret { /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientSecret { +pub struct ScrapeConfigDockerSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2544,7 +2546,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ProxyConnectHeader { +pub struct ScrapeConfigDockerSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2562,29 +2564,29 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ProxyConnectHeader { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfig { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2592,18 +2594,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCa { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaConfigMap { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2620,7 +2622,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaSecret { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2637,18 +2639,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCert { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertConfigMap { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2665,7 +2667,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertSecret { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2682,7 +2684,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigKeySecret { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2700,7 +2702,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigKeySecret { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMaxVersion { +pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2714,7 +2716,7 @@ pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMaxVersion { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMinVersion { +pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2727,7 +2729,7 @@ pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMinVersion { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsProxyConnectHeader { +pub struct ScrapeConfigDockerSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2742,40 +2744,31 @@ pub struct ScrapeConfigDockerSwarmSdConfigsProxyConnectHeader { pub optional: Option, } -/// DockerSwarmSDConfig configurations allow retrieving scrape targets from Docker Swarm engine. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsRole { - Services, - Tasks, - Nodes, -} - -/// TLS configuration to use on every scrape request +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfig { +pub struct ScrapeConfigDockerSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2783,18 +2776,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCa { +pub struct ScrapeConfigDockerSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigDockerSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2811,7 +2804,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigDockerSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2828,18 +2821,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCert { +pub struct ScrapeConfigDockerSdConfigsTlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigDockerSdConfigsTlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2856,7 +2849,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigDockerSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2873,7 +2866,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigDockerSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2888,9 +2881,9 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration to use on every scrape request +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigDockerSdConfigsTlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2901,9 +2894,9 @@ pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration to use on every scrape request +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigDockerSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2914,33 +2907,32 @@ pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMinVersion { Tls13, } -/// EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. -/// The private IP address is used by default, but may be changed to the public IP address with relabeling. -/// The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config -/// -/// The EC2 service discovery requires AWS API keys or role ARN for authentication. -/// BasicAuth, Authorization and OAuth2 fields are not present on purpose. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigs { - /// AccessKey is the AWS API key. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] - pub access_key: Option, +/// DockerSwarmSDConfig configurations allow retrieving scrape targets from Docker Swarm engine. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigs { + /// Authorization header configuration to authenticate against the target HTTP endpoint. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// Optional HTTP basic authentication information. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, /// Whether to enable HTTP2. - /// It requires Prometheus >= v2.41.0 #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, - /// Filters can be used optionally to filter the instance list by other criteria. - /// Available filter criteria can be found here: - /// https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html - /// Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html - /// It requires Prometheus >= v2.3.0 + /// Optional filters to limit the discovery process to a subset of available + /// resources. + /// The available filters are listed in the upstream documentation: + /// Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList + /// Tasks: https://docs.docker.com/engine/api/v1.40/#operation/TaskList + /// Nodes: https://docs.docker.com/engine/api/v1.40/#operation/NodeList #[serde(default, skip_serializing_if = "Option::is_none")] - pub filters: Option>, + pub filters: Option>, /// Configure whether HTTP requests follow HTTP 3xx redirects. - /// It requires Prometheus >= v2.41.0 #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] pub follow_redirects: Option, + /// Address of the Docker daemon + pub host: String, /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names /// that should be excluded from proxying. IP and domain names can /// contain port numbers. @@ -2948,8 +2940,12 @@ pub struct ScrapeConfigEc2SdConfigs { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, - /// The port to scrape metrics from. If using the public IP address, this must - /// instead be specified in the relabeling rule. + /// Optional OAuth 2.0 configuration. + /// Cannot be set at the same time as `authorization`, or `basicAuth`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// The port to scrape metrics from, when `role` is nodes, and for discovered + /// tasks and services that don't have published ports. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// ProxyConnectHeader optionally specifies headers to send to @@ -2957,7 +2953,7 @@ pub struct ScrapeConfigEc2SdConfigs { /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -2966,27 +2962,34 @@ pub struct ScrapeConfigEc2SdConfigs { /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. + /// The time after which the service discovery data is refreshed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, - /// The AWS region. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub region: Option, - /// AWS Role ARN, an alternative to using AWS API keys. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleARN")] - pub role_arn: Option, - /// SecretKey is the AWS API secret. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] - pub secret_key: Option, - /// TLS configuration to connect to the AWS EC2 API. - /// It requires Prometheus >= v2.41.0 + /// Role of the targets to retrieve. Must be `Services`, `Tasks`, or `Nodes`. + pub role: ScrapeConfigDockerSwarmSdConfigsRole, + /// TLS configuration to use on every scrape request #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, } -/// AccessKey is the AWS API key. +/// Authorization header configuration to authenticate against the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsAccessKey { +pub struct ScrapeConfigDockerSwarmSdConfigsAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Defines the authentication type. The value is case-insensitive. + /// + /// "Basic" is not a supported value. + /// + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3001,18 +3004,23 @@ pub struct ScrapeConfigEc2SdConfigsAccessKey { pub optional: Option, } -/// Filter name and value pairs to limit the discovery process to a subset of available resources. +/// Optional HTTP basic authentication information. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsFilters { - /// Name of the Filter. - pub name: String, - /// Value to filter on. - pub values: Vec, +pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuth { + /// `password` specifies a key of a Secret containing the password for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, } -/// SecretKeySelector selects a key of a Secret. +/// `password` specifies a key of a Secret containing the password for +/// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsProxyConnectHeader { +pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3027,9 +3035,10 @@ pub struct ScrapeConfigEc2SdConfigsProxyConnectHeader { pub optional: Option, } -/// SecretKey is the AWS API secret. +/// `username` specifies a key of a Secret containing the username for +/// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsSecretKey { +pub struct ScrapeConfigDockerSwarmSdConfigsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3044,51 +3053,79 @@ pub struct ScrapeConfigEc2SdConfigsSecretKey { pub optional: Option, } -/// TLS configuration to connect to the AWS EC2 API. -/// It requires Prometheus >= v2.41.0 +/// Filter name and value pairs to limit the discovery process to a subset of available resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfig { - /// Certificate authority used when verifying server certificates. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, - /// Client certificate to present when doing client-authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, - /// Disable target certificate validation. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] - pub insecure_skip_verify: Option, - /// Secret containing the client key file for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, - /// Maximum acceptable TLS version. +pub struct ScrapeConfigDockerSwarmSdConfigsFilters { + /// Name of the Filter. + pub name: String, + /// Value to filter on. + pub values: Vec, +} + +/// Optional OAuth 2.0 configuration. +/// Cannot be set at the same time as `authorization`, or `basicAuth`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the + /// OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigDockerSwarmSdConfigsOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 + /// client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigDockerSwarmSdConfigsOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token + /// URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. /// - /// It requires Prometheus >= v2.41.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, - /// Minimum acceptable TLS version. + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. /// - /// It requires Prometheus >= v2.35.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, - /// Used to verify the hostname for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] - pub server_name: Option, + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, } -/// Certificate authority used when verifying server certificates. +/// `clientId` specifies a key of a Secret or ConfigMap containing the +/// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfigCa { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3105,7 +3142,7 @@ pub struct ScrapeConfigEc2SdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3120,20 +3157,1182 @@ pub struct ScrapeConfigEc2SdConfigsTlsConfigCaSecret { pub optional: Option, } -/// Client certificate to present when doing client-authentication. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfigCert { - /// ConfigMap containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// Secret containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, -} - -/// ConfigMap containing data to use for the targets. +/// `clientSecret` specifies a key of a Secret containing the OAuth2 +/// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// DockerSwarmSDConfig configurations allow retrieving scrape targets from Docker Swarm engine. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsRole { + Services, + Tasks, + Nodes, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. +/// The private IP address is used by default, but may be changed to the public IP address with relabeling. +/// The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config +/// +/// The EC2 service discovery requires AWS API keys or role ARN for authentication. +/// BasicAuth, Authorization and OAuth2 fields are not present on purpose. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigs { + /// AccessKey is the AWS API key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] + pub access_key: Option, + /// Whether to enable HTTP2. + /// It requires Prometheus >= v2.41.0 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Filters can be used optionally to filter the instance list by other criteria. + /// Available filter criteria can be found here: + /// https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html + /// Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html + /// It requires Prometheus >= v2.3.0 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filters: Option>, + /// Configure whether HTTP requests follow HTTP 3xx redirects. + /// It requires Prometheus >= v2.41.0 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// The port to scrape metrics from. If using the public IP address, this must + /// instead be specified in the relabeling rule. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The AWS region. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub region: Option, + /// AWS Role ARN, an alternative to using AWS API keys. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleARN")] + pub role_arn: Option, + /// SecretKey is the AWS API secret. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] + pub secret_key: Option, + /// TLS configuration to connect to the AWS EC2 API. + /// It requires Prometheus >= v2.41.0 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, +} + +/// AccessKey is the AWS API key. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsAccessKey { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Filter name and value pairs to limit the discovery process to a subset of available resources. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsFilters { + /// Name of the Filter. + pub name: String, + /// Value to filter on. + pub values: Vec, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// SecretKey is the AWS API secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsSecretKey { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to connect to the AWS EC2 API. +/// It requires Prometheus >= v2.41.0 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEc2SdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to connect to the AWS EC2 API. +/// It requires Prometheus >= v2.41.0 +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigEc2SdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to connect to the AWS EC2 API. +/// It requires Prometheus >= v2.41.0 +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigEc2SdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// Eureka SD configurations allow retrieving scrape targets using the Eureka REST API. +/// Prometheus will periodically check the REST endpoint and create a target for every app instance. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigs { + /// Authorization header to use on every scrape request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub authorization: Option, + /// BasicAuth information to use on every scrape request. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] + pub basic_auth: Option, + /// Whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Configure whether HTTP requests follow HTTP 3xx redirects. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// Optional OAuth 2.0 configuration. + /// Cannot be set at the same time as `authorization` or `basic_auth`. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// Refresh interval to re-read the instance list. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The URL to connect to the Eureka server. + pub server: String, + /// TLS configuration applying to the target HTTP endpoint. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, +} + +/// Authorization header to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub credentials: Option, + /// Defines the authentication type. The value is case-insensitive. + /// + /// "Basic" is not a supported value. + /// + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// BasicAuth information to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsBasicAuth { + /// `password` specifies a key of a Secret containing the password for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub password: Option, + /// `username` specifies a key of a Secret containing the username for + /// authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub username: Option, +} + +/// `password` specifies a key of a Secret containing the password for +/// authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsBasicAuthPassword { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for +/// authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Optional OAuth 2.0 configuration. +/// Cannot be set at the same time as `authorization` or `basic_auth`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the + /// OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigEurekaSdConfigsOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 + /// client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigEurekaSdConfigsOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token + /// URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the +/// OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `clientSecret` specifies a key of a Secret containing the OAuth2 +/// client's secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3150,7 +4349,52 @@ pub struct ScrapeConfigEc2SdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3167,7 +4411,7 @@ pub struct ScrapeConfigEc2SdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEc2SdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigEurekaSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3182,10 +4426,22 @@ pub struct ScrapeConfigEc2SdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration to connect to the AWS EC2 API. -/// It requires Prometheus >= v2.41.0 +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigEc2SdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigEurekaSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigEurekaSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3196,31 +4452,83 @@ pub enum ScrapeConfigEc2SdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration to connect to the AWS EC2 API. -/// It requires Prometheus >= v2.41.0 +/// ScrapeConfigSpec is a specification of the desired configuration for a scrape configuration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigFallbackScrapeProtocol { + PrometheusProto, + #[serde(rename = "OpenMetricsText0.0.1")] + OpenMetricsText001, + #[serde(rename = "OpenMetricsText1.0.0")] + OpenMetricsText100, + #[serde(rename = "PrometheusText0.0.4")] + PrometheusText004, + #[serde(rename = "PrometheusText1.0.0")] + PrometheusText100, +} + +/// FileSDConfig defines a Prometheus file service discovery configuration +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigFileSdConfigs { + /// List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the + /// prometheus-operator project makes no guarantees about the working directory where the configuration file is + /// stored. + /// Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets. + pub files: Vec, + /// RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, +} + +/// GCESDConfig configures scrape targets from GCP GCE instances. +/// The private IP address is used by default, but may be changed to +/// the public IP address with relabeling. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config +/// +/// The GCE service discovery will load the Google Cloud credentials +/// from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. +/// See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform +/// +/// A pre-requisite for using GCESDConfig is that a Secret containing valid +/// Google Cloud credentials is mounted into the Prometheus or PrometheusAgent +/// pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS +/// environment variable is set to /etc/prometheus/secrets//. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigGceSdConfigs { + /// Filter can be used optionally to filter the instance list by other criteria + /// Syntax of this filter is described in the filter query parameter section: + /// https://cloud.google.com/compute/docs/reference/latest/instances/list + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filter: Option, + /// The port to scrape metrics from. If using the public IP address, this must + /// instead be specified in the relabeling rule. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// The Google Cloud Project ID + pub project: String, + /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// The tag separator is used to separate the tags on concatenation + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagSeparator")] + pub tag_separator: Option, + /// The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs. + pub zone: String, +} + +/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. +/// This service discovery uses the public IPv4 address by default, but that can be changed with relabeling +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigEc2SdConfigsTlsConfigMinVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - -/// Eureka SD configurations allow retrieving scrape targets using the Eureka REST API. -/// Prometheus will periodically check the REST endpoint and create a target for every app instance. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigs { - /// Authorization header to use on every scrape request. +pub struct ScrapeConfigHetznerSdConfigs { + /// Authorization header configuration, required when role is hcloud. + /// Role robot does not support bearer token authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// BasicAuth information to use on every scrape request. + pub authorization: Option, + /// BasicAuth information to use on every scrape request, required when role is robot. + /// Role hcloud does not support basic auth. #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, + pub basic_auth: Option, /// Whether to enable HTTP2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, @@ -3235,15 +4543,18 @@ pub struct ScrapeConfigEurekaSdConfigs { #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, /// Optional OAuth 2.0 configuration. - /// Cannot be set at the same time as `authorization` or `basic_auth`. + /// Cannot be used at the same time as `basic_auth` or `authorization`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, + pub oauth2: Option, + /// The port to scrape metrics from. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, /// ProxyConnectHeader optionally specifies headers to send to /// proxies during CONNECT requests. /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -3252,22 +4563,23 @@ pub struct ScrapeConfigEurekaSdConfigs { /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// Refresh interval to re-read the instance list. + /// The time after which the servers are refreshed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, - /// The URL to connect to the Eureka server. - pub server: String, - /// TLS configuration applying to the target HTTP endpoint. + /// The Hetzner role of entities that should be discovered. + pub role: ScrapeConfigHetznerSdConfigsRole, + /// TLS configuration to use on every scrape request. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, } -/// Authorization header to use on every scrape request. +/// Authorization header configuration, required when role is hcloud. +/// Role robot does not support bearer token authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsAuthorization { +pub struct ScrapeConfigHetznerSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// /// "Basic" is not a supported value. @@ -3279,7 +4591,7 @@ pub struct ScrapeConfigEurekaSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsAuthorizationCredentials { +pub struct ScrapeConfigHetznerSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3294,23 +4606,24 @@ pub struct ScrapeConfigEurekaSdConfigsAuthorizationCredentials { pub optional: Option, } -/// BasicAuth information to use on every scrape request. +/// BasicAuth information to use on every scrape request, required when role is robot. +/// Role hcloud does not support basic auth. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsBasicAuth { +pub struct ScrapeConfigHetznerSdConfigsBasicAuth { /// `password` specifies a key of a Secret containing the password for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, + pub password: Option, /// `username` specifies a key of a Secret containing the username for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, + pub username: Option, } /// `password` specifies a key of a Secret containing the password for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsBasicAuthPassword { +pub struct ScrapeConfigHetznerSdConfigsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3328,7 +4641,7 @@ pub struct ScrapeConfigEurekaSdConfigsBasicAuthPassword { /// `username` specifies a key of a Secret containing the username for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsBasicAuthUsername { +pub struct ScrapeConfigHetznerSdConfigsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3344,17 +4657,17 @@ pub struct ScrapeConfigEurekaSdConfigsBasicAuthUsername { } /// Optional OAuth 2.0 configuration. -/// Cannot be set at the same time as `authorization` or `basic_auth`. +/// Cannot be used at the same time as `basic_auth` or `authorization`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2 { +pub struct ScrapeConfigHetznerSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[serde(rename = "clientId")] - pub client_id: ScrapeConfigEurekaSdConfigsOauth2ClientId, + pub client_id: ScrapeConfigHetznerSdConfigsOauth2ClientId, /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigEurekaSdConfigsOauth2ClientSecret, + pub client_secret: ScrapeConfigHetznerSdConfigsOauth2ClientSecret, /// `endpointParams` configures the HTTP parameters to append to the token /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] @@ -3371,7 +4684,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2 { /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -3386,7 +4699,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2 { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -3395,18 +4708,18 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2ClientId { +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdConfigMap { +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3423,7 +4736,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdSecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3441,7 +4754,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2ClientIdSecret { /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2ClientSecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3458,7 +4771,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2ProxyConnectHeader { +pub struct ScrapeConfigHetznerSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3476,29 +4789,29 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2ProxyConnectHeader { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfig { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3506,18 +4819,18 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCa { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaConfigMap { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3534,7 +4847,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaSecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3551,18 +4864,18 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCert { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertConfigMap { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3579,7 +4892,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertSecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3596,7 +4909,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigKeySecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3614,7 +4927,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigKeySecret { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMaxVersion { +pub enum ScrapeConfigHetznerSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3628,7 +4941,7 @@ pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMaxVersion { /// TLS configuration to use when connecting to the OAuth2 server. /// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMinVersion { +pub enum ScrapeConfigHetznerSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3641,7 +4954,7 @@ pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMinVersion { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsProxyConnectHeader { +pub struct ScrapeConfigHetznerSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3656,31 +4969,46 @@ pub struct ScrapeConfigEurekaSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. +/// This service discovery uses the public IPv4 address by default, but that can be changed with relabeling +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHetznerSdConfigsRole { + #[serde(rename = "hcloud")] + Hcloud, + #[serde(rename = "Hcloud")] + HcloudX, + #[serde(rename = "robot")] + Robot, + #[serde(rename = "Robot")] + RobotX, +} + +/// TLS configuration to use on every scrape request. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfig { +pub struct ScrapeConfigHetznerSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3688,18 +5016,18 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCa { +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3716,7 +5044,7 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3733,18 +5061,18 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCert { +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3761,7 +5089,7 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3778,7 +5106,7 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigHetznerSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3793,9 +5121,9 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use on every scrape request. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigEurekaSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigHetznerSdConfigsTlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3806,82 +5134,32 @@ pub enum ScrapeConfigEurekaSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use on every scrape request. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigEurekaSdConfigsTlsConfigMinVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - -/// FileSDConfig defines a Prometheus file service discovery configuration -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigFileSdConfigs { - /// List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the - /// prometheus-operator project makes no guarantees about the working directory where the configuration file is - /// stored. - /// Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets. - pub files: Vec, - /// RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, -} - -/// GCESDConfig configures scrape targets from GCP GCE instances. -/// The private IP address is used by default, but may be changed to -/// the public IP address with relabeling. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config -/// -/// The GCE service discovery will load the Google Cloud credentials -/// from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. -/// See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform -/// -/// A pre-requisite for using GCESDConfig is that a Secret containing valid -/// Google Cloud credentials is mounted into the Prometheus or PrometheusAgent -/// pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS -/// environment variable is set to /etc/prometheus/secrets//. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigGceSdConfigs { - /// Filter can be used optionally to filter the instance list by other criteria - /// Syntax of this filter is described in the filter query parameter section: - /// https://cloud.google.com/compute/docs/reference/latest/instances/list - #[serde(default, skip_serializing_if = "Option::is_none")] - pub filter: Option, - /// The port to scrape metrics from. If using the public IP address, this must - /// instead be specified in the relabeling rule. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// The Google Cloud Project ID - pub project: String, - /// RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// The tag separator is used to separate the tags on concatenation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagSeparator")] - pub tag_separator: Option, - /// The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs. - pub zone: String, +pub enum ScrapeConfigHetznerSdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, } -/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. -/// This service discovery uses the public IPv4 address by default, but that can be changed with relabeling -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigs { - /// Authorization header configuration, required when role is hcloud. - /// Role robot does not support bearer token authentication. +/// HTTPSDConfig defines a prometheus HTTP service discovery configuration +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHttpSdConfigs { + /// Authorization header configuration to authenticate against the target HTTP endpoint. + /// Cannot be set at the same time as `oAuth2`, or `basicAuth`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// BasicAuth information to use on every scrape request, required when role is robot. - /// Role hcloud does not support basic auth. + pub authorization: Option, + /// BasicAuth information to authenticate against the target HTTP endpoint. + /// More info: https://prometheus.io/docs/operating/configuration/#endpoints + /// Cannot be set at the same time as `authorization`, or `oAuth2`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, + pub basic_auth: Option, /// Whether to enable HTTP2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] pub enable_http2: Option, @@ -3895,19 +5173,16 @@ pub struct ScrapeConfigHetznerSdConfigs { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, - /// Optional OAuth 2.0 configuration. - /// Cannot be used at the same time as `basic_auth` or `authorization`. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, - /// The port to scrape metrics from. + /// Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + /// Cannot be set at the same time as `authorization`, or `basicAuth`. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, + pub oauth2: Option, /// ProxyConnectHeader optionally specifies headers to send to /// proxies during CONNECT requests. /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. @@ -3916,23 +5191,24 @@ pub struct ScrapeConfigHetznerSdConfigs { /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, - /// The time after which the servers are refreshed. + /// RefreshInterval configures the refresh interval at which Prometheus will re-query the + /// endpoint to update the target list. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] pub refresh_interval: Option, - /// The Hetzner role of entities that should be discovered. - pub role: ScrapeConfigHetznerSdConfigsRole, - /// TLS configuration to use on every scrape request. + /// TLS configuration applying to the target HTTP endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, + pub tls_config: Option, + /// URL from which the targets are fetched. + pub url: String, } -/// Authorization header configuration, required when role is hcloud. -/// Role robot does not support bearer token authentication. +/// Authorization header configuration to authenticate against the target HTTP endpoint. +/// Cannot be set at the same time as `oAuth2`, or `basicAuth`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsAuthorization { +pub struct ScrapeConfigHttpSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, + pub credentials: Option, /// Defines the authentication type. The value is case-insensitive. /// /// "Basic" is not a supported value. @@ -3944,7 +5220,7 @@ pub struct ScrapeConfigHetznerSdConfigsAuthorization { /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsAuthorizationCredentials { +pub struct ScrapeConfigHttpSdConfigsAuthorizationCredentials { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3959,24 +5235,25 @@ pub struct ScrapeConfigHetznerSdConfigsAuthorizationCredentials { pub optional: Option, } -/// BasicAuth information to use on every scrape request, required when role is robot. -/// Role hcloud does not support basic auth. +/// BasicAuth information to authenticate against the target HTTP endpoint. +/// More info: https://prometheus.io/docs/operating/configuration/#endpoints +/// Cannot be set at the same time as `authorization`, or `oAuth2`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsBasicAuth { +pub struct ScrapeConfigHttpSdConfigsBasicAuth { /// `password` specifies a key of a Secret containing the password for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, + pub password: Option, /// `username` specifies a key of a Secret containing the username for /// authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, + pub username: Option, } /// `password` specifies a key of a Secret containing the password for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsBasicAuthPassword { +pub struct ScrapeConfigHttpSdConfigsBasicAuthPassword { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3994,7 +5271,7 @@ pub struct ScrapeConfigHetznerSdConfigsBasicAuthPassword { /// `username` specifies a key of a Secret containing the username for /// authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsBasicAuthUsername { +pub struct ScrapeConfigHttpSdConfigsBasicAuthUsername { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4009,18 +5286,18 @@ pub struct ScrapeConfigHetznerSdConfigsBasicAuthUsername { pub optional: Option, } -/// Optional OAuth 2.0 configuration. -/// Cannot be used at the same time as `basic_auth` or `authorization`. +/// Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. +/// Cannot be set at the same time as `authorization`, or `basicAuth`. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2 { +pub struct ScrapeConfigHttpSdConfigsOauth2 { /// `clientId` specifies a key of a Secret or ConfigMap containing the /// OAuth2 client's ID. #[serde(rename = "clientId")] - pub client_id: ScrapeConfigHetznerSdConfigsOauth2ClientId, + pub client_id: ScrapeConfigHttpSdConfigsOauth2ClientId, /// `clientSecret` specifies a key of a Secret containing the OAuth2 /// client's secret. #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigHetznerSdConfigsOauth2ClientSecret, + pub client_secret: ScrapeConfigHttpSdConfigsOauth2ClientSecret, /// `endpointParams` configures the HTTP parameters to append to the token /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] @@ -4037,198 +5314,42 @@ pub struct ScrapeConfigHetznerSdConfigsOauth2 { /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, + pub proxy_connect_header: Option>, /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, /// `proxyURL` defines the HTTP proxy server to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, - /// `scopes` defines the OAuth2 scopes used for the token request. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scopes: Option>, - /// TLS configuration to use when connecting to the OAuth2 server. - /// It requires Prometheus >= v2.43.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, - /// `tokenURL` configures the URL to fetch the token from. - #[serde(rename = "tokenUrl")] - pub token_url: String, -} - -/// `clientId` specifies a key of a Secret or ConfigMap containing the -/// OAuth2 client's ID. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2ClientId { - /// ConfigMap containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// Secret containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, -} - -/// ConfigMap containing data to use for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2ClientIdConfigMap { - /// The key to select. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Secret containing data to use for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2ClientIdSecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// `clientSecret` specifies a key of a Secret containing the OAuth2 -/// client's secret. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2ClientSecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// SecretKeySelector selects a key of a Secret. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2ProxyConnectHeader { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// TLS configuration to use when connecting to the OAuth2 server. -/// It requires Prometheus >= v2.43.0. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfig { - /// Certificate authority used when verifying server certificates. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, - /// Client certificate to present when doing client-authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, - /// Disable target certificate validation. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] - pub insecure_skip_verify: Option, - /// Secret containing the client key file for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, - /// Maximum acceptable TLS version. - /// - /// It requires Prometheus >= v2.41.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, - /// Minimum acceptable TLS version. - /// - /// It requires Prometheus >= v2.35.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, - /// Used to verify the hostname for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] - pub server_name: Option, -} - -/// Certificate authority used when verifying server certificates. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCa { - /// ConfigMap containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// Secret containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, -} - -/// ConfigMap containing data to use for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCaConfigMap { - /// The key to select. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Secret containing data to use for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCaSecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, + pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, } -/// Client certificate to present when doing client-authentication. +/// `clientId` specifies a key of a Secret or ConfigMap containing the +/// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCert { +pub struct ScrapeConfigHttpSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertConfigMap { +pub struct ScrapeConfigHttpSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4245,7 +5366,7 @@ pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertSecret { +pub struct ScrapeConfigHttpSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4260,9 +5381,10 @@ pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertSecret { pub optional: Option, } -/// Secret containing the client key file for the targets. +/// `clientSecret` specifies a key of a Secret containing the OAuth2 +/// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigKeySecret { +pub struct ScrapeConfigHttpSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4277,37 +5399,9 @@ pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigKeySecret { pub optional: Option, } -/// TLS configuration to use when connecting to the OAuth2 server. -/// It requires Prometheus >= v2.43.0. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHetznerSdConfigsOauth2TlsConfigMaxVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - -/// TLS configuration to use when connecting to the OAuth2 server. -/// It requires Prometheus >= v2.43.0. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHetznerSdConfigsOauth2TlsConfigMinVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsProxyConnectHeader { +pub struct ScrapeConfigHttpSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4322,46 +5416,32 @@ pub struct ScrapeConfigHetznerSdConfigsProxyConnectHeader { pub optional: Option, } -/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. -/// This service discovery uses the public IPv4 address by default, but that can be changed with relabeling -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHetznerSdConfigsRole { - #[serde(rename = "hcloud")] - Hcloud, - #[serde(rename = "Hcloud")] - HcloudX, - #[serde(rename = "robot")] - Robot, - #[serde(rename = "Robot")] - RobotX, -} - -/// TLS configuration to use on every scrape request. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfig { +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -4369,18 +5449,18 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCa { +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4397,7 +5477,7 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4414,167 +5494,19 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCert { - /// ConfigMap containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// Secret containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, -} - -/// ConfigMap containing data to use for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertConfigMap { - /// The key to select. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Secret containing data to use for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertSecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Secret containing the client key file for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigKeySecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// TLS configuration to use on every scrape request. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHetznerSdConfigsTlsConfigMaxVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - -/// TLS configuration to use on every scrape request. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHetznerSdConfigsTlsConfigMinVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - -/// HTTPSDConfig defines a prometheus HTTP service discovery configuration -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigs { - /// Authorization header configuration to authenticate against the target HTTP endpoint. - /// Cannot be set at the same time as `oAuth2`, or `basicAuth`. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub authorization: Option, - /// BasicAuth information to authenticate against the target HTTP endpoint. - /// More info: https://prometheus.io/docs/operating/configuration/#endpoints - /// Cannot be set at the same time as `authorization`, or `oAuth2`. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "basicAuth")] - pub basic_auth: Option, - /// Whether to enable HTTP2. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] - pub enable_http2: Option, - /// Configure whether HTTP requests follow HTTP 3xx redirects. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] - pub follow_redirects: Option, - /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names - /// that should be excluded from proxying. IP and domain names can - /// contain port numbers. - /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] - pub no_proxy: Option, - /// Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. - /// Cannot be set at the same time as `authorization`, or `basicAuth`. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub oauth2: Option, - /// ProxyConnectHeader optionally specifies headers to send to - /// proxies during CONNECT requests. - /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, - /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). - /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] - pub proxy_from_environment: Option, - /// `proxyURL` defines the HTTP proxy server to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, - /// RefreshInterval configures the refresh interval at which Prometheus will re-query the - /// endpoint to update the target list. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// TLS configuration applying to the target HTTP endpoint. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, - /// URL from which the targets are fetched. - pub url: String, -} - -/// Authorization header configuration to authenticate against the target HTTP endpoint. -/// Cannot be set at the same time as `oAuth2`, or `basicAuth`. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsAuthorization { - /// Selects a key of a Secret in the namespace that contains the credentials for authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, - /// Defines the authentication type. The value is case-insensitive. - /// - /// "Basic" is not a supported value. - /// - /// Default: "Bearer" - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, } -/// Selects a key of a Secret in the namespace that contains the credentials for authentication. +/// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsAuthorizationCredentials { - /// The key of the secret to select from. Must be a valid secret key. +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. pub key: String, /// Name of the referent. /// This field is effectively required, but due to backwards compatibility is @@ -4583,30 +5515,31 @@ pub struct ScrapeConfigHttpSdConfigsAuthorizationCredentials { /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// BasicAuth information to authenticate against the target HTTP endpoint. -/// More info: https://prometheus.io/docs/operating/configuration/#endpoints -/// Cannot be set at the same time as `authorization`, or `oAuth2`. +/// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsBasicAuth { - /// `password` specifies a key of a Secret containing the password for - /// authentication. +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] - pub password: Option, - /// `username` specifies a key of a Secret containing the username for - /// authentication. + pub name: Option, + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] - pub username: Option, + pub optional: Option, } -/// `password` specifies a key of a Secret containing the password for -/// authentication. +/// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsBasicAuthPassword { +pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4621,10 +5554,37 @@ pub struct ScrapeConfigHttpSdConfigsBasicAuthPassword { pub optional: Option, } -/// `username` specifies a key of a Secret containing the username for -/// authentication. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHttpSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHttpSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsBasicAuthUsername { +pub struct ScrapeConfigHttpSdConfigsProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4639,70 +5599,50 @@ pub struct ScrapeConfigHttpSdConfigsBasicAuthUsername { pub optional: Option, } -/// Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. -/// Cannot be set at the same time as `authorization`, or `basicAuth`. +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2 { - /// `clientId` specifies a key of a Secret or ConfigMap containing the - /// OAuth2 client's ID. - #[serde(rename = "clientId")] - pub client_id: ScrapeConfigHttpSdConfigsOauth2ClientId, - /// `clientSecret` specifies a key of a Secret containing the OAuth2 - /// client's secret. - #[serde(rename = "clientSecret")] - pub client_secret: ScrapeConfigHttpSdConfigsOauth2ClientSecret, - /// `endpointParams` configures the HTTP parameters to append to the token - /// URL. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] - pub endpoint_params: Option>, - /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names - /// that should be excluded from proxying. IP and domain names can - /// contain port numbers. - /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] - pub no_proxy: Option, - /// ProxyConnectHeader optionally specifies headers to send to - /// proxies during CONNECT requests. +pub struct ScrapeConfigHttpSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, - /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] - pub proxy_from_environment: Option, - /// `proxyURL` defines the HTTP proxy server to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, - /// `scopes` defines the OAuth2 scopes used for the token request. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scopes: Option>, - /// TLS configuration to use when connecting to the OAuth2 server. - /// It requires Prometheus >= v2.43.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, - /// `tokenURL` configures the URL to fetch the token from. - #[serde(rename = "tokenUrl")] - pub token_url: String, + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, } -/// `clientId` specifies a key of a Secret or ConfigMap containing the -/// OAuth2 client's ID. +/// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2ClientId { +pub struct ScrapeConfigHttpSdConfigsTlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2ClientIdConfigMap { +pub struct ScrapeConfigHttpSdConfigsTlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4719,7 +5659,7 @@ pub struct ScrapeConfigHttpSdConfigsOauth2ClientIdConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2ClientIdSecret { +pub struct ScrapeConfigHttpSdConfigsTlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4734,10 +5674,37 @@ pub struct ScrapeConfigHttpSdConfigsOauth2ClientIdSecret { pub optional: Option, } -/// `clientSecret` specifies a key of a Secret containing the OAuth2 -/// client's secret. +/// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2ClientSecret { +pub struct ScrapeConfigHttpSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHttpSdConfigsTlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4752,9 +5719,9 @@ pub struct ScrapeConfigHttpSdConfigsOauth2ClientSecret { pub optional: Option, } -/// SecretKeySelector selects a key of a Secret. +/// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2ProxyConnectHeader { +pub struct ScrapeConfigHttpSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4769,52 +5736,101 @@ pub struct ScrapeConfigHttpSdConfigsOauth2ProxyConnectHeader { pub optional: Option, } -/// TLS configuration to use when connecting to the OAuth2 server. -/// It requires Prometheus >= v2.43.0. +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHttpSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHttpSdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// IonosSDConfig configurations allow retrieving scrape targets from IONOS resources. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ionos_sd_config #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfig { - /// Certificate authority used when verifying server certificates. +pub struct ScrapeConfigIonosSdConfigs { + /// Authorization` header configuration, required when using IONOS. + pub authorization: ScrapeConfigIonosSdConfigsAuthorization, + /// The unique ID of the IONOS data center. + #[serde(rename = "datacenterID")] + pub datacenter_id: String, + /// Configure whether to enable HTTP2. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] + pub enable_http2: Option, + /// Configure whether the HTTP requests should follow HTTP 3xx redirects. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] + pub follow_redirects: Option, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// Configure whether to enable OAuth2. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, - /// Client certificate to present when doing client-authentication. + pub oauth2: Option, + /// Port to scrape the metrics from. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, - /// Disable target certificate validation. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] - pub insecure_skip_verify: Option, - /// Secret containing the client key file for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, - /// Maximum acceptable TLS version. + pub port: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. /// - /// It requires Prometheus >= v2.41.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, - /// Minimum acceptable TLS version. + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). /// - /// It requires Prometheus >= v2.35.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, - /// Used to verify the hostname for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] - pub server_name: Option, + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// Refresh interval to re-read the list of resources. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] + pub refresh_interval: Option, + /// TLS configuration to use when connecting to the IONOS API. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, } -/// Certificate authority used when verifying server certificates. +/// Authorization` header configuration, required when using IONOS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCa { - /// ConfigMap containing data to use for the targets. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// Secret containing data to use for the targets. +pub struct ScrapeConfigIonosSdConfigsAuthorization { + /// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub credentials: Option, + /// Defines the authentication type. The value is case-insensitive. + /// + /// "Basic" is not a supported value. + /// + /// Default: "Bearer" + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, } -/// ConfigMap containing data to use for the targets. +/// Selects a key of a Secret in the namespace that contains the credentials for authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCaConfigMap { - /// The key to select. +pub struct ScrapeConfigIonosSdConfigsAuthorizationCredentials { + /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. /// This field is effectively required, but due to backwards compatibility is @@ -4823,42 +5839,74 @@ pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCaConfigMap { /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the ConfigMap or its key must be defined + /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// Secret containing data to use for the targets. +/// Configure whether to enable OAuth2. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCaSecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined +pub struct ScrapeConfigIonosSdConfigsOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the + /// OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigIonosSdConfigsOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 + /// client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigIonosSdConfigsOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token + /// URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// + /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, + pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, } -/// Client certificate to present when doing client-authentication. +/// `clientId` specifies a key of a Secret or ConfigMap containing the +/// OAuth2 client's ID. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCert { +pub struct ScrapeConfigIonosSdConfigsOauth2ClientId { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCertConfigMap { +pub struct ScrapeConfigIonosSdConfigsOauth2ClientIdConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4875,7 +5923,7 @@ pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCertSecret { +pub struct ScrapeConfigIonosSdConfigsOauth2ClientIdSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4890,9 +5938,10 @@ pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigCertSecret { pub optional: Option, } -/// Secret containing the client key file for the targets. +/// `clientSecret` specifies a key of a Secret containing the OAuth2 +/// client's secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigKeySecret { +pub struct ScrapeConfigIonosSdConfigsOauth2ClientSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4907,37 +5956,9 @@ pub struct ScrapeConfigHttpSdConfigsOauth2TlsConfigKeySecret { pub optional: Option, } -/// TLS configuration to use when connecting to the OAuth2 server. -/// It requires Prometheus >= v2.43.0. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHttpSdConfigsOauth2TlsConfigMaxVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - -/// TLS configuration to use when connecting to the OAuth2 server. -/// It requires Prometheus >= v2.43.0. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHttpSdConfigsOauth2TlsConfigMinVersion { - #[serde(rename = "TLS10")] - Tls10, - #[serde(rename = "TLS11")] - Tls11, - #[serde(rename = "TLS12")] - Tls12, - #[serde(rename = "TLS13")] - Tls13, -} - /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsProxyConnectHeader { +pub struct ScrapeConfigIonosSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4952,31 +5973,32 @@ pub struct ScrapeConfigHttpSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfig { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -4984,18 +6006,18 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCa { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5012,7 +6034,7 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5029,18 +6051,18 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCert { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5057,7 +6079,7 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5074,7 +6096,7 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHttpSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigIonosSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5089,9 +6111,10 @@ pub struct ScrapeConfigHttpSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHttpSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigIonosSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5102,9 +6125,10 @@ pub enum ScrapeConfigHttpSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHttpSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigIonosSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5115,85 +6139,6 @@ pub enum ScrapeConfigHttpSdConfigsTlsConfigMinVersion { Tls13, } -/// IonosSDConfig configurations allow retrieving scrape targets from IONOS resources. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ionos_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigIonosSdConfigs { - /// Authorization` header configuration, required when using IONOS. - pub authorization: ScrapeConfigIonosSdConfigsAuthorization, - /// The unique ID of the IONOS data center. - #[serde(rename = "datacenterID")] - pub datacenter_id: String, - /// Configure whether to enable HTTP2. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTP2")] - pub enable_http2: Option, - /// Configure whether the HTTP requests should follow HTTP 3xx redirects. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] - pub follow_redirects: Option, - /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names - /// that should be excluded from proxying. IP and domain names can - /// contain port numbers. - /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] - pub no_proxy: Option, - /// Port to scrape the metrics from. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// ProxyConnectHeader optionally specifies headers to send to - /// proxies during CONNECT requests. - /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] - pub proxy_connect_header: Option>, - /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). - /// - /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] - pub proxy_from_environment: Option, - /// `proxyURL` defines the HTTP proxy server to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, - /// Refresh interval to re-read the list of resources. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] - pub refresh_interval: Option, - /// TLS configuration to use when connecting to the IONOS API. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] - pub tls_config: Option, -} - -/// Authorization` header configuration, required when using IONOS. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigIonosSdConfigsAuthorization { - /// Selects a key of a Secret in the namespace that contains the credentials for authentication. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub credentials: Option, - /// Defines the authentication type. The value is case-insensitive. - /// - /// "Basic" is not a supported value. - /// - /// Default: "Bearer" - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// Selects a key of a Secret in the namespace that contains the credentials for authentication. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigIonosSdConfigsAuthorizationCredentials { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScrapeConfigIonosSdConfigsProxyConnectHeader { @@ -8955,7 +9900,7 @@ pub struct ScrapeConfigOpenstackSdConfigs { /// The port to scrape metrics from. If using the public IP address, this must /// instead be specified in the relabeling rule. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, + pub port: Option, /// ProjectID #[serde(default, skip_serializing_if = "Option::is_none", rename = "projectID")] pub project_id: Option, @@ -8971,6 +9916,8 @@ pub struct ScrapeConfigOpenstackSdConfigs { /// The OpenStack Region. pub region: String, /// The OpenStack role of entities that should be discovered. + /// + /// Note: The `LoadBalancer` role requires Prometheus >= v3.2.0. pub role: ScrapeConfigOpenstackSdConfigsRole, /// TLS configuration applying to the target HTTP endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] @@ -9047,6 +9994,7 @@ pub enum ScrapeConfigOpenstackSdConfigsRole { Hypervisor, #[serde(rename = "hypervisor")] HypervisorX, + LoadBalancer, } /// TLS configuration applying to the target HTTP endpoint. diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs index 4390888e8..81b9b228d 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs @@ -243,9 +243,14 @@ pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -1134,9 +1139,14 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -1840,9 +1850,14 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -2563,9 +2578,14 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -3301,9 +3321,14 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -4067,9 +4092,14 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -4726,9 +4756,14 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -5461,9 +5496,14 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -6148,9 +6188,14 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -6790,9 +6835,14 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -7435,9 +7485,14 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, @@ -8114,9 +8169,14 @@ pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfig { /// It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] pub proxy_from_environment: Option, + /// Optional proxy URL. + /// + /// If defined, this field takes precedence over `proxyUrl`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyURL")] + pub proxy_url: Option, /// `proxyURL` defines the HTTP proxy server to use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] - pub proxy_url: Option, + pub proxy_url_x: Option, /// TLS configuration for the client. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, diff --git a/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs b/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs index 8f506ed39..44671c4d0 100644 --- a/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs +++ b/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs @@ -20,64 +20,114 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct BrokerSpec { + /// Optional. The authentication strategy used to secure the broker. The default + /// is SIMPLE. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authenticationStrategy")] pub authentication_strategy: Option, - #[serde(rename = "autoMinorVersionUpgrade")] - pub auto_minor_version_upgrade: bool, - /// A list of information about the configuration. + /// Enables automatic upgrades to new patch versions for brokers as new versions + /// are released and supported by Amazon MQ. Automatic upgrades occur during + /// the scheduled maintenance window or after a manual broker reboot. Set to + /// true by default, if no value is specified. /// - /// Does not apply to RabbitMQ brokers. + /// Must be set to true for ActiveMQ brokers version 5.18 and above and for RabbitMQ + /// brokers version 3.13 and above. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoMinorVersionUpgrade")] + pub auto_minor_version_upgrade: Option, + /// A list of information about the configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option, + /// The unique ID that the requester receives for the created broker. Amazon + /// MQ passes your ID with the API action. + /// + /// We recommend using a Universally Unique Identifier (UUID) for the creatorRequestId. + /// You may omit the creatorRequestId if your application doesn't require idempotency. #[serde(default, skip_serializing_if = "Option::is_none", rename = "creatorRequestID")] pub creator_request_id: Option, + /// Required. The broker's deployment mode. #[serde(rename = "deploymentMode")] pub deployment_mode: String, - /// Does not apply to RabbitMQ brokers. - /// /// Encryption options for the broker. #[serde(default, skip_serializing_if = "Option::is_none", rename = "encryptionOptions")] pub encryption_options: Option, + /// Required. The type of broker engine. Currently, Amazon MQ supports ACTIVEMQ + /// and RABBITMQ. #[serde(rename = "engineType")] pub engine_type: String, - #[serde(rename = "engineVersion")] - pub engine_version: String, + /// The broker engine version. Defaults to the latest available version for the + /// specified broker engine type. For more information, see the ActiveMQ version + /// management (https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/activemq-version-management.html) + /// and the RabbitMQ version management (https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/rabbitmq-version-management.html) + /// sections in the Amazon MQ Developer Guide. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineVersion")] + pub engine_version: Option, + /// Required. The broker's instance type. #[serde(rename = "hostInstanceType")] pub host_instance_type: String, /// Optional. The metadata of the LDAP server used to authenticate and authorize - /// connections to the broker. - /// - /// Does not apply to RabbitMQ brokers. + /// connections to the broker. Does not apply to RabbitMQ brokers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ldapServerMetadata")] pub ldap_server_metadata: Option, - /// The list of information about logs to be enabled for the specified broker. + /// Enables Amazon CloudWatch logging for brokers. #[serde(default, skip_serializing_if = "Option::is_none")] pub logs: Option, - /// The scheduled time period relative to UTC during which Amazon MQ begins to - /// apply pending updates or patches to the broker. + /// The parameters that determine the WeeklyStartTime. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maintenanceWindowStartTime")] pub maintenance_window_start_time: Option, + /// Required. The broker's name. This value must be unique in your Amazon Web + /// Services account, 1-50 characters long, must contain only letters, numbers, + /// dashes, and underscores, and must not contain white spaces, brackets, wildcard + /// characters, or special characters. + /// + /// Do not add personally identifiable information (PII) or other confidential + /// or sensitive information in broker names. Broker names are accessible to + /// other Amazon Web Services services, including CloudWatch Logs. Broker names + /// are not intended to be used for private or sensitive data. pub name: String, + /// Enables connections from applications outside of the VPC that hosts the broker's + /// subnets. Set to false by default, if no value is provided. #[serde(rename = "publiclyAccessible")] pub publicly_accessible: bool, #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupRefs")] pub security_group_refs: Option>, + /// The list of rules (1 minimum, 125 maximum) that authorize connections to + /// brokers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroups")] pub security_groups: Option>, + /// The broker's storage type. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageType")] pub storage_type: Option, + /// The list of groups that define which subnets and IP ranges the broker can + /// use from different Availability Zones. If you specify more than one subnet, + /// the subnets must be in different Availability Zones. Amazon MQ will not be + /// able to create VPC endpoints for your broker with multiple subnets in the + /// same Availability Zone. A SINGLE_INSTANCE deployment requires one subnet + /// (for example, the default subnet). An ACTIVE_STANDBY_MULTI_AZ Amazon MQ for + /// ActiveMQ deployment requires two subnets. A CLUSTER_MULTI_AZ Amazon MQ for + /// RabbitMQ deployment has no subnet requirements when deployed with public + /// accessibility. Deployment without public accessibility requires at least + /// one subnet. + /// + /// If you specify subnets in a shared VPC (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html) + /// for a RabbitMQ broker, the associated VPC to which the specified subnets + /// belong must be owned by your Amazon Web Services account. Amazon MQ will + /// not be able to create VPC endpoints in VPCs that are not owned by your Amazon + /// Web Services account. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetIDs")] pub subnet_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetRefs")] pub subnet_refs: Option>, + /// Create tags when creating the broker. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, + /// The list of broker users (persons or applications) who can access queues + /// and topics. For Amazon MQ for RabbitMQ brokers, one and only one administrative + /// user is accepted and created when a broker is first provisioned. All subsequent + /// broker users are created by making RabbitMQ API calls directly to brokers + /// or via the RabbitMQ web console. pub users: Vec, } /// A list of information about the configuration. -/// -/// Does not apply to RabbitMQ brokers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BrokerConfiguration { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -86,8 +136,6 @@ pub struct BrokerConfiguration { pub revision: Option, } -/// Does not apply to RabbitMQ brokers. -/// /// Encryption options for the broker. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BrokerEncryptionOptions { @@ -98,9 +146,7 @@ pub struct BrokerEncryptionOptions { } /// Optional. The metadata of the LDAP server used to authenticate and authorize -/// connections to the broker. -/// -/// Does not apply to RabbitMQ brokers. +/// connections to the broker. Does not apply to RabbitMQ brokers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BrokerLdapServerMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -127,7 +173,7 @@ pub struct BrokerLdapServerMetadata { pub user_search_subtree: Option, } -/// The list of information about logs to be enabled for the specified broker. +/// Enables Amazon CloudWatch logging for brokers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BrokerLogs { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -136,8 +182,7 @@ pub struct BrokerLogs { pub general: Option, } -/// The scheduled time period relative to UTC during which Amazon MQ begins to -/// apply pending updates or patches to the broker. +/// The parameters that determine the WeeklyStartTime. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BrokerMaintenanceWindowStartTime { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dayOfWeek")] @@ -198,10 +243,10 @@ pub struct BrokerSubnetRefsFrom { pub namespace: Option, } -/// A user associated with the broker. For RabbitMQ brokers, one and only one -/// administrative user is accepted and created when a broker is first provisioned. -/// All subsequent broker users are created by making RabbitMQ API calls directly -/// to brokers or via the RabbitMQ web console. +/// A user associated with the broker. For Amazon MQ for RabbitMQ brokers, one +/// and only one administrative user is accepted and created when a broker is +/// first provisioned. All subsequent broker users are created by making RabbitMQ +/// API calls directly to brokers or via the RabbitMQ web console. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BrokerUsers { #[serde(default, skip_serializing_if = "Option::is_none", rename = "consoleAccess")] @@ -238,13 +283,16 @@ pub struct BrokerStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, + /// The unique ID that Amazon MQ generates for the broker. #[serde(default, skip_serializing_if = "Option::is_none", rename = "brokerID")] pub broker_id: Option, + /// A list of information about allocated brokers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "brokerInstances")] pub broker_instances: Option>, + /// The broker's status. #[serde(default, skip_serializing_if = "Option::is_none", rename = "brokerState")] pub broker_state: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/multicluster_x_k8s_io/v1alpha1/serviceexports.rs b/kube-custom-resources-rs/src/multicluster_x_k8s_io/v1alpha1/serviceexports.rs index 6d5c29c24..044fb53d8 100644 --- a/kube-custom-resources-rs/src/multicluster_x_k8s_io/v1alpha1/serviceexports.rs +++ b/kube-custom-resources-rs/src/multicluster_x_k8s_io/v1alpha1/serviceexports.rs @@ -6,10 +6,28 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; + pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; +/// spec defines the behavior of a ServiceExport. +#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +#[kube(group = "multicluster.x-k8s.io", version = "v1alpha1", kind = "ServiceExport", plural = "serviceexports")] +#[kube(namespaced)] +#[kube(status = "ServiceExportStatus")] +#[kube(schema = "disabled")] +#[kube(derive="Default")] +#[kube(derive="PartialEq")] +pub struct ServiceExportSpec { + /// exportedAnnotations describes the annotations exported. It is optional for implementation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "exportedAnnotations")] + pub exported_annotations: Option>, + /// exportedLabels describes the labels exported. It is optional for implementation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "exportedLabels")] + pub exported_labels: Option>, +} + /// status describes the current state of an exported service. /// Service configuration comes from the Service that had the same /// name and namespace as this ServiceExport. diff --git a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewallpolicies.rs b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewallpolicies.rs index 47426ec30..cf484325a 100644 --- a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewallpolicies.rs +++ b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewallpolicies.rs @@ -224,7 +224,7 @@ pub struct FirewallPolicyStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs index 7c263896b..11b7face3 100644 --- a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs +++ b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs @@ -55,6 +55,10 @@ pub struct FirewallSpec { /// a firewall, the operation initializes this setting to TRUE. #[serde(default, skip_serializing_if = "Option::is_none", rename = "firewallPolicyChangeProtection")] pub firewall_policy_change_protection: Option, + /// Defines how Network Firewall performs logging for a firewall. If you omit + /// this setting, Network Firewall disables logging for the firewall. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "loggingConfiguration")] + pub logging_configuration: Option, /// A setting indicating whether the firewall is protected against changes to /// the subnet associations. Use this setting to protect against accidentally /// modifying the subnet associations for a firewall that is in use. When you @@ -86,6 +90,30 @@ pub struct FirewallEncryptionConfiguration { pub r#type: Option, } +/// Defines how Network Firewall performs logging for a firewall. If you omit +/// this setting, Network Firewall disables logging for the firewall. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FirewallLoggingConfiguration { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logDestinationConfigs")] + pub log_destination_configs: Option>, +} + +/// Defines where Network Firewall sends logs for the firewall for one log type. +/// This is used in LoggingConfiguration. You can send each type of log to an +/// Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream. +/// +/// Network Firewall generates logs for stateful rule groups. You can save alert, +/// flow, and TLS log types. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FirewallLoggingConfigurationLogDestinationConfigs { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logDestination")] + pub log_destination: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logDestinationType")] + pub log_destination_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logType")] + pub log_type: Option, +} + /// The ID for a subnet that you want to associate with the firewall. This is /// used with CreateFirewall and AssociateSubnets. Network Firewall creates an /// instance of the associated firewall in each subnet that you specify, to filter @@ -119,7 +147,7 @@ pub struct FirewallStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/rulegroups.rs b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/rulegroups.rs index 30522be89..e9a1d8106 100644 --- a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/rulegroups.rs +++ b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/rulegroups.rs @@ -111,14 +111,14 @@ pub struct RuleGroupSpec { #[serde(rename = "ruleGroupName")] pub rule_group_name: String, /// A string containing stateful rule group rules specifications in Suricata - /// flat format, with one rule per line. Use this to import your existing Suricata + /// flat format, with one ruleper line. Use this to import your existing Suricata /// compatible rule groups. /// /// You must provide either this rules setting or a populated RuleGroup setting, /// but not both. /// /// You can provide your rule group specification in Suricata flat format through - /// this setting when you create or update your rule group. The call response + /// this setting when you create or update your rule group. The callresponse /// returns a RuleGroup object that Network Firewall has populated from your /// string. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -132,7 +132,7 @@ pub struct RuleGroupSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, /// Indicates whether the rule group is stateless or stateful. If the rule group - /// is stateless, it contains stateless rules. If it is stateful, it contains + /// is stateless, it containsstateless rules. If it is stateful, it contains /// stateful rules. #[serde(rename = "type_")] pub r#type: String, @@ -510,7 +510,7 @@ pub struct RuleGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusteringresses.rs b/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusteringresses.rs index 3ccb22a4b..a467db876 100644 --- a/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusteringresses.rs +++ b/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusteringresses.rs @@ -129,7 +129,6 @@ pub struct MultiClusterIngressRules { /// IngressRuleValue. If the host is unspecified, the Ingress routes all /// traffic based on the specified IngressRuleValue. /// - /// /// host can be "precise" which is a domain name without the terminating dot of /// a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name /// prefixed with a single wildcard label (e.g. "*.foo.com"). @@ -319,10 +318,7 @@ pub struct MultiClusterIngressStatusLoadBalancerIngressPorts { /// CamelCase names /// - cloud provider specific error values must have names that comply with the /// format foo.example.com/CamelCase. - /// --- - /// The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - #[serde(default, skip_serializing_if = "Option::is_none")] - pub error: Option, + pub error: String, /// port is the port number of the ingress port. pub port: i32, /// protocol is the protocol of the ingress port. diff --git a/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusterservices.rs b/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusterservices.rs index 01c5ad69c..d3e0838d4 100644 --- a/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusterservices.rs +++ b/kube-custom-resources-rs/src/networking_karmada_io/v1alpha1/multiclusterservices.rs @@ -63,8 +63,7 @@ pub struct MultiClusterServiceSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MultiClusterServiceConsumerClusters { /// Name is the name of the cluster to be selected. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub name: String, } /// ExposurePort describes which port will be exposed. @@ -82,8 +81,7 @@ pub struct MultiClusterServicePorts { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MultiClusterServiceProviderClusters { /// Name is the name of the cluster to be selected. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, + pub name: String, } /// Range specifies the ranges where the referencing service should @@ -156,10 +154,7 @@ pub struct MultiClusterServiceStatusLoadBalancerIngressPorts { /// CamelCase names /// - cloud provider specific error values must have names that comply with the /// format foo.example.com/CamelCase. - /// --- - /// The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - #[serde(default, skip_serializing_if = "Option::is_none")] - pub error: Option, + pub error: String, /// Port is the port number of the service port of which status is recorded here pub port: i32, /// Protocol is the protocol of the service port of which status is recorded here diff --git a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1/receivers.rs b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1/receivers.rs index 9a846a5c6..45c79fd1b 100644 --- a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1/receivers.rs +++ b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1/receivers.rs @@ -26,6 +26,15 @@ pub struct ReceiverSpec { /// Interval at which to reconcile the Receiver with its Secret references. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, + /// ResourceFilter is a CEL expression expected to return a boolean that is + /// evaluated for each resource referenced in the Resources field when a + /// webhook is received. If the expression returns false then the controller + /// will not request a reconciliation for the resource. + /// When the expression is specified the controller will parse it and mark + /// the object as terminally failed if the expression is invalid or does not + /// return a boolean. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFilter")] + pub resource_filter: Option, /// A list of resources to be notified about changes. pub resources: Vec, /// SecretRef specifies the Secret containing the token used diff --git a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/alerts.rs b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/alerts.rs index 3ea8283f4..f38b59717 100644 --- a/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/alerts.rs +++ b/kube-custom-resources-rs/src/notification_toolkit_fluxcd_io/v1beta3/alerts.rs @@ -45,6 +45,7 @@ pub struct AlertSpec { #[serde(rename = "providerRef")] pub provider_ref: AlertProviderRef, /// Summary holds a short description of the impact and affected cluster. + /// Deprecated: Use EventMetadata instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub summary: Option, /// Suspend tells the controller to suspend subsequent diff --git a/kube-custom-resources-rs/src/ocmagent_managed_openshift_io/v1alpha1/managednotifications.rs b/kube-custom-resources-rs/src/ocmagent_managed_openshift_io/v1alpha1/managednotifications.rs index d21ebafda..b8a58d2e4 100644 --- a/kube-custom-resources-rs/src/ocmagent_managed_openshift_io/v1alpha1/managednotifications.rs +++ b/kube-custom-resources-rs/src/ocmagent_managed_openshift_io/v1alpha1/managednotifications.rs @@ -54,6 +54,8 @@ pub enum ManagedNotificationNotificationsSeverity { Warning, Major, Critical, + Error, + Fatal, } /// ManagedNotificationStatus defines the observed state of ManagedNotification diff --git a/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs b/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs index a9daf99f6..3baba87d5 100644 --- a/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs +++ b/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs @@ -493,7 +493,7 @@ pub struct DomainStatus { /// Information about a configuration change happening on the domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "changeProgressDetails")] pub change_progress_details: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs index 023d6c1d4..e6a49fc24 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opampbridges.rs @@ -487,6 +487,8 @@ pub struct OpAMPBridgePodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs index 5f4212edd..1c155883d 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1alpha1/opentelemetrycollectors.rs @@ -1989,6 +1989,8 @@ pub struct OpenTelemetryCollectorPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -2599,6 +2601,8 @@ pub struct OpenTelemetryCollectorTargetAllocatorPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] diff --git a/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs b/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs index 22b4c27e2..4423581d7 100644 --- a/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs +++ b/kube-custom-resources-rs/src/opentelemetry_io/v1beta1/opentelemetrycollectors.rs @@ -2071,6 +2071,8 @@ pub struct OpenTelemetryCollectorPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -2705,6 +2707,8 @@ pub struct OpenTelemetryCollectorTargetAllocatorPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -2771,6 +2775,10 @@ pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCr { pub enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "podMonitorSelector")] pub pod_monitor_selector: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "probeSelector")] + pub probe_selector: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeConfigSelector")] + pub scrape_config_selector: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "scrapeInterval")] pub scrape_interval: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceMonitorSelector")] @@ -2793,6 +2801,38 @@ pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCrPodMonitorSelectorMa pub values: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCrProbeSelector { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCrProbeSelectorMatchExpressions { + pub key: String, + pub operator: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCrScrapeConfigSelector { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCrScrapeConfigSelectorMatchExpressions { + pub key: String, + pub operator: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpenTelemetryCollectorTargetAllocatorPrometheusCrServiceMonitorSelector { #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] diff --git a/kube-custom-resources-rs/src/operations_kubeedge_io/v1alpha1/nodeupgradejobs.rs b/kube-custom-resources-rs/src/operations_kubeedge_io/v1alpha1/nodeupgradejobs.rs index be2f03515..84120f3dd 100644 --- a/kube-custom-resources-rs/src/operations_kubeedge_io/v1alpha1/nodeupgradejobs.rs +++ b/kube-custom-resources-rs/src/operations_kubeedge_io/v1alpha1/nodeupgradejobs.rs @@ -18,38 +18,57 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct NodeUpgradeJobSpec { - /// CheckItems specifies the items need to be checked before the task is executed. The default CheckItems value is nil. + /// CheckItems specifies the items need to be checked before the task is executed. + /// The default CheckItems value is nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "checkItems")] pub check_items: Option>, - /// Concurrency specifies the max number of edge nodes that can be upgraded at the same time. The default Concurrency value is 1. + /// Concurrency specifies the max number of edge nodes that can be upgraded at the same time. + /// The default Concurrency value is 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub concurrency: Option, - /// FailureTolerate specifies the task tolerance failure ratio. The default FailureTolerate value is 0.1. + /// FailureTolerate specifies the task tolerance failure ratio. + /// The default FailureTolerate value is 0.1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureTolerate")] pub failure_tolerate: Option, - /// Image specifies a container image name, the image contains: keadm and edgecore. keadm is used as upgradetool, to install the new version of edgecore. The image name consists of registry hostname and repository name, if it includes the tag or digest, the tag or digest will be overwritten by Version field above. If the registry hostname is empty, docker.io will be used as default. The default image name is: kubeedge/installation-package. + /// Image specifies a container image name, the image contains: keadm and edgecore. + /// keadm is used as upgradetool, to install the new version of edgecore. + /// The image name consists of registry hostname and repository name, + /// if it includes the tag or digest, the tag or digest will be overwritten by Version field above. + /// If the registry hostname is empty, docker.io will be used as default. + /// The default image name is: kubeedge/installation-package. #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, - /// ImageDigestGatter define registry v2 interface access configuration. As a transition, it is not required at first, and the image digest is checked when this field is set. + /// ImageDigestGatter define registry v2 interface access configuration. + /// As a transition, it is not required at first, and the image digest is checked when this field is set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageDigestGatter")] pub image_digest_gatter: Option, - /// LabelSelector is a filter to select member clusters by labels. It must match a node's labels for the NodeUpgradeJob to be operated on that node. Please note that sets of NodeNames and LabelSelector are ORed. Users must set one and can only set one. + /// LabelSelector is a filter to select member clusters by labels. + /// It must match a node's labels for the NodeUpgradeJob to be operated on that node. + /// Please note that sets of NodeNames and LabelSelector are ORed. + /// Users must set one and can only set one. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// NodeNames is a request to select some specific nodes. If it is non-empty, the upgrade job simply select these edge nodes to do upgrade operation. Please note that sets of NodeNames and LabelSelector are ORed. Users must set one and can only set one. + /// NodeNames is a request to select some specific nodes. If it is non-empty, + /// the upgrade job simply select these edge nodes to do upgrade operation. + /// Please note that sets of NodeNames and LabelSelector are ORed. + /// Users must set one and can only set one. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeNames")] pub node_names: Option>, - /// RequireConfirmation specifies whether you need to confirm the upgrade. The default RequireConfirmation value is false. + /// RequireConfirmation specifies whether you need to confirm the upgrade. + /// The default RequireConfirmation value is false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireConfirmation")] pub require_confirmation: Option, - /// TimeoutSeconds limits the duration of the node upgrade job. Default to 300. If set to 0, we'll use the default value 300. + /// TimeoutSeconds limits the duration of the node upgrade job. + /// Default to 300. + /// If set to 0, we'll use the default value 300. #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] pub timeout_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, } -/// ImageDigestGatter define registry v2 interface access configuration. As a transition, it is not required at first, and the image digest is checked when this field is set. +/// ImageDigestGatter define registry v2 interface access configuration. +/// As a transition, it is not required at first, and the image digest is checked when this field is set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeUpgradeJobImageDigestGatter { /// RegistryAPI define registry v2 interface access configuration @@ -67,25 +86,35 @@ pub struct NodeUpgradeJobImageDigestGatterRegistryApi { pub token: String, } -/// LabelSelector is a filter to select member clusters by labels. It must match a node's labels for the NodeUpgradeJob to be operated on that node. Please note that sets of NodeNames and LabelSelector are ORed. Users must set one and can only set one. +/// LabelSelector is a filter to select member clusters by labels. +/// It must match a node's labels for the NodeUpgradeJob to be operated on that node. +/// Please note that sets of NodeNames and LabelSelector are ORed. +/// Users must set one and can only set one. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeUpgradeJobLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeUpgradeJobLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -93,13 +122,15 @@ pub struct NodeUpgradeJobLabelSelectorMatchExpressions { /// Most recently observed status of the NodeUpgradeJob. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeUpgradeJobStatus { - /// Action represents for the action of the ImagePrePullJob. There are two possible action values: Success, Failure. + /// Action represents for the action of the ImagePrePullJob. + /// There are two possible action values: Success, Failure. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, /// CurrentVersion represents for the current status of the EdgeCore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVersion")] pub current_version: Option, - /// Event represents for the event of the ImagePrePullJob. There are six possible event values: Init, Check, BackUp, Upgrade, TimeOut, Rollback. + /// Event represents for the event of the ImagePrePullJob. + /// There are six possible event values: Init, Check, BackUp, Upgrade, TimeOut, Rollback. #[serde(default, skip_serializing_if = "Option::is_none")] pub event: Option, /// HistoricVersion represents for the historic status of the EdgeCore. @@ -111,7 +142,8 @@ pub struct NodeUpgradeJobStatus { /// Reason represents for the reason of the ImagePrePullJob. #[serde(default, skip_serializing_if = "Option::is_none")] pub reason: Option, - /// State represents for the state phase of the NodeUpgradeJob. There are several possible state values: "", Upgrading, BackingUp, RollingBack and Checking. + /// State represents for the state phase of the NodeUpgradeJob. + /// There are several possible state values: "", Upgrading, BackingUp, RollingBack and Checking. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, /// Time represents for the running time of the ImagePrePullJob. @@ -122,10 +154,12 @@ pub struct NodeUpgradeJobStatus { /// TaskStatus stores the status of Upgrade for each edge node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeUpgradeJobStatusNodeStatus { - /// Action represents for the action of the ImagePrePullJob. There are three possible action values: Success, Failure, TimeOut. + /// Action represents for the action of the ImagePrePullJob. + /// There are three possible action values: Success, Failure, TimeOut. #[serde(default, skip_serializing_if = "Option::is_none")] pub action: Option, - /// Event represents for the event of the ImagePrePullJob. There are three possible event values: Init, Check, Pull. + /// Event represents for the event of the ImagePrePullJob. + /// There are three possible event values: Init, Check, Pull. #[serde(default, skip_serializing_if = "Option::is_none")] pub event: Option, /// NodeName is the name of edge node. @@ -134,7 +168,8 @@ pub struct NodeUpgradeJobStatusNodeStatus { /// Reason represents for the reason of the ImagePrePullJob. #[serde(default, skip_serializing_if = "Option::is_none")] pub reason: Option, - /// State represents for the upgrade state phase of the edge node. There are several possible state values: "", Upgrading, BackingUp, RollingBack and Checking. + /// State represents for the upgrade state phase of the edge node. + /// There are several possible state values: "", Upgrading, BackingUp, RollingBack and Checking. #[serde(default, skip_serializing_if = "Option::is_none")] pub state: Option, /// Time represents for the running time of the ImagePrePullJob. diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/bootstrapproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/bootstrapproviders.rs index b3d881e7b..42efa8bd1 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/bootstrapproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/bootstrapproviders.rs @@ -299,24 +299,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAffinityPreferredDuringScheduli pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -420,24 +420,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAffinityRequiredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -572,24 +572,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAntiAffinityPreferredDuringSche pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -693,24 +693,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAntiAffinityRequiredDuringSched pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -875,8 +875,10 @@ pub struct BootstrapProviderDeploymentContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -916,8 +918,10 @@ pub struct BootstrapProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -945,11 +949,9 @@ pub struct BootstrapProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -972,6 +974,11 @@ pub struct BootstrapProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -979,8 +986,10 @@ pub struct BootstrapProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BootstrapProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1077,7 +1086,6 @@ pub struct BootstrapProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1109,7 +1117,7 @@ pub struct BootstrapProviderManager { /// which can be run. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] pub max_concurrent_reconciles: Option, - /// Metrics contains the controller metrics configuration + /// Metrics contains thw controller metrics configuration #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option, /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). @@ -1145,13 +1153,11 @@ pub struct BootstrapProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1219,7 +1225,7 @@ pub struct BootstrapProviderManagerLeaderElection { pub retry_period: String, } -/// Metrics contains the controller metrics configuration +/// Metrics contains thw controller metrics configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BootstrapProviderManagerMetrics { /// BindAddress is the TCP address that the controller should bind to diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/controlplaneproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/controlplaneproviders.rs index 14b1d8b25..78eb412ae 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/controlplaneproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/controlplaneproviders.rs @@ -299,24 +299,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAffinityPreferredDuringSched pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -420,24 +420,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAffinityRequiredDuringSchedu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -572,24 +572,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAntiAffinityPreferredDuringS pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -693,24 +693,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAntiAffinityRequiredDuringSc pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -875,8 +875,10 @@ pub struct ControlPlaneProviderDeploymentContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -916,8 +918,10 @@ pub struct ControlPlaneProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -945,11 +949,9 @@ pub struct ControlPlaneProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -972,6 +974,11 @@ pub struct ControlPlaneProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -979,8 +986,10 @@ pub struct ControlPlaneProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ControlPlaneProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1077,7 +1086,6 @@ pub struct ControlPlaneProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1109,7 +1117,7 @@ pub struct ControlPlaneProviderManager { /// which can be run. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] pub max_concurrent_reconciles: Option, - /// Metrics contains the controller metrics configuration + /// Metrics contains thw controller metrics configuration #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option, /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). @@ -1145,13 +1153,11 @@ pub struct ControlPlaneProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1219,7 +1225,7 @@ pub struct ControlPlaneProviderManagerLeaderElection { pub retry_period: String, } -/// Metrics contains the controller metrics configuration +/// Metrics contains thw controller metrics configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ControlPlaneProviderManagerMetrics { /// BindAddress is the TCP address that the controller should bind to diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/coreproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/coreproviders.rs index 9eb6790fa..6ddeb4a65 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/coreproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/coreproviders.rs @@ -299,24 +299,24 @@ pub struct CoreProviderDeploymentAffinityPodAffinityPreferredDuringSchedulingIgn pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -420,24 +420,24 @@ pub struct CoreProviderDeploymentAffinityPodAffinityRequiredDuringSchedulingIgno pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -572,24 +572,24 @@ pub struct CoreProviderDeploymentAffinityPodAntiAffinityPreferredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -693,24 +693,24 @@ pub struct CoreProviderDeploymentAffinityPodAntiAffinityRequiredDuringScheduling pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -875,8 +875,10 @@ pub struct CoreProviderDeploymentContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -916,8 +918,10 @@ pub struct CoreProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -945,11 +949,9 @@ pub struct CoreProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -972,6 +974,11 @@ pub struct CoreProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -979,8 +986,10 @@ pub struct CoreProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CoreProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1077,7 +1086,6 @@ pub struct CoreProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1109,7 +1117,7 @@ pub struct CoreProviderManager { /// which can be run. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] pub max_concurrent_reconciles: Option, - /// Metrics contains the controller metrics configuration + /// Metrics contains thw controller metrics configuration #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option, /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). @@ -1145,13 +1153,11 @@ pub struct CoreProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1219,7 +1225,7 @@ pub struct CoreProviderManagerLeaderElection { pub retry_period: String, } -/// Metrics contains the controller metrics configuration +/// Metrics contains thw controller metrics configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CoreProviderManagerMetrics { /// BindAddress is the TCP address that the controller should bind to diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/infrastructureproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/infrastructureproviders.rs index af47de05f..85f7195a6 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/infrastructureproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha1/infrastructureproviders.rs @@ -299,24 +299,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAffinityPreferredDuringSch pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -420,24 +420,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAffinityRequiredDuringSche pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -572,24 +572,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAntiAffinityPreferredDurin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -693,24 +693,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAntiAffinityRequiredDuring pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -875,8 +875,10 @@ pub struct InfrastructureProviderDeploymentContainersEnvValueFromConfigMapKeyRef /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -916,8 +918,10 @@ pub struct InfrastructureProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -945,11 +949,9 @@ pub struct InfrastructureProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -972,6 +974,11 @@ pub struct InfrastructureProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -979,8 +986,10 @@ pub struct InfrastructureProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InfrastructureProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1077,7 +1086,6 @@ pub struct InfrastructureProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1109,7 +1117,7 @@ pub struct InfrastructureProviderManager { /// which can be run. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxConcurrentReconciles")] pub max_concurrent_reconciles: Option, - /// Metrics contains the controller metrics configuration + /// Metrics contains thw controller metrics configuration #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option, /// ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060). @@ -1145,13 +1153,11 @@ pub struct InfrastructureProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1219,7 +1225,7 @@ pub struct InfrastructureProviderManagerLeaderElection { pub retry_period: String, } -/// Metrics contains the controller metrics configuration +/// Metrics contains thw controller metrics configuration #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InfrastructureProviderManagerMetrics { /// BindAddress is the TCP address that the controller should bind to diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs index 74ffb885a..fe1ba821c 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/addonproviders.rs @@ -307,24 +307,24 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPrefer pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -428,24 +428,24 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequir pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -580,24 +580,24 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPr pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -701,24 +701,24 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityRe pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -883,8 +883,10 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnvValueFromCon /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -924,8 +926,10 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentContainersEnvValueFromSec /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -939,11 +943,9 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -966,6 +968,11 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -973,8 +980,10 @@ pub struct AddonProviderAdditionalDeploymentsDeploymentContainersResourcesClaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AddonProviderAdditionalDeploymentsDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1015,7 +1024,6 @@ pub struct AddonProviderAdditionalDeploymentsManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1083,13 +1091,11 @@ pub struct AddonProviderAdditionalDeploymentsManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1443,24 +1449,24 @@ pub struct AddonProviderDeploymentAffinityPodAffinityPreferredDuringSchedulingIg pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1564,24 +1570,24 @@ pub struct AddonProviderDeploymentAffinityPodAffinityRequiredDuringSchedulingIgn pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1716,24 +1722,24 @@ pub struct AddonProviderDeploymentAffinityPodAntiAffinityPreferredDuringScheduli pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1837,24 +1843,24 @@ pub struct AddonProviderDeploymentAffinityPodAntiAffinityRequiredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2019,8 +2025,10 @@ pub struct AddonProviderDeploymentContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2060,8 +2068,10 @@ pub struct AddonProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2075,11 +2085,9 @@ pub struct AddonProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2102,6 +2110,11 @@ pub struct AddonProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -2109,8 +2122,10 @@ pub struct AddonProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AddonProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2152,6 +2167,11 @@ pub struct AddonProviderDeploymentTolerations { /// https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AddonProviderFetchConfig { + /// OCI to be used for fetching the provider’s components and metadata from an OCI artifact. + /// You must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub. + /// If the providerSpec.Version is missing, latest provider version from clusterctl defaults is used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oci: Option, /// Selector to be used for fetching provider’s components and metadata from /// ConfigMaps stored inside the cluster. Each ConfigMap is expected to contain /// components and metadata for a specific version only. @@ -2207,7 +2227,6 @@ pub struct AddonProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -2275,13 +2294,11 @@ pub struct AddonProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs index 981f5154c..fc2914f21 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/bootstrapproviders.rs @@ -307,24 +307,24 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPr pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -428,24 +428,24 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRe pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -580,24 +580,24 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffini pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -701,24 +701,24 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffini pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -883,8 +883,10 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnvValueFro /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -924,8 +926,10 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersEnvValueFro /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -939,11 +943,9 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -966,6 +968,11 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersResourcesCl /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -973,8 +980,10 @@ pub struct BootstrapProviderAdditionalDeploymentsDeploymentContainersResourcesCl #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BootstrapProviderAdditionalDeploymentsDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1015,7 +1024,6 @@ pub struct BootstrapProviderAdditionalDeploymentsManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1083,13 +1091,11 @@ pub struct BootstrapProviderAdditionalDeploymentsManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1443,24 +1449,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAffinityPreferredDuringScheduli pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1564,24 +1570,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAffinityRequiredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1716,24 +1722,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAntiAffinityPreferredDuringSche pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1837,24 +1843,24 @@ pub struct BootstrapProviderDeploymentAffinityPodAntiAffinityRequiredDuringSched pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2019,8 +2025,10 @@ pub struct BootstrapProviderDeploymentContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2060,8 +2068,10 @@ pub struct BootstrapProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2075,11 +2085,9 @@ pub struct BootstrapProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2102,6 +2110,11 @@ pub struct BootstrapProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -2109,8 +2122,10 @@ pub struct BootstrapProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BootstrapProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2152,6 +2167,11 @@ pub struct BootstrapProviderDeploymentTolerations { /// https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BootstrapProviderFetchConfig { + /// OCI to be used for fetching the provider’s components and metadata from an OCI artifact. + /// You must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub. + /// If the providerSpec.Version is missing, latest provider version from clusterctl defaults is used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oci: Option, /// Selector to be used for fetching provider’s components and metadata from /// ConfigMaps stored inside the cluster. Each ConfigMap is expected to contain /// components and metadata for a specific version only. @@ -2207,7 +2227,6 @@ pub struct BootstrapProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -2275,13 +2294,11 @@ pub struct BootstrapProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs index 973896668..2250e70fc 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/controlplaneproviders.rs @@ -307,24 +307,24 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinit pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -428,24 +428,24 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAffinit pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -580,24 +580,24 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAff pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -701,24 +701,24 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentAffinityPodAntiAff pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -883,8 +883,10 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnvValue /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -924,8 +926,10 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersEnvValue /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -939,11 +943,9 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersResource /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -966,6 +968,11 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersResource /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -973,8 +980,10 @@ pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentContainersResource #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ControlPlaneProviderAdditionalDeploymentsDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1015,7 +1024,6 @@ pub struct ControlPlaneProviderAdditionalDeploymentsManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1083,13 +1091,11 @@ pub struct ControlPlaneProviderAdditionalDeploymentsManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1443,24 +1449,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAffinityPreferredDuringSched pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1564,24 +1570,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAffinityRequiredDuringSchedu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1716,24 +1722,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAntiAffinityPreferredDuringS pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1837,24 +1843,24 @@ pub struct ControlPlaneProviderDeploymentAffinityPodAntiAffinityRequiredDuringSc pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2019,8 +2025,10 @@ pub struct ControlPlaneProviderDeploymentContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2060,8 +2068,10 @@ pub struct ControlPlaneProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2075,11 +2085,9 @@ pub struct ControlPlaneProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2102,6 +2110,11 @@ pub struct ControlPlaneProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -2109,8 +2122,10 @@ pub struct ControlPlaneProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ControlPlaneProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2152,6 +2167,11 @@ pub struct ControlPlaneProviderDeploymentTolerations { /// https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ControlPlaneProviderFetchConfig { + /// OCI to be used for fetching the provider’s components and metadata from an OCI artifact. + /// You must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub. + /// If the providerSpec.Version is missing, latest provider version from clusterctl defaults is used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oci: Option, /// Selector to be used for fetching provider’s components and metadata from /// ConfigMaps stored inside the cluster. Each ConfigMap is expected to contain /// components and metadata for a specific version only. @@ -2207,7 +2227,6 @@ pub struct ControlPlaneProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -2275,13 +2294,11 @@ pub struct ControlPlaneProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs index d7ee43765..e1d7c505c 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/coreproviders.rs @@ -307,24 +307,24 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityPreferr pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -428,24 +428,24 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAffinityRequire pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -580,24 +580,24 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityPre pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -701,24 +701,24 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentAffinityPodAntiAffinityReq pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -883,8 +883,10 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnvValueFromConf /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -924,8 +926,10 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentContainersEnvValueFromSecr /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -939,11 +943,9 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -966,6 +968,11 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -973,8 +980,10 @@ pub struct CoreProviderAdditionalDeploymentsDeploymentContainersResourcesClaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CoreProviderAdditionalDeploymentsDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1015,7 +1024,6 @@ pub struct CoreProviderAdditionalDeploymentsManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1083,13 +1091,11 @@ pub struct CoreProviderAdditionalDeploymentsManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1443,24 +1449,24 @@ pub struct CoreProviderDeploymentAffinityPodAffinityPreferredDuringSchedulingIgn pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1564,24 +1570,24 @@ pub struct CoreProviderDeploymentAffinityPodAffinityRequiredDuringSchedulingIgno pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1716,24 +1722,24 @@ pub struct CoreProviderDeploymentAffinityPodAntiAffinityPreferredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1837,24 +1843,24 @@ pub struct CoreProviderDeploymentAffinityPodAntiAffinityRequiredDuringScheduling pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2019,8 +2025,10 @@ pub struct CoreProviderDeploymentContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2060,8 +2068,10 @@ pub struct CoreProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2075,11 +2085,9 @@ pub struct CoreProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2102,6 +2110,11 @@ pub struct CoreProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -2109,8 +2122,10 @@ pub struct CoreProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CoreProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2152,6 +2167,11 @@ pub struct CoreProviderDeploymentTolerations { /// https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CoreProviderFetchConfig { + /// OCI to be used for fetching the provider’s components and metadata from an OCI artifact. + /// You must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub. + /// If the providerSpec.Version is missing, latest provider version from clusterctl defaults is used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oci: Option, /// Selector to be used for fetching provider’s components and metadata from /// ConfigMaps stored inside the cluster. Each ConfigMap is expected to contain /// components and metadata for a specific version only. @@ -2207,7 +2227,6 @@ pub struct CoreProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -2275,13 +2294,11 @@ pub struct CoreProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] diff --git a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs index 21c44a52f..1842aaa0e 100644 --- a/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs +++ b/kube-custom-resources-rs/src/operator_cluster_x_k8s_io/v1alpha2/infrastructureproviders.rs @@ -307,24 +307,24 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -428,24 +428,24 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAffin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -580,24 +580,24 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiA pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -701,24 +701,24 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentAffinityPodAntiA pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -883,8 +883,10 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnvVal /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -924,8 +926,10 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersEnvVal /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -939,11 +943,9 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersResour /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -966,6 +968,11 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersResour /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -973,8 +980,10 @@ pub struct InfrastructureProviderAdditionalDeploymentsDeploymentContainersResour #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InfrastructureProviderAdditionalDeploymentsDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1015,7 +1024,6 @@ pub struct InfrastructureProviderAdditionalDeploymentsManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -1083,13 +1091,11 @@ pub struct InfrastructureProviderAdditionalDeploymentsManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] @@ -1443,24 +1449,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAffinityPreferredDuringSch pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1564,24 +1570,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAffinityRequiredDuringSche pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1716,24 +1722,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAntiAffinityPreferredDurin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1837,24 +1843,24 @@ pub struct InfrastructureProviderDeploymentAffinityPodAntiAffinityRequiredDuring pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2019,8 +2025,10 @@ pub struct InfrastructureProviderDeploymentContainersEnvValueFromConfigMapKeyRef /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2060,8 +2068,10 @@ pub struct InfrastructureProviderDeploymentContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2075,11 +2085,9 @@ pub struct InfrastructureProviderDeploymentContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2102,6 +2110,11 @@ pub struct InfrastructureProviderDeploymentContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -2109,8 +2122,10 @@ pub struct InfrastructureProviderDeploymentContainersResourcesClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InfrastructureProviderDeploymentImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -2152,6 +2167,11 @@ pub struct InfrastructureProviderDeploymentTolerations { /// https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InfrastructureProviderFetchConfig { + /// OCI to be used for fetching the provider’s components and metadata from an OCI artifact. + /// You must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub. + /// If the providerSpec.Version is missing, latest provider version from clusterctl defaults is used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oci: Option, /// Selector to be used for fetching provider’s components and metadata from /// ConfigMaps stored inside the cluster. Each ConfigMap is expected to contain /// components and metadata for a specific version only. @@ -2207,7 +2227,6 @@ pub struct InfrastructureProviderManager { /// CacheNamespace if specified restricts the manager's cache to watch objects in /// the desired namespace Defaults to all namespaces /// - /// /// Note: If a namespace is specified, controllers can still Watch for a /// cluster-scoped resource (e.g Node). For namespaced resources the cache /// will only hold objects from the desired namespace. @@ -2275,13 +2294,11 @@ pub struct InfrastructureProviderManagerController { /// GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation /// allowed for that controller. /// - /// /// When a controller is registered within this manager using the builder utilities, /// users have to specify the type the controller reconciles in the For(...) call. /// If the object's kind passed matches one of the keys in this map, the concurrency /// for that controller is set to the number specified. /// - /// /// The key is expected to be consistent in form with GroupKind.String(), /// e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "groupKindConcurrency")] diff --git a/kube-custom-resources-rs/src/operator_cryostat_io/v1beta1/cryostats.rs b/kube-custom-resources-rs/src/operator_cryostat_io/v1beta1/cryostats.rs index cd28413bd..0dc155168 100644 --- a/kube-custom-resources-rs/src/operator_cryostat_io/v1beta1/cryostats.rs +++ b/kube-custom-resources-rs/src/operator_cryostat_io/v1beta1/cryostats.rs @@ -1274,8 +1274,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1299,6 +1322,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDur } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1371,8 +1395,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1396,6 +1443,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityRequiredDuri } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1499,8 +1547,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferre #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1524,6 +1595,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferre } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1596,8 +1668,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferre #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1621,6 +1716,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityRequired } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1728,6 +1824,10 @@ pub struct CryostatReportOptionsSecurityOptions { /// Security Context to apply to the Cryostat report generator pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSecurityOptionsPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -1809,6 +1909,25 @@ pub struct CryostatReportOptionsSecurityOptionsPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatReportOptionsSecurityOptionsPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -1901,6 +2020,11 @@ pub struct CryostatReportOptionsSecurityOptionsReportsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1967,6 +2091,26 @@ pub struct CryostatReportOptionsSecurityOptionsReportsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatReportOptionsSecurityOptionsReportsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2380,8 +2524,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringScheduling #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2405,6 +2572,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringScheduling } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2477,8 +2645,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringScheduling #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2502,6 +2693,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingI } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2605,8 +2797,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2630,6 +2845,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2702,8 +2918,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2727,6 +2966,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedul } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2855,6 +3095,11 @@ pub struct CryostatSecurityOptionsCoreSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2921,6 +3166,26 @@ pub struct CryostatSecurityOptionsCoreSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsCoreSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3018,6 +3283,11 @@ pub struct CryostatSecurityOptionsDataSourceSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3084,6 +3354,26 @@ pub struct CryostatSecurityOptionsDataSourceSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsDataSourceSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3181,6 +3471,11 @@ pub struct CryostatSecurityOptionsDatabaseSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3247,6 +3542,26 @@ pub struct CryostatSecurityOptionsDatabaseSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsDatabaseSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3344,6 +3659,11 @@ pub struct CryostatSecurityOptionsGrafanaSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3410,6 +3730,26 @@ pub struct CryostatSecurityOptionsGrafanaSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsGrafanaSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3498,6 +3838,10 @@ pub struct CryostatSecurityOptionsGrafanaSecurityContextWindowsOptions { /// Security Context to apply to the Cryostat pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSecurityOptionsPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -3579,6 +3923,25 @@ pub struct CryostatSecurityOptionsPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -3671,6 +4034,11 @@ pub struct CryostatSecurityOptionsStorageSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3737,6 +4105,26 @@ pub struct CryostatSecurityOptionsStorageSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsStorageSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4033,6 +4421,20 @@ pub struct CryostatStorageOptionsPvcSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -4111,17 +4513,6 @@ pub struct CryostatStorageOptionsPvcSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatStorageOptionsPvcSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4134,15 +4525,6 @@ pub struct CryostatStorageOptionsPvcSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsPvcSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatStorageOptionsPvcSpecSelector { diff --git a/kube-custom-resources-rs/src/operator_cryostat_io/v1beta2/cryostats.rs b/kube-custom-resources-rs/src/operator_cryostat_io/v1beta2/cryostats.rs index 92d4117e3..3c6ea825b 100644 --- a/kube-custom-resources-rs/src/operator_cryostat_io/v1beta2/cryostats.rs +++ b/kube-custom-resources-rs/src/operator_cryostat_io/v1beta2/cryostats.rs @@ -21,6 +21,10 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct CryostatSpec { + /// Options to control how the operator configures Cryostat Agents + /// to communicate with this Cryostat instance. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "agentOptions")] + pub agent_options: Option, /// Additional configuration options for the authorization proxy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "authorizationOptions")] pub authorization_options: Option, @@ -38,6 +42,9 @@ pub struct CryostatSpec { /// such as using an Ingress or Route. #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkOptions")] pub network_options: Option, + /// Options to customize the NetworkPolicy objects created for Cryostat's various Services. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkPolicies")] + pub network_policies: Option, /// Options to configure the Cryostat deployments and pods metadata #[serde(default, skip_serializing_if = "Option::is_none", rename = "operandMetadata")] pub operand_metadata: Option, @@ -69,7 +76,7 @@ pub struct CryostatSpec { /// permitted to access and profile. Defaults to this Cryostat's namespace. /// Warning: All Cryostat users will be able to create and manage /// recordings for workloads in the listed namespaces. - /// More details: https://github.com/cryostatio/cryostat-operator/blob/v3.0.0/docs/config.md#data-isolation + /// More details: https://github.com/cryostatio/cryostat-operator/blob/v4.0.0/docs/config.md#data-isolation #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetNamespaces")] pub target_namespaces: Option>, /// List of TLS certificates to trust when connecting to targets. @@ -77,6 +84,56 @@ pub struct CryostatSpec { pub trusted_cert_secrets: Option>, } +/// Options to control how the operator configures Cryostat Agents +/// to communicate with this Cryostat instance. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatAgentOptions { + /// Disables hostname verification when Cryostat connects to Agents over TLS. + /// Consider enabling this if the Cryostat Agent fails to determine the hostname of your pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableHostnameVerification")] + pub disable_hostname_verification: Option, + /// The resources allocated to the init container used to inject the Cryostat agent, + /// when using the operator's agent auto-configuration feature. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// The resources allocated to the init container used to inject the Cryostat agent, +/// when using the operator's agent auto-configuration feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatAgentOptionsResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatAgentOptionsResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, +} + /// Additional configuration options for the authorization proxy. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatAuthorizationOptions { @@ -184,7 +241,7 @@ pub struct CryostatNetworkOptions { /// which serves the Cryostat application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatNetworkOptionsCoreConfig { - /// Annotations to add to the Ingress or Route during its creation. + /// Annotations to add to the object during its creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, /// Externally routable host to be used to reach this @@ -198,8 +255,10 @@ pub struct CryostatNetworkOptionsCoreConfig { /// (if a single external IP is being used) to differentiate between ingresses/services. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressSpec")] pub ingress_spec: Option, - /// Labels to add to the Ingress or Route during its creation. - /// The label with key "app" is reserved for use by the operator. + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, } @@ -461,6 +520,55 @@ pub struct CryostatNetworkOptionsCoreConfigIngressSpecTls { pub secret_name: Option, } +/// Options to customize the NetworkPolicy objects created for Cryostat's various Services. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatNetworkPolicies { + /// NetworkPolicy configuration for the Cryostat application service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreConfig")] + pub core_config: Option, + /// NetworkPolicy configuration for the database service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "databaseConfig")] + pub database_config: Option, + /// NetworkPolicy configuration for the cryostat-reports service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reportsConfig")] + pub reports_config: Option, + /// NetworkPolicy configuration for the storage service. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageConfig")] + pub storage_config: Option, +} + +/// NetworkPolicy configuration for the Cryostat application service. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatNetworkPoliciesCoreConfig { + /// Disable the NetworkPolicy for a given service. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, +} + +/// NetworkPolicy configuration for the database service. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatNetworkPoliciesDatabaseConfig { + /// Disable the NetworkPolicy for a given service. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, +} + +/// NetworkPolicy configuration for the cryostat-reports service. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatNetworkPoliciesReportsConfig { + /// Disable the NetworkPolicy for a given service. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, +} + +/// NetworkPolicy configuration for the storage service. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatNetworkPoliciesStorageConfig { + /// Disable the NetworkPolicy for a given service. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disabled: Option, +} + /// Options to configure the Cryostat deployments and pods metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatOperandMetadata { @@ -475,12 +583,13 @@ pub struct CryostatOperandMetadata { /// Options to configure the Cryostat deployments metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatOperandMetadataDeploymentMetadata { - /// Annotations to add to the resources during its creation. + /// Annotations to add to the object during its creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Labels to add to the resources during its creation. - /// The labels with keys "app" and "component" are reserved - /// for use by the operator. + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, } @@ -488,12 +597,13 @@ pub struct CryostatOperandMetadataDeploymentMetadata { /// Options to configure the Cryostat pods metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatOperandMetadataPodMetadata { - /// Annotations to add to the resources during its creation. + /// Annotations to add to the object during its creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Labels to add to the resources during its creation. - /// The labels with keys "app" and "component" are reserved - /// for use by the operator. + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, } @@ -767,8 +877,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -792,6 +925,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDur } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -864,8 +998,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -889,6 +1046,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityRequiredDuri } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -992,8 +1150,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferre #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1017,6 +1198,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferre } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1089,8 +1271,31 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityPreferre #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1114,6 +1319,7 @@ pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityRequired } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1221,6 +1427,10 @@ pub struct CryostatReportOptionsSecurityOptions { /// Security Context to apply to the Cryostat report generator pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatReportOptionsSecurityOptionsPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -1302,6 +1512,25 @@ pub struct CryostatReportOptionsSecurityOptionsPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatReportOptionsSecurityOptionsPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -1394,6 +1623,11 @@ pub struct CryostatReportOptionsSecurityOptionsReportsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -1460,6 +1694,26 @@ pub struct CryostatReportOptionsSecurityOptionsReportsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatReportOptionsSecurityOptionsReportsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2025,8 +2279,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringScheduling #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2050,6 +2327,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringScheduling } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2122,8 +2400,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityPreferredDuringScheduling #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2147,6 +2448,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingI } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2250,8 +2552,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2275,6 +2600,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2347,8 +2673,31 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityPreferredDuringSchedu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -2372,6 +2721,7 @@ pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedul } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSchedulingOptionsAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -2506,6 +2856,11 @@ pub struct CryostatSecurityOptionsAgentProxySecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2572,6 +2927,26 @@ pub struct CryostatSecurityOptionsAgentProxySecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsAgentProxySecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2669,6 +3044,11 @@ pub struct CryostatSecurityOptionsAuthProxySecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2735,6 +3115,26 @@ pub struct CryostatSecurityOptionsAuthProxySecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsAuthProxySecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2832,6 +3232,11 @@ pub struct CryostatSecurityOptionsCoreSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2898,6 +3303,26 @@ pub struct CryostatSecurityOptionsCoreSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsCoreSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2995,6 +3420,11 @@ pub struct CryostatSecurityOptionsDataSourceSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3061,6 +3491,26 @@ pub struct CryostatSecurityOptionsDataSourceSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsDataSourceSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3158,6 +3608,11 @@ pub struct CryostatSecurityOptionsDatabaseSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3224,6 +3679,26 @@ pub struct CryostatSecurityOptionsDatabaseSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsDatabaseSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3321,6 +3796,11 @@ pub struct CryostatSecurityOptionsGrafanaSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3387,6 +3867,26 @@ pub struct CryostatSecurityOptionsGrafanaSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsGrafanaSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3475,6 +3975,10 @@ pub struct CryostatSecurityOptionsGrafanaSecurityContextWindowsOptions { /// Security Context to apply to the Cryostat pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatSecurityOptionsPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -3556,6 +4060,25 @@ pub struct CryostatSecurityOptionsPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -3648,6 +4171,11 @@ pub struct CryostatSecurityOptionsStorageSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3714,6 +4242,26 @@ pub struct CryostatSecurityOptionsStorageSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatSecurityOptionsStorageSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3802,30 +4350,56 @@ pub struct CryostatSecurityOptionsStorageSecurityContextWindowsOptions { /// Options to customize the services created for the Cryostat application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatServiceOptions { + /// Specification for the headless services in each target namespace that allow Cryostat + /// to communicate with agents in those namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "agentCallbackConfig")] + pub agent_callback_config: Option, /// Specification for the service responsible for agents to communicate with Cryostat. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "agentConfig")] - pub agent_config: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "agentGatewayConfig")] + pub agent_gateway_config: Option, /// Specification for the service responsible for the Cryostat application. #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreConfig")] pub core_config: Option, + /// Specification for the service responsible for the cryostat application's database. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "databaseConfig")] + pub database_config: Option, /// Specification for the service responsible for the cryostat-reports sidecars. #[serde(default, skip_serializing_if = "Option::is_none", rename = "reportsConfig")] pub reports_config: Option, + /// Specification for the service responsible for the storage to be created by the operator. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageConfig")] + pub storage_config: Option, +} + +/// Specification for the headless services in each target namespace that allow Cryostat +/// to communicate with agents in those namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatServiceOptionsAgentCallbackConfig { + /// Annotations to add to the object during its creation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, } /// Specification for the service responsible for agents to communicate with Cryostat. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatServiceOptionsAgentConfig { - /// Annotations to add to the service during its creation. +pub struct CryostatServiceOptionsAgentGatewayConfig { + /// Annotations to add to the object during its creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, /// HTTP port number for the Cryostat agent API service. /// Defaults to 8282. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpPort")] pub http_port: Option, - /// Labels to add to the service during its creation. - /// The labels with keys "app" and "component" are reserved - /// for use by the operator. + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, /// Type of service to create. Defaults to "ClusterIP". @@ -3836,16 +4410,38 @@ pub struct CryostatServiceOptionsAgentConfig { /// Specification for the service responsible for the Cryostat application. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatServiceOptionsCoreConfig { - /// Annotations to add to the service during its creation. + /// Annotations to add to the object during its creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, /// HTTP port number for the Cryostat application service. /// Defaults to 8181. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpPort")] pub http_port: Option, - /// Labels to add to the service during its creation. - /// The labels with keys "app" and "component" are reserved - /// for use by the operator. + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, + /// Type of service to create. Defaults to "ClusterIP". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] + pub service_type: Option, +} + +/// Specification for the service responsible for the cryostat application's database. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatServiceOptionsDatabaseConfig { + /// Annotations to add to the object during its creation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// DatabasePort number for the cryostat application's database. + /// Defaults to 5432. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "databasePort")] + pub database_port: Option, + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, /// Type of service to create. Defaults to "ClusterIP". @@ -3856,16 +4452,38 @@ pub struct CryostatServiceOptionsCoreConfig { /// Specification for the service responsible for the cryostat-reports sidecars. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatServiceOptionsReportsConfig { - /// Annotations to add to the service during its creation. + /// Annotations to add to the object during its creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, /// HTTP port number for the cryostat-reports service. /// Defaults to 10000. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpPort")] pub http_port: Option, - /// Labels to add to the service during its creation. - /// The labels with keys "app" and "component" are reserved - /// for use by the operator. + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, + /// Type of service to create. Defaults to "ClusterIP". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] + pub service_type: Option, +} + +/// Specification for the service responsible for the storage to be created by the operator. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatServiceOptionsStorageConfig { + /// Annotations to add to the object during its creation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// HTTP port number for the storage to be created by the operator. + /// Defaults to 8333. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpPort")] + pub http_port: Option, + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, /// Type of service to create. Defaults to "ClusterIP". @@ -3876,20 +4494,41 @@ pub struct CryostatServiceOptionsReportsConfig { /// Options to customize the storage provisioned for the database and object storage. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CryostatStorageOptions { + /// Configuration for the Persistent Volume Claim to be created by the operator for the database. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub database: Option, /// Configuration for an EmptyDir to be created /// by the operator instead of a PVC. + /// Deprecated: use storageOptions.database and storageOptions.objectStorage #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, + /// Configuration for the Persistent Volume Claim to be created by the operator for the object storage. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectStorage")] + pub object_storage: Option, /// Configuration for the Persistent Volume Claim to be created /// by the operator. + /// Deprecated: use storageOptions.database and storageOptions.objectStorage #[serde(default, skip_serializing_if = "Option::is_none")] pub pvc: Option, } +/// Configuration for the Persistent Volume Claim to be created by the operator for the database. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsDatabase { + /// Configuration for an EmptyDir to be created + /// by the operator instead of a PVC. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] + pub empty_dir: Option, + /// Configuration for the Persistent Volume Claim to be created + /// by the operator. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pvc: Option, +} + /// Configuration for an EmptyDir to be created /// by the operator instead of a PVC. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsEmptyDir { +pub struct CryostatStorageOptionsDatabaseEmptyDir { /// When enabled, Cryostat will use EmptyDir volumes instead of a Persistent Volume Claim. Any PVC configurations will be ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, @@ -3906,12 +4545,14 @@ pub struct CryostatStorageOptionsEmptyDir { /// Configuration for the Persistent Volume Claim to be created /// by the operator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsPvc { - /// Annotations to add to the Persistent Volume Claim during its creation. +pub struct CryostatStorageOptionsDatabasePvc { + /// Annotations to add to the object during its creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// Labels to add to the Persistent Volume Claim during its creation. - /// The label with key "app" is reserved for use by the operator. + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, /// Spec for a Persistent Volume Claim, whose options will override the @@ -3920,7 +4561,7 @@ pub struct CryostatStorageOptionsPvc { /// Once the operator has created the PVC, changes to this field have /// no effect. #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, + pub spec: Option, } /// Spec for a Persistent Volume Claim, whose options will override the @@ -3929,7 +4570,7 @@ pub struct CryostatStorageOptionsPvc { /// Once the operator has created the PVC, changes to this field have /// no effect. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsPvcSpec { +pub struct CryostatStorageOptionsDatabasePvcSpec { /// accessModes contains the desired access modes the volume should have. /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] @@ -3943,7 +4584,7 @@ pub struct CryostatStorageOptionsPvcSpec { /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, + pub data_source: Option, /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty /// volume is desired. This may be any object from a non-empty API group (non /// core object) or a PersistentVolumeClaim object. @@ -3968,21 +4609,35 @@ pub struct CryostatStorageOptionsPvcSpec { /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, + pub data_source_ref: Option, /// resources represents the minimum resources the volume should have. /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements /// that are lower than previous value but must still be higher than capacity recorded in the /// status field of the claim. /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, + pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, + pub selector: Option, /// storageClassName is the name of the StorageClass required by the claim. /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -4001,7 +4656,7 @@ pub struct CryostatStorageOptionsPvcSpec { /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsPvcSpecDataSource { +pub struct CryostatStorageOptionsDatabasePvcSpecDataSource { /// APIGroup is the group for the resource being referenced. /// If APIGroup is not specified, the specified Kind must be in the core API group. /// For any other third-party types, APIGroup is required. @@ -4037,7 +4692,7 @@ pub struct CryostatStorageOptionsPvcSpecDataSource { /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsPvcSpecDataSourceRef { +pub struct CryostatStorageOptionsDatabasePvcSpecDataSourceRef { /// APIGroup is the group for the resource being referenced. /// If APIGroup is not specified, the specified Kind must be in the core API group. /// For any other third-party types, APIGroup is required. @@ -4060,18 +4715,7 @@ pub struct CryostatStorageOptionsPvcSpecDataSourceRef { /// status field of the claim. /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsPvcSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, +pub struct CryostatStorageOptionsDatabasePvcSpecResources { /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4084,13 +4728,485 @@ pub struct CryostatStorageOptionsPvcSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. +/// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct CryostatStorageOptionsPvcSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, +pub struct CryostatStorageOptionsDatabasePvcSpecSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsDatabasePvcSpecSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Configuration for an EmptyDir to be created +/// by the operator instead of a PVC. +/// Deprecated: use storageOptions.database and storageOptions.objectStorage +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsEmptyDir { + /// When enabled, Cryostat will use EmptyDir volumes instead of a Persistent Volume Claim. Any PVC configurations will be ignored. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Unless specified, the emptyDir volume will be mounted on + /// the same storage medium backing the node. Setting this field to + /// "Memory" will mount the emptyDir on a tmpfs (RAM-backed filesystem). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub medium: Option, + /// The maximum memory limit for the emptyDir. Default is unbounded. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] + pub size_limit: Option, +} + +/// Configuration for the Persistent Volume Claim to be created by the operator for the object storage. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStorage { + /// Configuration for an EmptyDir to be created + /// by the operator instead of a PVC. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] + pub empty_dir: Option, + /// Configuration for the Persistent Volume Claim to be created + /// by the operator. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pvc: Option, +} + +/// Configuration for an EmptyDir to be created +/// by the operator instead of a PVC. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStorageEmptyDir { + /// When enabled, Cryostat will use EmptyDir volumes instead of a Persistent Volume Claim. Any PVC configurations will be ignored. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// Unless specified, the emptyDir volume will be mounted on + /// the same storage medium backing the node. Setting this field to + /// "Memory" will mount the emptyDir on a tmpfs (RAM-backed filesystem). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub medium: Option, + /// The maximum memory limit for the emptyDir. Default is unbounded. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] + pub size_limit: Option, +} + +/// Configuration for the Persistent Volume Claim to be created +/// by the operator. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStoragePvc { + /// Annotations to add to the object during its creation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, + /// Spec for a Persistent Volume Claim, whose options will override the + /// defaults used by the operator. Unless overriden, the PVC will be + /// created with the default Storage Class and 500MiB of storage. + /// Once the operator has created the PVC, changes to this field have + /// no effect. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// Spec for a Persistent Volume Claim, whose options will override the +/// defaults used by the operator. Unless overriden, the PVC will be +/// created with the default Storage Class and 500MiB of storage. +/// Once the operator has created the PVC, changes to this field have +/// no effect. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStoragePvcSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] + pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] + pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] + pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, + /// selector is a label query over volumes to consider for binding. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] + pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] + pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, +} + +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStoragePvcSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, +} + +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStoragePvcSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStoragePvcSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// selector is a label query over volumes to consider for binding. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStoragePvcSpecSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsObjectStoragePvcSpecSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Configuration for the Persistent Volume Claim to be created +/// by the operator. +/// Deprecated: use storageOptions.database and storageOptions.objectStorage +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsPvc { + /// Annotations to add to the object during its creation. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels to add to the object during its creation. + /// The following label keys are reserved for use by the operator: + /// "app", "component", "app.kubernetes.io/name", "app.kubernetes.io/instance", + /// "app.kubernetes.io/component", and "app.kubernetes.io/part-of". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, + /// Spec for a Persistent Volume Claim, whose options will override the + /// defaults used by the operator. Unless overriden, the PVC will be + /// created with the default Storage Class and 500MiB of storage. + /// Once the operator has created the PVC, changes to this field have + /// no effect. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// Spec for a Persistent Volume Claim, whose options will override the +/// defaults used by the operator. Unless overriden, the PVC will be +/// created with the default Storage Class and 500MiB of storage. +/// Once the operator has created the PVC, changes to this field have +/// no effect. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsPvcSpec { + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] + pub access_modes: Option>, + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] + pub data_source: Option, + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] + pub data_source_ref: Option, + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, + /// selector is a label query over volumes to consider for binding. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] + pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] + pub volume_mode: Option, + /// volumeName is the binding reference to the PersistentVolume backing this claim. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] + pub volume_name: Option, +} + +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsPvcSpecDataSource { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, +} + +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsPvcSpecDataSourceRef { + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] + pub api_group: Option, + /// Kind is the type of resource being referenced + pub kind: String, + /// Name is the name of resource being referenced + pub name: String, + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CryostatStorageOptionsPvcSpecResources { + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, } /// selector is a label query over volumes to consider for binding. diff --git a/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs b/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs index 51e10a8bf..2913fc880 100644 --- a/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs +++ b/kube-custom-resources-rs/src/operator_open_cluster_management_io/v1/clustermanagers.rs @@ -205,6 +205,10 @@ pub struct ClusterManagerRegistrationConfiguration { /// he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureGates")] pub feature_gates: Option>, + /// RegistrationDrivers represent the list of hub registration drivers that contain information used by hub to initialize the hub cluster + /// A RegistrationDriverHub contains details of authentication type and the hub cluster ARN + #[serde(default, skip_serializing_if = "Option::is_none", rename = "registrationDrivers")] + pub registration_drivers: Option>, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -224,6 +228,25 @@ pub enum ClusterManagerRegistrationConfigurationFeatureGatesMode { Disable, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterManagerRegistrationConfigurationRegistrationDrivers { + /// Type of the authentication used by hub to initialize the Hub cluster. Possible values are csr and awsirsa. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authType")] + pub auth_type: Option, + /// This represents the hub cluster ARN + /// Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1 + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hubClusterArn")] + pub hub_cluster_arn: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterManagerRegistrationConfigurationRegistrationDriversAuthType { + #[serde(rename = "csr")] + Csr, + #[serde(rename = "awsirsa")] + Awsirsa, +} + /// ResourceRequirement specify QoS classes of deployments managed by clustermanager. /// It applies to all the containers in the deployments. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/apiservers.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/apiservers.rs index 36ce715b7..fa4e0f306 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/apiservers.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/apiservers.rs @@ -25,6 +25,8 @@ pub struct APIServerSpec { /// take precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServerDeployment")] pub api_server_deployment: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub logging: Option, } /// APIServerDeployment configures the calico-apiserver (or tigera-apiserver in Enterprise) Deployment. If @@ -126,6 +128,9 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpec { /// WARNING: Please note that this field will modify the default API server Deployment nodeSelector. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// PriorityClassName allows to specify a PriorityClass resource to be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] + pub priority_class_name: Option, /// Tolerations is the API server pod's tolerations. /// If specified, this overrides any tolerations that may be set on the API server Deployment. /// If omitted, the API server Deployment will use its default value for tolerations. @@ -348,7 +353,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAffinityPrefer /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -359,7 +364,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAffinityPrefer /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -469,7 +474,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAffinityRequir /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -480,7 +485,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAffinityRequir /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -621,7 +626,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -632,7 +637,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAntiAffinityPr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -742,7 +747,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAntiAffinityRe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -753,7 +758,7 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecAffinityPodAntiAffinityRe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -900,6 +905,11 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// APIServerDeploymentInitContainer is an API server Deployment init container. @@ -953,6 +963,11 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecInitContainersResourcesCl /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -1126,6 +1141,48 @@ pub struct APIServerApiServerDeploymentSpecTemplateSpecTopologySpreadConstraints pub values: Option>, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct APIServerLogging { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServer")] + pub api_server: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "queryServer")] + pub query_server: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct APIServerLoggingApiServer { + /// LogSeverity defines log level for APIServer container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logSeverity")] + pub log_severity: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum APIServerLoggingApiServerLogSeverity { + Fatal, + Error, + Warn, + Info, + Debug, + Trace, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct APIServerLoggingQueryServer { + /// LogSeverity defines log level for QueryServer container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "logSeverity")] + pub log_severity: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum APIServerLoggingQueryServerLogSeverity { + Fatal, + Error, + Warn, + Info, + Debug, + Trace, +} + /// Most recently observed status for the Tigera API server. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct APIServerStatus { diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/applicationlayers.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/applicationlayers.rs index 09b564635..00ea0123e 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/applicationlayers.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/applicationlayers.rs @@ -162,6 +162,11 @@ pub struct ApplicationLayerL7LogCollectorDaemonSetSpecTemplateSpecContainersReso /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// L7LogCollectorDaemonSetInitContainer is a L7LogCollector DaemonSet init container. @@ -207,6 +212,11 @@ pub struct ApplicationLayerL7LogCollectorDaemonSetSpecTemplateSpecInitContainers /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Specification for application layer (L7) log collection. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/authentications.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/authentications.rs index 353b39d2f..412c55162 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/authentications.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/authentications.rs @@ -32,8 +32,8 @@ pub struct AuthenticationSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub ldap: Option, /// ManagerDomain is the domain name of the Manager - #[serde(default, skip_serializing_if = "Option::is_none", rename = "managerDomain")] - pub manager_domain: Option, + #[serde(rename = "managerDomain")] + pub manager_domain: String, /// OIDC contains the configuration needed to setup OIDC authentication. #[serde(default, skip_serializing_if = "Option::is_none")] pub oidc: Option, @@ -137,6 +137,11 @@ pub struct AuthenticationDexDeploymentSpecTemplateSpecContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// DexDeploymentInitContainer is a Dex Deployment init container. @@ -190,6 +195,11 @@ pub struct AuthenticationDexDeploymentSpecTemplateSpecInitContainersResourcesCla /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LDAP contains the configuration needed to setup LDAP authentication. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/compliances.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/compliances.rs index 3e0180d54..31ecbcc11 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/compliances.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/compliances.rs @@ -127,6 +127,11 @@ pub struct ComplianceComplianceBenchmarkerDaemonSetSpecTemplateSpecContainersRes /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceBenchmarkerDaemonSetInitContainer is a Compliance Benchmarker DaemonSet init container. @@ -180,6 +185,11 @@ pub struct ComplianceComplianceBenchmarkerDaemonSetSpecTemplateSpecInitContainer /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceControllerDeployment configures the Compliance Controller Deployment. @@ -272,6 +282,11 @@ pub struct ComplianceComplianceControllerDeploymentSpecTemplateSpecContainersRes /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceControllerDeploymentInitContainer is a compliance controller Deployment init container. @@ -325,6 +340,11 @@ pub struct ComplianceComplianceControllerDeploymentSpecTemplateSpecInitContainer /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceReporterPodTemplate configures the Compliance Reporter PodTemplate. @@ -409,6 +429,11 @@ pub struct ComplianceComplianceReporterPodTemplateTemplateSpecContainersResource /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceReporterPodTemplateInitContainer is a ComplianceServer Deployment init container. @@ -462,6 +487,11 @@ pub struct ComplianceComplianceReporterPodTemplateTemplateSpecInitContainersReso /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceServerDeployment configures the Compliance Server Deployment. @@ -554,6 +584,11 @@ pub struct ComplianceComplianceServerDeploymentSpecTemplateSpecContainersResourc /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceServerDeploymentInitContainer is a ComplianceServer Deployment init container. @@ -607,6 +642,11 @@ pub struct ComplianceComplianceServerDeploymentSpecTemplateSpecInitContainersRes /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceSnapshotterDeployment configures the Compliance Snapshotter Deployment. @@ -699,6 +739,11 @@ pub struct ComplianceComplianceSnapshotterDeploymentSpecTemplateSpecContainersRe /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ComplianceSnapshotterDeploymentInitContainer is a compliance snapshotter Deployment init container. @@ -752,6 +797,11 @@ pub struct ComplianceComplianceSnapshotterDeploymentSpecTemplateSpecInitContaine /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Most recently observed state for Tigera compliance reporting. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/egressgateways.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/egressgateways.rs index 6ad048228..b0eb32847 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/egressgateways.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/egressgateways.rs @@ -42,7 +42,6 @@ pub struct EgressGatewaySpec { #[serde(rename = "ipPools")] pub ip_pools: Vec, /// LogSeverity defines the logging level of the Egress Gateway. - /// Default: Info #[serde(default, skip_serializing_if = "Option::is_none", rename = "logSeverity")] pub log_severity: Option, /// Replicas defines how many instances of the Egress Gateway pod will run. @@ -147,12 +146,12 @@ pub struct EgressGatewayIpPools { /// EgressGatewaySpec defines the desired state of EgressGateway #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum EgressGatewayLogSeverity { - Trace, - Debug, - Info, - Warn, - Error, Fatal, + Error, + Warn, + Info, + Debug, + Trace, } /// Template describes the EGW Deployment pod that will be created. @@ -426,7 +425,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAffinityPreferredDuringScheduling /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -437,7 +436,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAffinityPreferredDuringScheduling /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -547,7 +546,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAffinityRequiredDuringSchedulingI /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -558,7 +557,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAffinityRequiredDuringSchedulingI /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -699,7 +698,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -710,7 +709,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -820,7 +819,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedul /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -831,7 +830,7 @@ pub struct EgressGatewayTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedul /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -974,6 +973,11 @@ pub struct EgressGatewayTemplateSpecContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// EGWDeploymentInitContainer is a Egress Gateway Deployment init container. @@ -1029,6 +1033,11 @@ pub struct EgressGatewayTemplateSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/imagesets.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/imagesets.rs index 0d51699bf..4366c2a4e 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/imagesets.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/imagesets.rs @@ -29,8 +29,11 @@ pub struct ImageSetImages { pub digest: String, /// Image is an image that the operator deploys and instead of using the built in tag /// the operator will use the Digest for the image identifier. - /// The value should be the image name without registry or tag or digest. + /// The value should be the *original* image name without registry or tag or digest. /// For the image `docker.io/calico/node:v3.17.1` it should be represented as `calico/node` + /// The "Installation" spec allows defining custom image registries, paths or prefixes. + /// Even for custom images such as example.com/custompath/customprefix-calico-node:v3.17.1, + /// this value should still be `calico/node`. pub image: String, } diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs index cf0692cde..c73ba13eb 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/installations.rs @@ -20,6 +20,9 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct InstallationSpec { + /// Azure is used to configure azure provider specific options. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub azure: Option, /// CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in /// conjunction with the deprecated ComponentResources, then these overrides take precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "calicoKubeControllersDeployment")] @@ -126,6 +129,11 @@ pub struct InstallationSpec { /// NonPrivileged configures Calico to be run in non-privileged containers as non-root users where possible. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nonPrivileged")] pub non_privileged: Option, + /// Proxy is used to configure the HTTP(S) proxy settings that will be applied to Tigera containers that connect + /// to destinations outside the cluster. It is expected that NO_PROXY is configured such that destinations within + /// the cluster (including the API server) are exempt from proxying. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub proxy: Option, /// Registry is the default Docker registry used for component Docker images. /// If specified then the given value must end with a slash character (`/`) and all images will be pulled from this registry. /// If not specified then the default registries will be used. A special case value, UseDefault, is @@ -158,6 +166,24 @@ pub struct InstallationSpec { pub windows_nodes: Option, } +/// Azure is used to configure azure provider specific options. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstallationAzure { + /// PolicyMode determines whether the "control-plane" label is applied to namespaces. It offers two options: Default and Manual. + /// The Default option adds the "control-plane" label to the required namespaces. + /// The Manual option does not apply the "control-plane" label to any namespace. + /// Default: Default + #[serde(default, skip_serializing_if = "Option::is_none", rename = "policyMode")] + pub policy_mode: Option, +} + +/// Azure is used to configure azure provider specific options. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum InstallationAzurePolicyMode { + Default, + Manual, +} + /// CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in /// conjunction with the deprecated ComponentResources, then these overrides take precedence. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -468,7 +494,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -479,7 +505,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -589,7 +615,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -600,7 +626,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -741,7 +767,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -752,7 +778,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -862,7 +888,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -873,7 +899,7 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecAffinityPo /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1018,6 +1044,11 @@ pub struct InstallationCalicoKubeControllersDeploymentSpecTemplateSpecContainers /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -1140,6 +1171,9 @@ pub struct InstallationCalicoNetworkIpPools { /// ["Tunnel", "Workload"] for back-compatibility #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedUses")] pub allowed_uses: Option>, + /// AssignmentMode determines if IP addresses from this pool should be assigned automatically or on request only + #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignmentMode")] + pub assignment_mode: Option, /// BlockSize specifies the CIDR prefex length to use when allocating per-node IP blocks from /// the main IP pool CIDR. /// Default: 26 (IPv4), 122 (IPv6) @@ -1619,7 +1653,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAffinityPre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1630,7 +1664,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAffinityPre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1740,7 +1774,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAffinityReq /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1751,7 +1785,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAffinityReq /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1892,7 +1926,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1903,7 +1937,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2013,7 +2047,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2024,7 +2058,7 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecAffinityPodAntiAffinit /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2167,6 +2201,11 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecContainersResourcesCla /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// CalicoNodeDaemonSetInitContainer is a calico-node DaemonSet init container. @@ -2232,6 +2271,11 @@ pub struct InstallationCalicoNodeDaemonSetSpecTemplateSpecInitContainersResource /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -2575,7 +2619,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2586,7 +2630,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2696,7 +2740,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2707,7 +2751,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2848,7 +2892,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAnti /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2859,7 +2903,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAnti /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2969,7 +3013,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAnti /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2980,7 +3024,7 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecAffinityPodAnti /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3123,6 +3167,11 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecContainersResou /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// CalicoNodeWindowsDaemonSetInitContainer is a calico-node-windows DaemonSet init container. @@ -3188,6 +3237,11 @@ pub struct InstallationCalicoNodeWindowsDaemonSetSpecTemplateSpecInitContainersR /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -3527,7 +3581,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3538,7 +3592,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3648,7 +3702,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3659,7 +3713,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3800,7 +3854,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3811,7 +3865,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3921,7 +3975,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3932,7 +3986,7 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4072,6 +4126,11 @@ pub struct InstallationCalicoWindowsUpgradeDaemonSetSpecTemplateSpecContainersRe /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -4281,6 +4340,11 @@ pub struct InstallationComponentResourcesResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -4619,7 +4683,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -4630,7 +4694,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4740,7 +4804,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -4751,7 +4815,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4892,7 +4956,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAntiAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -4903,7 +4967,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAntiAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5013,7 +5077,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAntiAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -5024,7 +5088,7 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecAffinityPodAntiAffi /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5169,6 +5233,11 @@ pub struct InstallationCsiNodeDriverDaemonSetSpecTemplateSpecContainersResources /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -5216,9 +5285,7 @@ pub struct InstallationImagePullSecrets { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5272,8 +5339,8 @@ pub struct InstallationLoggingCni { pub enum InstallationLoggingCniLogSeverity { Error, Warning, - Debug, Info, + Debug, } /// NodeUpdateStrategy can be used to customize the desired update strategy, such as the MaxUnavailable @@ -5281,10 +5348,6 @@ pub enum InstallationLoggingCniLogSeverity { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstallationNodeUpdateStrategy { /// Rolling update config params. Present only if type = "RollingUpdate". - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. Same as Deployment `strategy.rollingUpdate`. - /// See https://github.com/kubernetes/kubernetes/issues/35345 #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate. @@ -5293,10 +5356,6 @@ pub struct InstallationNodeUpdateStrategy { } /// Rolling update config params. Present only if type = "RollingUpdate". -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. Same as Deployment `strategy.rollingUpdate`. -/// See https://github.com/kubernetes/kubernetes/issues/35345 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstallationNodeUpdateStrategyRollingUpdate { /// The maximum number of nodes with an existing available DaemonSet pod that @@ -5337,6 +5396,26 @@ pub struct InstallationNodeUpdateStrategyRollingUpdate { pub max_unavailable: Option, } +/// Proxy is used to configure the HTTP(S) proxy settings that will be applied to Tigera containers that connect +/// to destinations outside the cluster. It is expected that NO_PROXY is configured such that destinations within +/// the cluster (including the API server) are exempt from proxying. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstallationProxy { + /// HTTPProxy defines the value of the HTTP_PROXY environment variable that will be set on Tigera containers that connect to + /// destinations outside the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpProxy")] + pub http_proxy: Option, + /// HTTPSProxy defines the value of the HTTPS_PROXY environment variable that will be set on Tigera containers that connect to + /// destinations outside the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsProxy")] + pub https_proxy: Option, + /// NoProxy defines the value of the NO_PROXY environment variable that will be set on Tigera containers that connect to + /// destinations outside the cluster. This value must be set such that destinations within the scope of the cluster, including + /// the Kubernetes API server, are exempt from being proxied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, +} + /// Deprecated. Please use Installation.Spec.TyphaDeployment instead. /// TyphaAffinity allows configuration of node affinity characteristics for Typha pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -5869,7 +5948,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAffinityPreferr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -5880,7 +5959,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAffinityPreferr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5990,7 +6069,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAffinityRequire /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -6001,7 +6080,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAffinityRequire /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6142,7 +6221,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -6153,7 +6232,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAntiAffinityPre /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6263,7 +6342,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAntiAffinityReq /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -6274,7 +6353,7 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecAffinityPodAntiAffinityReq /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -6417,6 +6496,11 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// TyphaDeploymentInitContainer is a typha Deployment init container. @@ -6472,6 +6556,11 @@ pub struct InstallationTyphaDeploymentSpecTemplateSpecInitContainersResourcesCla /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -6711,6 +6800,9 @@ pub struct InstallationStatus { /// Computed is the final installation including overlaid resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstallationStatusComputed { + /// Azure is used to configure azure provider specific options. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub azure: Option, /// CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in /// conjunction with the deprecated ComponentResources, then these overrides take precedence. #[serde(default, skip_serializing_if = "Option::is_none", rename = "calicoKubeControllersDeployment")] @@ -6817,6 +6909,11 @@ pub struct InstallationStatusComputed { /// NonPrivileged configures Calico to be run in non-privileged containers as non-root users where possible. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nonPrivileged")] pub non_privileged: Option, + /// Proxy is used to configure the HTTP(S) proxy settings that will be applied to Tigera containers that connect + /// to destinations outside the cluster. It is expected that NO_PROXY is configured such that destinations within + /// the cluster (including the API server) are exempt from proxying. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub proxy: Option, /// Registry is the default Docker registry used for component Docker images. /// If specified then the given value must end with a slash character (`/`) and all images will be pulled from this registry. /// If not specified then the default registries will be used. A special case value, UseDefault, is @@ -6849,6 +6946,24 @@ pub struct InstallationStatusComputed { pub windows_nodes: Option, } +/// Azure is used to configure azure provider specific options. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstallationStatusComputedAzure { + /// PolicyMode determines whether the "control-plane" label is applied to namespaces. It offers two options: Default and Manual. + /// The Default option adds the "control-plane" label to the required namespaces. + /// The Manual option does not apply the "control-plane" label to any namespace. + /// Default: Default + #[serde(default, skip_serializing_if = "Option::is_none", rename = "policyMode")] + pub policy_mode: Option, +} + +/// Azure is used to configure azure provider specific options. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum InstallationStatusComputedAzurePolicyMode { + Default, + Manual, +} + /// CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in /// conjunction with the deprecated ComponentResources, then these overrides take precedence. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -7159,7 +7274,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7170,7 +7285,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7280,7 +7395,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7291,7 +7406,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7432,7 +7547,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7443,7 +7558,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7553,7 +7668,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7564,7 +7679,7 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7709,6 +7824,11 @@ pub struct InstallationStatusComputedCalicoKubeControllersDeploymentSpecTemplate /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -7831,6 +7951,9 @@ pub struct InstallationStatusComputedCalicoNetworkIpPools { /// ["Tunnel", "Workload"] for back-compatibility #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedUses")] pub allowed_uses: Option>, + /// AssignmentMode determines if IP addresses from this pool should be assigned automatically or on request only + #[serde(default, skip_serializing_if = "Option::is_none", rename = "assignmentMode")] + pub assignment_mode: Option, /// BlockSize specifies the CIDR prefex length to use when allocating per-node IP blocks from /// the main IP pool CIDR. /// Default: 26 (IPv4), 122 (IPv6) @@ -8310,7 +8433,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -8321,7 +8444,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -8431,7 +8554,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -8442,7 +8565,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -8583,7 +8706,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -8594,7 +8717,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -8704,7 +8827,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -8715,7 +8838,7 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecAffinity /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -8858,6 +8981,11 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecContaine /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// CalicoNodeDaemonSetInitContainer is a calico-node DaemonSet init container. @@ -8923,6 +9051,11 @@ pub struct InstallationStatusComputedCalicoNodeDaemonSetSpecTemplateSpecInitCont /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -9266,7 +9399,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9277,7 +9410,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9387,7 +9520,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9398,7 +9531,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9539,7 +9672,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9550,7 +9683,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9660,7 +9793,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -9671,7 +9804,7 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -9814,6 +9947,11 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecC /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// CalicoNodeWindowsDaemonSetInitContainer is a calico-node-windows DaemonSet init container. @@ -9879,6 +10017,11 @@ pub struct InstallationStatusComputedCalicoNodeWindowsDaemonSetSpecTemplateSpecI /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -10218,7 +10361,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -10229,7 +10372,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -10339,7 +10482,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -10350,7 +10493,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -10491,7 +10634,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -10502,7 +10645,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -10612,7 +10755,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -10623,7 +10766,7 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -10763,6 +10906,11 @@ pub struct InstallationStatusComputedCalicoWindowsUpgradeDaemonSetSpecTemplateSp /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -10972,6 +11120,11 @@ pub struct InstallationStatusComputedComponentResourcesResourceRequirementsClaim /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -11310,7 +11463,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -11321,7 +11474,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -11431,7 +11584,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -11442,7 +11595,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -11583,7 +11736,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -11594,7 +11747,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -11704,7 +11857,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -11715,7 +11868,7 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecAffin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -11860,6 +12013,11 @@ pub struct InstallationStatusComputedCsiNodeDriverDaemonSetSpecTemplateSpecConta /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -11907,9 +12065,7 @@ pub struct InstallationStatusComputedImagePullSecrets { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -11963,8 +12119,8 @@ pub struct InstallationStatusComputedLoggingCni { pub enum InstallationStatusComputedLoggingCniLogSeverity { Error, Warning, - Debug, Info, + Debug, } /// NodeUpdateStrategy can be used to customize the desired update strategy, such as the MaxUnavailable @@ -11972,10 +12128,6 @@ pub enum InstallationStatusComputedLoggingCniLogSeverity { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstallationStatusComputedNodeUpdateStrategy { /// Rolling update config params. Present only if type = "RollingUpdate". - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. Same as Deployment `strategy.rollingUpdate`. - /// See https://github.com/kubernetes/kubernetes/issues/35345 #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate. @@ -11984,10 +12136,6 @@ pub struct InstallationStatusComputedNodeUpdateStrategy { } /// Rolling update config params. Present only if type = "RollingUpdate". -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. Same as Deployment `strategy.rollingUpdate`. -/// See https://github.com/kubernetes/kubernetes/issues/35345 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstallationStatusComputedNodeUpdateStrategyRollingUpdate { /// The maximum number of nodes with an existing available DaemonSet pod that @@ -12028,6 +12176,26 @@ pub struct InstallationStatusComputedNodeUpdateStrategyRollingUpdate { pub max_unavailable: Option, } +/// Proxy is used to configure the HTTP(S) proxy settings that will be applied to Tigera containers that connect +/// to destinations outside the cluster. It is expected that NO_PROXY is configured such that destinations within +/// the cluster (including the API server) are exempt from proxying. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstallationStatusComputedProxy { + /// HTTPProxy defines the value of the HTTP_PROXY environment variable that will be set on Tigera containers that connect to + /// destinations outside the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpProxy")] + pub http_proxy: Option, + /// HTTPSProxy defines the value of the HTTPS_PROXY environment variable that will be set on Tigera containers that connect to + /// destinations outside the cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpsProxy")] + pub https_proxy: Option, + /// NoProxy defines the value of the NO_PROXY environment variable that will be set on Tigera containers that connect to + /// destinations outside the cluster. This value must be set such that destinations within the scope of the cluster, including + /// the Kubernetes API server, are exempt from being proxied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, +} + /// Deprecated. Please use Installation.Spec.TyphaDeployment instead. /// TyphaAffinity allows configuration of node affinity characteristics for Typha pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -12560,7 +12728,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -12571,7 +12739,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12681,7 +12849,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -12692,7 +12860,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12833,7 +13001,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -12844,7 +13012,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -12954,7 +13122,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -12965,7 +13133,7 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecAffinityPodA /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -13108,6 +13276,11 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecContainersRe /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// TyphaDeploymentInitContainer is a typha Deployment init container. @@ -13163,6 +13336,11 @@ pub struct InstallationStatusComputedTyphaDeploymentSpecTemplateSpecInitContaine /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/intrusiondetections.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/intrusiondetections.rs index bda74c0a1..650437269 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/intrusiondetections.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/intrusiondetections.rs @@ -89,6 +89,11 @@ pub struct IntrusionDetectionComponentResourcesResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// DeepPacketInspectionDaemonset configures the DPI Daemonset @@ -173,6 +178,11 @@ pub struct IntrusionDetectionDeepPacketInspectionDaemonsetSpecTemplateSpecInitCo /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// IntrusionDetectionControllerDeployment configures the IntrusionDetection Controller Deployment. @@ -267,6 +277,11 @@ pub struct IntrusionDetectionIntrusionDetectionControllerDeploymentSpecTemplateS /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// IntrusionDetectionControllerDeploymentInitContainer is a IntrusionDetectionController Deployment init container. @@ -320,6 +335,11 @@ pub struct IntrusionDetectionIntrusionDetectionControllerDeploymentSpecTemplateS /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Most recently observed state for Tigera intrusion detection. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/logcollectors.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/logcollectors.rs index ef1d3f59d..7ae49b2db 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/logcollectors.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/logcollectors.rs @@ -230,6 +230,11 @@ pub struct LogCollectorEksLogForwarderDeploymentSpecTemplateSpecContainersResour /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// EKSLogForwarderDeploymentInitContainer is a EKSLogForwarder Deployment init container. @@ -283,6 +288,11 @@ pub struct LogCollectorEksLogForwarderDeploymentSpecTemplateSpecInitContainersRe /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// FluentdDaemonSet configures the Fluentd DaemonSet. @@ -375,6 +385,11 @@ pub struct LogCollectorFluentdDaemonSetSpecTemplateSpecContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// FluentdDaemonSetInitContainer is a Fluentd DaemonSet init container. @@ -428,6 +443,11 @@ pub struct LogCollectorFluentdDaemonSetSpecTemplateSpecInitContainersResourcesCl /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Most recently observed state for Tigera log collection. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/logstorages.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/logstorages.rs index 087bcfdb3..fe244c574 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/logstorages.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/logstorages.rs @@ -36,6 +36,9 @@ pub struct LogStorageSpec { /// ElasticsearchMetricsDeployment configures the tigera-elasticsearch-metric Deployment. #[serde(default, skip_serializing_if = "Option::is_none", rename = "elasticsearchMetricsDeployment")] pub elasticsearch_metrics_deployment: Option, + /// ESGatewayDeployment configures the es-gateway Deployment. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "esGatewayDeployment")] + pub es_gateway_deployment: Option, /// Index defines the configuration for the indices in the Elasticsearch cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub indices: Option, @@ -108,6 +111,11 @@ pub struct LogStorageComponentResourcesResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ECKOperatorStatefulSet configures the ECKOperator StatefulSet. If used in conjunction with the deprecated @@ -201,6 +209,11 @@ pub struct LogStorageEckOperatorStatefulSetSpecTemplateSpecContainersResourcesCl /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ECKOperatorStatefulSetInitContainer is a ECKOperator StatefulSet init container. @@ -246,6 +259,11 @@ pub struct LogStorageEckOperatorStatefulSetSpecTemplateSpecInitContainersResourc /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ElasticsearchMetricsDeployment configures the tigera-elasticsearch-metric Deployment. @@ -338,6 +356,11 @@ pub struct LogStorageElasticsearchMetricsDeploymentSpecTemplateSpecContainersRes /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ElasticsearchMetricsDeploymentInitContainer is a ElasticsearchMetricsDeployment init container. @@ -391,6 +414,166 @@ pub struct LogStorageElasticsearchMetricsDeploymentSpecTemplateSpecInitContainer /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, +} + +/// ESGatewayDeployment configures the es-gateway Deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeployment { + /// Spec is the specification of the es-gateway Deployment. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// Spec is the specification of the es-gateway Deployment. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpec { + /// Template describes the es-gateway Deployment pod that will be created. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub template: Option, +} + +/// Template describes the es-gateway Deployment pod that will be created. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplate { + /// Spec is the es-gateway Deployment's PodSpec. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// Spec is the es-gateway Deployment's PodSpec. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplateSpec { + /// Containers is a list of es-gateway containers. + /// If specified, this overrides the specified es-gateway Deployment containers. + /// If omitted, the es-gateway Deployment will use its default values for its containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub containers: Option>, + /// InitContainers is a list of es-gateway init containers. + /// If specified, this overrides the specified es-gateway Deployment init containers. + /// If omitted, the es-gateway Deployment will use its default values for its init containers. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] + pub init_containers: Option>, +} + +/// ESGatewayDeploymentContainer is a es-gateway Deployment container. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplateSpecContainers { + /// Name is an enum which identifies the es-gateway Deployment container by name. + /// Supported values are: tigera-secure-es-gateway + pub name: LogStorageEsGatewayDeploymentSpecTemplateSpecContainersName, + /// Resources allows customization of limits and requests for compute resources such as cpu and memory. + /// If specified, this overrides the named es-gateway Deployment container's resources. + /// If omitted, the es-gateway Deployment will use its default value for this container's resources. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// ESGatewayDeploymentContainer is a es-gateway Deployment container. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum LogStorageEsGatewayDeploymentSpecTemplateSpecContainersName { + #[serde(rename = "tigera-secure-es-gateway")] + TigeraSecureEsGateway, +} + +/// Resources allows customization of limits and requests for compute resources such as cpu and memory. +/// If specified, this overrides the named es-gateway Deployment container's resources. +/// If omitted, the es-gateway Deployment will use its default value for this container's resources. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplateSpecContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplateSpecContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, +} + +/// ESGatewayDeploymentInitContainer is a es-gateway Deployment init container. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplateSpecInitContainers { + /// Name is an enum which identifies the es-gateway Deployment init container by name. + /// Supported values are: tigera-secure-elasticsearch-cert-key-cert-provisioner + pub name: LogStorageEsGatewayDeploymentSpecTemplateSpecInitContainersName, + /// Resources allows customization of limits and requests for compute resources such as cpu and memory. + /// If specified, this overrides the named es-gateway Deployment init container's resources. + /// If omitted, the es-gateway Deployment will use its default value for this init container's resources. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, +} + +/// ESGatewayDeploymentInitContainer is a es-gateway Deployment init container. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum LogStorageEsGatewayDeploymentSpecTemplateSpecInitContainersName { + #[serde(rename = "tigera-secure-elasticsearch-cert-key-cert-provisioner")] + TigeraSecureElasticsearchCertKeyCertProvisioner, +} + +/// Resources allows customization of limits and requests for compute resources such as cpu and memory. +/// If specified, this overrides the named es-gateway Deployment init container's resources. +/// If omitted, the es-gateway Deployment will use its default value for this init container's resources. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplateSpecInitContainersResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct LogStorageEsGatewayDeploymentSpecTemplateSpecInitContainersResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Index defines the configuration for the indices in the Elasticsearch cluster. @@ -491,6 +674,11 @@ pub struct LogStorageKibanaSpecTemplateSpecContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// KibanaInitContainer is a Kibana init container. @@ -546,6 +734,11 @@ pub struct LogStorageKibanaSpecTemplateSpecInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LinseedDeployment configures the linseed Deployment. @@ -638,6 +831,11 @@ pub struct LogStorageLinseedDeploymentSpecTemplateSpecContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LinseedDeploymentInitContainer is a linseed Deployment init container. @@ -693,6 +891,11 @@ pub struct LogStorageLinseedDeploymentSpecTemplateSpecInitContainersResourcesCla /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Nodes defines the configuration for a set of identical Elasticsearch cluster nodes, each of type master, data, and ingest. @@ -759,6 +962,11 @@ pub struct LogStorageNodesResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Retention defines how long data is retained in the Elasticsearch cluster before it is cleared. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/managementclusterconnections.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/managementclusterconnections.rs index 3819b1a28..e57b88782 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/managementclusterconnections.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/managementclusterconnections.rs @@ -122,6 +122,11 @@ pub struct ManagementClusterConnectionGuardianDeploymentSpecTemplateSpecContaine /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// GuardianDeploymentInitContainer is a guardian Deployment init container. @@ -167,6 +172,11 @@ pub struct ManagementClusterConnectionGuardianDeploymentSpecTemplateSpecInitCont /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// TLS provides options for configuring how Managed Clusters can establish an mTLS connection with the Management Cluster. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/managers.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/managers.rs index 27c08393c..12b8e4d4d 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/managers.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/managers.rs @@ -121,6 +121,11 @@ pub struct ManagerManagerDeploymentSpecTemplateSpecContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ManagerDeploymentInitContainer is a Manager Deployment init container. @@ -180,6 +185,11 @@ pub struct ManagerManagerDeploymentSpecTemplateSpecInitContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Most recently observed state for the Calico Enterprise manager. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/monitors.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/monitors.rs index effad6dd5..53aa10614 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/monitors.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/monitors.rs @@ -78,6 +78,11 @@ pub struct MonitorAlertManagerSpecResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// ExternalPrometheus optionally configures integration with an external Prometheus for scraping Calico metrics. When @@ -163,9 +168,7 @@ pub struct MonitorExternalPrometheusServiceMonitorEndpointsBearerTokenSecret { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -421,6 +424,11 @@ pub struct MonitorPrometheusSpecCommonPrometheusFieldsContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Define resources requests and limits for single Pods. @@ -452,6 +460,11 @@ pub struct MonitorPrometheusSpecCommonPrometheusFieldsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// MonitorStatus defines the observed state of Tigera monitor. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/policyrecommendations.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/policyrecommendations.rs index 0eefe40d7..bba4a15bc 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/policyrecommendations.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/policyrecommendations.rs @@ -115,6 +115,11 @@ pub struct PolicyRecommendationPolicyRecommendationDeploymentSpecTemplateSpecCon /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// PolicyRecommendationDeploymentInitContainer is a PolicyRecommendation Deployment init container. @@ -167,6 +172,11 @@ pub struct PolicyRecommendationPolicyRecommendationDeploymentSpecTemplateSpecIni /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// PolicyRecommendationStatus defines the observed state of Tigera policy recommendation. diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs index 9cf1202ec..6d53d9171 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/tenants.rs @@ -33,8 +33,7 @@ pub struct TenantSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "esKubeControllerDeployment")] pub es_kube_controller_deployment: Option, /// ID is the unique identifier for this tenant. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub id: Option, + pub id: String, /// Indices defines the how to store a tenant's data pub indices: Vec, /// LinseedDeployment configures the linseed Deployment. @@ -130,6 +129,11 @@ pub struct TenantDashboardsJobSpecTemplateSpecContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Elastic configures per-tenant ElasticSearch and Kibana parameters. @@ -452,7 +456,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -463,7 +467,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityPr /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -573,7 +577,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityRe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -584,7 +588,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAffinityRe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -725,7 +729,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffini /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -736,7 +740,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffini /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -846,7 +850,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffini /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -857,7 +861,7 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecAffinityPodAntiAffini /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1002,6 +1006,11 @@ pub struct TenantEsKubeControllerDeploymentSpecTemplateSpecContainersResourcesCl /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The pod this Toleration is attached to tolerates any taint that matches @@ -1159,6 +1168,11 @@ pub struct TenantLinseedDeploymentSpecTemplateSpecContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LinseedDeploymentInitContainer is a linseed Deployment init container. @@ -1214,6 +1228,11 @@ pub struct TenantLinseedDeploymentSpecTemplateSpecInitContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/operator_tigera_io/v1/tlsterminatedroutes.rs b/kube-custom-resources-rs/src/operator_tigera_io/v1/tlsterminatedroutes.rs index 90bef1da8..bf456acc1 100644 --- a/kube-custom-resources-rs/src/operator_tigera_io/v1/tlsterminatedroutes.rs +++ b/kube-custom-resources-rs/src/operator_tigera_io/v1/tlsterminatedroutes.rs @@ -17,8 +17,8 @@ use self::prelude::*; pub struct TLSTerminatedRouteSpec { /// CABundle is where we read the CA bundle from to authenticate the /// destination (if non-empty) - #[serde(default, skip_serializing_if = "Option::is_none", rename = "caBundle")] - pub ca_bundle: Option, + #[serde(rename = "caBundle")] + pub ca_bundle: TLSTerminatedRouteCaBundle, /// Destination is the destination URL where matching traffic is routed to. pub destination: String, /// ForwardingMTLSCert is the certificate used for mTLS between voltron and the destination. Either both ForwardingMTLSCert @@ -50,9 +50,7 @@ pub struct TLSTerminatedRouteCaBundle { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -70,9 +68,7 @@ pub struct TLSTerminatedRouteMtlsCert { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -90,9 +86,7 @@ pub struct TLSTerminatedRouteMtlsKey { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmalertmanagerconfigs.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmalertmanagerconfigs.rs index 10df3019a..adace2051 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmalertmanagerconfigs.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmalertmanagerconfigs.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -1993,6 +1994,9 @@ pub struct VMAlertmanagerConfigReceiversTelegramConfigs { /// Message is templated message #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, + /// MessageThreadID defines ID of the message thread where to send the messages. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message_thread_id: Option, /// ParseMode for telegram message, /// supported values are MarkdownV2, Markdown, Markdown and empty string for plain text. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -3331,16 +3335,20 @@ pub struct VMAlertmanagerConfigTimeIntervalsTimeIntervalsTimes { /// VMAlertmanagerConfigStatus defines the observed state of VMAlertmanagerConfig #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMAlertmanagerConfigStatus { + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastErrorParentAlertmanagerName")] pub last_error_parent_alertmanager_name: Option, - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// LastSyncErrorTimestamp defines time when error occured - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncErrorTimestamp")] - pub last_sync_error_timestamp: Option, - /// Status defines CRD processing status - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmnodescrapes.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmnodescrapes.rs index 6c043dfb0..ce5484f2c 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmnodescrapes.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmnodescrapes.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -404,6 +405,10 @@ pub enum VMNodeScrapeScheme { Http, #[serde(rename = "https")] Https, + #[serde(rename = "HTTPS")] + HttpsX, + #[serde(rename = "HTTP")] + HttpX, } /// Selector to select kubernetes Nodes. @@ -831,11 +836,18 @@ pub struct VMNodeScrapeVmScrapeParamsProxyClientConfigTlsConfigKeySecret { /// ScrapeObjectStatus defines the observed state of ScrapeObjects #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMNodeScrapeStatus { - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines update status of resource - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmpodscrapes.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmpodscrapes.rs index 1084e1b58..3ec9971fc 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmpodscrapes.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmpodscrapes.rs @@ -8,6 +8,7 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -468,6 +469,10 @@ pub enum VMPodScrapePodMetricsEndpointsScheme { Http, #[serde(rename = "https")] Https, + #[serde(rename = "HTTPS")] + HttpsX, + #[serde(rename = "HTTP")] + HttpX, } /// TLSConfig configuration to use when scraping the endpoint @@ -895,11 +900,18 @@ pub struct VMPodScrapeSelectorMatchExpressions { /// ScrapeObjectStatus defines the observed state of ScrapeObjects #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMPodScrapeStatus { - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines update status of resource - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmprobes.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmprobes.rs index 5ed4d38ad..579718b24 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmprobes.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmprobes.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -350,6 +351,10 @@ pub enum VMProbeScheme { Http, #[serde(rename = "https")] Https, + #[serde(rename = "HTTPS")] + HttpsX, + #[serde(rename = "HTTP")] + HttpX, } /// Targets defines a set of static and/or dynamically discovered targets to be probed using the prober. @@ -961,11 +966,18 @@ pub struct VMProbeVmScrapeParamsProxyClientConfigTlsConfigKeySecret { /// ScrapeObjectStatus defines the observed state of ScrapeObjects #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMProbeStatus { - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines update status of resource - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmrules.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmrules.rs index 356f1013a..b28430148 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmrules.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmrules.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -91,7 +92,7 @@ pub struct VMRuleGroups { #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, /// Type defines datasource type for enterprise version of vmalert - /// possible values - prometheus,graphite + /// possible values - prometheus,graphite,vlogs #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -136,11 +137,18 @@ pub struct VMRuleGroupsRules { /// VMRuleStatus defines the observed state of VMRule #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMRuleStatus { - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines CRD processing status - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmscrapeconfigs.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmscrapeconfigs.rs index 0527417b2..539633ed7 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmscrapeconfigs.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmscrapeconfigs.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -301,6 +302,10 @@ pub struct VMScrapeConfigConsulSdConfigs { /// Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter. #[serde(default, skip_serializing_if = "Option::is_none")] pub datacenter: Option, + /// Filter defines filter for /v1/catalog/services requests + /// See https://developer.hashicorp.com/consul/api-docs/features/filtering + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filter: Option, /// Configure whether HTTP requests follow HTTP 3xx redirects. /// If unset, use its default value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "followRedirects")] @@ -1535,7 +1540,7 @@ pub struct VMScrapeConfigGceSdConfigs { #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagSeparator")] pub tag_separator: Option, /// The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs. - pub zone: String, + pub zone: serde_json::Value, } /// HTTPSDConfig defines a HTTP service discovery configuration. @@ -3075,6 +3080,10 @@ pub enum VMScrapeConfigScheme { Http, #[serde(rename = "https")] Https, + #[serde(rename = "HTTPS")] + HttpsX, + #[serde(rename = "HTTP")] + HttpX, } /// StaticConfig defines a static configuration. @@ -3484,11 +3493,18 @@ pub struct VMScrapeConfigVmScrapeParamsProxyClientConfigTlsConfigKeySecret { /// ScrapeObjectStatus defines the observed state of ScrapeObjects #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMScrapeConfigStatus { - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines update status of resource - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmservicescrapes.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmservicescrapes.rs index 935d07a2e..1325a87a7 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmservicescrapes.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmservicescrapes.rs @@ -8,6 +8,7 @@ mod prelude { pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -471,6 +472,10 @@ pub enum VMServiceScrapeEndpointsScheme { Http, #[serde(rename = "https")] Https, + #[serde(rename = "HTTPS")] + HttpsX, + #[serde(rename = "HTTP")] + HttpX, } /// TLSConfig configuration to use when scraping the endpoint @@ -910,11 +915,18 @@ pub struct VMServiceScrapeSelectorMatchExpressions { /// ScrapeObjectStatus defines the observed state of ScrapeObjects #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMServiceScrapeStatus { - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines update status of resource - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmstaticscrapes.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmstaticscrapes.rs index 22486b0ed..f3992c37e 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmstaticscrapes.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmstaticscrapes.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -415,6 +416,10 @@ pub enum VMStaticScrapeTargetEndpointsScheme { Http, #[serde(rename = "https")] Https, + #[serde(rename = "HTTPS")] + HttpsX, + #[serde(rename = "HTTP")] + HttpX, } /// TLSConfig configuration to use when scraping the endpoint @@ -812,11 +817,18 @@ pub struct VMStaticScrapeTargetEndpointsVmScrapeParamsProxyClientConfigTlsConfig /// ScrapeObjectStatus defines the observed state of ScrapeObjects #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMStaticScrapeStatus { - /// LastSyncError contains error message for unsuccessful config generation - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines update status of resource - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmusers.rs b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmusers.rs index d7ff220d3..a21eb1004 100644 --- a/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmusers.rs +++ b/kube-custom-resources-rs/src/operator_victoriametrics_com/v1beta1/vmusers.rs @@ -7,6 +7,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; pub use std::collections::BTreeMap; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -36,6 +37,13 @@ pub struct VMUserSpec { /// See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. #[serde(default, skip_serializing_if = "Option::is_none")] pub drop_src_path_prefix_parts: Option, + /// DumpRequestOnErrors instructs vmauth to return detailed request params to the client + /// if routing rules don't allow to forward request to the backends. + /// Useful for debugging `src_hosts` and `src_headers` based routing rules + /// + /// available since v1.107.0 vmauth version + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dump_request_on_errors: Option, /// GeneratePassword instructs operator to generate password for user /// if spec.password if empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "generatePassword")] @@ -86,7 +94,7 @@ pub struct VMUserSpec { /// TargetRefs - reference to endpoints, which user may access. #[serde(rename = "targetRefs")] pub target_refs: Vec, - /// TLSConfig specifies TLSConfig configuration parameters. + /// TLSConfig defines tls configuration for the backend connection #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, /// TokenRef allows fetching token from user-created secrets by its name and key. @@ -223,6 +231,7 @@ pub enum VMUserTargetRefsCrdKind { VmAlert, #[serde(rename = "VMSingle")] VmSingle, + VLogs, #[serde(rename = "VMAlertManager")] VmAlertManager, #[serde(rename = "VMAlertmanager")] @@ -310,7 +319,7 @@ pub struct VMUserTargetRefsTargetRefBasicAuthUsername { pub optional: Option, } -/// TLSConfig specifies TLSConfig configuration parameters. +/// TLSConfig defines tls configuration for the backend connection #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMUserTlsConfig { /// Stuct containing the CA cert to use for the targets. @@ -466,12 +475,18 @@ pub struct VMUserTokenRef { /// VMUserStatus defines the observed state of VMUser #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct VMUserStatus { - /// LastSyncError contains error message for unsuccessful config generation - /// for given user - #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncError")] - pub last_sync_error: Option, - /// Status defines update status of resource - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, + /// Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ObservedGeneration defines current generation picked by operator for the + /// reconcile + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + /// Reason defines human readable error reason + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reason: Option, + /// UpdateStatus defines a status for update rollout + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStatus")] + pub update_status: Option, } diff --git a/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs b/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs index 11a5bd52f..f9c661484 100644 --- a/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs +++ b/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs @@ -885,7 +885,7 @@ pub struct CheClusterComponentsDevfileRegistryDeploymentTolerations { /// External devfile registries configuration. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CheClusterComponentsDevfileRegistryExternalDevfileRegistries { - /// The public UR of the devfile registry that serves sample ready-to-use devfiles. + /// The public URL of the devfile registry that serves sample ready-to-use devfiles. #[serde(default, skip_serializing_if = "Option::is_none")] pub url: Option, } diff --git a/kube-custom-resources-rs/src/organizations_services_k8s_aws/v1alpha1/organizationalunits.rs b/kube-custom-resources-rs/src/organizations_services_k8s_aws/v1alpha1/organizationalunits.rs index a8ecdb263..18cf61ebe 100644 --- a/kube-custom-resources-rs/src/organizations_services_k8s_aws/v1alpha1/organizationalunits.rs +++ b/kube-custom-resources-rs/src/organizations_services_k8s_aws/v1alpha1/organizationalunits.rs @@ -47,7 +47,7 @@ pub struct OrganizationalUnitSpec { /// about tagging, see Tagging Organizations resources (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) /// in the Organizations User Guide. /// - /// If any one of the tags is invalid or if you exceed the allowed number of + /// If any one of the tags is not valid or if you exceed the allowed number of /// tags for an OU, then the entire request fails and the OU is not created. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, @@ -80,13 +80,14 @@ pub struct OrganizationalUnitStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The unique identifier (ID) associated with this OU. + /// The unique identifier (ID) associated with this OU. The ID is unique to the + /// organization only. /// /// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational /// unit ID string requires "ou-" followed by from 4 to 32 lowercase letters diff --git a/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs b/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs index 38ebb4c0b..68ea5aa56 100644 --- a/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs +++ b/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgclusters.rs @@ -19,6 +19,10 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct PerconaPGClusterSpec { + /// Whether or not the cluster has schemas automatically created for the user + /// defined in `spec.users` for all of the databases listed for that user. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoCreateUserSchema")] + pub auto_create_user_schema: Option, /// PostgreSQL backup configuration pub backups: PerconaPGClusterBackups, /// Version of the operator. Update this to new version after operator @@ -92,6 +96,8 @@ pub struct PerconaPGClusterSpec { /// Run this cluster as a read-only copy of an existing cluster or archive. #[serde(default, skip_serializing_if = "Option::is_none")] pub standby: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsOnly")] + pub tls_only: Option, /// Suspends the rollout and reconciliation of changes made to the /// PostgresCluster spec. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -543,6 +549,8 @@ pub struct PerconaPGClusterBackupsPgbackrestJobs { /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "backoffLimit")] + pub backoff_limit: Option, /// Priority class name for the pgBackRest backup Job pods. /// More info: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] @@ -551,6 +559,12 @@ pub struct PerconaPGClusterBackupsPgbackrestJobs { /// create backups #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, + /// RestartPolicy describes how the container should be restarted. + /// Only one of the following restart policies may be specified. + /// If none of the following policies is specified, the default one + /// is RestartPolicyAlways. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] + pub restart_policy: Option, /// SecurityContext defines the security settings for PGBackRest pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, @@ -1357,6 +1371,31 @@ pub struct PerconaPGClusterBackupsPgbackrestJobsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -2382,6 +2421,31 @@ pub struct PerconaPGClusterBackupsPgbackrestRepoHostSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -6419,7 +6483,8 @@ pub struct PerconaPGClusterExtensions { pub builtin: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub custom: Option>, - pub image: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// PullPolicy describes a policy for if/when to pull a container image #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, @@ -6433,6 +6498,8 @@ pub struct PerconaPGClusterExtensionsBuiltin { pub pg_audit: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub pg_stat_monitor: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pgvector: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -7904,23 +7971,23 @@ pub struct PerconaPGClusterInstancesInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7932,7 +7999,7 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7965,7 +8032,7 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartHttpGetHttpH pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -7973,8 +8040,8 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7997,23 +8064,23 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -8025,7 +8092,7 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -8058,7 +8125,7 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopHttpGetHttpHea pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -8066,8 +8133,8 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -8085,17 +8152,17 @@ pub struct PerconaPGClusterInstancesInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -8110,7 +8177,7 @@ pub struct PerconaPGClusterInstancesInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -8132,7 +8199,7 @@ pub struct PerconaPGClusterInstancesInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -8144,7 +8211,7 @@ pub struct PerconaPGClusterInstancesInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -8157,7 +8224,7 @@ pub struct PerconaPGClusterInstancesInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -8190,7 +8257,7 @@ pub struct PerconaPGClusterInstancesInitContainersLivenessProbeHttpGetHttpHeader pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -8235,17 +8302,17 @@ pub struct PerconaPGClusterInstancesInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -8260,7 +8327,7 @@ pub struct PerconaPGClusterInstancesInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -8282,7 +8349,7 @@ pub struct PerconaPGClusterInstancesInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -8294,7 +8361,7 @@ pub struct PerconaPGClusterInstancesInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -8307,7 +8374,7 @@ pub struct PerconaPGClusterInstancesInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -8340,7 +8407,7 @@ pub struct PerconaPGClusterInstancesInitContainersReadinessProbeHttpGetHttpHeade pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -8603,17 +8670,17 @@ pub struct PerconaPGClusterInstancesInitContainersSecurityContextWindowsOptions /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -8628,7 +8695,7 @@ pub struct PerconaPGClusterInstancesInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -8650,7 +8717,7 @@ pub struct PerconaPGClusterInstancesInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -8662,7 +8729,7 @@ pub struct PerconaPGClusterInstancesInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -8675,7 +8742,7 @@ pub struct PerconaPGClusterInstancesInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -8708,7 +8775,7 @@ pub struct PerconaPGClusterInstancesInitContainersStartupProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -8880,6 +8947,31 @@ pub struct PerconaPGClusterInstancesSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -9361,23 +9453,23 @@ pub struct PerconaPGClusterInstancesSidecarsLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -9389,7 +9481,7 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -9422,7 +9514,7 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartHttpGetHttpHeaders pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -9430,8 +9522,8 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -9454,23 +9546,23 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -9482,7 +9574,7 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -9515,7 +9607,7 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -9523,8 +9615,8 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -9542,17 +9634,17 @@ pub struct PerconaPGClusterInstancesSidecarsLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -9567,7 +9659,7 @@ pub struct PerconaPGClusterInstancesSidecarsLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -9589,7 +9681,7 @@ pub struct PerconaPGClusterInstancesSidecarsLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -9601,7 +9693,7 @@ pub struct PerconaPGClusterInstancesSidecarsLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -9614,7 +9706,7 @@ pub struct PerconaPGClusterInstancesSidecarsLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -9647,7 +9739,7 @@ pub struct PerconaPGClusterInstancesSidecarsLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -9692,17 +9784,17 @@ pub struct PerconaPGClusterInstancesSidecarsPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -9717,7 +9809,7 @@ pub struct PerconaPGClusterInstancesSidecarsReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -9739,7 +9831,7 @@ pub struct PerconaPGClusterInstancesSidecarsReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -9751,7 +9843,7 @@ pub struct PerconaPGClusterInstancesSidecarsReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -9764,7 +9856,7 @@ pub struct PerconaPGClusterInstancesSidecarsReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -9797,7 +9889,7 @@ pub struct PerconaPGClusterInstancesSidecarsReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -10060,17 +10152,17 @@ pub struct PerconaPGClusterInstancesSidecarsSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -10085,7 +10177,7 @@ pub struct PerconaPGClusterInstancesSidecarsStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -10107,7 +10199,7 @@ pub struct PerconaPGClusterInstancesSidecarsStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -10119,7 +10211,7 @@ pub struct PerconaPGClusterInstancesSidecarsStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -10132,7 +10224,7 @@ pub struct PerconaPGClusterInstancesSidecarsStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -10165,7 +10257,7 @@ pub struct PerconaPGClusterInstancesSidecarsStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterInstancesSidecarsStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -12518,6 +12610,31 @@ pub struct PerconaPGClusterProxyPgBouncerSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -12999,23 +13116,23 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -13027,7 +13144,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -13060,7 +13177,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartHttpGetHttpHe pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -13068,8 +13185,8 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -13092,23 +13209,23 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -13120,7 +13237,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -13153,7 +13270,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopHttpGetHttpHead pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -13161,8 +13278,8 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -13180,17 +13297,17 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -13205,7 +13322,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -13227,7 +13344,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -13239,7 +13356,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -13252,7 +13369,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -13285,7 +13402,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -13330,17 +13447,17 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -13355,7 +13472,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -13377,7 +13494,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -13389,7 +13506,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -13402,7 +13519,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -13435,7 +13552,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbeHttpGetHttpHeader pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -13698,17 +13815,17 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -13723,7 +13840,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -13745,7 +13862,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -13757,7 +13874,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -13770,7 +13887,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -13803,7 +13920,7 @@ pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterProxyPgBouncerSidecarsStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -14293,9 +14410,16 @@ pub enum PerconaPGClusterUsersPasswordType { pub struct PerconaPGClusterStatus { #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - pub pgbouncer: PerconaPGClusterStatusPgbouncer, - pub postgres: PerconaPGClusterStatusPostgres, - pub state: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "installedCustomExtensions")] + pub installed_custom_extensions: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "patroniVersion")] + pub patroni_version: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub pgbouncer: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub postgres: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub state: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -14306,9 +14430,14 @@ pub struct PerconaPGClusterStatusPgbouncer { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGClusterStatusPostgres { - pub instances: Vec, - pub ready: i32, - pub size: i32, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub instances: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ready: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub version: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgupgrades.rs b/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgupgrades.rs index c27340eab..8183ea014 100644 --- a/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgupgrades.rs +++ b/kube-custom-resources-rs/src/pgv2_percona_com/v2/perconapgupgrades.rs @@ -1139,23 +1139,23 @@ pub struct PerconaPGUpgradeInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1167,7 +1167,7 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1200,7 +1200,7 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1208,8 +1208,8 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1232,23 +1232,23 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1260,7 +1260,7 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1293,7 +1293,7 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -1301,8 +1301,8 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1320,17 +1320,17 @@ pub struct PerconaPGUpgradeInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1345,7 +1345,7 @@ pub struct PerconaPGUpgradeInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1367,7 +1367,7 @@ pub struct PerconaPGUpgradeInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1379,7 +1379,7 @@ pub struct PerconaPGUpgradeInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1392,7 +1392,7 @@ pub struct PerconaPGUpgradeInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1425,7 +1425,7 @@ pub struct PerconaPGUpgradeInitContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1470,17 +1470,17 @@ pub struct PerconaPGUpgradeInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1495,7 +1495,7 @@ pub struct PerconaPGUpgradeInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1517,7 +1517,7 @@ pub struct PerconaPGUpgradeInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1529,7 +1529,7 @@ pub struct PerconaPGUpgradeInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1542,7 +1542,7 @@ pub struct PerconaPGUpgradeInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1575,7 +1575,7 @@ pub struct PerconaPGUpgradeInitContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1838,17 +1838,17 @@ pub struct PerconaPGUpgradeInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1863,7 +1863,7 @@ pub struct PerconaPGUpgradeInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1885,7 +1885,7 @@ pub struct PerconaPGUpgradeInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1897,7 +1897,7 @@ pub struct PerconaPGUpgradeInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1910,7 +1910,7 @@ pub struct PerconaPGUpgradeInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1943,7 +1943,7 @@ pub struct PerconaPGUpgradeInitContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaPGUpgradeInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. diff --git a/kube-custom-resources-rs/src/pipes_services_k8s_aws/v1alpha1/pipes.rs b/kube-custom-resources-rs/src/pipes_services_k8s_aws/v1alpha1/pipes.rs index 0c8261a63..19f13a52f 100644 --- a/kube-custom-resources-rs/src/pipes_services_k8s_aws/v1alpha1/pipes.rs +++ b/kube-custom-resources-rs/src/pipes_services_k8s_aws/v1alpha1/pipes.rs @@ -52,6 +52,10 @@ pub struct PipeSpec { /// The ARN of the target resource. pub target: String, /// The parameters required to set up a target for your pipe. + /// + /// For more information about pipe target parameters, including how to use dynamic + /// path parameters, see Target parameters (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) + /// in the Amazon EventBridge User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetParameters")] pub target_parameters: Option, } @@ -92,8 +96,12 @@ pub struct PipeSourceParameters { /// The parameters for using a DynamoDB stream as a source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dynamoDBStreamParameters")] pub dynamo_db_stream_parameters: Option, - /// The collection of event patterns used to filter events. For more information, - /// see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) + /// The collection of event patterns used to filter events. + /// + /// To remove a filter, specify a FilterCriteria object with an empty array of + /// Filter objects. + /// + /// For more information, see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) /// in the Amazon EventBridge User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "filterCriteria")] pub filter_criteria: Option, @@ -107,6 +115,13 @@ pub struct PipeSourceParameters { #[serde(default, skip_serializing_if = "Option::is_none", rename = "rabbitMQBrokerParameters")] pub rabbit_mq_broker_parameters: Option, /// The parameters for using a self-managed Apache Kafka stream as a source. + /// + /// A self managed cluster refers to any Apache Kafka cluster not hosted by Amazon + /// Web Services. This includes both clusters you manage yourself, as well as + /// those hosted by a third-party provider, such as Confluent Cloud (https://www.confluent.io/), + /// CloudKarafka (https://www.cloudkarafka.com/), or Redpanda (https://redpanda.com/). + /// For more information, see Apache Kafka streams as a source (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) + /// in the Amazon EventBridge User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "selfManagedKafkaParameters")] pub self_managed_kafka_parameters: Option, /// The parameters for using a Amazon SQS stream as a source. @@ -167,8 +182,12 @@ pub struct PipeSourceParametersDynamoDbStreamParametersDeadLetterConfig { pub arn: Option, } -/// The collection of event patterns used to filter events. For more information, -/// see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) +/// The collection of event patterns used to filter events. +/// +/// To remove a filter, specify a FilterCriteria object with an empty array of +/// Filter objects. +/// +/// For more information, see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) /// in the Amazon EventBridge User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PipeSourceParametersFilterCriteria { @@ -272,6 +291,13 @@ pub struct PipeSourceParametersRabbitMqBrokerParametersCredentials { } /// The parameters for using a self-managed Apache Kafka stream as a source. +/// +/// A self managed cluster refers to any Apache Kafka cluster not hosted by Amazon +/// Web Services. This includes both clusters you manage yourself, as well as +/// those hosted by a third-party provider, such as Confluent Cloud (https://www.confluent.io/), +/// CloudKarafka (https://www.cloudkarafka.com/), or Redpanda (https://redpanda.com/). +/// For more information, see Apache Kafka streams as a source (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) +/// in the Amazon EventBridge User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PipeSourceParametersSelfManagedKafkaParameters { #[serde(default, skip_serializing_if = "Option::is_none", rename = "additionalBootstrapServers")] @@ -337,6 +363,10 @@ pub struct PipeSourceParametersSqsQueueParameters { } /// The parameters required to set up a target for your pipe. +/// +/// For more information about pipe target parameters, including how to use dynamic +/// path parameters, see Target parameters (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) +/// in the Amazon EventBridge User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PipeTargetParameters { /// The parameters for using an Batch job as a target. @@ -357,20 +387,20 @@ pub struct PipeTargetParameters { pub http_parameters: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "inputTemplate")] pub input_template: Option, - /// The parameters for using a Kinesis stream as a source. + /// The parameters for using a Kinesis stream as a target. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kinesisStreamParameters")] pub kinesis_stream_parameters: Option, /// The parameters for using a Lambda function as a target. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lambdaFunctionParameters")] pub lambda_function_parameters: Option, /// These are custom parameters to be used when the target is a Amazon Redshift - /// cluster to invoke the Amazon Redshift Data API ExecuteStatement. + /// cluster to invoke the Amazon Redshift Data API BatchExecuteStatement. #[serde(default, skip_serializing_if = "Option::is_none", rename = "redshiftDataParameters")] pub redshift_data_parameters: Option, /// The parameters for using a SageMaker pipeline as a target. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sageMakerPipelineParameters")] pub sage_maker_pipeline_parameters: Option, - /// The parameters for using a Amazon SQS stream as a source. + /// The parameters for using a Amazon SQS stream as a target. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sqsQueueParameters")] pub sqs_queue_parameters: Option, /// The parameters for using a Step Functions state machine as a target. @@ -745,7 +775,7 @@ pub struct PipeTargetParametersHttpParameters { pub query_string_parameters: Option>, } -/// The parameters for using a Kinesis stream as a source. +/// The parameters for using a Kinesis stream as a target. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PipeTargetParametersKinesisStreamParameters { #[serde(default, skip_serializing_if = "Option::is_none", rename = "partitionKey")] @@ -760,7 +790,7 @@ pub struct PipeTargetParametersLambdaFunctionParameters { } /// These are custom parameters to be used when the target is a Amazon Redshift -/// cluster to invoke the Amazon Redshift Data API ExecuteStatement. +/// cluster to invoke the Amazon Redshift Data API BatchExecuteStatement. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PipeTargetParametersRedshiftDataParameters { /// // Redshift Database @@ -775,7 +805,7 @@ pub struct PipeTargetParametersRedshiftDataParameters { /// // A list of SQLs. #[serde(default, skip_serializing_if = "Option::is_none")] pub sqls: Option>, - /// // A name for Redshift DataAPI statement which can be used as filter of // + /// // A name for Redshift DataAPI statement which can be used as filter of// /// ListStatement. #[serde(default, skip_serializing_if = "Option::is_none", rename = "statementName")] pub statement_name: Option, @@ -800,7 +830,7 @@ pub struct PipeTargetParametersSageMakerPipelineParametersPipelineParameterList pub value: Option, } -/// The parameters for using a Amazon SQS stream as a source. +/// The parameters for using a Amazon SQS stream as a target. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PipeTargetParametersSqsQueueParameters { #[serde(default, skip_serializing_if = "Option::is_none", rename = "messageDeduplicationID")] @@ -824,7 +854,7 @@ pub struct PipeStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/pkg_crossplane_io/v1beta1/locks.rs b/kube-custom-resources-rs/src/pkg_crossplane_io/v1beta1/locks.rs index ed63dd198..248bb8188 100644 --- a/kube-custom-resources-rs/src/pkg_crossplane_io/v1beta1/locks.rs +++ b/kube-custom-resources-rs/src/pkg_crossplane_io/v1beta1/locks.rs @@ -13,16 +13,23 @@ use self::prelude::*; /// LockPackage is a package that is in the lock. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LockPackages { + /// APIVersion of the package. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, /// Dependencies are the list of dependencies of this package. The order of /// the dependencies will dictate the order in which they are resolved. pub dependencies: Vec, + /// Kind of the package (not the kind of the package revision). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, /// Name corresponds to the name of the package revision for this package. pub name: String, /// Source is the OCI image name without a tag or digest. pub source: String, - /// Type is the type of package. Can be either Configuration or Provider. - #[serde(rename = "type")] - pub r#type: String, + /// Type is the type of package. + /// Deprecated: Specify an apiVersion and kind instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, /// Version is the tag or digest of the OCI image. pub version: String, } @@ -30,14 +37,37 @@ pub struct LockPackages { /// A Dependency is a dependency of a package in the lock. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct LockPackagesDependencies { + /// APIVersion of the package. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, /// Constraints is a valid semver range or a digest, which will be used to select a valid /// dependency version. pub constraints: String, + /// Kind of the package (not the kind of the package revision). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, /// Package is the OCI image name without a tag or digest. pub package: String, /// Type is the type of package. Can be either Configuration or Provider. - #[serde(rename = "type")] - pub r#type: String, + /// Deprecated: Specify an apiVersion and kind instead. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// A Dependency is a dependency of a package in the lock. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum LockPackagesDependenciesType { + Configuration, + Provider, + Function, +} + +/// LockPackage is a package that is in the lock. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum LockPackagesType { + Configuration, + Provider, + Function, } /// Status of the Lock. diff --git a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusteroverridepolicies.rs b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusteroverridepolicies.rs index e300e57c1..09e640a0d 100644 --- a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusteroverridepolicies.rs +++ b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusteroverridepolicies.rs @@ -22,7 +22,6 @@ pub struct ClusterOverridePolicySpec { pub override_rules: Option>, /// Overriders represents the override rules that would apply on resources /// - /// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub overriders: Option, @@ -34,7 +33,6 @@ pub struct ClusterOverridePolicySpec { /// that only applies to resources propagated to the matching clusters. /// nil means matching all clusters. /// - /// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetCluster")] pub target_cluster: Option, @@ -90,8 +88,7 @@ pub struct ClusterOverridePolicyOverrideRulesOverridersAnnotationsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -249,7 +246,6 @@ pub struct ClusterOverridePolicyOverrideRulesOverridersImageOverrider { pub operator: ClusterOverridePolicyOverrideRulesOverridersImageOverriderOperator, /// Predicate filters images before applying the rule. /// - /// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -260,7 +256,6 @@ pub struct ClusterOverridePolicyOverrideRulesOverridersImageOverrider { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// - /// /// If not nil, only images matches the filters will be processed. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, @@ -292,7 +287,6 @@ pub enum ClusterOverridePolicyOverrideRulesOverridersImageOverriderOperator { /// Predicate filters images before applying the rule. /// -/// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -303,7 +297,6 @@ pub enum ClusterOverridePolicyOverrideRulesOverridersImageOverriderOperator { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// -/// /// If not nil, only images matches the filters will be processed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOverridePolicyOverrideRulesOverridersImageOverriderPredicate { @@ -320,8 +313,7 @@ pub struct ClusterOverridePolicyOverrideRulesOverridersLabelsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -447,7 +439,6 @@ pub struct ClusterOverridePolicyOverrideRulesTargetClusterLabelSelectorMatchExpr /// Overriders represents the override rules that would apply on resources /// -/// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOverridePolicyOverriders { @@ -486,8 +477,7 @@ pub struct ClusterOverridePolicyOverridersAnnotationsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -645,7 +635,6 @@ pub struct ClusterOverridePolicyOverridersImageOverrider { pub operator: ClusterOverridePolicyOverridersImageOverriderOperator, /// Predicate filters images before applying the rule. /// - /// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -656,7 +645,6 @@ pub struct ClusterOverridePolicyOverridersImageOverrider { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// - /// /// If not nil, only images matches the filters will be processed. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, @@ -688,7 +676,6 @@ pub enum ClusterOverridePolicyOverridersImageOverriderOperator { /// Predicate filters images before applying the rule. /// -/// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -699,7 +686,6 @@ pub enum ClusterOverridePolicyOverridersImageOverriderOperator { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// -/// /// If not nil, only images matches the filters will be processed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOverridePolicyOverridersImageOverriderPredicate { @@ -716,8 +702,7 @@ pub struct ClusterOverridePolicyOverridersLabelsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -815,7 +800,6 @@ pub struct ClusterOverridePolicyResourceSelectorsLabelSelectorMatchExpressions { /// that only applies to resources propagated to the matching clusters. /// nil means matching all clusters. /// -/// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterOverridePolicyTargetCluster { diff --git a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs index 77a504e03..d2484efdc 100644 --- a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs +++ b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs @@ -20,12 +20,10 @@ pub struct ClusterPropagationPolicySpec { /// ActivationPreference indicates how the referencing resource template will /// be propagated, in case of policy changes. /// - /// /// If empty, the resource template will respond to policy changes /// immediately, in other words, any policy changes will drive the resource /// template to be propagated immediately as per the current propagation rules. /// - /// /// If the value is 'Lazy' means the policy changes will not take effect for now /// but defer to the resource template changes, in other words, the resource /// template will not be propagated as per the current propagation rules until @@ -46,7 +44,6 @@ pub struct ClusterPropagationPolicySpec { /// ConflictResolution declares how potential conflict should be handled when /// a resource that is being propagated already exists in the target cluster. /// - /// /// It defaults to "Abort" which means stop propagating to avoid unexpected /// overwrites. The "Overwrite" might be useful when migrating legacy cluster /// resources to Karmada, in which case conflict is predictable and can be @@ -56,12 +53,10 @@ pub struct ClusterPropagationPolicySpec { /// DependentOverrides represents the list of overrides(OverridePolicy) /// which must present before the current PropagationPolicy takes effect. /// - /// /// It used to explicitly specify overrides which current PropagationPolicy rely on. /// A typical scenario is the users create OverridePolicy(ies) and resources at the same time, /// they want to ensure the new-created policies would be adopted. /// - /// /// Note: For the overrides, OverridePolicy(ies) in current namespace and ClusterOverridePolicy(ies), /// which not present in this list will still be applied if they matches the resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependentOverrides")] @@ -82,16 +77,13 @@ pub struct ClusterPropagationPolicySpec { /// If set to true, resources will be preserved on the member clusters. /// Default is false, which means resources will be deleted along with the resource template. /// - /// /// This setting is particularly useful during workload migration scenarios to ensure /// that rollback can occur quickly without affecting the workloads running on the /// member clusters. /// - /// /// Additionally, this setting applies uniformly across all member clusters and will not /// selectively control preservation on only some clusters. /// - /// /// Note: This setting does not apply to the deletion of the policy itself. /// When the policy is deleted, the resource templates and their corresponding /// propagated resources in member clusters will remain unchanged unless explicitly deleted. @@ -105,7 +97,6 @@ pub struct ClusterPropagationPolicySpec { /// not be preempted by following policies even with a higher priority. /// See Preemption for more details. /// - /// /// In case of two policies have the same priority, the one with a more precise /// matching rules in ResourceSelectors wins: /// - matching by name(resourceSelector.name) has higher priority than @@ -115,7 +106,6 @@ pub struct ClusterPropagationPolicySpec { /// If there is still no winner at this point, the one with the lower alphabetic /// order wins, e.g. policy 'bar' has higher priority than 'foo'. /// - /// /// The higher the value, the higher the priority. Defaults to zero. #[serde(default, skip_serializing_if = "Option::is_none")] pub priority: Option, @@ -125,7 +115,6 @@ pub struct ClusterPropagationPolicySpec { /// propagated along with the Deployment. In addition to the propagating process, the referencing resources will be /// migrated along with the Deployment in the fail-over scenario. /// - /// /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propagateDeps")] pub propagate_deps: Option, @@ -135,6 +124,21 @@ pub struct ClusterPropagationPolicySpec { /// might be accidentally propagated. #[serde(rename = "resourceSelectors")] pub resource_selectors: Vec, + /// SchedulePriority defines how Karmada should resolve the priority and preemption policy + /// for workload scheduling. + /// + /// This setting is useful for controlling the scheduling behavior of offline workloads. + /// By setting a higher or lower priority, users can control which workloads are scheduled first. + /// Additionally, it allows specifying a preemption policy where higher-priority workloads can + /// preempt lower-priority ones in scenarios of resource contention. + /// + /// Note: This feature is currently in the alpha stage. The priority-based scheduling functionality is + /// controlled by the PriorityBasedScheduling feature gate, and preemption is controlled by the + /// PriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is + /// supported. Preemption functionality is not yet available and will be introduced in future + /// releases as the feature matures. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulePriority")] + pub schedule_priority: Option, /// SchedulerName represents which scheduler to proceed the scheduling. /// If specified, the policy will be dispatched by specified scheduler. /// If not specified, the policy will be dispatched by default scheduler. @@ -197,6 +201,22 @@ pub struct ClusterPropagationPolicyFailoverApplication { /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] pub purge_mode: Option, + /// StatePreservation defines the policy for preserving and restoring state data + /// during failover events for stateful applications. + /// + /// When an application fails over from one cluster to another, this policy enables + /// the extraction of critical data from the original resource configuration. + /// Upon successful migration, the extracted data is then re-injected into the new + /// resource, ensuring that the application can resume operation with its previous + /// state intact. + /// This is particularly useful for stateful applications where maintaining data + /// consistency across failover events is crucial. + /// If not specified, means no state data will be preserved. + /// + /// Note: This requires the StatefulFailoverInjection feature gate to be enabled, + /// which is alpha. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statePreservation")] + pub state_preservation: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -224,30 +244,73 @@ pub enum ClusterPropagationPolicyFailoverApplicationPurgeMode { Never, } +/// StatePreservation defines the policy for preserving and restoring state data +/// during failover events for stateful applications. +/// +/// When an application fails over from one cluster to another, this policy enables +/// the extraction of critical data from the original resource configuration. +/// Upon successful migration, the extracted data is then re-injected into the new +/// resource, ensuring that the application can resume operation with its previous +/// state intact. +/// This is particularly useful for stateful applications where maintaining data +/// consistency across failover events is crucial. +/// If not specified, means no state data will be preserved. +/// +/// Note: This requires the StatefulFailoverInjection feature gate to be enabled, +/// which is alpha. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPropagationPolicyFailoverApplicationStatePreservation { + /// Rules contains a list of StatePreservationRule configurations. + /// Each rule specifies a JSONPath expression targeting specific pieces of + /// state data to be preserved during failover events. An AliasLabelName is associated + /// with each rule, serving as a label key when the preserved data is passed + /// to the new cluster. + pub rules: Vec, +} + +/// StatePreservationRule defines a single rule for state preservation. +/// It includes a JSONPath expression and an alias name that will be used +/// as a label key when passing state information to the new cluster. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPropagationPolicyFailoverApplicationStatePreservationRules { + /// AliasLabelName is the name that will be used as a label key when the preserved + /// data is passed to the new cluster. This facilitates the injection of the + /// preserved state back into the application resources during recovery. + #[serde(rename = "aliasLabelName")] + pub alias_label_name: String, + /// JSONPath is the JSONPath template used to identify the state data + /// to be preserved from the original resource configuration. + /// The JSONPath syntax follows the Kubernetes specification: + /// https://kubernetes.io/docs/reference/kubectl/jsonpath/ + /// + /// Note: The JSONPath expression will start searching from the "status" field of + /// the API resource object by default. For example, to extract the "availableReplicas" + /// from a Deployment, the JSONPath expression should be "{.availableReplicas}", not + /// "{.status.availableReplicas}". + #[serde(rename = "jsonPath")] + pub json_path: String, +} + /// Placement represents the rule for select clusters to propagate resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPropagationPolicyPlacement { /// ClusterAffinities represents scheduling restrictions to multiple cluster /// groups that indicated by ClusterAffinityTerm. /// - /// /// The scheduler will evaluate these groups one by one in the order they /// appear in the spec, the group that does not satisfy scheduling restrictions /// will be ignored which means all clusters in this group will not be selected /// unless it also belongs to the next group(a cluster could belong to multiple /// groups). /// - /// /// If none of the groups satisfy the scheduling restrictions, then scheduling /// fails, which means no cluster will be selected. /// - /// /// Note: /// 1. ClusterAffinities can not co-exist with ClusterAffinity. /// 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster /// can be scheduling candidates. /// - /// /// Potential use case 1: /// The private clusters in the local data center could be the main group, and /// the managed clusters provided by cluster providers could be the secondary @@ -255,7 +318,6 @@ pub struct ClusterPropagationPolicyPlacement { /// to the main group and the second group will only be considered in case of /// the main group does not satisfy restrictions(like, lack of resources). /// - /// /// Potential use case 2: /// For the disaster recovery scenario, the clusters could be organized to /// primary and backup groups, the workloads would be scheduled to primary @@ -731,6 +793,63 @@ pub struct ClusterPropagationPolicyResourceSelectorsLabelSelectorMatchExpression pub values: Option>, } +/// SchedulePriority defines how Karmada should resolve the priority and preemption policy +/// for workload scheduling. +/// +/// This setting is useful for controlling the scheduling behavior of offline workloads. +/// By setting a higher or lower priority, users can control which workloads are scheduled first. +/// Additionally, it allows specifying a preemption policy where higher-priority workloads can +/// preempt lower-priority ones in scenarios of resource contention. +/// +/// Note: This feature is currently in the alpha stage. The priority-based scheduling functionality is +/// controlled by the PriorityBasedScheduling feature gate, and preemption is controlled by the +/// PriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is +/// supported. Preemption functionality is not yet available and will be introduced in future +/// releases as the feature matures. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ClusterPropagationPolicySchedulePriority { + /// PriorityClassName specifies which PriorityClass to use. Its behavior depends on PriorityClassSource: + /// + /// Behavior of PriorityClassName: + /// + /// For KubePriorityClass: + /// - When specified: Uses the named Kubernetes PriorityClass. + /// + /// For PodPriorityClass: + /// - Uses PriorityClassName from the PodTemplate. + /// - Not yet implemented. + /// + /// For FederatedPriorityClass: + /// - Not yet implemented. + #[serde(rename = "priorityClassName")] + pub priority_class_name: String, + /// PriorityClassSource specifies where Karmada should look for the PriorityClass definition. + /// Available options: + /// - KubePriorityClass: Uses Kubernetes PriorityClass (scheduling.k8s.io/v1) + /// - PodPriorityClass: Uses PriorityClassName from PodTemplate: PodSpec.PriorityClassName (not yet implemented) + /// - FederatedPriorityClass: Uses Karmada FederatedPriorityClass (not yet implemented) + #[serde(rename = "priorityClassSource")] + pub priority_class_source: ClusterPropagationPolicySchedulePriorityPriorityClassSource, +} + +/// SchedulePriority defines how Karmada should resolve the priority and preemption policy +/// for workload scheduling. +/// +/// This setting is useful for controlling the scheduling behavior of offline workloads. +/// By setting a higher or lower priority, users can control which workloads are scheduled first. +/// Additionally, it allows specifying a preemption policy where higher-priority workloads can +/// preempt lower-priority ones in scenarios of resource contention. +/// +/// Note: This feature is currently in the alpha stage. The priority-based scheduling functionality is +/// controlled by the PriorityBasedScheduling feature gate, and preemption is controlled by the +/// PriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is +/// supported. Preemption functionality is not yet available and will be introduced in future +/// releases as the feature matures. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterPropagationPolicySchedulePriorityPriorityClassSource { + KubePriorityClass, +} + /// Suspension declares the policy for suspending different aspects of propagation. /// nil means no suspension. no default values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/overridepolicies.rs b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/overridepolicies.rs index e856c73b6..19383f15f 100644 --- a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/overridepolicies.rs +++ b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/overridepolicies.rs @@ -23,7 +23,6 @@ pub struct OverridePolicySpec { pub override_rules: Option>, /// Overriders represents the override rules that would apply on resources /// - /// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub overriders: Option, @@ -35,7 +34,6 @@ pub struct OverridePolicySpec { /// that only applies to resources propagated to the matching clusters. /// nil means matching all clusters. /// - /// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetCluster")] pub target_cluster: Option, @@ -91,8 +89,7 @@ pub struct OverridePolicyOverrideRulesOverridersAnnotationsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -250,7 +247,6 @@ pub struct OverridePolicyOverrideRulesOverridersImageOverrider { pub operator: OverridePolicyOverrideRulesOverridersImageOverriderOperator, /// Predicate filters images before applying the rule. /// - /// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -261,7 +257,6 @@ pub struct OverridePolicyOverrideRulesOverridersImageOverrider { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// - /// /// If not nil, only images matches the filters will be processed. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, @@ -293,7 +288,6 @@ pub enum OverridePolicyOverrideRulesOverridersImageOverriderOperator { /// Predicate filters images before applying the rule. /// -/// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -304,7 +298,6 @@ pub enum OverridePolicyOverrideRulesOverridersImageOverriderOperator { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// -/// /// If not nil, only images matches the filters will be processed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OverridePolicyOverrideRulesOverridersImageOverriderPredicate { @@ -321,8 +314,7 @@ pub struct OverridePolicyOverrideRulesOverridersLabelsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -448,7 +440,6 @@ pub struct OverridePolicyOverrideRulesTargetClusterLabelSelectorMatchExpressions /// Overriders represents the override rules that would apply on resources /// -/// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OverridePolicyOverriders { @@ -487,8 +478,7 @@ pub struct OverridePolicyOverridersAnnotationsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -646,7 +636,6 @@ pub struct OverridePolicyOverridersImageOverrider { pub operator: OverridePolicyOverridersImageOverriderOperator, /// Predicate filters images before applying the rule. /// - /// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -657,7 +646,6 @@ pub struct OverridePolicyOverridersImageOverrider { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// - /// /// If not nil, only images matches the filters will be processed. #[serde(default, skip_serializing_if = "Option::is_none")] pub predicate: Option, @@ -689,7 +677,6 @@ pub enum OverridePolicyOverridersImageOverriderOperator { /// Predicate filters images before applying the rule. /// -/// /// Defaults to nil, in that case, the system will automatically detect image fields if the resource type is /// Pod, ReplicaSet, Deployment, StatefulSet, DaemonSet or Job by following rule: /// - Pod: /spec/containers//image @@ -700,7 +687,6 @@ pub enum OverridePolicyOverridersImageOverriderOperator { /// - Job: /spec/template/spec/containers//image /// In addition, all images will be processed if the resource object has more than one container. /// -/// /// If not nil, only images matches the filters will be processed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OverridePolicyOverridersImageOverriderPredicate { @@ -717,8 +703,7 @@ pub struct OverridePolicyOverridersLabelsOverrider { /// Items in Value which will be appended after annotations/labels when Operator is 'add'. /// Items in Value which match in annotations/labels will be deleted when Operator is 'remove'. /// Items in Value which match in annotations/labels will be replaced when Operator is 'replace'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option>, + pub value: BTreeMap, } /// LabelAnnotationOverrider represents the rules dedicated to handling workload labels/annotations @@ -816,7 +801,6 @@ pub struct OverridePolicyResourceSelectorsLabelSelectorMatchExpressions { /// that only applies to resources propagated to the matching clusters. /// nil means matching all clusters. /// -/// /// Deprecated: This filed is deprecated in v1.0 and please use the OverrideRules instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OverridePolicyTargetCluster { diff --git a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs index f847691fa..53f522c88 100644 --- a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs +++ b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs @@ -21,12 +21,10 @@ pub struct PropagationPolicySpec { /// ActivationPreference indicates how the referencing resource template will /// be propagated, in case of policy changes. /// - /// /// If empty, the resource template will respond to policy changes /// immediately, in other words, any policy changes will drive the resource /// template to be propagated immediately as per the current propagation rules. /// - /// /// If the value is 'Lazy' means the policy changes will not take effect for now /// but defer to the resource template changes, in other words, the resource /// template will not be propagated as per the current propagation rules until @@ -47,7 +45,6 @@ pub struct PropagationPolicySpec { /// ConflictResolution declares how potential conflict should be handled when /// a resource that is being propagated already exists in the target cluster. /// - /// /// It defaults to "Abort" which means stop propagating to avoid unexpected /// overwrites. The "Overwrite" might be useful when migrating legacy cluster /// resources to Karmada, in which case conflict is predictable and can be @@ -57,12 +54,10 @@ pub struct PropagationPolicySpec { /// DependentOverrides represents the list of overrides(OverridePolicy) /// which must present before the current PropagationPolicy takes effect. /// - /// /// It used to explicitly specify overrides which current PropagationPolicy rely on. /// A typical scenario is the users create OverridePolicy(ies) and resources at the same time, /// they want to ensure the new-created policies would be adopted. /// - /// /// Note: For the overrides, OverridePolicy(ies) in current namespace and ClusterOverridePolicy(ies), /// which not present in this list will still be applied if they matches the resources. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dependentOverrides")] @@ -83,16 +78,13 @@ pub struct PropagationPolicySpec { /// If set to true, resources will be preserved on the member clusters. /// Default is false, which means resources will be deleted along with the resource template. /// - /// /// This setting is particularly useful during workload migration scenarios to ensure /// that rollback can occur quickly without affecting the workloads running on the /// member clusters. /// - /// /// Additionally, this setting applies uniformly across all member clusters and will not /// selectively control preservation on only some clusters. /// - /// /// Note: This setting does not apply to the deletion of the policy itself. /// When the policy is deleted, the resource templates and their corresponding /// propagated resources in member clusters will remain unchanged unless explicitly deleted. @@ -106,7 +98,6 @@ pub struct PropagationPolicySpec { /// not be preempted by following policies even with a higher priority. /// See Preemption for more details. /// - /// /// In case of two policies have the same priority, the one with a more precise /// matching rules in ResourceSelectors wins: /// - matching by name(resourceSelector.name) has higher priority than @@ -116,7 +107,6 @@ pub struct PropagationPolicySpec { /// If there is still no winner at this point, the one with the lower alphabetic /// order wins, e.g. policy 'bar' has higher priority than 'foo'. /// - /// /// The higher the value, the higher the priority. Defaults to zero. #[serde(default, skip_serializing_if = "Option::is_none")] pub priority: Option, @@ -126,7 +116,6 @@ pub struct PropagationPolicySpec { /// propagated along with the Deployment. In addition to the propagating process, the referencing resources will be /// migrated along with the Deployment in the fail-over scenario. /// - /// /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "propagateDeps")] pub propagate_deps: Option, @@ -136,6 +125,21 @@ pub struct PropagationPolicySpec { /// might be accidentally propagated. #[serde(rename = "resourceSelectors")] pub resource_selectors: Vec, + /// SchedulePriority defines how Karmada should resolve the priority and preemption policy + /// for workload scheduling. + /// + /// This setting is useful for controlling the scheduling behavior of offline workloads. + /// By setting a higher or lower priority, users can control which workloads are scheduled first. + /// Additionally, it allows specifying a preemption policy where higher-priority workloads can + /// preempt lower-priority ones in scenarios of resource contention. + /// + /// Note: This feature is currently in the alpha stage. The priority-based scheduling functionality is + /// controlled by the PriorityBasedScheduling feature gate, and preemption is controlled by the + /// PriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is + /// supported. Preemption functionality is not yet available and will be introduced in future + /// releases as the feature matures. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulePriority")] + pub schedule_priority: Option, /// SchedulerName represents which scheduler to proceed the scheduling. /// If specified, the policy will be dispatched by specified scheduler. /// If not specified, the policy will be dispatched by default scheduler. @@ -198,6 +202,22 @@ pub struct PropagationPolicyFailoverApplication { /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] pub purge_mode: Option, + /// StatePreservation defines the policy for preserving and restoring state data + /// during failover events for stateful applications. + /// + /// When an application fails over from one cluster to another, this policy enables + /// the extraction of critical data from the original resource configuration. + /// Upon successful migration, the extracted data is then re-injected into the new + /// resource, ensuring that the application can resume operation with its previous + /// state intact. + /// This is particularly useful for stateful applications where maintaining data + /// consistency across failover events is crucial. + /// If not specified, means no state data will be preserved. + /// + /// Note: This requires the StatefulFailoverInjection feature gate to be enabled, + /// which is alpha. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statePreservation")] + pub state_preservation: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -225,30 +245,73 @@ pub enum PropagationPolicyFailoverApplicationPurgeMode { Never, } +/// StatePreservation defines the policy for preserving and restoring state data +/// during failover events for stateful applications. +/// +/// When an application fails over from one cluster to another, this policy enables +/// the extraction of critical data from the original resource configuration. +/// Upon successful migration, the extracted data is then re-injected into the new +/// resource, ensuring that the application can resume operation with its previous +/// state intact. +/// This is particularly useful for stateful applications where maintaining data +/// consistency across failover events is crucial. +/// If not specified, means no state data will be preserved. +/// +/// Note: This requires the StatefulFailoverInjection feature gate to be enabled, +/// which is alpha. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PropagationPolicyFailoverApplicationStatePreservation { + /// Rules contains a list of StatePreservationRule configurations. + /// Each rule specifies a JSONPath expression targeting specific pieces of + /// state data to be preserved during failover events. An AliasLabelName is associated + /// with each rule, serving as a label key when the preserved data is passed + /// to the new cluster. + pub rules: Vec, +} + +/// StatePreservationRule defines a single rule for state preservation. +/// It includes a JSONPath expression and an alias name that will be used +/// as a label key when passing state information to the new cluster. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PropagationPolicyFailoverApplicationStatePreservationRules { + /// AliasLabelName is the name that will be used as a label key when the preserved + /// data is passed to the new cluster. This facilitates the injection of the + /// preserved state back into the application resources during recovery. + #[serde(rename = "aliasLabelName")] + pub alias_label_name: String, + /// JSONPath is the JSONPath template used to identify the state data + /// to be preserved from the original resource configuration. + /// The JSONPath syntax follows the Kubernetes specification: + /// https://kubernetes.io/docs/reference/kubectl/jsonpath/ + /// + /// Note: The JSONPath expression will start searching from the "status" field of + /// the API resource object by default. For example, to extract the "availableReplicas" + /// from a Deployment, the JSONPath expression should be "{.availableReplicas}", not + /// "{.status.availableReplicas}". + #[serde(rename = "jsonPath")] + pub json_path: String, +} + /// Placement represents the rule for select clusters to propagate resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PropagationPolicyPlacement { /// ClusterAffinities represents scheduling restrictions to multiple cluster /// groups that indicated by ClusterAffinityTerm. /// - /// /// The scheduler will evaluate these groups one by one in the order they /// appear in the spec, the group that does not satisfy scheduling restrictions /// will be ignored which means all clusters in this group will not be selected /// unless it also belongs to the next group(a cluster could belong to multiple /// groups). /// - /// /// If none of the groups satisfy the scheduling restrictions, then scheduling /// fails, which means no cluster will be selected. /// - /// /// Note: /// 1. ClusterAffinities can not co-exist with ClusterAffinity. /// 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster /// can be scheduling candidates. /// - /// /// Potential use case 1: /// The private clusters in the local data center could be the main group, and /// the managed clusters provided by cluster providers could be the secondary @@ -256,7 +319,6 @@ pub struct PropagationPolicyPlacement { /// to the main group and the second group will only be considered in case of /// the main group does not satisfy restrictions(like, lack of resources). /// - /// /// Potential use case 2: /// For the disaster recovery scenario, the clusters could be organized to /// primary and backup groups, the workloads would be scheduled to primary @@ -732,6 +794,63 @@ pub struct PropagationPolicyResourceSelectorsLabelSelectorMatchExpressions { pub values: Option>, } +/// SchedulePriority defines how Karmada should resolve the priority and preemption policy +/// for workload scheduling. +/// +/// This setting is useful for controlling the scheduling behavior of offline workloads. +/// By setting a higher or lower priority, users can control which workloads are scheduled first. +/// Additionally, it allows specifying a preemption policy where higher-priority workloads can +/// preempt lower-priority ones in scenarios of resource contention. +/// +/// Note: This feature is currently in the alpha stage. The priority-based scheduling functionality is +/// controlled by the PriorityBasedScheduling feature gate, and preemption is controlled by the +/// PriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is +/// supported. Preemption functionality is not yet available and will be introduced in future +/// releases as the feature matures. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct PropagationPolicySchedulePriority { + /// PriorityClassName specifies which PriorityClass to use. Its behavior depends on PriorityClassSource: + /// + /// Behavior of PriorityClassName: + /// + /// For KubePriorityClass: + /// - When specified: Uses the named Kubernetes PriorityClass. + /// + /// For PodPriorityClass: + /// - Uses PriorityClassName from the PodTemplate. + /// - Not yet implemented. + /// + /// For FederatedPriorityClass: + /// - Not yet implemented. + #[serde(rename = "priorityClassName")] + pub priority_class_name: String, + /// PriorityClassSource specifies where Karmada should look for the PriorityClass definition. + /// Available options: + /// - KubePriorityClass: Uses Kubernetes PriorityClass (scheduling.k8s.io/v1) + /// - PodPriorityClass: Uses PriorityClassName from PodTemplate: PodSpec.PriorityClassName (not yet implemented) + /// - FederatedPriorityClass: Uses Karmada FederatedPriorityClass (not yet implemented) + #[serde(rename = "priorityClassSource")] + pub priority_class_source: PropagationPolicySchedulePriorityPriorityClassSource, +} + +/// SchedulePriority defines how Karmada should resolve the priority and preemption policy +/// for workload scheduling. +/// +/// This setting is useful for controlling the scheduling behavior of offline workloads. +/// By setting a higher or lower priority, users can control which workloads are scheduled first. +/// Additionally, it allows specifying a preemption policy where higher-priority workloads can +/// preempt lower-priority ones in scenarios of resource contention. +/// +/// Note: This feature is currently in the alpha stage. The priority-based scheduling functionality is +/// controlled by the PriorityBasedScheduling feature gate, and preemption is controlled by the +/// PriorityBasedPreemptiveScheduling feature gate. Currently, only priority-based scheduling is +/// supported. Preemption functionality is not yet available and will be introduced in future +/// releases as the feature matures. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PropagationPolicySchedulePriorityPriorityClassSource { + KubePriorityClass, +} + /// Suspension declares the policy for suspending different aspects of propagation. /// nil means no suspension. no default values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/policy_kubeedge_io/v1alpha1/serviceaccountaccesses.rs b/kube-custom-resources-rs/src/policy_kubeedge_io/v1alpha1/serviceaccountaccesses.rs index 0ed88e262..60a8bb0bf 100644 --- a/kube-custom-resources-rs/src/policy_kubeedge_io/v1alpha1/serviceaccountaccesses.rs +++ b/kube-custom-resources-rs/src/policy_kubeedge_io/v1alpha1/serviceaccountaccesses.rs @@ -48,16 +48,25 @@ pub struct ServiceAccountAccessAccessClusterRoleBinding { /// ClusterRoleBinding represents rbac ClusterRoleBinding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessClusterRoleBindingClusterRoleBinding { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, /// Standard object's metadata. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. This field is immutable. + /// RoleRef can only reference a ClusterRole in the global namespace. + /// If the RoleRef cannot be resolved, the Authorizer must return an error. + /// This field is immutable. #[serde(rename = "roleRef")] pub role_ref: ServiceAccountAccessAccessClusterRoleBindingClusterRoleBindingRoleRef, /// Subjects holds references to the objects the role applies to. @@ -80,7 +89,9 @@ pub struct ServiceAccountAccessAccessClusterRoleBindingClusterRoleBindingMetadat pub namespace: Option, } -/// RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. This field is immutable. +/// RoleRef can only reference a ClusterRole in the global namespace. +/// If the RoleRef cannot be resolved, the Authorizer must return an error. +/// This field is immutable. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessClusterRoleBindingClusterRoleBindingRoleRef { /// APIGroup is the group for the resource being referenced @@ -92,28 +103,37 @@ pub struct ServiceAccountAccessAccessClusterRoleBindingClusterRoleBindingRoleRef pub name: String, } -/// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names. +/// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, +/// or a value for non-objects such as user and group names. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessClusterRoleBindingClusterRoleBindingSubjects { - /// APIGroup holds the API group of the referenced subject. Defaults to "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for User and Group subjects. + /// APIGroup holds the API group of the referenced subject. + /// Defaults to "" for ServiceAccount subjects. + /// Defaults to "rbac.authorization.k8s.io" for User and Group subjects. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, - /// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". If the Authorizer does not recognized the kind value, the Authorizer should report an error. + /// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". + /// If the Authorizer does not recognized the kind value, the Authorizer should report an error. pub kind: String, /// Name of the object being referenced. pub name: String, - /// Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty the Authorizer should report an error. + /// Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty + /// the Authorizer should report an error. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to. +/// PolicyRule holds information that describes a policy rule, but does not contain information +/// about who the rule applies to or which namespace the rule applies to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessClusterRoleBindingRules { - /// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. + /// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + /// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, - /// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. + /// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + /// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + /// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nonResourceURLs")] pub non_resource_ur_ls: Option>, /// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. @@ -140,16 +160,25 @@ pub struct ServiceAccountAccessAccessRoleBinding { /// RoleBinding represents rbac rolebinding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessRoleBindingRoleBinding { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, /// Standard object's metadata. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. This field is immutable. + /// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. + /// If the RoleRef cannot be resolved, the Authorizer must return an error. + /// This field is immutable. #[serde(rename = "roleRef")] pub role_ref: ServiceAccountAccessAccessRoleBindingRoleBindingRoleRef, /// Subjects holds references to the objects the role applies to. @@ -172,7 +201,9 @@ pub struct ServiceAccountAccessAccessRoleBindingRoleBindingMetadata { pub namespace: Option, } -/// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error. This field is immutable. +/// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. +/// If the RoleRef cannot be resolved, the Authorizer must return an error. +/// This field is immutable. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessRoleBindingRoleBindingRoleRef { /// APIGroup is the group for the resource being referenced @@ -184,28 +215,37 @@ pub struct ServiceAccountAccessAccessRoleBindingRoleBindingRoleRef { pub name: String, } -/// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names. +/// Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, +/// or a value for non-objects such as user and group names. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessRoleBindingRoleBindingSubjects { - /// APIGroup holds the API group of the referenced subject. Defaults to "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for User and Group subjects. + /// APIGroup holds the API group of the referenced subject. + /// Defaults to "" for ServiceAccount subjects. + /// Defaults to "rbac.authorization.k8s.io" for User and Group subjects. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, - /// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". If the Authorizer does not recognized the kind value, the Authorizer should report an error. + /// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". + /// If the Authorizer does not recognized the kind value, the Authorizer should report an error. pub kind: String, /// Name of the object being referenced. pub name: String, - /// Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty the Authorizer should report an error. + /// Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty + /// the Authorizer should report an error. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to. +/// PolicyRule holds information that describes a policy rule, but does not contain information +/// about who the rule applies to or which namespace the rule applies to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessAccessRoleBindingRules { - /// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. + /// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of + /// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroups")] pub api_groups: Option>, - /// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. + /// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path + /// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. + /// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nonResourceURLs")] pub non_resource_ur_ls: Option>, /// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. @@ -221,35 +261,59 @@ pub struct ServiceAccountAccessAccessRoleBindingRules { /// ServiceAccount is one-to-one corresponding relations with the serviceaccountaccess. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessServiceAccount { - /// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + /// APIVersion defines the versioned schema of this representation of an object. + /// Servers should convert recognized schemas to the latest internal value, and + /// may reject unrecognized values. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] pub api_version: Option, - /// AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level. + /// AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. + /// Can be overridden at the pod level. #[serde(default, skip_serializing_if = "Option::is_none", rename = "automountServiceAccountToken")] pub automount_service_account_token: Option, - /// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod + /// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images + /// in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets + /// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. + /// More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, - /// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + /// Kind is a string value representing the REST resource this object represents. + /// Servers may infer this from the endpoint the client submits requests to. + /// Cannot be updated. + /// In CamelCase. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + /// Standard object's metadata. + /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. Pods are only limited to this list if this service account has a "kubernetes.io/enforce-mountable-secrets" annotation set to "true". This field should not be used to find auto-generated service account token secrets for use outside of pods. Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. More info: https://kubernetes.io/docs/concepts/configuration/secret + /// Secrets is a list of the secrets in the same namespace that pods running using this ServiceAccount are allowed to use. + /// Pods are only limited to this list if this service account has a "kubernetes.io/enforce-mountable-secrets" annotation set to "true". + /// This field should not be used to find auto-generated service account token secrets for use outside of pods. + /// Instead, tokens can be requested directly using the TokenRequest API, or service account token secrets can be manually created. + /// More info: https://kubernetes.io/docs/concepts/configuration/secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secrets: Option>, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessServiceAccountImagePullSecrets { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +/// Standard object's metadata. +/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceAccountAccessServiceAccountMetadata { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/adminnetworkpolicies.rs b/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/adminnetworkpolicies.rs index 1256fc958..93ed3b237 100644 --- a/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/adminnetworkpolicies.rs +++ b/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/adminnetworkpolicies.rs @@ -27,7 +27,6 @@ pub struct AdminNetworkPolicySpec { /// would take the highest precedence. /// ANPs with no egress rules do not affect egress traffic. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub egress: Option>, @@ -39,7 +38,6 @@ pub struct AdminNetworkPolicySpec { /// would take the highest precedence. /// ANPs with no ingress rules do not affect ingress traffic. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option>, @@ -52,13 +50,11 @@ pub struct AdminNetworkPolicySpec { /// implementation can apply any of the matching policies to the connection, and /// there is no way for the user to reliably determine which one it will choose. /// - /// /// Support: Core pub priority: i32, /// Subject defines the pods to which this AdminNetworkPolicy applies. /// Note that host-networked pods are not included in subject selection. /// - /// /// Support: Core pub subject: AdminNetworkPolicySubject, } @@ -78,7 +74,6 @@ pub struct AdminNetworkPolicyEgress { /// If the pod is not selected by any NetworkPolicies then execution /// is passed to any BaselineAdminNetworkPolicies that select the pod. /// - /// /// Support: Core pub action: AdminNetworkPolicyEgressAction, /// Name is an identifier for this rule, that may be no more than 100 characters @@ -86,7 +81,6 @@ pub struct AdminNetworkPolicyEgress { /// improve observability, readability and error-reporting for any applied /// AdminNetworkPolicies. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, @@ -94,7 +88,6 @@ pub struct AdminNetworkPolicyEgress { /// This field is a list of destination ports for the outgoing egress traffic. /// If Ports is not set then the rule does not filter traffic via port. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, @@ -103,7 +96,6 @@ pub struct AdminNetworkPolicyEgress { /// traffic then the specified action is applied. /// This field must be defined and contain at least one item. /// - /// /// Support: Core pub to: Vec, } @@ -125,14 +117,12 @@ pub enum AdminNetworkPolicyEgressAction { pub struct AdminNetworkPolicyEgressPorts { /// Port selects a port on a pod(s) based on number. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portNumber")] pub port_number: Option, /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portRange")] pub port_range: Option, @@ -140,19 +130,16 @@ pub struct AdminNetworkPolicyEgressPorts { /// Port selects a port on a pod(s) based on number. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyEgressPortsPortNumber { /// Number defines a network port value. /// - /// /// Support: Core pub port: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core pub protocol: String, } @@ -160,27 +147,23 @@ pub struct AdminNetworkPolicyEgressPortsPortNumber { /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyEgressPortsPortRange { /// End defines a network port that is the end of a port range, the End value /// must be greater than Start. /// - /// /// Support: Core pub end: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, /// Start defines a network port that is the start of a port range, the Start /// value must be less than End. /// - /// /// Support: Core pub start: i32, } @@ -194,7 +177,6 @@ pub struct AdminNetworkPolicyEgressTo { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, @@ -202,7 +184,6 @@ pub struct AdminNetworkPolicyEgressTo { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, @@ -211,7 +192,6 @@ pub struct AdminNetworkPolicyEgressTo { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyEgressToNamespaces { @@ -246,7 +226,6 @@ pub struct AdminNetworkPolicyEgressToNamespacesMatchExpressions { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyEgressToPods { @@ -336,7 +315,6 @@ pub struct AdminNetworkPolicyIngress { /// If the pod is not selected by any NetworkPolicies then execution /// is passed to any BaselineAdminNetworkPolicies that select the pod. /// - /// /// Support: Core pub action: AdminNetworkPolicyIngressAction, /// From is the list of sources whose traffic this rule applies to. @@ -344,7 +322,6 @@ pub struct AdminNetworkPolicyIngress { /// traffic then the specified action is applied. /// This field must be defined and contain at least one item. /// - /// /// Support: Core pub from: Vec, /// Name is an identifier for this rule, that may be no more than 100 characters @@ -352,7 +329,6 @@ pub struct AdminNetworkPolicyIngress { /// improve observability, readability and error-reporting for any applied /// AdminNetworkPolicies. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, @@ -362,7 +338,6 @@ pub struct AdminNetworkPolicyIngress { /// So it matches on the destination port for the ingress traffic. /// If Ports is not set then the rule does not filter traffic via port. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, @@ -387,7 +362,6 @@ pub struct AdminNetworkPolicyIngressFrom { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, @@ -395,7 +369,6 @@ pub struct AdminNetworkPolicyIngressFrom { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, @@ -404,7 +377,6 @@ pub struct AdminNetworkPolicyIngressFrom { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyIngressFromNamespaces { @@ -439,7 +411,6 @@ pub struct AdminNetworkPolicyIngressFromNamespacesMatchExpressions { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyIngressFromPods { @@ -521,14 +492,12 @@ pub struct AdminNetworkPolicyIngressFromPodsPodSelectorMatchExpressions { pub struct AdminNetworkPolicyIngressPorts { /// Port selects a port on a pod(s) based on number. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portNumber")] pub port_number: Option, /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portRange")] pub port_range: Option, @@ -536,19 +505,16 @@ pub struct AdminNetworkPolicyIngressPorts { /// Port selects a port on a pod(s) based on number. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyIngressPortsPortNumber { /// Number defines a network port value. /// - /// /// Support: Core pub port: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core pub protocol: String, } @@ -556,27 +522,23 @@ pub struct AdminNetworkPolicyIngressPortsPortNumber { /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicyIngressPortsPortRange { /// End defines a network port that is the end of a port range, the End value /// must be greater than Start. /// - /// /// Support: Core pub end: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, /// Start defines a network port that is the start of a port range, the Start /// value must be less than End. /// - /// /// Support: Core pub start: i32, } @@ -584,7 +546,6 @@ pub struct AdminNetworkPolicyIngressPortsPortRange { /// Subject defines the pods to which this AdminNetworkPolicy applies. /// Note that host-networked pods are not included in subject selection. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AdminNetworkPolicySubject { diff --git a/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs b/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs index bcddaaea7..7a5f907ed 100644 --- a/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs +++ b/kube-custom-resources-rs/src/policy_networking_k8s_io/v1alpha1/baselineadminnetworkpolicies.rs @@ -28,7 +28,6 @@ pub struct BaselineAdminNetworkPolicySpec { /// would take the highest precedence. /// BANPs with no egress rules do not affect egress traffic. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub egress: Option>, @@ -41,14 +40,12 @@ pub struct BaselineAdminNetworkPolicySpec { /// would take the highest precedence. /// BANPs with no ingress rules do not affect ingress traffic. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option>, /// Subject defines the pods to which this BaselineAdminNetworkPolicy applies. /// Note that host-networked pods are not included in subject selection. /// - /// /// Support: Core pub subject: BaselineAdminNetworkPolicySubject, } @@ -64,7 +61,6 @@ pub struct BaselineAdminNetworkPolicyEgress { /// Allow: allows the selected traffic /// Deny: denies the selected traffic /// - /// /// Support: Core pub action: BaselineAdminNetworkPolicyEgressAction, /// Name is an identifier for this rule, that may be no more than 100 characters @@ -72,7 +68,6 @@ pub struct BaselineAdminNetworkPolicyEgress { /// improve observability, readability and error-reporting for any applied /// BaselineAdminNetworkPolicies. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, @@ -86,7 +81,6 @@ pub struct BaselineAdminNetworkPolicyEgress { /// traffic then the specified action is applied. /// This field must be defined and contain at least one item. /// - /// /// Support: Core pub to: Vec, } @@ -107,14 +101,12 @@ pub enum BaselineAdminNetworkPolicyEgressAction { pub struct BaselineAdminNetworkPolicyEgressPorts { /// Port selects a port on a pod(s) based on number. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portNumber")] pub port_number: Option, /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portRange")] pub port_range: Option, @@ -122,19 +114,16 @@ pub struct BaselineAdminNetworkPolicyEgressPorts { /// Port selects a port on a pod(s) based on number. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyEgressPortsPortNumber { /// Number defines a network port value. /// - /// /// Support: Core pub port: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core pub protocol: String, } @@ -142,27 +131,23 @@ pub struct BaselineAdminNetworkPolicyEgressPortsPortNumber { /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyEgressPortsPortRange { /// End defines a network port that is the end of a port range, the End value /// must be greater than Start. /// - /// /// Support: Core pub end: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, /// Start defines a network port that is the start of a port range, the Start /// value must be less than End. /// - /// /// Support: Core pub start: i32, } @@ -176,7 +161,6 @@ pub struct BaselineAdminNetworkPolicyEgressTo { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, @@ -184,7 +168,6 @@ pub struct BaselineAdminNetworkPolicyEgressTo { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, @@ -193,7 +176,6 @@ pub struct BaselineAdminNetworkPolicyEgressTo { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyEgressToNamespaces { @@ -228,7 +210,6 @@ pub struct BaselineAdminNetworkPolicyEgressToNamespacesMatchExpressions { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyEgressToPods { @@ -314,7 +295,6 @@ pub struct BaselineAdminNetworkPolicyIngress { /// Allow: allows the selected traffic /// Deny: denies the selected traffic /// - /// /// Support: Core pub action: BaselineAdminNetworkPolicyIngressAction, /// From is the list of sources whose traffic this rule applies to. @@ -322,7 +302,6 @@ pub struct BaselineAdminNetworkPolicyIngress { /// traffic then the specified action is applied. /// This field must be defined and contain at least one item. /// - /// /// Support: Core pub from: Vec, /// Name is an identifier for this rule, that may be no more than 100 characters @@ -330,7 +309,6 @@ pub struct BaselineAdminNetworkPolicyIngress { /// improve observability, readability and error-reporting for any applied /// BaselineAdminNetworkPolicies. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, @@ -340,7 +318,6 @@ pub struct BaselineAdminNetworkPolicyIngress { /// So it matches on the destination port for the ingress traffic. /// If Ports is not set then the rule does not filter traffic via port. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, @@ -364,7 +341,6 @@ pub struct BaselineAdminNetworkPolicyIngressFrom { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option, @@ -372,7 +348,6 @@ pub struct BaselineAdminNetworkPolicyIngressFrom { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub pods: Option, @@ -381,7 +356,6 @@ pub struct BaselineAdminNetworkPolicyIngressFrom { /// Namespaces defines a way to select all pods within a set of Namespaces. /// Note that host-networked pods are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyIngressFromNamespaces { @@ -416,7 +390,6 @@ pub struct BaselineAdminNetworkPolicyIngressFromNamespacesMatchExpressions { /// a set of namespaces. Note that host-networked pods /// are not included in this type of peer. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyIngressFromPods { @@ -498,14 +471,12 @@ pub struct BaselineAdminNetworkPolicyIngressFromPodsPodSelectorMatchExpressions pub struct BaselineAdminNetworkPolicyIngressPorts { /// Port selects a port on a pod(s) based on number. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portNumber")] pub port_number: Option, /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none", rename = "portRange")] pub port_range: Option, @@ -513,19 +484,16 @@ pub struct BaselineAdminNetworkPolicyIngressPorts { /// Port selects a port on a pod(s) based on number. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyIngressPortsPortNumber { /// Number defines a network port value. /// - /// /// Support: Core pub port: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core pub protocol: String, } @@ -533,27 +501,23 @@ pub struct BaselineAdminNetworkPolicyIngressPortsPortNumber { /// PortRange selects a port range on a pod(s) based on provided start and end /// values. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicyIngressPortsPortRange { /// End defines a network port that is the end of a port range, the End value /// must be greater than Start. /// - /// /// Support: Core pub end: i32, /// Protocol is the network protocol (TCP, UDP, or SCTP) which traffic must /// match. If not specified, this field defaults to TCP. /// - /// /// Support: Core #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, /// Start defines a network port that is the start of a port range, the Start /// value must be less than End. /// - /// /// Support: Core pub start: i32, } @@ -561,7 +525,6 @@ pub struct BaselineAdminNetworkPolicyIngressPortsPortRange { /// Subject defines the pods to which this BaselineAdminNetworkPolicy applies. /// Note that host-networked pods are not included in subject selection. /// -/// /// Support: Core #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BaselineAdminNetworkPolicySubject { diff --git a/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/poolers.rs b/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/poolers.rs index 8282272e0..b938da90c 100644 --- a/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/poolers.rs +++ b/kube-custom-resources-rs/src/postgresql_cnpg_io/v1/poolers.rs @@ -578,7 +578,7 @@ pub struct PoolerServiceTemplateSpec { /// not set, the implementation will apply its default routing strategy. If set /// to "PreferClose", implementations should prioritize endpoints that are /// topologically close (e.g., same zone). - /// This is an alpha field and requires enabling ServiceTrafficDistribution feature. + /// This is a beta field and requires enabling ServiceTrafficDistribution feature. #[serde(default, skip_serializing_if = "Option::is_none", rename = "trafficDistribution")] pub traffic_distribution: Option, /// type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -896,6 +896,17 @@ pub struct PoolerTemplateSpec { /// This field is immutable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaims")] pub resource_claims: Option>, + /// Resources is the total amount of CPU and Memory resources required by all + /// containers in the pod. It supports specifying Requests and Limits for + /// "cpu" and "memory" resource names only. ResourceClaims are not supported. + /// + /// This field enables fine-grained control over resource allocation for the + /// entire pod, allowing resource sharing among containers in a pod. + /// + /// This is an alpha field and requires enabling the PodLevelResources feature + /// gate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub resources: Option, /// Restart policy for all containers within the pod. /// One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. /// Default to Always. @@ -2015,23 +2026,23 @@ pub struct PoolerTemplateSpecContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2043,7 +2054,7 @@ pub struct PoolerTemplateSpecContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2076,7 +2087,7 @@ pub struct PoolerTemplateSpecContainersLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2084,8 +2095,8 @@ pub struct PoolerTemplateSpecContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2108,23 +2119,23 @@ pub struct PoolerTemplateSpecContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2136,7 +2147,7 @@ pub struct PoolerTemplateSpecContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2169,7 +2180,7 @@ pub struct PoolerTemplateSpecContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2177,8 +2188,8 @@ pub struct PoolerTemplateSpecContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2196,17 +2207,17 @@ pub struct PoolerTemplateSpecContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2221,7 +2232,7 @@ pub struct PoolerTemplateSpecContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2243,7 +2254,7 @@ pub struct PoolerTemplateSpecContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2255,7 +2266,7 @@ pub struct PoolerTemplateSpecContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2268,7 +2279,7 @@ pub struct PoolerTemplateSpecContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2301,7 +2312,7 @@ pub struct PoolerTemplateSpecContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2346,17 +2357,17 @@ pub struct PoolerTemplateSpecContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2371,7 +2382,7 @@ pub struct PoolerTemplateSpecContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2393,7 +2404,7 @@ pub struct PoolerTemplateSpecContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2405,7 +2416,7 @@ pub struct PoolerTemplateSpecContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2418,7 +2429,7 @@ pub struct PoolerTemplateSpecContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2451,7 +2462,7 @@ pub struct PoolerTemplateSpecContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2714,17 +2725,17 @@ pub struct PoolerTemplateSpecContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2739,7 +2750,7 @@ pub struct PoolerTemplateSpecContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2761,7 +2772,7 @@ pub struct PoolerTemplateSpecContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2773,7 +2784,7 @@ pub struct PoolerTemplateSpecContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2786,7 +2797,7 @@ pub struct PoolerTemplateSpecContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2819,7 +2830,7 @@ pub struct PoolerTemplateSpecContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2918,9 +2929,11 @@ pub struct PoolerTemplateSpecDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -3244,23 +3257,23 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3272,7 +3285,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3305,7 +3318,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartHttpGetHttpHea pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -3313,8 +3326,8 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3337,23 +3350,23 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3365,7 +3378,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3398,7 +3411,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopHttpGetHttpHeade pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -3406,8 +3419,8 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3422,17 +3435,17 @@ pub struct PoolerTemplateSpecEphemeralContainersLifecyclePreStopTcpSocket { /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3447,7 +3460,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3469,7 +3482,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3481,7 +3494,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3494,7 +3507,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3527,7 +3540,7 @@ pub struct PoolerTemplateSpecEphemeralContainersLivenessProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3569,17 +3582,17 @@ pub struct PoolerTemplateSpecEphemeralContainersPorts { /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3594,7 +3607,7 @@ pub struct PoolerTemplateSpecEphemeralContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3616,7 +3629,7 @@ pub struct PoolerTemplateSpecEphemeralContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3628,7 +3641,7 @@ pub struct PoolerTemplateSpecEphemeralContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3641,7 +3654,7 @@ pub struct PoolerTemplateSpecEphemeralContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3674,7 +3687,7 @@ pub struct PoolerTemplateSpecEphemeralContainersReadinessProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3929,17 +3942,17 @@ pub struct PoolerTemplateSpecEphemeralContainersSecurityContextWindowsOptions { /// Probes are not allowed for ephemeral containers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3954,7 +3967,7 @@ pub struct PoolerTemplateSpecEphemeralContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3976,7 +3989,7 @@ pub struct PoolerTemplateSpecEphemeralContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3988,7 +4001,7 @@ pub struct PoolerTemplateSpecEphemeralContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4001,7 +4014,7 @@ pub struct PoolerTemplateSpecEphemeralContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4034,7 +4047,7 @@ pub struct PoolerTemplateSpecEphemeralContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecEphemeralContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4471,23 +4484,23 @@ pub struct PoolerTemplateSpecInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4499,7 +4512,7 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4532,7 +4545,7 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePostStartHttpGetHttpHeaders pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -4540,8 +4553,8 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4564,23 +4577,23 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4592,7 +4605,7 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4625,7 +4638,7 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -4633,8 +4646,8 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4652,17 +4665,17 @@ pub struct PoolerTemplateSpecInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4677,7 +4690,7 @@ pub struct PoolerTemplateSpecInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4699,7 +4712,7 @@ pub struct PoolerTemplateSpecInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4711,7 +4724,7 @@ pub struct PoolerTemplateSpecInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4724,7 +4737,7 @@ pub struct PoolerTemplateSpecInitContainersLivenessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4757,7 +4770,7 @@ pub struct PoolerTemplateSpecInitContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4802,17 +4815,17 @@ pub struct PoolerTemplateSpecInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -4827,7 +4840,7 @@ pub struct PoolerTemplateSpecInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4849,7 +4862,7 @@ pub struct PoolerTemplateSpecInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4861,7 +4874,7 @@ pub struct PoolerTemplateSpecInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4874,7 +4887,7 @@ pub struct PoolerTemplateSpecInitContainersReadinessProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4907,7 +4920,7 @@ pub struct PoolerTemplateSpecInitContainersReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5170,17 +5183,17 @@ pub struct PoolerTemplateSpecInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -5195,7 +5208,7 @@ pub struct PoolerTemplateSpecInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -5217,7 +5230,7 @@ pub struct PoolerTemplateSpecInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5229,7 +5242,7 @@ pub struct PoolerTemplateSpecInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -5242,7 +5255,7 @@ pub struct PoolerTemplateSpecInitContainersStartupProbeGrpc { pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5275,7 +5288,7 @@ pub struct PoolerTemplateSpecInitContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5433,6 +5446,52 @@ pub struct PoolerTemplateSpecResourceClaims { pub resource_claim_template_name: Option, } +/// Resources is the total amount of CPU and Memory resources required by all +/// containers in the pod. It supports specifying Requests and Limits for +/// "cpu" and "memory" resource names only. ResourceClaims are not supported. +/// +/// This field enables fine-grained control over resource allocation for the +/// entire pod, allowing resource sharing among containers in a pod. +/// +/// This is an alpha field and requires enabling the PodLevelResources feature +/// gate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PoolerTemplateSpecResources { + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// This field is immutable. It can only be set for containers. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub claims: Option>, + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub limits: Option>, + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + #[serde(default, skip_serializing_if = "Option::is_none")] + pub requests: Option>, +} + +/// ResourceClaim references one entry in PodSpec.ResourceClaims. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PoolerTemplateSpecResourcesClaims { + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. + pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, +} + /// PodSchedulingGate is associated to a Pod to guard its scheduling. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecSchedulingGates { @@ -5494,6 +5553,31 @@ pub struct PoolerTemplateSpecSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -5815,26 +5899,35 @@ pub struct PoolerTemplateSpecTopologySpreadConstraintsLabelSelectorMatchExpressi pub struct PoolerTemplateSpecVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -5875,23 +5968,28 @@ pub struct PoolerTemplateSpecVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -5936,23 +6034,30 @@ pub struct PoolerTemplateSpecVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -5960,15 +6065,20 @@ pub struct PoolerTemplateSpecVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesAwsElasticBlockStore { @@ -5995,6 +6105,8 @@ pub struct PoolerTemplateSpecVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -6021,6 +6133,8 @@ pub struct PoolerTemplateSpecVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -6035,7 +6149,8 @@ pub struct PoolerTemplateSpecVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -6077,6 +6192,8 @@ pub struct PoolerTemplateSpecVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesCinder { @@ -6167,7 +6284,7 @@ pub struct PoolerTemplateSpecVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -6608,6 +6725,7 @@ pub struct PoolerTemplateSpecVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -6649,7 +6767,8 @@ pub struct PoolerTemplateSpecVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -6663,6 +6782,8 @@ pub struct PoolerTemplateSpecVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesGcePersistentDisk { @@ -6691,7 +6812,7 @@ pub struct PoolerTemplateSpecVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6710,6 +6831,7 @@ pub struct PoolerTemplateSpecVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesGlusterfs { @@ -6868,7 +6990,8 @@ pub struct PoolerTemplateSpecVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -6881,7 +7004,10 @@ pub struct PoolerTemplateSpecVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -7187,7 +7313,8 @@ pub struct PoolerTemplateSpecVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesQuobyte { /// group to map volume access to @@ -7215,6 +7342,7 @@ pub struct PoolerTemplateSpecVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesRbd { @@ -7274,6 +7402,7 @@ pub struct PoolerTemplateSpecVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -7378,6 +7507,7 @@ pub struct PoolerTemplateSpecVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesStorageos { /// fsType is the filesystem type to mount. @@ -7420,7 +7550,9 @@ pub struct PoolerTemplateSpecVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PoolerTemplateSpecVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -7447,6 +7579,8 @@ pub enum PoolerType { Rw, #[serde(rename = "ro")] Ro, + #[serde(rename = "r")] + R, } /// Most recently observed status of the Pooler. This data may not be up to diff --git a/kube-custom-resources-rs/src/projectcontour_io/v1/httpproxies.rs b/kube-custom-resources-rs/src/projectcontour_io/v1/httpproxies.rs index c2288b852..9e72cc33f 100644 --- a/kube-custom-resources-rs/src/projectcontour_io/v1/httpproxies.rs +++ b/kube-custom-resources-rs/src/projectcontour_io/v1/httpproxies.rs @@ -944,7 +944,7 @@ pub struct HTTPProxyRoutesRequestRedirectPolicy { pub scheme: Option, /// StatusCode is the HTTP status code to be used in response. #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusCode")] - pub status_code: Option, + pub status_code: Option, } /// RequestRedirectPolicy defines an HTTP redirection. @@ -963,6 +963,12 @@ pub enum HTTPProxyRoutesRequestRedirectPolicyStatusCode { r#_301, #[serde(rename = "302")] r#_302, + #[serde(rename = "303")] + r#_303, + #[serde(rename = "307")] + r#_307, + #[serde(rename = "308")] + r#_308, } /// The policy for managing response headers during proxying. @@ -1009,11 +1015,14 @@ pub struct HTTPProxyRoutesRetryPolicy { /// - `5xx` /// - `gateway-error` /// - `reset` + /// - `reset-before-request` /// - `connect-failure` + /// - `envoy-ratelimited` /// - `retriable-4xx` /// - `refused-stream` /// - `retriable-status-codes` /// - `retriable-headers` + /// - `http3-post-connect-failure` /// Supported [gRPC conditions](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on): /// - `cancelled` /// - `deadline-exceeded` @@ -2244,6 +2253,7 @@ pub struct HTTPProxyStatusLoadBalancerIngress { pub ports: Option>, } +/// PortStatus represents the error condition of a service port #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPProxyStatusLoadBalancerIngressPorts { /// Error is to record the problem with the service port diff --git a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs index 60b8018b8..c7afb9b76 100644 --- a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs +++ b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourconfigurations.rs @@ -524,6 +524,16 @@ pub struct ContourConfigurationEnvoyNetwork { /// Contour's default is 0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "numTrustedHops")] pub num_trusted_hops: Option, + /// EnvoyStripTrailingHostDot defines if trailing dot of the host should be removed from host/authority header + /// before any processing of request by HTTP filters or routing. This + /// affects the upstream host header. Without setting this option to true, incoming + /// requests with host example.com. will not match against route with domains + /// match set to example.com. + /// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto?highlight=strip_trailing_host_dot + /// for more information. + /// Contour's default is false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stripTrailingHostDot")] + pub strip_trailing_host_dot: Option, } /// Service holds Envoy service parameters for setting Ingress status. @@ -1056,13 +1066,6 @@ pub struct ContourConfigurationXdsServer { /// Contour's default is { caFile: "/certs/ca.crt", certFile: "/certs/tls.cert", keyFile: "/certs/tls.key", insecure: false }. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Defines the XDSServer to use for `contour serve`. - /// Values: `envoy` (default), `contour (deprecated)`. - /// Other values will produce an error. - /// Deprecated: this field will be removed in a future release when - /// the `contour` xDS server implementation is removed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, } /// TLS holds TLS file config details. diff --git a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs index 0adf33205..b0f28a904 100644 --- a/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs +++ b/kube-custom-resources-rs/src/projectcontour_io/v1alpha1/contourdeployments.rs @@ -470,26 +470,35 @@ pub struct ContourDeploymentEnvoyExtraVolumeMounts { pub struct ContourDeploymentEnvoyExtraVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -526,23 +535,28 @@ pub struct ContourDeploymentEnvoyExtraVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -585,23 +599,30 @@ pub struct ContourDeploymentEnvoyExtraVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -609,15 +630,20 @@ pub struct ContourDeploymentEnvoyExtraVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesAwsElasticBlockStore { @@ -644,6 +670,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -670,6 +698,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -684,7 +714,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -726,6 +757,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesCephfsSecretRef { } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesCinder { @@ -816,7 +849,7 @@ pub struct ContourDeploymentEnvoyExtraVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -1247,6 +1280,7 @@ pub struct ContourDeploymentEnvoyExtraVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -1288,7 +1322,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesFlexVolumeSecretRef { pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -1302,6 +1337,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesGcePersistentDisk { @@ -1330,7 +1367,7 @@ pub struct ContourDeploymentEnvoyExtraVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1349,6 +1386,7 @@ pub struct ContourDeploymentEnvoyExtraVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesGlusterfs { @@ -1505,7 +1543,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -1518,7 +1557,10 @@ pub struct ContourDeploymentEnvoyExtraVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -1818,7 +1860,8 @@ pub struct ContourDeploymentEnvoyExtraVolumesProjectedSourcesServiceAccountToken pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesQuobyte { /// group to map volume access to @@ -1846,6 +1889,7 @@ pub struct ContourDeploymentEnvoyExtraVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesRbd { @@ -1905,6 +1949,7 @@ pub struct ContourDeploymentEnvoyExtraVolumesRbdSecretRef { } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -2009,6 +2054,7 @@ pub struct ContourDeploymentEnvoyExtraVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesStorageos { /// fsType is the filesystem type to mount. @@ -2051,7 +2097,9 @@ pub struct ContourDeploymentEnvoyExtraVolumesStorageosSecretRef { pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ContourDeploymentEnvoyExtraVolumesVsphereVolume { /// fsType is filesystem type to mount. @@ -2712,6 +2760,16 @@ pub struct ContourDeploymentRuntimeSettingsEnvoyNetwork { /// Contour's default is 0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "numTrustedHops")] pub num_trusted_hops: Option, + /// EnvoyStripTrailingHostDot defines if trailing dot of the host should be removed from host/authority header + /// before any processing of request by HTTP filters or routing. This + /// affects the upstream host header. Without setting this option to true, incoming + /// requests with host example.com. will not match against route with domains + /// match set to example.com. + /// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto?highlight=strip_trailing_host_dot + /// for more information. + /// Contour's default is false. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "stripTrailingHostDot")] + pub strip_trailing_host_dot: Option, } /// Service holds Envoy service parameters for setting Ingress status. @@ -3244,13 +3302,6 @@ pub struct ContourDeploymentRuntimeSettingsXdsServer { /// Contour's default is { caFile: "/certs/ca.crt", certFile: "/certs/tls.cert", keyFile: "/certs/tls.key", insecure: false }. #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, - /// Defines the XDSServer to use for `contour serve`. - /// Values: `envoy` (default), `contour (deprecated)`. - /// Other values will produce an error. - /// Deprecated: this field will be removed in a future release when - /// the `contour` xDS server implementation is removed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, } /// TLS holds TLS file config details. diff --git a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs index 6d226e336..197e6e29e 100644 --- a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs +++ b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs @@ -20,7 +20,7 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct AlertManagerDefinitionSpec { pub configuration: String, - /// The ID of the workspace in which to create the alert manager definition. + /// The ID of the workspace to add the alert manager definition to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workspaceID")] pub workspace_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -67,16 +67,16 @@ pub struct AlertManagerDefinitionStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// Status code of this definition. + /// The current status of the alert manager. #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusCode")] pub status_code: Option, - /// The reason for failure if any. + /// If there is a failure, the reason for the failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusReason")] pub status_reason: Option, } diff --git a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs index 057db3e09..a4c0e654f 100644 --- a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs +++ b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs @@ -19,10 +19,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct LoggingConfigurationSpec { - /// The ARN of the CW log group to which the vended log data will be published. + /// The ARN of the CloudWatch log group to which the vended log data will be + /// published. This log group must exist prior to calling this operation. #[serde(rename = "logGroupARN")] pub log_group_arn: String, - /// The ID of the workspace to vend logs to. + /// The ID of the workspace to create the logging configuration for. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workspaceID")] pub workspace_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -69,16 +70,16 @@ pub struct LoggingConfigurationStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// Status code of the logging configuration. + /// The current status of the logging configuration. #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusCode")] pub status_code: Option, - /// The reason for failure if any. + /// If failed, the reason for the failure. #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusReason")] pub status_reason: Option, } diff --git a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs index 7bfcc2bfe..9d216bef3 100644 --- a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs +++ b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs @@ -21,12 +21,12 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct RuleGroupsNamespaceSpec { pub configuration: String, - /// The rule groups namespace name. + /// The name for the new rule groups namespace. pub name: String, - /// Optional, user-provided tags for this rule groups namespace. + /// The list of tag keys and values to associate with the rule groups namespace. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, - /// The ID of the workspace in which to create the rule group namespace. + /// The ID of the workspace to add the rule groups namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workspaceID")] pub workspace_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -73,13 +73,13 @@ pub struct RuleGroupsNamespaceStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The status of rule groups namespace. + /// A structure that returns the current status of the rule groups namespace. #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, } @@ -106,7 +106,7 @@ pub struct RuleGroupsNamespaceStatusAckResourceMetadata { pub region: String, } -/// The status of rule groups namespace. +/// A structure that returns the current status of the rule groups namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RuleGroupsNamespaceStatusStatus { /// State of a namespace. diff --git a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/workspaces.rs b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/workspaces.rs index 94f97d541..e8504cd35 100644 --- a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/workspaces.rs +++ b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/workspaces.rs @@ -20,11 +20,14 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct WorkspaceSpec { - /// An optional user-assigned alias for this workspace. This alias is for user - /// reference and does not need to be unique. + /// An alias that you assign to this workspace to help you identify it. It does + /// not need to be unique. + /// + /// Blank spaces at the beginning or end of the alias that you specify will be + /// trimmed from the value used. #[serde(default, skip_serializing_if = "Option::is_none")] pub alias: Option, - /// Optional, user-provided tags for this workspace. + /// The list of tag keys and values to associate with the workspace. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, } @@ -37,16 +40,17 @@ pub struct WorkspaceStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The status of the workspace that was just created (usually CREATING). + /// The current status of the new workspace. Immediately after you create the + /// workspace, the status is usually CREATING. #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, - /// The generated ID of the workspace that was just created. + /// The unique ID for the new workspace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "workspaceID")] pub workspace_id: Option, } @@ -73,7 +77,8 @@ pub struct WorkspaceStatusAckResourceMetadata { pub region: String, } -/// The status of the workspace that was just created (usually CREATING). +/// The current status of the new workspace. Immediately after you create the +/// workspace, the status is usually CREATING. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct WorkspaceStatusStatus { /// State of a workspace. diff --git a/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlbackups.rs b/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlbackups.rs index 80ac46177..30a6938b9 100644 --- a/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlbackups.rs +++ b/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlbackups.rs @@ -498,6 +498,8 @@ pub struct PerconaServerMySQLBackupStatusStoragePodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] diff --git a/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlrestores.rs b/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlrestores.rs index 0994dcb28..da8e18626 100644 --- a/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlrestores.rs +++ b/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqlrestores.rs @@ -500,6 +500,8 @@ pub struct PerconaServerMySQLRestoreBackupSourceStoragePodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] diff --git a/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqls.rs b/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqls.rs index 3f9ccabb1..71a15b132 100644 --- a/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqls.rs +++ b/kube-custom-resources-rs/src/ps_percona_com/v1alpha1/perconaservermysqls.rs @@ -181,8 +181,8 @@ pub struct PerconaServerMySQLBackupPitrBinlogServer { pub annotations: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectTimeout")] - pub connect_timeout: Option, + #[serde(rename = "connectTimeout")] + pub connect_timeout: i32, #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerSecurityContext")] pub container_security_context: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -191,8 +191,8 @@ pub struct PerconaServerMySQLBackupPitrBinlogServer { pub env_from: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "gracePeriod")] pub grace_period: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "idleTime")] - pub idle_time: Option, + #[serde(rename = "idleTime")] + pub idle_time: i32, pub image: String, #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, @@ -210,8 +210,8 @@ pub struct PerconaServerMySQLBackupPitrBinlogServer { pub pod_security_context: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readTimeout")] - pub read_timeout: Option, + #[serde(rename = "readTimeout")] + pub read_timeout: i32, #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] pub readiness_probe: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -220,8 +220,8 @@ pub struct PerconaServerMySQLBackupPitrBinlogServer { pub runtime_class_name: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverId")] - pub server_id: Option, + #[serde(rename = "serverId")] + pub server_id: i32, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -235,8 +235,8 @@ pub struct PerconaServerMySQLBackupPitrBinlogServer { pub topology_spread_constraints: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSpec")] pub volume_spec: Option, - #[serde(default, skip_serializing_if = "Option::is_none", rename = "writeTimeout")] - pub write_timeout: Option, + #[serde(rename = "writeTimeout")] + pub write_timeout: i32, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -788,6 +788,8 @@ pub struct PerconaServerMySQLBackupPitrBinlogServerPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -1635,6 +1637,8 @@ pub struct PerconaServerMySQLBackupStoragesPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -2502,6 +2506,8 @@ pub struct PerconaServerMySQLMysqlPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -4810,6 +4816,8 @@ pub struct PerconaServerMySQLOrchestratorPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -5898,6 +5906,8 @@ pub struct PerconaServerMySQLProxyHaproxyPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -6866,6 +6876,8 @@ pub struct PerconaServerMySQLProxyRouterPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] diff --git a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs index 841b14f3a..c39150817 100644 --- a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs +++ b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbbackups.rs @@ -50,6 +50,8 @@ pub struct PerconaServerMongoDBBackupStatus { pub destination: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub error: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filesystem: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransition")] pub last_transition: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestRestorableTime")] @@ -86,6 +88,11 @@ pub struct PerconaServerMongoDBBackupStatusAzure { pub prefix: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaServerMongoDBBackupStatusFilesystem { + pub path: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaServerMongoDBBackupStatusS3 { pub bucket: String, diff --git a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs index d896d5e16..8873c4895 100644 --- a/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs +++ b/kube-custom-resources-rs/src/psmdb_percona_com/v1/perconaservermongodbrestores.rs @@ -44,6 +44,8 @@ pub struct PerconaServerMongoDBRestoreBackupSource { pub destination: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub error: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub filesystem: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastTransition")] pub last_transition: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestRestorableTime")] @@ -80,6 +82,11 @@ pub struct PerconaServerMongoDBRestoreBackupSourceAzure { pub prefix: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaServerMongoDBRestoreBackupSourceFilesystem { + pub path: String, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaServerMongoDBRestoreBackupSourceS3 { pub bucket: String, diff --git a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterbackups.rs b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterbackups.rs index 36f602aa0..09607c176 100644 --- a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterbackups.rs +++ b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterbackups.rs @@ -19,12 +19,18 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct PerconaXtraDBClusterBackupSpec { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeDeadlineSeconds")] + pub active_deadline_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerOptions")] pub container_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "pxcCluster")] pub pxc_cluster: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startingDeadlineSeconds")] + pub starting_deadline_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageName")] pub storage_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "suspendedDeadlineSeconds")] + pub suspended_deadline_seconds: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -112,6 +118,8 @@ pub struct PerconaXtraDBClusterBackupStatus { #[serde(default, skip_serializing_if = "Option::is_none")] pub destination: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub error: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub lastscheduled: Option, diff --git a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterrestores.rs b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterrestores.rs index 278b3eaa2..01ed9f687 100644 --- a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterrestores.rs +++ b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusterrestores.rs @@ -45,6 +45,8 @@ pub struct PerconaXtraDBClusterRestoreBackupSource { #[serde(default, skip_serializing_if = "Option::is_none")] pub destination: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub error: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub lastscheduled: Option, @@ -189,6 +191,8 @@ pub struct PerconaXtraDBClusterRestorePitrBackupSource { #[serde(default, skip_serializing_if = "Option::is_none")] pub destination: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub error: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub lastscheduled: Option, diff --git a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs index 6dcd9710c..3de63b628 100644 --- a/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs +++ b/kube-custom-resources-rs/src/pxc_percona_com/v1/perconaxtradbclusters.rs @@ -68,12 +68,16 @@ pub struct PerconaXtraDBClusterSpec { pub update_strategy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeOptions")] pub upgrade_options: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub users: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "vaultSecretName")] pub vault_secret_name: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaXtraDBClusterBackup { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeDeadlineSeconds")] + pub active_deadline_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowParallel")] pub allow_parallel: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -92,8 +96,12 @@ pub struct PerconaXtraDBClusterBackup { pub schedule: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startingDeadlineSeconds")] + pub starting_deadline_seconds: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub storages: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "suspendedDeadlineSeconds")] + pub suspended_deadline_seconds: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -659,6 +667,8 @@ pub struct PerconaXtraDBClusterBackupStoragesPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -1622,6 +1632,8 @@ pub struct PerconaXtraDBClusterHaproxyPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -3523,10 +3535,14 @@ pub struct PerconaXtraDBClusterPmm { pub image: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbes")] + pub liveness_probes: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxysqlParams")] pub proxysql_params: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "pxcParams")] pub pxc_params: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbes")] + pub readiness_probes: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runtimeClassName")] @@ -3613,6 +3629,132 @@ pub struct PerconaXtraDBClusterPmmContainerSecurityContextWindowsOptions { pub run_as_user_name: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmLivenessProbes { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] + pub initial_delay_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] + pub period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmLivenessProbesExec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmLivenessProbesGrpc { + pub port: i32, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmLivenessProbesHttpGet { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] + pub http_headers: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + pub port: IntOrString, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmLivenessProbesHttpGetHttpHeaders { + pub name: String, + pub value: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmLivenessProbesTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmReadinessProbes { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] + pub failure_threshold: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grpc: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] + pub http_get: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] + pub initial_delay_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] + pub period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] + pub success_threshold: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] + pub tcp_socket: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] + pub termination_grace_period_seconds: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmReadinessProbesExec { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmReadinessProbesGrpc { + pub port: i32, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub service: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmReadinessProbesHttpGet { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] + pub http_headers: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, + pub port: IntOrString, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheme: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmReadinessProbesHttpGetHttpHeaders { + pub name: String, + pub value: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterPmmReadinessProbesTcpSocket { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub host: Option, + pub port: IntOrString, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaXtraDBClusterPmmResources { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4333,6 +4475,8 @@ pub struct PerconaXtraDBClusterProxysqlPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -6715,6 +6859,8 @@ pub struct PerconaXtraDBClusterPxcPodSecurityContext { pub run_as_non_root: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] pub se_linux_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] @@ -8467,6 +8613,30 @@ pub struct PerconaXtraDBClusterUpgradeOptions { pub version_service_endpoint: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterUsers { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dbs: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub grants: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub hosts: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordSecretRef")] + pub password_secret_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "withGrantOption")] + pub with_grant_option: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PerconaXtraDBClusterUsersPasswordSecretRef { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PerconaXtraDBClusterStatus { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs b/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs index 1465b6264..1d0205e56 100644 --- a/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs +++ b/kube-custom-resources-rs/src/ray_io/v1/rayclusters.rs @@ -24,10 +24,14 @@ pub struct RayClusterSpec { pub autoscaler_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableInTreeAutoscaling")] pub enable_in_tree_autoscaling: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcsFaultToleranceOptions")] + pub gcs_fault_tolerance_options: Option, #[serde(rename = "headGroupSpec")] pub head_group_spec: RayClusterHeadGroupSpec, #[serde(default, skip_serializing_if = "Option::is_none", rename = "headServiceAnnotations")] pub head_service_annotations: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedBy")] + pub managed_by: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "rayVersion")] pub ray_version: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -255,6 +259,128 @@ pub struct RayClusterAutoscalerOptionsVolumeMounts { pub sub_path_expr: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalStorageNamespace")] + pub external_storage_namespace: Option, + #[serde(rename = "redisAddress")] + pub redis_address: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisPassword")] + pub redis_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisUsername")] + pub redis_username: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisPassword { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisPasswordValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisPasswordValueFromConfigMapKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisPasswordValueFromFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisPasswordValueFromResourceFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + pub resource: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisPasswordValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisUsername { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisUsernameValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisUsernameValueFromConfigMapKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisUsernameValueFromFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisUsernameValueFromResourceFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + pub resource: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayClusterGcsFaultToleranceOptionsRedisUsernameValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayClusterHeadGroupSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableIngress")] @@ -3392,6 +3518,8 @@ pub struct RayClusterHeadGroupSpecTemplateSpecVolumesVsphereVolume { pub struct RayClusterWorkerGroupSpecs { #[serde(rename = "groupName")] pub group_name: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "idleTimeoutSeconds")] + pub idle_timeout_seconds: Option, #[serde(rename = "maxReplicas")] pub max_replicas: i32, #[serde(rename = "minReplicas")] @@ -3404,6 +3532,8 @@ pub struct RayClusterWorkerGroupSpecs { pub replicas: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleStrategy")] pub scale_strategy: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspend: Option, pub template: RayClusterWorkerGroupSpecsTemplate, } diff --git a/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs b/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs index e193c7449..fff0996b8 100644 --- a/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs +++ b/kube-custom-resources-rs/src/ray_io/v1/rayjobs.rs @@ -26,6 +26,8 @@ pub struct RayJobSpec { pub backoff_limit: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterSelector")] pub cluster_selector: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionPolicy")] + pub deletion_policy: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub entrypoint: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "entrypointNumCpus")] @@ -36,6 +38,8 @@ pub struct RayJobSpec { pub entrypoint_resources: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jobId")] pub job_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedBy")] + pub managed_by: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "rayClusterSpec")] @@ -62,10 +66,14 @@ pub struct RayJobRayClusterSpec { pub autoscaler_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableInTreeAutoscaling")] pub enable_in_tree_autoscaling: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcsFaultToleranceOptions")] + pub gcs_fault_tolerance_options: Option, #[serde(rename = "headGroupSpec")] pub head_group_spec: RayJobRayClusterSpecHeadGroupSpec, #[serde(default, skip_serializing_if = "Option::is_none", rename = "headServiceAnnotations")] pub head_service_annotations: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedBy")] + pub managed_by: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "rayVersion")] pub ray_version: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -293,6 +301,128 @@ pub struct RayJobRayClusterSpecAutoscalerOptionsVolumeMounts { pub sub_path_expr: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalStorageNamespace")] + pub external_storage_namespace: Option, + #[serde(rename = "redisAddress")] + pub redis_address: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisPassword")] + pub redis_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisUsername")] + pub redis_username: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisPassword { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisPasswordValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisPasswordValueFromConfigMapKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisPasswordValueFromFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisPasswordValueFromResourceFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + pub resource: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisPasswordValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisUsername { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisUsernameValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisUsernameValueFromConfigMapKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisUsernameValueFromFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisUsernameValueFromResourceFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + pub resource: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayJobRayClusterSpecGcsFaultToleranceOptionsRedisUsernameValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayJobRayClusterSpecHeadGroupSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableIngress")] @@ -3430,6 +3560,8 @@ pub struct RayJobRayClusterSpecHeadGroupSpecTemplateSpecVolumesVsphereVolume { pub struct RayJobRayClusterSpecWorkerGroupSpecs { #[serde(rename = "groupName")] pub group_name: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "idleTimeoutSeconds")] + pub idle_timeout_seconds: Option, #[serde(rename = "maxReplicas")] pub max_replicas: i32, #[serde(rename = "minReplicas")] @@ -3442,6 +3574,8 @@ pub struct RayJobRayClusterSpecWorkerGroupSpecs { pub replicas: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleStrategy")] pub scale_strategy: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspend: Option, pub template: RayJobRayClusterSpecWorkerGroupSpecsTemplate, } diff --git a/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs b/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs index 797df574e..17aca3bf2 100644 --- a/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs +++ b/kube-custom-resources-rs/src/ray_io/v1/rayservices.rs @@ -22,6 +22,8 @@ use self::prelude::*; pub struct RayServiceSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "deploymentUnhealthySecondThreshold")] pub deployment_unhealthy_second_threshold: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "excludeHeadPodFromServeSvc")] + pub exclude_head_pod_from_serve_svc: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "rayClusterConfig")] pub ray_cluster_config: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serveConfigV2")] @@ -30,6 +32,8 @@ pub struct RayServiceSpec { pub serve_service: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceUnhealthySecondThreshold")] pub service_unhealthy_second_threshold: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeStrategy")] + pub upgrade_strategy: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -38,10 +42,14 @@ pub struct RayServiceRayClusterConfig { pub autoscaler_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableInTreeAutoscaling")] pub enable_in_tree_autoscaling: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcsFaultToleranceOptions")] + pub gcs_fault_tolerance_options: Option, #[serde(rename = "headGroupSpec")] pub head_group_spec: RayServiceRayClusterConfigHeadGroupSpec, #[serde(default, skip_serializing_if = "Option::is_none", rename = "headServiceAnnotations")] pub head_service_annotations: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedBy")] + pub managed_by: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "rayVersion")] pub ray_version: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -269,6 +277,128 @@ pub struct RayServiceRayClusterConfigAutoscalerOptionsVolumeMounts { pub sub_path_expr: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalStorageNamespace")] + pub external_storage_namespace: Option, + #[serde(rename = "redisAddress")] + pub redis_address: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisPassword")] + pub redis_password: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "redisUsername")] + pub redis_username: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisPassword { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisPasswordValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisPasswordValueFromConfigMapKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisPasswordValueFromFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisPasswordValueFromResourceFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + pub resource: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisPasswordValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisUsername { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisUsernameValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisUsernameValueFromConfigMapKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisUsernameValueFromFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisUsernameValueFromResourceFieldRef { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + pub resource: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceRayClusterConfigGcsFaultToleranceOptionsRedisUsernameValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceRayClusterConfigHeadGroupSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableIngress")] @@ -3406,6 +3536,8 @@ pub struct RayServiceRayClusterConfigHeadGroupSpecTemplateSpecVolumesVsphereVolu pub struct RayServiceRayClusterConfigWorkerGroupSpecs { #[serde(rename = "groupName")] pub group_name: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "idleTimeoutSeconds")] + pub idle_timeout_seconds: Option, #[serde(rename = "maxReplicas")] pub max_replicas: i32, #[serde(rename = "minReplicas")] @@ -3418,6 +3550,8 @@ pub struct RayServiceRayClusterConfigWorkerGroupSpecs { pub replicas: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleStrategy")] pub scale_strategy: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspend: Option, pub template: RayServiceRayClusterConfigWorkerGroupSpecsTemplate, } @@ -6547,10 +6681,18 @@ pub struct RayServiceServeServiceStatusLoadBalancerIngressPorts { pub protocol: String, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RayServiceUpgradeStrategy { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceStatus { #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeServiceStatus")] pub active_service_status: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastUpdateTime")] pub last_update_time: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "numServeEndpoints")] @@ -6575,8 +6717,6 @@ pub struct RayServiceStatusActiveServiceStatus { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceStatusActiveServiceStatusApplicationStatuses { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthLastUpdateTime")] - pub health_last_update_time: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serveDeploymentStatuses")] @@ -6587,8 +6727,6 @@ pub struct RayServiceStatusActiveServiceStatusApplicationStatuses { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceStatusActiveServiceStatusApplicationStatusesServeDeploymentStatuses { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthLastUpdateTime")] - pub health_last_update_time: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6657,8 +6795,6 @@ pub struct RayServiceStatusPendingServiceStatus { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceStatusPendingServiceStatusApplicationStatuses { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthLastUpdateTime")] - pub health_last_update_time: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "serveDeploymentStatuses")] @@ -6669,8 +6805,6 @@ pub struct RayServiceStatusPendingServiceStatusApplicationStatuses { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RayServiceStatusPendingServiceStatusApplicationStatusesServeDeploymentStatuses { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthLastUpdateTime")] - pub health_last_update_time: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs b/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs index 5a1677a8e..611c6276d 100644 --- a/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs +++ b/kube-custom-resources-rs/src/rc_app_stacks/v1/runtimecomponents.rs @@ -6827,6 +6827,9 @@ pub struct RuntimeComponentStatus { /// The generation identifier of this RuntimeComponent instance completely reconciled by the Operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, + /// The reconciliation interval in seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "reconcileInterval")] + pub reconcile_interval: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub references: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusterparametergroups.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusterparametergroups.rs index 085be9615..fbaead7b0 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusterparametergroups.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusterparametergroups.rs @@ -34,11 +34,11 @@ pub struct DBClusterParameterGroupSpec { /// /// Aurora MySQL /// - /// Example: aurora5.6, aurora-mysql5.7, aurora-mysql8.0 + /// Example: aurora-mysql5.7, aurora-mysql8.0 /// /// Aurora PostgreSQL /// - /// Example: aurora-postgresql9.6 + /// Example: aurora-postgresql14 /// /// RDS for MySQL /// @@ -46,13 +46,13 @@ pub struct DBClusterParameterGroupSpec { /// /// RDS for PostgreSQL /// - /// Example: postgres12 + /// Example: postgres13 /// /// To list all of the available parameter group families for a DB engine, use /// the following command: /// /// aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily" - /// --engine + /// --engine /// /// For example, to list all of the available parameter group families for the /// Aurora PostgreSQL DB engine, use the following command: @@ -64,9 +64,7 @@ pub struct DBClusterParameterGroupSpec { /// /// The following are the valid DB engine values: /// - /// * aurora (for MySQL 5.6-compatible Aurora) - /// - /// * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) + /// * aurora-mysql /// /// * aurora-postgresql /// @@ -136,8 +134,10 @@ pub struct DBClusterParameterGroupParameters { /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. /// -/// For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) -/// in the Amazon RDS User Guide. +/// For more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) +/// in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources +/// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) +/// in the Amazon Aurora User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBClusterParameterGroupTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -154,7 +154,7 @@ pub struct DBClusterParameterGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs index d8f93dd93..e73fc7d5d 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs @@ -41,84 +41,89 @@ pub struct DBClusterSpec { /// The amount of storage in gibibytes (GiB) to allocate to each DB instance /// in the Multi-AZ DB cluster. /// - /// This setting is required to create a Multi-AZ DB cluster. + /// Valid for Cluster Type: Multi-AZ DB clusters only /// - /// Valid for: Multi-AZ DB clusters only + /// This setting is required to create a Multi-AZ DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedStorage")] pub allocated_storage: Option, - /// A value that indicates whether minor engine upgrades are applied automatically - /// to the DB cluster during the maintenance window. By default, minor engine - /// upgrades are applied automatically. + /// Specifies whether minor engine upgrades are applied automatically to the + /// DB cluster during the maintenance window. By default, minor engine upgrades + /// are applied automatically. /// - /// Valid for: Multi-AZ DB clusters only + /// Valid for Cluster Type: Multi-AZ DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoMinorVersionUpgrade")] pub auto_minor_version_upgrade: Option, - /// A list of Availability Zones (AZs) where DB instances in the DB cluster can - /// be created. + /// A list of Availability Zones (AZs) where you specifically want to create + /// DB instances in the DB cluster. /// - /// For information on Amazon Web Services Regions and Availability Zones, see - /// Choosing the Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) + /// For information on AZs, see Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html#Concepts.RegionsAndAvailabilityZones.AvailabilityZones) /// in the Amazon Aurora User Guide. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only + /// + /// Constraints: + /// + /// * Can't specify more than three AZs. #[serde(default, skip_serializing_if = "Option::is_none", rename = "availabilityZones")] pub availability_zones: Option>, /// The target backtrack window, in seconds. To disable backtracking, set this /// value to 0. /// + /// Valid for Cluster Type: Aurora MySQL DB clusters only + /// /// Default: 0 /// /// Constraints: /// /// * If specified, this value must be set to a number from 0 to 259,200 (72 /// hours). - /// - /// Valid for: Aurora MySQL DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "backtrackWindow")] pub backtrack_window: Option, /// The number of days for which automated backups are retained. /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters + /// /// Default: 1 /// /// Constraints: /// - /// * Must be a value from 1 to 35 - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// * Must be a value from 1 to 35. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupRetentionPeriod")] pub backup_retention_period: Option, - /// A value that indicates that the DB cluster should be associated with the - /// specified CharacterSet. + /// The name of the character set (CharacterSet) to associate the DB cluster + /// with. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "characterSetName")] pub character_set_name: Option, - /// A value that indicates whether to copy all tags from the DB cluster to snapshots - /// of the DB cluster. The default is not to copy them. + /// Specifies whether to copy all tags from the DB cluster to snapshots of the + /// DB cluster. The default is not to copy them. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyTagsToSnapshot")] pub copy_tags_to_snapshot: Option, - /// The name for your database of up to 64 alphanumeric characters. If you do - /// not provide a name, Amazon RDS doesn't create a database in the DB cluster - /// you are creating. + /// The name for your database of up to 64 alphanumeric characters. A database + /// named postgres is always created. If this parameter is specified, an additional + /// database with this name is created. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "databaseName")] pub database_name: Option, - /// The DB cluster identifier. This parameter is stored as a lowercase string. + /// The identifier for this DB cluster. This parameter is stored as a lowercase + /// string. + /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// /// Constraints: /// - /// * Must contain from 1 to 63 letters, numbers, or hyphens. + /// * Must contain from 1 to 63 (for Aurora DB clusters) or 1 to 52 (for Multi-AZ + /// DB clusters) letters, numbers, or hyphens. /// /// * First character must be a letter. /// /// * Can't end with a hyphen or contain two consecutive hyphens. /// /// Example: my-cluster1 - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters #[serde(rename = "dbClusterIdentifier")] pub db_cluster_identifier: String, /// The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, @@ -131,19 +136,19 @@ pub struct DBClusterSpec { /// /// This setting is required to create a Multi-AZ DB cluster. /// - /// Valid for: Multi-AZ DB clusters only + /// Valid for Cluster Type: Multi-AZ DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterInstanceClass")] pub db_cluster_instance_class: Option, /// The name of the DB cluster parameter group to associate with this DB cluster. - /// If you do not specify a value, then the default DB cluster parameter group + /// If you don't specify a value, then the default DB cluster parameter group /// for the specified DB engine and version is used. /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters + /// /// Constraints: /// /// * If supplied, must match the name of an existing DB cluster parameter /// group. - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterParameterGroupName")] pub db_cluster_parameter_group_name: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -159,12 +164,13 @@ pub struct DBClusterSpec { /// /// This setting is required to create a Multi-AZ DB cluster. /// - /// Constraints: Must match the name of an existing DBSubnetGroup. Must not be - /// default. + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// - /// Example: mydbsubnetgroup + /// Constraints: /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// * Must match the name of an existing DB subnet group. + /// + /// Example: mydbsubnetgroup #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSubnetGroupName")] pub db_subnet_group_name: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -179,11 +185,11 @@ pub struct DBClusterSpec { /// Reserved for future use. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSystemID")] pub db_system_id: Option, - /// A value that indicates whether the DB cluster has deletion protection enabled. - /// The database can't be deleted when deletion protection is enabled. By default, - /// deletion protection isn't enabled. + /// Specifies whether the DB cluster has deletion protection enabled. The database + /// can't be deleted when deletion protection is enabled. By default, deletion + /// protection isn't enabled. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionProtection")] pub deletion_protection: Option, /// DestinationRegion is used for presigning the request to a given region. @@ -197,33 +203,28 @@ pub struct DBClusterSpec { /// For more information, see Kerberos authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) /// in the Amazon Aurora User Guide. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none")] pub domain: Option, - /// Specify the name of the IAM role to be used when making API calls to the - /// Directory Service. + /// The name of the IAM role to use when making API calls to the Directory Service. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainIAMRoleName")] pub domain_iam_role_name: Option, /// The list of log types that need to be enabled for exporting to CloudWatch - /// Logs. The values in the list depend on the DB engine being used. - /// - /// RDS for MySQL - /// - /// Possible values are error, general, and slowquery. + /// Logs. /// - /// RDS for PostgreSQL + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// - /// Possible values are postgresql and upgrade. + /// The following values are valid for each DB engine: /// - /// Aurora MySQL + /// * Aurora MySQL - audit | error | general | slowquery /// - /// Possible values are audit, error, general, and slowquery. + /// * Aurora PostgreSQL - postgresql /// - /// Aurora PostgreSQL + /// * RDS for MySQL - error | general | slowquery /// - /// Possible value is postgresql. + /// * RDS for PostgreSQL - postgresql | upgrade /// /// For more information about exporting CloudWatch Logs for Amazon RDS, see /// Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) @@ -232,58 +233,65 @@ pub struct DBClusterSpec { /// For more information about exporting CloudWatch Logs for Amazon Aurora, see /// Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) /// in the Amazon Aurora User Guide. - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableCloudwatchLogsExports")] pub enable_cloudwatch_logs_exports: Option>, - /// A value that indicates whether to enable this DB cluster to forward write - /// operations to the primary cluster of an Aurora global database (GlobalCluster). - /// By default, write operations are not allowed on Aurora DB clusters that are - /// secondary clusters in an Aurora global database. + /// Specifies whether to enable this DB cluster to forward write operations to + /// the primary cluster of a global cluster (Aurora global database). By default, + /// write operations are not allowed on Aurora DB clusters that are secondary + /// clusters in an Aurora global database. /// /// You can set this value only on Aurora DB clusters that are members of an /// Aurora global database. With this parameter enabled, a secondary cluster - /// can forward writes to the current primary cluster and the resulting changes + /// can forward writes to the current primary cluster, and the resulting changes /// are replicated back to this cluster. For the primary DB cluster of an Aurora /// global database, this value is used immediately if the primary is demoted - /// by the FailoverGlobalCluster API operation, but it does nothing until then. + /// by a global cluster API operation, but it does nothing until then. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableGlobalWriteForwarding")] pub enable_global_write_forwarding: Option, - /// A value that indicates whether to enable the HTTP endpoint for an Aurora - /// Serverless v1 DB cluster. By default, the HTTP endpoint is disabled. + /// Specifies whether to enable the HTTP endpoint for the DB cluster. By default, + /// the HTTP endpoint isn't enabled. /// /// When enabled, the HTTP endpoint provides a connectionless web service API - /// for running SQL queries on the Aurora Serverless v1 DB cluster. You can also - /// query your database from inside the RDS console with the query editor. + /// (RDS Data API) for running SQL queries on the DB cluster. You can also query + /// your database from inside the RDS console with the RDS query editor. + /// + /// RDS Data API is supported with the following DB clusters: + /// + /// * Aurora PostgreSQL Serverless v2 and provisioned + /// + /// * Aurora PostgreSQL and Aurora MySQL Serverless v1 /// - /// For more information, see Using the Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) + /// For more information, see Using RDS Data API (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) /// in the Amazon Aurora User Guide. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableHTTPEndpoint")] pub enable_http_endpoint: Option, - /// A value that indicates whether to enable mapping of Amazon Web Services Identity - /// and Access Management (IAM) accounts to database accounts. By default, mapping - /// isn't enabled. + /// Specifies whether to enable mapping of Amazon Web Services Identity and Access + /// Management (IAM) accounts to database accounts. By default, mapping isn't + /// enabled. /// /// For more information, see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) - /// in the Amazon Aurora User Guide. + /// in the Amazon Aurora User Guide or IAM database authentication for MariaDB, + /// MySQL, and PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) + /// in the Amazon RDS User Guide. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableIAMDatabaseAuthentication")] pub enable_iam_database_authentication: Option, - /// A value that indicates whether to turn on Performance Insights for the DB - /// cluster. + /// Specifies whether to turn on Performance Insights for the DB cluster. /// /// For more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) /// in the Amazon RDS User Guide. /// - /// Valid for: Multi-AZ DB clusters only + /// Valid for Cluster Type: Multi-AZ DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "enablePerformanceInsights")] pub enable_performance_insights: Option, - /// The name of the database engine to be used for this DB cluster. + /// The database engine to use for this DB cluster. + /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// /// Valid Values: /// @@ -295,24 +303,22 @@ pub struct DBClusterSpec { /// /// * postgres /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// * neptune - For information about using Amazon Neptune, see the Amazon + /// Neptune User Guide (https://docs.aws.amazon.com/neptune/latest/userguide/intro.html). pub engine: String, /// The DB engine mode of the DB cluster, either provisioned or serverless. /// /// The serverless engine mode only applies for Aurora Serverless v1 DB clusters. + /// Aurora Serverless v2 DB clusters use the provisioned engine mode. /// - /// Limitations and requirements apply to some DB engine modes. For more information, + /// For information about limitations and requirements for Serverless DB clusters, /// see the following sections in the Amazon Aurora User Guide: /// /// * Limitations of Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations) /// /// * Requirements for Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html) /// - /// * Limitations of parallel query (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations) - /// - /// * Limitations of Aurora global databases (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations) - /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineMode")] pub engine_mode: Option, /// The version number of the database engine to use. @@ -340,34 +346,28 @@ pub struct DBClusterSpec { /// /// aws rds describe-db-engine-versions --engine postgres --query "DBEngineVersions[].EngineVersion" /// - /// Aurora MySQL - /// - /// For information, see Database engine updates for Amazon Aurora MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) - /// in the Amazon Aurora User Guide. - /// - /// Aurora PostgreSQL + /// For information about a specific engine, see the following topics: /// - /// For information, see Amazon Aurora PostgreSQL releases and engine versions - /// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) - /// in the Amazon Aurora User Guide. - /// - /// MySQL + /// * Aurora MySQL - see Database engine updates for Amazon Aurora MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) + /// in the Amazon Aurora User Guide. /// - /// For information, see Amazon RDS for MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) - /// in the Amazon RDS User Guide. + /// * Aurora PostgreSQL - see Amazon Aurora PostgreSQL releases and engine + /// versions (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) + /// in the Amazon Aurora User Guide. /// - /// PostgreSQL + /// * RDS for MySQL - see Amazon RDS for MySQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) + /// in the Amazon RDS User Guide. /// - /// For information, see Amazon RDS for PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) - /// in the Amazon RDS User Guide. + /// * RDS for PostgreSQL - see Amazon RDS for PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) + /// in the Amazon RDS User Guide. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineVersion")] pub engine_version: Option, /// The global cluster ID of an Aurora cluster that becomes the primary cluster /// in the new global database cluster. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "globalClusterIdentifier")] pub global_cluster_identifier: Option, /// The amount of Provisioned IOPS (input/output operations per second) to be @@ -378,10 +378,12 @@ pub struct DBClusterSpec { /// /// This setting is required to create a Multi-AZ DB cluster. /// - /// Constraints: Must be a multiple between .5 and 50 of the storage amount for - /// the DB cluster. + /// Valid for Cluster Type: Multi-AZ DB clusters only + /// + /// Constraints: /// - /// Valid for: Multi-AZ DB clusters only + /// * Must be a multiple between .5 and 50 of the storage amount for the DB + /// cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub iops: Option, /// The Amazon Web Services KMS key identifier for an encrypted DB cluster. @@ -393,22 +395,22 @@ pub struct DBClusterSpec { /// When a KMS key isn't specified in KmsKeyId: /// /// * If ReplicationSourceIdentifier identifies an encrypted source, then - /// Amazon RDS will use the KMS key used to encrypt the source. Otherwise, - /// Amazon RDS will use your default KMS key. + /// Amazon RDS uses the KMS key used to encrypt the source. Otherwise, Amazon + /// RDS uses your default KMS key. /// /// * If the StorageEncrypted parameter is enabled and ReplicationSourceIdentifier - /// isn't specified, then Amazon RDS will use your default KMS key. + /// isn't specified, then Amazon RDS uses your default KMS key. /// /// There is a default KMS key for your Amazon Web Services account. Your Amazon /// Web Services account has a different default KMS key for each Amazon Web /// Services Region. /// /// If you create a read replica of an encrypted DB cluster in another Amazon - /// Web Services Region, you must set KmsKeyId to a KMS key identifier that is - /// valid in the destination Amazon Web Services Region. This KMS key is used + /// Web Services Region, make sure to set KmsKeyId to a KMS key identifier that + /// is valid in the destination Amazon Web Services Region. This KMS key is used /// to encrypt the read replica in that Amazon Web Services Region. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyID")] pub kms_key_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -420,8 +422,8 @@ pub struct DBClusterSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyRef")] pub kms_key_ref: Option, - /// A value that indicates whether to manage the master user password with Amazon - /// Web Services Secrets Manager. + /// Specifies whether to manage the master user password with Amazon Web Services + /// Secrets Manager. /// /// For more information, see Password management with Amazon Web Services Secrets /// Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) @@ -429,24 +431,25 @@ pub struct DBClusterSpec { /// Secrets Manager (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) /// in the Amazon Aurora User Guide. /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters + /// /// Constraints: /// /// * Can't manage the master user password with Amazon Web Services Secrets /// Manager if MasterUserPassword is specified. - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "manageMasterUserPassword")] pub manage_master_user_password: Option, - /// The password for the master database user. This password can contain any - /// printable ASCII character except "/", """, or "@". + /// The password for the master database user. + /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// /// Constraints: /// /// * Must contain from 8 to 41 characters. /// - /// * Can't be specified if ManageMasterUserPassword is turned on. + /// * Can contain any printable ASCII character except "/", """, or "@". /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// * Can't be specified if ManageMasterUserPassword is turned on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserPassword")] pub master_user_password: Option, /// The Amazon Web Services KMS key identifier to encrypt a secret that is automatically @@ -468,7 +471,7 @@ pub struct DBClusterSpec { /// Web Services account has a different default KMS key for each Amazon Web /// Services Region. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserSecretKMSKeyID")] pub master_user_secret_kms_key_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -482,6 +485,8 @@ pub struct DBClusterSpec { pub master_user_secret_kms_key_ref: Option, /// The name of the master user for the DB cluster. /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters + /// /// Constraints: /// /// * Must be 1 to 16 letters or numbers. @@ -489,20 +494,20 @@ pub struct DBClusterSpec { /// * First character must be a letter. /// /// * Can't be a reserved word for the chosen database engine. - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUsername")] pub master_username: Option, /// The interval, in seconds, between points when Enhanced Monitoring metrics /// are collected for the DB cluster. To turn off collecting Enhanced Monitoring - /// metrics, specify 0. The default is 0. + /// metrics, specify 0. /// /// If MonitoringRoleArn is specified, also set MonitoringInterval to a value /// other than 0. /// - /// Valid Values: 0, 1, 5, 10, 15, 30, 60 + /// Valid for Cluster Type: Multi-AZ DB clusters only + /// + /// Valid Values: 0 | 1 | 5 | 10 | 15 | 30 | 60 /// - /// Valid for: Multi-AZ DB clusters only + /// Default: 0 #[serde(default, skip_serializing_if = "Option::is_none", rename = "monitoringInterval")] pub monitoring_interval: Option, /// The Amazon Resource Name (ARN) for the IAM role that permits RDS to send @@ -514,17 +519,11 @@ pub struct DBClusterSpec { /// If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn /// value. /// - /// Valid for: Multi-AZ DB clusters only + /// Valid for Cluster Type: Multi-AZ DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "monitoringRoleARN")] pub monitoring_role_arn: Option, /// The network type of the DB cluster. /// - /// Valid values: - /// - /// * IPV4 - /// - /// * DUAL - /// /// The network type is determined by the DBSubnetGroup specified for the DB /// cluster. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and /// the IPv6 protocols (DUAL). @@ -532,11 +531,12 @@ pub struct DBClusterSpec { /// For more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) /// in the Amazon Aurora User Guide. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only + /// + /// Valid Values: IPV4 | DUAL #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkType")] pub network_type: Option, - /// A value that indicates that the DB cluster should be associated with the - /// specified option group. + /// The option group to associate the DB cluster with. /// /// DB clusters are associated with a default option group that can't be modified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "optionGroupName")] @@ -552,49 +552,39 @@ pub struct DBClusterSpec { /// Web Services account. Your Amazon Web Services account has a different default /// KMS key for each Amazon Web Services Region. /// - /// Valid for: Multi-AZ DB clusters only + /// Valid for Cluster Type: Multi-AZ DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "performanceInsightsKMSKeyID")] pub performance_insights_kms_key_id: Option, - /// The number of days to retain Performance Insights data. The default is 7 - /// days. The following values are valid: - /// - /// * 7 - /// - /// * month * 31, where month is a number of months from 1-23 + /// The number of days to retain Performance Insights data. /// - /// * 731 - /// - /// For example, the following values are valid: + /// Valid for Cluster Type: Multi-AZ DB clusters only /// - /// * 93 (3 months * 31) + /// Valid Values: /// - /// * 341 (11 months * 31) + /// * 7 /// - /// * 589 (19 months * 31) + /// * month * 31, where month is a number of months from 1-23. Examples: 93 + /// (3 months * 31), 341 (11 months * 31), 589 (19 months * 31) /// /// * 731 /// - /// If you specify a retention period such as 94, which isn't a valid value, - /// RDS issues an error. + /// Default: 7 days /// - /// Valid for: Multi-AZ DB clusters only + /// If you specify a retention period that isn't valid, such as 94, Amazon RDS + /// issues an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "performanceInsightsRetentionPeriod")] pub performance_insights_retention_period: Option, /// The port number on which the instances in the DB cluster accept connections. /// - /// RDS for MySQL and Aurora MySQL + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// - /// Default: 3306 + /// Valid Values: 1150-65535 /// - /// Valid values: 1150-65535 + /// Default: /// - /// RDS for PostgreSQL and Aurora PostgreSQL + /// * RDS for MySQL and Aurora MySQL - 3306 /// - /// Default: 5432 - /// - /// Valid values: 1150-65535 - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// * RDS for PostgreSQL and Aurora PostgreSQL - 5432 #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// When you are replicating a DB cluster from one Amazon Web Services GovCloud @@ -637,12 +627,14 @@ pub struct DBClusterSpec { /// valid request for the operation that can run in the source Amazon Web Services /// Region. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "preSignedURL")] pub pre_signed_url: Option, /// The daily time range during which automated backups are created if automated /// backups are enabled using the BackupRetentionPeriod parameter. /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters + /// /// The default is a 30-minute window selected at random from an 8-hour block /// of time for each Amazon Web Services Region. To view the time blocks available, /// see Backup window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) @@ -657,14 +649,11 @@ pub struct DBClusterSpec { /// * Must not conflict with the preferred maintenance window. /// /// * Must be at least 30 minutes. - /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredBackupWindow")] pub preferred_backup_window: Option, - /// The weekly time range during which system maintenance can occur, in Universal - /// Coordinated Time (UTC). + /// The weekly time range during which system maintenance can occur. /// - /// Format: ddd:hh24:mi-ddd:hh24:mi + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// /// The default is a 30-minute window selected at random from an 8-hour block /// of time for each Amazon Web Services Region, occurring on a random day of @@ -672,25 +661,32 @@ pub struct DBClusterSpec { /// Cluster Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) /// in the Amazon Aurora User Guide. /// - /// Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. + /// Constraints: /// - /// Constraints: Minimum 30-minute window. + /// * Must be in the format ddd:hh24:mi-ddd:hh24:mi. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// * Days must be one of Mon | Tue | Wed | Thu | Fri | Sat | Sun. + /// + /// * Must be in Universal Coordinated Time (UTC). + /// + /// * Must be at least 30 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredMaintenanceWindow")] pub preferred_maintenance_window: Option, - /// A value that indicates whether the DB cluster is publicly accessible. + /// Specifies whether the DB cluster is publicly accessible. /// - /// When the DB cluster is publicly accessible, its Domain Name System (DNS) - /// endpoint resolves to the private IP address from within the DB cluster's - /// virtual private cloud (VPC). It resolves to the public IP address from outside - /// of the DB cluster's VPC. Access to the DB cluster is ultimately controlled - /// by the security group it uses. That public access isn't permitted if the - /// security group assigned to the DB cluster doesn't permit it. + /// When the DB cluster is publicly accessible and you connect from outside of + /// the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) + /// endpoint resolves to the public IP address. When you connect from within + /// the same VPC as the DB cluster, the endpoint resolves to the private IP address. + /// Access to the DB cluster is ultimately controlled by the security group it + /// uses. That public access isn't permitted if the security group assigned to + /// the DB cluster doesn't permit it. /// /// When the DB cluster isn't publicly accessible, it is an internal DB cluster /// with a DNS name that resolves to a private IP address. /// + /// Valid for Cluster Type: Multi-AZ DB clusters only + /// /// Default: The default behavior varies depending on whether DBSubnetGroupName /// is specified. /// @@ -711,14 +707,12 @@ pub struct DBClusterSpec { /// /// * If the subnets are part of a VPC that has an internet gateway attached /// to it, the DB cluster is public. - /// - /// Valid for: Multi-AZ DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "publiclyAccessible")] pub publicly_accessible: Option, /// The Amazon Resource Name (ARN) of the source DB instance or DB cluster if /// this DB cluster is created as a read replica. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicationSourceIdentifier")] pub replication_source_identifier: Option, /// The date and time to restore the DB cluster to. @@ -749,9 +743,6 @@ pub struct DBClusterSpec { /// * copy-on-write - The new DB cluster is restored as a clone of the source /// DB cluster. /// - /// Constraints: You can't specify copy-on-write if the engine version of the - /// source DB cluster is earlier than 1.11. - /// /// If you don't specify a RestoreType value, then the new DB cluster is restored /// as a full copy of the source DB cluster. /// @@ -761,7 +752,7 @@ pub struct DBClusterSpec { /// For DB clusters in serverless DB engine mode, the scaling properties of the /// DB cluster. /// - /// Valid for: Aurora DB clusters only + /// Valid for Cluster Type: Aurora DB clusters only #[serde(default, skip_serializing_if = "Option::is_none", rename = "scalingConfiguration")] pub scaling_configuration: Option, /// Contains the scaling configuration of an Aurora Serverless v2 DB cluster. @@ -797,31 +788,49 @@ pub struct DBClusterSpec { /// have the same region as the source ARN. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceRegion")] pub source_region: Option, - /// A value that indicates whether the DB cluster is encrypted. + /// Specifies whether the DB cluster is encrypted. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageEncrypted")] pub storage_encrypted: Option, - /// Specifies the storage type to be associated with the DB cluster. + /// The storage type to associate with the DB cluster. + /// + /// For information on storage types for Aurora DB clusters, see Storage configurations + /// for Amazon Aurora DB clusters (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type). + /// For information on storage types for Multi-AZ DB clusters, see Settings for + /// creating Multi-AZ DB clusters (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings). /// /// This setting is required to create a Multi-AZ DB cluster. /// - /// Valid values: io1 + /// When specified for a Multi-AZ DB cluster, a value for the Iops parameter + /// is required. + /// + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters + /// + /// Valid Values: + /// + /// * Aurora DB clusters - aurora | aurora-iopt1 + /// + /// * Multi-AZ DB clusters - io1 | io2 | gp3 + /// + /// Default: /// - /// When specified, a value for the Iops parameter is required. + /// * Aurora DB clusters - aurora /// - /// Default: io1 + /// * Multi-AZ DB clusters - io1 /// - /// Valid for: Multi-AZ DB clusters only + /// When you create an Aurora DB cluster with the storage type set to aurora-iopt1, + /// the storage type is returned in the response. The storage type isn't returned + /// when you set it to aurora. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageType")] pub storage_type: Option, /// Tags to assign to the DB cluster. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, - /// A value that indicates whether to restore the DB cluster to the latest restorable - /// backup time. By default, the DB cluster isn't restored to the latest restorable + /// Specifies whether to restore the DB cluster to the latest restorable backup + /// time. By default, the DB cluster isn't restored to the latest restorable /// backup time. /// /// Constraints: Can't be specified if RestoreToTime parameter is provided. @@ -831,7 +840,7 @@ pub struct DBClusterSpec { pub use_latest_restorable_time: Option, /// A list of EC2 VPC security groups to associate with this DB cluster. /// - /// Valid for: Aurora DB clusters and Multi-AZ DB clusters + /// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcSecurityGroupIDs")] pub vpc_security_group_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcSecurityGroupRefs")] @@ -913,16 +922,17 @@ pub struct DBClusterKmsKeyRefFrom { pub namespace: Option, } -/// The password for the master database user. This password can contain any -/// printable ASCII character except "/", """, or "@". +/// The password for the master database user. +/// +/// Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters /// /// Constraints: /// /// * Must contain from 8 to 41 characters. /// -/// * Can't be specified if ManageMasterUserPassword is turned on. +/// * Can contain any printable ASCII character except "/", """, or "@". /// -/// Valid for: Aurora DB clusters and Multi-AZ DB clusters +/// * Can't be specified if ManageMasterUserPassword is turned on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBClusterMasterUserPassword { /// Key is the key within the secret @@ -963,7 +973,7 @@ pub struct DBClusterMasterUserSecretKmsKeyRefFrom { /// For DB clusters in serverless DB engine mode, the scaling properties of the /// DB cluster. /// -/// Valid for: Aurora DB clusters only +/// Valid for Cluster Type: Aurora DB clusters only #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBClusterScalingConfiguration { #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoPause")] @@ -990,12 +1000,16 @@ pub struct DBClusterServerlessV2ScalingConfiguration { pub max_capacity: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "minCapacity")] pub min_capacity: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secondsUntilAutoPause")] + pub seconds_until_auto_pause: Option, } /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. /// -/// For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) -/// in the Amazon RDS User Guide. +/// For more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) +/// in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources +/// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) +/// in the Amazon Aurora User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBClusterTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1056,10 +1070,10 @@ pub struct DBClusterStatus { /// The status of the database activity stream. #[serde(default, skip_serializing_if = "Option::is_none", rename = "activityStreamStatus")] pub activity_stream_status: Option, - /// Provides a list of the Amazon Web Services Identity and Access Management - /// (IAM) roles that are associated with the DB cluster. IAM roles that are associated - /// with a DB cluster grant permission for the DB cluster to access other Amazon - /// Web Services on your behalf. + /// A list of the Amazon Web Services Identity and Access Management (IAM) roles + /// that are associated with the DB cluster. IAM roles that are associated with + /// a DB cluster grant permission for the DB cluster to access other Amazon Web + /// Services on your behalf. #[serde(default, skip_serializing_if = "Option::is_none", rename = "associatedRoles")] pub associated_roles: Option>, /// The time when a stopped DB cluster is restarted automatically. @@ -1076,33 +1090,32 @@ pub struct DBClusterStatus { /// in the Amazon Aurora User Guide. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// Identifies the clone group to which the DB cluster is associated. + /// The ID of the clone group with which the DB cluster is associated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cloneGroupID")] pub clone_group_id: Option, - /// Specifies the time when the DB cluster was created, in Universal Coordinated - /// Time (UTC). + /// The time when the DB cluster was created, in Universal Coordinated Time (UTC). #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterCreateTime")] pub cluster_create_time: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// Specifies whether the DB cluster is a clone of a DB cluster owned by a different + /// Indicates whether the DB cluster is a clone of a DB cluster owned by a different /// Amazon Web Services account. #[serde(default, skip_serializing_if = "Option::is_none", rename = "crossAccountClone")] pub cross_account_clone: Option, - /// Identifies all custom endpoints associated with the cluster. + /// The custom endpoints associated with the DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customEndpoints")] pub custom_endpoints: Option>, - /// Provides the list of instances that make up the DB cluster. + /// The list of DB instances that make up the DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterMembers")] pub db_cluster_members: Option>, - /// Provides the list of option group memberships for this DB cluster. + /// The list of option group memberships for this DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterOptionGroupMemberships")] pub db_cluster_option_group_memberships: Option>, - /// Specifies the name of the DB cluster parameter group for the DB cluster. + /// The name of the DB cluster parameter group for the DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterParameterGroup")] pub db_cluster_parameter_group: Option, /// The Amazon Web Services Region-unique, immutable identifier for the DB cluster. @@ -1110,8 +1123,8 @@ pub struct DBClusterStatus { /// the KMS key for the DB cluster is accessed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterResourceID")] pub db_cluster_resource_id: Option, - /// Specifies information on the subnet group associated with the DB cluster, - /// including the name, description, and subnets in the subnet group. + /// Information about the subnet group associated with the DB cluster, including + /// the name, description, and subnets in the subnet group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSubnetGroup")] pub db_subnet_group: Option, /// The Active Directory Domain membership records associated with the DB cluster. @@ -1132,44 +1145,41 @@ pub struct DBClusterStatus { /// in the Amazon Aurora User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledCloudwatchLogsExports")] pub enabled_cloudwatch_logs_exports: Option>, - /// Specifies the connection endpoint for the primary instance of the DB cluster. + /// The connection endpoint for the primary instance of the DB cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, - /// Specifies whether you have requested to enable write forwarding for a secondary - /// cluster in an Aurora global database. Because write forwarding takes time - /// to enable, check the value of GlobalWriteForwardingStatus to confirm that - /// the request has completed before using the write forwarding feature for this - /// cluster. + /// Indicates whether write forwarding is enabled for a secondary cluster in + /// an Aurora global database. Because write forwarding takes time to enable, + /// check the value of GlobalWriteForwardingStatus to confirm that the request + /// has completed before using the write forwarding feature for this cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "globalWriteForwardingRequested")] pub global_write_forwarding_requested: Option, - /// Specifies whether a secondary cluster in an Aurora global database has write - /// forwarding enabled, not enabled, or is in the process of enabling it. + /// The status of write forwarding for a secondary cluster in an Aurora global + /// database. #[serde(default, skip_serializing_if = "Option::is_none", rename = "globalWriteForwardingStatus")] pub global_write_forwarding_status: Option, - /// Specifies the ID that Amazon Route 53 assigns when you create a hosted zone. + /// The ID that Amazon Route 53 assigns when you create a hosted zone. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostedZoneID")] pub hosted_zone_id: Option, - /// A value that indicates whether the HTTP endpoint for an Aurora Serverless - /// v1 DB cluster is enabled. + /// Indicates whether the HTTP endpoint is enabled for an Aurora DB cluster. /// /// When enabled, the HTTP endpoint provides a connectionless web service API - /// for running SQL queries on the Aurora Serverless v1 DB cluster. You can also - /// query your database from inside the RDS console with the query editor. + /// (RDS Data API) for running SQL queries on the DB cluster. You can also query + /// your database from inside the RDS console with the RDS query editor. /// - /// For more information, see Using the Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) + /// For more information, see Using RDS Data API (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) /// in the Amazon Aurora User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpEndpointEnabled")] pub http_endpoint_enabled: Option, - /// A value that indicates whether the mapping of Amazon Web Services Identity - /// and Access Management (IAM) accounts to database accounts is enabled. + /// Indicates whether the mapping of Amazon Web Services Identity and Access + /// Management (IAM) accounts to database accounts is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "iamDatabaseAuthenticationEnabled")] pub iam_database_authentication_enabled: Option, - /// Specifies the latest time to which a database can be restored with point-in-time - /// restore. + /// The latest time to which a database can be restored with point-in-time restore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestRestorableTime")] pub latest_restorable_time: Option, - /// Contains the secret managed by RDS in Amazon Web Services Secrets Manager - /// for the master user password. + /// The secret managed by RDS in Amazon Web Services Secrets Manager for the + /// master user password. /// /// For more information, see Password management with Amazon Web Services Secrets /// Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) @@ -1178,19 +1188,18 @@ pub struct DBClusterStatus { /// in the Amazon Aurora User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserSecret")] pub master_user_secret: Option, - /// Specifies whether the DB cluster has instances in multiple Availability Zones. + /// Indicates whether the DB cluster has instances in multiple Availability Zones. #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiAZ")] pub multi_az: Option, - /// A value that specifies that changes to the DB cluster are pending. This element - /// is only included when changes are pending. Specific changes are identified + /// Information about pending changes to the DB cluster. This information is + /// returned only when there are pending changes. Specific changes are identified /// by subelements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pendingModifiedValues")] pub pending_modified_values: Option, - /// Specifies the progress of the operation as a percentage. + /// The progress of the operation as a percentage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "percentProgress")] pub percent_progress: Option, - /// True if Performance Insights is enabled for the DB cluster, and otherwise - /// false. + /// Indicates whether Performance Insights is enabled for the DB cluster. /// /// This setting is only for non-Aurora Multi-AZ DB clusters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "performanceInsightsEnabled")] @@ -1212,12 +1221,12 @@ pub struct DBClusterStatus { /// then reconnect to the reader endpoint. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readerEndpoint")] pub reader_endpoint: Option, - /// Specifies the current state of this DB cluster. + /// The current state of this DB cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub status: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "tagList")] pub tag_list: Option>, - /// Provides a list of VPC security groups that the DB cluster belongs to. + /// The list of VPC security groups that the DB cluster belongs to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcSecurityGroups")] pub vpc_security_groups: Option>, } @@ -1292,8 +1301,8 @@ pub struct DBClusterStatusDomainMemberships { pub status: Option, } -/// Contains the secret managed by RDS in Amazon Web Services Secrets Manager -/// for the master user password. +/// The secret managed by RDS in Amazon Web Services Secrets Manager for the +/// master user password. /// /// For more information, see Password management with Amazon Web Services Secrets /// Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) @@ -1310,8 +1319,8 @@ pub struct DBClusterStatusMasterUserSecret { pub secret_status: Option, } -/// A value that specifies that changes to the DB cluster are pending. This element -/// is only included when changes are pending. Specific changes are identified +/// Information about pending changes to the DB cluster. This information is +/// returned only when there are pending changes. Specific changes are identified /// by subelements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBClusterStatusPendingModifiedValues { @@ -1347,8 +1356,10 @@ pub struct DBClusterStatusPendingModifiedValuesPendingCloudwatchLogsExports { /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. /// -/// For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) -/// in the Amazon RDS User Guide. +/// For more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) +/// in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources +/// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) +/// in the Amazon Aurora User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBClusterStatusTagList { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs index 985ba6d0e..7ea83900a 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs @@ -28,13 +28,10 @@ use self::prelude::*; pub struct DBInstanceSpec { /// The amount of storage in gibibytes (GiB) to allocate for the DB instance. /// - /// Type: Integer - /// - /// Amazon Aurora - /// - /// Not applicable. Aurora cluster volumes automatically grow as the amount of - /// data in your database increases, though you are only charged for the space - /// that you use in an Aurora cluster volume. + /// This setting doesn't apply to Amazon Aurora DB instances. Aurora cluster + /// volumes automatically grow as the amount of data in your database increases, + /// though you are only charged for the space that you use in an Aurora cluster + /// volume. /// /// Amazon RDS Custom /// @@ -43,54 +40,67 @@ pub struct DBInstanceSpec { /// * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 40 /// to 65536 for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. /// - /// * Provisioned IOPS storage (io1): Must be an integer from 40 to 65536 + /// * Provisioned IOPS storage (io1, io2): Must be an integer from 40 to 65536 /// for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. /// - /// MySQL + /// RDS for Db2 + /// + /// Constraints to the amount of storage for each storage type are the following: + /// + /// * General Purpose (SSD) storage (gp3): Must be an integer from 20 to 65536. + /// + /// * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to + /// 65536. + /// + /// RDS for MariaDB /// /// Constraints to the amount of storage for each storage type are the following: /// /// * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 /// to 65536. /// - /// * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. + /// * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to + /// 65536. /// /// * Magnetic storage (standard): Must be an integer from 5 to 3072. /// - /// MariaDB + /// RDS for MySQL /// /// Constraints to the amount of storage for each storage type are the following: /// /// * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 /// to 65536. /// - /// * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. + /// * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to + /// 65536. /// /// * Magnetic storage (standard): Must be an integer from 5 to 3072. /// - /// PostgreSQL + /// RDS for Oracle /// /// Constraints to the amount of storage for each storage type are the following: /// /// * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 /// to 65536. /// - /// * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. + /// * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to + /// 65536. /// - /// * Magnetic storage (standard): Must be an integer from 5 to 3072. + /// * Magnetic storage (standard): Must be an integer from 10 to 3072. /// - /// Oracle + /// RDS for PostgreSQL /// /// Constraints to the amount of storage for each storage type are the following: /// /// * General Purpose (SSD) storage (gp2, gp3): Must be an integer from 20 /// to 65536. /// - /// * Provisioned IOPS storage (io1): Must be an integer from 100 to 65536. + /// * Provisioned IOPS storage (io1, io2): Must be an integer from 100 to + /// 65536. /// - /// * Magnetic storage (standard): Must be an integer from 10 to 3072. + /// * Magnetic storage (standard): Must be an integer from 5 to 3072. /// - /// SQL Server + /// RDS for SQL Server /// /// Constraints to the amount of storage for each storage type are the following: /// @@ -98,18 +108,18 @@ pub struct DBInstanceSpec { /// Must be an integer from 20 to 16384. Web and Express editions: Must be /// an integer from 20 to 16384. /// - /// * Provisioned IOPS storage (io1): Enterprise and Standard editions: Must - /// be an integer from 100 to 16384. Web and Express editions: Must be an - /// integer from 100 to 16384. + /// * Provisioned IOPS storage (io1, io2): Enterprise and Standard editions: + /// Must be an integer from 100 to 16384. Web and Express editions: Must be + /// an integer from 100 to 16384. /// /// * Magnetic storage (standard): Enterprise and Standard editions: Must /// be an integer from 20 to 1024. Web and Express editions: Must be an integer /// from 20 to 1024. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedStorage")] pub allocated_storage: Option, - /// A value that indicates whether minor engine upgrades are applied automatically - /// to the DB instance during the maintenance window. By default, minor engine - /// upgrades are applied automatically. + /// Specifies whether minor engine upgrades are applied automatically to the + /// DB instance during the maintenance window. By default, minor engine upgrades + /// are applied automatically. /// /// If you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade /// to false. @@ -119,56 +129,61 @@ pub struct DBInstanceSpec { /// on Amazon Web Services Regions and Availability Zones, see Regions and Availability /// Zones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html). /// - /// Amazon Aurora - /// - /// Each Aurora DB cluster hosts copies of its storage in three separate Availability - /// Zones. Specify one of these Availability Zones. Aurora automatically chooses - /// an appropriate Availability Zone if you don't specify one. + /// For Amazon Aurora, each Aurora DB cluster hosts copies of its storage in + /// three separate Availability Zones. Specify one of these Availability Zones. + /// Aurora automatically chooses an appropriate Availability Zone if you don't + /// specify one. /// /// Default: A random, system-chosen Availability Zone in the endpoint's Amazon /// Web Services Region. /// - /// Example: us-east-1d + /// Constraints: /// - /// Constraint: The AvailabilityZone parameter can't be specified if the DB instance - /// is a Multi-AZ deployment. The specified Availability Zone must be in the - /// same Amazon Web Services Region as the current endpoint. + /// * The AvailabilityZone parameter can't be specified if the DB instance + /// is a Multi-AZ deployment. + /// + /// * The specified Availability Zone must be in the same Amazon Web Services + /// Region as the current endpoint. + /// + /// Example: us-east-1d #[serde(default, skip_serializing_if = "Option::is_none", rename = "availabilityZone")] pub availability_zone: Option, /// The number of days for which automated backups are retained. Setting this /// parameter to a positive number enables backups. Setting this parameter to /// 0 disables automated backups. /// - /// Amazon Aurora - /// - /// Not applicable. The retention period for automated backups is managed by - /// the DB cluster. + /// This setting doesn't apply to Amazon Aurora DB instances. The retention period + /// for automated backups is managed by the DB cluster. /// /// Default: 1 /// /// Constraints: /// - /// * Must be a value from 0 to 35 + /// * Must be a value from 0 to 35. /// - /// * Can't be set to 0 if the DB instance is a source to read replicas + /// * Can't be set to 0 if the DB instance is a source to read replicas. /// - /// * Can't be set to 0 for an RDS Custom for Oracle DB instance + /// * Can't be set to 0 for an RDS Custom for Oracle DB instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupRetentionPeriod")] pub backup_retention_period: Option, - /// Specifies where automated backups and manual snapshots are stored. + /// The location for storing automated backups and manual snapshots. + /// + /// Valid Values: + /// + /// * outposts (Amazon Web Services Outposts) /// - /// Possible values are outposts (Amazon Web Services Outposts) and region (Amazon - /// Web Services Region). The default is region. + /// * region (Amazon Web Services Region) + /// + /// Default: region /// /// For more information, see Working with Amazon RDS on Amazon Web Services /// Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html) /// in the Amazon RDS User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupTarget")] pub backup_target: Option, - /// Specifies the CA certificate identifier to use for the DB instance’s server - /// certificate. + /// The CA certificate identifier to use for the DB instance's server certificate. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. /// /// For more information, see Using SSL/TLS to encrypt a connection to a DB instance /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) @@ -177,29 +192,32 @@ pub struct DBInstanceSpec { /// in the Amazon Aurora User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caCertificateIdentifier")] pub ca_certificate_identifier: Option, - /// For supported engines, this value indicates that the DB instance should be - /// associated with the specified CharacterSet. + /// For supported engines, the character set (CharacterSet) to associate the + /// DB instance with. /// - /// This setting doesn't apply to RDS Custom. However, if you need to change - /// the character set, you can change it on the database itself. + /// This setting doesn't apply to the following DB instances: /// - /// Amazon Aurora + /// * Amazon Aurora - The character set is managed by the DB cluster. For + /// more information, see CreateDBCluster. /// - /// Not applicable. The character set is managed by the DB cluster. For more - /// information, see CreateDBCluster. + /// * RDS Custom - However, if you need to change the character set, you can + /// change it on the database itself. #[serde(default, skip_serializing_if = "Option::is_none", rename = "characterSetName")] pub character_set_name: Option, - /// A value that indicates whether to copy tags from the DB instance to snapshots - /// of the DB instance. By default, tags are not copied. - /// - /// Amazon Aurora + /// Specifies whether to copy tags from the DB instance to snapshots of the DB + /// instance. By default, tags are not copied. /// - /// Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting - /// this value for an Aurora DB instance has no effect on the DB cluster setting. + /// This setting doesn't apply to Amazon Aurora DB instances. Copying tags to + /// snapshots is managed by the DB cluster. Setting this value for an Aurora + /// DB instance has no effect on the DB cluster setting. #[serde(default, skip_serializing_if = "Option::is_none", rename = "copyTagsToSnapshot")] pub copy_tags_to_snapshot: Option, /// The instance profile associated with the underlying Amazon EC2 instance of - /// an RDS Custom DB instance. The instance profile must meet the following requirements: + /// an RDS Custom DB instance. + /// + /// This setting is required for RDS Custom. + /// + /// Constraints: /// /// * The profile must exist in your account. /// @@ -212,17 +230,14 @@ pub struct DBInstanceSpec { /// For the list of permissions required for the IAM role, see Configure IAM /// and your VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) /// in the Amazon RDS User Guide. - /// - /// This setting is required for RDS Custom. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customIAMInstanceProfile")] pub custom_iam_instance_profile: Option, - /// The identifier of the DB cluster that the instance will belong to. + /// The identifier of the DB cluster that this DB instance will belong to. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterIdentifier")] pub db_cluster_identifier: Option, - /// The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore - /// from. + /// The identifier for the Multi-AZ DB cluster snapshot to restore from. /// /// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) @@ -240,9 +255,6 @@ pub struct DBInstanceSpec { /// the DBClusterSnapshotIdentifier must be the ARN of the shared snapshot. /// /// * Can't be the identifier of an Aurora DB cluster snapshot. - /// - /// * Can't be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster - /// snapshot. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterSnapshotIdentifier")] pub db_cluster_snapshot_identifier: Option, /// The compute and memory capacity of the DB instance, for example db.m5.large. @@ -253,7 +265,8 @@ pub struct DBInstanceSpec { /// in the Amazon Aurora User Guide. #[serde(rename = "dbInstanceClass")] pub db_instance_class: String, - /// The DB instance identifier. This parameter is stored as a lowercase string. + /// The identifier for this DB instance. This parameter is stored as a lowercase + /// string. /// /// Constraints: /// @@ -269,126 +282,147 @@ pub struct DBInstanceSpec { /// The meaning of this parameter differs according to the database engine you /// use. /// - /// MySQL + /// Amazon Aurora MySQL /// - /// The name of the database to create when the DB instance is created. If this - /// parameter isn't specified, no database is created in the DB instance. + /// The name of the database to create when the primary DB instance of the Aurora + /// MySQL DB cluster is created. If this parameter isn't specified for an Aurora + /// MySQL DB cluster, no database is created in the DB cluster. /// /// Constraints: /// - /// * Must contain 1 to 64 letters or numbers. + /// * Must contain 1 to 64 alphanumeric characters. /// /// * Must begin with a letter. Subsequent characters can be letters, underscores, /// or digits (0-9). /// - /// * Can't be a word reserved by the specified database engine + /// * Can't be a word reserved by the database engine. /// - /// MariaDB + /// Amazon Aurora PostgreSQL /// - /// The name of the database to create when the DB instance is created. If this - /// parameter isn't specified, no database is created in the DB instance. + /// The name of the database to create when the primary DB instance of the Aurora + /// PostgreSQL DB cluster is created. A database named postgres is always created. + /// If this parameter is specified, an additional database with this name is + /// created. /// /// Constraints: /// - /// * Must contain 1 to 64 letters or numbers. + /// * It must contain 1 to 63 alphanumeric characters. /// /// * Must begin with a letter. Subsequent characters can be letters, underscores, - /// or digits (0-9). + /// or digits (0 to 9). /// - /// * Can't be a word reserved by the specified database engine + /// * Can't be a word reserved by the database engine. /// - /// PostgreSQL + /// Amazon RDS Custom for Oracle /// - /// The name of the database to create when the DB instance is created. If this - /// parameter isn't specified, a database named postgres is created in the DB - /// instance. + /// The Oracle System ID (SID) of the created RDS Custom DB instance. If you + /// don't specify a value, the default value is ORCL for non-CDBs and RDSCDB + /// for CDBs. + /// + /// Default: ORCL /// /// Constraints: /// - /// * Must contain 1 to 63 letters, numbers, or underscores. + /// * Must contain 1 to 8 alphanumeric characters. /// - /// * Must begin with a letter. Subsequent characters can be letters, underscores, - /// or digits (0-9). + /// * Must contain a letter. /// - /// * Can't be a word reserved by the specified database engine + /// * Can't be a word reserved by the database engine. /// - /// Oracle + /// Amazon RDS Custom for SQL Server /// - /// The Oracle System ID (SID) of the created DB instance. If you specify null, - /// the default value ORCL is used. You can't specify the string NULL, or any - /// other reserved word, for DBName. + /// Not applicable. Must be null. /// - /// Default: ORCL + /// RDS for Db2 + /// + /// The name of the database to create when the DB instance is created. If this + /// parameter isn't specified, no database is created in the DB instance. In + /// some cases, we recommend that you don't add a database name. For more information, + /// see Additional considerations (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-db-instance-prereqs.html#db2-prereqs-additional-considerations) + /// in the Amazon RDS User Guide. /// /// Constraints: /// - /// * Can't be longer than 8 characters + /// * Must contain 1 to 64 letters or numbers. /// - /// Amazon RDS Custom for Oracle + /// * Must begin with a letter. Subsequent characters can be letters, underscores, + /// or digits (0-9). /// - /// The Oracle System ID (SID) of the created RDS Custom DB instance. If you - /// don't specify a value, the default value is ORCL. + /// * Can't be a word reserved by the specified database engine. /// - /// Default: ORCL + /// RDS for MariaDB + /// + /// The name of the database to create when the DB instance is created. If this + /// parameter isn't specified, no database is created in the DB instance. /// /// Constraints: /// - /// * It must contain 1 to 8 alphanumeric characters. + /// * Must contain 1 to 64 letters or numbers. /// - /// * It must contain a letter. + /// * Must begin with a letter. Subsequent characters can be letters, underscores, + /// or digits (0-9). /// - /// * It can't be a word reserved by the database engine. + /// * Can't be a word reserved by the specified database engine. /// - /// Amazon RDS Custom for SQL Server + /// RDS for MySQL /// - /// Not applicable. Must be null. + /// The name of the database to create when the DB instance is created. If this + /// parameter isn't specified, no database is created in the DB instance. /// - /// SQL Server + /// Constraints: /// - /// Not applicable. Must be null. + /// * Must contain 1 to 64 letters or numbers. /// - /// Amazon Aurora MySQL + /// * Must begin with a letter. Subsequent characters can be letters, underscores, + /// or digits (0-9). /// - /// The name of the database to create when the primary DB instance of the Aurora - /// MySQL DB cluster is created. If this parameter isn't specified for an Aurora - /// MySQL DB cluster, no database is created in the DB cluster. + /// * Can't be a word reserved by the specified database engine. /// - /// Constraints: + /// RDS for Oracle /// - /// * It must contain 1 to 64 alphanumeric characters. + /// The Oracle System ID (SID) of the created DB instance. If you don't specify + /// a value, the default value is ORCL. You can't specify the string null, or + /// any other reserved word, for DBName. /// - /// * It can't be a word reserved by the database engine. + /// Default: ORCL /// - /// Amazon Aurora PostgreSQL + /// Constraints: /// - /// The name of the database to create when the primary DB instance of the Aurora - /// PostgreSQL DB cluster is created. If this parameter isn't specified for an - /// Aurora PostgreSQL DB cluster, a database named postgres is created in the - /// DB cluster. + /// * Can't be longer than 8 characters. + /// + /// RDS for PostgreSQL + /// + /// The name of the database to create when the DB instance is created. A database + /// named postgres is always created. If this parameter is specified, an additional + /// database with this name is created. /// /// Constraints: /// - /// * It must contain 1 to 63 alphanumeric characters. + /// * Must contain 1 to 63 letters, numbers, or underscores. /// - /// * It must begin with a letter. Subsequent characters can be letters, underscores, - /// or digits (0 to 9). + /// * Must begin with a letter. Subsequent characters can be letters, underscores, + /// or digits (0-9). + /// + /// * Can't be a word reserved by the specified database engine. + /// + /// RDS for SQL Server /// - /// * It can't be a word reserved by the database engine. + /// Not applicable. Must be null. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbName")] pub db_name: Option, /// The name of the DB parameter group to associate with this DB instance. If - /// you do not specify a value, then the default DB parameter group for the specified - /// DB engine and version is used. + /// you don't specify a value, then Amazon RDS uses the default DB parameter + /// group for the specified DB engine and version. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. /// /// Constraints: /// - /// * It must be 1 to 255 letters, numbers, or hyphens. + /// * Must be 1 to 255 letters, numbers, or hyphens. /// /// * The first character must be a letter. /// - /// * It can't end with a hyphen or contain two consecutive hyphens. + /// * Can't end with a hyphen or contain two consecutive hyphens. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbParameterGroupName")] pub db_parameter_group_name: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -404,7 +438,7 @@ pub struct DBInstanceSpec { /// /// Constraints: /// - /// * Must match the identifier of an existing DBSnapshot. + /// * Must match the identifier of an existing DB snapshot. /// /// * Can't be specified when DBClusterSnapshotIdentifier is specified. /// @@ -416,8 +450,9 @@ pub struct DBInstanceSpec { pub db_snapshot_identifier: Option, /// A DB subnet group to associate with this DB instance. /// - /// Constraints: Must match the name of an existing DBSubnetGroup. Must not be - /// default. + /// Constraints: + /// + /// * Must match the name of an existing DB subnet group. /// /// Example: mydbsubnetgroup #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSubnetGroupName")] @@ -431,82 +466,70 @@ pub struct DBInstanceSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSubnetGroupRef")] pub db_subnet_group_ref: Option, - /// A value that indicates whether the DB instance has deletion protection enabled. - /// The database can't be deleted when deletion protection is enabled. By default, - /// deletion protection isn't enabled. For more information, see Deleting a DB - /// Instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). - /// - /// Amazon Aurora - /// - /// Not applicable. You can enable or disable deletion protection for the DB - /// cluster. For more information, see CreateDBCluster. DB instances in a DB - /// cluster can be deleted even when deletion protection is enabled for the DB - /// cluster. + /// Specifies whether the DB instance has deletion protection enabled. The database + /// can't be deleted when deletion protection is enabled. By default, deletion + /// protection isn't enabled. For more information, see Deleting a DB Instance + /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). + /// + /// This setting doesn't apply to Amazon Aurora DB instances. You can enable + /// or disable deletion protection for the DB cluster. For more information, + /// see CreateDBCluster. DB instances in a DB cluster can be deleted even when + /// deletion protection is enabled for the DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionProtection")] pub deletion_protection: Option, /// DestinationRegion is used for presigning the request to a given region. #[serde(default, skip_serializing_if = "Option::is_none", rename = "destinationRegion")] pub destination_region: Option, /// The Active Directory directory ID to create the DB instance in. Currently, - /// only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can - /// be created in an Active Directory Domain. + /// you can create only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL + /// DB instances in an Active Directory Domain. /// /// For more information, see Kerberos Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) /// in the Amazon RDS User Guide. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to the following DB instances: /// - /// Amazon Aurora + /// * Amazon Aurora (The domain is managed by the DB cluster.) /// - /// Not applicable. The domain is managed by the DB cluster. + /// * RDS Custom #[serde(default, skip_serializing_if = "Option::is_none")] pub domain: Option, - /// Specify the name of the IAM role to be used when making API calls to the - /// Directory Service. + /// The name of the IAM role to use when making API calls to the Directory Service. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to the following DB instances: /// - /// Amazon Aurora + /// * Amazon Aurora (The domain is managed by the DB cluster.) /// - /// Not applicable. The domain is managed by the DB cluster. + /// * RDS Custom #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainIAMRoleName")] pub domain_iam_role_name: Option, - /// The list of log types that need to be enabled for exporting to CloudWatch - /// Logs. The values in the list depend on the DB engine. For more information, - /// see Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) + /// The list of log types to enable for exporting to CloudWatch Logs. For more + /// information, see Publishing Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) /// in the Amazon RDS User Guide. /// - /// Amazon Aurora - /// - /// Not applicable. CloudWatch Logs exports are managed by the DB cluster. - /// - /// RDS Custom - /// - /// Not applicable. - /// - /// MariaDB + /// This setting doesn't apply to the following DB instances: /// - /// Possible values are audit, error, general, and slowquery. + /// * Amazon Aurora (CloudWatch Logs exports are managed by the DB cluster.) /// - /// Microsoft SQL Server + /// * RDS Custom /// - /// Possible values are agent and error. + /// The following values are valid for each DB engine: /// - /// MySQL + /// * RDS for Db2 - diag.log | notify.log /// - /// Possible values are audit, error, general, and slowquery. + /// * RDS for MariaDB - audit | error | general | slowquery /// - /// Oracle + /// * RDS for Microsoft SQL Server - agent | error /// - /// Possible values are alert, audit, listener, trace, and oemagent. + /// * RDS for MySQL - audit | error | general | slowquery /// - /// PostgreSQL + /// * RDS for Oracle - alert | audit | listener | trace | oemagent /// - /// Possible values are postgresql and upgrade. + /// * RDS for PostgreSQL - postgresql | upgrade #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableCloudwatchLogsExports")] pub enable_cloudwatch_logs_exports: Option>, - /// A value that indicates whether to enable a customer-owned IP address (CoIP) - /// for an RDS on Outposts DB instance. + /// Specifies whether to enable a customer-owned IP address (CoIP) for an RDS + /// on Outposts DB instance. /// /// A CoIP provides local or external connectivity to resources in your Outpost /// subnets through your on-premises network. For some use cases, a CoIP can @@ -521,41 +544,51 @@ pub struct DBInstanceSpec { /// in the Amazon Web Services Outposts User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableCustomerOwnedIP")] pub enable_customer_owned_ip: Option, - /// A value that indicates whether to enable mapping of Amazon Web Services Identity - /// and Access Management (IAM) accounts to database accounts. By default, mapping - /// isn't enabled. + /// Specifies whether to enable mapping of Amazon Web Services Identity and Access + /// Management (IAM) accounts to database accounts. By default, mapping isn't + /// enabled. /// /// For more information, see IAM Database Authentication for MySQL and PostgreSQL /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) /// in the Amazon RDS User Guide. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to the following DB instances: /// - /// Amazon Aurora + /// * Amazon Aurora (Mapping Amazon Web Services IAM accounts to database + /// accounts is managed by the DB cluster.) /// - /// Not applicable. Mapping Amazon Web Services IAM accounts to database accounts - /// is managed by the DB cluster. + /// * RDS Custom #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableIAMDatabaseAuthentication")] pub enable_iam_database_authentication: Option, - /// The name of the database engine to be used for this instance. + /// The database engine to use for this DB instance. /// - /// Not every database engine is available for every Amazon Web Services Region. + /// Not every database engine is available in every Amazon Web Services Region. /// /// Valid Values: /// - /// * aurora (for MySQL 5.6-compatible Aurora) + /// * aurora-mysql (for Aurora MySQL DB instances) + /// + /// * aurora-postgresql (for Aurora PostgreSQL DB instances) + /// + /// * custom-oracle-ee (for RDS Custom for Oracle DB instances) + /// + /// * custom-oracle-ee-cdb (for RDS Custom for Oracle DB instances) + /// + /// * custom-oracle-se2 (for RDS Custom for Oracle DB instances) + /// + /// * custom-oracle-se2-cdb (for RDS Custom for Oracle DB instances) /// - /// * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) + /// * custom-sqlserver-ee (for RDS Custom for SQL Server DB instances) /// - /// * aurora-postgresql + /// * custom-sqlserver-se (for RDS Custom for SQL Server DB instances) /// - /// * custom-oracle-ee (for RDS Custom for Oracle instances) + /// * custom-sqlserver-web (for RDS Custom for SQL Server DB instances) /// - /// * custom-sqlserver-ee (for RDS Custom for SQL Server instances) + /// * custom-sqlserver-dev (for RDS Custom for SQL Server DB instances) /// - /// * custom-sqlserver-se (for RDS Custom for SQL Server instances) + /// * db2-ae /// - /// * custom-sqlserver-web (for RDS Custom for SQL Server instances) + /// * db2-se /// /// * mariadb /// @@ -581,17 +614,15 @@ pub struct DBInstanceSpec { pub engine: String, /// The version number of the database engine to use. /// + /// This setting doesn't apply to Amazon Aurora DB instances. The version number + /// of the database engine the DB instance uses is managed by the DB cluster. + /// /// For a list of valid engine versions, use the DescribeDBEngineVersions operation. /// /// The following are the database engines and links to information about the /// major and minor versions that are available with Amazon RDS. Not every database /// engine is available for every Amazon Web Services Region. /// - /// Amazon Aurora - /// - /// Not applicable. The version number of the database engine to be used by the - /// DB instance is managed by the DB cluster. - /// /// Amazon RDS Custom for Oracle /// /// A custom engine version (CEV) that you have previously created. This setting @@ -605,45 +636,52 @@ pub struct DBInstanceSpec { /// See RDS Custom for SQL Server general requirements (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-reqs-limits-MS.html) /// in the Amazon RDS User Guide. /// - /// MariaDB + /// RDS for Db2 /// - /// For information, see MariaDB on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) + /// For information, see Db2 on Amazon RDS versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) /// in the Amazon RDS User Guide. /// - /// Microsoft SQL Server + /// RDS for MariaDB /// - /// For information, see Microsoft SQL Server Versions on Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) + /// For information, see MariaDB on Amazon RDS versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) /// in the Amazon RDS User Guide. /// - /// MySQL + /// RDS for Microsoft SQL Server /// - /// For information, see MySQL on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) + /// For information, see Microsoft SQL Server versions on Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) /// in the Amazon RDS User Guide. /// - /// Oracle + /// RDS for MySQL /// - /// For information, see Oracle Database Engine Release Notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) + /// For information, see MySQL on Amazon RDS versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) /// in the Amazon RDS User Guide. /// - /// PostgreSQL + /// RDS for Oracle + /// + /// For information, see Oracle Database Engine release notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) + /// in the Amazon RDS User Guide. + /// + /// RDS for PostgreSQL /// /// For information, see Amazon RDS for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) /// in the Amazon RDS User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineVersion")] pub engine_version: Option, - /// The amount of Provisioned IOPS (input/output operations per second) to be - /// initially allocated for the DB instance. For information about valid IOPS - /// values, see Amazon RDS DB instance storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) + /// The amount of Provisioned IOPS (input/output operations per second) to initially + /// allocate for the DB instance. For information about valid IOPS values, see + /// Amazon RDS DB instance storage (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) /// in the Amazon RDS User Guide. /// - /// Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must - /// be a multiple between .5 and 50 of the storage amount for the DB instance. - /// For SQL Server DB instances, must be a multiple between 1 and 50 of the storage - /// amount for the DB instance. + /// This setting doesn't apply to Amazon Aurora DB instances. Storage is managed + /// by the DB cluster. /// - /// Amazon Aurora + /// Constraints: + /// + /// * For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a + /// multiple between .5 and 50 of the storage amount for the DB instance. /// - /// Not applicable. Storage is managed by the DB cluster. + /// * For RDS for SQL Server - Must be a multiple between 1 and 50 of the + /// storage amount for the DB instance. #[serde(default, skip_serializing_if = "Option::is_none")] pub iops: Option, /// The Amazon Web Services KMS key identifier for an encrypted DB instance. @@ -652,22 +690,19 @@ pub struct DBInstanceSpec { /// ARN, or alias name for the KMS key. To use a KMS key in a different Amazon /// Web Services account, specify the key ARN or alias ARN. /// - /// Amazon Aurora - /// - /// Not applicable. The Amazon Web Services KMS key identifier is managed by - /// the DB cluster. For more information, see CreateDBCluster. + /// This setting doesn't apply to Amazon Aurora DB instances. The Amazon Web + /// Services KMS key identifier is managed by the DB cluster. For more information, + /// see CreateDBCluster. /// /// If StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId /// parameter, then Amazon RDS uses your default KMS key. There is a default /// KMS key for your Amazon Web Services account. Your Amazon Web Services account /// has a different default KMS key for each Amazon Web Services Region. /// - /// Amazon RDS Custom - /// - /// A KMS key is required for RDS Custom instances. For most RDS engines, if - /// you leave this parameter empty while enabling StorageEncrypted, the engine - /// uses the default KMS key. However, RDS Custom doesn't use the default key - /// when this parameter is empty. You must explicitly specify a key. + /// For Amazon RDS Custom, a KMS key is required for DB instances. For most RDS + /// engines, if you leave this parameter empty while enabling StorageEncrypted, + /// the engine uses the default KMS key. However, RDS Custom doesn't use the + /// default key when this parameter is empty. You must explicitly specify a key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyID")] pub kms_key_id: Option, /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -679,19 +714,37 @@ pub struct DBInstanceSpec { /// name: my-api #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyRef")] pub kms_key_ref: Option, - /// License model information for this DB instance. + /// The license model information for this DB instance. + /// + /// License models for RDS for Db2 require additional configuration. The Bring + /// Your Own License (BYOL) model requires a custom parameter group and an Amazon + /// Web Services License Manager self-managed license. The Db2 license through + /// Amazon Web Services Marketplace model requires an Amazon Web Services Marketplace + /// subscription. For more information, see Amazon RDS for Db2 licensing options + /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) + /// in the Amazon RDS User Guide. /// - /// Valid values: license-included | bring-your-own-license | general-public-license + /// The default for RDS for Db2 is bring-your-own-license. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to Amazon Aurora or RDS Custom DB instances. + /// + /// Valid Values: + /// + /// * RDS for Db2 - bring-your-own-license | marketplace-license + /// + /// * RDS for MariaDB - general-public-license + /// + /// * RDS for Microsoft SQL Server - license-included + /// + /// * RDS for MySQL - general-public-license /// - /// Amazon Aurora + /// * RDS for Oracle - bring-your-own-license | license-included /// - /// Not applicable. + /// * RDS for PostgreSQL - postgresql-license #[serde(default, skip_serializing_if = "Option::is_none", rename = "licenseModel")] pub license_model: Option, - /// A value that indicates whether to manage the master user password with Amazon - /// Web Services Secrets Manager. + /// Specifies whether to manage the master user password with Amazon Web Services + /// Secrets Manager. /// /// For more information, see Password management with Amazon Web Services Secrets /// Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) @@ -703,34 +756,32 @@ pub struct DBInstanceSpec { /// Manager if MasterUserPassword is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "manageMasterUserPassword")] pub manage_master_user_password: Option, - /// The password for the master user. The password can include any printable - /// ASCII character except "/", """, or "@". + /// The password for the master user. /// - /// Amazon Aurora + /// This setting doesn't apply to Amazon Aurora DB instances. The password for + /// the master user is managed by the DB cluster. /// - /// Not applicable. The password for the master user is managed by the DB cluster. - /// - /// Constraints: Can't be specified if ManageMasterUserPassword is turned on. - /// - /// MariaDB + /// Constraints: /// - /// Constraints: Must contain from 8 to 41 characters. + /// * Can't be specified if ManageMasterUserPassword is turned on. /// - /// Microsoft SQL Server + /// * Can include any printable ASCII character except "/", """, or "@". For + /// RDS for Oracle, can't include the "&" (ampersand) or the "'" (single quotes) + /// character. /// - /// Constraints: Must contain from 8 to 128 characters. + /// Length Constraints: /// - /// MySQL + /// * RDS for Db2 - Must contain from 8 to 255 characters. /// - /// Constraints: Must contain from 8 to 41 characters. + /// * RDS for MariaDB - Must contain from 8 to 41 characters. /// - /// Oracle + /// * RDS for Microsoft SQL Server - Must contain from 8 to 128 characters. /// - /// Constraints: Must contain from 8 to 30 characters. + /// * RDS for MySQL - Must contain from 8 to 41 characters. /// - /// PostgreSQL + /// * RDS for Oracle - Must contain from 8 to 30 characters. /// - /// Constraints: Must contain from 8 to 128 characters. + /// * RDS for PostgreSQL - Must contain from 8 to 128 characters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserPassword")] pub master_user_password: Option, /// The Amazon Web Services KMS key identifier to encrypt a secret that is automatically @@ -764,16 +815,13 @@ pub struct DBInstanceSpec { pub master_user_secret_kms_key_ref: Option, /// The name for the master user. /// - /// Amazon Aurora + /// This setting doesn't apply to Amazon Aurora DB instances. The name for the + /// master user is managed by the DB cluster. /// - /// Not applicable. The name for the master user is managed by the DB cluster. - /// - /// Amazon RDS + /// This setting is required for RDS DB instances. /// /// Constraints: /// - /// * Required. - /// /// * Must be 1 to 16 letters, numbers, or underscores. /// /// * First character must be a letter. @@ -789,23 +837,25 @@ pub struct DBInstanceSpec { /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) /// in the Amazon RDS User Guide. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to the following DB instances: /// - /// Amazon Aurora + /// * Amazon Aurora (Storage is managed by the DB cluster.) /// - /// Not applicable. Storage is managed by the DB cluster. + /// * RDS Custom #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAllocatedStorage")] pub max_allocated_storage: Option, /// The interval, in seconds, between points when Enhanced Monitoring metrics /// are collected for the DB instance. To disable collection of Enhanced Monitoring - /// metrics, specify 0. The default is 0. + /// metrics, specify 0. /// /// If MonitoringRoleArn is specified, then you must set MonitoringInterval to /// a value other than 0. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. + /// + /// Valid Values: 0 | 1 | 5 | 10 | 15 | 30 | 60 /// - /// Valid Values: 0, 1, 5, 10, 15, 30, 60 + /// Default: 0 #[serde(default, skip_serializing_if = "Option::is_none", rename = "monitoringInterval")] pub monitoring_interval: Option, /// The ARN for the IAM role that permits RDS to send enhanced monitoring metrics @@ -817,61 +867,51 @@ pub struct DBInstanceSpec { /// If MonitoringInterval is set to a value other than 0, then you must supply /// a MonitoringRoleArn value. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "monitoringRoleARN")] pub monitoring_role_arn: Option, - /// A value that indicates whether the DB instance is a Multi-AZ deployment. - /// You can't set the AvailabilityZone parameter if the DB instance is a Multi-AZ - /// deployment. + /// Specifies whether the DB instance is a Multi-AZ deployment. You can't set + /// the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to the following DB instances: /// - /// Amazon Aurora + /// * Amazon Aurora (DB instance Availability Zones (AZs) are managed by the + /// DB cluster.) /// - /// Not applicable. DB instance Availability Zones (AZs) are managed by the DB - /// cluster. + /// * RDS Custom #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiAZ")] pub multi_az: Option, /// The name of the NCHAR character set for the Oracle DB instance. /// - /// This parameter doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ncharCharacterSetName")] pub nchar_character_set_name: Option, /// The network type of the DB instance. /// - /// Valid values: - /// - /// * IPV4 - /// - /// * DUAL - /// /// The network type is determined by the DBSubnetGroup specified for the DB /// instance. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 /// and the IPv6 protocols (DUAL). /// /// For more information, see Working with a DB instance in a VPC (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) /// in the Amazon RDS User Guide. + /// + /// Valid Values: IPV4 | DUAL #[serde(default, skip_serializing_if = "Option::is_none", rename = "networkType")] pub network_type: Option, - /// A value that indicates that the DB instance should be associated with the - /// specified option group. + /// The option group to associate the DB instance with. /// /// Permanent options, such as the TDE option for Oracle Advanced Security TDE, /// can't be removed from an option group. Also, that option group can't be removed /// from a DB instance after it is associated with a DB instance. /// - /// This setting doesn't apply to RDS Custom. - /// - /// Amazon Aurora - /// - /// Not applicable. + /// This setting doesn't apply to Amazon Aurora or RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "optionGroupName")] pub option_group_name: Option, - /// A value that indicates whether to enable Performance Insights for the DB - /// instance. For more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) + /// Specifies whether to enable Performance Insights for the DB instance. For + /// more information, see Using Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) /// in the Amazon RDS User Guide. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "performanceInsightsEnabled")] pub performance_insights_enabled: Option, /// The Amazon Web Services KMS key identifier for encryption of Performance @@ -880,85 +920,58 @@ pub struct DBInstanceSpec { /// The Amazon Web Services KMS key identifier is the key ARN, key ID, alias /// ARN, or alias name for the KMS key. /// - /// If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon + /// If you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon /// RDS uses your default KMS key. There is a default KMS key for your Amazon /// Web Services account. Your Amazon Web Services account has a different default /// KMS key for each Amazon Web Services Region. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "performanceInsightsKMSKeyID")] pub performance_insights_kms_key_id: Option, - /// The number of days to retain Performance Insights data. The default is 7 - /// days. The following values are valid: + /// The number of days to retain Performance Insights data. /// - /// * 7 - /// - /// * month * 31, where month is a number of months from 1-23 - /// - /// * 731 + /// This setting doesn't apply to RDS Custom DB instances. /// - /// For example, the following values are valid: - /// - /// * 93 (3 months * 31) + /// Valid Values: /// - /// * 341 (11 months * 31) + /// * 7 /// - /// * 589 (19 months * 31) + /// * month * 31, where month is a number of months from 1-23. Examples: 93 + /// (3 months * 31), 341 (11 months * 31), 589 (19 months * 31) /// /// * 731 /// - /// If you specify a retention period such as 94, which isn't a valid value, - /// RDS issues an error. + /// Default: 7 days /// - /// This setting doesn't apply to RDS Custom. + /// If you specify a retention period that isn't valid, such as 94, Amazon RDS + /// returns an error. #[serde(default, skip_serializing_if = "Option::is_none", rename = "performanceInsightsRetentionPeriod")] pub performance_insights_retention_period: Option, /// The port number on which the database accepts connections. /// - /// MySQL - /// - /// Default: 3306 - /// - /// Valid values: 1150-65535 - /// - /// Type: Integer - /// - /// MariaDB - /// - /// Default: 3306 - /// - /// Valid values: 1150-65535 + /// This setting doesn't apply to Aurora DB instances. The port number is managed + /// by the cluster. /// - /// Type: Integer + /// Valid Values: 1150-65535 /// - /// PostgreSQL + /// Default: /// - /// Default: 5432 + /// * RDS for Db2 - 50000 /// - /// Valid values: 1150-65535 + /// * RDS for MariaDB - 3306 /// - /// Type: Integer + /// * RDS for Microsoft SQL Server - 1433 /// - /// Oracle + /// * RDS for MySQL - 3306 /// - /// Default: 1521 + /// * RDS for Oracle - 1521 /// - /// Valid values: 1150-65535 + /// * RDS for PostgreSQL - 5432 /// - /// SQL Server - /// - /// Default: 1433 - /// - /// Valid values: 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and - /// 49152-49156. - /// - /// Amazon Aurora - /// - /// Default: 3306 - /// - /// Valid values: 1150-65535 + /// Constraints: /// - /// Type: Integer + /// * For RDS for Microsoft SQL Server, the value can't be 1234, 1434, 3260, + /// 3343, 3389, 47001, or 49152-49156. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// When you are creating a read replica from one Amazon Web Services GovCloud @@ -1021,10 +1034,7 @@ pub struct DBInstanceSpec { /// valid request for the operation that can run in the source Amazon Web Services /// Region. /// - /// SourceRegion isn't supported for SQL Server, because Amazon RDS for SQL Server - /// doesn't support cross-Region read replicas. - /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preSignedURL")] pub pre_signed_url: Option, /// The daily time range during which automated backups are created if automated @@ -1034,10 +1044,8 @@ pub struct DBInstanceSpec { /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) /// in the Amazon RDS User Guide. /// - /// Amazon Aurora - /// - /// Not applicable. The daily time range for creating automated backups is managed - /// by the DB cluster. + /// This setting doesn't apply to Amazon Aurora DB instances. The daily time + /// range for creating automated backups is managed by the DB cluster. /// /// Constraints: /// @@ -1050,51 +1058,54 @@ pub struct DBInstanceSpec { /// * Must be at least 30 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredBackupWindow")] pub preferred_backup_window: Option, - /// The time range each week during which system maintenance can occur, in Universal - /// Coordinated Time (UTC). For more information, see Amazon RDS Maintenance - /// Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance). - /// - /// Format: ddd:hh24:mi-ddd:hh24:mi + /// The time range each week during which system maintenance can occur. For more + /// information, see Amazon RDS Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance) + /// in the Amazon RDS User Guide. /// /// The default is a 30-minute window selected at random from an 8-hour block /// of time for each Amazon Web Services Region, occurring on a random day of /// the week. /// - /// Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. + /// Constraints: /// - /// Constraints: Minimum 30-minute window. + /// * Must be in the format ddd:hh24:mi-ddd:hh24:mi. + /// + /// * The day values must be mon | tue | wed | thu | fri | sat | sun. + /// + /// * Must be in Universal Coordinated Time (UTC). + /// + /// * Must not conflict with the preferred backup window. + /// + /// * Must be at least 30 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredMaintenanceWindow")] pub preferred_maintenance_window: Option, /// The number of CPU cores and the number of threads per core for the DB instance /// class of the DB instance. /// - /// This setting doesn't apply to RDS Custom. - /// - /// Amazon Aurora - /// - /// Not applicable. + /// This setting doesn't apply to Amazon Aurora or RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "processorFeatures")] pub processor_features: Option>, - /// A value that specifies the order in which an Aurora Replica is promoted to - /// the primary instance after a failure of the existing primary instance. For - /// more information, see Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance) + /// The order of priority in which an Aurora Replica is promoted to the primary + /// instance after a failure of the existing primary instance. For more information, + /// see Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) /// in the Amazon Aurora User Guide. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. /// /// Default: 1 /// /// Valid Values: 0 - 15 #[serde(default, skip_serializing_if = "Option::is_none", rename = "promotionTier")] pub promotion_tier: Option, - /// A value that indicates whether the DB instance is publicly accessible. + /// Specifies whether the DB instance is publicly accessible. /// - /// When the DB instance is publicly accessible, its Domain Name System (DNS) - /// endpoint resolves to the private IP address from within the DB instance's - /// virtual private cloud (VPC). It resolves to the public IP address from outside - /// of the DB instance's VPC. Access to the DB instance is ultimately controlled - /// by the security group it uses. That public access is not permitted if the - /// security group assigned to the DB instance doesn't permit it. + /// When the DB instance is publicly accessible and you connect from outside + /// of the DB instance's virtual private cloud (VPC), its Domain Name System + /// (DNS) endpoint resolves to the public IP address. When you connect from within + /// the same VPC as the DB instance, the endpoint resolves to the private IP + /// address. Access to the DB instance is ultimately controlled by the security + /// group it uses. That public access is not permitted if the security group + /// assigned to the DB instance doesn't permit it. /// /// When the DB instance isn't publicly accessible, it is an internal DB instance /// with a DNS name that resolves to a private IP address. @@ -1147,7 +1158,7 @@ pub struct DBInstanceSpec { /// /// Constraints: /// - /// * Must be the identifier of an existing MySQL, MariaDB, Oracle, PostgreSQL, + /// * Must be the identifier of an existing Db2, MariaDB, MySQL, Oracle, PostgreSQL, /// or SQL Server DB instance. /// /// * Can't be specified if the SourceDBClusterIdentifier parameter is also @@ -1179,35 +1190,33 @@ pub struct DBInstanceSpec { /// have the same region as the source ARN. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceRegion")] pub source_region: Option, - /// A value that indicates whether the DB instance is encrypted. By default, - /// it isn't encrypted. + /// Specifes whether the DB instance is encrypted. By default, it isn't encrypted. /// - /// For RDS Custom instances, either set this parameter to true or leave it unset. - /// If you set this parameter to false, RDS reports an error. + /// For RDS Custom DB instances, either enable this setting or leave it unset. + /// Otherwise, Amazon RDS reports an error. /// - /// Amazon Aurora - /// - /// Not applicable. The encryption for DB instances is managed by the DB cluster. + /// This setting doesn't apply to Amazon Aurora DB instances. The encryption + /// for DB instances is managed by the DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageEncrypted")] pub storage_encrypted: Option, - /// Specifies the storage throughput value for the DB instance. + /// The storage throughput value for the DB instance. /// /// This setting applies only to the gp3 storage type. /// - /// This setting doesn't apply to RDS Custom or Amazon Aurora. + /// This setting doesn't apply to Amazon Aurora or RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageThroughput")] pub storage_throughput: Option, - /// Specifies the storage type to be associated with the DB instance. - /// - /// Valid values: gp2 | gp3 | io1 | standard + /// The storage type to associate with the DB instance. /// - /// If you specify io1 or gp3, you must also include a value for the Iops parameter. + /// If you specify io1, io2, or gp3, you must also include a value for the Iops + /// parameter. /// - /// Default: io1 if the Iops parameter is specified, otherwise gp2 + /// This setting doesn't apply to Amazon Aurora DB instances. Storage is managed + /// by the DB cluster. /// - /// Amazon Aurora + /// Valid Values: gp2 | gp3 | io1 | io2 | standard /// - /// Not applicable. Storage is managed by the DB cluster. + /// Default: io1, if the Iops parameter is specified. Otherwise, gp2. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageType")] pub storage_type: Option, /// Tags to assign to the DB instance. @@ -1215,35 +1224,30 @@ pub struct DBInstanceSpec { pub tags: Option>, /// The ARN from the key store with which to associate the instance for TDE encryption. /// - /// This setting doesn't apply to RDS Custom. - /// - /// Amazon Aurora - /// - /// Not applicable. + /// This setting doesn't apply to Amazon Aurora or RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tdeCredentialARN")] pub tde_credential_arn: Option, /// The password for the given ARN from the key store in order to access the /// device. /// - /// This setting doesn't apply to RDS Custom. + /// This setting doesn't apply to RDS Custom DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tdeCredentialPassword")] pub tde_credential_password: Option, /// The time zone of the DB instance. The time zone parameter is currently supported - /// only by Microsoft SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone). + /// only by RDS for Db2 (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) + /// and RDS for SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone). #[serde(default, skip_serializing_if = "Option::is_none")] pub timezone: Option, - /// A value that indicates whether the DB instance class of the DB instance uses - /// its default processor features. + /// Specifies whether the DB instance class of the DB instance uses its default + /// processor features. /// /// This setting doesn't apply to RDS Custom. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useDefaultProcessorFeatures")] pub use_default_processor_features: Option, /// A list of Amazon EC2 VPC security groups to associate with this DB instance. /// - /// Amazon Aurora - /// - /// Not applicable. The associated list of EC2 VPC security groups is managed - /// by the DB cluster. + /// This setting doesn't apply to Amazon Aurora DB instances. The associated + /// list of EC2 VPC security groups is managed by the DB cluster. /// /// Default: The default EC2 VPC security group for the DB subnet group's VPC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcSecurityGroupIDs")] @@ -1327,34 +1331,32 @@ pub struct DBInstanceKmsKeyRefFrom { pub namespace: Option, } -/// The password for the master user. The password can include any printable -/// ASCII character except "/", """, or "@". -/// -/// Amazon Aurora +/// The password for the master user. /// -/// Not applicable. The password for the master user is managed by the DB cluster. +/// This setting doesn't apply to Amazon Aurora DB instances. The password for +/// the master user is managed by the DB cluster. /// -/// Constraints: Can't be specified if ManageMasterUserPassword is turned on. +/// Constraints: /// -/// MariaDB +/// * Can't be specified if ManageMasterUserPassword is turned on. /// -/// Constraints: Must contain from 8 to 41 characters. +/// * Can include any printable ASCII character except "/", """, or "@". For +/// RDS for Oracle, can't include the "&" (ampersand) or the "'" (single quotes) +/// character. /// -/// Microsoft SQL Server +/// Length Constraints: /// -/// Constraints: Must contain from 8 to 128 characters. +/// * RDS for Db2 - Must contain from 8 to 255 characters. /// -/// MySQL +/// * RDS for MariaDB - Must contain from 8 to 41 characters. /// -/// Constraints: Must contain from 8 to 41 characters. +/// * RDS for Microsoft SQL Server - Must contain from 8 to 128 characters. /// -/// Oracle +/// * RDS for MySQL - Must contain from 8 to 41 characters. /// -/// Constraints: Must contain from 8 to 30 characters. +/// * RDS for Oracle - Must contain from 8 to 30 characters. /// -/// PostgreSQL -/// -/// Constraints: Must contain from 8 to 128 characters. +/// * RDS for PostgreSQL - Must contain from 8 to 128 characters. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceMasterUserPassword { /// Key is the key within the secret @@ -1434,8 +1436,8 @@ pub struct DBInstanceMasterUserSecretKmsKeyRefFrom { /// /// * The current number CPU cores and threads is set to a non-default value. /// -/// For more information, see Configuring the Processor of the DB Instance Class -/// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor) +/// For more information, see Configuring the processor for a DB instance class +/// in RDS for Oracle (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor) /// in the Amazon RDS User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceProcessorFeatures { @@ -1447,8 +1449,10 @@ pub struct DBInstanceProcessorFeatures { /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. /// -/// For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) -/// in the Amazon RDS User Guide. +/// For more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) +/// in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources +/// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) +/// in the Amazon Aurora User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1533,13 +1537,13 @@ pub struct DBInstanceStatus { /// The details of the DB instance's server certificate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateDetails")] pub certificate_details: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// Specifies whether a customer-owned IP address (CoIP) is enabled for an RDS + /// Indicates whether a customer-owned IP address (CoIP) is enabled for an RDS /// on Outposts DB instance. /// /// A CoIP provides local or external connectivity to resources in your Outpost @@ -1558,26 +1562,27 @@ pub struct DBInstanceStatus { /// The list of replicated automated backups associated with the DB instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbInstanceAutomatedBackupsReplications")] pub db_instance_automated_backups_replications: Option>, - /// Specifies the port that the DB instance listens on. If the DB instance is - /// part of a DB cluster, this can be a different port than the DB cluster port. + /// The port that the DB instance listens on. If the DB instance is part of a + /// DB cluster, this can be a different port than the DB cluster port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbInstancePort")] pub db_instance_port: Option, - /// Specifies the current state of this database. + /// The current state of this database. /// /// For information about DB instance statuses, see Viewing DB instance status /// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/accessing-monitoring.html#Overview.DBInstance.Status) /// in the Amazon RDS User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbInstanceStatus")] pub db_instance_status: Option, - /// Provides the list of DB parameter groups applied to this DB instance. + /// The list of DB parameter groups applied to this DB instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbParameterGroups")] pub db_parameter_groups: Option>, - /// Specifies information on the subnet group associated with the DB instance, - /// including the name, description, and subnets in the subnet group. + /// Information about the subnet group associated with the DB instance, including + /// the name, description, and subnets in the subnet group. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSubnetGroup")] pub db_subnet_group: Option, /// The Oracle system ID (Oracle SID) for a container database (CDB). The Oracle - /// SID is also the name of the CDB. This setting is valid for RDS Custom only. + /// SID is also the name of the CDB. This setting is only valid for RDS Custom + /// DB instances. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSystemID")] pub db_system_id: Option, /// The Amazon Web Services Region-unique, immutable identifier for the DB instance. @@ -1592,77 +1597,70 @@ pub struct DBInstanceStatus { /// Logs. /// /// Log types vary by DB engine. For information about the log types for each - /// DB engine, see Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html) + /// DB engine, see Monitoring Amazon RDS log files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html) /// in the Amazon RDS User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enabledCloudwatchLogsExports")] pub enabled_cloudwatch_logs_exports: Option>, - /// Specifies the connection endpoint. + /// The connection endpoint for the DB instance. /// - /// The endpoint might not be shown for instances whose status is creating. + /// The endpoint might not be shown for instances with the status of creating. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, /// The Amazon Resource Name (ARN) of the Amazon CloudWatch Logs log stream that /// receives the Enhanced Monitoring metrics data for the DB instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "enhancedMonitoringResourceARN")] pub enhanced_monitoring_resource_arn: Option, - /// True if mapping of Amazon Web Services Identity and Access Management (IAM) - /// accounts to database accounts is enabled, and otherwise false. - /// - /// IAM database authentication can be enabled for the following database engines + /// Indicates whether mapping of Amazon Web Services Identity and Access Management + /// (IAM) accounts to database accounts is enabled for the DB instance. /// - /// * For MySQL 5.6, minor version 5.6.34 or higher - /// - /// * For MySQL 5.7, minor version 5.7.16 or higher - /// - /// * Aurora 5.6 or higher. To enable IAM database authentication for Aurora, - /// see DBCluster Type. + /// For a list of engine versions that support IAM database authentication, see + /// IAM database authentication (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RDS_Fea_Regions_DB-eng.Feature.IamDatabaseAuthentication.html) + /// in the Amazon RDS User Guide and IAM database authentication in Aurora (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.Aurora_Fea_Regions_DB-eng.Feature.IAMdbauth.html) + /// in the Amazon Aurora User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "iamDatabaseAuthenticationEnabled")] pub iam_database_authentication_enabled: Option, - /// Provides the date and time the DB instance was created. + /// The date and time when the DB instance was created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceCreateTime")] pub instance_create_time: Option, - /// Specifies the latest time to which a database can be restored with point-in-time - /// restore. + /// The latest time to which a database in this DB instance can be restored with + /// point-in-time restore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "latestRestorableTime")] pub latest_restorable_time: Option, - /// Specifies the listener connection endpoint for SQL Server Always On. + /// The listener connection endpoint for SQL Server Always On. #[serde(default, skip_serializing_if = "Option::is_none", rename = "listenerEndpoint")] pub listener_endpoint: Option, - /// Contains the secret managed by RDS in Amazon Web Services Secrets Manager - /// for the master user password. + /// The secret managed by RDS in Amazon Web Services Secrets Manager for the + /// master user password. /// /// For more information, see Password management with Amazon Web Services Secrets /// Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) /// in the Amazon RDS User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserSecret")] pub master_user_secret: Option, - /// Provides the list of option group memberships for this DB instance. + /// The list of option group memberships for this DB instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "optionGroupMemberships")] pub option_group_memberships: Option>, - /// A value that specifies that changes to the DB instance are pending. This - /// element is only included when changes are pending. Specific changes are identified + /// Information about pending changes to the DB instance. This information is + /// returned only when there are pending changes. Specific changes are identified /// by subelements. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pendingModifiedValues")] pub pending_modified_values: Option, - /// Contains one or more identifiers of Aurora DB clusters to which the RDS DB - /// instance is replicated as a read replica. For example, when you create an - /// Aurora read replica of an RDS for MySQL DB instance, the Aurora MySQL DB - /// cluster for the Aurora read replica is shown. This output doesn't contain - /// information about cross-Region Aurora read replicas. + /// The identifiers of Aurora DB clusters to which the RDS DB instance is replicated + /// as a read replica. For example, when you create an Aurora read replica of + /// an RDS for MySQL DB instance, the Aurora MySQL DB cluster for the Aurora + /// read replica is shown. This output doesn't contain information about cross-Region + /// Aurora read replicas. /// /// Currently, each RDS DB instance can have only one Aurora read replica. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readReplicaDBClusterIdentifiers")] pub read_replica_db_cluster_identifiers: Option>, - /// Contains one or more identifiers of the read replicas associated with this - /// DB instance. + /// The identifiers of the read replicas associated with this DB instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readReplicaDBInstanceIdentifiers")] pub read_replica_db_instance_identifiers: Option>, - /// Contains the identifier of the source DB cluster if this DB instance is a - /// read replica. + /// The identifier of the source DB cluster if this DB instance is a read replica. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readReplicaSourceDBClusterIdentifier")] pub read_replica_source_db_cluster_identifier: Option, - /// Contains the identifier of the source DB instance if this DB instance is - /// a read replica. + /// The identifier of the source DB instance if this DB instance is a read replica. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readReplicaSourceDBInstanceIdentifier")] pub read_replica_source_db_instance_identifier: Option, /// The number of minutes to pause the automation. When the time period ends, @@ -1674,12 +1672,11 @@ pub struct DBInstanceStatus { /// instance with multi-AZ support. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secondaryAvailabilityZone")] pub secondary_availability_zone: Option, - /// The status of a read replica. If the instance isn't a read replica, this - /// is blank. + /// The status of a read replica. If the DB instance isn't a read replica, the + /// value is blank. #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusInfos")] pub status_infos: Option>, - /// Provides a list of VPC security group elements that the DB instance belongs - /// to. + /// The list of Amazon EC2 VPC security groups that the DB instance belongs to. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcSecurityGroups")] pub vpc_security_groups: Option>, } @@ -1706,8 +1703,8 @@ pub struct DBInstanceStatusAckResourceMetadata { pub region: String, } -/// Describes an Amazon Web Services Identity and Access Management (IAM) role -/// that is associated with a DB instance. +/// Information about an Amazon Web Services Identity and Access Management (IAM) +/// role that is associated with a DB instance. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceStatusAssociatedRoles { #[serde(default, skip_serializing_if = "Option::is_none", rename = "featureName")] @@ -1759,8 +1756,8 @@ pub struct DBInstanceStatusDbParameterGroups { pub parameter_apply_status: Option, } -/// Specifies information on the subnet group associated with the DB instance, -/// including the name, description, and subnets in the subnet group. +/// Information about the subnet group associated with the DB instance, including +/// the name, description, and subnets in the subnet group. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceStatusDbSubnetGroup { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbSubnetGroupARN")] @@ -1837,9 +1834,9 @@ pub struct DBInstanceStatusDomainMemberships { pub status: Option, } -/// Specifies the connection endpoint. +/// The connection endpoint for the DB instance. /// -/// The endpoint might not be shown for instances whose status is creating. +/// The endpoint might not be shown for instances with the status of creating. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceStatusEndpoint { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1850,7 +1847,7 @@ pub struct DBInstanceStatusEndpoint { pub port: Option, } -/// Specifies the listener connection endpoint for SQL Server Always On. +/// The listener connection endpoint for SQL Server Always On. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceStatusListenerEndpoint { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1861,8 +1858,8 @@ pub struct DBInstanceStatusListenerEndpoint { pub port: Option, } -/// Contains the secret managed by RDS in Amazon Web Services Secrets Manager -/// for the master user password. +/// The secret managed by RDS in Amazon Web Services Secrets Manager for the +/// master user password. /// /// For more information, see Password management with Amazon Web Services Secrets /// Manager (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) @@ -1886,8 +1883,8 @@ pub struct DBInstanceStatusOptionGroupMemberships { pub status: Option, } -/// A value that specifies that changes to the DB instance are pending. This -/// element is only included when changes are pending. Specific changes are identified +/// Information about pending changes to the DB instance. This information is +/// returned only when there are pending changes. Specific changes are identified /// by subelements. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceStatusPendingModifiedValues { @@ -1985,8 +1982,8 @@ pub struct DBInstanceStatusPendingModifiedValuesPendingCloudwatchLogsExports { /// /// * The current number CPU cores and threads is set to a non-default value. /// -/// For more information, see Configuring the Processor of the DB Instance Class -/// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor) +/// For more information, see Configuring the processor for a DB instance class +/// in RDS for Oracle (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor) /// in the Amazon RDS User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBInstanceStatusPendingModifiedValuesProcessorFeatures { diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbparametergroups.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbparametergroups.rs index 4d9290977..451432871 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbparametergroups.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbparametergroups.rs @@ -36,7 +36,7 @@ pub struct DBParameterGroupSpec { /// the following command: /// /// aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily" - /// --engine + /// --engine /// /// For example, to list all of the available parameter group families for the /// MySQL DB engine, use the following command: @@ -48,13 +48,13 @@ pub struct DBParameterGroupSpec { /// /// The following are the valid DB engine values: /// - /// * aurora (for MySQL 5.6-compatible Aurora) - /// - /// * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) + /// * aurora-mysql /// /// * aurora-postgresql /// - /// * mariadb + /// * db2-ae + /// + /// * db2-se /// /// * mysql /// @@ -97,8 +97,10 @@ pub struct DBParameterGroupSpec { /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. /// -/// For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) -/// in the Amazon RDS User Guide. +/// For more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) +/// in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources +/// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) +/// in the Amazon Aurora User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBParameterGroupTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -115,7 +117,7 @@ pub struct DBParameterGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbproxies.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbproxies.rs index cd630db30..0e009abcb 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbproxies.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbproxies.rs @@ -25,9 +25,9 @@ use self::prelude::*; pub struct DBProxySpec { /// The authorization mechanism that the proxy uses. pub auth: Vec, - /// Whether the proxy includes detailed information about SQL statements in its - /// logs. This information helps you to debug issues involving SQL behavior or - /// the performance and scalability of the proxy connections. The debug information + /// Specifies whether the proxy includes detailed information about SQL statements + /// in its logs. This information helps you to debug issues involving SQL behavior + /// or the performance and scalability of the proxy connections. The debug information /// includes the text of SQL statements that you submit through the proxy. Thus, /// only enable this setting when needed for debugging, and only when you have /// security measures in place to safeguard any sensitive information that appears @@ -53,9 +53,9 @@ pub struct DBProxySpec { /// letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive /// hyphens. pub name: String, - /// A Boolean parameter that specifies whether Transport Layer Security (TLS) - /// encryption is required for connections to the proxy. By enabling this setting, - /// you can enforce encrypted TLS connections to the proxy. + /// Specifies whether Transport Layer Security (TLS) encryption is required for + /// connections to the proxy. By enabling this setting, you can enforce encrypted + /// TLS connections to the proxy. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requireTLS")] pub require_tls: Option, /// The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access @@ -94,8 +94,10 @@ pub struct DBProxyAuth { /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. /// -/// For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) -/// in the Amazon RDS User Guide. +/// For more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) +/// in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources +/// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) +/// in the Amazon Aurora User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBProxyTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -112,7 +114,7 @@ pub struct DBProxyStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs index 7341ff4f9..ea9f1fb81 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs @@ -76,8 +76,10 @@ pub struct DBSubnetGroupSubnetRefsFrom { /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. /// -/// For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) -/// in the Amazon RDS User Guide. +/// For more information, see Tagging Amazon RDS resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) +/// in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS resources +/// (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) +/// in the Amazon Aurora User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DBSubnetGroupTags { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -94,7 +96,7 @@ pub struct DBSubnetGroupStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/globalclusters.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/globalclusters.rs index e1ea692f2..55b9bb242 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/globalclusters.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/globalclusters.rs @@ -21,29 +21,66 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct GlobalClusterSpec { - /// The name for your database of up to 64 alphanumeric characters. If you do - /// not provide a name, Amazon Aurora will not create a database in the global - /// database cluster you are creating. + /// The name for your database of up to 64 alphanumeric characters. If you don't + /// specify a name, Amazon Aurora doesn't create a database in the global database + /// cluster. + /// + /// Constraints: + /// + /// * Can't be specified if SourceDBClusterIdentifier is specified. In this + /// case, Amazon Aurora uses the database name from the source DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "databaseName")] pub database_name: Option, - /// The deletion protection setting for the new global database. The global database - /// can't be deleted when deletion protection is enabled. + /// Specifies whether to enable deletion protection for the new global database + /// cluster. The global database can't be deleted when deletion protection is + /// enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "deletionProtection")] pub deletion_protection: Option, - /// The name of the database engine to be used for this DB cluster. + /// The database engine to use for this global database cluster. + /// + /// Valid Values: aurora-mysql | aurora-postgresql + /// + /// Constraints: + /// + /// * Can't be specified if SourceDBClusterIdentifier is specified. In this + /// case, Amazon Aurora uses the engine of the source DB cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub engine: Option, - /// The engine version of the Aurora global database. + /// The engine version to use for this global database cluster. + /// + /// Constraints: + /// + /// * Can't be specified if SourceDBClusterIdentifier is specified. In this + /// case, Amazon Aurora uses the engine version of the source DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineVersion")] pub engine_version: Option, - /// The cluster identifier of the new global database cluster. + /// The cluster identifier for this global database cluster. This parameter is + /// stored as a lowercase string. #[serde(default, skip_serializing_if = "Option::is_none", rename = "globalClusterIdentifier")] pub global_cluster_identifier: Option, /// The Amazon Resource Name (ARN) to use as the primary cluster of the global - /// database. This parameter is optional. + /// database. + /// + /// If you provide a value for this parameter, don't specify values for the following + /// settings because Amazon Aurora uses the values from the specified source + /// DB cluster: + /// + /// * DatabaseName + /// + /// * Engine + /// + /// * EngineVersion + /// + /// * StorageEncrypted #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourceDBClusterIdentifier")] pub source_db_cluster_identifier: Option, - /// The storage encryption setting for the new global database cluster. + /// Specifies whether to enable storage encryption for the new global database + /// cluster. + /// + /// Constraints: + /// + /// * Can't be specified if SourceDBClusterIdentifier is specified. In this + /// case, Amazon Aurora uses the setting from the source DB cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageEncrypted")] pub storage_encrypted: Option, } @@ -56,16 +93,21 @@ pub struct GlobalClusterStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// The life cycle type for the global cluster. + /// + /// For more information, see CreateGlobalCluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineLifecycleSupport")] + pub engine_lifecycle_support: Option, /// A data object containing all properties for the current state of an in-process - /// or pending failover process for this Aurora global database. This object - /// is empty unless the FailoverGlobalCluster API operation has been called on - /// this Aurora global database (GlobalCluster). + /// or pending switchover or failover process for this global cluster (Aurora + /// global database). This object is empty unless the SwitchoverGlobalCluster + /// or FailoverGlobalCluster operation was called on this global cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failoverState")] pub failover_state: Option, /// The list of primary and secondary clusters within the global database cluster. @@ -105,9 +147,9 @@ pub struct GlobalClusterStatusAckResourceMetadata { } /// A data object containing all properties for the current state of an in-process -/// or pending failover process for this Aurora global database. This object -/// is empty unless the FailoverGlobalCluster API operation has been called on -/// this Aurora global database (GlobalCluster). +/// or pending switchover or failover process for this global cluster (Aurora +/// global database). This object is empty unless the SwitchoverGlobalCluster +/// or FailoverGlobalCluster operation was called on this global cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GlobalClusterStatusFailoverState { #[serde(default, skip_serializing_if = "Option::is_none", rename = "fromDBClusterARN")] @@ -119,7 +161,7 @@ pub struct GlobalClusterStatusFailoverState { } /// A data structure with information about any primary and secondary clusters -/// associated with an Aurora global database. +/// associated with a global cluster (Aurora global database). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct GlobalClusterStatusGlobalClusterMembers { #[serde(default, skip_serializing_if = "Option::is_none", rename = "dbClusterARN")] diff --git a/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/clusterobjectsyncs.rs b/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/clusterobjectsyncs.rs index ae5bcc2fa..b7322e4ca 100644 --- a/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/clusterobjectsyncs.rs +++ b/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/clusterobjectsyncs.rs @@ -17,13 +17,16 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterObjectSyncSpec { - /// ObjectAPIVersion is the APIVersion of the object that was successfully persist to the edge node. + /// ObjectAPIVersion is the APIVersion of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectAPIVersion")] pub object_api_version: Option, - /// ObjectType is the kind of the object that was successfully persist to the edge node. + /// ObjectType is the kind of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectKind")] pub object_kind: Option, - /// ObjectName is the name of the object that was successfully persist to the edge node. + /// ObjectName is the name of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectName")] pub object_name: Option, } @@ -31,7 +34,8 @@ pub struct ClusterObjectSyncSpec { /// ObjectSyncStatus stores the resourceversion of objects that persist to the edge. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterObjectSyncStatus { - /// ObjectResourceVersion is the resourceversion of the object that was successfully persist to the edge node. + /// ObjectResourceVersion is the resourceversion of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectResourceVersion")] pub object_resource_version: Option, } diff --git a/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/objectsyncs.rs b/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/objectsyncs.rs index fa49b04a5..723fa8488 100644 --- a/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/objectsyncs.rs +++ b/kube-custom-resources-rs/src/reliablesyncs_kubeedge_io/v1alpha1/objectsyncs.rs @@ -18,13 +18,16 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ObjectSyncSpec { - /// ObjectAPIVersion is the APIVersion of the object that was successfully persist to the edge node. + /// ObjectAPIVersion is the APIVersion of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectAPIVersion")] pub object_api_version: Option, - /// ObjectType is the kind of the object that was successfully persist to the edge node. + /// ObjectType is the kind of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectKind")] pub object_kind: Option, - /// ObjectName is the name of the object that was successfully persist to the edge node. + /// ObjectName is the name of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectName")] pub object_name: Option, } @@ -32,7 +35,8 @@ pub struct ObjectSyncSpec { /// ObjectSyncStatus stores the resourceversion of objects that persist to the edge. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ObjectSyncStatus { - /// ObjectResourceVersion is the resourceversion of the object that was successfully persist to the edge node. + /// ObjectResourceVersion is the resourceversion of the object + /// that was successfully persist to the edge node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectResourceVersion")] pub object_resource_version: Option, } diff --git a/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulpbackups.rs b/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulpbackups.rs index 180fa10c1..e7b76a9b1 100644 --- a/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulpbackups.rs +++ b/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulpbackups.rs @@ -258,7 +258,7 @@ pub struct PulpBackupAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -269,7 +269,7 @@ pub struct PulpBackupAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -379,7 +379,7 @@ pub struct PulpBackupAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -390,7 +390,7 @@ pub struct PulpBackupAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -531,7 +531,7 @@ pub struct PulpBackupAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -542,7 +542,7 @@ pub struct PulpBackupAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -652,7 +652,7 @@ pub struct PulpBackupAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDurin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -663,7 +663,7 @@ pub struct PulpBackupAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDurin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. diff --git a/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs b/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs index 376f1119d..aa23f7025 100644 --- a/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs +++ b/kube-custom-resources-rs/src/repo_manager_pulpproject_org/v1beta2/pulps.rs @@ -339,9 +339,7 @@ pub struct PulpAdminPasswordJobContainerEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -384,9 +382,7 @@ pub struct PulpAdminPasswordJobContainerEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -400,11 +396,9 @@ pub struct PulpAdminPasswordJobContainerResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -427,6 +421,11 @@ pub struct PulpAdminPasswordJobContainerResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Api defines desired state of pulpcore-api resources @@ -690,7 +689,7 @@ pub struct PulpApiAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -701,7 +700,7 @@ pub struct PulpApiAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -811,7 +810,7 @@ pub struct PulpApiAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecut /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -822,7 +821,7 @@ pub struct PulpApiAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecut /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -963,7 +962,7 @@ pub struct PulpApiAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -974,7 +973,7 @@ pub struct PulpApiAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringE /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1084,7 +1083,7 @@ pub struct PulpApiAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -1095,7 +1094,7 @@ pub struct PulpApiAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1234,9 +1233,7 @@ pub struct PulpApiEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1279,9 +1276,7 @@ pub struct PulpApiEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1354,9 +1349,7 @@ pub struct PulpApiInitContainerEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1399,9 +1392,7 @@ pub struct PulpApiInitContainerEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1415,11 +1406,9 @@ pub struct PulpApiInitContainerResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1442,6 +1431,11 @@ pub struct PulpApiInitContainerResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Periodic probe of container liveness. @@ -1515,7 +1509,6 @@ pub struct PulpApiLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -1591,30 +1584,25 @@ pub struct PulpApiPdb { /// should be considered for eviction. Current implementation considers healthy pods, /// as pods that have status.conditions item with type="Ready",status="True". /// - /// /// Valid policies are IfHealthyBudget and AlwaysAllow. /// If no policy is specified, the default behavior will be used, /// which corresponds to the IfHealthyBudget policy. /// - /// /// IfHealthyBudget policy means that running pods (status.phase="Running"), /// but not yet healthy can be evicted only if the guarded application is not /// disrupted (status.currentHealthy is at least equal to status.desiredHealthy). /// Healthy pods will be subject to the PDB for eviction. /// - /// /// AlwaysAllow policy means that all running pods (status.phase="Running"), /// but not yet healthy are considered disrupted and can be evicted regardless /// of whether the criteria in a PDB is met. This means perspective running /// pods of a disrupted application might not get a chance to become healthy. /// Healthy pods will be subject to the PDB for eviction. /// - /// /// Additional policies may be added in the future. /// Clients making eviction decisions should disallow eviction of unhealthy pods /// if they encounter an unrecognized policy in this field. /// - /// /// This field is beta-level. The eviction API uses this field when /// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyPodEvictionPolicy")] @@ -1725,7 +1713,6 @@ pub struct PulpApiReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -1782,11 +1769,9 @@ pub struct PulpApiResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1809,6 +1794,11 @@ pub struct PulpApiResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The deployment strategy to use to replace existing pods with new ones. @@ -1816,9 +1806,6 @@ pub struct PulpApiResourceRequirementsClaims { pub struct PulpApiStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. @@ -1828,9 +1815,6 @@ pub struct PulpApiStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PulpApiStrategyRollingUpdate { /// The maximum number of pods that can be scheduled above the desired number of @@ -1907,7 +1891,6 @@ pub struct PulpApiTopologySpreadConstraints { /// Keys that don't exist in the incoming pod labels will /// be ignored. A null or empty list means only match against labelSelector. /// - /// /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, @@ -1941,7 +1924,6 @@ pub struct PulpApiTopologySpreadConstraints { /// Valid values are integers greater than 0. /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. /// - /// /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same /// labelSelector spread as 2/2/2: /// | zone1 | zone2 | zone3 | @@ -1957,7 +1939,6 @@ pub struct PulpApiTopologySpreadConstraints { /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. /// - /// /// If this value is nil, the behavior is equivalent to the Honor policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] @@ -1968,7 +1949,6 @@ pub struct PulpApiTopologySpreadConstraints { /// has a toleration, are included. /// - Ignore: node taints are ignored. All nodes are included. /// - /// /// If this value is nil, the behavior is equivalent to the Ignore policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] @@ -2298,7 +2278,7 @@ pub struct PulpCacheAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2309,7 +2289,7 @@ pub struct PulpCacheAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2419,7 +2399,7 @@ pub struct PulpCacheAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExec /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2430,7 +2410,7 @@ pub struct PulpCacheAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExec /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2571,7 +2551,7 @@ pub struct PulpCacheAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2582,7 +2562,7 @@ pub struct PulpCacheAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDurin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2692,7 +2672,7 @@ pub struct PulpCacheAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuring /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -2703,7 +2683,7 @@ pub struct PulpCacheAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuring /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -2864,7 +2844,6 @@ pub struct PulpCacheLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -2986,7 +2965,6 @@ pub struct PulpCacheReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -3043,11 +3021,9 @@ pub struct PulpCacheRedisResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -3070,6 +3046,11 @@ pub struct PulpCacheRedisResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The deployment strategy to use to replace existing pods with new ones. @@ -3077,9 +3058,6 @@ pub struct PulpCacheRedisResourceRequirementsClaims { pub struct PulpCacheStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. @@ -3089,9 +3067,6 @@ pub struct PulpCacheStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PulpCacheStrategyRollingUpdate { /// The maximum number of pods that can be scheduled above the desired number of @@ -3412,7 +3387,7 @@ pub struct PulpContentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringE /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3423,7 +3398,7 @@ pub struct PulpContentAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringE /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3533,7 +3508,7 @@ pub struct PulpContentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3544,7 +3519,7 @@ pub struct PulpContentAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3685,7 +3660,7 @@ pub struct PulpContentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDur /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3696,7 +3671,7 @@ pub struct PulpContentAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDur /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3806,7 +3781,7 @@ pub struct PulpContentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -3817,7 +3792,7 @@ pub struct PulpContentAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -3956,9 +3931,7 @@ pub struct PulpContentEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4001,9 +3974,7 @@ pub struct PulpContentEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4076,9 +4047,7 @@ pub struct PulpContentInitContainerEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4121,9 +4090,7 @@ pub struct PulpContentInitContainerEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4137,11 +4104,9 @@ pub struct PulpContentInitContainerResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -4164,6 +4129,11 @@ pub struct PulpContentInitContainerResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Periodic probe of container liveness. @@ -4237,7 +4207,6 @@ pub struct PulpContentLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4313,30 +4282,25 @@ pub struct PulpContentPdb { /// should be considered for eviction. Current implementation considers healthy pods, /// as pods that have status.conditions item with type="Ready",status="True". /// - /// /// Valid policies are IfHealthyBudget and AlwaysAllow. /// If no policy is specified, the default behavior will be used, /// which corresponds to the IfHealthyBudget policy. /// - /// /// IfHealthyBudget policy means that running pods (status.phase="Running"), /// but not yet healthy can be evicted only if the guarded application is not /// disrupted (status.currentHealthy is at least equal to status.desiredHealthy). /// Healthy pods will be subject to the PDB for eviction. /// - /// /// AlwaysAllow policy means that all running pods (status.phase="Running"), /// but not yet healthy are considered disrupted and can be evicted regardless /// of whether the criteria in a PDB is met. This means perspective running /// pods of a disrupted application might not get a chance to become healthy. /// Healthy pods will be subject to the PDB for eviction. /// - /// /// Additional policies may be added in the future. /// Clients making eviction decisions should disallow eviction of unhealthy pods /// if they encounter an unrecognized policy in this field. /// - /// /// This field is beta-level. The eviction API uses this field when /// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyPodEvictionPolicy")] @@ -4447,7 +4411,6 @@ pub struct PulpContentReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -4504,11 +4467,9 @@ pub struct PulpContentResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -4531,6 +4492,11 @@ pub struct PulpContentResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The deployment strategy to use to replace existing pods with new ones. @@ -4538,9 +4504,6 @@ pub struct PulpContentResourceRequirementsClaims { pub struct PulpContentStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. @@ -4550,9 +4513,6 @@ pub struct PulpContentStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PulpContentStrategyRollingUpdate { /// The maximum number of pods that can be scheduled above the desired number of @@ -4629,7 +4589,6 @@ pub struct PulpContentTopologySpreadConstraints { /// Keys that don't exist in the incoming pod labels will /// be ignored. A null or empty list means only match against labelSelector. /// - /// /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, @@ -4663,7 +4622,6 @@ pub struct PulpContentTopologySpreadConstraints { /// Valid values are integers greater than 0. /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. /// - /// /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same /// labelSelector spread as 2/2/2: /// | zone1 | zone2 | zone3 | @@ -4679,7 +4637,6 @@ pub struct PulpContentTopologySpreadConstraints { /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. /// - /// /// If this value is nil, the behavior is equivalent to the Honor policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] @@ -4690,7 +4647,6 @@ pub struct PulpContentTopologySpreadConstraints { /// has a toleration, are included. /// - Ignore: node taints are ignored. All nodes are included. /// - /// /// If this value is nil, the behavior is equivalent to the Ignore policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] @@ -5038,7 +4994,7 @@ pub struct PulpDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuring /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -5049,7 +5005,7 @@ pub struct PulpDatabaseAffinityPodAffinityPreferredDuringSchedulingIgnoredDuring /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5159,7 +5115,7 @@ pub struct PulpDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringE /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -5170,7 +5126,7 @@ pub struct PulpDatabaseAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringE /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5311,7 +5267,7 @@ pub struct PulpDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -5322,7 +5278,7 @@ pub struct PulpDatabaseAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDu /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5432,7 +5388,7 @@ pub struct PulpDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDur /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -5443,7 +5399,7 @@ pub struct PulpDatabaseAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDur /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5604,7 +5560,6 @@ pub struct PulpDatabaseLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -5661,11 +5616,9 @@ pub struct PulpDatabasePostgresResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -5688,6 +5641,11 @@ pub struct PulpDatabasePostgresResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Periodic probe of container service readiness. @@ -5761,7 +5719,6 @@ pub struct PulpDatabaseReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -5978,9 +5935,7 @@ pub struct PulpMigrationJobContainerEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -6023,9 +5978,7 @@ pub struct PulpMigrationJobContainerEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -6039,11 +5992,9 @@ pub struct PulpMigrationJobContainerResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -6066,6 +6017,11 @@ pub struct PulpMigrationJobContainerResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Job to store signing metadata scripts @@ -6141,9 +6097,7 @@ pub struct PulpSigningJobContainerEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -6186,9 +6140,7 @@ pub struct PulpSigningJobContainerEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -6202,11 +6154,9 @@ pub struct PulpSigningJobContainerResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -6229,6 +6179,11 @@ pub struct PulpSigningJobContainerResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Telemetry defines the OpenTelemetry configuration @@ -6259,11 +6214,9 @@ pub struct PulpTelemetryResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -6286,6 +6239,11 @@ pub struct PulpTelemetryResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Web defines desired state of pulpcore-web (reverse-proxy) resources @@ -6379,9 +6337,7 @@ pub struct PulpWebEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -6424,9 +6380,7 @@ pub struct PulpWebEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -6505,7 +6459,6 @@ pub struct PulpWebLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -6581,30 +6534,25 @@ pub struct PulpWebPdb { /// should be considered for eviction. Current implementation considers healthy pods, /// as pods that have status.conditions item with type="Ready",status="True". /// - /// /// Valid policies are IfHealthyBudget and AlwaysAllow. /// If no policy is specified, the default behavior will be used, /// which corresponds to the IfHealthyBudget policy. /// - /// /// IfHealthyBudget policy means that running pods (status.phase="Running"), /// but not yet healthy can be evicted only if the guarded application is not /// disrupted (status.currentHealthy is at least equal to status.desiredHealthy). /// Healthy pods will be subject to the PDB for eviction. /// - /// /// AlwaysAllow policy means that all running pods (status.phase="Running"), /// but not yet healthy are considered disrupted and can be evicted regardless /// of whether the criteria in a PDB is met. This means perspective running /// pods of a disrupted application might not get a chance to become healthy. /// Healthy pods will be subject to the PDB for eviction. /// - /// /// Additional policies may be added in the future. /// Clients making eviction decisions should disallow eviction of unhealthy pods /// if they encounter an unrecognized policy in this field. /// - /// /// This field is beta-level. The eviction API uses this field when /// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyPodEvictionPolicy")] @@ -6715,7 +6663,6 @@ pub struct PulpWebReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -6772,11 +6719,9 @@ pub struct PulpWebResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -6799,6 +6744,11 @@ pub struct PulpWebResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The deployment strategy to use to replace existing pods with new ones. @@ -6806,9 +6756,6 @@ pub struct PulpWebResourceRequirementsClaims { pub struct PulpWebStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. @@ -6818,9 +6765,6 @@ pub struct PulpWebStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PulpWebStrategyRollingUpdate { /// The maximum number of pods that can be scheduled above the desired number of @@ -7116,7 +7060,7 @@ pub struct PulpWorkerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7127,7 +7071,7 @@ pub struct PulpWorkerAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringEx /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7237,7 +7181,7 @@ pub struct PulpWorkerAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7248,7 +7192,7 @@ pub struct PulpWorkerAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExe /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7389,7 +7333,7 @@ pub struct PulpWorkerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7400,7 +7344,7 @@ pub struct PulpWorkerAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuri /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7510,7 +7454,7 @@ pub struct PulpWorkerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDurin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. /// Also, matchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will @@ -7521,7 +7465,7 @@ pub struct PulpWorkerAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDurin /// pod labels will be ignored. The default value is empty. /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -7660,9 +7604,7 @@ pub struct PulpWorkerEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -7705,9 +7647,7 @@ pub struct PulpWorkerEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7780,9 +7720,7 @@ pub struct PulpWorkerInitContainerEnvVarsValueFromConfigMapKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -7825,9 +7763,7 @@ pub struct PulpWorkerInitContainerEnvVarsValueFromSecretKeyRef { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7841,11 +7777,9 @@ pub struct PulpWorkerInitContainerResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -7868,6 +7802,11 @@ pub struct PulpWorkerInitContainerResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// Periodic probe of container liveness. @@ -7941,7 +7880,6 @@ pub struct PulpWorkerLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -8017,30 +7955,25 @@ pub struct PulpWorkerPdb { /// should be considered for eviction. Current implementation considers healthy pods, /// as pods that have status.conditions item with type="Ready",status="True". /// - /// /// Valid policies are IfHealthyBudget and AlwaysAllow. /// If no policy is specified, the default behavior will be used, /// which corresponds to the IfHealthyBudget policy. /// - /// /// IfHealthyBudget policy means that running pods (status.phase="Running"), /// but not yet healthy can be evicted only if the guarded application is not /// disrupted (status.currentHealthy is at least equal to status.desiredHealthy). /// Healthy pods will be subject to the PDB for eviction. /// - /// /// AlwaysAllow policy means that all running pods (status.phase="Running"), /// but not yet healthy are considered disrupted and can be evicted regardless /// of whether the criteria in a PDB is met. This means perspective running /// pods of a disrupted application might not get a chance to become healthy. /// Healthy pods will be subject to the PDB for eviction. /// - /// /// Additional policies may be added in the future. /// Clients making eviction decisions should disallow eviction of unhealthy pods /// if they encounter an unrecognized policy in this field. /// - /// /// This field is beta-level. The eviction API uses this field when /// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "unhealthyPodEvictionPolicy")] @@ -8151,7 +8084,6 @@ pub struct PulpWorkerReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, @@ -8208,11 +8140,9 @@ pub struct PulpWorkerResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -8235,6 +8165,11 @@ pub struct PulpWorkerResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// The deployment strategy to use to replace existing pods with new ones. @@ -8242,9 +8177,6 @@ pub struct PulpWorkerResourceRequirementsClaims { pub struct PulpWorkerStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] pub rolling_update: Option, /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. @@ -8254,9 +8186,6 @@ pub struct PulpWorkerStrategy { /// Rolling update config params. Present only if DeploymentStrategyType = /// RollingUpdate. -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PulpWorkerStrategyRollingUpdate { /// The maximum number of pods that can be scheduled above the desired number of @@ -8333,7 +8262,6 @@ pub struct PulpWorkerTopologySpreadConstraints { /// Keys that don't exist in the incoming pod labels will /// be ignored. A null or empty list means only match against labelSelector. /// - /// /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, @@ -8367,7 +8295,6 @@ pub struct PulpWorkerTopologySpreadConstraints { /// Valid values are integers greater than 0. /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. /// - /// /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same /// labelSelector spread as 2/2/2: /// | zone1 | zone2 | zone3 | @@ -8383,7 +8310,6 @@ pub struct PulpWorkerTopologySpreadConstraints { /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. /// - /// /// If this value is nil, the behavior is equivalent to the Honor policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] @@ -8394,7 +8320,6 @@ pub struct PulpWorkerTopologySpreadConstraints { /// has a toleration, are included. /// - Ignore: node taints are ignored. All nodes are included. /// - /// /// If this value is nil, the behavior is equivalent to the Ignore policy. /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] diff --git a/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportusers.rs b/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportusers.rs index 68c7c9e54..0fdc49d90 100644 --- a/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportusers.rs +++ b/kube-custom-resources-rs/src/resources_teleport_dev/v2/teleportusers.rs @@ -48,6 +48,9 @@ pub struct TeleportUserGithubIdentities { /// SAMLSingleLogoutURL is the SAML Single log-out URL to initiate SAML SLO (single log-out), if applicable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "samlSingleLogoutUrl")] pub saml_single_logout_url: Option, + /// UserID is the ID of the identity. Some connectors like GitHub have an unique ID apart from the username. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user_id: Option, /// Username is username supplied by external identity provider #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, @@ -61,6 +64,9 @@ pub struct TeleportUserOidcIdentities { /// SAMLSingleLogoutURL is the SAML Single log-out URL to initiate SAML SLO (single log-out), if applicable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "samlSingleLogoutUrl")] pub saml_single_logout_url: Option, + /// UserID is the ID of the identity. Some connectors like GitHub have an unique ID apart from the username. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user_id: Option, /// Username is username supplied by external identity provider #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, @@ -74,6 +80,9 @@ pub struct TeleportUserSamlIdentities { /// SAMLSingleLogoutURL is the SAML Single log-out URL to initiate SAML SLO (single log-out), if applicable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "samlSingleLogoutUrl")] pub saml_single_logout_url: Option, + /// UserID is the ID of the identity. Some connectors like GitHub have an unique ID apart from the username. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user_id: Option, /// Username is username supplied by external identity provider #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, diff --git a/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/brokers.rs b/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/brokers.rs index 8f51ac93e..06109e3e1 100644 --- a/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/brokers.rs +++ b/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/brokers.rs @@ -56,6 +56,9 @@ pub struct BrokerSpec { /// NodeSelector is a selector which must be true for the pod to fit on a node #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// Pod Annotations + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAnnotations")] + pub pod_annotations: Option>, /// PriorityClassName indicates the pod's priority #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, diff --git a/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/nameservices.rs b/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/nameservices.rs index 1c069ec22..5a966cc1a 100644 --- a/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/nameservices.rs +++ b/kube-custom-resources-rs/src/rocketmq_apache_org/v1alpha1/nameservices.rs @@ -51,6 +51,9 @@ pub struct NameServiceSpec { /// NodeSelector is a selector which must be true for the pod to fit on a node #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// Pod Annotations + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAnnotations")] + pub pod_annotations: Option>, /// PriorityClassName indicates the pod's priority #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, diff --git a/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/hostedzones.rs b/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/hostedzones.rs index bf0c325b8..dcc96436e 100644 --- a/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/hostedzones.rs +++ b/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/hostedzones.rs @@ -130,7 +130,7 @@ pub struct HostedZoneStatus { /// zone. #[serde(default, skip_serializing_if = "Option::is_none", rename = "callerReference")] pub caller_reference: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs b/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs index 70ca2c692..c75017b98 100644 --- a/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs +++ b/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs @@ -91,9 +91,6 @@ pub struct RecordSetSpec { /// to a web server with an IP address of 192.0.2.111, create a resource record /// set with a Type of A and a ContinentCode of AF. /// - /// Although creating geolocation and geolocation alias resource record sets - /// in a private hosted zone is allowed, it's not supported. - /// /// If you create separate resource record sets for overlapping geographic regions /// (for example, one resource record set for a continent and one for a country /// on the same continent), priority goes to the smallest geographic region. @@ -292,11 +289,6 @@ pub struct RecordSetSpec { /// domain name, DNS treats it as an * character (ASCII 42), not as a wildcard. /// You can't use the * wildcard for resource records sets that have a type /// of NS. - /// - /// You can use the * wildcard as the leftmost label in a domain name, for example, - /// *.example.com. You can't use an * for one of the middle labels, for example, - /// marketing.*.example.com. In addition, the * must replace the entire label; - /// for example, you can't specify prod*.example.com. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// The DNS record type. For information about different record types and how @@ -304,15 +296,16 @@ pub struct RecordSetSpec { /// in the Amazon Route 53 Developer Guide. /// /// Valid values for basic resource record sets: A | AAAA | CAA | CNAME | DS - /// |MX | NAPTR | NS | PTR | SOA | SPF | SRV | TXT + /// |MX | NAPTR | NS | PTR | SOA | SPF | SRV | TXT| TLSA| SSHFP| SVCB| HTTPS /// /// Values for weighted, latency, geolocation, and failover resource record sets: - /// A | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT. When creating - /// a group of weighted, latency, geolocation, or failover resource record sets, - /// specify the same value for all of the resource record sets in the group. + /// A | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT| TLSA| SSHFP| + /// SVCB| HTTPS. When creating a group of weighted, latency, geolocation, or + /// failover resource record sets, specify the same value for all of the resource + /// record sets in the group. /// /// Valid values for multivalue answer resource record sets: A | AAAA | MX | - /// NAPTR | PTR | SPF | SRV | TXT + /// NAPTR | PTR | SPF | SRV | TXT| CAA| TLSA| SSHFP| SVCB| HTTPS /// /// SPF records were formerly used to verify the identity of the sender of email /// messages. However, we no longer recommend that you create resource record @@ -607,9 +600,6 @@ pub struct RecordSetCidrRoutingConfig { /// to a web server with an IP address of 192.0.2.111, create a resource record /// set with a Type of A and a ContinentCode of AF. /// -/// Although creating geolocation and geolocation alias resource record sets -/// in a private hosted zone is allowed, it's not supported. -/// /// If you create separate resource record sets for overlapping geographic regions /// (for example, one resource record set for a continent and one for a country /// on the same continent), priority goes to the smallest geographic region. @@ -688,7 +678,7 @@ pub struct RecordSetStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs b/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs index 2f9ad4b7d..60b4cd238 100644 --- a/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs +++ b/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs @@ -38,13 +38,16 @@ pub struct ResolverEndpointSpec { /// The subnets and IP addresses in your VPC that DNS queries originate from /// (for outbound endpoints) or that you forward DNS queries to (for inbound /// endpoints). The subnet ID uniquely identifies a VPC. + /// + /// Even though the minimum is 1, Route 53 requires that you create at least + /// two. #[serde(rename = "ipAddresses")] pub ip_addresses: Vec, /// A friendly name that lets you easily find a configuration in the Resolver /// dashboard in the Route 53 console. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// For the endpoint type you can choose either IPv4, IPv6. or dual-stack. A + /// For the endpoint type you can choose either IPv4, IPv6, or dual-stack. A /// dual-stack endpoint means that it will resolve via both IPv4 and IPv6. This /// endpoint type is applied to all IP addresses. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resolverEndpointType")] @@ -55,6 +58,13 @@ pub struct ResolverEndpointSpec { /// Resolver endpoints). Inbound and outbound rules must allow TCP and UDP access. /// For inbound access, open port 53. For outbound access, open the port that /// you're using for DNS queries on your network. + /// + /// Some security group rules will cause your connection to be tracked. For outbound + /// resolver endpoint, it can potentially impact the maximum queries per second + /// from outbound endpoint to your target name server. For inbound resolver endpoint, + /// it can bring down the overall maximum queries per second per IP address to + /// as low as 1500. To avoid connection tracking caused by security group, see + /// Untracked connections (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#untracked-connectionsl). #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIDs")] pub security_group_i_ds: Option>, #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupRefs")] @@ -143,7 +153,7 @@ pub struct ResolverEndpointStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource @@ -167,6 +177,8 @@ pub struct ResolverEndpointStatus { /// The number of IP addresses that the Resolver endpoint can use for DNS queries. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAddressCount")] pub ip_address_count: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAddresses")] + pub ip_addresses: Option>, /// The date and time that the endpoint was last modified, in Unix time format /// and Coordinated Universal Time (UTC). #[serde(default, skip_serializing_if = "Option::is_none", rename = "modificationTime")] @@ -232,3 +244,26 @@ pub struct ResolverEndpointStatusAckResourceMetadata { pub region: String, } +/// In the response to a GetResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html) +/// request, information about the IP addresses that the Resolver endpoint uses +/// for DNS queries. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ResolverEndpointStatusIpAddresses { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationTime")] + pub creation_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipID")] + pub ip_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ipv6: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "modificationTime")] + pub modification_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusMessage")] + pub status_message: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetID")] + pub subnet_id: Option, +} + diff --git a/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverrules.rs b/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverrules.rs index 17a03e791..7ff0f21c9 100644 --- a/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverrules.rs +++ b/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverrules.rs @@ -34,8 +34,8 @@ pub struct ResolverRuleSpec { /// specify in TargetIps. If a query matches multiple Resolver rules (example.com /// and www.example.com), outbound DNS queries are routed using the Resolver /// rule that contains the most specific domain name (www.example.com). - #[serde(rename = "domainName")] - pub domain_name: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainName")] + pub domain_name: Option, /// A friendly name that lets you easily find a rule in the Resolver dashboard /// in the Route 53 console. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -64,7 +64,8 @@ pub struct ResolverRuleSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, /// The IPs that you want Resolver to forward DNS queries to. You can specify - /// only IPv4 addresses. Separate IP addresses with a space. + /// either Ipv4 or Ipv6 addresses but not both in the same rule. Separate IP + /// addresses with a space. /// /// TargetIps is available only when the value of Rule type is FORWARD. #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetIPs")] @@ -123,7 +124,7 @@ pub struct ResolverRuleStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/runtime_cluster_x_k8s_io/v1alpha1/extensionconfigs.rs b/kube-custom-resources-rs/src/runtime_cluster_x_k8s_io/v1alpha1/extensionconfigs.rs index 2d2ec5e28..8f1d8ec49 100644 --- a/kube-custom-resources-rs/src/runtime_cluster_x_k8s_io/v1alpha1/extensionconfigs.rs +++ b/kube-custom-resources-rs/src/runtime_cluster_x_k8s_io/v1alpha1/extensionconfigs.rs @@ -11,7 +11,7 @@ mod prelude { } use self::prelude::*; -/// ExtensionConfigSpec is the desired state of the ExtensionConfig +/// spec is the desired state of the ExtensionConfig #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "runtime.cluster.x-k8s.io", version = "v1alpha1", kind = "ExtensionConfig", plural = "extensionconfigs")] #[kube(status = "ExtensionConfigStatus")] @@ -118,7 +118,7 @@ pub struct ExtensionConfigNamespaceSelectorMatchExpressions { pub values: Option>, } -/// ExtensionConfigStatus is the current state of the ExtensionConfig +/// status is the current state of the ExtensionConfig #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ExtensionConfigStatus { /// conditions define the current service state of the ExtensionConfig. @@ -127,6 +127,9 @@ pub struct ExtensionConfigStatus { /// handlers defines the current ExtensionHandlers supported by an Extension. #[serde(default, skip_serializing_if = "Option::is_none")] pub handlers: Option>, + /// v1beta2 groups all the fields that will be added or modified in ExtensionConfig's status with the V1Beta2 version. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub v1beta2: Option, } /// ExtensionHandler specifies the details of a handler for a particular runtime hook registered by an Extension server. @@ -157,3 +160,12 @@ pub struct ExtensionConfigStatusHandlersRequestHook { pub hook: String, } +/// v1beta2 groups all the fields that will be added or modified in ExtensionConfig's status with the V1Beta2 version. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ExtensionConfigStatusV1beta2 { + /// conditions represents the observations of a ExtensionConfig's current state. + /// Known condition types are Discovered, Paused. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, +} + diff --git a/kube-custom-resources-rs/src/s3_services_k8s_aws/v1alpha1/buckets.rs b/kube-custom-resources-rs/src/s3_services_k8s_aws/v1alpha1/buckets.rs index a7fba9116..27da10d55 100644 --- a/kube-custom-resources-rs/src/s3_services_k8s_aws/v1alpha1/buckets.rs +++ b/kube-custom-resources-rs/src/s3_services_k8s_aws/v1alpha1/buckets.rs @@ -12,9 +12,7 @@ use self::prelude::*; /// BucketSpec defines the desired state of Bucket. /// -/// In terms of implementation, a Bucket is a resource. An Amazon S3 bucket name -/// is globally unique, and the namespace is shared by all Amazon Web Services -/// accounts. +/// In terms of implementation, a Bucket is a resource. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "s3.services.k8s.aws", version = "v1alpha1", kind = "Bucket", plural = "buckets")] #[kube(namespaced)] @@ -27,6 +25,8 @@ pub struct BucketSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub accelerate: Option, /// The canned ACL to apply to the bucket. + /// + /// This functionality is not supported for directory buckets. #[serde(default, skip_serializing_if = "Option::is_none")] pub acl: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -45,21 +45,31 @@ pub struct BucketSpec { pub encryption: Option, /// Allows grantee the read, write, read ACP, and write ACP permissions on the /// bucket. + /// + /// This functionality is not supported for directory buckets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "grantFullControl")] pub grant_full_control: Option, /// Allows grantee to list the objects in the bucket. + /// + /// This functionality is not supported for directory buckets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "grantRead")] pub grant_read: Option, /// Allows grantee to read the bucket ACL. + /// + /// This functionality is not supported for directory buckets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "grantReadACP")] pub grant_read_acp: Option, /// Allows grantee to create new objects in the bucket. /// /// For the bucket and object owners of existing objects, also allows deletions /// and overwrites of those objects. + /// + /// This functionality is not supported for directory buckets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "grantWrite")] pub grant_write: Option, /// Allows grantee to write the ACL for the applicable bucket. + /// + /// This functionality is not supported for directory buckets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "grantWriteACP")] pub grant_write_acp: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "intelligentTiering")] @@ -75,12 +85,27 @@ pub struct BucketSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub metrics: Option>, /// The name of the bucket to create. + /// + /// General purpose buckets - For information about bucket naming restrictions, + /// see Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) + /// in the Amazon S3 User Guide. + /// + /// Directory buckets - When you use this operation with a directory bucket, + /// you must use path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name + /// . Virtual-hosted-style requests aren't supported. Directory bucket names + /// must be unique in the chosen Zone (Availability Zone or Local Zone). Bucket + /// names must also follow the format bucket-base-name--zone-id--x-s3 (for example, + /// DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about bucket naming + /// restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + /// in the Amazon S3 User Guide pub name: String, /// A container for specifying the notification configuration of the bucket. /// If this element is empty, notifications are turned off for the bucket. #[serde(default, skip_serializing_if = "Option::is_none")] pub notification: Option, /// Specifies whether you want S3 Object Lock to be enabled for the new bucket. + /// + /// This functionality is not supported for directory buckets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectLockEnabledForBucket")] pub object_lock_enabled_for_bucket: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectOwnership")] @@ -90,6 +115,9 @@ pub struct BucketSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "ownershipControls")] pub ownership_controls: Option, /// The bucket policy as a JSON document. + /// + /// For directory buckets, the only IAM action supported in the bucket policy + /// is s3express:CreateSession. #[serde(default, skip_serializing_if = "Option::is_none")] pub policy: Option, /// The PublicAccessBlock configuration that you want to apply to this Amazon @@ -273,17 +301,37 @@ pub struct BucketEncryption { } /// Specifies the default server-side encryption configuration. +/// +/// * General purpose buckets - If you're specifying a customer managed KMS +/// key, we recommend using a fully qualified KMS key ARN. If you use a KMS +/// key alias instead, then KMS resolves the key within the requester’s +/// account. This behavior can result in data that's encrypted with a KMS +/// key that belongs to the requester, and not the bucket owner. +/// +/// * Directory buckets - When you specify an KMS customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) +/// for encryption in your directory bucket, only use the key ID or key ARN. +/// The key alias format of the KMS key isn't supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketEncryptionRules { /// Describes the default server-side encryption to apply to new objects in the /// bucket. If a PUT Object request doesn't specify any server-side encryption, - /// this default encryption will be applied. If you don't specify a customer - /// managed key at configuration, Amazon S3 automatically creates an Amazon Web - /// Services KMS key in your Amazon Web Services account the first time that - /// you add an object encrypted with SSE-KMS to a bucket. By default, Amazon - /// S3 uses this KMS key for SSE-KMS. For more information, see PUT Bucket encryption - /// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) - /// in the Amazon S3 API Reference. + /// this default encryption will be applied. For more information, see PutBucketEncryption + /// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html). + /// + /// * General purpose buckets - If you don't specify a customer managed key + /// at configuration, Amazon S3 automatically creates an Amazon Web Services + /// KMS key (aws/s3) in your Amazon Web Services account the first time that + /// you add an object encrypted with SSE-KMS to a bucket. By default, Amazon + /// S3 uses this KMS key for SSE-KMS. + /// + /// * Directory buckets - Your SSE-KMS configuration can only support 1 customer + /// managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) + /// per directory bucket for the lifetime of the bucket. The Amazon Web Services + /// managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) + /// (aws/s3) isn't supported. + /// + /// * Directory buckets - For directory buckets, there are only two supported + /// options for server-side encryption: SSE-S3 and SSE-KMS. #[serde(default, skip_serializing_if = "Option::is_none", rename = "applyServerSideEncryptionByDefault")] pub apply_server_side_encryption_by_default: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "bucketKeyEnabled")] @@ -292,13 +340,23 @@ pub struct BucketEncryptionRules { /// Describes the default server-side encryption to apply to new objects in the /// bucket. If a PUT Object request doesn't specify any server-side encryption, -/// this default encryption will be applied. If you don't specify a customer -/// managed key at configuration, Amazon S3 automatically creates an Amazon Web -/// Services KMS key in your Amazon Web Services account the first time that -/// you add an object encrypted with SSE-KMS to a bucket. By default, Amazon -/// S3 uses this KMS key for SSE-KMS. For more information, see PUT Bucket encryption -/// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) -/// in the Amazon S3 API Reference. +/// this default encryption will be applied. For more information, see PutBucketEncryption +/// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html). +/// +/// * General purpose buckets - If you don't specify a customer managed key +/// at configuration, Amazon S3 automatically creates an Amazon Web Services +/// KMS key (aws/s3) in your Amazon Web Services account the first time that +/// you add an object encrypted with SSE-KMS to a bucket. By default, Amazon +/// S3 uses this KMS key for SSE-KMS. +/// +/// * Directory buckets - Your SSE-KMS configuration can only support 1 customer +/// managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) +/// per directory bucket for the lifetime of the bucket. The Amazon Web Services +/// managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) +/// (aws/s3) isn't supported. +/// +/// * Directory buckets - For directory buckets, there are only two supported +/// options for server-side encryption: SSE-S3 and SSE-KMS. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketEncryptionRulesApplyServerSideEncryptionByDefault { #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsMasterKeyID")] @@ -471,20 +529,28 @@ pub struct BucketLifecycle { } /// A lifecycle rule for individual objects in an Amazon S3 bucket. +/// +/// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +/// in the Amazon S3 User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketLifecycleRules { /// Specifies the days since the initiation of an incomplete multipart upload /// that Amazon S3 will wait before permanently removing all parts of the upload. /// For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - /// Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) + /// Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) /// in the Amazon S3 User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "abortIncompleteMultipartUpload")] pub abort_incomplete_multipart_upload: Option, /// Container for the expiration for the lifecycle of the object. + /// + /// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) + /// in the Amazon S3 User Guide. #[serde(default, skip_serializing_if = "Option::is_none")] pub expiration: Option, /// The Filter is used to identify objects that a Lifecycle Rule applies to. - /// A Filter must have exactly one of Prefix, Tag, or And specified. + /// A Filter can have exactly one of Prefix, Tag, ObjectSizeGreaterThan, ObjectSizeLessThan, + /// or And specified. If the Filter element is left empty, the Lifecycle Rule + /// applies to all objects in the bucket. #[serde(default, skip_serializing_if = "Option::is_none")] pub filter: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -494,6 +560,9 @@ pub struct BucketLifecycleRules { /// configuration action on a bucket that has versioning enabled (or suspended) /// to request that Amazon S3 delete noncurrent object versions at a specific /// period in the object's lifetime. + /// + /// This parameter applies to general purpose buckets only. It is not supported + /// for directory bucket lifecycle configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noncurrentVersionExpiration")] pub noncurrent_version_expiration: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "noncurrentVersionTransitions")] @@ -509,7 +578,7 @@ pub struct BucketLifecycleRules { /// Specifies the days since the initiation of an incomplete multipart upload /// that Amazon S3 will wait before permanently removing all parts of the upload. /// For more information, see Aborting Incomplete Multipart Uploads Using a Bucket -/// Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) +/// Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) /// in the Amazon S3 User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketLifecycleRulesAbortIncompleteMultipartUpload { @@ -518,6 +587,9 @@ pub struct BucketLifecycleRulesAbortIncompleteMultipartUpload { } /// Container for the expiration for the lifecycle of the object. +/// +/// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +/// in the Amazon S3 User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketLifecycleRulesExpiration { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -529,7 +601,9 @@ pub struct BucketLifecycleRulesExpiration { } /// The Filter is used to identify objects that a Lifecycle Rule applies to. -/// A Filter must have exactly one of Prefix, Tag, or And specified. +/// A Filter can have exactly one of Prefix, Tag, ObjectSizeGreaterThan, ObjectSizeLessThan, +/// or And specified. If the Filter element is left empty, the Lifecycle Rule +/// applies to all objects in the bucket. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketLifecycleRulesFilter { /// This is used in a Lifecycle Rule Filter to apply a logical AND to two or @@ -586,6 +660,9 @@ pub struct BucketLifecycleRulesFilterTag { /// configuration action on a bucket that has versioning enabled (or suspended) /// to request that Amazon S3 delete noncurrent object versions at a specific /// period in the object's lifetime. +/// +/// This parameter applies to general purpose buckets only. It is not supported +/// for directory bucket lifecycle configurations. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketLifecycleRulesNoncurrentVersionExpiration { #[serde(default, skip_serializing_if = "Option::is_none", rename = "newerNoncurrentVersions")] @@ -767,7 +844,8 @@ pub struct BucketNotificationLambdaFunctionConfigurations { #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, /// Specifies object key name filtering rules. For information about key name - /// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) + /// filtering, see Configuring event notifications using object key name filtering + /// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) /// in the Amazon S3 User Guide. #[serde(default, skip_serializing_if = "Option::is_none")] pub filter: Option, @@ -780,7 +858,8 @@ pub struct BucketNotificationLambdaFunctionConfigurations { } /// Specifies object key name filtering rules. For information about key name -/// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) +/// filtering, see Configuring event notifications using object key name filtering +/// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) /// in the Amazon S3 User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketNotificationLambdaFunctionConfigurationsFilter { @@ -798,8 +877,15 @@ pub struct BucketNotificationLambdaFunctionConfigurationsFilterKey { pub filter_rules: Option>, } -/// Specifies the Amazon S3 object key name to filter on and whether to filter -/// on the suffix or prefix of the key name. +/// Specifies the Amazon S3 object key name to filter on. An object key name +/// is the name assigned to an object in your Amazon S3 bucket. You specify whether +/// to filter on the suffix or prefix of the object key name. A prefix is a specific +/// string of characters at the beginning of an object key name, which you can +/// use to organize objects. For example, you can start the key names of related +/// objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule +/// to find objects in a bucket with key names that have the same prefix. A suffix +/// is similar to a prefix, but it is at the end of the object key name instead +/// of at the beginning. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketNotificationLambdaFunctionConfigurationsFilterKeyFilterRules { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -815,7 +901,8 @@ pub struct BucketNotificationQueueConfigurations { #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, /// Specifies object key name filtering rules. For information about key name - /// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) + /// filtering, see Configuring event notifications using object key name filtering + /// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) /// in the Amazon S3 User Guide. #[serde(default, skip_serializing_if = "Option::is_none")] pub filter: Option, @@ -828,7 +915,8 @@ pub struct BucketNotificationQueueConfigurations { } /// Specifies object key name filtering rules. For information about key name -/// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) +/// filtering, see Configuring event notifications using object key name filtering +/// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) /// in the Amazon S3 User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketNotificationQueueConfigurationsFilter { @@ -846,8 +934,15 @@ pub struct BucketNotificationQueueConfigurationsFilterKey { pub filter_rules: Option>, } -/// Specifies the Amazon S3 object key name to filter on and whether to filter -/// on the suffix or prefix of the key name. +/// Specifies the Amazon S3 object key name to filter on. An object key name +/// is the name assigned to an object in your Amazon S3 bucket. You specify whether +/// to filter on the suffix or prefix of the object key name. A prefix is a specific +/// string of characters at the beginning of an object key name, which you can +/// use to organize objects. For example, you can start the key names of related +/// objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule +/// to find objects in a bucket with key names that have the same prefix. A suffix +/// is similar to a prefix, but it is at the end of the object key name instead +/// of at the beginning. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketNotificationQueueConfigurationsFilterKeyFilterRules { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -864,7 +959,8 @@ pub struct BucketNotificationTopicConfigurations { #[serde(default, skip_serializing_if = "Option::is_none")] pub events: Option>, /// Specifies object key name filtering rules. For information about key name - /// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) + /// filtering, see Configuring event notifications using object key name filtering + /// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) /// in the Amazon S3 User Guide. #[serde(default, skip_serializing_if = "Option::is_none")] pub filter: Option, @@ -877,7 +973,8 @@ pub struct BucketNotificationTopicConfigurations { } /// Specifies object key name filtering rules. For information about key name -/// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) +/// filtering, see Configuring event notifications using object key name filtering +/// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) /// in the Amazon S3 User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketNotificationTopicConfigurationsFilter { @@ -895,8 +992,15 @@ pub struct BucketNotificationTopicConfigurationsFilterKey { pub filter_rules: Option>, } -/// Specifies the Amazon S3 object key name to filter on and whether to filter -/// on the suffix or prefix of the key name. +/// Specifies the Amazon S3 object key name to filter on. An object key name +/// is the name assigned to an object in your Amazon S3 bucket. You specify whether +/// to filter on the suffix or prefix of the object key name. A prefix is a specific +/// string of characters at the beginning of an object key name, which you can +/// use to organize objects. For example, you can start the key names of related +/// objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule +/// to find objects in a bucket with key names that have the same prefix. A suffix +/// is similar to a prefix, but it is at the end of the object key name instead +/// of at the beginning. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketNotificationTopicConfigurationsFilterKeyFilterRules { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -928,8 +1032,19 @@ pub struct BucketOwnershipControlsRules { /// BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer /// affect permissions. The bucket owner automatically owns and has full control /// over every object in the bucket. The bucket only accepts PUT requests that - /// don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control - /// canned ACL or an equivalent form of this ACL expressed in the XML format. + /// don't specify an ACL or specify bucket owner full control ACLs (such as the + /// predefined bucket-owner-full-control canned ACL or a custom ACL in XML format + /// that grants the same permissions). + /// + /// By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. + /// We recommend keeping ACLs disabled, except in uncommon use cases where you + /// must control access for each object individually. For more information about + /// S3 Object Ownership, see Controlling ownership of objects and disabling ACLs + /// for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + /// in the Amazon S3 User Guide. + /// + /// This functionality is not supported for directory buckets. Directory buckets + /// use the bucket owner enforced setting for S3 Object Ownership. #[serde(default, skip_serializing_if = "Option::is_none", rename = "objectOwnership")] pub object_ownership: Option, } @@ -983,8 +1098,10 @@ pub struct BucketReplicationRules { /// for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC). #[serde(default, skip_serializing_if = "Option::is_none")] pub destination: Option, - /// Optional configuration to replicate existing source bucket objects. For more - /// information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication) + /// Optional configuration to replicate existing source bucket objects. + /// + /// This parameter is no longer supported. To replicate existing objects, see + /// Replicating existing objects with S3 Batch Replication (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-batch.html) /// in the Amazon S3 User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "existingObjectReplication")] pub existing_object_replication: Option, @@ -1042,6 +1159,12 @@ pub struct BucketReplicationRulesDestination { pub bucket: Option, /// Specifies encryption-related information for an Amazon S3 bucket that is /// a destination for replicated objects. + /// + /// If you're specifying a customer managed KMS key, we recommend using a fully + /// qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves + /// the key within the requester’s account. This behavior can result in data + /// that's encrypted with a KMS key that belongs to the requester, and not the + /// bucket owner. #[serde(default, skip_serializing_if = "Option::is_none", rename = "encryptionConfiguration")] pub encryption_configuration: Option, /// A container specifying replication metrics-related settings enabling replication @@ -1067,6 +1190,12 @@ pub struct BucketReplicationRulesDestinationAccessControlTranslation { /// Specifies encryption-related information for an Amazon S3 bucket that is /// a destination for replicated objects. +/// +/// If you're specifying a customer managed KMS key, we recommend using a fully +/// qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves +/// the key within the requester’s account. This behavior can result in data +/// that's encrypted with a KMS key that belongs to the requester, and not the +/// bucket owner. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketReplicationRulesDestinationEncryptionConfiguration { #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicaKMSKeyID")] @@ -1115,8 +1244,10 @@ pub struct BucketReplicationRulesDestinationReplicationTimeTime { pub minutes: Option, } -/// Optional configuration to replicate existing source bucket objects. For more -/// information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication) +/// Optional configuration to replicate existing source bucket objects. +/// +/// This parameter is no longer supported. To replicate existing objects, see +/// Replicating existing objects with S3 Batch Replication (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-batch.html) /// in the Amazon S3 User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketReplicationRulesExistingObjectReplication { @@ -1358,7 +1489,7 @@ pub struct BucketStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/apps.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/apps.rs index ca7d03191..8ef65b1ad 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/apps.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/apps.rs @@ -31,7 +31,6 @@ pub struct AppSpec { /// The instance type and the Amazon Resource Name (ARN) of the SageMaker image /// created on the instance. /// - /// /// The value of InstanceType passed as part of the ResourceSpec in the CreateApp /// call overrides the value passed as part of the ResourceSpec configured for /// the user profile or the domain. If InstanceType is not specified in any of @@ -51,7 +50,6 @@ pub struct AppSpec { /// The instance type and the Amazon Resource Name (ARN) of the SageMaker image /// created on the instance. /// -/// /// The value of InstanceType passed as part of the ResourceSpec in the CreateApp /// call overrides the value passed as part of the ResourceSpec configured for /// the user profile or the domain. If InstanceType is not specified in any of @@ -74,13 +72,11 @@ pub struct AppResourceSpec { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -124,7 +120,6 @@ pub struct AppStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/dataqualityjobdefinitions.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/dataqualityjobdefinitions.rs index 8f46aea1a..7a6a74d39 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/dataqualityjobdefinitions.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/dataqualityjobdefinitions.rs @@ -224,13 +224,11 @@ pub struct DataQualityJobDefinitionStoppingCondition { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -271,7 +269,6 @@ pub struct DataQualityJobDefinitionStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/domains.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/domains.rs index 19ba56fe1..62764258f 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/domains.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/domains.rs @@ -21,11 +21,9 @@ use self::prelude::*; pub struct DomainSpec { /// Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly. /// - /// /// * PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon /// SageMaker, which allows direct internet access /// - /// /// * VpcOnly - All traffic is through the specified VPC and subnets #[serde(default, skip_serializing_if = "Option::is_none", rename = "appNetworkAccessType")] pub app_network_access_type: Option, @@ -42,7 +40,6 @@ pub struct DomainSpec { /// The default settings to use to create a user profile when UserSettings isn't /// specified in the call to the CreateUserProfile API. /// - /// /// SecurityGroups is aggregated when specified in both calls. For all other /// settings in UserSettings, the values specified in CreateUserProfile take /// precedence over those specified in CreateDomain. @@ -57,7 +54,7 @@ pub struct DomainSpec { /// Use KmsKeyId. #[serde(default, skip_serializing_if = "Option::is_none", rename = "homeEFSFileSystemKMSKeyID")] pub home_efs_file_system_kms_key_id: Option, - /// SageMaker uses Amazon Web Services KMS to encrypt the EFS volume attached + /// SageMaker uses Amazon Web Services KMS to encrypt EFS and EBS volumes attached /// to the domain with an Amazon Web Services managed key by default. For more /// control, specify a customer managed key. #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyID")] @@ -69,7 +66,6 @@ pub struct DomainSpec { /// value. Tag keys must be unique per resource. Tags are searchable using the /// Search API. /// - /// /// Tags that you specify for the Domain are also added to all Apps that the /// Domain launches. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -83,7 +79,6 @@ pub struct DomainSpec { /// The default settings to use to create a user profile when UserSettings isn't /// specified in the call to the CreateUserProfile API. /// -/// /// SecurityGroups is aggregated when specified in both calls. For all other /// settings in UserSettings, the values specified in CreateUserProfile take /// precedence over those specified in CreateDomain. @@ -91,7 +86,6 @@ pub struct DomainSpec { pub struct DomainDefaultUserSettings { /// The Code Editor application settings. /// - /// /// For more information about Code Editor, see Get started with Code Editor /// in Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "codeEditorAppSettings")] @@ -126,7 +120,7 @@ pub struct DomainDefaultUserSettings { /// When SharingSettings is not specified, notebook sharing isn't allowed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharingSettings")] pub sharing_settings: Option, - /// The default storage settings for a private space. + /// The default storage settings for a space. #[serde(default, skip_serializing_if = "Option::is_none", rename = "spaceStorageSettings")] pub space_storage_settings: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "studioWebPortal")] @@ -138,7 +132,6 @@ pub struct DomainDefaultUserSettings { /// The Code Editor application settings. /// -/// /// For more information about Code Editor, see Get started with Code Editor /// in Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -330,17 +323,17 @@ pub struct DomainDefaultUserSettingsSharingSettings { pub s3_output_path: Option, } -/// The default storage settings for a private space. +/// The default storage settings for a space. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainDefaultUserSettingsSpaceStorageSettings { - /// A collection of default EBS storage settings that applies to private spaces - /// created within a domain or user profile. + /// A collection of default EBS storage settings that apply to spaces created + /// within a domain or user profile. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultEBSStorageSettings")] pub default_ebs_storage_settings: Option, } -/// A collection of default EBS storage settings that applies to private spaces -/// created within a domain or user profile. +/// A collection of default EBS storage settings that apply to spaces created +/// within a domain or user profile. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainDefaultUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings { #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultEBSVolumeSizeInGb")] @@ -432,13 +425,11 @@ pub struct DomainDomainSettingsRStudioServerProDomainSettingsDefaultResourceSpec /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -488,7 +479,6 @@ pub struct DomainStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpointconfigs.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpointconfigs.rs index 309485c28..aa7d7ad7f 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpointconfigs.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpointconfigs.rs @@ -41,7 +41,6 @@ pub struct EndpointConfigSpec { /// to perform actions on your behalf. For more information, see SageMaker Roles /// (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). /// - /// /// To be able to pass this role to Amazon SageMaker, the caller of this action /// must have the iam:PassRole permission. #[serde(default, skip_serializing_if = "Option::is_none", rename = "executionRoleARN")] @@ -50,28 +49,21 @@ pub struct EndpointConfigSpec { /// key that SageMaker uses to encrypt data on the storage volume attached to /// the ML compute instance that hosts the endpoint. /// - /// /// The KmsKeyId can be any of the following formats: /// - /// /// * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab /// - /// /// * Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab /// - /// /// * Alias name: alias/ExampleAlias /// - /// /// * Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias /// - /// /// The KMS key policy must grant permission to the IAM role that you specify /// in your CreateEndpoint, UpdateEndpoint requests. For more information, refer /// to the Amazon Web Services Key Management Service section Using Key Policies /// in Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) /// - /// /// Certain Nitro-based instances include local storage, dependent on the instance /// type. Local storage volumes are encrypted using a hardware module on the /// instance. You can't request a KmsKeyId when using an instance type with local @@ -81,11 +73,9 @@ pub struct EndpointConfigSpec { /// using any nitro-based instances with local storage, the call to CreateEndpointConfig /// fails. /// - /// /// For a list of instance types that support local instance storage, see Instance /// Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes). /// - /// /// For more information about local instance storage encryption, see SSD Instance /// Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "kmsKeyID")] @@ -282,13 +272,11 @@ pub struct EndpointConfigProductionVariantsServerlessConfig { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -341,7 +329,6 @@ pub struct EndpointConfigStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpoints.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpoints.rs index ff06a6783..52ccc136d 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpoints.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/endpoints.rs @@ -12,7 +12,6 @@ use self::prelude::*; /// EndpointSpec defines the desired state of Endpoint. /// -/// /// A hosted endpoint for real-time inference. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "sagemaker.services.k8s.aws", version = "v1alpha1", kind = "Endpoint", plural = "endpoints")] @@ -106,7 +105,6 @@ pub struct EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurat /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// - /// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -116,7 +114,6 @@ pub struct EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurat /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// - /// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -132,7 +129,6 @@ pub struct EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurat /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// -/// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -148,7 +144,6 @@ pub struct EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurat /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// -/// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -167,7 +162,6 @@ pub struct EndpointDeploymentConfigRollingUpdatePolicy { /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// - /// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -179,7 +173,6 @@ pub struct EndpointDeploymentConfigRollingUpdatePolicy { /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// - /// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -193,7 +186,6 @@ pub struct EndpointDeploymentConfigRollingUpdatePolicy { /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// -/// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -209,7 +201,6 @@ pub struct EndpointDeploymentConfigRollingUpdatePolicyMaximumBatchSize { /// deployment, a rolling deployment, or a rollback strategy. You can specify /// your batches as either instance count or the overall percentage or your fleet. /// -/// /// For a rollback strategy, if you don't specify the fields in this object, /// or if you set the Value to 100%, then SageMaker uses a blue/green rollback /// strategy and rolls all traffic back to the blue fleet. @@ -224,13 +215,11 @@ pub struct EndpointDeploymentConfigRollingUpdatePolicyRollbackMaximumBatchSize { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -263,25 +252,20 @@ pub struct EndpointStatus { pub creation_time: Option, /// The status of the endpoint. /// - /// /// * OutOfService: Endpoint is not available to take incoming requests. /// - /// /// * Creating: CreateEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateEndpoint.html) /// is executing. /// - /// /// * Updating: UpdateEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpoint.html) /// or UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html) /// is executing. /// - /// /// * SystemUpdating: Endpoint is undergoing maintenance and cannot be updated /// or deleted or re-scaled until it has completed. This maintenance operation /// does not change any customer-specified values such as VPC config, KMS /// encryption, model, instance type, or instance count. /// - /// /// * RollingBack: Endpoint fails to scale up or down or change its variant /// weight and is in the process of rolling back to its previous configuration. /// Once the rollback completes, endpoint returns to an InService status. @@ -291,20 +275,16 @@ pub struct EndpointStatus { /// call or when the UpdateEndpointWeightsAndCapacities (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateEndpointWeightsAndCapacities.html) /// operation is called explicitly. /// - /// /// * InService: Endpoint is available to process incoming requests. /// - /// /// * Deleting: DeleteEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html) /// is executing. /// - /// /// * Failed: Endpoint could not be created, updated, or re-scaled. Use the /// FailureReason value returned by DescribeEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeEndpoint.html) /// for information about the failure. DeleteEndpoint (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DeleteEndpoint.html) /// is the only operation that can be performed on a failed endpoint. /// - /// /// * UpdateRollbackFailed: Both the rolling deployment and auto-rollback /// failed. Your endpoint is in service with a mix of the old and new endpoint /// configurations. For information about how to remedy this issue and restore @@ -338,7 +318,6 @@ pub struct EndpointStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, @@ -417,7 +396,6 @@ pub struct EndpointStatusPendingDeploymentSummaryProductionVariantsCurrentServer /// Gets the Amazon EC2 Container Registry path of the docker image of the model /// that is hosted in this ProductionVariant (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ProductionVariant.html). /// -/// /// If you used the registry/repository[:tag] form to specify the image path /// of the primary container when you created the model hosted in this ProductionVariant, /// the path resolves to a path of the form registry/repository[@digest]. A digest @@ -526,7 +504,6 @@ pub struct EndpointStatusProductionVariantsCurrentServerlessConfig { /// Gets the Amazon EC2 Container Registry path of the docker image of the model /// that is hosted in this ProductionVariant (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ProductionVariant.html). /// -/// /// If you used the registry/repository[:tag] form to specify the image path /// of the primary container when you created the model hosted in this ProductionVariant, /// the path resolves to a path of the form registry/repository[@digest]. A digest diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/featuregroups.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/featuregroups.rs index 72b499284..a7ddd397e 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/featuregroups.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/featuregroups.rs @@ -12,7 +12,6 @@ use self::prelude::*; /// FeatureGroupSpec defines the desired state of FeatureGroup. /// -/// /// Amazon SageMaker Feature Store stores features in a collection called Feature /// Group. A Feature Group can be visualized as a table which has rows, with /// a unique identifier for each row where each column in the table is a feature. @@ -30,18 +29,14 @@ pub struct FeatureGroupSpec { pub description: Option, /// The name of the feature that stores the EventTime of a Record in a FeatureGroup. /// - /// /// An EventTime is a point in time when a new event occurs that corresponds /// to the creation or update of a Record in a FeatureGroup. All Records in the /// FeatureGroup must have a corresponding EventTime. /// - /// /// An EventTime can be a String or Fractional. /// - /// /// * Fractional: EventTime feature values must be a Unix timestamp in seconds. /// - /// /// * String: EventTime feature values must be an ISO-8601 string in the format. /// The following formats are supported yyyy-MM-dd'T'HH:mm:ssZ and yyyy-MM-dd'T'HH:mm:ss.SSSZ /// where yyyy, MM, and dd represent the year, month, and day respectively @@ -51,38 +46,32 @@ pub struct FeatureGroupSpec { pub event_time_feature_name: String, /// A list of Feature names and types. Name and Type is compulsory per Feature. /// - /// /// Valid feature FeatureTypes are Integral, Fractional and String. /// - /// /// FeatureNames cannot be any of the following: is_deleted, write_time, api_invocation_time /// - /// /// You can create up to 2,500 FeatureDefinitions per FeatureGroup. #[serde(rename = "featureDefinitions")] pub feature_definitions: Vec, /// The name of the FeatureGroup. The name must be unique within an Amazon Web - /// Services Region in an Amazon Web Services account. The name: - /// + /// Services Region in an Amazon Web Services account. /// - /// * Must start and end with an alphanumeric character. + /// The name: /// + /// * Must start with an alphanumeric character. /// - /// * Can only contain alphanumeric character and hyphens. Spaces are not - /// allowed. + /// * Can only include alphanumeric characters, underscores, and hyphens. + /// Spaces are not allowed. #[serde(rename = "featureGroupName")] pub feature_group_name: String, /// Use this to configure an OfflineFeatureStore. This parameter allows you to /// specify: /// - /// /// * The Amazon Simple Storage Service (Amazon S3) location of an OfflineStore. /// - /// /// * A configuration for an Amazon Web Services Glue or Amazon Web Services /// Hive data catalog. /// - /// /// * An KMS encryption key to encrypt the Amazon S3 location used for OfflineStore. /// If KMS encryption key is not specified, by default we encrypt all data /// at rest using Amazon Web Services KMS key. By defining your bucket-level @@ -90,22 +79,18 @@ pub struct FeatureGroupSpec { /// for SSE, you can reduce Amazon Web Services KMS requests costs by up to /// 99 percent. /// - /// /// * Format for the offline store table. Supported formats are Glue (Default) /// and Apache Iceberg (https://iceberg.apache.org/). /// - /// /// To learn more about this parameter, see OfflineStoreConfig (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OfflineStoreConfig.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "offlineStoreConfig")] pub offline_store_config: Option, /// You can turn the OnlineStore on or off by specifying True for the EnableOnlineStore /// flag in OnlineStoreConfig. /// - /// /// You can also include an Amazon Web Services KMS key ID (KMSKeyId) for at-rest /// encryption of the OnlineStore. /// - /// /// The default value is False. #[serde(default, skip_serializing_if = "Option::is_none", rename = "onlineStoreConfig")] pub online_store_config: Option, @@ -114,15 +99,11 @@ pub struct FeatureGroupSpec { /// stored in the OnlineStore. RecordIdentifierFeatureName must be one of feature /// definitions' names. /// - /// /// You use the RecordIdentifierFeatureName to access data in a FeatureStore. /// - /// /// This name: /// - /// - /// * Must start and end with an alphanumeric character. - /// + /// * Must start with an alphanumeric character. /// /// * Can only contains alphanumeric characters, hyphens, underscores. Spaces /// are not allowed. @@ -145,7 +126,6 @@ pub struct FeatureGroupSpec { /// to require, and you are billed based on those limits. Exceeding provisioned /// throughput will result in your requests being throttled. /// - /// /// Note: PROVISIONED throughput mode is supported only for feature groups that /// are offline-only, or use the Standard (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) /// tier online store. @@ -186,14 +166,11 @@ pub struct FeatureGroupFeatureDefinitionsCollectionConfigVectorConfig { /// Use this to configure an OfflineFeatureStore. This parameter allows you to /// specify: /// -/// /// * The Amazon Simple Storage Service (Amazon S3) location of an OfflineStore. /// -/// /// * A configuration for an Amazon Web Services Glue or Amazon Web Services /// Hive data catalog. /// -/// /// * An KMS encryption key to encrypt the Amazon S3 location used for OfflineStore. /// If KMS encryption key is not specified, by default we encrypt all data /// at rest using Amazon Web Services KMS key. By defining your bucket-level @@ -201,11 +178,9 @@ pub struct FeatureGroupFeatureDefinitionsCollectionConfigVectorConfig { /// for SSE, you can reduce Amazon Web Services KMS requests costs by up to /// 99 percent. /// -/// /// * Format for the offline store table. Supported formats are Glue (Default) /// and Apache Iceberg (https://iceberg.apache.org/). /// -/// /// To learn more about this parameter, see OfflineStoreConfig (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OfflineStoreConfig.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FeatureGroupOfflineStoreConfig { @@ -214,7 +189,7 @@ pub struct FeatureGroupOfflineStoreConfig { pub data_catalog_config: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableGlueTableCreation")] pub disable_glue_table_creation: Option, - /// The Amazon Simple Storage (Amazon S3) location and and security configuration + /// The Amazon Simple Storage (Amazon S3) location and security configuration /// for OfflineStore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "s3StorageConfig")] pub s3_storage_config: Option, @@ -231,7 +206,7 @@ pub struct FeatureGroupOfflineStoreConfigDataCatalogConfig { pub table_name: Option, } -/// The Amazon Simple Storage (Amazon S3) location and and security configuration +/// The Amazon Simple Storage (Amazon S3) location and security configuration /// for OfflineStore. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FeatureGroupOfflineStoreConfigS3StorageConfig { @@ -246,11 +221,9 @@ pub struct FeatureGroupOfflineStoreConfigS3StorageConfig { /// You can turn the OnlineStore on or off by specifying True for the EnableOnlineStore /// flag in OnlineStoreConfig. /// -/// /// You can also include an Amazon Web Services KMS key ID (KMSKeyId) for at-rest /// encryption of the OnlineStore. /// -/// /// The default value is False. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FeatureGroupOnlineStoreConfig { @@ -291,13 +264,11 @@ pub struct FeatureGroupOnlineStoreConfigTtlDuration { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -321,7 +292,6 @@ pub struct FeatureGroupTags { /// to require, and you are billed based on those limits. Exceeding provisioned /// throughput will result in your requests being throttled. /// -/// /// Note: PROVISIONED throughput mode is supported only for feature groups that /// are offline-only, or use the Standard (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) /// tier online store. @@ -352,10 +322,8 @@ pub struct FeatureGroupStatus { /// The reason that the FeatureGroup failed to be replicated in the OfflineStore. /// This is failure can occur because: /// - /// /// * The FeatureGroup could not be created in the OfflineStore. /// - /// /// * The FeatureGroup could not be deleted from the OfflineStore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureReason")] pub failure_reason: Option, @@ -375,7 +343,6 @@ pub struct FeatureGroupStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/hyperparametertuningjobs.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/hyperparametertuningjobs.rs index 7171fe0bb..ee0efa741 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/hyperparametertuningjobs.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/hyperparametertuningjobs.rs @@ -23,33 +23,27 @@ pub struct HyperParameterTuningJobSpec { /// Configures SageMaker Automatic model tuning (AMT) to automatically find optimal /// parameters for the following fields: /// - /// /// * ParameterRanges (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-ParameterRanges): /// The names and ranges of parameters that a hyperparameter tuning job can /// optimize. /// - /// /// * ResourceLimits (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ResourceLimits.html): /// The maximum resources that can be used for a training job. These resources /// include the maximum number of training jobs, the maximum runtime of a /// tuning job, and the maximum number of training jobs to run at the same /// time. /// - /// /// * TrainingJobEarlyStoppingType (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-TrainingJobEarlyStoppingType): /// A flag that specifies whether or not to use early stopping for training /// jobs launched by a hyperparameter tuning job. /// - /// /// * RetryStrategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTrainingJobDefinition.html#sagemaker-Type-HyperParameterTrainingJobDefinition-RetryStrategy): /// The number of times to retry a training job. /// - /// /// * Strategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html): /// Specifies how hyperparameter tuning chooses the combinations of hyperparameter /// values to use for the training jobs that it launches. /// - /// /// * ConvergenceDetected (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ConvergenceDetected.html): /// A flag to indicate that Automatic model tuning (AMT) has detected model /// convergence. @@ -74,7 +68,6 @@ pub struct HyperParameterTuningJobSpec { /// environment. For more information, see Tagging Amazon Web Services Resources /// (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// - /// /// Tags that you specify for the tuning job are also added to all training jobs /// that the tuning job launches. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -94,7 +87,6 @@ pub struct HyperParameterTuningJobSpec { /// tuning jobs are used to inform which combinations of hyperparameters to search /// over in the new tuning job. /// - /// /// All training jobs launched by the new hyperparameter tuning job are evaluated /// by using the objective metric. If you specify IDENTICAL_DATA_AND_ALGORITHM /// as the WarmStartType value for the warm start configuration, the training @@ -103,7 +95,6 @@ pub struct HyperParameterTuningJobSpec { /// performs the best as measured by the objective metric is returned as the /// overall best training job. /// - /// /// All training jobs launched by parent hyperparameter tuning jobs and the new /// hyperparameter tuning jobs count against the limit of training jobs for the /// tuning job. @@ -114,33 +105,27 @@ pub struct HyperParameterTuningJobSpec { /// Configures SageMaker Automatic model tuning (AMT) to automatically find optimal /// parameters for the following fields: /// -/// /// * ParameterRanges (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-ParameterRanges): /// The names and ranges of parameters that a hyperparameter tuning job can /// optimize. /// -/// /// * ResourceLimits (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ResourceLimits.html): /// The maximum resources that can be used for a training job. These resources /// include the maximum number of training jobs, the maximum runtime of a /// tuning job, and the maximum number of training jobs to run at the same /// time. /// -/// /// * TrainingJobEarlyStoppingType (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html#sagemaker-Type-HyperParameterTuningJobConfig-TrainingJobEarlyStoppingType): /// A flag that specifies whether or not to use early stopping for training /// jobs launched by a hyperparameter tuning job. /// -/// /// * RetryStrategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTrainingJobDefinition.html#sagemaker-Type-HyperParameterTrainingJobDefinition-RetryStrategy): /// The number of times to retry a training job. /// -/// /// * Strategy (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_HyperParameterTuningJobConfig.html): /// Specifies how hyperparameter tuning chooses the combinations of hyperparameter /// values to use for the training jobs that it launches. /// -/// /// * ConvergenceDetected (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_ConvergenceDetected.html): /// A flag to indicate that Automatic model tuning (AMT) has detected model /// convergence. @@ -172,7 +157,6 @@ pub struct HyperParameterTuningJobHyperParameterTuningJobConfig { /// performance as measured by the objective metric of the hyperparameter tuning /// job. /// - /// /// The maximum number of items specified for Array Members refers to the maximum /// number of hyperparameters for each range and also the maximum for the hyperparameter /// tuning job itself. That is, the sum of the number of hyperparameters for @@ -215,7 +199,6 @@ pub struct HyperParameterTuningJobHyperParameterTuningJobConfigHyperParameterTun /// performance as measured by the objective metric of the hyperparameter tuning /// job. /// -/// /// The maximum number of items specified for Array Members refers to the maximum /// number of hyperparameters for each range and also the maximum for the hyperparameter /// tuning job itself. That is, the sum of the number of hyperparameters for @@ -300,13 +283,11 @@ pub struct HyperParameterTuningJobHyperParameterTuningJobConfigTuningJobCompleti /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -349,7 +330,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinition { /// performance as measured by the objective metric of the hyperparameter tuning /// job. /// - /// /// The maximum number of items specified for Array Members refers to the maximum /// number of hyperparameters for each range and also the maximum for the hyperparameter /// tuning job itself. That is, the sum of the number of hyperparameters for @@ -375,17 +355,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinition { pub role_arn: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "staticHyperParameters")] pub static_hyper_parameters: Option>, - /// Specifies a limit to how long a model training job or model compilation job - /// can run. It also specifies how long a managed spot training job has to complete. - /// When the job reaches the time limit, SageMaker ends the training or compilation - /// job. Use this API to cap model training costs. - /// + /// Specifies a limit to how long a job can run. When the job reaches the time + /// limit, SageMaker ends the job. Use this API to cap costs. /// /// To stop a training job, SageMaker sends the algorithm the SIGTERM signal, /// which delays job termination for 120 seconds. Algorithms can use this 120-second /// window to save the model artifacts, so the results of training are not lost. /// - /// /// The training algorithms provided by SageMaker automatically save the intermediate /// results of a model training job when possible. This attempt to save artifacts /// is only a best effort case as model might not be in a state from which it @@ -393,7 +369,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinition { /// not be ready to save. When saved, this intermediate data is a valid model /// artifact. You can use it to create a model with CreateModel. /// - /// /// The Neural Topic Model (NTM) currently does not support saving intermediate /// model artifacts. When training NTMs, make sure that the maximum runtime is /// sufficient for the training job to complete. @@ -428,28 +403,22 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionAlgorithmSpecification { /// The training input mode that the algorithm supports. For more information /// about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). /// - /// /// Pipe mode /// - /// /// If an algorithm supports Pipe mode, Amazon SageMaker streams data directly /// from Amazon S3 to the container. /// - /// /// File mode /// - /// /// If an algorithm supports File mode, SageMaker downloads the training data /// from S3 to the provisioned ML storage volume, and mounts the directory to /// the Docker volume for the training container. /// - /// /// You must provision the ML storage volume with sufficient capacity to accommodate /// the data downloaded from S3. In addition to the training data, the ML storage /// volume also stores the output model. The algorithm container uses the ML /// storage volume to also store intermediate information, if any. /// - /// /// For distributed algorithms, training data is distributed uniformly. Your /// training duration is predictable if the input data objects sizes are approximately /// the same. SageMaker does not split the files any further for model training. @@ -457,16 +426,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionAlgorithmSpecification { /// is also skewed when one host in a training cluster is overloaded, thus becoming /// a bottleneck in training. /// - /// /// FastFile mode /// - /// /// If an algorithm supports FastFile mode, SageMaker streams data directly from /// S3 to the container with no code changes, and provides file system access /// to the data. Users can author their training script to interact with these /// files as if they were stored on disk. /// - /// /// FastFile mode works best when the data is read sequentially. Augmented manifest /// files aren't supported. The startup time is lower when there are fewer files /// in the S3 bucket provided. @@ -506,7 +472,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionCheckpointConfig { /// performance as measured by the objective metric of the hyperparameter tuning /// job. /// -/// /// The maximum number of items specified for Array Members refers to the maximum /// number of hyperparameters for each range and also the maximum for the hyperparameter /// tuning job itself. That is, the sum of the number of hyperparameters for @@ -586,28 +551,22 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionInputDataConfig { /// The training input mode that the algorithm supports. For more information /// about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). /// - /// /// Pipe mode /// - /// /// If an algorithm supports Pipe mode, Amazon SageMaker streams data directly /// from Amazon S3 to the container. /// - /// /// File mode /// - /// /// If an algorithm supports File mode, SageMaker downloads the training data /// from S3 to the provisioned ML storage volume, and mounts the directory to /// the Docker volume for the training container. /// - /// /// You must provision the ML storage volume with sufficient capacity to accommodate /// the data downloaded from S3. In addition to the training data, the ML storage /// volume also stores the output model. The algorithm container uses the ML /// storage volume to also store intermediate information, if any. /// - /// /// For distributed algorithms, training data is distributed uniformly. Your /// training duration is predictable if the input data objects sizes are approximately /// the same. SageMaker does not split the files any further for model training. @@ -615,16 +574,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionInputDataConfig { /// is also skewed when one host in a training cluster is overloaded, thus becoming /// a bottleneck in training. /// - /// /// FastFile mode /// - /// /// If an algorithm supports FastFile mode, SageMaker streams data directly from /// S3 to the container with no code changes, and provides file system access /// to the data. Users can author their training script to interact with these /// files as if they were stored on disk. /// - /// /// FastFile mode works best when the data is read sequentially. Augmented manifest /// files aren't supported. The startup time is lower when there are fewer files /// in the S3 bucket provided. @@ -639,7 +595,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionInputDataConfig { /// of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling /// order is determined using the Seed value. /// - /// /// For Pipe input mode, when ShuffleConfig is specified shuffling is done at /// the start of every epoch. With large datasets, this ensures that the order /// of the training data is different for each epoch, and it helps reduce bias @@ -659,7 +614,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionInputDataConfigDataSource pub file_system_data_source: Option, /// Describes the S3 data source. /// - /// /// Your input bucket must be in the same Amazon Web Services region as your /// training job. #[serde(default, skip_serializing_if = "Option::is_none", rename = "s3DataSource")] @@ -681,7 +635,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionInputDataConfigDataSource /// Describes the S3 data source. /// -/// /// Your input bucket must be in the same Amazon Web Services region as your /// training job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -705,7 +658,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionInputDataConfigDataSource /// of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling /// order is determined using the Seed value. /// -/// /// For Pipe input mode, when ShuffleConfig is specified shuffling is done at /// the start of every epoch. With large datasets, this ensures that the order /// of the training data is different for each epoch, and it helps reduce bias @@ -773,17 +725,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionRetryStrategy { pub maximum_retry_attempts: Option, } -/// Specifies a limit to how long a model training job or model compilation job -/// can run. It also specifies how long a managed spot training job has to complete. -/// When the job reaches the time limit, SageMaker ends the training or compilation -/// job. Use this API to cap model training costs. -/// +/// Specifies a limit to how long a job can run. When the job reaches the time +/// limit, SageMaker ends the job. Use this API to cap costs. /// /// To stop a training job, SageMaker sends the algorithm the SIGTERM signal, /// which delays job termination for 120 seconds. Algorithms can use this 120-second /// window to save the model artifacts, so the results of training are not lost. /// -/// /// The training algorithms provided by SageMaker automatically save the intermediate /// results of a model training job when possible. This attempt to save artifacts /// is only a best effort case as model might not be in a state from which it @@ -791,7 +739,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionRetryStrategy { /// not be ready to save. When saved, this intermediate data is a valid model /// artifact. You can use it to create a model with CreateModel. /// -/// /// The Neural Topic Model (NTM) currently does not support saving intermediate /// model artifacts. When training NTMs, make sure that the maximum runtime is /// sufficient for the training job to complete. @@ -858,7 +805,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitions { /// performance as measured by the objective metric of the hyperparameter tuning /// job. /// - /// /// The maximum number of items specified for Array Members refers to the maximum /// number of hyperparameters for each range and also the maximum for the hyperparameter /// tuning job itself. That is, the sum of the number of hyperparameters for @@ -884,17 +830,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinitions { pub role_arn: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "staticHyperParameters")] pub static_hyper_parameters: Option>, - /// Specifies a limit to how long a model training job or model compilation job - /// can run. It also specifies how long a managed spot training job has to complete. - /// When the job reaches the time limit, SageMaker ends the training or compilation - /// job. Use this API to cap model training costs. - /// + /// Specifies a limit to how long a job can run. When the job reaches the time + /// limit, SageMaker ends the job. Use this API to cap costs. /// /// To stop a training job, SageMaker sends the algorithm the SIGTERM signal, /// which delays job termination for 120 seconds. Algorithms can use this 120-second /// window to save the model artifacts, so the results of training are not lost. /// - /// /// The training algorithms provided by SageMaker automatically save the intermediate /// results of a model training job when possible. This attempt to save artifacts /// is only a best effort case as model might not be in a state from which it @@ -902,7 +844,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitions { /// not be ready to save. When saved, this intermediate data is a valid model /// artifact. You can use it to create a model with CreateModel. /// - /// /// The Neural Topic Model (NTM) currently does not support saving intermediate /// model artifacts. When training NTMs, make sure that the maximum runtime is /// sufficient for the training job to complete. @@ -937,28 +878,22 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsAlgorithmSpecification { /// The training input mode that the algorithm supports. For more information /// about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). /// - /// /// Pipe mode /// - /// /// If an algorithm supports Pipe mode, Amazon SageMaker streams data directly /// from Amazon S3 to the container. /// - /// /// File mode /// - /// /// If an algorithm supports File mode, SageMaker downloads the training data /// from S3 to the provisioned ML storage volume, and mounts the directory to /// the Docker volume for the training container. /// - /// /// You must provision the ML storage volume with sufficient capacity to accommodate /// the data downloaded from S3. In addition to the training data, the ML storage /// volume also stores the output model. The algorithm container uses the ML /// storage volume to also store intermediate information, if any. /// - /// /// For distributed algorithms, training data is distributed uniformly. Your /// training duration is predictable if the input data objects sizes are approximately /// the same. SageMaker does not split the files any further for model training. @@ -966,16 +901,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsAlgorithmSpecification { /// is also skewed when one host in a training cluster is overloaded, thus becoming /// a bottleneck in training. /// - /// /// FastFile mode /// - /// /// If an algorithm supports FastFile mode, SageMaker streams data directly from /// S3 to the container with no code changes, and provides file system access /// to the data. Users can author their training script to interact with these /// files as if they were stored on disk. /// - /// /// FastFile mode works best when the data is read sequentially. Augmented manifest /// files aren't supported. The startup time is lower when there are fewer files /// in the S3 bucket provided. @@ -1015,7 +947,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsCheckpointConfig { /// performance as measured by the objective metric of the hyperparameter tuning /// job. /// -/// /// The maximum number of items specified for Array Members refers to the maximum /// number of hyperparameters for each range and also the maximum for the hyperparameter /// tuning job itself. That is, the sum of the number of hyperparameters for @@ -1095,28 +1026,22 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsInputDataConfig { /// The training input mode that the algorithm supports. For more information /// about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). /// - /// /// Pipe mode /// - /// /// If an algorithm supports Pipe mode, Amazon SageMaker streams data directly /// from Amazon S3 to the container. /// - /// /// File mode /// - /// /// If an algorithm supports File mode, SageMaker downloads the training data /// from S3 to the provisioned ML storage volume, and mounts the directory to /// the Docker volume for the training container. /// - /// /// You must provision the ML storage volume with sufficient capacity to accommodate /// the data downloaded from S3. In addition to the training data, the ML storage /// volume also stores the output model. The algorithm container uses the ML /// storage volume to also store intermediate information, if any. /// - /// /// For distributed algorithms, training data is distributed uniformly. Your /// training duration is predictable if the input data objects sizes are approximately /// the same. SageMaker does not split the files any further for model training. @@ -1124,16 +1049,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsInputDataConfig { /// is also skewed when one host in a training cluster is overloaded, thus becoming /// a bottleneck in training. /// - /// /// FastFile mode /// - /// /// If an algorithm supports FastFile mode, SageMaker streams data directly from /// S3 to the container with no code changes, and provides file system access /// to the data. Users can author their training script to interact with these /// files as if they were stored on disk. /// - /// /// FastFile mode works best when the data is read sequentially. Augmented manifest /// files aren't supported. The startup time is lower when there are fewer files /// in the S3 bucket provided. @@ -1148,7 +1070,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsInputDataConfig { /// of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling /// order is determined using the Seed value. /// - /// /// For Pipe input mode, when ShuffleConfig is specified shuffling is done at /// the start of every epoch. With large datasets, this ensures that the order /// of the training data is different for each epoch, and it helps reduce bias @@ -1168,7 +1089,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsInputDataConfigDataSourc pub file_system_data_source: Option, /// Describes the S3 data source. /// - /// /// Your input bucket must be in the same Amazon Web Services region as your /// training job. #[serde(default, skip_serializing_if = "Option::is_none", rename = "s3DataSource")] @@ -1190,7 +1110,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsInputDataConfigDataSourc /// Describes the S3 data source. /// -/// /// Your input bucket must be in the same Amazon Web Services region as your /// training job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1214,7 +1133,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsInputDataConfigDataSourc /// of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling /// order is determined using the Seed value. /// -/// /// For Pipe input mode, when ShuffleConfig is specified shuffling is done at /// the start of every epoch. With large datasets, this ensures that the order /// of the training data is different for each epoch, and it helps reduce bias @@ -1282,17 +1200,13 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsRetryStrategy { pub maximum_retry_attempts: Option, } -/// Specifies a limit to how long a model training job or model compilation job -/// can run. It also specifies how long a managed spot training job has to complete. -/// When the job reaches the time limit, SageMaker ends the training or compilation -/// job. Use this API to cap model training costs. -/// +/// Specifies a limit to how long a job can run. When the job reaches the time +/// limit, SageMaker ends the job. Use this API to cap costs. /// /// To stop a training job, SageMaker sends the algorithm the SIGTERM signal, /// which delays job termination for 120 seconds. Algorithms can use this 120-second /// window to save the model artifacts, so the results of training are not lost. /// -/// /// The training algorithms provided by SageMaker automatically save the intermediate /// results of a model training job when possible. This attempt to save artifacts /// is only a best effort case as model might not be in a state from which it @@ -1300,7 +1214,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsRetryStrategy { /// not be ready to save. When saved, this intermediate data is a valid model /// artifact. You can use it to create a model with CreateModel. /// -/// /// The Neural Topic Model (NTM) currently does not support saving intermediate /// model artifacts. When training NTMs, make sure that the maximum runtime is /// sufficient for the training job to complete. @@ -1346,7 +1259,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsVpcConfig { /// tuning jobs are used to inform which combinations of hyperparameters to search /// over in the new tuning job. /// -/// /// All training jobs launched by the new hyperparameter tuning job are evaluated /// by using the objective metric. If you specify IDENTICAL_DATA_AND_ALGORITHM /// as the WarmStartType value for the warm start configuration, the training @@ -1355,7 +1267,6 @@ pub struct HyperParameterTuningJobTrainingJobDefinitionsVpcConfig { /// performs the best as measured by the objective metric is returned as the /// overall best training job. /// -/// /// All training jobs launched by parent hyperparameter tuning jobs and the new /// hyperparameter tuning jobs count against the limit of training jobs for the /// tuning job. @@ -1420,7 +1331,6 @@ pub struct HyperParameterTuningJobStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelbiasjobdefinitions.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelbiasjobdefinitions.rs index 11061eb3c..ab8c7944b 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelbiasjobdefinitions.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelbiasjobdefinitions.rs @@ -217,13 +217,11 @@ pub struct ModelBiasJobDefinitionStoppingCondition { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -264,7 +262,6 @@ pub struct ModelBiasJobDefinitionStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelexplainabilityjobdefinitions.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelexplainabilityjobdefinitions.rs index 39d371823..90accb9e2 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelexplainabilityjobdefinitions.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelexplainabilityjobdefinitions.rs @@ -209,13 +209,11 @@ pub struct ModelExplainabilityJobDefinitionStoppingCondition { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -256,7 +254,6 @@ pub struct ModelExplainabilityJobDefinitionStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackagegroups.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackagegroups.rs index cef8511e9..f74fa46fd 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackagegroups.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackagegroups.rs @@ -12,7 +12,6 @@ use self::prelude::*; /// ModelPackageGroupSpec defines the desired state of ModelPackageGroup. /// -/// /// A group of versioned models in the model registry. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "sagemaker.services.k8s.aws", version = "v1alpha1", kind = "ModelPackageGroup", plural = "modelpackagegroups")] @@ -38,13 +37,11 @@ pub struct ModelPackageGroupSpec { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -88,7 +85,6 @@ pub struct ModelPackageGroupStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackages.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackages.rs index ba9090036..5cf8dfdd4 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackages.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelpackages.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// ModelPackageSpec defines the desired state of ModelPackage. /// -/// /// A versioned model that can be deployed for SageMaker inference. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "sagemaker.services.k8s.aws", version = "v1alpha1", kind = "ModelPackage", plural = "modelpackages")] @@ -34,7 +33,6 @@ pub struct ModelPackageSpec { pub approval_description: Option, /// Whether to certify the model package for listing on Amazon Web Services Marketplace. /// - /// /// This parameter is optional for unversioned models, and does not apply to /// versioned models. #[serde(default, skip_serializing_if = "Option::is_none", rename = "certifyForMarketplace")] @@ -55,18 +53,15 @@ pub struct ModelPackageSpec { /// in the Amazon SageMaker Developer Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "driftCheckBaselines")] pub drift_check_baselines: Option, - /// Specifies details about inference jobs that can be run with models based - /// on this model package, including the following: - /// + /// Specifies details about inference jobs that you can run with models based + /// on this model package, including the following information: /// /// * The Amazon ECR paths of containers that contain the inference code and /// model artifacts. /// - /// /// * The instance types that the model package supports for transform jobs /// and real-time endpoints used for inference. /// - /// /// * The input and output content formats that the model package supports /// for inference. #[serde(default, skip_serializing_if = "Option::is_none", rename = "inferenceSpecification")] @@ -76,11 +71,9 @@ pub struct ModelPackageSpec { pub metadata_properties: Option, /// Whether the model is approved for deployment. /// - /// /// This parameter is optional for versioned models, and does not apply to unversioned /// models. /// - /// /// For versioned models, the value of this parameter must be set to Approved /// to deploy the model. #[serde(default, skip_serializing_if = "Option::is_none", rename = "modelApprovalStatus")] @@ -94,7 +87,6 @@ pub struct ModelPackageSpec { /// The name or Amazon Resource Name (ARN) of the model package group that this /// model version belongs to. /// - /// /// This parameter is required for versioned models, and does not apply to unversioned /// models. #[serde(default, skip_serializing_if = "Option::is_none", rename = "modelPackageGroupName")] @@ -102,7 +94,6 @@ pub struct ModelPackageSpec { /// The name of the model package. The name must have 1 to 63 characters. Valid /// characters are a-z, A-Z, 0-9, and - (hyphen). /// - /// /// This parameter is required for unversioned models. It is not applicable to /// versioned models. #[serde(default, skip_serializing_if = "Option::is_none", rename = "modelPackageName")] @@ -125,7 +116,6 @@ pub struct ModelPackageSpec { /// see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) /// in the Amazon Web Services General Reference Guide. /// - /// /// If you supply ModelPackageGroupName, your model package belongs to the model /// group you specify and uses the tags associated with the model group. In this /// case, you cannot supply a tag argument. @@ -137,7 +127,6 @@ pub struct ModelPackageSpec { /// | "TEXT_GENERATION" |"IMAGE_SEGMENTATION" | "FILL_MASK" | "CLASSIFICATION" /// | "REGRESSION" | "OTHER". /// - /// /// Specify "OTHER" if none of the tasks listed fit your use case. #[serde(default, skip_serializing_if = "Option::is_none")] pub task: Option, @@ -391,18 +380,15 @@ pub struct ModelPackageDriftCheckBaselinesModelQualityStatistics { pub s3_uri: Option, } -/// Specifies details about inference jobs that can be run with models based -/// on this model package, including the following: -/// +/// Specifies details about inference jobs that you can run with models based +/// on this model package, including the following information: /// /// * The Amazon ECR paths of containers that contain the inference code and /// model artifacts. /// -/// /// * The instance types that the model package supports for transform jobs /// and real-time endpoints used for inference. /// -/// /// * The input and output content formats that the model package supports /// for inference. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -651,13 +637,11 @@ pub struct ModelPackageSourceAlgorithmSpecificationSourceAlgorithms { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -684,7 +668,6 @@ pub struct ModelPackageValidationSpecification { /// Contains data, such as the inputs and targeted instance types that are used /// in the process of validating the model package. /// -/// /// The data provided in the validation profile is made available to your buyers /// on Amazon Web Services Marketplace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -818,7 +801,6 @@ pub struct ModelPackageStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelqualityjobdefinitions.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelqualityjobdefinitions.rs index 93a0e1cc1..f6e3655cd 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelqualityjobdefinitions.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/modelqualityjobdefinitions.rs @@ -224,13 +224,11 @@ pub struct ModelQualityJobDefinitionStoppingCondition { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -271,7 +269,6 @@ pub struct ModelQualityJobDefinitionStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/models.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/models.rs index 351d903bc..8b71b269d 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/models.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/models.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// ModelSpec defines the desired state of Model. /// -/// /// The properties of a model as returned by the Search (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_Search.html) /// API. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -36,7 +35,6 @@ pub struct ModelSpec { /// or for batch transform jobs. Deploying on ML compute instances is part of /// model hosting. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). /// - /// /// To be able to pass this role to SageMaker, the caller of this API must have /// the iam:PassRole permission. #[serde(default, skip_serializing_if = "Option::is_none", rename = "executionRoleARN")] @@ -143,11 +141,9 @@ pub struct ModelContainersModelDataSourceS3DataSource { /// explicitly accept the model end-user license agreement (EULA) within the /// ModelAccessConfig. /// - /// /// * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula) /// section for more details on accepting the EULA. /// - /// /// * If you are an AutoML user, see the Optional Parameters section of Create /// an AutoML job to fine-tune text generation models using the API for details /// on How to set the EULA acceptance when fine-tuning a model using the AutoML @@ -164,11 +160,9 @@ pub struct ModelContainersModelDataSourceS3DataSource { /// explicitly accept the model end-user license agreement (EULA) within the /// ModelAccessConfig. /// -/// /// * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula) /// section for more details on accepting the EULA. /// -/// /// * If you are an AutoML user, see the Optional Parameters section of Create /// an AutoML job to fine-tune text generation models using the API for details /// on How to set the EULA acceptance when fine-tuning a model using the AutoML @@ -269,11 +263,9 @@ pub struct ModelPrimaryContainerModelDataSourceS3DataSource { /// explicitly accept the model end-user license agreement (EULA) within the /// ModelAccessConfig. /// - /// /// * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula) /// section for more details on accepting the EULA. /// - /// /// * If you are an AutoML user, see the Optional Parameters section of Create /// an AutoML job to fine-tune text generation models using the API for details /// on How to set the EULA acceptance when fine-tuning a model using the AutoML @@ -290,11 +282,9 @@ pub struct ModelPrimaryContainerModelDataSourceS3DataSource { /// explicitly accept the model end-user license agreement (EULA) within the /// ModelAccessConfig. /// -/// /// * If you are a Jumpstart user, see the End-user license agreements (https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula) /// section for more details on accepting the EULA. /// -/// /// * If you are an AutoML user, see the Optional Parameters section of Create /// an AutoML job to fine-tune text generation models using the API for details /// on How to set the EULA acceptance when fine-tuning a model using the AutoML @@ -315,13 +305,11 @@ pub struct ModelPrimaryContainerMultiModelConfig { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -377,7 +365,6 @@ pub struct ModelStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/monitoringschedules.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/monitoringschedules.rs index 71eb2e9be..2ff64d9cd 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/monitoringschedules.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/monitoringschedules.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// MonitoringScheduleSpec defines the desired state of MonitoringSchedule. /// -/// /// A schedule for a model monitoring job. For information about model monitor, /// see Amazon SageMaker Model Monitor (https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor.html). #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -270,13 +269,11 @@ pub struct MonitoringScheduleMonitoringScheduleConfigScheduleConfig { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -333,7 +330,6 @@ pub struct MonitoringScheduleStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstancelifecycleconfigs.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstancelifecycleconfigs.rs index 5fea9ef71..37b507250 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstancelifecycleconfigs.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstancelifecycleconfigs.rs @@ -35,23 +35,18 @@ pub struct NotebookInstanceLifecycleConfigSpec { /// Contains the notebook instance lifecycle configuration script. /// -/// /// Each lifecycle configuration script has a limit of 16384 characters. /// -/// /// The value of the $PATH environment variable that is available to both scripts /// is /sbin:bin:/usr/sbin:/usr/bin. /// -/// /// View Amazon CloudWatch Logs for notebook instance lifecycle configurations /// in log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook]. /// -/// /// Lifecycle configuration scripts cannot run for longer than 5 minutes. If /// a script runs for longer than 5 minutes, it fails and the notebook instance /// is not created or started. /// -/// /// For information about notebook instance lifestyle configurations, see Step /// 2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -62,23 +57,18 @@ pub struct NotebookInstanceLifecycleConfigOnCreate { /// Contains the notebook instance lifecycle configuration script. /// -/// /// Each lifecycle configuration script has a limit of 16384 characters. /// -/// /// The value of the $PATH environment variable that is available to both scripts /// is /sbin:bin:/usr/sbin:/usr/bin. /// -/// /// View Amazon CloudWatch Logs for notebook instance lifecycle configurations /// in log group /aws/sagemaker/NotebookInstances in log stream [notebook-instance-name]/[LifecycleConfigHook]. /// -/// /// Lifecycle configuration scripts cannot run for longer than 5 minutes. If /// a script runs for longer than 5 minutes, it fails and the notebook instance /// is not created or started. /// -/// /// For information about notebook instance lifestyle configurations, see Step /// 2.1: (Optional) Customize a Notebook Instance (https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -120,7 +110,6 @@ pub struct NotebookInstanceLifecycleConfigStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstances.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstances.rs index 09441cf40..78f4eb82f 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstances.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/notebookinstances.rs @@ -19,10 +19,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct NotebookInstanceSpec { - /// A list of Elastic Inference (EI) instance types to associate with this notebook - /// instance. Currently, only one instance type can be associated with a notebook - /// instance. For more information, see Using Elastic Inference in Amazon SageMaker - /// (https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html). + /// This parameter is no longer supported. Elastic Inference (EI) is no longer + /// available. + /// + /// This parameter was used to specify a list of EI instance types to associate + /// with this notebook instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "acceleratorTypes")] pub accelerator_types: Option>, /// An array of up to three Git repositories to associate with the notebook instance. @@ -48,7 +49,6 @@ pub struct NotebookInstanceSpec { /// only in your VPC, and is not be able to connect to SageMaker training and /// endpoint services unless you configure a NAT Gateway in your VPC. /// - /// /// For more information, see Notebook Instances Are Internet-Enabled by Default /// (https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access). /// You can set the value of this parameter to Disabled only if you set a value @@ -83,7 +83,6 @@ pub struct NotebookInstanceSpec { /// permissions to assume this role. For more information, see SageMaker Roles /// (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). /// - /// /// To be able to pass this role to SageMaker, the caller of this API must have /// the iam:PassRole permission. #[serde(rename = "roleARN")] @@ -91,7 +90,6 @@ pub struct NotebookInstanceSpec { /// Whether root access is enabled or disabled for users of the notebook instance. /// The default value is Enabled. /// - /// /// Lifecycle configurations need root access to be able to set up a notebook /// instance. Because of this, lifecycle configurations associated with a notebook /// instance always run with root access even if you disable root access for @@ -121,13 +119,11 @@ pub struct NotebookInstanceSpec { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -182,7 +178,6 @@ pub struct NotebookInstanceStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/processingjobs.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/processingjobs.rs index 24be16971..8ac70cefc 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/processingjobs.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/processingjobs.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// ProcessingJobSpec defines the desired state of ProcessingJob. /// -/// /// An Amazon SageMaker processing job that is used to analyze data and evaluate /// models. For more information, see Process Data and Evaluate Models (https://docs.aws.amazon.com/sagemaker/latest/dg/processing-job.html). #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -34,13 +33,10 @@ pub struct ProcessingJobSpec { /// Associates a SageMaker job as a trial component with an experiment and trial. /// Specified when you call the following APIs: /// - /// /// * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) /// - /// /// * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) /// - /// /// * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) #[serde(default, skip_serializing_if = "Option::is_none", rename = "experimentConfig")] pub experiment_config: Option, @@ -92,13 +88,10 @@ pub struct ProcessingJobAppSpecification { /// Associates a SageMaker job as a trial component with an experiment and trial. /// Specified when you call the following APIs: /// -/// /// * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) /// -/// /// * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) /// -/// /// * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ProcessingJobExperimentConfig { @@ -329,13 +322,11 @@ pub struct ProcessingJobStoppingCondition { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -383,7 +374,6 @@ pub struct ProcessingJobStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/trainingjobs.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/trainingjobs.rs index fd360e6f9..7aa83b0e3 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/trainingjobs.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/trainingjobs.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// TrainingJobSpec defines the desired state of TrainingJob. /// -/// /// Contains information about a training job. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "sagemaker.services.k8s.aws", version = "v1alpha1", kind = "TrainingJob", plural = "trainingjobs")] @@ -59,7 +58,6 @@ pub struct TrainingJobSpec { /// learning models. this option is useful when training jobs can be interrupted /// and when there is flexibility when the training job is run. /// - /// /// The complete and intermediate results of jobs are stored in an Amazon S3 /// bucket, and can be used as a starting point to train models incrementally. /// Amazon SageMaker provides metrics and logs in CloudWatch. They can be used @@ -81,13 +79,10 @@ pub struct TrainingJobSpec { /// Associates a SageMaker job as a trial component with an experiment and trial. /// Specified when you call the following APIs: /// - /// /// * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) /// - /// /// * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) /// - /// /// * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) #[serde(default, skip_serializing_if = "Option::is_none", rename = "experimentConfig")] pub experiment_config: Option, @@ -96,12 +91,10 @@ pub struct TrainingJobSpec { /// hyperparameters for each training algorithm provided by SageMaker, see Algorithms /// (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). /// - /// /// You can specify a maximum of 100 hyperparameters. Each hyperparameter is /// a key-value pair. Each key and value is limited to 256 characters, as specified /// by the Length Constraint. /// - /// /// Do not include any security-sensitive information including account access /// IDs, secrets or tokens in any hyperparameter field. If the use of security-sensitive /// credentials are detected, SageMaker will reject your training job request @@ -115,7 +108,6 @@ pub struct TrainingJobSpec { /// An array of Channel objects. Each channel is a named input source. InputDataConfig /// describes the input data and its location. /// - /// /// Algorithms can accept input data from one or more channels. For example, /// an algorithm might have two channels of input data, training_data and validation_data. /// The configuration for each channel provides the S3, EFS, or FSx location @@ -123,14 +115,12 @@ pub struct TrainingJobSpec { /// data: the MIME type, compression method, and whether the data is wrapped /// in RecordIO format. /// - /// /// Depending on the input mode that the algorithm supports, SageMaker either /// copies input data files from an S3 bucket to a local directory in the Docker /// container, or makes it available as input streams. For example, if you specify /// an EFS location, input data files are available as input streams. They do /// not need to be downloaded. /// - /// /// Your input must be in the same Amazon Web Services region as your training /// job. #[serde(default, skip_serializing_if = "Option::is_none", rename = "inputDataConfig")] @@ -155,7 +145,6 @@ pub struct TrainingJobSpec { /// The resources, including the ML compute instances and ML storage volumes, /// to use for model training. /// - /// /// ML storage volumes store model artifacts and incremental states. Training /// algorithms might also use ML storage volumes for scratch space. If you want /// SageMaker to use the ML storage volume to store the training data, choose @@ -169,14 +158,12 @@ pub struct TrainingJobSpec { /// The Amazon Resource Name (ARN) of an IAM role that SageMaker can assume to /// perform tasks on your behalf. /// - /// /// During model training, SageMaker needs your permission to read input data /// from an S3 bucket, download a Docker image that contains training code, write /// model artifacts to an S3 bucket, write logs to Amazon CloudWatch Logs, and /// publish metrics to Amazon CloudWatch. You grant permissions for all of these /// tasks to an IAM role. For more information, see SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). /// - /// /// To be able to pass this role to SageMaker, the caller of this API must have /// the iam:PassRole permission. #[serde(rename = "roleARN")] @@ -186,7 +173,6 @@ pub struct TrainingJobSpec { /// the time limit, SageMaker ends the training job. Use this API to cap model /// training costs. /// - /// /// To stop a job, SageMaker sends the algorithm the SIGTERM signal, which delays /// job termination for 120 seconds. Algorithms can use this 120-second window /// to save the model artifacts, so the results of training are not lost. @@ -233,28 +219,22 @@ pub struct TrainingJobAlgorithmSpecification { /// The training input mode that the algorithm supports. For more information /// about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). /// - /// /// Pipe mode /// - /// /// If an algorithm supports Pipe mode, Amazon SageMaker streams data directly /// from Amazon S3 to the container. /// - /// /// File mode /// - /// /// If an algorithm supports File mode, SageMaker downloads the training data /// from S3 to the provisioned ML storage volume, and mounts the directory to /// the Docker volume for the training container. /// - /// /// You must provision the ML storage volume with sufficient capacity to accommodate /// the data downloaded from S3. In addition to the training data, the ML storage /// volume also stores the output model. The algorithm container uses the ML /// storage volume to also store intermediate information, if any. /// - /// /// For distributed algorithms, training data is distributed uniformly. Your /// training duration is predictable if the input data objects sizes are approximately /// the same. SageMaker does not split the files any further for model training. @@ -262,16 +242,13 @@ pub struct TrainingJobAlgorithmSpecification { /// is also skewed when one host in a training cluster is overloaded, thus becoming /// a bottleneck in training. /// - /// /// FastFile mode /// - /// /// If an algorithm supports FastFile mode, SageMaker streams data directly from /// S3 to the container with no code changes, and provides file system access /// to the data. Users can author their training script to interact with these /// files as if they were stored on disk. /// - /// /// FastFile mode works best when the data is read sequentially. Augmented manifest /// files aren't supported. The startup time is lower when there are fewer files /// in the S3 bucket provided. @@ -356,13 +333,10 @@ pub struct TrainingJobDebugRuleConfigurations { /// Associates a SageMaker job as a trial component with an experiment and trial. /// Specified when you call the following APIs: /// -/// /// * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) /// -/// /// * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) /// -/// /// * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TrainingJobExperimentConfig { @@ -397,28 +371,22 @@ pub struct TrainingJobInputDataConfig { /// The training input mode that the algorithm supports. For more information /// about input modes, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). /// - /// /// Pipe mode /// - /// /// If an algorithm supports Pipe mode, Amazon SageMaker streams data directly /// from Amazon S3 to the container. /// - /// /// File mode /// - /// /// If an algorithm supports File mode, SageMaker downloads the training data /// from S3 to the provisioned ML storage volume, and mounts the directory to /// the Docker volume for the training container. /// - /// /// You must provision the ML storage volume with sufficient capacity to accommodate /// the data downloaded from S3. In addition to the training data, the ML storage /// volume also stores the output model. The algorithm container uses the ML /// storage volume to also store intermediate information, if any. /// - /// /// For distributed algorithms, training data is distributed uniformly. Your /// training duration is predictable if the input data objects sizes are approximately /// the same. SageMaker does not split the files any further for model training. @@ -426,16 +394,13 @@ pub struct TrainingJobInputDataConfig { /// is also skewed when one host in a training cluster is overloaded, thus becoming /// a bottleneck in training. /// - /// /// FastFile mode /// - /// /// If an algorithm supports FastFile mode, SageMaker streams data directly from /// S3 to the container with no code changes, and provides file system access /// to the data. Users can author their training script to interact with these /// files as if they were stored on disk. /// - /// /// FastFile mode works best when the data is read sequentially. Augmented manifest /// files aren't supported. The startup time is lower when there are fewer files /// in the S3 bucket provided. @@ -450,7 +415,6 @@ pub struct TrainingJobInputDataConfig { /// of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling /// order is determined using the Seed value. /// - /// /// For Pipe input mode, when ShuffleConfig is specified shuffling is done at /// the start of every epoch. With large datasets, this ensures that the order /// of the training data is different for each epoch, and it helps reduce bias @@ -470,7 +434,6 @@ pub struct TrainingJobInputDataConfigDataSource { pub file_system_data_source: Option, /// Describes the S3 data source. /// - /// /// Your input bucket must be in the same Amazon Web Services region as your /// training job. #[serde(default, skip_serializing_if = "Option::is_none", rename = "s3DataSource")] @@ -492,7 +455,6 @@ pub struct TrainingJobInputDataConfigDataSourceFileSystemDataSource { /// Describes the S3 data source. /// -/// /// Your input bucket must be in the same Amazon Web Services region as your /// training job. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -516,7 +478,6 @@ pub struct TrainingJobInputDataConfigDataSourceS3DataSource { /// of the JSON lines in the AugmentedManifestFile is shuffled. The shuffling /// order is determined using the Seed value. /// -/// /// For Pipe input mode, when ShuffleConfig is specified shuffling is done at /// the start of every epoch. With large datasets, this ensures that the order /// of the training data is different for each epoch, and it helps reduce bias @@ -585,7 +546,6 @@ pub struct TrainingJobRemoteDebugConfig { /// The resources, including the ML compute instances and ML storage volumes, /// to use for model training. /// -/// /// ML storage volumes store model artifacts and incremental states. Training /// algorithms might also use ML storage volumes for scratch space. If you want /// SageMaker to use the ML storage volume to store the training data, choose @@ -634,7 +594,6 @@ pub struct TrainingJobRetryStrategy { /// the time limit, SageMaker ends the training job. Use this API to cap model /// training costs. /// -/// /// To stop a job, SageMaker sends the algorithm the SIGTERM signal, which delays /// job termination for 120 seconds. Algorithms can use this 120-second window /// to save the model artifacts, so the results of training are not lost. @@ -652,13 +611,11 @@ pub struct TrainingJobStoppingCondition { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -737,104 +694,75 @@ pub struct TrainingJobStatus { /// information on the secondary status of the training job, see StatusMessage /// under SecondaryStatusTransition (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_SecondaryStatusTransition.html). /// - /// /// SageMaker provides primary statuses and secondary statuses that apply to /// each of them: /// - /// /// InProgress /// - /// /// * Starting - Starting the training job. /// - /// /// * Downloading - An optional stage for algorithms that support File training /// input mode. It indicates that data is being downloaded to the ML storage /// volumes. /// - /// /// * Training - Training is in progress. /// - /// /// * Interrupted - The job stopped because the managed spot training instances /// were interrupted. /// - /// /// * Uploading - Training is complete and the model artifacts are being uploaded /// to the S3 location. /// - /// /// Completed /// - /// /// * Completed - The training job has completed. /// - /// /// Failed /// - /// /// * Failed - The training job has failed. The reason for the failure is /// returned in the FailureReason field of DescribeTrainingJobResponse. /// - /// /// Stopped /// - /// /// * MaxRuntimeExceeded - The job stopped because it exceeded the maximum /// allowed runtime. /// - /// /// * MaxWaitTimeExceeded - The job stopped because it exceeded the maximum /// allowed wait time. /// - /// /// * Stopped - The training job has stopped. /// - /// /// Stopping /// - /// /// * Stopping - Stopping the training job. /// - /// /// Valid values for SecondaryStatus are subject to change. /// - /// /// We no longer support the following secondary statuses: /// - /// /// * LaunchingMLInstances /// - /// /// * PreparingTraining /// - /// /// * DownloadingTrainingImage #[serde(default, skip_serializing_if = "Option::is_none", rename = "secondaryStatus")] pub secondary_status: Option, /// The status of the training job. /// - /// /// SageMaker provides the following training job statuses: /// - /// /// * InProgress - The training is in progress. /// - /// /// * Completed - The training job has completed. /// - /// /// * Failed - The training job has failed. To see the reason for the failure, /// see the FailureReason field in the response to a DescribeTrainingJobResponse /// call. /// - /// /// * Stopping - The training job is stopping. /// - /// /// * Stopped - The training job has stopped. /// - /// /// For more detailed information, see SecondaryStatus. #[serde(default, skip_serializing_if = "Option::is_none", rename = "trainingJobStatus")] pub training_job_status: Option, @@ -854,7 +782,6 @@ pub struct TrainingJobStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/transformjobs.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/transformjobs.rs index 23fe241e8..09b7da3e3 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/transformjobs.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/transformjobs.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// TransformJobSpec defines the desired state of TransformJob. /// -/// /// A batch transform job. For information about SageMaker batch transform, see /// Use Batch Transform (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform.html). #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -28,15 +27,12 @@ pub struct TransformJobSpec { /// request. A record is a single unit of input data that inference can be made /// on. For example, a single line in a CSV file is a record. /// - /// /// To enable the batch strategy, you must set the SplitType property to Line, /// RecordIO, or TFRecord. /// - /// /// To use only one record when making an HTTP invocation request to a container, /// set BatchStrategy to SingleRecord and SplitType to Line. /// - /// /// To fit as many records in a mini-batch as can fit within the MaxPayloadInMB /// limit, set BatchStrategy to MultiRecord and SplitType to Line. #[serde(default, skip_serializing_if = "Option::is_none", rename = "batchStrategy")] @@ -50,20 +46,18 @@ pub struct TransformJobSpec { /// Prediction Results with their Corresponding Input Records (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform-data-processing.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataProcessing")] pub data_processing: Option, - /// The environment variables to set in the Docker container. We support up to - /// 16 key and values entries in the map. + /// The environment variables to set in the Docker container. Don't include any + /// sensitive data in your environment variables. We support up to 16 key and + /// values entries in the map. #[serde(default, skip_serializing_if = "Option::is_none")] pub environment: Option>, /// Associates a SageMaker job as a trial component with an experiment and trial. /// Specified when you call the following APIs: /// - /// /// * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) /// - /// /// * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) /// - /// /// * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) #[serde(default, skip_serializing_if = "Option::is_none", rename = "experimentConfig")] pub experiment_config: Option, @@ -83,12 +77,10 @@ pub struct TransformJobSpec { /// ensure that the records fit within the maximum payload size, we recommend /// using a slightly larger value. The default value is 6 MB. /// - /// /// The value of MaxPayloadInMB cannot be greater than 100 MB. If you specify /// the MaxConcurrentTransforms parameter, the value of (MaxConcurrentTransforms /// * MaxPayloadInMB) also cannot exceed 100 MB. /// - /// /// For cases where the payload might be arbitrarily large and is transmitted /// using HTTP chunked encoding, set the value to 0. This feature works only /// in supported algorithms. Currently, Amazon SageMaker built-in algorithms @@ -145,13 +137,10 @@ pub struct TransformJobDataProcessing { /// Associates a SageMaker job as a trial component with an experiment and trial. /// Specified when you call the following APIs: /// -/// /// * CreateProcessingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateProcessingJob.html) /// -/// /// * CreateTrainingJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTrainingJob.html) /// -/// /// * CreateTransformJob (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateTransformJob.html) #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TransformJobExperimentConfig { @@ -176,13 +165,11 @@ pub struct TransformJobModelClientConfig { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -289,7 +276,6 @@ pub struct TransformJobStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/userprofiles.rs b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/userprofiles.rs index 3b4383543..2a39375a7 100644 --- a/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/userprofiles.rs +++ b/kube-custom-resources-rs/src/sagemaker_services_k8s_aws/v1alpha1/userprofiles.rs @@ -38,7 +38,6 @@ pub struct UserProfileSpec { /// Each tag consists of a key and an optional value. Tag keys must be unique /// per resource. /// - /// /// Tags that you specify for the User Profile are also added to all Apps that /// the User Profile launches. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -54,13 +53,11 @@ pub struct UserProfileSpec { /// A tag object that consists of a key and an optional value, used to manage /// metadata for SageMaker Amazon Web Services resources. /// -/// /// You can add tags to notebook instances, training jobs, hyperparameter tuning /// jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, /// and endpoints. For more information on adding tags to SageMaker resources, /// see AddTags (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_AddTags.html). /// -/// /// For more information on adding metadata to your Amazon Web Services resources /// with tagging, see Tagging Amazon Web Services resources (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). /// For advice on best practices for managing Amazon Web Services resources with @@ -79,7 +76,6 @@ pub struct UserProfileTags { pub struct UserProfileUserSettings { /// The Code Editor application settings. /// - /// /// For more information about Code Editor, see Get started with Code Editor /// in Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "codeEditorAppSettings")] @@ -114,7 +110,7 @@ pub struct UserProfileUserSettings { /// When SharingSettings is not specified, notebook sharing isn't allowed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sharingSettings")] pub sharing_settings: Option, - /// The default storage settings for a private space. + /// The default storage settings for a space. #[serde(default, skip_serializing_if = "Option::is_none", rename = "spaceStorageSettings")] pub space_storage_settings: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "studioWebPortal")] @@ -126,7 +122,6 @@ pub struct UserProfileUserSettings { /// The Code Editor application settings. /// -/// /// For more information about Code Editor, see Get started with Code Editor /// in Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/code-editor.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -318,17 +313,17 @@ pub struct UserProfileUserSettingsSharingSettings { pub s3_output_path: Option, } -/// The default storage settings for a private space. +/// The default storage settings for a space. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct UserProfileUserSettingsSpaceStorageSettings { - /// A collection of default EBS storage settings that applies to private spaces - /// created within a domain or user profile. + /// A collection of default EBS storage settings that apply to spaces created + /// within a domain or user profile. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultEBSStorageSettings")] pub default_ebs_storage_settings: Option, } -/// A collection of default EBS storage settings that applies to private spaces -/// created within a domain or user profile. +/// A collection of default EBS storage settings that apply to spaces created +/// within a domain or user profile. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct UserProfileUserSettingsSpaceStorageSettingsDefaultEbsStorageSettings { #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultEBSVolumeSizeInGb")] @@ -392,7 +387,6 @@ pub struct UserProfileStatusAckResourceMetadata { /// when it has verified that an "adopted" resource (a resource where the /// ARN annotation was set by the Kubernetes user on the CR) exists and /// matches the supplied CR's Spec field values. - /// TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse /// https://github.com/aws/aws-controllers-k8s/issues/270 #[serde(default, skip_serializing_if = "Option::is_none")] pub arn: Option, diff --git a/kube-custom-resources-rs/src/scylla_scylladb_com/v1/scyllaclusters.rs b/kube-custom-resources-rs/src/scylla_scylladb_com/v1/scyllaclusters.rs index 014402fcd..94c84850e 100644 --- a/kube-custom-resources-rs/src/scylla_scylladb_com/v1/scyllaclusters.rs +++ b/kube-custom-resources-rs/src/scylla_scylladb_com/v1/scyllaclusters.rs @@ -33,10 +33,12 @@ pub struct ScyllaClusterSpec { /// automaticOrphanedNodeCleanup controls if automatic orphan node cleanup should be performed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "automaticOrphanedNodeCleanup")] pub automatic_orphaned_node_cleanup: Option, - /// backups specifies backup tasks in Scylla Manager. When Scylla Manager is not installed, these will be ignored. + /// backups specifies backup tasks in Scylla Manager. + /// When Scylla Manager is not installed, these will be ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub backups: Option>, - /// cpuset determines if the cluster will use cpu-pinning. Deprecated: `cpuset` is deprecated. It is now treated as if it is always set to true regardless of its value. + /// cpuset determines if the cluster will use cpu-pinning. + /// Deprecated: `cpuset` is deprecated. It is now treated as if it is always set to true regardless of its value. #[serde(default, skip_serializing_if = "Option::is_none")] pub cpuset: Option, /// datacenter holds a specification of a datacenter. @@ -45,10 +47,14 @@ pub struct ScyllaClusterSpec { /// developerMode determines if the cluster runs in developer-mode. #[serde(default, skip_serializing_if = "Option::is_none", rename = "developerMode")] pub developer_mode: Option, - /// dnsDomains is a list of DNS domains this cluster is reachable by. These domains are used when setting up the infrastructure, like certificates. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. + /// dnsDomains is a list of DNS domains this cluster is reachable by. + /// These domains are used when setting up the infrastructure, like certificates. + /// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsDomains")] pub dns_domains: Option>, - /// exposeOptions specifies options for exposing ScyllaCluster services. This field is immutable. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. + /// exposeOptions specifies options for exposing ScyllaCluster services. + /// This field is immutable. + /// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "exposeOptions")] pub expose_options: Option, /// externalSeeds specifies the external seeds to propagate to ScyllaDB binary on startup as "seeds" parameter of seed-provider. @@ -60,13 +66,24 @@ pub struct ScyllaClusterSpec { /// genericUpgrade allows to configure behavior of generic upgrade logic. #[serde(default, skip_serializing_if = "Option::is_none", rename = "genericUpgrade")] pub generic_upgrade: Option, - /// imagePullSecrets is an optional list of references to secrets in the same namespace used for pulling Scylla and Agent images. + /// imagePullSecrets is an optional list of references to secrets in the same namespace + /// used for pulling Scylla and Agent images. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] pub image_pull_secrets: Option>, - /// minReadySeconds is the minimum number of seconds for which a newly created ScyllaDB node should be ready for it to be considered available. When used to control load balanced traffic, this can give the load balancer in front of a node enough time to notice that the node is ready and start forwarding traffic in time. Because it all depends on timing, the order is not guaranteed and, if possible, you should use readinessGates instead. If not provided, Operator will determine this value. + /// minReadySeconds is the minimum number of seconds for which a newly created ScyllaDB node should be ready + /// for it to be considered available. + /// When used to control load balanced traffic, this can give the load balancer in front of a node enough time to + /// notice that the node is ready and start forwarding traffic in time. Because it all depends on timing, the order + /// is not guaranteed and, if possible, you should use readinessGates instead. + /// If not provided, Operator will determine this value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minReadySeconds")] pub min_ready_seconds: Option, - /// minTerminationGracePeriodSeconds specifies minimum duration in seconds to wait before every drained node is terminated. This gives time to potential load balancer in front of a node to notice that node is not ready anymore and stop forwarding new requests. This applies only when node is terminated gracefully. If not provided, Operator will determine this value. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. + /// minTerminationGracePeriodSeconds specifies minimum duration in seconds to wait before every drained node is + /// terminated. This gives time to potential load balancer in front of a node to notice that node is not ready anymore + /// and stop forwarding new requests. + /// This applies only when node is terminated gracefully. + /// If not provided, Operator will determine this value. + /// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minTerminationGracePeriodSeconds")] pub min_termination_grace_period_seconds: Option, /// network holds the networking config. @@ -75,19 +92,24 @@ pub struct ScyllaClusterSpec { /// podMetadata controls shared metadata for all pods created based on this spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podMetadata")] pub pod_metadata: Option, - /// readinessGates specifies custom readiness gates that will be evaluated for every ScyllaDB Pod readiness. It's projected into every ScyllaDB Pod as its readinessGate. Refer to upstream documentation to learn more about readiness gates. + /// readinessGates specifies custom readiness gates that will be evaluated for every ScyllaDB Pod readiness. + /// It's projected into every ScyllaDB Pod as its readinessGate. Refer to upstream documentation to learn more + /// about readiness gates. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] pub readiness_gates: Option>, - /// repairs specify repair tasks in Scylla Manager. When Scylla Manager is not installed, these will be ignored. + /// repairs specify repair tasks in Scylla Manager. + /// When Scylla Manager is not installed, these will be ignored. #[serde(default, skip_serializing_if = "Option::is_none")] pub repairs: Option>, /// repository is the image repository to pull the Scylla image from. #[serde(default, skip_serializing_if = "Option::is_none")] pub repository: Option, - /// scyllaArgs will be appended to Scylla binary during startup. This is supported from 4.2.0 Scylla version. + /// scyllaArgs will be appended to Scylla binary during startup. + /// This is supported from 4.2.0 Scylla version. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scyllaArgs")] pub scylla_args: Option, - /// sysctls holds the sysctl properties to be applied during initialization given as a list of key=value pairs. Example: fs.aio-max-nr=232323 + /// sysctls holds the sysctl properties to be applied during initialization given as a list of key=value pairs. + /// Example: fs.aio-max-nr=232323 #[serde(default, skip_serializing_if = "Option::is_none")] pub sysctls: Option>, /// version is a version tag of Scylla to use. @@ -98,13 +120,18 @@ pub struct ScyllaClusterSpec { /// alternator designates this cluster an Alternator cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterAlternator { - /// insecureDisableAuthorization disables Alternator authorization. If not specified, the authorization is enabled. For backwards compatibility the authorization is disabled when this field is not specified and a manual port is used. + /// insecureDisableAuthorization disables Alternator authorization. + /// If not specified, the authorization is enabled. + /// For backwards compatibility the authorization is disabled when this field is not specified + /// and a manual port is used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureDisableAuthorization")] pub insecure_disable_authorization: Option, /// insecureEnableHTTP enables serving Alternator traffic also on insecure HTTP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureEnableHTTP")] pub insecure_enable_http: Option, - /// port is the port number used to bind the Alternator API. Deprecated: `port` is deprecated and may be ignored in the future. Please make sure to avoid using hostNetworking and work with standard Kubernetes concepts like Services. + /// port is the port number used to bind the Alternator API. + /// Deprecated: `port` is deprecated and may be ignored in the future. + /// Please make sure to avoid using hostNetworking and work with standard Kubernetes concepts like Services. #[serde(default, skip_serializing_if = "Option::is_none")] pub port: Option, /// servingCertificate references a TLS certificate for serving secure traffic. @@ -160,16 +187,23 @@ pub struct ScyllaClusterBackups { /// cron specifies the task schedule as a cron expression. It supports an extended syntax including @monthly, @weekly, @daily, @midnight, @hourly, @every X[h|m|s]. #[serde(default, skip_serializing_if = "Option::is_none")] pub cron: Option, - /// dc is a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs to include or exclude from backup. + /// dc is a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs + /// to include or exclude from backup. #[serde(default, skip_serializing_if = "Option::is_none")] pub dc: Option>, - /// interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s. Deprecated: please use cron instead. + /// interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s. + /// Deprecated: please use cron instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, - /// keyspace is a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair. + /// keyspace is a list of keyspace/tables glob patterns, + /// e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair. #[serde(default, skip_serializing_if = "Option::is_none")] pub keyspace: Option>, - /// location is a list of backup locations in the format [:]: ex. s3:my-bucket. The : part is optional and is only needed when different datacenters are being used to upload data to different locations. must be an alphanumeric string and may contain a dash and or a dot, but other characters are forbidden. The only supported storage at the moment are s3 and gcs. + /// location is a list of backup locations in the format [:]: ex. s3:my-bucket. + /// The : part is optional and is only needed when different datacenters are being used to upload data + /// to different locations. must be an alphanumeric string and may contain a dash and or a dot, + /// but other characters are forbidden. + /// The only supported storage at the moment are s3 and gcs. #[serde(default, skip_serializing_if = "Option::is_none")] pub location: Option>, /// name specifies the name of a task. @@ -178,22 +212,31 @@ pub struct ScyllaClusterBackups { /// numRetries indicates how many times a scheduled task will be retried before failing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "numRetries")] pub num_retries: Option, - /// rateLimit is a list of megabytes (MiB) per second rate limits expressed in the format [:]. The : part is optional and only needed when different datacenters need different upload limits. Set to 0 for no limit (default 100). + /// rateLimit is a list of megabytes (MiB) per second rate limits expressed in the format [:]. + /// The : part is optional and only needed when different datacenters need different upload limits. + /// Set to 0 for no limit (default 100). #[serde(default, skip_serializing_if = "Option::is_none", rename = "rateLimit")] pub rate_limit: Option>, /// retention is the number of backups which are to be stored. #[serde(default, skip_serializing_if = "Option::is_none")] pub retention: Option, - /// snapshotParallel is a list of snapshot parallelism limits in the format [:]. The : part is optional and allows for specifying different limits in selected datacenters. If The : part is not set, the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1) and n nodes in all the other datacenters. + /// snapshotParallel is a list of snapshot parallelism limits in the format [:]. + /// The : part is optional and allows for specifying different limits in selected datacenters. + /// If The : part is not set, the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1) + /// and n nodes in all the other datacenters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotParallel")] pub snapshot_parallel: Option>, - /// startDate specifies the task start date expressed in the RFC3339 format or now[+duration], e.g. now+3d2h10m, valid units are d, h, m, s. + /// startDate specifies the task start date expressed in the RFC3339 format or now[+duration], + /// e.g. now+3d2h10m, valid units are d, h, m, s. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startDate")] pub start_date: Option, /// timezone specifies the timezone of cron field. #[serde(default, skip_serializing_if = "Option::is_none")] pub timezone: Option, - /// uploadParallel is a list of upload parallelism limits in the format [:]. The : part is optional and allows for specifying different limits in selected datacenters. If The : part is not set the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1) and n nodes in all the other datacenters. + /// uploadParallel is a list of upload parallelism limits in the format [:]. + /// The : part is optional and allows for specifying different limits in selected datacenters. + /// If The : part is not set the limit is global (e.g. 'dc1:2,5') the runs are parallel in n nodes (2 in dc1) + /// and n nodes in all the other datacenters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "uploadParallel")] pub upload_parallel: Option>, } @@ -218,6 +261,9 @@ pub struct ScyllaClusterDatacenterRacks { /// AgentVolumeMounts to be added to Agent container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "agentVolumeMounts")] pub agent_volume_mounts: Option>, + /// exposeOptions specifies rack-specific parameters related to exposing ScyllaDBDatacenter backends. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "exposeOptions")] + pub expose_options: Option, /// members is the number of Scylla instances in this rack. #[serde(default, skip_serializing_if = "Option::is_none")] pub members: Option, @@ -250,15 +296,23 @@ pub struct ScyllaClusterDatacenterRacks { /// agentResources specify the resources for the Agent container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksAgentResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -266,32 +320,87 @@ pub struct ScyllaClusterDatacenterRacksAgentResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksAgentResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksAgentVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } +/// exposeOptions specifies rack-specific parameters related to exposing ScyllaDBDatacenter backends. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScyllaClusterDatacenterRacksExposeOptions { + /// nodeService controls properties of Service dedicated for each ScyllaDBDatacenter node in given rack. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeService")] + pub node_service: Option, +} + +/// nodeService controls properties of Service dedicated for each ScyllaDBDatacenter node in given rack. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScyllaClusterDatacenterRacksExposeOptionsNodeService { + /// annotations is a custom key value map that gets merged with managed object annotations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// labels is a custom key value map that gets merged with managed object labels. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + /// placement describes restrictions for the nodes Scylla is scheduled on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacement { @@ -304,7 +413,8 @@ pub struct ScyllaClusterDatacenterRacksPlacement { /// podAntiAffinity describes pod anti-affinity scheduling rules. #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] pub pod_anti_affinity: Option, - /// tolerations allow the pod to tolerate any taint that matches the triple using the matching operator. + /// tolerations allow the pod to tolerate any taint that matches the triple + /// using the matching operator. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } @@ -312,15 +422,28 @@ pub struct ScyllaClusterDatacenterRacksPlacement { /// nodeAffinity describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -340,31 +463,47 @@ pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityPreferredDuringSched pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -372,7 +511,9 @@ pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityRequiredDuringSchedu pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -383,26 +524,38 @@ pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityRequiredDuringSchedu pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -410,10 +563,24 @@ pub struct ScyllaClusterDatacenterRacksPlacementNodeAffinityRequiredDuringSchedu /// podAffinity describes pod affinity scheduling rules. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -424,144 +591,244 @@ pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityPreferredDuringSchedu /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: ScyllaClusterDatacenterRacksPlacementPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -569,10 +836,24 @@ pub struct ScyllaClusterDatacenterRacksPlacementPodAffinityRequiredDuringSchedul /// podAntiAffinity describes pod anti-affinity scheduling rules. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -583,164 +864,274 @@ pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityPreferredDuringSc /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: ScyllaClusterDatacenterRacksPlacementPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksPlacementTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -748,15 +1139,23 @@ pub struct ScyllaClusterDatacenterRacksPlacementTolerations { /// resources the Scylla container will use. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - /// This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - /// This field is immutable. It can only be set for containers. + /// Claims lists the names of resources, defined in spec.resourceClaims, + /// that are used by this container. + /// + /// This is an alpha field and requires enabling the + /// DynamicResourceAllocation feature gate. + /// + /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -764,8 +1163,15 @@ pub struct ScyllaClusterDatacenterRacksResources { /// ResourceClaim references one entry in PodSpec.ResourceClaims. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + /// Name must match the name of one entry in pod.spec.resourceClaims of + /// the Pod where this field is used. It makes that resource available + /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// storage describes the underlying storage that Scylla will consume. @@ -774,7 +1180,9 @@ pub struct ScyllaClusterDatacenterRacksStorage { /// capacity describes the requested size of each persistent volume. #[serde(default, skip_serializing_if = "Option::is_none")] pub capacity: Option, - /// metadata controls shared metadata for the volume claim for this rack. At this point, the values are applied only for the initial claim and are not reconciled during its lifetime. Note that this may get fixed in the future and this behaviour shouldn't be relied on in any way. + /// metadata controls shared metadata for the volume claim for this rack. + /// At this point, the values are applied only for the initial claim and are not reconciled during its lifetime. + /// Note that this may get fixed in the future and this behaviour shouldn't be relied on in any way. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, /// storageClassName is the name of a storageClass to request. @@ -782,7 +1190,9 @@ pub struct ScyllaClusterDatacenterRacksStorage { pub storage_class_name: Option, } -/// metadata controls shared metadata for the volume claim for this rack. At this point, the values are applied only for the initial claim and are not reconciled during its lifetime. Note that this may get fixed in the future and this behaviour shouldn't be relied on in any way. +/// metadata controls shared metadata for the volume claim for this rack. +/// At this point, the values are applied only for the initial claim and are not reconciled during its lifetime. +/// Note that this may get fixed in the future and this behaviour shouldn't be relied on in any way. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksStorageMetadata { /// annotations is a custom key value map that gets merged with managed object annotations. @@ -796,21 +1206,50 @@ pub struct ScyllaClusterDatacenterRacksStorageMetadata { /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumeMounts { - /// Path within the container at which the volume should be mounted. Must not contain ':'. + /// Path within the container at which the volume should be mounted. Must + /// not contain ':'. #[serde(rename = "mountPath")] pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + /// mountPropagation determines how mounts are propagated from the host + /// to container and the other way around. + /// When not set, MountPropagationNone is used. + /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + /// Mounted read-only if true, read-write otherwise (false or unspecified). + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, + /// Path within the volume from which the container's volume should be mounted. + /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + /// Expanded path within the volume from which the container's volume should be mounted. + /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + /// Defaults to "" (volume's root). + /// SubPathExpr and SubPath are mutually exclusive. #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] pub sub_path_expr: Option, } @@ -818,119 +1257,216 @@ pub struct ScyllaClusterDatacenterRacksVolumeMounts { /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// awsElasticBlockStore represents an AWS Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// emptyDir represents a temporary directory that shares a pod's lifetime. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - /// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). - /// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - /// A pod can use both types of ephemeral volumes and persistent volumes at the same time. + /// ephemeral represents a volume that is handled by a cluster storage driver. + /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + /// and deleted when the pod is removed. + /// + /// Use this if: + /// a) the volume is only needed while the pod runs, + /// b) features of normal volumes like restoring from snapshot or capacity + /// tracking are needed, + /// c) the storage driver is specified through a storage class, and + /// d) the storage driver supports dynamic volume provisioning through + /// a PersistentVolumeClaim (see EphemeralVolumeSource for more + /// information on the connection between this volume type + /// and PersistentVolumeClaim). + /// + /// Use PersistentVolumeClaim or one of the vendor-specific + /// APIs for volumes that persist for longer than the lifecycle + /// of an individual pod. + /// + /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + /// be used that way - see the documentation of the driver for + /// more information. + /// + /// A pod can use both types of ephemeral volumes and + /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] pub ephemeral: Option, /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub fc: Option, - /// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + /// flexVolume represents a generic volume resource that is + /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// gcePersistentDisk represents a GCE Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. + /// gitRepo represents a git repository at a particular revision. + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an + /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md + /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. + /// hostPath represents a pre-existing file or directory on the host + /// machine that is directly exposed to the container. This is generally + /// used for system agents or other privileged things that are allowed + /// to see the host machine. Most containers will NOT need this. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// iscsi represents an ISCSI Disk resource that is attached to a + /// kubelet's host machine and then exposed to the pod. + /// More info: https://examples.k8s.io/volumes/iscsi/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub iscsi: Option, - /// name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// name of the volume. + /// Must be a DNS_LABEL and unique within the pod. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// nfs represents an NFS mount on the host that shares a pod's lifetime + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none")] pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// persistentVolumeClaimVolumeSource represents a reference to a + /// PersistentVolumeClaim in the same namespace. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md + /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. + /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, - /// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secret represents a secret that should populate this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore +/// awsElasticBlockStore represents an AWS Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// readOnly value true will force the readOnly setting in VolumeMounts. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(rename = "volumeID")] pub volume_id: String, } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -942,21 +1478,27 @@ pub struct ScyllaClusterDatacenterRacksVolumesAzureDisk { /// diskURI is the URI of data disk in the blob storage #[serde(rename = "diskURI")] pub disk_uri: String, - /// fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is Filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretName is the name of secret that contains Azure Storage Account Name and Key @@ -967,57 +1509,84 @@ pub struct ScyllaClusterDatacenterRacksVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// monitors is Required: Monitors is a collection of Ceph monitors + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it pub monitors: Vec, /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + /// user is optional: User is the rados user name, default is admin + /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it +/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. +/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesCephfsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md +/// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. +/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesCinder { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. + /// secretRef is optional: points to a secret object containing parameters used to connect + /// to OpenStack. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md + /// volumeID used to identify the volume in cinder. + /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(rename = "volumeID")] pub volume_id: String, } -/// secretRef is optional: points to a secret object containing parameters used to connect to OpenStack. +/// secretRef is optional: points to a secret object containing parameters used to connect +/// to OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesCinderSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1025,13 +1594,29 @@ pub struct ScyllaClusterDatacenterRacksVolumesCinderSecretRef { /// configMap represents a configMap that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -1044,36 +1629,61 @@ pub struct ScyllaClusterDatacenterRacksVolumesConfigMap { pub struct ScyllaClusterDatacenterRacksVolumesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster. + /// driver is the name of the CSI driver that handles this volume. + /// Consult with your admin for the correct name as registered in the cluster. pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply. + /// fsType to mount. Ex. "ext4", "xfs", "ntfs". + /// If not provided, the empty value is passed to the associated CSI driver + /// which will determine the default filesystem to apply. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. + /// nodePublishSecretRef is a reference to the secret object containing + /// sensitive information to pass to the CSI driver to complete the CSI + /// NodePublishVolume and NodeUnpublishVolume calls. + /// This field is optional, and may be empty if no secret is required. If the + /// secret object contains more than one secret, all secret references are passed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). + /// readOnly specifies a read-only configuration for the volume. + /// Defaults to false (read/write). #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values. + /// volumeAttributes stores driver-specific properties that are passed to the CSI + /// driver. Consult your driver's documentation for supported values. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] pub volume_attributes: Option>, } -/// nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed. +/// nodePublishSecretRef is a reference to the secret object containing +/// sensitive information to pass to the CSI driver to complete the CSI +/// NodePublishVolume and NodeUnpublishVolume calls. +/// This field is optional, and may be empty if no secret is required. If the +/// secret object contains more than one secret, all secret references are passed. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesCsiNodePublishSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1081,7 +1691,14 @@ pub struct ScyllaClusterDatacenterRacksVolumesCsiNodePublishSecretRef { /// downwardAPI represents downward API about the pod that should populate this volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits to use on created files by default. Must be a + /// Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, /// Items is a list of downward API volume file @@ -1092,20 +1709,26 @@ pub struct ScyllaClusterDatacenterRacksVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1116,7 +1739,8 @@ pub struct ScyllaClusterDatacenterRacksVolumesDownwardApiItemsFieldRef { pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1129,75 +1753,194 @@ pub struct ScyllaClusterDatacenterRacksVolumesDownwardApiItemsResourceFieldRef { pub resource: String, } -/// emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +/// emptyDir represents a temporary directory that shares a pod's lifetime. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// medium represents what type of storage medium should back this directory. + /// The default is "" which means to use the node's default medium. + /// Must be an empty string (default) or Memory. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none")] pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + /// sizeLimit is the total amount of local storage required for this EmptyDir volume. + /// The size limit is also applicable for memory medium. + /// The maximum usage on memory medium EmptyDir would be the minimum value between + /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. + /// The default is nil which means that the limit is undefined. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] pub size_limit: Option, } -/// ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. -/// Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). -/// Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. -/// A pod can use both types of ephemeral volumes and persistent volumes at the same time. +/// ephemeral represents a volume that is handled by a cluster storage driver. +/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, +/// and deleted when the pod is removed. +/// +/// Use this if: +/// a) the volume is only needed while the pod runs, +/// b) features of normal volumes like restoring from snapshot or capacity +/// tracking are needed, +/// c) the storage driver is specified through a storage class, and +/// d) the storage driver supports dynamic volume provisioning through +/// a PersistentVolumeClaim (see EphemeralVolumeSource for more +/// information on the connection between this volume type +/// and PersistentVolumeClaim). +/// +/// Use PersistentVolumeClaim or one of the vendor-specific +/// APIs for volumes that persist for longer than the lifecycle +/// of an individual pod. +/// +/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to +/// be used that way - see the documentation of the driver for +/// more information. +/// +/// A pod can use both types of ephemeral volumes and +/// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - /// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - /// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - /// Required, must not be nil. + /// Will be used to create a stand-alone PVC to provision the volume. + /// The pod in which this EphemeralVolumeSource is embedded will be the + /// owner of the PVC, i.e. the PVC will be deleted together with the + /// pod. The name of the PVC will be `-` where + /// `` is the name from the `PodSpec.Volumes` array + /// entry. Pod validation will reject the pod if the concatenated name + /// is not valid for a PVC (for example, too long). + /// + /// An existing PVC with that name that is not owned by the pod + /// will *not* be used for the pod to avoid using an unrelated + /// volume by mistake. Starting the pod is then blocked until + /// the unrelated PVC is removed. If such a pre-created PVC is + /// meant to be used by the pod, the PVC has to updated with an + /// owner reference to the pod once the pod exists. Normally + /// this should not be necessary, but it may be useful when + /// manually reconstructing a broken cluster. + /// + /// This field is read-only and no changes will be made by Kubernetes + /// to the PVC after it has been created. + /// + /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, } -/// Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). -/// An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. -/// This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. -/// Required, must not be nil. +/// Will be used to create a stand-alone PVC to provision the volume. +/// The pod in which this EphemeralVolumeSource is embedded will be the +/// owner of the PVC, i.e. the PVC will be deleted together with the +/// pod. The name of the PVC will be `-` where +/// `` is the name from the `PodSpec.Volumes` array +/// entry. Pod validation will reject the pod if the concatenated name +/// is not valid for a PVC (for example, too long). +/// +/// An existing PVC with that name that is not owned by the pod +/// will *not* be used for the pod to avoid using an unrelated +/// volume by mistake. Starting the pod is then blocked until +/// the unrelated PVC is removed. If such a pre-created PVC is +/// meant to be used by the pod, the PVC has to updated with an +/// owner reference to the pod once the pod exists. Normally +/// this should not be necessary, but it may be useful when +/// manually reconstructing a broken cluster. +/// +/// This field is read-only and no changes will be made by Kubernetes +/// to the PVC after it has been created. +/// +/// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + /// May contain labels and annotations that will be copied into the PVC + /// when creating it. No other fields are allowed and will be rejected during + /// validation. #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + /// The specification for the PersistentVolumeClaim. The entire content is + /// copied unchanged into the PVC that gets created from this + /// template. The same fields as in a PersistentVolumeClaim + /// are also valid here. pub spec: ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpec, } -/// May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +/// May contain labels and annotations that will be copied into the PVC +/// when creating it. No other fields are allowed and will be rejected during +/// validation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateMetadata { } -/// The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +/// The specification for the PersistentVolumeClaim. The entire content is +/// copied unchanged into the PVC that gets created from this +/// template. The same fields as in a PersistentVolumeClaim +/// are also valid here. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + /// accessModes contains the desired access modes the volume should have. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] pub access_modes: Option>, - /// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. + /// dataSource field can be used to specify either: + /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + /// * An existing PVC (PersistentVolumeClaim) + /// If the provisioner or an external controller can support the specified data source, + /// it will create a new volume based on the contents of the specified data source. + /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + /// volume is desired. This may be any object from a non-empty API group (non + /// core object) or a PersistentVolumeClaim object. + /// When this field is specified, volume binding will only succeed if the type of + /// the specified object matches some installed volume populator or dynamic + /// provisioner. + /// This field will replace the functionality of the dataSource field and as such + /// if both fields are non-empty, they must have the same value. For backwards + /// compatibility, when namespace isn't specified in dataSourceRef, + /// both fields (dataSource and dataSourceRef) will be set to the same + /// value automatically if one of them is empty and the other is non-empty. + /// When namespace is specified in dataSourceRef, + /// dataSource isn't set to the same value and must be empty. + /// There are three important differences between dataSource and dataSourceRef: + /// * While dataSource only allows two specific types of objects, dataSourceRef + /// allows any non-core object, as well as PersistentVolumeClaim objects. + /// * While dataSource ignores disallowed values (dropping them), dataSourceRef + /// preserves all values, and generates an error if a disallowed value is + /// specified. + /// * While dataSource only allows local objects, dataSourceRef allows objects + /// in any namespaces. + /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + /// resources represents the minimum resources the volume should have. + /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + /// that are lower than previous value but must still be higher than capacity recorded in the + /// status field of the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, /// selector is a label query over volumes to consider for binding. #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + /// storageClassName is the name of the StorageClass required by the claim. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + /// volumeMode defines what type of volume is required by the claim. + /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] pub volume_mode: Option, /// volumeName is the binding reference to the PersistentVolume backing this claim. @@ -1205,10 +1948,19 @@ pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpec { pub volume_name: Option, } -/// dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource. +/// dataSource field can be used to specify either: +/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) +/// * An existing PVC (PersistentVolumeClaim) +/// If the provisioner or an external controller can support the specified data source, +/// it will create a new volume based on the contents of the specified data source. +/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, +/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. +/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced @@ -1217,28 +1969,62 @@ pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpecDa pub name: String, } -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. +/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty +/// volume is desired. This may be any object from a non-empty API group (non +/// core object) or a PersistentVolumeClaim object. +/// When this field is specified, volume binding will only succeed if the type of +/// the specified object matches some installed volume populator or dynamic +/// provisioner. +/// This field will replace the functionality of the dataSource field and as such +/// if both fields are non-empty, they must have the same value. For backwards +/// compatibility, when namespace isn't specified in dataSourceRef, +/// both fields (dataSource and dataSourceRef) will be set to the same +/// value automatically if one of them is empty and the other is non-empty. +/// When namespace is specified in dataSourceRef, +/// dataSource isn't set to the same value and must be empty. +/// There are three important differences between dataSource and dataSourceRef: +/// * While dataSource only allows two specific types of objects, dataSourceRef +/// allows any non-core object, as well as PersistentVolumeClaim objects. +/// * While dataSource ignores disallowed values (dropping them), dataSourceRef +/// preserves all values, and generates an error if a disallowed value is +/// specified. +/// * While dataSource only allows local objects, dataSourceRef allows objects +/// in any namespaces. +/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + /// APIGroup is the group for the resource being referenced. + /// If APIGroup is not specified, the specified Kind must be in the core API group. + /// For any other third-party types, APIGroup is required. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] pub api_group: Option, /// Kind is the type of resource being referenced pub kind: String, /// Name is the name of resource being referenced pub name: String, - /// Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + /// Namespace is the namespace of resource being referenced + /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } -/// resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +/// resources represents the minimum resources the volume should have. +/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements +/// that are lower than previous value but must still be higher than capacity recorded in the +/// status field of the claim. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Limits describes the maximum amount of compute resources allowed. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + /// Requests describes the minimum amount of compute resources required. + /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + /// otherwise to an implementation-defined value. Requests cannot exceed Limits. + /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] pub requests: Option>, } @@ -1249,19 +2035,26 @@ pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpecSe /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1269,54 +2062,77 @@ pub struct ScyllaClusterDatacenterRacksVolumesEphemeralVolumeClaimTemplateSpecSe /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesFc { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number #[serde(default, skip_serializing_if = "Option::is_none")] pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// targetWWNs is Optional: FC target worldwide names (WWNs) #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + /// wwids Optional: FC volume world wide identifiers (wwids) + /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. #[serde(default, skip_serializing_if = "Option::is_none")] pub wwids: Option>, } -/// flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. +/// flexVolume represents a generic volume resource that is +/// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesFlexVolume { /// driver is the name of the driver to use for this volume. pub driver: String, - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// options is Optional: this field holds extra command options if any. #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. + /// secretRef is Optional: secretRef is reference to the secret object containing + /// sensitive information to pass to the plugin scripts. This may be + /// empty if no secret object is specified. If the secret object + /// contains more than one secret, all secrets are passed to the plugin + /// scripts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, } -/// secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts. +/// secretRef is Optional: secretRef is reference to the secret object containing +/// sensitive information to pass to the plugin scripts. This may be +/// empty if no secret object is specified. If the secret object +/// contains more than one secret, all secrets are passed to the plugin +/// scripts. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesFlexVolumeSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated + /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + /// should be considered as deprecated #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] pub dataset_name: Option, /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset @@ -1324,27 +2140,47 @@ pub struct ScyllaClusterDatacenterRacksVolumesFlocker { pub dataset_uuid: Option, } -/// gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk +/// gcePersistentDisk represents a GCE Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// partition is the partition in the volume that you want to mount. + /// If omitted, the default is to mount by volume name. + /// Examples: For volume /dev/sda1, you specify the partition as "1". + /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(rename = "pdName")] pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. +/// gitRepo represents a git repository at a particular revision. +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an +/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir +/// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesGitRepo { - /// directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name. + /// directory is the target directory name. + /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + /// git repository. Otherwise, if specified, the volume will contain the git repository in + /// the subdirectory with the given name. #[serde(default, skip_serializing_if = "Option::is_none")] pub directory: Option, /// repository is the URL @@ -1354,29 +2190,78 @@ pub struct ScyllaClusterDatacenterRacksVolumesGitRepo { pub revision: Option, } -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md +/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. +/// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// endpoints is the endpoint name that details Glusterfs topology. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub endpoints: String, - /// path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// path is the Glusterfs volume path. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. +/// hostPath represents a pre-existing file or directory on the host +/// machine that is directly exposed to the container. This is generally +/// used for system agents or other privileged things that are allowed +/// to see the host machine. Most containers will NOT need this. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesHostPath { - /// path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// path of the directory on the host. + /// If the path is a symlink, it will follow the link to the real path. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath pub path: String, - /// type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + /// type for HostPath Volume + /// Defaults to "" + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } -/// iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScyllaClusterDatacenterRacksVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + +/// iscsi represents an ISCSI Disk resource that is attached to a +/// kubelet's host machine and then exposed to the pod. +/// More info: https://examples.k8s.io/volumes/iscsi/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesIscsi { /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication @@ -1385,29 +2270,38 @@ pub struct ScyllaClusterDatacenterRacksVolumesIscsi { /// chapAuthSession defines whether support iSCSI Session CHAP authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection. + /// initiatorName is the custom iSCSI Initiator Name. + /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + /// : will be created for the connection. #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] pub initiator_name: Option, /// iqn is the target iSCSI Qualified Name. pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). + /// iscsiInterface is the interface Name that uses an iSCSI transport. + /// Defaults to 'default' (tcp). #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] pub iscsi_interface: Option, /// lun represents iSCSI Target Lun number. pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(default, skip_serializing_if = "Option::is_none")] pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). + /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + /// is other than default (typically TCP ports 860 and 3260). #[serde(rename = "targetPortal")] pub target_portal: String, } @@ -1415,38 +2309,54 @@ pub struct ScyllaClusterDatacenterRacksVolumesIscsi { /// secretRef is the CHAP Secret for iSCSI target and initiator authentication #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesIscsiSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs +/// nfs represents an NFS mount on the host that shares a pod's lifetime +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesNfs { - /// path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// path that is exported by the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// readOnly here will force the NFS export to be mounted with read-only permissions. + /// Defaults to false. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + /// server is the hostname or IP address of the NFS server. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs pub server: String, } -/// persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +/// persistentVolumeClaimVolumeSource represents a reference to a +/// PersistentVolumeClaim in the same namespace. +/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(rename = "claimName")] pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. Default false. + /// readOnly Will force the ReadOnly setting in VolumeMounts. + /// Default false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// pdID is the ID that identifies Photon Controller persistent disk @@ -1454,13 +2364,19 @@ pub struct ScyllaClusterDatacenterRacksVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesPortworxVolume { - /// fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + /// fSType represents the filesystem type to mount + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, /// volumeID uniquely identifies a Portworx volume @@ -1471,21 +2387,37 @@ pub struct ScyllaClusterDatacenterRacksVolumesPortworxVolume { /// projected items for all in one resources secrets, configmaps, and downward API #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode are the mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSources { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - /// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project @@ -1502,47 +2434,76 @@ pub struct ScyllaClusterDatacenterRacksVolumesProjectedSources { pub service_account_token: Option, } -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. -/// Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector. + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles. + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, /// Relative path from the volume root to write the bundle. pub path: String, - /// Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated. + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] pub signer_name: Option, } -/// Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as "match nothing". If set but empty, interpreted as "match everything". +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesClusterTrustBundleLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -1550,10 +2511,20 @@ pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesClusterTrustBundle /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// ConfigMap will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the ConfigMap, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -1566,10 +2537,18 @@ pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesConfigMap { pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesConfigMapItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } @@ -1584,20 +2563,26 @@ pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// Optional: mode bits used to set permissions on this file, must be an octal value + /// between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' pub path: String, - /// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -1608,7 +2593,8 @@ pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesDownwardApiItemsFi pub field_path: String, } -/// Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { /// Container name: required for volumes, optional for env vars @@ -1624,10 +2610,20 @@ pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesDownwardApiItemsRe /// secret information about the secret data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items if unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -1640,86 +2636,139 @@ pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesSecret { pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// serviceAccountToken is information about the serviceAccountToken data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver. + /// audience is the intended audience of the token. A recipient of a token + /// must identify itself with an identifier specified in the audience of the + /// token, and otherwise should reject the token. The audience defaults to the + /// identifier of the apiserver. #[serde(default, skip_serializing_if = "Option::is_none")] pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. + /// expirationSeconds is the requested duration of validity of the service + /// account token. As the token approaches expiration, the kubelet volume + /// plugin will proactively rotate the service account token. The kubelet will + /// start trying to rotate the token if the token is older than 80 percent of + /// its time to live or if the token is older than 24 hours.Defaults to 1 hour + /// and must be at least 10 minutes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the token into. + /// path is the path relative to the mount point of the file to project the + /// token into. pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesQuobyte { - /// group to map volume access to Default is no group + /// group to map volume access to + /// Default is no group #[serde(default, skip_serializing_if = "Option::is_none")] pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. + /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. + /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes + /// registry represents a single or multiple Quobyte Registry services + /// specified as a string as host:port pair (multiple entries are separated with commas) + /// which acts as the central registry for volumes pub registry: String, - /// tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin + /// tenant owning the given Quobyte volume in the Backend + /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin #[serde(default, skip_serializing_if = "Option::is_none")] pub tenant: Option, - /// user to map volume access to Defaults to serivceaccount user + /// user to map volume access to + /// Defaults to serivceaccount user #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, /// volume is a string that references an already created Quobyte volume by name. pub volume: String, } -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md +/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. +/// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine + /// fsType is the filesystem type of the volume that you want to mount. + /// Tip: Ensure that the filesystem type is supported by the host operating system. + /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// image is the rados image name. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub image: String, - /// keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// keyring is the path to key ring for RBDUser. + /// Default is /etc/ceph/keyring. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub keyring: Option, - /// monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// monitors is a collection of Ceph monitors. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it pub monitors: Vec, - /// pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// pool is the rados pool name. + /// Default is rbd. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// readOnly here will force the ReadOnly setting in VolumeMounts. + /// Defaults to false. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// secretRef is name of the authentication secret for RBDUser. If provided + /// overrides keyring. + /// Default is nil. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + /// user is the rados user name. + /// Default is admin. + /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[serde(default, skip_serializing_if = "Option::is_none")] pub user: Option, } -/// secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +/// secretRef is name of the authentication secret for RBDUser. If provided +/// overrides keyring. +/// Default is nil. +/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesRbdSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesScaleIo { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". + /// Default is "xfs". #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// gateway is the host address of the ScaleIO API Gateway. @@ -1727,16 +2776,19 @@ pub struct ScyllaClusterDatacenterRacksVolumesScaleIo { /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly Defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. + /// secretRef references to the secret for ScaleIO user and other + /// sensitive information. If this is not provided, Login operation will fail. #[serde(rename = "secretRef")] pub secret_ref: ScyllaClusterDatacenterRacksVolumesScaleIoSecretRef, /// sslEnabled Flag enable/disable SSL communication with Gateway, default false #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + /// Default is ThinProvisioned. #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] pub storage_mode: Option, /// storagePool is the ScaleIO Storage Pool associated with the protection domain. @@ -1744,32 +2796,52 @@ pub struct ScyllaClusterDatacenterRacksVolumesScaleIo { pub storage_pool: Option, /// system is the name of the storage system as configured in ScaleIO. pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source. + /// volumeName is the name of a volume already created in the ScaleIO system + /// that is associated with this volume source. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, } -/// secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail. +/// secretRef references to the secret for ScaleIO user and other +/// sensitive information. If this is not provided, Login operation will fail. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesScaleIoSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret +/// secret represents a secret that should populate this volume. +/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// defaultMode is Optional: mode bits used to set permissions on created files by default. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values + /// for mode bits. Defaults to 0644. + /// Directories within the path are not affected by this setting. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. + /// items If unspecified, each key-value pair in the Data field of the referenced + /// Secret will be projected into the volume as a file whose name is the + /// key and content is the value. If specified, the listed keys will be + /// projected into the specified paths, and unlisted keys will not be + /// present. If a key is specified which is not present in the Secret, + /// the volume setup will error unless it is marked optional. Paths must be + /// relative and may not contain the '..' path or start with '..'. #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// optional field specify whether the Secret or its keys must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + /// secretName is the name of the secret in the pod's namespace to use. + /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] pub secret_name: Option, } @@ -1779,45 +2851,73 @@ pub struct ScyllaClusterDatacenterRacksVolumesSecret { pub struct ScyllaClusterDatacenterRacksVolumesSecretItems { /// key is the key to project. pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. + /// mode is Optional: mode bits used to set permissions on this file. + /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + /// If not specified, the volume defaultMode will be used. + /// This might be in conflict with other options that affect the file + /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none")] pub mode: Option, - /// path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. + /// path is the relative path of the file to map the key to. + /// May not be an absolute path. + /// May not contain the path element '..'. + /// May not start with the string '..'. pub path: String, } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesStorageos { - /// fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is the filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. + /// readOnly defaults to false (read/write). ReadOnly here will force + /// the ReadOnly setting in VolumeMounts. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. + /// secretRef specifies the secret to use for obtaining the StorageOS API + /// credentials. If not specified, default values will be attempted. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. + /// volumeName is the human-readable name of the StorageOS volume. Volume + /// names are only unique within a namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to "default" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created. + /// volumeNamespace specifies the scope of the volume within StorageOS. If no + /// namespace is specified then the Pod's namespace will be used. This allows the + /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + /// Set VolumeName to any name to override the default behaviour. + /// Set to "default" if you are not using namespaces within StorageOS. + /// Namespaces that do not pre-exist within StorageOS will be created. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] pub volume_namespace: Option, } -/// secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted. +/// secretRef specifies the secret to use for obtaining the StorageOS API +/// credentials. If not specified, default values will be attempted. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesStorageosSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterDatacenterRacksVolumesVsphereVolume { - /// fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + /// fsType is filesystem type to mount. + /// Must be a filesystem type supported by the host operating system. + /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. @@ -1831,13 +2931,16 @@ pub struct ScyllaClusterDatacenterRacksVolumesVsphereVolume { pub volume_path: String, } -/// exposeOptions specifies options for exposing ScyllaCluster services. This field is immutable. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. +/// exposeOptions specifies options for exposing ScyllaCluster services. +/// This field is immutable. +/// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterExposeOptions { /// BroadcastOptions defines how ScyllaDB node publishes its IP address to other nodes and clients. #[serde(default, skip_serializing_if = "Option::is_none", rename = "broadcastOptions")] pub broadcast_options: Option, - /// cql specifies expose options for CQL SSL backend. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. + /// cql specifies expose options for CQL SSL backend. + /// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[serde(default, skip_serializing_if = "Option::is_none")] pub cql: Option, /// nodeService controls properties of Service dedicated for each ScyllaCluster node. @@ -1848,15 +2951,18 @@ pub struct ScyllaClusterExposeOptions { /// BroadcastOptions defines how ScyllaDB node publishes its IP address to other nodes and clients. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterExposeOptionsBroadcastOptions { - /// clients specifies options related to the address that is broadcasted for communication with clients. This field controls the `broadcast_rpc_address` value in ScyllaDB config. + /// clients specifies options related to the address that is broadcasted for communication with clients. + /// This field controls the `broadcast_rpc_address` value in ScyllaDB config. #[serde(default, skip_serializing_if = "Option::is_none")] pub clients: Option, - /// nodes specifies options related to the address that is broadcasted for communication with other nodes. This field controls the `broadcast_address` value in ScyllaDB config. + /// nodes specifies options related to the address that is broadcasted for communication with other nodes. + /// This field controls the `broadcast_address` value in ScyllaDB config. #[serde(default, skip_serializing_if = "Option::is_none")] pub nodes: Option, } -/// clients specifies options related to the address that is broadcasted for communication with clients. This field controls the `broadcast_rpc_address` value in ScyllaDB config. +/// clients specifies options related to the address that is broadcasted for communication with clients. +/// This field controls the `broadcast_rpc_address` value in ScyllaDB config. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterExposeOptionsBroadcastOptionsClients { /// podIP holds options related to Pod IP address. @@ -1875,7 +2981,8 @@ pub struct ScyllaClusterExposeOptionsBroadcastOptionsClientsPodIp { pub source: Option, } -/// nodes specifies options related to the address that is broadcasted for communication with other nodes. This field controls the `broadcast_address` value in ScyllaDB config. +/// nodes specifies options related to the address that is broadcasted for communication with other nodes. +/// This field controls the `broadcast_address` value in ScyllaDB config. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterExposeOptionsBroadcastOptionsNodes { /// podIP holds options related to Pod IP address. @@ -1894,24 +3001,30 @@ pub struct ScyllaClusterExposeOptionsBroadcastOptionsNodesPodIp { pub source: Option, } -/// cql specifies expose options for CQL SSL backend. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. +/// cql specifies expose options for CQL SSL backend. +/// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterExposeOptionsCql { - /// ingress is an Ingress configuration options. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. + /// ingress is an Ingress configuration options. + /// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option, } -/// ingress is an Ingress configuration options. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. +/// ingress is an Ingress configuration options. +/// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterExposeOptionsCqlIngress { /// annotations is a custom key value map that gets merged with managed object annotations. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// disabled controls if Ingress object creation is disabled. Unless disabled, there is an Ingress objects created for every Scylla node. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. + /// disabled controls if Ingress object creation is disabled. + /// Unless disabled, there is an Ingress objects created for every Scylla node. + /// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[serde(default, skip_serializing_if = "Option::is_none")] pub disabled: Option, - /// ingressClassName specifies Ingress class name. EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. + /// ingressClassName specifies Ingress class name. + /// EXPERIMENTAL. Do not rely on any particular behaviour controlled by this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ingressClassName")] pub ingress_class_name: Option, /// labels is a custom key value map that gets merged with managed object labels. @@ -1922,22 +3035,26 @@ pub struct ScyllaClusterExposeOptionsCqlIngress { /// nodeService controls properties of Service dedicated for each ScyllaCluster node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterExposeOptionsNodeService { - /// allocateLoadBalancerNodePorts controls value of service.spec.allocateLoadBalancerNodePorts of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field. + /// allocateLoadBalancerNodePorts controls value of service.spec.allocateLoadBalancerNodePorts of each node Service. + /// Check Kubernetes corev1.Service documentation about semantic of this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocateLoadBalancerNodePorts")] pub allocate_load_balancer_node_ports: Option, /// annotations is a custom key value map that gets merged with managed object annotations. #[serde(default, skip_serializing_if = "Option::is_none")] pub annotations: Option>, - /// externalTrafficPolicy controls value of service.spec.externalTrafficPolicy of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field. + /// externalTrafficPolicy controls value of service.spec.externalTrafficPolicy of each node Service. + /// Check Kubernetes corev1.Service documentation about semantic of this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalTrafficPolicy")] pub external_traffic_policy: Option, - /// internalTrafficPolicy controls value of service.spec.internalTrafficPolicy of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field. + /// internalTrafficPolicy controls value of service.spec.internalTrafficPolicy of each node Service. + /// Check Kubernetes corev1.Service documentation about semantic of this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalTrafficPolicy")] pub internal_traffic_policy: Option, /// labels is a custom key value map that gets merged with managed object labels. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, - /// loadBalancerClass controls value of service.spec.loadBalancerClass of each node Service. Check Kubernetes corev1.Service documentation about semantic of this field. + /// loadBalancerClass controls value of service.spec.loadBalancerClass of each node Service. + /// Check Kubernetes corev1.Service documentation about semantic of this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerClass")] pub load_balancer_class: Option, /// type is the Kubernetes Service type. @@ -1948,18 +3065,27 @@ pub struct ScyllaClusterExposeOptionsNodeService { /// genericUpgrade allows to configure behavior of generic upgrade logic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterGenericUpgrade { - /// failureStrategy specifies which logic is executed when upgrade failure happens. Currently only Retry is supported. + /// failureStrategy specifies which logic is executed when upgrade failure happens. + /// Currently only Retry is supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureStrategy")] pub failure_strategy: Option, - /// pollInterval specifies how often upgrade logic polls on state updates. Increasing this value should lower number of requests sent to apiserver, but it may affect overall time spent during upgrade. DEPRECATED. + /// pollInterval specifies how often upgrade logic polls on state updates. + /// Increasing this value should lower number of requests sent to apiserver, but it may affect + /// overall time spent during upgrade. + /// DEPRECATED. #[serde(default, skip_serializing_if = "Option::is_none", rename = "pollInterval")] pub poll_interval: Option, } -/// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterImagePullSecrets { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -1970,7 +3096,9 @@ pub struct ScyllaClusterNetwork { /// dnsPolicy defines how a pod's DNS will be configured. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsPolicy")] pub dns_policy: Option, - /// hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP. Deprecated: `hostNetworking` is deprecated and may be ignored in the future. + /// hostNetworking determines if scylla uses the host's network namespace. Setting this option + /// avoids going through Kubernetes SDN and exposes scylla on node's IP. + /// Deprecated: `hostNetworking` is deprecated and may be ignored in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetworking")] pub host_networking: Option, } @@ -1999,7 +3127,8 @@ pub struct ScyllaClusterRepairs { /// cron specifies the task schedule as a cron expression. It supports an extended syntax including @monthly, @weekly, @daily, @midnight, @hourly, @every X[h|m|s]. #[serde(default, skip_serializing_if = "Option::is_none")] pub cron: Option, - /// dc is a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs to include or exclude from backup. + /// dc is a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs + /// to include or exclude from backup. #[serde(default, skip_serializing_if = "Option::is_none")] pub dc: Option>, /// failFast indicates if a repair should be stopped on first error. @@ -2008,13 +3137,21 @@ pub struct ScyllaClusterRepairs { /// host specifies a host to repair. If empty, all hosts are repaired. #[serde(default, skip_serializing_if = "Option::is_none")] pub host: Option, - /// intensity indicates how many token ranges (per shard) to repair in a single Scylla repair job. By default this is 1. If you set it to 0 the number of token ranges is adjusted to the maximum supported by node (see max_repair_ranges_in_parallel in Scylla logs). Valid values are 0 and integers >= 1. Higher values will result in increased cluster load and slightly faster repairs. Changing the intensity impacts repair granularity if you need to resume it, the higher the value the more work on resume. For Scylla clusters that *do not support row-level repair*, intensity can be a decimal between (0,1). In that case it specifies percent of shards that can be repaired in parallel on a repair master node. For Scylla clusters that are row-level repair enabled, setting intensity below 1 has the same effect as setting intensity 1. + /// intensity indicates how many token ranges (per shard) to repair in a single Scylla repair job. By default this is 1. + /// If you set it to 0 the number of token ranges is adjusted to the maximum supported by node (see max_repair_ranges_in_parallel in Scylla logs). + /// Valid values are 0 and integers >= 1. Higher values will result in increased cluster load and slightly faster repairs. + /// Changing the intensity impacts repair granularity if you need to resume it, the higher the value the more work on resume. + /// For Scylla clusters that *do not support row-level repair*, intensity can be a decimal between (0,1). + /// In that case it specifies percent of shards that can be repaired in parallel on a repair master node. + /// For Scylla clusters that are row-level repair enabled, setting intensity below 1 has the same effect as setting intensity 1. #[serde(default, skip_serializing_if = "Option::is_none")] pub intensity: Option, - /// interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s. Deprecated: please use cron instead. + /// interval represents a task schedule interval e.g. 3d2h10m, valid units are d, h, m, s. + /// Deprecated: please use cron instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, - /// keyspace is a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair. + /// keyspace is a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' + /// used to include or exclude keyspaces from repair. #[serde(default, skip_serializing_if = "Option::is_none")] pub keyspace: Option>, /// name specifies the name of a task. @@ -2023,13 +3160,18 @@ pub struct ScyllaClusterRepairs { /// numRetries indicates how many times a scheduled task will be retried before failing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "numRetries")] pub num_retries: Option, - /// parallel is the maximum number of Scylla repair jobs that can run at the same time (on different token ranges and replicas). Each node can take part in at most one repair at any given moment. By default the maximum possible parallelism is used. The effective parallelism depends on a keyspace replication factor (RF) and the number of nodes. The formula to calculate it is as follows: number of nodes / RF, ex. for 6 node cluster with RF=3 the maximum parallelism is 2. + /// parallel is the maximum number of Scylla repair jobs that can run at the same time (on different token ranges and replicas). + /// Each node can take part in at most one repair at any given moment. By default the maximum possible parallelism is used. + /// The effective parallelism depends on a keyspace replication factor (RF) and the number of nodes. + /// The formula to calculate it is as follows: number of nodes / RF, ex. for 6 node cluster with RF=3 the maximum parallelism is 2. #[serde(default, skip_serializing_if = "Option::is_none")] pub parallel: Option, - /// smallTableThreshold enable small table optimization for tables of size lower than given threshold. Supported units [B, MiB, GiB, TiB]. + /// smallTableThreshold enable small table optimization for tables of size lower than given threshold. + /// Supported units [B, MiB, GiB, TiB]. #[serde(default, skip_serializing_if = "Option::is_none", rename = "smallTableThreshold")] pub small_table_threshold: Option, - /// startDate specifies the task start date expressed in the RFC3339 format or now[+duration], e.g. now+3d2h10m, valid units are d, h, m, s. + /// startDate specifies the task start date expressed in the RFC3339 format or now[+duration], + /// e.g. now+3d2h10m, valid units are d, h, m, s. #[serde(default, skip_serializing_if = "Option::is_none", rename = "startDate")] pub start_date: Option, /// timezone specifies the timezone of cron field. @@ -2046,7 +3188,8 @@ pub struct ScyllaClusterStatus { /// backups reflects status of backup tasks. #[serde(default, skip_serializing_if = "Option::is_none")] pub backups: Option>, - /// conditions hold conditions describing ScyllaCluster state. To determine whether a cluster rollout is finished, look for Available=True,Progressing=False,Degraded=False. + /// conditions hold conditions describing ScyllaCluster state. + /// To determine whether a cluster rollout is finished, look for Available=True,Progressing=False,Degraded=False. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, /// managerId contains ID under which cluster was registered in Scylla Manager. @@ -2055,7 +3198,8 @@ pub struct ScyllaClusterStatus { /// members is the number of ScyllaDB members in all racks. #[serde(default, skip_serializing_if = "Option::is_none")] pub members: Option, - /// observedGeneration is the most recent generation observed for this ScyllaCluster. It corresponds to the ScyllaCluster's generation, which is updated on mutation by the API Server. + /// observedGeneration is the most recent generation observed for this ScyllaCluster. It corresponds to the + /// ScyllaCluster's generation, which is updated on mutation by the API Server. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, /// rackCount is the number of ScyllaDB racks in this cluster. @@ -2080,7 +3224,8 @@ pub struct ScyllaClusterStatusBackups { /// cron reflects the task schedule as a cron expression. #[serde(default, skip_serializing_if = "Option::is_none")] pub cron: Option, - /// dc reflects a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs to include or exclude from backup. + /// dc reflects a list of datacenter glob patterns, e.g. 'dc1,!otherdc*' used to specify the DCs + /// to include or exclude from backup. #[serde(default, skip_serializing_if = "Option::is_none")] pub dc: Option>, /// error holds the task error, if any. @@ -2092,7 +3237,8 @@ pub struct ScyllaClusterStatusBackups { /// interval reflects a task schedule interval. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, - /// keyspace reflects a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair. + /// keyspace reflects a list of keyspace/tables glob patterns, + /// e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair. #[serde(default, skip_serializing_if = "Option::is_none")] pub keyspace: Option>, /// labels reflects the labels of a task. @@ -2142,10 +3288,13 @@ pub struct ScyllaClusterStatusRacks { /// readyMembers is the number of ready members in the specific Rack #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyMembers")] pub ready_members: Option, - /// replace_address_first_boot holds addresses which should be replaced by new nodes. DEPRECATED: since Scylla Operator 1.10 it's only used for deprecated replace node procedure (ScyllaDB OS <5.2, Enterprise <2023.1). With Scylla Operator 1.11+ this field may be empty. + /// replace_address_first_boot holds addresses which should be replaced by new nodes. + /// DEPRECATED: since Scylla Operator 1.10 it's only used for deprecated replace node procedure (ScyllaDB OS <5.2, Enterprise <2023.1). + /// With Scylla Operator 1.11+ this field may be empty. #[serde(default, skip_serializing_if = "Option::is_none")] pub replace_address_first_boot: Option>, - /// stale indicates if the current rack status is collected for a previous generation. stale should eventually become false when the appropriate controller writes a fresh status. + /// stale indicates if the current rack status is collected for a previous generation. + /// stale should eventually become false when the appropriate controller writes a fresh status. #[serde(default, skip_serializing_if = "Option::is_none")] pub stale: Option, /// updatedMembers is the number of members matching the current spec. @@ -2172,7 +3321,8 @@ pub struct ScyllaClusterStatusRepairs { /// cron reflects the task schedule as a cron expression. #[serde(default, skip_serializing_if = "Option::is_none")] pub cron: Option, - /// dc reflects a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs to include or exclude from repair. + /// dc reflects a list of datacenter glob patterns, e.g. 'dc1', '!otherdc*' used to specify the DCs + /// to include or exclude from repair. #[serde(default, skip_serializing_if = "Option::is_none")] pub dc: Option>, /// error holds the task error, if any. @@ -2193,7 +3343,8 @@ pub struct ScyllaClusterStatusRepairs { /// interval reflects a task schedule interval. #[serde(default, skip_serializing_if = "Option::is_none")] pub interval: Option, - /// keyspace reflects a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' used to include or exclude keyspaces from repair. + /// keyspace reflects a list of keyspace/tables glob patterns, e.g. 'keyspace,!keyspace.table_prefix_*' + /// used to include or exclude keyspaces from repair. #[serde(default, skip_serializing_if = "Option::is_none")] pub keyspace: Option>, /// labels reflects the labels of a task. @@ -2222,10 +3373,12 @@ pub struct ScyllaClusterStatusRepairs { /// upgrade reflects state of ongoing upgrade procedure. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScyllaClusterStatusUpgrade { - /// currentNode node under upgrade. DEPRECATED. + /// currentNode node under upgrade. + /// DEPRECATED. #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentNode")] pub current_node: Option, - /// currentRack rack under upgrade. DEPRECATED. + /// currentRack rack under upgrade. + /// DEPRECATED. #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentRack")] pub current_rack: Option, /// dataSnapshotTag is the snapshot tag of data keyspaces. diff --git a/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs b/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs index 501cac49c..980881a6a 100644 --- a/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs +++ b/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/nodeconfigs.rs @@ -19,7 +19,9 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct NodeConfigSpec { - /// disableOptimizations controls if nodes matching placement requirements are going to be optimized. Turning off optimizations on already optimized Nodes does not revert changes. + /// disableOptimizations controls if nodes matching placement requirements + /// are going to be optimized. Turning off optimizations on already optimized + /// Nodes does not revert changes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "disableOptimizations")] pub disable_optimizations: Option, /// localDiskSetup contains options of automatic local disk setup. @@ -80,10 +82,12 @@ pub struct NodeConfigLocalDiskSetupMounts { /// fsType specifies the filesystem on the device. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, - /// mountPoint is a path where the device should be mounted at. If the mountPoint is a symlink, the mount will be set up for the target. + /// mountPoint is a path where the device should be mounted at. + /// If the mountPoint is a symlink, the mount will be set up for the target. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPoint")] pub mount_point: Option, - /// unsupportedOptions is a list of mount options used during device mounting. unsupported in this field name means that we won't support all the available options passed down using this field. + /// unsupportedOptions is a list of mount options used during device mounting. + /// unsupported in this field name means that we won't support all the available options passed down using this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unsupportedOptions")] pub unsupported_options: Option>, } @@ -127,7 +131,8 @@ pub struct NodeConfigPlacement { /// affinity is a group of affinity scheduling rules for NodeConfig Pods. #[serde(default, skip_serializing_if = "Option::is_none")] pub affinity: Option, - /// nodeSelector is a selector which must be true for the NodeConfig Pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. + /// nodeSelector is a selector which must be true for the NodeConfig Pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. #[serde(rename = "nodeSelector")] pub node_selector: BTreeMap, /// tolerations is a group of tolerations NodeConfig Pods are going to have. @@ -152,15 +157,28 @@ pub struct NodeConfigPlacementAffinity { /// Describes node affinity scheduling rules for the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option, } -/// An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { /// A node selector term, associated with the corresponding weight. @@ -180,31 +198,47 @@ pub struct NodeConfigPlacementAffinityNodeAffinityPreferredDuringSchedulingIgnor pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// Required. A list of node selector terms. The terms are ORed. @@ -212,7 +246,9 @@ pub struct NodeConfigPlacementAffinityNodeAffinityRequiredDuringSchedulingIgnore pub node_selector_terms: Vec, } -/// A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { /// A list of node selector requirements by node's labels. @@ -223,26 +259,38 @@ pub struct NodeConfigPlacementAffinityNodeAffinityRequiredDuringSchedulingIgnore pub match_fields: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { /// The label key that the selector applies to. pub key: String, - /// Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. pub operator: String, - /// An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -250,10 +298,24 @@ pub struct NodeConfigPlacementAffinityNodeAffinityRequiredDuringSchedulingIgnore /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -264,144 +326,244 @@ pub struct NodeConfigPlacementAffinityPodAffinityPreferredDuringSchedulingIgnore /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: NodeConfigPlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } @@ -409,10 +571,24 @@ pub struct NodeConfigPlacementAffinityPodAffinityRequiredDuringSchedulingIgnored /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] pub required_during_scheduling_ignored_during_execution: Option>, } @@ -423,164 +599,274 @@ pub struct NodeConfigPlacementAffinityPodAntiAffinityPreferredDuringSchedulingIg /// Required. A pod affinity term, associated with the corresponding weight. #[serde(rename = "podAffinityTerm")] pub pod_affinity_term: NodeConfigPlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. pub weight: i32, } /// Required. A pod affinity term, associated with the corresponding weight. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, - /// MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, - /// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". #[serde(default, skip_serializing_if = "Option::is_none")] pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. #[serde(rename = "topologyKey")] pub topology_key: String, } -/// A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } -/// A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { /// key is the label key that the selector applies to. pub key: String, - /// operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] pub values: Option>, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodeConfigPlacementTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } diff --git a/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/scyllaoperatorconfigs.rs b/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/scyllaoperatorconfigs.rs index e7aa1a959..9ff42bb7b 100644 --- a/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/scyllaoperatorconfigs.rs +++ b/kube-custom-resources-rs/src/scylla_scylladb_com/v1alpha1/scyllaoperatorconfigs.rs @@ -6,6 +6,7 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; @@ -17,16 +18,25 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ScyllaOperatorConfigSpec { + /// configuredClusterDomain allows users to set the configured Kubernetes cluster domain explicitly, instead of letting Scylla Operator automatically discover it. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configuredClusterDomain")] + pub configured_cluster_domain: Option, /// scyllaUtilsImage is a ScyllaDB image used for running ScyllaDB utilities. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scyllaUtilsImage")] pub scylla_utils_image: Option, - /// unsupportedBashToolsImageOverride allows to adjust a generic Bash image with extra tools used by the operator for auxiliary purposes. Setting this field renders your cluster unsupported. Use at your own risk. + /// unsupportedBashToolsImageOverride allows to adjust a generic Bash image with extra tools used by the operator + /// for auxiliary purposes. + /// Setting this field renders your cluster unsupported. Use at your own risk. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unsupportedBashToolsImageOverride")] pub unsupported_bash_tools_image_override: Option, - /// unsupportedGrafanaImageOverride allows to adjust Grafana image used by the operator for testing, dev or emergencies. Setting this field renders your cluster unsupported. Use at your own risk. + /// unsupportedGrafanaImageOverride allows to adjust Grafana image used by the operator + /// for testing, dev or emergencies. + /// Setting this field renders your cluster unsupported. Use at your own risk. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unsupportedGrafanaImageOverride")] pub unsupported_grafana_image_override: Option, - /// unsupportedPrometheusVersionOverride allows to adjust Prometheus version used by the operator for testing, dev or emergencies. Setting this field renders your cluster unsupported. Use at your own risk. + /// unsupportedPrometheusVersionOverride allows to adjust Prometheus version used by the operator + /// for testing, dev or emergencies. + /// Setting this field renders your cluster unsupported. Use at your own risk. #[serde(default, skip_serializing_if = "Option::is_none", rename = "unsupportedPrometheusVersionOverride")] pub unsupported_prometheus_version_override: Option, } @@ -37,10 +47,17 @@ pub struct ScyllaOperatorConfigStatus { /// bashToolsImage is a generic Bash image with extra tools used by the operator for auxiliary purposes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "bashToolsImage")] pub bash_tools_image: Option, + /// clusterDomain is the Kubernetes cluster domain used by the Scylla Operator. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDomain")] + pub cluster_domain: Option, + /// conditions hold conditions describing ScyllaOperatorConfig state. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, /// grafanaImage is the image used by the operator to create a Grafana instance. #[serde(default, skip_serializing_if = "Option::is_none", rename = "grafanaImage")] pub grafana_image: Option, - /// observedGeneration is the most recent generation observed for this ScyllaOperatorConfig. It corresponds to the ScyllaOperatorConfig's generation, which is updated on mutation by the API Server. + /// observedGeneration is the most recent generation observed for this ScyllaOperatorConfig. It corresponds to the + /// ScyllaOperatorConfig's generation, which is updated on mutation by the API Server. #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] pub observed_generation: Option, /// prometheusVersion is the Prometheus version used by the operator to create a Prometheus instance. diff --git a/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs b/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs index 41739e874..f2387ac31 100644 --- a/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs +++ b/kube-custom-resources-rs/src/secrets_hashicorp_com/v1beta1/vaultstaticsecrets.rs @@ -44,7 +44,7 @@ pub struct VaultStaticSecretSpec { /// not support dynamically reloading a rotated secret. /// In that case one, or more RolloutRestartTarget(s) can be configured here. The Operator will /// trigger a "rollout-restart" for each target whenever the Vault secret changes between reconciliation events. - /// All configured targets wil be ignored if HMACSecretData is set to false. + /// All configured targets will be ignored if HMACSecretData is set to false. /// See RolloutRestartTarget for more details. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rolloutRestartTargets")] pub rollout_restart_targets: Option>, diff --git a/kube-custom-resources-rs/src/secrets_stackable_tech/v1alpha1/secretclasses.rs b/kube-custom-resources-rs/src/secrets_stackable_tech/v1alpha1/secretclasses.rs index 28871f08a..e4a9ca3b6 100644 --- a/kube-custom-resources-rs/src/secrets_stackable_tech/v1alpha1/secretclasses.rs +++ b/kube-custom-resources-rs/src/secrets_stackable_tech/v1alpha1/secretclasses.rs @@ -121,6 +121,9 @@ pub struct SecretClassBackendExperimentalCertManager { pub default_certificate_lifetime: Option, /// A reference to the cert-manager issuer that the certificates should be requested from. pub issuer: SecretClassBackendExperimentalCertManagerIssuer, + /// The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keyGeneration")] + pub key_generation: Option, } /// A reference to the cert-manager issuer that the certificates should be requested from. @@ -141,6 +144,29 @@ pub enum SecretClassBackendExperimentalCertManagerIssuerKind { ClusterIssuer, } +/// The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretClassBackendExperimentalCertManagerKeyGeneration { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rsa: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretClassBackendExperimentalCertManagerKeyGenerationRsa { + /// The amount of bits used for generating the RSA keypair. Currently, `2048`, `3072` and `4096` are supported. Defaults to `2048` bits. + pub length: i64, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum SecretClassBackendExperimentalCertManagerKeyGenerationRsaLength { + #[serde(rename = "2048")] + r#_2048, + #[serde(rename = "3072")] + r#_3072, + #[serde(rename = "4096")] + r#_4096, +} + /// The [`k8sSearch` backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-k8ssearch) can be used to mount Secrets across namespaces into Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretClassBackendK8sSearch { diff --git a/kube-custom-resources-rs/src/secretsmanager_services_k8s_aws/v1alpha1/secrets.rs b/kube-custom-resources-rs/src/secretsmanager_services_k8s_aws/v1alpha1/secrets.rs index a8484045b..d36649935 100644 --- a/kube-custom-resources-rs/src/secretsmanager_services_k8s_aws/v1alpha1/secrets.rs +++ b/kube-custom-resources-rs/src/secretsmanager_services_k8s_aws/v1alpha1/secrets.rs @@ -64,6 +64,10 @@ pub struct SecretSpec { /// Manager puts the protected secret text in only the SecretString parameter. /// The Secrets Manager console stores the information as a JSON structure of /// key/value pairs that a Lambda rotation function can parse. + /// + /// Sensitive: This field contains sensitive information, so the service does + /// not include it in CloudTrail log entries. If you create your own log entries, + /// you must also avoid logging the information in this field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretString")] pub secret_string: Option, /// A list of tags to attach to the secret. Each tag is a key and value pair @@ -111,6 +115,10 @@ pub struct SecretReplicaRegions { /// Manager puts the protected secret text in only the SecretString parameter. /// The Secrets Manager console stores the information as a JSON structure of /// key/value pairs that a Lambda rotation function can parse. +/// +/// Sensitive: This field contains sensitive information, so the service does +/// not include it in CloudTrail log entries. If you create your own log entries, +/// you must also avoid logging the information in this field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretSecretString { /// Key is the key within the secret @@ -140,7 +148,7 @@ pub struct SecretStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/apparmorprofiles.rs b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/apparmorprofiles.rs index f93964aaf..40aea4b82 100644 --- a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/apparmorprofiles.rs +++ b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/apparmorprofiles.rs @@ -6,77 +6,113 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; + pub use k8s_openapi::apimachinery::pkg::apis::meta::v1::Condition; } use self::prelude::*; -/// AppArmorProfileSpec defines the desired state of AppArmorProfile +/// AppArmorProfileSpec defines the desired state of AppArmorProfile. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "security-profiles-operator.x-k8s.io", version = "v1alpha1", kind = "AppArmorProfile", plural = "apparmorprofiles")] -#[kube(namespaced)] +#[kube(status = "AppArmorProfileStatus")] #[kube(schema = "disabled")] #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct AppArmorProfileSpec { + /// Abstract stores the apparmor profile allow lists for executable, file, network and capabilities access. #[serde(default, skip_serializing_if = "Option::is_none", rename = "abstract")] pub r#abstract: Option, + /// ComplainMode places the apparmor profile into "complain" mode, by default is placed in "enforce" mode. + /// In complain mode, if a given action is not allowed, it will be allowed, but this violation will be + /// logged with a tag of access being "ALLOWED unconfined". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "complainMode")] + pub complain_mode: Option, + /// Whether the profile is disabled and should be skipped during reconciliation. #[serde(default, skip_serializing_if = "Option::is_none")] - pub policy: Option, + pub disabled: Option, } +/// Abstract stores the apparmor profile allow lists for executable, file, network and capabilities access. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppArmorProfileAbstract { + /// Capability rules for Linux capabilities. #[serde(default, skip_serializing_if = "Option::is_none")] pub capability: Option, + /// Executable rules for allowed executables. #[serde(default, skip_serializing_if = "Option::is_none")] pub executable: Option, + /// Filesystem rules for filesystem access. #[serde(default, skip_serializing_if = "Option::is_none")] pub filesystem: Option, + /// Network rules for network access. #[serde(default, skip_serializing_if = "Option::is_none")] pub network: Option, } +/// Capability rules for Linux capabilities. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppArmorProfileAbstractCapability { + /// AllowedCapabilities lost of allowed capabilities. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedCapabilities")] pub allowed_capabilities: Option>, } +/// Executable rules for allowed executables. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppArmorProfileAbstractExecutable { + /// AllowedExecutables list of allowed executables. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedExecutables")] pub allowed_executables: Option>, + /// AllowedLibraries list of allowed libraries. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedLibraries")] pub allowed_libraries: Option>, } +/// Filesystem rules for filesystem access. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppArmorProfileAbstractFilesystem { + /// ReadOnlyPaths list of allowed read only file paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyPaths")] pub read_only_paths: Option>, + /// ReadWritePaths list of allowed read write file paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readWritePaths")] pub read_write_paths: Option>, + /// WriteOnlyPaths list of allowed write only file paths. #[serde(default, skip_serializing_if = "Option::is_none", rename = "writeOnlyPaths")] pub write_only_paths: Option>, } +/// Network rules for network access. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppArmorProfileAbstractNetwork { + /// AllowRaw allows raw sockets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowRaw")] pub allow_raw: Option, + /// Protocols keeps the allowed networking protocols. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowedProtocols")] pub allowed_protocols: Option, } +/// Protocols keeps the allowed networking protocols. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppArmorProfileAbstractNetworkAllowedProtocols { + /// AllowTCP allows TCP socket connections. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowTcp")] pub allow_tcp: Option, + /// AllowUDP allows UDP sockets connections. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowUdp")] pub allow_udp: Option, } -/// AppArmorProfileStatus defines the observed state of AppArmorProfile +/// AppArmorProfileStatus defines the observed state of AppArmorProfile. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AppArmorProfileStatus { + /// Conditions of the resource. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub conditions: Option>, + /// ProfileState defines the state that the profile is in. A profile in this context + /// refers to a SeccompProfile or a SELinux profile, the states are shared between them + /// as well as the management API. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub status: Option, } diff --git a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilenodestatuses.rs b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilenodestatuses.rs index 5f3854477..a8b37c615 100644 --- a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilenodestatuses.rs +++ b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilenodestatuses.rs @@ -11,7 +11,6 @@ use self::prelude::*; #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "security-profiles-operator.x-k8s.io", version = "v1alpha1", kind = "SecurityProfileNodeStatus", plural = "securityprofilenodestatuses")] -#[kube(namespaced)] #[kube(schema = "disabled")] #[kube(derive="Default")] #[kube(derive="PartialEq")] diff --git a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilesoperatordaemons.rs b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilesoperatordaemons.rs index b344f9321..0b16f167b 100644 --- a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilesoperatordaemons.rs +++ b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha1/securityprofilesoperatordaemons.rs @@ -302,24 +302,24 @@ pub struct SecurityProfilesOperatorDaemonAffinityPodAffinityPreferredDuringSched pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -423,24 +423,24 @@ pub struct SecurityProfilesOperatorDaemonAffinityPodAffinityRequiredDuringSchedu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -575,24 +575,24 @@ pub struct SecurityProfilesOperatorDaemonAffinityPodAntiAffinityPreferredDuringS pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -696,24 +696,24 @@ pub struct SecurityProfilesOperatorDaemonAffinityPodAntiAffinityRequiredDuringSc pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -810,11 +810,9 @@ pub struct SecurityProfilesOperatorDaemonDaemonResourceRequirements { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -837,6 +835,11 @@ pub struct SecurityProfilesOperatorDaemonDaemonResourceRequirementsClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// LocalObjectReference contains enough information to let you locate the @@ -844,8 +847,10 @@ pub struct SecurityProfilesOperatorDaemonDaemonResourceRequirementsClaims { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecurityProfilesOperatorDaemonImagePullSecrets { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha2/rawselinuxprofiles.rs b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha2/rawselinuxprofiles.rs index a203a1452..9e90bcf2a 100644 --- a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha2/rawselinuxprofiles.rs +++ b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1alpha2/rawselinuxprofiles.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// RawSelinuxProfileSpec defines the desired state of RawSelinuxProfile. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "security-profiles-operator.x-k8s.io", version = "v1alpha2", kind = "RawSelinuxProfile", plural = "rawselinuxprofiles")] -#[kube(namespaced)] #[kube(status = "RawSelinuxProfileStatus")] #[kube(schema = "disabled")] #[kube(derive="Default")] diff --git a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1beta1/seccompprofiles.rs b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1beta1/seccompprofiles.rs index 63fa5af65..dc4a5b69f 100644 --- a/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1beta1/seccompprofiles.rs +++ b/kube-custom-resources-rs/src/security_profiles_operator_x_k8s_io/v1beta1/seccompprofiles.rs @@ -13,7 +13,6 @@ use self::prelude::*; /// SeccompProfileSpec defines the desired state of SeccompProfile. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, PartialEq)] #[kube(group = "security-profiles-operator.x-k8s.io", version = "v1beta1", kind = "SeccompProfile", plural = "seccompprofiles")] -#[kube(namespaced)] #[kube(status = "SeccompProfileStatus")] #[kube(schema = "disabled")] #[kube(derive="PartialEq")] diff --git a/kube-custom-resources-rs/src/self_node_remediation_medik8s_io/v1alpha1/selfnoderemediationconfigs.rs b/kube-custom-resources-rs/src/self_node_remediation_medik8s_io/v1alpha1/selfnoderemediationconfigs.rs index 6bbac9eca..43793b39d 100644 --- a/kube-custom-resources-rs/src/self_node_remediation_medik8s_io/v1alpha1/selfnoderemediationconfigs.rs +++ b/kube-custom-resources-rs/src/self_node_remediation_medik8s_io/v1alpha1/selfnoderemediationconfigs.rs @@ -45,6 +45,13 @@ pub struct SelfNodeRemediationConfigSpec { /// After this threshold, the node will start contacting its peers. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxApiErrorThreshold")] pub max_api_error_threshold: Option, + /// Minimum number of peer workers/control nodes to attempt to contact before deciding if node is unhealthy or not + /// if set to zero, no other peers will be required to be present for remediation action to occur when this + /// node has lost API server access. If an insufficient number of peers are found, we will not attempt to ask + /// any peer nodes (if present) whether they see that the current node has been marked unhealthy with a + /// SelfNodeRemediation CR + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minPeersForRemediation")] + pub min_peers_for_remediation: Option, /// The timeout for api-server connectivity check. /// Valid time units are "ms", "s", "m", "h". #[serde(default, skip_serializing_if = "Option::is_none", rename = "peerApiServerTimeout")] diff --git a/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/activities.rs b/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/activities.rs index cc774c24c..1341da034 100644 --- a/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/activities.rs +++ b/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/activities.rs @@ -19,32 +19,21 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ActivitySpec { - /// The name of the activity to create. This name must be unique for your AWS - /// account and region for 90 days. For more information, see Limits Related - /// to State Machine Executions (https://docs.aws.amazon.com/step-functions/latest/dg/limits.html#service-limits-state-machine-executions) - /// in the AWS Step Functions Developer Guide. + /// The name of the activity to create. This name must be unique for your Amazon + /// Web Services account and region for 90 days. For more information, see Limits + /// Related to State Machine Executions (https://docs.aws.amazon.com/step-functions/latest/dg/limits.html#service-limits-state-machine-executions) + /// in the Step Functions Developer Guide. /// /// A name must not contain: /// /// * white space - /// - /// * brackets < > { } [ ] - /// - /// * wildcard characters ? * - /// - /// * special characters " # % \ ^ | ~ ` $ & , ; : / - /// - /// * control characters (U+0000-001F, U+007F-009F) - /// - /// To enable logging with CloudWatch Logs, the name should only contain 0-9, - /// A-Z, a-z, - and _. pub name: String, /// The list of tags to add to a resource. /// /// An array of key-value pairs. For more information, see Using Cost Allocation /// Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) - /// in the AWS Billing and Cost Management User Guide, and Controlling Access - /// Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). + /// in the Amazon Web Services Billing and Cost Management User Guide, and Controlling + /// Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). /// /// Tags may only contain Unicode letters, digits, white space, or these symbols: /// _ . : / = + - @. @@ -57,8 +46,8 @@ pub struct ActivitySpec { /// /// An array of key-value pairs. For more information, see Using Cost Allocation /// Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) -/// in the AWS Billing and Cost Management User Guide, and Controlling Access -/// Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). +/// in the Amazon Web Services Billing and Cost Management User Guide, and Controlling +/// Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). /// /// Tags may only contain Unicode letters, digits, white space, or these symbols: /// _ . : / = + - @. @@ -78,7 +67,7 @@ pub struct ActivityStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/statemachines.rs b/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/statemachines.rs index 6862e509f..b8d2119c1 100644 --- a/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/statemachines.rs +++ b/kube-custom-resources-rs/src/sfn_services_k8s_aws/v1alpha1/statemachines.rs @@ -26,7 +26,7 @@ pub struct StateMachineSpec { /// /// By default, the level is set to OFF. For more information see Log Levels /// (https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) - /// in the AWS Step Functions User Guide. + /// in the Step Functions User Guide. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loggingConfiguration")] pub logging_configuration: Option, /// The name of the state machine. @@ -34,17 +34,6 @@ pub struct StateMachineSpec { /// A name must not contain: /// /// * white space - /// - /// * brackets < > { } [ ] - /// - /// * wildcard characters ? * - /// - /// * special characters " # % \ ^ | ~ ` $ & , ; : / - /// - /// * control characters (U+0000-001F, U+007F-009F) - /// - /// To enable logging with CloudWatch Logs, the name should only contain 0-9, - /// A-Z, a-z, - and _. pub name: String, /// The Amazon Resource Name (ARN) of the IAM role to use for this state machine. #[serde(rename = "roleARN")] @@ -53,14 +42,14 @@ pub struct StateMachineSpec { /// /// An array of key-value pairs. For more information, see Using Cost Allocation /// Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) - /// in the AWS Billing and Cost Management User Guide, and Controlling Access - /// Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). + /// in the Amazon Web Services Billing and Cost Management User Guide, and Controlling + /// Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). /// /// Tags may only contain Unicode letters, digits, white space, or these symbols: /// _ . : / = + - @. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, - /// Selects whether AWS X-Ray tracing is enabled. + /// Selects whether X-Ray tracing is enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tracingConfiguration")] pub tracing_configuration: Option, /// Determines whether a Standard or Express state machine is created. The default @@ -74,7 +63,7 @@ pub struct StateMachineSpec { /// /// By default, the level is set to OFF. For more information see Log Levels /// (https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) -/// in the AWS Step Functions User Guide. +/// in the Step Functions User Guide. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StateMachineLoggingConfiguration { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -102,8 +91,8 @@ pub struct StateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroup { /// /// An array of key-value pairs. For more information, see Using Cost Allocation /// Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) -/// in the AWS Billing and Cost Management User Guide, and Controlling Access -/// Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). +/// in the Amazon Web Services Billing and Cost Management User Guide, and Controlling +/// Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html). /// /// Tags may only contain Unicode letters, digits, white space, or these symbols: /// _ . : / = + - @. @@ -115,7 +104,7 @@ pub struct StateMachineTags { pub value: Option, } -/// Selects whether AWS X-Ray tracing is enabled. +/// Selects whether X-Ray tracing is enabled. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct StateMachineTracingConfiguration { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -130,7 +119,7 @@ pub struct StateMachineStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs index 7c824b8e3..4b81a45b9 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs @@ -227,7 +227,7 @@ pub struct PlatformApplicationStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs index 6baf06642..4b96ca729 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs @@ -19,8 +19,6 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct PlatformEndpointSpec { - /// Arbitrary user data to associate with the endpoint. Amazon SNS does not use - /// this data. The data must be in UTF-8 format and less than 2KB. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customUserData")] pub custom_user_data: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -29,12 +27,6 @@ pub struct PlatformEndpointSpec { /// create a an endpoint. #[serde(rename = "platformApplicationARN")] pub platform_application_arn: String, - /// Unique identifier created by the notification service for an app on a device. - /// The specific name for Token will vary, depending on which notification service - /// is being used. For example, when using APNS as the notification service, - /// you need the device token. Alternatively, when using GCM (Firebase Cloud - /// Messaging) or ADM, the device token equivalent is called the registration - /// ID. pub token: String, } @@ -46,7 +38,7 @@ pub struct PlatformEndpointStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs index 74b926daf..4d1c9d921 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs @@ -128,7 +128,7 @@ pub struct SubscriptionStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs index 622c0f032..fc12cbe9a 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs @@ -148,7 +148,7 @@ pub struct TopicStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1/gitrepositories.rs b/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1/gitrepositories.rs index 12db035c3..aeb0ccb60 100644 --- a/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1/gitrepositories.rs +++ b/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1/gitrepositories.rs @@ -34,7 +34,7 @@ pub struct GitRepositorySpec { /// This interval is approximate and may be subject to jitter to ensure /// efficient use of resources. pub interval: String, - /// Provider used for authentication, can be 'azure', 'generic'. + /// Provider used for authentication, can be 'azure', 'github', 'generic'. /// When not specified, defaults to 'generic'. #[serde(default, skip_serializing_if = "Option::is_none")] pub provider: Option, @@ -106,6 +106,8 @@ pub enum GitRepositoryProvider { Generic, #[serde(rename = "azure")] Azure, + #[serde(rename = "github")] + Github, } /// ProxySecretRef specifies the Secret containing the proxy configuration diff --git a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs index 7494ad96b..21016c37d 100644 --- a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs +++ b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/scheduledsparkapplications.rs @@ -536,24 +536,24 @@ pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityPreferredDu pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -657,24 +657,24 @@ pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAffinityRequiredDur pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -809,24 +809,24 @@ pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityPreferr pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -930,24 +930,24 @@ pub struct ScheduledSparkApplicationTemplateDriverAffinityPodAntiAffinityRequire pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1068,9 +1068,11 @@ pub struct ScheduledSparkApplicationTemplateDriverDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1121,8 +1123,10 @@ pub struct ScheduledSparkApplicationTemplateDriverEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1162,8 +1166,10 @@ pub struct ScheduledSparkApplicationTemplateDriverEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1189,8 +1195,10 @@ pub struct ScheduledSparkApplicationTemplateDriverEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1202,8 +1210,10 @@ pub struct ScheduledSparkApplicationTemplateDriverEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1238,8 +1248,7 @@ pub struct ScheduledSparkApplicationTemplateDriverHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } /// A single application container that you want to run within a pod. @@ -1455,8 +1464,10 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvValueFromConf /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1496,8 +1507,10 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvValueFromSecr /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1523,8 +1536,10 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1536,8 +1551,10 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvFromConfigMap #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1574,23 +1591,23 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1602,7 +1619,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostSta pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1635,7 +1652,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostSta pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1643,8 +1660,8 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostSta } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1667,23 +1684,23 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePostSta /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1695,7 +1712,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStop pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1728,7 +1745,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStop pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -1736,8 +1753,8 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStop } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1755,17 +1772,17 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLifecyclePreStop /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1780,7 +1797,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1802,7 +1819,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1814,7 +1831,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeExe pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1822,13 +1839,12 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeGrp /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1861,7 +1877,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeHtt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1906,17 +1922,17 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1931,7 +1947,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1953,7 +1969,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1965,7 +1981,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeEx pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1973,13 +1989,12 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeGr /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2012,7 +2027,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeHt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2045,11 +2060,9 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2072,6 +2085,11 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersResourcesClaims /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -2088,6 +2106,11 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContext /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2100,7 +2123,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContext #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2154,6 +2177,26 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContext pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2203,7 +2246,6 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContextS /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2248,17 +2290,17 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersSecurityContextW /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2273,7 +2315,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2295,7 +2337,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2307,7 +2349,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeExec pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2315,13 +2357,12 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeGrpc /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2354,7 +2395,7 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeHttp pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2387,6 +2428,8 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2395,6 +2438,24 @@ pub struct ScheduledSparkApplicationTemplateDriverInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2435,23 +2496,23 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2463,7 +2524,7 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2496,7 +2557,7 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartHttpGetHttpH pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2504,8 +2565,8 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2528,23 +2589,23 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2556,7 +2617,7 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2589,7 +2650,7 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopHttpGetHttpHea pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2597,8 +2658,8 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2613,16 +2674,18 @@ pub struct ScheduledSparkApplicationTemplateDriverLifecyclePreStopTcpSocket { /// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -2660,6 +2723,31 @@ pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -2672,15 +2760,24 @@ pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -2694,6 +2791,25 @@ pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -2729,7 +2845,6 @@ pub struct ScheduledSparkApplicationTemplateDriverPodSecurityContextSeccompProfi /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2805,6 +2920,11 @@ pub struct ScheduledSparkApplicationTemplateDriverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2817,7 +2937,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2871,6 +2991,26 @@ pub struct ScheduledSparkApplicationTemplateDriverSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2920,7 +3060,6 @@ pub struct ScheduledSparkApplicationTemplateDriverSecurityContextSeccompProfile /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3169,8 +3308,10 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvValueFromConfigMapK /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3210,8 +3351,10 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvValueFromSecretKeyR /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3237,8 +3380,10 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3250,8 +3395,10 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3288,23 +3435,23 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3316,7 +3463,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartExec pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3349,7 +3496,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartHttp pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -3357,8 +3504,8 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartSlee } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3381,23 +3528,23 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePostStartTcpS /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3409,7 +3556,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3442,7 +3589,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopHttpGe pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -3450,8 +3597,8 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopSleep } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3469,17 +3616,17 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLifecyclePreStopTcpSoc /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3494,7 +3641,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3516,7 +3663,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3528,7 +3675,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3536,13 +3683,12 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3575,7 +3721,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeHttpGetHt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3620,17 +3766,17 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3645,7 +3791,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3667,7 +3813,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3679,7 +3825,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3687,13 +3833,12 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3726,7 +3871,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeHttpGetH pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3759,11 +3904,9 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -3786,6 +3929,11 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -3802,6 +3950,11 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3814,7 +3967,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -3868,6 +4021,26 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3917,7 +4090,6 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContextSeccomp /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3962,17 +4134,17 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsSecurityContextWindows /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3987,7 +4159,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -4009,7 +4181,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -4021,7 +4193,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4029,13 +4201,12 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4068,7 +4239,7 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeHttpGetHtt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateDriverSidecarsStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4101,6 +4272,8 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4109,6 +4282,24 @@ pub struct ScheduledSparkApplicationTemplateDriverSidecarsVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4162,6 +4353,8 @@ pub struct ScheduledSparkApplicationTemplateDriverVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4170,6 +4363,24 @@ pub struct ScheduledSparkApplicationTemplateDriverVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4578,24 +4789,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityPreferred pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4699,24 +4910,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAffinityRequiredD pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4851,24 +5062,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityPrefe pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4972,24 +5183,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorAffinityPodAntiAffinityRequi pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5110,9 +5321,11 @@ pub struct ScheduledSparkApplicationTemplateExecutorDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5163,8 +5376,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorEnvValueFromConfigMapKeyRef /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -5204,8 +5419,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -5231,8 +5448,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -5244,8 +5463,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -5280,8 +5501,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } /// A single application container that you want to run within a pod. @@ -5497,8 +5717,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvValueFromCo /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -5538,8 +5760,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvValueFromSe /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -5565,8 +5789,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -5578,8 +5804,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvFromConfigM #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -5616,23 +5844,23 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5644,7 +5872,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostS pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5677,7 +5905,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostS pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -5685,8 +5913,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostS } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5709,23 +5937,23 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePostS /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5737,7 +5965,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreSt pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5770,7 +5998,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreSt pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -5778,8 +6006,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreSt } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5797,17 +6025,17 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLifecyclePreSt /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -5822,7 +6050,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbe /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -5844,7 +6072,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbe pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5856,7 +6084,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeE pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -5864,13 +6092,12 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeG /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5903,7 +6130,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeH pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5948,17 +6175,17 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -5973,7 +6200,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbe /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -5995,7 +6222,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbe pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -6007,7 +6234,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbe pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -6015,13 +6242,12 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbe /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6054,7 +6280,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbe pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6087,11 +6313,9 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -6114,6 +6338,11 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersResourcesClaim /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -6130,6 +6359,11 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContex /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6142,7 +6376,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContex #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -6196,6 +6430,26 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContex pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6245,7 +6499,6 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContex /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -6290,17 +6543,17 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersSecurityContex /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -6315,7 +6568,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -6337,7 +6590,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -6349,7 +6602,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeEx pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -6357,13 +6610,12 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeGr /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6396,7 +6648,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeHt pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6429,6 +6681,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -6437,6 +6691,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -6477,23 +6749,23 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -6505,7 +6777,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6538,7 +6810,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartHttpGetHtt pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -6546,8 +6818,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6570,23 +6842,23 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePostStartTcpSocket /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -6598,7 +6870,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6631,7 +6903,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopHttpGetHttpH pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -6639,8 +6911,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6655,16 +6927,18 @@ pub struct ScheduledSparkApplicationTemplateExecutorLifecyclePreStopTcpSocket { /// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -6702,6 +6976,31 @@ pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -6714,15 +7013,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -6736,6 +7044,25 @@ pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -6771,7 +7098,6 @@ pub struct ScheduledSparkApplicationTemplateExecutorPodSecurityContextSeccompPro /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -6847,6 +7173,11 @@ pub struct ScheduledSparkApplicationTemplateExecutorSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6859,7 +7190,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -6913,6 +7244,26 @@ pub struct ScheduledSparkApplicationTemplateExecutorSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6962,7 +7313,6 @@ pub struct ScheduledSparkApplicationTemplateExecutorSecurityContextSeccompProfil /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -7211,8 +7561,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvValueFromConfigMa /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -7252,8 +7604,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvValueFromSecretKe /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7279,8 +7633,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -7292,8 +7648,10 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvFromConfigMapRef #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -7330,23 +7688,23 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7358,7 +7716,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartEx pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7391,7 +7749,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartHt pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -7399,8 +7757,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartSl } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7423,23 +7781,23 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePostStartTc /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7451,7 +7809,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopExec pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7484,7 +7842,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopHttp pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -7492,8 +7850,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopSlee } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7511,17 +7869,17 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLifecyclePreStopTcpS /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -7536,7 +7894,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -7558,7 +7916,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7570,7 +7928,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -7578,13 +7936,12 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7617,7 +7974,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeHttpGet pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7662,17 +8019,17 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -7687,7 +8044,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -7709,7 +8066,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7721,7 +8078,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -7729,13 +8086,12 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7768,7 +8124,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeHttpGe pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7801,11 +8157,9 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -7828,6 +8182,11 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -7844,6 +8203,11 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -7856,7 +8220,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -7910,6 +8274,26 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -7959,7 +8343,6 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContextSecco /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -8004,17 +8387,17 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsSecurityContextWindo /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -8029,7 +8412,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -8051,7 +8434,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -8063,7 +8446,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -8071,13 +8454,12 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -8110,7 +8492,7 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeHttpGetH pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateExecutorSidecarsStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -8143,6 +8525,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -8151,6 +8535,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorSidecarsVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -8204,6 +8606,8 @@ pub struct ScheduledSparkApplicationTemplateExecutorVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -8212,6 +8616,24 @@ pub struct ScheduledSparkApplicationTemplateExecutorVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -8380,26 +8802,35 @@ pub enum ScheduledSparkApplicationTemplateType { pub struct ScheduledSparkApplicationTemplateVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -8413,7 +8844,6 @@ pub struct ScheduledSparkApplicationTemplateVolumes { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -8424,17 +8854,14 @@ pub struct ScheduledSparkApplicationTemplateVolumes { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8444,23 +8871,28 @@ pub struct ScheduledSparkApplicationTemplateVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -8469,11 +8901,24 @@ pub struct ScheduledSparkApplicationTemplateVolumes { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -8492,23 +8937,30 @@ pub struct ScheduledSparkApplicationTemplateVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -8516,15 +8968,20 @@ pub struct ScheduledSparkApplicationTemplateVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesAwsElasticBlockStore { @@ -8532,7 +8989,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesAwsElasticBlockStore { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -8552,6 +9008,8 @@ pub struct ScheduledSparkApplicationTemplateVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -8578,6 +9036,8 @@ pub struct ScheduledSparkApplicationTemplateVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -8592,7 +9052,8 @@ pub struct ScheduledSparkApplicationTemplateVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -8625,13 +9086,17 @@ pub struct ScheduledSparkApplicationTemplateVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCephfsSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCinder { @@ -8661,8 +9126,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCinderSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8689,8 +9156,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -8718,7 +9187,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -8754,8 +9223,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesCsiNodePublishSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8781,7 +9252,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -8800,7 +9271,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -8849,7 +9320,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesEmptyDir { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -8860,17 +9330,14 @@ pub struct ScheduledSparkApplicationTemplateVolumesEmptyDir { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -8883,7 +9350,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -8893,11 +9359,9 @@ pub struct ScheduledSparkApplicationTemplateVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -8911,7 +9375,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -8921,11 +9384,9 @@ pub struct ScheduledSparkApplicationTemplateVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplate { @@ -9027,8 +9488,8 @@ pub struct ScheduledSparkApplicationTemplateVolumesEphemeralVolumeClaimTemplateS /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -9157,7 +9618,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -9178,6 +9638,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -9211,13 +9672,16 @@ pub struct ScheduledSparkApplicationTemplateVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesFlexVolumeSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -9231,6 +9695,8 @@ pub struct ScheduledSparkApplicationTemplateVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesGcePersistentDisk { @@ -9238,7 +9704,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesGcePersistentDisk { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -9260,7 +9725,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -9279,6 +9744,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesGlusterfs { @@ -9300,9 +9766,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesGlusterfs { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesHostPath { /// path of the directory on the host. @@ -9316,6 +9779,39 @@ pub struct ScheduledSparkApplicationTemplateVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScheduledSparkApplicationTemplateVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -9331,7 +9827,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -9368,8 +9863,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesIscsiSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9406,7 +9903,8 @@ pub struct ScheduledSparkApplicationTemplateVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -9419,7 +9917,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -9447,25 +9948,24 @@ pub struct ScheduledSparkApplicationTemplateVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// - /// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// - /// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// - /// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -9490,14 +9990,11 @@ pub struct ScheduledSparkApplicationTemplateVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// -/// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// -/// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// -/// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -9577,8 +10074,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -9617,7 +10116,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -9636,7 +10135,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApiIt pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -9674,8 +10173,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -9725,7 +10226,8 @@ pub struct ScheduledSparkApplicationTemplateVolumesProjectedSourcesServiceAccoun pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesQuobyte { /// group to map volume access to @@ -9753,6 +10255,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesRbd { @@ -9760,7 +10263,6 @@ pub struct ScheduledSparkApplicationTemplateVolumesRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -9804,13 +10306,16 @@ pub struct ScheduledSparkApplicationTemplateVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesRbdSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -9855,8 +10360,10 @@ pub struct ScheduledSparkApplicationTemplateVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesScaleIoSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9913,6 +10420,7 @@ pub struct ScheduledSparkApplicationTemplateVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesStorageos { /// fsType is the filesystem type to mount. @@ -9947,13 +10455,17 @@ pub struct ScheduledSparkApplicationTemplateVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesStorageosSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScheduledSparkApplicationTemplateVolumesVsphereVolume { /// fsType is filesystem type to mount. diff --git a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs index 024589e27..93e131726 100644 --- a/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs +++ b/kube-custom-resources-rs/src/sparkoperator_k8s_io/v1beta2/sparkapplications.rs @@ -513,24 +513,24 @@ pub struct SparkApplicationDriverAffinityPodAffinityPreferredDuringSchedulingIgn pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -634,24 +634,24 @@ pub struct SparkApplicationDriverAffinityPodAffinityRequiredDuringSchedulingIgno pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -786,24 +786,24 @@ pub struct SparkApplicationDriverAffinityPodAntiAffinityPreferredDuringSchedulin pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -907,24 +907,24 @@ pub struct SparkApplicationDriverAffinityPodAntiAffinityRequiredDuringScheduling pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -1045,9 +1045,11 @@ pub struct SparkApplicationDriverDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -1098,8 +1100,10 @@ pub struct SparkApplicationDriverEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1139,8 +1143,10 @@ pub struct SparkApplicationDriverEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1166,8 +1172,10 @@ pub struct SparkApplicationDriverEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1179,8 +1187,10 @@ pub struct SparkApplicationDriverEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1215,8 +1225,7 @@ pub struct SparkApplicationDriverHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } /// A single application container that you want to run within a pod. @@ -1432,8 +1441,10 @@ pub struct SparkApplicationDriverInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1473,8 +1484,10 @@ pub struct SparkApplicationDriverInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1500,8 +1513,10 @@ pub struct SparkApplicationDriverInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1513,8 +1528,10 @@ pub struct SparkApplicationDriverInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -1551,23 +1568,23 @@ pub struct SparkApplicationDriverInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1579,7 +1596,7 @@ pub struct SparkApplicationDriverInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1612,7 +1629,7 @@ pub struct SparkApplicationDriverInitContainersLifecyclePostStartHttpGetHttpHead pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -1620,8 +1637,8 @@ pub struct SparkApplicationDriverInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1644,23 +1661,23 @@ pub struct SparkApplicationDriverInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1672,7 +1689,7 @@ pub struct SparkApplicationDriverInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1705,7 +1722,7 @@ pub struct SparkApplicationDriverInitContainersLifecyclePreStopHttpGetHttpHeader pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -1713,8 +1730,8 @@ pub struct SparkApplicationDriverInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1732,17 +1749,17 @@ pub struct SparkApplicationDriverInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1757,7 +1774,7 @@ pub struct SparkApplicationDriverInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1779,7 +1796,7 @@ pub struct SparkApplicationDriverInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1791,7 +1808,7 @@ pub struct SparkApplicationDriverInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1799,13 +1816,12 @@ pub struct SparkApplicationDriverInitContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1838,7 +1854,7 @@ pub struct SparkApplicationDriverInitContainersLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -1883,17 +1899,17 @@ pub struct SparkApplicationDriverInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -1908,7 +1924,7 @@ pub struct SparkApplicationDriverInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -1930,7 +1946,7 @@ pub struct SparkApplicationDriverInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -1942,7 +1958,7 @@ pub struct SparkApplicationDriverInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -1950,13 +1966,12 @@ pub struct SparkApplicationDriverInitContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -1989,7 +2004,7 @@ pub struct SparkApplicationDriverInitContainersReadinessProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2022,11 +2037,9 @@ pub struct SparkApplicationDriverInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2049,6 +2062,11 @@ pub struct SparkApplicationDriverInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -2065,6 +2083,11 @@ pub struct SparkApplicationDriverInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2077,7 +2100,7 @@ pub struct SparkApplicationDriverInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2131,6 +2154,26 @@ pub struct SparkApplicationDriverInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2180,7 +2223,6 @@ pub struct SparkApplicationDriverInitContainersSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2225,17 +2267,17 @@ pub struct SparkApplicationDriverInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -2250,7 +2292,7 @@ pub struct SparkApplicationDriverInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -2272,7 +2314,7 @@ pub struct SparkApplicationDriverInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2284,7 +2326,7 @@ pub struct SparkApplicationDriverInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -2292,13 +2334,12 @@ pub struct SparkApplicationDriverInitContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2331,7 +2372,7 @@ pub struct SparkApplicationDriverInitContainersStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2364,6 +2405,8 @@ pub struct SparkApplicationDriverInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2372,6 +2415,24 @@ pub struct SparkApplicationDriverInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2412,23 +2473,23 @@ pub struct SparkApplicationDriverLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2440,7 +2501,7 @@ pub struct SparkApplicationDriverLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2473,7 +2534,7 @@ pub struct SparkApplicationDriverLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -2481,8 +2542,8 @@ pub struct SparkApplicationDriverLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2505,23 +2566,23 @@ pub struct SparkApplicationDriverLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -2533,7 +2594,7 @@ pub struct SparkApplicationDriverLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -2566,7 +2627,7 @@ pub struct SparkApplicationDriverLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -2574,8 +2635,8 @@ pub struct SparkApplicationDriverLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -2590,16 +2651,18 @@ pub struct SparkApplicationDriverLifecyclePreStopTcpSocket { /// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -2637,6 +2700,31 @@ pub struct SparkApplicationDriverPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -2649,15 +2737,24 @@ pub struct SparkApplicationDriverPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -2671,6 +2768,25 @@ pub struct SparkApplicationDriverPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -2706,7 +2822,6 @@ pub struct SparkApplicationDriverPodSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2782,6 +2897,11 @@ pub struct SparkApplicationDriverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2794,7 +2914,7 @@ pub struct SparkApplicationDriverSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -2848,6 +2968,26 @@ pub struct SparkApplicationDriverSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2897,7 +3037,6 @@ pub struct SparkApplicationDriverSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3146,8 +3285,10 @@ pub struct SparkApplicationDriverSidecarsEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -3187,8 +3328,10 @@ pub struct SparkApplicationDriverSidecarsEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3214,8 +3357,10 @@ pub struct SparkApplicationDriverSidecarsEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -3227,8 +3372,10 @@ pub struct SparkApplicationDriverSidecarsEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3265,23 +3412,23 @@ pub struct SparkApplicationDriverSidecarsLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3293,7 +3440,7 @@ pub struct SparkApplicationDriverSidecarsLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3326,7 +3473,7 @@ pub struct SparkApplicationDriverSidecarsLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -3334,8 +3481,8 @@ pub struct SparkApplicationDriverSidecarsLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3358,23 +3505,23 @@ pub struct SparkApplicationDriverSidecarsLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3386,7 +3533,7 @@ pub struct SparkApplicationDriverSidecarsLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3419,7 +3566,7 @@ pub struct SparkApplicationDriverSidecarsLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -3427,8 +3574,8 @@ pub struct SparkApplicationDriverSidecarsLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3446,17 +3593,17 @@ pub struct SparkApplicationDriverSidecarsLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3471,7 +3618,7 @@ pub struct SparkApplicationDriverSidecarsLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3493,7 +3640,7 @@ pub struct SparkApplicationDriverSidecarsLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3505,7 +3652,7 @@ pub struct SparkApplicationDriverSidecarsLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3513,13 +3660,12 @@ pub struct SparkApplicationDriverSidecarsLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3552,7 +3698,7 @@ pub struct SparkApplicationDriverSidecarsLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3597,17 +3743,17 @@ pub struct SparkApplicationDriverSidecarsPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3622,7 +3768,7 @@ pub struct SparkApplicationDriverSidecarsReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3644,7 +3790,7 @@ pub struct SparkApplicationDriverSidecarsReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3656,7 +3802,7 @@ pub struct SparkApplicationDriverSidecarsReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -3664,13 +3810,12 @@ pub struct SparkApplicationDriverSidecarsReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -3703,7 +3848,7 @@ pub struct SparkApplicationDriverSidecarsReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -3736,11 +3881,9 @@ pub struct SparkApplicationDriverSidecarsResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -3763,6 +3906,11 @@ pub struct SparkApplicationDriverSidecarsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -3779,6 +3927,11 @@ pub struct SparkApplicationDriverSidecarsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3791,7 +3944,7 @@ pub struct SparkApplicationDriverSidecarsSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -3845,6 +3998,26 @@ pub struct SparkApplicationDriverSidecarsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationDriverSidecarsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3894,7 +4067,6 @@ pub struct SparkApplicationDriverSidecarsSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -3939,17 +4111,17 @@ pub struct SparkApplicationDriverSidecarsSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -3964,7 +4136,7 @@ pub struct SparkApplicationDriverSidecarsStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -3986,7 +4158,7 @@ pub struct SparkApplicationDriverSidecarsStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -3998,7 +4170,7 @@ pub struct SparkApplicationDriverSidecarsStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -4006,13 +4178,12 @@ pub struct SparkApplicationDriverSidecarsStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -4045,7 +4216,7 @@ pub struct SparkApplicationDriverSidecarsStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationDriverSidecarsStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -4078,6 +4249,8 @@ pub struct SparkApplicationDriverSidecarsVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4086,6 +4259,24 @@ pub struct SparkApplicationDriverSidecarsVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4139,6 +4330,8 @@ pub struct SparkApplicationDriverVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4147,6 +4340,24 @@ pub struct SparkApplicationDriverVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -4555,24 +4766,24 @@ pub struct SparkApplicationExecutorAffinityPodAffinityPreferredDuringSchedulingI pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4676,24 +4887,24 @@ pub struct SparkApplicationExecutorAffinityPodAffinityRequiredDuringSchedulingIg pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4828,24 +5039,24 @@ pub struct SparkApplicationExecutorAffinityPodAntiAffinityPreferredDuringSchedul pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -4949,24 +5160,24 @@ pub struct SparkApplicationExecutorAffinityPodAntiAffinityRequiredDuringScheduli pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. @@ -5087,9 +5298,11 @@ pub struct SparkApplicationExecutorDnsConfig { /// PodDNSConfigOption defines DNS resolver options of a pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorDnsConfigOptions { + /// Name is this DNS resolver option's name. /// Required. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + /// Value is this DNS resolver option's value. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -5140,8 +5353,10 @@ pub struct SparkApplicationExecutorEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -5181,8 +5396,10 @@ pub struct SparkApplicationExecutorEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -5208,8 +5425,10 @@ pub struct SparkApplicationExecutorEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -5221,8 +5440,10 @@ pub struct SparkApplicationExecutorEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -5257,8 +5478,7 @@ pub struct SparkApplicationExecutorHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } /// A single application container that you want to run within a pod. @@ -5474,8 +5694,10 @@ pub struct SparkApplicationExecutorInitContainersEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -5515,8 +5737,10 @@ pub struct SparkApplicationExecutorInitContainersEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -5542,8 +5766,10 @@ pub struct SparkApplicationExecutorInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -5555,8 +5781,10 @@ pub struct SparkApplicationExecutorInitContainersEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -5593,23 +5821,23 @@ pub struct SparkApplicationExecutorInitContainersLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5621,7 +5849,7 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5654,7 +5882,7 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePostStartHttpGetHttpHe pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -5662,8 +5890,8 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5686,23 +5914,23 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5714,7 +5942,7 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5747,7 +5975,7 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePreStopHttpGetHttpHead pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -5755,8 +5983,8 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5774,17 +6002,17 @@ pub struct SparkApplicationExecutorInitContainersLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -5799,7 +6027,7 @@ pub struct SparkApplicationExecutorInitContainersLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -5821,7 +6049,7 @@ pub struct SparkApplicationExecutorInitContainersLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5833,7 +6061,7 @@ pub struct SparkApplicationExecutorInitContainersLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -5841,13 +6069,12 @@ pub struct SparkApplicationExecutorInitContainersLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -5880,7 +6107,7 @@ pub struct SparkApplicationExecutorInitContainersLivenessProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -5925,17 +6152,17 @@ pub struct SparkApplicationExecutorInitContainersPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -5950,7 +6177,7 @@ pub struct SparkApplicationExecutorInitContainersReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -5972,7 +6199,7 @@ pub struct SparkApplicationExecutorInitContainersReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -5984,7 +6211,7 @@ pub struct SparkApplicationExecutorInitContainersReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -5992,13 +6219,12 @@ pub struct SparkApplicationExecutorInitContainersReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6031,7 +6257,7 @@ pub struct SparkApplicationExecutorInitContainersReadinessProbeHttpGetHttpHeader pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6064,11 +6290,9 @@ pub struct SparkApplicationExecutorInitContainersResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -6091,6 +6315,11 @@ pub struct SparkApplicationExecutorInitContainersResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -6107,6 +6336,11 @@ pub struct SparkApplicationExecutorInitContainersSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6119,7 +6353,7 @@ pub struct SparkApplicationExecutorInitContainersSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -6173,6 +6407,26 @@ pub struct SparkApplicationExecutorInitContainersSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6222,7 +6476,6 @@ pub struct SparkApplicationExecutorInitContainersSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -6267,17 +6520,17 @@ pub struct SparkApplicationExecutorInitContainersSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -6292,7 +6545,7 @@ pub struct SparkApplicationExecutorInitContainersStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -6314,7 +6567,7 @@ pub struct SparkApplicationExecutorInitContainersStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -6326,7 +6579,7 @@ pub struct SparkApplicationExecutorInitContainersStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -6334,13 +6587,12 @@ pub struct SparkApplicationExecutorInitContainersStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6373,7 +6625,7 @@ pub struct SparkApplicationExecutorInitContainersStartupProbeHttpGetHttpHeaders pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorInitContainersStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6406,6 +6658,8 @@ pub struct SparkApplicationExecutorInitContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -6414,6 +6668,24 @@ pub struct SparkApplicationExecutorInitContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -6454,23 +6726,23 @@ pub struct SparkApplicationExecutorLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -6482,7 +6754,7 @@ pub struct SparkApplicationExecutorLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6515,7 +6787,7 @@ pub struct SparkApplicationExecutorLifecyclePostStartHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -6523,8 +6795,8 @@ pub struct SparkApplicationExecutorLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6547,23 +6819,23 @@ pub struct SparkApplicationExecutorLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -6575,7 +6847,7 @@ pub struct SparkApplicationExecutorLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -6608,7 +6880,7 @@ pub struct SparkApplicationExecutorLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -6616,8 +6888,8 @@ pub struct SparkApplicationExecutorLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -6632,16 +6904,18 @@ pub struct SparkApplicationExecutorLifecyclePreStopTcpSocket { /// PodSecurityContext specifies the PodSecurityContext to apply. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorPodSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -6679,6 +6953,31 @@ pub struct SparkApplicationExecutorPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -6691,15 +6990,24 @@ pub struct SparkApplicationExecutorPodSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. + /// A list of groups applied to the first process run in each container, in + /// addition to the container's primary GID and fsGroup (if specified). If + /// the SupplementalGroupsPolicy feature is enabled, the + /// supplementalGroupsPolicy field determines whether these are in addition + /// to or instead of any group memberships defined in the container image. + /// If unspecified, no additional groups are added, though group memberships + /// defined in the container image may still be used, depending on the + /// supplementalGroupsPolicy field. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] pub supplemental_groups: Option>, + /// Defines how supplemental groups of the first container processes are calculated. + /// Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + /// (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + /// and the container runtime must implement support for this feature. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroupsPolicy")] + pub supplemental_groups_policy: Option, /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported /// sysctls (by the container runtime) might fail to launch. /// Note that this field cannot be set when spec.os.name is windows. @@ -6713,6 +7021,25 @@ pub struct SparkApplicationExecutorPodSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorPodSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -6748,7 +7075,6 @@ pub struct SparkApplicationExecutorPodSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -6824,6 +7150,11 @@ pub struct SparkApplicationExecutorSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6836,7 +7167,7 @@ pub struct SparkApplicationExecutorSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -6890,6 +7221,26 @@ pub struct SparkApplicationExecutorSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -6939,7 +7290,6 @@ pub struct SparkApplicationExecutorSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -7188,8 +7538,10 @@ pub struct SparkApplicationExecutorSidecarsEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -7229,8 +7581,10 @@ pub struct SparkApplicationExecutorSidecarsEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -7256,8 +7610,10 @@ pub struct SparkApplicationExecutorSidecarsEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvFromConfigMapRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -7269,8 +7625,10 @@ pub struct SparkApplicationExecutorSidecarsEnvFromConfigMapRef { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsEnvFromSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -7307,23 +7665,23 @@ pub struct SparkApplicationExecutorSidecarsLifecycle { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStart { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7335,7 +7693,7 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePostStartExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7368,7 +7726,7 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePostStartHttpGetHttpHeaders pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartSleep { /// Seconds is the number of seconds to sleep. @@ -7376,8 +7734,8 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePostStartSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePostStartTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7400,23 +7758,23 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePostStartTcpSocket { /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStop { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, - /// Sleep represents the duration that the container should sleep before being terminated. + /// Sleep represents a duration that the container should sleep. #[serde(default, skip_serializing_if = "Option::is_none")] pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. + /// for backward compatibility. There is no validation of this field and + /// lifecycle hooks will fail at runtime when it is specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7428,7 +7786,7 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePreStopExec { pub command: Option>, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7461,7 +7819,7 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePreStopHttpGetHttpHeaders { pub value: String, } -/// Sleep represents the duration that the container should sleep before being terminated. +/// Sleep represents a duration that the container should sleep. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopSleep { /// Seconds is the number of seconds to sleep. @@ -7469,8 +7827,8 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePreStopSleep { } /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. +/// for backward compatibility. There is no validation of this field and +/// lifecycle hooks will fail at runtime when it is specified. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLifecyclePreStopTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7488,17 +7846,17 @@ pub struct SparkApplicationExecutorSidecarsLifecyclePreStopTcpSocket { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -7513,7 +7871,7 @@ pub struct SparkApplicationExecutorSidecarsLivenessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -7535,7 +7893,7 @@ pub struct SparkApplicationExecutorSidecarsLivenessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7547,7 +7905,7 @@ pub struct SparkApplicationExecutorSidecarsLivenessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -7555,13 +7913,12 @@ pub struct SparkApplicationExecutorSidecarsLivenessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7594,7 +7951,7 @@ pub struct SparkApplicationExecutorSidecarsLivenessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsLivenessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7639,17 +7996,17 @@ pub struct SparkApplicationExecutorSidecarsPorts { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -7664,7 +8021,7 @@ pub struct SparkApplicationExecutorSidecarsReadinessProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -7686,7 +8043,7 @@ pub struct SparkApplicationExecutorSidecarsReadinessProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -7698,7 +8055,7 @@ pub struct SparkApplicationExecutorSidecarsReadinessProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -7706,13 +8063,12 @@ pub struct SparkApplicationExecutorSidecarsReadinessProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -7745,7 +8101,7 @@ pub struct SparkApplicationExecutorSidecarsReadinessProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsReadinessProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -7778,11 +8134,9 @@ pub struct SparkApplicationExecutorSidecarsResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -7805,6 +8159,11 @@ pub struct SparkApplicationExecutorSidecarsResourcesClaims { /// the Pod where this field is used. It makes that resource available /// inside a container. pub name: String, + /// Request is the name chosen for a request in the referenced claim. + /// If empty, everything from the claim is made available, otherwise + /// only the result of this request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub request: Option, } /// SecurityContext defines the security options the container should be run with. @@ -7821,6 +8180,11 @@ pub struct SparkApplicationExecutorSidecarsSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -7833,7 +8197,7 @@ pub struct SparkApplicationExecutorSidecarsSecurityContext { #[serde(default, skip_serializing_if = "Option::is_none")] pub privileged: Option, /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for + /// The default value is Default which uses the container runtime defaults for /// readonly paths and masked paths. /// This requires the ProcMountType feature flag to be enabled. /// Note that this field cannot be set when spec.os.name is windows. @@ -7887,6 +8251,26 @@ pub struct SparkApplicationExecutorSidecarsSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationExecutorSidecarsSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -7936,7 +8320,6 @@ pub struct SparkApplicationExecutorSidecarsSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -7981,17 +8364,17 @@ pub struct SparkApplicationExecutorSidecarsSecurityContextWindowsOptions { /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbe { - /// Exec specifies the action to take. + /// Exec specifies a command to execute in the container. #[serde(default, skip_serializing_if = "Option::is_none")] pub exec: Option, /// Minimum consecutive failures for the probe to be considered failed after having succeeded. /// Defaults to 3. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. + /// GRPC specifies a GRPC HealthCheckRequest. #[serde(default, skip_serializing_if = "Option::is_none")] pub grpc: Option, - /// HTTPGet specifies the http request to perform. + /// HTTPGet specifies an HTTP GET request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, /// Number of seconds after the container has started before liveness probes are initiated. @@ -8006,7 +8389,7 @@ pub struct SparkApplicationExecutorSidecarsStartupProbe { /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. + /// TCPSocket specifies a connection to a TCP port. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] pub tcp_socket: Option, /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. @@ -8028,7 +8411,7 @@ pub struct SparkApplicationExecutorSidecarsStartupProbe { pub timeout_seconds: Option, } -/// Exec specifies the action to take. +/// Exec specifies a command to execute in the container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeExec { /// Command is the command line to execute inside the container, the working directory for the @@ -8040,7 +8423,7 @@ pub struct SparkApplicationExecutorSidecarsStartupProbeExec { pub command: Option>, } -/// GRPC specifies an action involving a GRPC port. +/// GRPC specifies a GRPC HealthCheckRequest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeGrpc { /// Port number of the gRPC service. Number must be in the range 1 to 65535. @@ -8048,13 +8431,12 @@ pub struct SparkApplicationExecutorSidecarsStartupProbeGrpc { /// Service is the name of the service to place in the gRPC HealthCheckRequest /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). /// - /// /// If this is not specified, the default behavior is defined by gRPC. #[serde(default, skip_serializing_if = "Option::is_none")] pub service: Option, } -/// HTTPGet specifies the http request to perform. +/// HTTPGet specifies an HTTP GET request to perform. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeHttpGet { /// Host name to connect to, defaults to the pod IP. You probably want to set @@ -8087,7 +8469,7 @@ pub struct SparkApplicationExecutorSidecarsStartupProbeHttpGetHttpHeaders { pub value: String, } -/// TCPSocket specifies an action involving a TCP port. +/// TCPSocket specifies a connection to a TCP port. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationExecutorSidecarsStartupProbeTcpSocket { /// Optional: Host name to connect to, defaults to the pod IP. @@ -8120,6 +8502,8 @@ pub struct SparkApplicationExecutorSidecarsVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -8128,6 +8512,24 @@ pub struct SparkApplicationExecutorSidecarsVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -8181,6 +8583,8 @@ pub struct SparkApplicationExecutorVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -8189,6 +8593,24 @@ pub struct SparkApplicationExecutorVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -8360,26 +8782,35 @@ pub enum SparkApplicationType { pub struct SparkApplicationVolumes { /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + /// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] pub aws_elastic_block_store: Option, /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + /// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + /// are redirected to the disk.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] pub azure_disk: Option, /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. + /// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + /// are redirected to the file.csi.azure.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + /// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub cephfs: Option, /// cinder represents a cinder volume attached and mounted on kubelets host machine. + /// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + /// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub cinder: Option, /// configMap represents a configMap that should populate this volume #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[serde(default, skip_serializing_if = "Option::is_none")] pub csi: Option, /// downwardAPI represents downward API about the pod that should populate this volume @@ -8393,7 +8824,6 @@ pub struct SparkApplicationVolumes { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// - /// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -8404,17 +8834,14 @@ pub struct SparkApplicationVolumes { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// - /// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// - /// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// - /// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -8424,23 +8851,28 @@ pub struct SparkApplicationVolumes { pub fc: Option, /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. + /// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + /// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub flocker: Option, /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. + /// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + /// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] pub gce_persistent_disk: Option, /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + /// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] pub git_repo: Option, /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + /// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub glusterfs: Option, @@ -8449,11 +8881,24 @@ pub struct SparkApplicationVolumes { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] pub host_path: Option, + /// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + /// The volume is resolved at pod startup depending on which PullPolicy value is provided: + /// + /// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// + /// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + /// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + /// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + /// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + /// The volume will be mounted read-only (ro) and non-executable files (noexec). + /// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + /// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -8472,23 +8917,30 @@ pub struct SparkApplicationVolumes { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + /// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine + /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + /// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + /// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + /// is on. #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] pub portworx_volume: Option, /// projected items for all in one resources secrets, configmaps, and downward API #[serde(default, skip_serializing_if = "Option::is_none")] pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime + /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + /// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub quobyte: Option, /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + /// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[serde(default, skip_serializing_if = "Option::is_none")] pub rbd: Option, /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + /// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] pub scale_io: Option, /// secret represents a secret that should populate this volume. @@ -8496,15 +8948,20 @@ pub struct SparkApplicationVolumes { #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + /// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[serde(default, skip_serializing_if = "Option::is_none")] pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + /// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + /// are redirected to the csi.vsphere.vmware.com CSI driver. #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] pub vsphere_volume: Option, } /// awsElasticBlockStore represents an AWS Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree +/// awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesAwsElasticBlockStore { @@ -8512,7 +8969,6 @@ pub struct SparkApplicationVolumesAwsElasticBlockStore { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -8532,6 +8988,8 @@ pub struct SparkApplicationVolumesAwsElasticBlockStore { } /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. +/// Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type +/// are redirected to the disk.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesAzureDisk { /// cachingMode is the Host Caching mode: None, Read Only, Read Write. @@ -8558,6 +9016,8 @@ pub struct SparkApplicationVolumesAzureDisk { } /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. +/// Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type +/// are redirected to the file.csi.azure.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesAzureFile { /// readOnly defaults to false (read/write). ReadOnly here will force @@ -8572,7 +9032,8 @@ pub struct SparkApplicationVolumesAzureFile { pub share_name: String, } -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime +/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. +/// Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCephfs { /// monitors is Required: Monitors is a collection of Ceph monitors @@ -8605,13 +9066,17 @@ pub struct SparkApplicationVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCephfsSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// cinder represents a cinder volume attached and mounted on kubelets host machine. +/// Deprecated: Cinder is deprecated. All operations for the in-tree cinder type +/// are redirected to the cinder.csi.openstack.org CSI driver. /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCinder { @@ -8641,8 +9106,10 @@ pub struct SparkApplicationVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCinderSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8669,8 +9136,10 @@ pub struct SparkApplicationVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -8698,7 +9167,7 @@ pub struct SparkApplicationVolumesConfigMapItems { pub path: String, } -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). +/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCsi { /// driver is the name of the CSI driver that handles this volume. @@ -8734,8 +9203,10 @@ pub struct SparkApplicationVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesCsiNodePublishSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -8761,7 +9232,7 @@ pub struct SparkApplicationVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -8780,7 +9251,7 @@ pub struct SparkApplicationVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -8829,7 +9300,6 @@ pub struct SparkApplicationVolumesEmptyDir { /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, /// and deleted when the pod is removed. /// -/// /// Use this if: /// a) the volume is only needed while the pod runs, /// b) features of normal volumes like restoring from snapshot or capacity @@ -8840,17 +9310,14 @@ pub struct SparkApplicationVolumesEmptyDir { /// information on the connection between this volume type /// and PersistentVolumeClaim). /// -/// /// Use PersistentVolumeClaim or one of the vendor-specific /// APIs for volumes that persist for longer than the lifecycle /// of an individual pod. /// -/// /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to /// be used that way - see the documentation of the driver for /// more information. /// -/// /// A pod can use both types of ephemeral volumes and /// persistent volumes at the same time. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -8863,7 +9330,6 @@ pub struct SparkApplicationVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// - /// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -8873,11 +9339,9 @@ pub struct SparkApplicationVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// - /// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// - /// /// Required, must not be nil. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] pub volume_claim_template: Option, @@ -8891,7 +9355,6 @@ pub struct SparkApplicationVolumesEphemeral { /// entry. Pod validation will reject the pod if the concatenated name /// is not valid for a PVC (for example, too long). /// -/// /// An existing PVC with that name that is not owned by the pod /// will *not* be used for the pod to avoid using an unrelated /// volume by mistake. Starting the pod is then blocked until @@ -8901,11 +9364,9 @@ pub struct SparkApplicationVolumesEphemeral { /// this should not be necessary, but it may be useful when /// manually reconstructing a broken cluster. /// -/// /// This field is read-only and no changes will be made by Kubernetes /// to the PVC after it has been created. /// -/// /// Required, must not be nil. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplate { @@ -9007,8 +9468,8 @@ pub struct SparkApplicationVolumesEphemeralVolumeClaimTemplateSpec { /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + /// (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. @@ -9137,7 +9598,6 @@ pub struct SparkApplicationVolumesFc { /// fsType is the filesystem type to mount. /// Must be a filesystem type supported by the host operating system. /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// lun is Optional: FC target lun number @@ -9158,6 +9618,7 @@ pub struct SparkApplicationVolumesFc { /// flexVolume represents a generic volume resource that is /// provisioned/attached using an exec based plugin. +/// Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesFlexVolume { /// driver is the name of the driver to use for this volume. @@ -9191,13 +9652,16 @@ pub struct SparkApplicationVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesFlexVolumeSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running +/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. +/// Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesFlocker { /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker @@ -9211,6 +9675,8 @@ pub struct SparkApplicationVolumesFlocker { /// gcePersistentDisk represents a GCE Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. +/// Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree +/// gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesGcePersistentDisk { @@ -9218,7 +9684,6 @@ pub struct SparkApplicationVolumesGcePersistentDisk { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// partition is the partition in the volume that you want to mount. @@ -9240,7 +9705,7 @@ pub struct SparkApplicationVolumesGcePersistentDisk { } /// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an +/// Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir /// into the Pod's container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -9259,6 +9724,7 @@ pub struct SparkApplicationVolumesGitRepo { } /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. +/// Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. /// More info: https://examples.k8s.io/volumes/glusterfs/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesGlusterfs { @@ -9280,9 +9746,6 @@ pub struct SparkApplicationVolumesGlusterfs { /// used for system agents or other privileged things that are allowed /// to see the host machine. Most containers will NOT need this. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesHostPath { /// path of the directory on the host. @@ -9296,6 +9759,39 @@ pub struct SparkApplicationVolumesHostPath { pub r#type: Option, } +/// image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. +/// The volume is resolved at pod startup depending on which PullPolicy value is provided: +/// +/// - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. +/// - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. +/// - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. +/// +/// The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. +/// A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. +/// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. +/// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. +/// The volume will be mounted read-only (ro) and non-executable files (noexec). +/// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). +/// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SparkApplicationVolumesImage { + /// Policy for pulling OCI objects. Possible values are: + /// Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + /// Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + /// IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pullPolicy")] + pub pull_policy: Option, + /// Required: Image or artifact reference to be used. + /// Behaves in the same way as pod.spec.containers[*].image. + /// Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + /// More info: https://kubernetes.io/docs/concepts/containers/images + /// This field is optional to allow higher level config management to default or override + /// container images in workload controllers like Deployments and StatefulSets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub reference: Option, +} + /// iscsi represents an ISCSI Disk resource that is attached to a /// kubelet's host machine and then exposed to the pod. /// More info: https://examples.k8s.io/volumes/iscsi/README.md @@ -9311,7 +9807,6 @@ pub struct SparkApplicationVolumesIscsi { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// initiatorName is the custom iSCSI Initiator Name. @@ -9348,8 +9843,10 @@ pub struct SparkApplicationVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesIscsiSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9386,7 +9883,8 @@ pub struct SparkApplicationVolumesPersistentVolumeClaim { pub read_only: Option, } -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine +/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. +/// Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesPhotonPersistentDisk { /// fsType is the filesystem type to mount. @@ -9399,7 +9897,10 @@ pub struct SparkApplicationVolumesPhotonPersistentDisk { pub pd_id: String, } -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine +/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine. +/// Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type +/// are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate +/// is on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesPortworxVolume { /// fSType represents the filesystem type to mount @@ -9427,25 +9928,24 @@ pub struct SparkApplicationVolumesProjected { /// mode, like fsGroup, and the result can be other mode bits set. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] pub default_mode: Option, - /// sources is the list of volume projections + /// sources is the list of volume projections. Each entry in this list + /// handles one source. #[serde(default, skip_serializing_if = "Option::is_none")] pub sources: Option>, } -/// Projection that may be projected along with other supported volume types +/// Projection that may be projected along with other supported volume types. +/// Exactly one of these fields must be set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// - /// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// - /// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// - /// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -9470,14 +9970,11 @@ pub struct SparkApplicationVolumesProjectedSources { /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field /// of ClusterTrustBundle objects in an auto-updating file. /// -/// /// Alpha, gated by the ClusterTrustBundleProjection feature gate. /// -/// /// ClusterTrustBundle objects can either be selected by name, or by the /// combination of signer name and a label selector. /// -/// /// Kubelet performs aggressive normalization of the PEM contents written /// into the pod filesystem. Esoteric PEM features such as inter-block /// comments and block headers are stripped. Certificates are deduplicated. @@ -9557,8 +10054,10 @@ pub struct SparkApplicationVolumesProjectedSourcesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -9597,7 +10096,7 @@ pub struct SparkApplicationVolumesProjectedSourcesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -9616,7 +10115,7 @@ pub struct SparkApplicationVolumesProjectedSourcesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -9654,8 +10153,10 @@ pub struct SparkApplicationVolumesProjectedSourcesSecret { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -9705,7 +10206,8 @@ pub struct SparkApplicationVolumesProjectedSourcesServiceAccountToken { pub path: String, } -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime +/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime. +/// Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesQuobyte { /// group to map volume access to @@ -9733,6 +10235,7 @@ pub struct SparkApplicationVolumesQuobyte { } /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. +/// Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. /// More info: https://examples.k8s.io/volumes/rbd/README.md #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesRbd { @@ -9740,7 +10243,6 @@ pub struct SparkApplicationVolumesRbd { /// Tip: Ensure that the filesystem type is supported by the host operating system. /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] pub fs_type: Option, /// image is the rados image name. @@ -9784,13 +10286,16 @@ pub struct SparkApplicationVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesRbdSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. +/// Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesScaleIo { /// fsType is the filesystem type to mount. @@ -9835,8 +10340,10 @@ pub struct SparkApplicationVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesScaleIoSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -9893,6 +10400,7 @@ pub struct SparkApplicationVolumesSecretItems { } /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. +/// Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesStorageos { /// fsType is the filesystem type to mount. @@ -9927,13 +10435,17 @@ pub struct SparkApplicationVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesStorageosSecretRef { /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine +/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. +/// Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type +/// are redirected to the csi.vsphere.vmware.com CSI driver. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SparkApplicationVolumesVsphereVolume { /// fsType is filesystem type to mount. diff --git a/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs b/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs index 720cf055c..4f1986968 100644 --- a/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs +++ b/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs @@ -153,7 +153,7 @@ pub struct QueueStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// All CRS managed by ACK have a common `Status.Conditions` member that + /// All CRs managed by ACK have a common `Status.Conditions` member that /// contains a collection of `ackv1alpha1.Condition` objects that describe /// the various terminal states of the CR and its backend AWS service API /// resource diff --git a/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodepolicies.rs b/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodepolicies.rs index ccea68b88..07f7a0bc1 100644 --- a/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodepolicies.rs +++ b/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodepolicies.rs @@ -114,6 +114,9 @@ pub struct SriovNetworkNodePolicyBridgeOvsUplinkInterface { /// external_ids field in the Interface table in OVSDB #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIDs")] pub external_i_ds: Option>, + /// mtu_request field in the Interface table in OVSDB + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mtuRequest")] + pub mtu_request: Option, /// options field in the Interface table in OVSDB #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, diff --git a/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodestates.rs b/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodestates.rs index 04028d616..fb46b8f36 100644 --- a/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodestates.rs +++ b/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworknodestates.rs @@ -24,6 +24,8 @@ pub struct SriovNetworkNodeStateSpec { pub bridges: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub interfaces: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub system: Option, } /// Bridges contains list of bridges @@ -81,6 +83,9 @@ pub struct SriovNetworkNodeStateBridgesOvsUplinksInterface { /// external_ids field in the Interface table in OVSDB #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIDs")] pub external_i_ds: Option>, + /// mtu_request field in the Interface table in OVSDB + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mtuRequest")] + pub mtu_request: Option, /// options field in the Interface table in OVSDB #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, @@ -130,6 +135,21 @@ pub struct SriovNetworkNodeStateInterfacesVfGroups { pub vf_range: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SriovNetworkNodeStateSystem { + /// RDMA subsystem. Allowed value "shared", "exclusive". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rdmaMode")] + pub rdma_mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum SriovNetworkNodeStateSystemRdmaMode { + #[serde(rename = "shared")] + Shared, + #[serde(rename = "exclusive")] + Exclusive, +} + /// SriovNetworkNodeStateStatus defines the observed state of SriovNetworkNodeState #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SriovNetworkNodeStateStatus { @@ -142,6 +162,8 @@ pub struct SriovNetworkNodeStateStatus { pub last_sync_error: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "syncStatus")] pub sync_status: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub system: Option, } /// Bridges contains list of bridges @@ -199,6 +221,9 @@ pub struct SriovNetworkNodeStateStatusBridgesOvsUplinksInterface { /// external_ids field in the Interface table in OVSDB #[serde(default, skip_serializing_if = "Option::is_none", rename = "externalIDs")] pub external_i_ds: Option>, + /// mtu_request field in the Interface table in OVSDB + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mtuRequest")] + pub mtu_request: Option, /// options field in the Interface table in OVSDB #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option>, @@ -276,3 +301,18 @@ pub struct SriovNetworkNodeStateStatusInterfacesVfs { pub vf_id: i64, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SriovNetworkNodeStateStatusSystem { + /// RDMA subsystem. Allowed value "shared", "exclusive". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rdmaMode")] + pub rdma_mode: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum SriovNetworkNodeStateStatusSystemRdmaMode { + #[serde(rename = "shared")] + Shared, + #[serde(rename = "exclusive")] + Exclusive, +} + diff --git a/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworkpoolconfigs.rs b/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworkpoolconfigs.rs index 1bed563de..a9ba43d78 100644 --- a/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworkpoolconfigs.rs +++ b/kube-custom-resources-rs/src/sriovnetwork_openshift_io/v1/sriovnetworkpoolconfigs.rs @@ -35,6 +35,9 @@ pub struct SriovNetworkPoolConfigSpec { /// OvsHardwareOffloadConfig describes the OVS HWOL configuration for selected Nodes #[serde(default, skip_serializing_if = "Option::is_none", rename = "ovsHardwareOffloadConfig")] pub ovs_hardware_offload_config: Option, + /// RDMA subsystem. Allowed value "shared", "exclusive". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rdmaMode")] + pub rdma_mode: Option, } /// nodeSelector specifies a label selector for Nodes @@ -79,6 +82,15 @@ pub struct SriovNetworkPoolConfigOvsHardwareOffloadConfig { pub name: Option, } +/// SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum SriovNetworkPoolConfigRdmaMode { + #[serde(rename = "shared")] + Shared, + #[serde(rename = "exclusive")] + Exclusive, +} + /// SriovNetworkPoolConfigStatus defines the observed state of SriovNetworkPoolConfig #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SriovNetworkPoolConfigStatus { diff --git a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs index 8ffdf811f..07962b596 100644 --- a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs +++ b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constraintpodstatuses.rs @@ -19,6 +19,8 @@ pub struct ConstraintPodStatusStatus { pub constraint_uid: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub enforced: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enforcementPointsStatus")] + pub enforcement_points_status: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub errors: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -29,6 +31,18 @@ pub struct ConstraintPodStatusStatus { pub operations: Option>, } +/// EnforcementPointStatus represents the status of a single enforcement point. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConstraintPodStatusStatusEnforcementPointsStatus { + #[serde(rename = "enforcementPoint")] + pub enforcement_point: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + pub state: String, +} + /// Error represents a single error caught while adding a constraint to engine. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ConstraintPodStatusStatusErrors { diff --git a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs index d2d7a2f08..098e05390 100644 --- a/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs +++ b/kube-custom-resources-rs/src/status_gatekeeper_sh/v1beta1/constrainttemplatepodstatuses.rs @@ -26,6 +26,9 @@ pub struct ConstraintTemplatePodStatusStatus { /// intent and helps make sure that UIDs and names do not get conflated. #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateUID")] pub template_uid: Option, + /// VAPGenerationStatus represents the status of VAP generation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "vapGenerationStatus")] + pub vap_generation_status: Option, } /// CreateCRDError represents a single error caught during parsing, compiling, etc. @@ -37,3 +40,14 @@ pub struct ConstraintTemplatePodStatusStatusErrors { pub message: String, } +/// VAPGenerationStatus represents the status of VAP generation. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ConstraintTemplatePodStatusStatusVapGenerationStatus { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "observedGeneration")] + pub observed_generation: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub state: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub warning: Option, +} + diff --git a/kube-custom-resources-rs/src/submariner_io/v1alpha1/servicediscoveries.rs b/kube-custom-resources-rs/src/submariner_io/v1alpha1/servicediscoveries.rs index 02de309f4..60b58e539 100644 --- a/kube-custom-resources-rs/src/submariner_io/v1alpha1/servicediscoveries.rs +++ b/kube-custom-resources-rs/src/submariner_io/v1alpha1/servicediscoveries.rs @@ -69,22 +69,32 @@ pub struct ServiceDiscoveryCoreDnsCustomConfig { pub namespace: Option, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ServiceDiscoveryTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } diff --git a/kube-custom-resources-rs/src/submariner_io/v1alpha1/submariners.rs b/kube-custom-resources-rs/src/submariner_io/v1alpha1/submariners.rs index c78f38c60..eae21904a 100644 --- a/kube-custom-resources-rs/src/submariner_io/v1alpha1/submariners.rs +++ b/kube-custom-resources-rs/src/submariner_io/v1alpha1/submariners.rs @@ -80,7 +80,8 @@ pub struct SubmarinerSpec { /// The gateway connection health check. #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionHealthCheck")] pub connection_health_check: Option, - /// Name of the custom CoreDNS configmap to configure forwarding to Lighthouse. It should be in / format where is optional and defaults to kube-system. + /// Name of the custom CoreDNS configmap to configure forwarding to Lighthouse. + /// It should be in / format where is optional and defaults to kube-system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "coreDNSCustomConfig")] pub core_dns_custom_config: Option, /// List of domains to use for multi-cluster service discovery. @@ -94,6 +95,9 @@ pub struct SubmarinerSpec { /// Halt on certificate error (so the pod gets restarted). #[serde(default, skip_serializing_if = "Option::is_none", rename = "haltOnCertificateError")] pub halt_on_certificate_error: Option, + /// Is the cluster a hosted cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostedCluster")] + pub hosted_cluster: Option, /// Override component images. #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageOverrides")] pub image_overrides: Option>, @@ -137,7 +141,8 @@ pub struct SubmarinerConnectionHealthCheck { pub max_packet_loss_count: Option, } -/// Name of the custom CoreDNS configmap to configure forwarding to Lighthouse. It should be in / format where is optional and defaults to kube-system. +/// Name of the custom CoreDNS configmap to configure forwarding to Lighthouse. +/// It should be in / format where is optional and defaults to kube-system. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerCoreDnsCustomConfig { /// Name of the custom CoreDNS configmap. @@ -148,22 +153,32 @@ pub struct SubmarinerCoreDnsCustomConfig { pub namespace: Option, } -/// The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. #[serde(default, skip_serializing_if = "Option::is_none")] pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } @@ -199,6 +214,9 @@ pub struct SubmarinerStatus { /// The status of the Globalnet DaemonSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "globalnetDaemonSetStatus")] pub globalnet_daemon_set_status: Option, + /// Is the cluster a hosted cluster. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostedCluster")] + pub hosted_cluster: Option, /// The status of the load balancer DaemonSet. #[serde(default, skip_serializing_if = "Option::is_none", rename = "loadBalancerStatus")] pub load_balancer_status: Option, @@ -246,7 +264,9 @@ pub struct SubmarinerStatusGatewayDaemonSetStatus { pub status: Option, } -/// ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting. +/// ContainerState holds a possible state of container. +/// Only one of its members may be specified. +/// If none of them is specified, the default one is ContainerStateWaiting. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusGatewayDaemonSetStatusNonReadyContainerStates { /// Details about a running container @@ -308,28 +328,41 @@ pub struct SubmarinerStatusGatewayDaemonSetStatusNonReadyContainerStatesWaiting /// DaemonSetStatus represents the current status of a daemon set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusGatewayDaemonSetStatusStatus { - /// Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision. + /// Count of hash collisions for the DaemonSet. The DaemonSet controller + /// uses this field as a collision avoidance mechanism when it needs to + /// create the name for the newest ControllerRevision. #[serde(default, skip_serializing_if = "Option::is_none", rename = "collisionCount")] pub collision_count: Option, /// Represents the latest available observations of a DaemonSet's current state. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The number of nodes that are running at least 1 + /// daemon pod and are supposed to run the daemon pod. + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "currentNumberScheduled")] pub current_number_scheduled: i32, - /// The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The total number of nodes that should be running the daemon + /// pod (including nodes correctly running the daemon pod). + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "desiredNumberScheduled")] pub desired_number_scheduled: i32, - /// The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds) + /// The number of nodes that should be running the + /// daemon pod and have one or more of the daemon pod running and + /// available (ready for at least spec.minReadySeconds) #[serde(default, skip_serializing_if = "Option::is_none", rename = "numberAvailable")] pub number_available: Option, - /// The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The number of nodes that are running the daemon pod, but are + /// not supposed to run the daemon pod. + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "numberMisscheduled")] pub number_misscheduled: i32, - /// numberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running with a Ready Condition. + /// numberReady is the number of nodes that should be running the daemon pod and have one + /// or more of the daemon pod running with a Ready Condition. #[serde(rename = "numberReady")] pub number_ready: i32, - /// The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds) + /// The number of nodes that should be running the + /// daemon pod and have none of the daemon pod running and available + /// (ready for at least spec.minReadySeconds) #[serde(default, skip_serializing_if = "Option::is_none", rename = "numberUnavailable")] pub number_unavailable: Option, /// The most recent generation observed by the daemon set controller. @@ -355,7 +388,8 @@ pub struct SubmarinerStatusGateways { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusGatewaysConnections { pub endpoint: SubmarinerStatusGatewaysConnectionsEndpoint, - /// LatencySpec describes the round trip time information for a packet between the gateway pods of two clusters. + /// LatencySpec describes the round trip time information for a packet + /// between the gateway pods of two clusters. #[serde(default, skip_serializing_if = "Option::is_none", rename = "latencyRTT")] pub latency_rtt: Option, pub status: String, @@ -374,16 +408,28 @@ pub struct SubmarinerStatusGatewaysConnectionsEndpoint { pub backend_config: Option>, pub cable_name: String, pub cluster_id: String, + /// Deprecated: Get/SetHealthCheckIP() or, if necessary, HealthCheckIPs #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckIP")] pub health_check_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckIPs")] + pub health_check_i_ps: Option>, pub hostname: String, pub nat_enabled: bool, - pub private_ip: String, - pub public_ip: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateIPs")] + pub private_i_ps: Option>, + /// Deprecated: Use Get/SetPrivateIP() or, if necessary, PrivateIPs + #[serde(default, skip_serializing_if = "Option::is_none")] + pub private_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicIPs")] + pub public_i_ps: Option>, + /// Deprecated: Set/SetPublicIP() or, if necessary, PublicIPs + #[serde(default, skip_serializing_if = "Option::is_none")] + pub public_ip: Option, pub subnets: Vec, } -/// LatencySpec describes the round trip time information for a packet between the gateway pods of two clusters. +/// LatencySpec describes the round trip time information for a packet +/// between the gateway pods of two clusters. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusGatewaysConnectionsLatencyRtt { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -405,12 +451,23 @@ pub struct SubmarinerStatusGatewaysLocalEndpoint { pub backend_config: Option>, pub cable_name: String, pub cluster_id: String, + /// Deprecated: Get/SetHealthCheckIP() or, if necessary, HealthCheckIPs #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckIP")] pub health_check_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "healthCheckIPs")] + pub health_check_i_ps: Option>, pub hostname: String, pub nat_enabled: bool, - pub private_ip: String, - pub public_ip: String, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "privateIPs")] + pub private_i_ps: Option>, + /// Deprecated: Use Get/SetPrivateIP() or, if necessary, PrivateIPs + #[serde(default, skip_serializing_if = "Option::is_none")] + pub private_ip: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicIPs")] + pub public_i_ps: Option>, + /// Deprecated: Set/SetPublicIP() or, if necessary, PublicIPs + #[serde(default, skip_serializing_if = "Option::is_none")] + pub public_ip: Option, pub subnets: Vec, } @@ -428,7 +485,9 @@ pub struct SubmarinerStatusGlobalnetDaemonSetStatus { pub status: Option, } -/// ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting. +/// ContainerState holds a possible state of container. +/// Only one of its members may be specified. +/// If none of them is specified, the default one is ContainerStateWaiting. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusGlobalnetDaemonSetStatusNonReadyContainerStates { /// Details about a running container @@ -490,28 +549,41 @@ pub struct SubmarinerStatusGlobalnetDaemonSetStatusNonReadyContainerStatesWaitin /// DaemonSetStatus represents the current status of a daemon set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusGlobalnetDaemonSetStatusStatus { - /// Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision. + /// Count of hash collisions for the DaemonSet. The DaemonSet controller + /// uses this field as a collision avoidance mechanism when it needs to + /// create the name for the newest ControllerRevision. #[serde(default, skip_serializing_if = "Option::is_none", rename = "collisionCount")] pub collision_count: Option, /// Represents the latest available observations of a DaemonSet's current state. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The number of nodes that are running at least 1 + /// daemon pod and are supposed to run the daemon pod. + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "currentNumberScheduled")] pub current_number_scheduled: i32, - /// The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The total number of nodes that should be running the daemon + /// pod (including nodes correctly running the daemon pod). + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "desiredNumberScheduled")] pub desired_number_scheduled: i32, - /// The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds) + /// The number of nodes that should be running the + /// daemon pod and have one or more of the daemon pod running and + /// available (ready for at least spec.minReadySeconds) #[serde(default, skip_serializing_if = "Option::is_none", rename = "numberAvailable")] pub number_available: Option, - /// The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The number of nodes that are running the daemon pod, but are + /// not supposed to run the daemon pod. + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "numberMisscheduled")] pub number_misscheduled: i32, - /// numberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running with a Ready Condition. + /// numberReady is the number of nodes that should be running the daemon pod and have one + /// or more of the daemon pod running with a Ready Condition. #[serde(rename = "numberReady")] pub number_ready: i32, - /// The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds) + /// The number of nodes that should be running the + /// daemon pod and have none of the daemon pod running and available + /// (ready for at least spec.minReadySeconds) #[serde(default, skip_serializing_if = "Option::is_none", rename = "numberUnavailable")] pub number_unavailable: Option, /// The most recent generation observed by the daemon set controller. @@ -533,33 +605,52 @@ pub struct SubmarinerStatusLoadBalancerStatus { /// LoadBalancerStatus represents the status of a load-balancer. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusLoadBalancerStatusStatus { - /// Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. + /// Ingress is a list containing ingress points for the load-balancer. + /// Traffic intended for the service should be sent to these ingress points. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option>, } -/// LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point. +/// LoadBalancerIngress represents the status of a load-balancer ingress point: +/// traffic intended for the service should be sent to an ingress point. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusLoadBalancerStatusStatusIngress { - /// Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) + /// Hostname is set for load-balancer ingress points that are DNS based + /// (typically AWS load-balancers) #[serde(default, skip_serializing_if = "Option::is_none")] pub hostname: Option, - /// IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) + /// IP is set for load-balancer ingress points that are IP based + /// (typically GCE or OpenStack load-balancers) #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, - /// Ports is a list of records of service ports If used, every port defined in the service should have an entry in it + /// IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. + /// Setting this to "VIP" indicates that traffic is delivered to the node with + /// the destination set to the load-balancer's IP and port. + /// Setting this to "Proxy" indicates that traffic is delivered to the node or pod with + /// the destination set to the node's IP and node port or the pod's IP and port. + /// Service implementations may use this information to adjust traffic routing. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipMode")] + pub ip_mode: Option, + /// Ports is a list of records of service ports + /// If used, every port defined in the service should have an entry in it #[serde(default, skip_serializing_if = "Option::is_none")] pub ports: Option>, } +/// PortStatus represents the error condition of a service port #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusLoadBalancerStatusStatusIngressPorts { - /// Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - #[serde(default, skip_serializing_if = "Option::is_none")] - pub error: Option, + /// Error is to record the problem with the service port + /// The format of the error shall comply with the following rules: + /// - built-in error values shall be specified in this file and those shall use + /// CamelCase names + /// - cloud provider specific error values must have names that comply with the + /// format foo.example.com/CamelCase. + pub error: String, /// Port is the port number of the service port of which status is recorded here pub port: i32, - /// Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" + /// Protocol is the protocol of the service port of which status is recorded here + /// The supported values are: "TCP", "UDP", "SCTP" pub protocol: String, } @@ -577,7 +668,9 @@ pub struct SubmarinerStatusRouteAgentDaemonSetStatus { pub status: Option, } -/// ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting. +/// ContainerState holds a possible state of container. +/// Only one of its members may be specified. +/// If none of them is specified, the default one is ContainerStateWaiting. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusRouteAgentDaemonSetStatusNonReadyContainerStates { /// Details about a running container @@ -639,28 +732,41 @@ pub struct SubmarinerStatusRouteAgentDaemonSetStatusNonReadyContainerStatesWaiti /// DaemonSetStatus represents the current status of a daemon set. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SubmarinerStatusRouteAgentDaemonSetStatusStatus { - /// Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision. + /// Count of hash collisions for the DaemonSet. The DaemonSet controller + /// uses this field as a collision avoidance mechanism when it needs to + /// create the name for the newest ControllerRevision. #[serde(default, skip_serializing_if = "Option::is_none", rename = "collisionCount")] pub collision_count: Option, /// Represents the latest available observations of a DaemonSet's current state. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The number of nodes that are running at least 1 + /// daemon pod and are supposed to run the daemon pod. + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "currentNumberScheduled")] pub current_number_scheduled: i32, - /// The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The total number of nodes that should be running the daemon + /// pod (including nodes correctly running the daemon pod). + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "desiredNumberScheduled")] pub desired_number_scheduled: i32, - /// The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds) + /// The number of nodes that should be running the + /// daemon pod and have one or more of the daemon pod running and + /// available (ready for at least spec.minReadySeconds) #[serde(default, skip_serializing_if = "Option::is_none", rename = "numberAvailable")] pub number_available: Option, - /// The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ + /// The number of nodes that are running the daemon pod, but are + /// not supposed to run the daemon pod. + /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ #[serde(rename = "numberMisscheduled")] pub number_misscheduled: i32, - /// numberReady is the number of nodes that should be running the daemon pod and have one or more of the daemon pod running with a Ready Condition. + /// numberReady is the number of nodes that should be running the daemon pod and have one + /// or more of the daemon pod running with a Ready Condition. #[serde(rename = "numberReady")] pub number_ready: i32, - /// The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds) + /// The number of nodes that should be running the + /// daemon pod and have none of the daemon pod running and available + /// (ready for at least spec.minReadySeconds) #[serde(default, skip_serializing_if = "Option::is_none", rename = "numberUnavailable")] pub number_unavailable: Option, /// The most recent generation observed by the daemon set controller. diff --git a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs index 7daaca5ae..00a9b15a9 100644 --- a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs +++ b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempomonolithics.rs @@ -46,6 +46,9 @@ pub struct TempoMonolithicSpec { /// Observability defines the observability configuration of the Tempo deployment. #[serde(default, skip_serializing_if = "Option::is_none")] pub observability: Option, + /// Query defines query configuration. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub query: Option, /// Resources defines the compute resource requirements of the Tempo container. #[serde(default, skip_serializing_if = "Option::is_none")] pub resources: Option, @@ -801,7 +804,6 @@ pub struct TempoMonolithicIngestionOtlpGrpc { pub enabled: bool, /// TLS defines the TLS configuration for OTLP/gRPC ingestion. /// - /// /// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` /// are provided it will use OpenShift serving certificate service. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -810,7 +812,6 @@ pub struct TempoMonolithicIngestionOtlpGrpc { /// TLS defines the TLS configuration for OTLP/gRPC ingestion. /// -/// /// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` /// are provided it will use OpenShift serving certificate service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -839,7 +840,6 @@ pub struct TempoMonolithicIngestionOtlpHttp { pub enabled: bool, /// TLS defines the TLS configuration for OTLP/HTTP ingestion. /// - /// /// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` /// are provided it will use OpenShift serving certificate service. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -848,7 +848,6 @@ pub struct TempoMonolithicIngestionOtlpHttp { /// TLS defines the TLS configuration for OTLP/HTTP ingestion. /// -/// /// On OpenShift when operator config `servingCertsService` and TLS is enabled but no `certName` and `caName` /// are provided it will use OpenShift serving certificate service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -924,11 +923,9 @@ pub struct TempoMonolithicJaegeruiAuthenticationResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -976,11 +973,9 @@ pub struct TempoMonolithicJaegeruiResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1166,11 +1161,9 @@ pub struct TempoMonolithicMultitenancyResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1279,17 +1272,33 @@ pub struct TempoMonolithicObservabilityMetricsServiceMonitors { pub enabled: bool, } +/// Query defines query configuration. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TempoMonolithicQuery { + /// RBAC defines query RBAC options. + /// This option can be used only with multi-tenancy. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rbac: Option, +} + +/// RBAC defines query RBAC options. +/// This option can be used only with multi-tenancy. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TempoMonolithicQueryRbac { + /// Enabled defines if the query RBAC should be enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// Resources defines the compute resource requirements of the Tempo container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoMonolithicResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, diff --git a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs index 093b78b97..604e4f793 100644 --- a/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs +++ b/kube-custom-resources-rs/src/tempo_grafana_com/v1alpha1/tempostacks.rs @@ -35,8 +35,8 @@ pub struct TempoStackSpec { pub limits: Option, /// ManagementState defines if the CR should be managed by the operator or not. /// Default is managed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "managementState")] - pub management_state: Option, + #[serde(rename = "managementState")] + pub management_state: TempoStackManagementState, /// ObservabilitySpec defines how telemetry data gets handled. #[serde(default, skip_serializing_if = "Option::is_none")] pub observability: Option, @@ -319,9 +319,17 @@ pub struct TempoStackObservabilityMetrics { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackObservabilityTracing { /// JaegerAgentEndpoint defines the jaeger endpoint data gets send to. + /// Deprecated: in favor of OTLPHttpEndpoint. #[serde(default, skip_serializing_if = "Option::is_none")] pub jaeger_agent_endpoint: Option, + /// OTLPHttpEndpoint defines the OTLP/http endpoint data gets send to. + /// For example, "http://localhost:4320". + /// The default OTLP/http port 4318 collides with the distributor ports, therefore it is recommended to use a different port + /// on the sidecar injected to the Tempo (e.g. 4320). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub otlp_http_endpoint: Option, /// SamplingFraction defines the sampling ratio. Valid values are 0 to 1. + /// The SamplingFraction has to be defined to enable tracing. #[serde(default, skip_serializing_if = "Option::is_none")] pub sampling_fraction: Option, } @@ -346,11 +354,9 @@ pub struct TempoStackResourcesTotal { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -527,12 +533,10 @@ pub struct TempoStackTemplateCompactorPodSecurityContext { /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -639,7 +643,6 @@ pub struct TempoStackTemplateCompactorPodSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -690,11 +693,9 @@ pub struct TempoStackTemplateCompactorResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -754,14 +755,12 @@ pub struct TempoStackTemplateCompactorTolerations { pub struct TempoStackTemplateDistributor { /// TempoComponentSpec is embedded to extend this definition with further options. /// - /// /// Currently, there is no way to inline this field. /// See: https://github.com/golang/go/issues/6213 #[serde(default, skip_serializing_if = "Option::is_none")] pub component: Option, /// TLS defines TLS configuration for distributor receivers /// - /// /// If openshift feature flag `servingCertsService` is enabled and TLS is enabled but no /// certName or caName is specified, OpenShift service serving certificates will be used. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -770,7 +769,6 @@ pub struct TempoStackTemplateDistributor { /// TempoComponentSpec is embedded to extend this definition with further options. /// -/// /// Currently, there is no way to inline this field. /// See: https://github.com/golang/go/issues/6213 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -799,12 +797,10 @@ pub struct TempoStackTemplateDistributorComponentPodSecurityContext { /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -911,7 +907,6 @@ pub struct TempoStackTemplateDistributorComponentPodSecurityContextSeccompProfil /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -962,11 +957,9 @@ pub struct TempoStackTemplateDistributorComponentResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1023,7 +1016,6 @@ pub struct TempoStackTemplateDistributorComponentTolerations { /// TLS defines TLS configuration for distributor receivers /// -/// /// If openshift feature flag `servingCertsService` is enabled and TLS is enabled but no /// certName or caName is specified, OpenShift service serving certificates will be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1049,7 +1041,6 @@ pub struct TempoStackTemplateDistributorTls { pub struct TempoStackTemplateGateway { /// TempoComponentSpec is embedded to extend this definition with further options. /// - /// /// Currently there is no way to inline this field. /// See: https://github.com/golang/go/issues/6213 #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1058,11 +1049,13 @@ pub struct TempoStackTemplateGateway { /// Ingress defines gateway Ingress options. #[serde(default, skip_serializing_if = "Option::is_none")] pub ingress: Option, + /// RBAC defines query RBAC options. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub rbac: Option, } /// TempoComponentSpec is embedded to extend this definition with further options. /// -/// /// Currently there is no way to inline this field. /// See: https://github.com/golang/go/issues/6213 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1091,12 +1084,10 @@ pub struct TempoStackTemplateGatewayComponentPodSecurityContext { /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -1203,7 +1194,6 @@ pub struct TempoStackTemplateGatewayComponentPodSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -1254,11 +1244,9 @@ pub struct TempoStackTemplateGatewayComponentResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1368,6 +1356,14 @@ pub enum TempoStackTemplateGatewayIngressType { KopiumEmpty, } +/// RBAC defines query RBAC options. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct TempoStackTemplateGatewayRbac { + /// Enabled defines if the query RBAC should be enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + /// Ingester defines the ingester component spec. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TempoStackTemplateIngester { @@ -1395,12 +1391,10 @@ pub struct TempoStackTemplateIngesterPodSecurityContext { /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -1507,7 +1501,6 @@ pub struct TempoStackTemplateIngesterPodSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -1558,11 +1551,9 @@ pub struct TempoStackTemplateIngesterResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1644,12 +1635,10 @@ pub struct TempoStackTemplateQuerierPodSecurityContext { /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -1756,7 +1745,6 @@ pub struct TempoStackTemplateQuerierPodSecurityContextSeccompProfile { /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -1807,11 +1795,9 @@ pub struct TempoStackTemplateQuerierResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -1871,7 +1857,6 @@ pub struct TempoStackTemplateQuerierTolerations { pub struct TempoStackTemplateQueryFrontend { /// TempoComponentSpec is embedded to extend this definition with further options. /// - /// /// Currently there is no way to inline this field. /// See: https://github.com/golang/go/issues/6213 #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1883,7 +1868,6 @@ pub struct TempoStackTemplateQueryFrontend { /// TempoComponentSpec is embedded to extend this definition with further options. /// -/// /// Currently there is no way to inline this field. /// See: https://github.com/golang/go/issues/6213 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -1912,12 +1896,10 @@ pub struct TempoStackTemplateQueryFrontendComponentPodSecurityContext { /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: /// - /// /// 1. The owning GID will be the FSGroup /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) /// 3. The permission bits are OR'd with rw-rw---- /// - /// /// If unset, the Kubelet will not modify the ownership and permissions of any volume. /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] @@ -2024,7 +2006,6 @@ pub struct TempoStackTemplateQueryFrontendComponentPodSecurityContextSeccompProf /// type indicates which kind of seccomp profile will be applied. /// Valid options are: /// - /// /// Localhost - a profile defined in a file on the node should be used. /// RuntimeDefault - the container runtime default profile should be used. /// Unconfined - no profile should be applied. @@ -2075,11 +2056,9 @@ pub struct TempoStackTemplateQueryFrontendComponentResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2193,11 +2172,9 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryAuthenticationResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2289,7 +2266,6 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryMonitorTab { #[serde(default, skip_serializing_if = "Option::is_none", rename = "prometheusEndpoint")] pub prometheus_endpoint: Option, /// REDMetricsNamespace defines the a prefix used retrieve span rate, error, and duration (RED) metrics. - /// By default it is set to `traces.span.metrics` following the default namespace of the OpenTelemetry Collector since Version 0.109.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "redMetricsNamespace")] pub red_metrics_namespace: Option, } @@ -2300,11 +2276,9 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, @@ -2343,11 +2317,9 @@ pub struct TempoStackTemplateQueryFrontendJaegerQueryTempoQueryResources { /// Claims lists the names of resources, defined in spec.resourceClaims, /// that are used by this container. /// - /// /// This is an alpha field and requires enabling the /// DynamicResourceAllocation feature gate. /// - /// /// This field is immutable. It can only be set for containers. #[serde(default, skip_serializing_if = "Option::is_none")] pub claims: Option>, diff --git a/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutes.rs b/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutes.rs index bf9b581d3..eb8ead7ac 100644 --- a/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutes.rs +++ b/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutes.rs @@ -21,14 +21,14 @@ use self::prelude::*; pub struct IngressRouteSpec { /// EntryPoints defines the list of entry point names to bind to. /// Entry points have to be configured in the static configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ + /// More info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/ /// Default: all. #[serde(default, skip_serializing_if = "Option::is_none", rename = "entryPoints")] pub entry_points: Option>, /// Routes defines the list of routes. pub routes: Vec, /// TLS defines the TLS configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } @@ -42,15 +42,19 @@ pub struct IngressRouteRoutes { #[serde(default, skip_serializing_if = "Option::is_none")] pub kind: Option, /// Match defines the router's rule. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rule #[serde(rename = "match")] pub r#match: String, /// Middlewares defines the list of references to Middleware resources. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware + /// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-middleware #[serde(default, skip_serializing_if = "Option::is_none")] pub middlewares: Option>, + /// Observability defines the observability configuration for a router. + /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#observability + #[serde(default, skip_serializing_if = "Option::is_none")] + pub observability: Option, /// Priority defines the router's priority. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#priority #[serde(default, skip_serializing_if = "Option::is_none")] pub priority: Option, /// Services defines the list of Service. @@ -58,7 +62,7 @@ pub struct IngressRouteRoutes { #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, /// Syntax defines the router's rule syntax. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rulesyntax #[serde(default, skip_serializing_if = "Option::is_none")] pub syntax: Option, } @@ -79,6 +83,18 @@ pub struct IngressRouteRoutesMiddlewares { pub namespace: Option, } +/// Observability defines the observability configuration for a router. +/// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#observability +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IngressRouteRoutesObservability { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessLogs")] + pub access_logs: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metrics: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tracing: Option, +} + /// Service defines an upstream HTTP service to proxy traffic to. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteRoutesServices { @@ -127,7 +143,7 @@ pub struct IngressRouteRoutesServices { #[serde(default, skip_serializing_if = "Option::is_none", rename = "serversTransport")] pub servers_transport: Option, /// Sticky defines the sticky sessions configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions + /// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[serde(default, skip_serializing_if = "Option::is_none")] pub sticky: Option, /// Strategy defines the load balancing strategy between the servers. @@ -203,7 +219,7 @@ pub struct IngressRouteRoutesServicesResponseForwarding { } /// Sticky defines the sticky sessions configuration. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions +/// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteRoutesServicesSticky { /// Cookie defines the sticky cookie configuration. @@ -240,21 +256,21 @@ pub struct IngressRouteRoutesServicesStickyCookie { } /// TLS defines the TLS configuration. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls +/// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteTls { /// CertResolver defines the name of the certificate resolver to use. /// Cert resolvers have to be configured in the static configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers + /// More info: https://doc.traefik.io/traefik/v3.3/https/acme/#certificate-resolvers #[serde(default, skip_serializing_if = "Option::is_none", rename = "certResolver")] pub cert_resolver: Option, /// Domains defines the list of domains that will be used to issue certificates. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#domains #[serde(default, skip_serializing_if = "Option::is_none")] pub domains: Option>, /// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. /// If not defined, the `default` TLSOption is used. - /// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options + /// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option, /// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details. @@ -279,14 +295,14 @@ pub struct IngressRouteTlsDomains { /// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. /// If not defined, the `default` TLSOption is used. -/// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options +/// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteTlsOptions { /// Name defines the name of the referenced TLSOption. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption + /// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsoption pub name: String, /// Namespace defines the namespace of the referenced TLSOption. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption + /// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsoption #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } @@ -296,10 +312,10 @@ pub struct IngressRouteTlsOptions { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteTlsStore { /// Name defines the name of the referenced TLSStore. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore + /// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsstore pub name: String, /// Namespace defines the namespace of the referenced TLSStore. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore + /// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#kind-tlsstore #[serde(default, skip_serializing_if = "Option::is_none")] pub namespace: Option, } diff --git a/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutetcps.rs b/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutetcps.rs index b7d1786c2..243f6f039 100644 --- a/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutetcps.rs +++ b/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressroutetcps.rs @@ -20,14 +20,14 @@ use self::prelude::*; pub struct IngressRouteTCPSpec { /// EntryPoints defines the list of entry point names to bind to. /// Entry points have to be configured in the static configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ + /// More info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/ /// Default: all. #[serde(default, skip_serializing_if = "Option::is_none", rename = "entryPoints")] pub entry_points: Option>, /// Routes defines the list of routes. pub routes: Vec, /// TLS defines the TLS configuration on a layer 4 / TCP Route. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1 + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls_1 #[serde(default, skip_serializing_if = "Option::is_none")] pub tls: Option, } @@ -36,21 +36,21 @@ pub struct IngressRouteTCPSpec { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteTCPRoutes { /// Match defines the router's rule. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1 + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rule_1 #[serde(rename = "match")] pub r#match: String, /// Middlewares defines the list of references to MiddlewareTCP resources. #[serde(default, skip_serializing_if = "Option::is_none")] pub middlewares: Option>, /// Priority defines the router's priority. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1 + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#priority_1 #[serde(default, skip_serializing_if = "Option::is_none")] pub priority: Option, /// Services defines the list of TCP services. #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, /// Syntax defines the router's rule syntax. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1 + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#rulesyntax_1 #[serde(default, skip_serializing_if = "Option::is_none")] pub syntax: Option, } @@ -89,7 +89,7 @@ pub struct IngressRouteTCPRoutesServices { /// This can be a reference to a named port. pub port: IntOrString, /// ProxyProtocol defines the PROXY protocol configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol + /// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#proxy-protocol #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyProtocol")] pub proxy_protocol: Option, /// ServersTransport defines the name of ServersTransportTCP resource to use. @@ -114,7 +114,7 @@ pub struct IngressRouteTCPRoutesServices { } /// ProxyProtocol defines the PROXY protocol configuration. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol +/// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#proxy-protocol #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteTCPRoutesServicesProxyProtocol { /// Version defines the PROXY Protocol version to use. @@ -123,21 +123,21 @@ pub struct IngressRouteTCPRoutesServicesProxyProtocol { } /// TLS defines the TLS configuration on a layer 4 / TCP Route. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1 +/// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#tls_1 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteTCPTls { /// CertResolver defines the name of the certificate resolver to use. /// Cert resolvers have to be configured in the static configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers + /// More info: https://doc.traefik.io/traefik/v3.3/https/acme/#certificate-resolvers #[serde(default, skip_serializing_if = "Option::is_none", rename = "certResolver")] pub cert_resolver: Option, /// Domains defines the list of domains that will be used to issue certificates. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains + /// More info: https://doc.traefik.io/traefik/v3.3/routing/routers/#domains #[serde(default, skip_serializing_if = "Option::is_none")] pub domains: Option>, /// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. /// If not defined, the `default` TLSOption is used. - /// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options + /// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options #[serde(default, skip_serializing_if = "Option::is_none")] pub options: Option, /// Passthrough defines whether a TLS router will terminate the TLS connection. @@ -165,7 +165,7 @@ pub struct IngressRouteTCPTlsDomains { /// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. /// If not defined, the `default` TLSOption is used. -/// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options +/// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#tls-options #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct IngressRouteTCPTlsOptions { /// Name defines the name of the referenced Traefik resource. diff --git a/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressrouteudps.rs b/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressrouteudps.rs index 1f59b2751..bf0f4b3be 100644 --- a/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressrouteudps.rs +++ b/kube-custom-resources-rs/src/traefik_io/v1alpha1/ingressrouteudps.rs @@ -20,7 +20,7 @@ use self::prelude::*; pub struct IngressRouteUDPSpec { /// EntryPoints defines the list of entry point names to bind to. /// Entry points have to be configured in the static configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ + /// More info: https://doc.traefik.io/traefik/v3.3/routing/entrypoints/ /// Default: all. #[serde(default, skip_serializing_if = "Option::is_none", rename = "entryPoints")] pub entry_points: Option>, diff --git a/kube-custom-resources-rs/src/traefik_io/v1alpha1/middlewaretcps.rs b/kube-custom-resources-rs/src/traefik_io/v1alpha1/middlewaretcps.rs index dbf619786..eeabe855d 100644 --- a/kube-custom-resources-rs/src/traefik_io/v1alpha1/middlewaretcps.rs +++ b/kube-custom-resources-rs/src/traefik_io/v1alpha1/middlewaretcps.rs @@ -22,13 +22,13 @@ pub struct MiddlewareTCPSpec { pub in_flight_conn: Option, /// IPAllowList defines the IPAllowList middleware configuration. /// This middleware accepts/refuses connections based on the client IP. - /// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/ + /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipallowlist/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAllowList")] pub ip_allow_list: Option, /// IPWhiteList defines the IPWhiteList middleware configuration. /// This middleware accepts/refuses connections based on the client IP. /// Deprecated: please use IPAllowList instead. - /// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/ + /// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipwhitelist/ #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipWhiteList")] pub ip_white_list: Option, } @@ -44,7 +44,7 @@ pub struct MiddlewareTCPInFlightConn { /// IPAllowList defines the IPAllowList middleware configuration. /// This middleware accepts/refuses connections based on the client IP. -/// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/ +/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipallowlist/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MiddlewareTCPIpAllowList { /// SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation). @@ -55,7 +55,7 @@ pub struct MiddlewareTCPIpAllowList { /// IPWhiteList defines the IPWhiteList middleware configuration. /// This middleware accepts/refuses connections based on the client IP. /// Deprecated: please use IPAllowList instead. -/// More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/ +/// More info: https://doc.traefik.io/traefik/v3.3/middlewares/tcp/ipwhitelist/ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MiddlewareTCPIpWhiteList { /// SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation). diff --git a/kube-custom-resources-rs/src/traefik_io/v1alpha1/tlsoptions.rs b/kube-custom-resources-rs/src/traefik_io/v1alpha1/tlsoptions.rs index 1b6ef4a32..fe57d8c8d 100644 --- a/kube-custom-resources-rs/src/traefik_io/v1alpha1/tlsoptions.rs +++ b/kube-custom-resources-rs/src/traefik_io/v1alpha1/tlsoptions.rs @@ -18,18 +18,18 @@ use self::prelude::*; #[kube(derive="PartialEq")] pub struct TLSOptionSpec { /// ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. - /// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols + /// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#alpn-protocols #[serde(default, skip_serializing_if = "Option::is_none", rename = "alpnProtocols")] pub alpn_protocols: Option>, /// CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. - /// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites + /// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#cipher-suites #[serde(default, skip_serializing_if = "Option::is_none", rename = "cipherSuites")] pub cipher_suites: Option>, /// ClientAuth defines the server's policy for TLS Client Authentication. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientAuth")] pub client_auth: Option, /// CurvePreferences defines the preferred elliptic curves in a specific order. - /// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences + /// More info: https://doc.traefik.io/traefik/v3.3/https/tls/#curve-preferences #[serde(default, skip_serializing_if = "Option::is_none", rename = "curvePreferences")] pub curve_preferences: Option>, /// MaxVersion defines the maximum TLS version that Traefik will accept. diff --git a/kube-custom-resources-rs/src/traefik_io/v1alpha1/traefikservices.rs b/kube-custom-resources-rs/src/traefik_io/v1alpha1/traefikservices.rs index 337f456c7..bd449b8e2 100644 --- a/kube-custom-resources-rs/src/traefik_io/v1alpha1/traefikservices.rs +++ b/kube-custom-resources-rs/src/traefik_io/v1alpha1/traefikservices.rs @@ -87,7 +87,7 @@ pub struct TraefikServiceMirroring { #[serde(default, skip_serializing_if = "Option::is_none", rename = "serversTransport")] pub servers_transport: Option, /// Sticky defines the sticky sessions configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions + /// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[serde(default, skip_serializing_if = "Option::is_none")] pub sticky: Option, /// Strategy defines the load balancing strategy between the servers. @@ -202,7 +202,7 @@ pub struct TraefikServiceMirroringMirrors { #[serde(default, skip_serializing_if = "Option::is_none", rename = "serversTransport")] pub servers_transport: Option, /// Sticky defines the sticky sessions configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions + /// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[serde(default, skip_serializing_if = "Option::is_none")] pub sticky: Option, /// Strategy defines the load balancing strategy between the servers. @@ -278,7 +278,7 @@ pub struct TraefikServiceMirroringMirrorsResponseForwarding { } /// Sticky defines the sticky sessions configuration. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions +/// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TraefikServiceMirroringMirrorsSticky { /// Cookie defines the sticky cookie configuration. @@ -327,7 +327,7 @@ pub struct TraefikServiceMirroringResponseForwarding { } /// Sticky defines the sticky sessions configuration. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions +/// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TraefikServiceMirroringSticky { /// Cookie defines the sticky cookie configuration. @@ -370,7 +370,7 @@ pub struct TraefikServiceWeighted { #[serde(default, skip_serializing_if = "Option::is_none")] pub services: Option>, /// Sticky defines whether sticky sessions are enabled. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing + /// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#stickiness-and-load-balancing #[serde(default, skip_serializing_if = "Option::is_none")] pub sticky: Option, } @@ -423,7 +423,7 @@ pub struct TraefikServiceWeightedServices { #[serde(default, skip_serializing_if = "Option::is_none", rename = "serversTransport")] pub servers_transport: Option, /// Sticky defines the sticky sessions configuration. - /// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions + /// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[serde(default, skip_serializing_if = "Option::is_none")] pub sticky: Option, /// Strategy defines the load balancing strategy between the servers. @@ -499,7 +499,7 @@ pub struct TraefikServiceWeightedServicesResponseForwarding { } /// Sticky defines the sticky sessions configuration. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions +/// More info: https://doc.traefik.io/traefik/v3.3/routing/services/#sticky-sessions #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TraefikServiceWeightedServicesSticky { /// Cookie defines the sticky cookie configuration. @@ -536,7 +536,7 @@ pub struct TraefikServiceWeightedServicesStickyCookie { } /// Sticky defines whether sticky sessions are enabled. -/// More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing +/// More info: https://doc.traefik.io/traefik/v3.3/routing/providers/kubernetes-crd/#stickiness-and-load-balancing #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TraefikServiceWeightedSticky { /// Cookie defines the sticky cookie configuration. diff --git a/kube-custom-resources-rs/src/trust_cert_manager_io/v1alpha1/bundles.rs b/kube-custom-resources-rs/src/trust_cert_manager_io/v1alpha1/bundles.rs index 21cef50de..9ddf4a157 100644 --- a/kube-custom-resources-rs/src/trust_cert_manager_io/v1alpha1/bundles.rs +++ b/kube-custom-resources-rs/src/trust_cert_manager_io/v1alpha1/bundles.rs @@ -29,15 +29,15 @@ pub struct BundleSpec { /// the BundleTarget in all Namespaces. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BundleSources { - /// ConfigMap is a reference (by name) to a ConfigMap's `data` key, or to a - /// list of ConfigMap's `data` key using label selector, in the trust Namespace. + /// ConfigMap is a reference (by name) to a ConfigMap's `data` key(s), or to a + /// list of ConfigMap's `data` key(s) using label selector, in the trust Namespace. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, /// InLine is a simple string to append as the source data. #[serde(default, skip_serializing_if = "Option::is_none", rename = "inLine")] pub in_line: Option, - /// Secret is a reference (by name) to a Secret's `data` key, or to a - /// list of Secret's `data` key using label selector, in the trust Namespace. + /// Secret is a reference (by name) to a Secret's `data` key(s), or to a + /// list of Secret's `data` key(s) using label selector, in the trust Namespace. #[serde(default, skip_serializing_if = "Option::is_none")] pub secret: Option, /// UseDefaultCAs, when true, requests the default CA bundle to be used as a source. @@ -52,12 +52,17 @@ pub struct BundleSources { pub use_default_c_as: Option, } -/// ConfigMap is a reference (by name) to a ConfigMap's `data` key, or to a -/// list of ConfigMap's `data` key using label selector, in the trust Namespace. +/// ConfigMap is a reference (by name) to a ConfigMap's `data` key(s), or to a +/// list of ConfigMap's `data` key(s) using label selector, in the trust Namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BundleSourcesConfigMap { - /// Key is the key of the entry in the object's `data` field to be used. - pub key: String, + /// IncludeAllKeys is a flag to include all keys in the object's `data` field to be used. False by default. + /// This field must not be true when `Key` is set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "includeAllKeys")] + pub include_all_keys: Option, + /// Key of the entry in the object's `data` field to be used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, /// Name is the name of the source object in the trust Namespace. /// This field must be left empty when `selector` is set #[serde(default, skip_serializing_if = "Option::is_none")] @@ -99,12 +104,17 @@ pub struct BundleSourcesConfigMapSelectorMatchExpressions { pub values: Option>, } -/// Secret is a reference (by name) to a Secret's `data` key, or to a -/// list of Secret's `data` key using label selector, in the trust Namespace. +/// Secret is a reference (by name) to a Secret's `data` key(s), or to a +/// list of Secret's `data` key(s) using label selector, in the trust Namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BundleSourcesSecret { - /// Key is the key of the entry in the object's `data` field to be used. - pub key: String, + /// IncludeAllKeys is a flag to include all keys in the object's `data` field to be used. False by default. + /// This field must not be true when `Key` is set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "includeAllKeys")] + pub include_all_keys: Option, + /// Key of the entry in the object's `data` field to be used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, /// Name is the name of the source object in the trust Namespace. /// This field must be left empty when `selector` is set #[serde(default, skip_serializing_if = "Option::is_none")] @@ -216,12 +226,33 @@ pub struct BundleTargetConfigMap { /// Namespaces which match the selector. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BundleTargetNamespaceSelector { - /// MatchLabels matches on the set of labels that must be present on a - /// Namespace for the Bundle target to be synced there. + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] pub match_labels: Option>, } +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundleTargetNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// Secret is the target Secret that all Bundle source data will be synced to. /// Using Secrets as targets is only supported if enabled at trust-manager startup. /// By default, trust-manager has no permissions for writing to secrets and can only read secrets in the trust namespace. diff --git a/kube-custom-resources-rs/src/upgrade_cattle_io/v1/plans.rs b/kube-custom-resources-rs/src/upgrade_cattle_io/v1/plans.rs index a8a4e9435..1795d3856 100644 --- a/kube-custom-resources-rs/src/upgrade_cattle_io/v1/plans.rs +++ b/kube-custom-resources-rs/src/upgrade_cattle_io/v1/plans.rs @@ -35,6 +35,8 @@ pub struct PlanSpec { pub job_active_deadline_secs: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "postCompleteDelay")] + pub post_complete_delay: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub prepare: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -46,6 +48,8 @@ pub struct PlanSpec { pub upgrade: PlanUpgrade, #[serde(default, skip_serializing_if = "Option::is_none")] pub version: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub window: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -516,6 +520,18 @@ pub struct PlanUpgradeVolumes { pub source: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PlanWindow { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub days: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endTime")] + pub end_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")] + pub start_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeZone")] + pub time_zone: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PlanStatus { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/velero_io/v1/backuprepositories.rs b/kube-custom-resources-rs/src/velero_io/v1/backuprepositories.rs index ca614c2d2..4426bf9f4 100644 --- a/kube-custom-resources-rs/src/velero_io/v1/backuprepositories.rs +++ b/kube-custom-resources-rs/src/velero_io/v1/backuprepositories.rs @@ -55,7 +55,7 @@ pub enum BackupRepositoryRepositoryType { /// BackupRepositoryStatus is the current status of a BackupRepository. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupRepositoryStatus { - /// LastMaintenanceTime is the last time maintenance was run. + /// LastMaintenanceTime is the last time repo maintenance succeeded. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastMaintenanceTime")] pub last_maintenance_time: Option, /// Message is a message about the current status of the BackupRepository. @@ -64,6 +64,9 @@ pub struct BackupRepositoryStatus { /// Phase is the current state of the BackupRepository. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, + /// RecentMaintenance is status of the recent repo maintenance. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recentMaintenance")] + pub recent_maintenance: Option>, } /// BackupRepositoryStatus is the current status of a BackupRepository. @@ -74,3 +77,25 @@ pub enum BackupRepositoryStatusPhase { NotReady, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupRepositoryStatusRecentMaintenance { + /// CompleteTimestamp is the completion time of the repo maintenance. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "completeTimestamp")] + pub complete_timestamp: Option, + /// Message is a message about the current status of the repo maintenance. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// Result is the result of the repo maintenance. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub result: Option, + /// StartTimestamp is the start time of the repo maintenance. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTimestamp")] + pub start_timestamp: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BackupRepositoryStatusRecentMaintenanceResult { + Succeeded, + Failed, +} + diff --git a/kube-custom-resources-rs/src/velero_io/v1/backups.rs b/kube-custom-resources-rs/src/velero_io/v1/backups.rs index 368ec829b..2344589ab 100644 --- a/kube-custom-resources-rs/src/velero_io/v1/backups.rs +++ b/kube-custom-resources-rs/src/velero_io/v1/backups.rs @@ -34,7 +34,6 @@ pub struct BackupSpec { /// DefaultVolumesToRestic specifies whether restic should be used to take a /// backup of all pod volumes by default. /// - /// /// Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultVolumesToRestic")] pub default_volumes_to_restic: Option, diff --git a/kube-custom-resources-rs/src/velero_io/v1/backupstoragelocations.rs b/kube-custom-resources-rs/src/velero_io/v1/backupstoragelocations.rs index a727d884b..9778e63e6 100644 --- a/kube-custom-resources-rs/src/velero_io/v1/backupstoragelocations.rs +++ b/kube-custom-resources-rs/src/velero_io/v1/backupstoragelocations.rs @@ -59,9 +59,7 @@ pub struct BackupStorageLocationCredential { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -87,7 +85,6 @@ pub struct BackupStorageLocationObjectStorage { pub struct BackupStorageLocationStatus { /// AccessMode is an unused field. /// - /// /// Deprecated: there is now an AccessMode field on the Spec and this field /// will be removed entirely as of v2.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessMode")] @@ -95,7 +92,6 @@ pub struct BackupStorageLocationStatus { /// LastSyncedRevision is the value of the `metadata/revision` file in the backup /// storage location the last time the BSL's contents were synced into the cluster. /// - /// /// Deprecated: this field is no longer updated or used for detecting changes to /// the location's contents and will be removed entirely in v2.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastSyncedRevision")] diff --git a/kube-custom-resources-rs/src/velero_io/v1/podvolumebackups.rs b/kube-custom-resources-rs/src/velero_io/v1/podvolumebackups.rs index 2794fc83c..65014a3df 100644 --- a/kube-custom-resources-rs/src/velero_io/v1/podvolumebackups.rs +++ b/kube-custom-resources-rs/src/velero_io/v1/podvolumebackups.rs @@ -59,7 +59,6 @@ pub struct PodVolumeBackupPod { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. diff --git a/kube-custom-resources-rs/src/velero_io/v1/podvolumerestores.rs b/kube-custom-resources-rs/src/velero_io/v1/podvolumerestores.rs index 6c0de65a8..53644ab95 100644 --- a/kube-custom-resources-rs/src/velero_io/v1/podvolumerestores.rs +++ b/kube-custom-resources-rs/src/velero_io/v1/podvolumerestores.rs @@ -58,7 +58,6 @@ pub struct PodVolumeRestorePod { /// the event) or if no container name is specified "spec.containers[2]" (container with /// index 2 in this pod). This syntax is chosen only to have some well-defined way of /// referencing a part of an object. - /// TODO: this design is not final and this field is subject to change in the future. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] pub field_path: Option, /// Kind of the referent. diff --git a/kube-custom-resources-rs/src/velero_io/v1/schedules.rs b/kube-custom-resources-rs/src/velero_io/v1/schedules.rs index d627908f0..1fb073326 100644 --- a/kube-custom-resources-rs/src/velero_io/v1/schedules.rs +++ b/kube-custom-resources-rs/src/velero_io/v1/schedules.rs @@ -59,7 +59,6 @@ pub struct ScheduleTemplate { /// DefaultVolumesToRestic specifies whether restic should be used to take a /// backup of all pod volumes by default. /// - /// /// Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultVolumesToRestic")] pub default_volumes_to_restic: Option, diff --git a/kube-custom-resources-rs/src/velero_io/v1/volumesnapshotlocations.rs b/kube-custom-resources-rs/src/velero_io/v1/volumesnapshotlocations.rs index 7c3fc8f1a..f7dbbdbb9 100644 --- a/kube-custom-resources-rs/src/velero_io/v1/volumesnapshotlocations.rs +++ b/kube-custom-resources-rs/src/velero_io/v1/volumesnapshotlocations.rs @@ -37,9 +37,7 @@ pub struct VolumeSnapshotLocationCredential { /// This field is effectively required, but due to backwards compatibility is /// allowed to be empty. Instances of this type with an empty value here are /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined diff --git a/kube-custom-resources-rs/src/velero_io/v2alpha1/datadownloads.rs b/kube-custom-resources-rs/src/velero_io/v2alpha1/datadownloads.rs index dd3fc0744..da8e01d37 100644 --- a/kube-custom-resources-rs/src/velero_io/v2alpha1/datadownloads.rs +++ b/kube-custom-resources-rs/src/velero_io/v2alpha1/datadownloads.rs @@ -33,6 +33,9 @@ pub struct DataDownloadSpec { /// If DataMover is "" or "velero", the built-in data mover will be used. #[serde(default, skip_serializing_if = "Option::is_none")] pub datamover: Option, + /// NodeOS is OS of the node where the DataDownload is processed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeOS")] + pub node_os: Option, /// OperationTimeout specifies the time used to wait internal operations, /// before returning error as timeout. #[serde(rename = "operationTimeout")] @@ -49,6 +52,17 @@ pub struct DataDownloadSpec { pub target_volume: DataDownloadTargetVolume, } +/// DataDownloadSpec is the specification for a DataDownload. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum DataDownloadNodeOs { + #[serde(rename = "auto")] + Auto, + #[serde(rename = "linux")] + Linux, + #[serde(rename = "windows")] + Windows, +} + /// TargetVolume is the information of the target PVC and PV. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DataDownloadTargetVolume { @@ -63,6 +77,13 @@ pub struct DataDownloadTargetVolume { /// DataDownloadStatus is the current status of a DataDownload. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DataDownloadStatus { + /// Node is name of the node where the DataUpload is prepared. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "acceptedByNode")] + pub accepted_by_node: Option, + /// AcceptedTimestamp records the time the DataUpload is to be prepared. + /// The server's time is used for AcceptedTimestamp + #[serde(default, skip_serializing_if = "Option::is_none", rename = "acceptedTimestamp")] + pub accepted_timestamp: Option, /// CompletionTimestamp records the time a restore was completed. /// Completion time is recorded even on failed restores. /// The server's time is used for CompletionTimestamps diff --git a/kube-custom-resources-rs/src/velero_io/v2alpha1/datauploads.rs b/kube-custom-resources-rs/src/velero_io/v2alpha1/datauploads.rs index e18b8e756..e30c38aee 100644 --- a/kube-custom-resources-rs/src/velero_io/v2alpha1/datauploads.rs +++ b/kube-custom-resources-rs/src/velero_io/v2alpha1/datauploads.rs @@ -69,6 +69,13 @@ pub struct DataUploadCsiSnapshot { /// DataUploadStatus is the current status of a DataUpload. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DataUploadStatus { + /// AcceptedByNode is name of the node where the DataUpload is prepared. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "acceptedByNode")] + pub accepted_by_node: Option, + /// AcceptedTimestamp records the time the DataUpload is to be prepared. + /// The server's time is used for AcceptedTimestamp + #[serde(default, skip_serializing_if = "Option::is_none", rename = "acceptedTimestamp")] + pub accepted_timestamp: Option, /// CompletionTimestamp records the time a backup was completed. /// Completion time is recorded even on failed backups. /// Completion time is recorded before uploading the backup object. @@ -84,6 +91,9 @@ pub struct DataUploadStatus { /// Node is name of the node where the DataUpload is processed. #[serde(default, skip_serializing_if = "Option::is_none")] pub node: Option, + /// NodeOS is OS of the node where the DataUpload is processed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeOS")] + pub node_os: Option, /// Path is the full path of the snapshot volume being backed up. #[serde(default, skip_serializing_if = "Option::is_none")] pub path: Option, @@ -106,6 +116,17 @@ pub struct DataUploadStatus { pub start_timestamp: Option, } +/// DataUploadStatus is the current status of a DataUpload. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum DataUploadStatusNodeOs { + #[serde(rename = "auto")] + Auto, + #[serde(rename = "linux")] + Linux, + #[serde(rename = "windows")] + Windows, +} + /// DataUploadStatus is the current status of a DataUpload. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum DataUploadStatusPhase { diff --git a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs index 8140af474..18860211e 100644 --- a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs +++ b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationdestinations.rs @@ -959,6 +959,31 @@ pub struct ReplicationDestinationRcloneMoverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -2019,6 +2044,31 @@ pub struct ReplicationDestinationResticMoverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -3183,6 +3233,31 @@ pub struct ReplicationDestinationRsyncTlsMoverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in diff --git a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs index 3f6a60994..f4859ea72 100644 --- a/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs +++ b/kube-custom-resources-rs/src/volsync_backube/v1alpha1/replicationsources.rs @@ -948,6 +948,31 @@ pub struct ReplicationSourceRcloneMoverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -1989,6 +2014,31 @@ pub struct ReplicationSourceResticMoverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -3129,6 +3179,31 @@ pub struct ReplicationSourceRsyncTlsMoverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -4110,6 +4185,31 @@ pub struct ReplicationSourceSyncthingMoverSecurityContext { /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] pub run_as_user: Option, + /// seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + /// It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + /// Valid values are "MountOption" and "Recursive". + /// + /// "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + /// This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + /// + /// "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + /// This requires all Pods that share the same volume to use the same SELinux label. + /// It is not possible to share the same volume among privileged and unprivileged Pods. + /// Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + /// whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + /// CSIDriver instance. Other volumes are always re-labelled recursively. + /// "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + /// + /// If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + /// If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + /// and "Recursive" for all other volumes. + /// + /// This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + /// + /// All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxChangePolicy")] + pub se_linux_change_policy: Option, /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in diff --git a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs index c60b7ec58..8a1c01809 100644 --- a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs +++ b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs @@ -26,7 +26,6 @@ pub struct ClusterResourceBindingSpec { /// ConflictResolution declares how potential conflict should be handled when /// a resource that is being propagated already exists in the target cluster. /// - /// /// It defaults to "Abort" which means stop propagating to avoid unexpected /// overwrites. The "Overwrite" might be useful when migrating legacy cluster /// resources to Karmada, in which case conflict is predictable and can be @@ -81,12 +80,14 @@ pub struct ClusterResourceBindingSpec { /// It works with the status.lastScheduledTime field, and only when this timestamp is later than timestamp in /// status.lastScheduledTime will the rescheduling actually execute, otherwise, ignored. /// - /// /// It is represented in RFC3339 form (like '2006-01-02T15:04:05Z') and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rescheduleTriggeredAt")] pub reschedule_triggered_at: Option, /// Resource represents the Kubernetes resource to be propagated. pub resource: ClusterResourceBindingResource, + /// SchedulePriority represents the scheduling priority assigned to workloads. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulePriority")] + pub schedule_priority: Option, /// SchedulerName represents which scheduler to proceed the scheduling. /// It inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy). #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] @@ -152,6 +153,22 @@ pub struct ClusterResourceBindingFailoverApplication { /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] pub purge_mode: Option, + /// StatePreservation defines the policy for preserving and restoring state data + /// during failover events for stateful applications. + /// + /// When an application fails over from one cluster to another, this policy enables + /// the extraction of critical data from the original resource configuration. + /// Upon successful migration, the extracted data is then re-injected into the new + /// resource, ensuring that the application can resume operation with its previous + /// state intact. + /// This is particularly useful for stateful applications where maintaining data + /// consistency across failover events is crucial. + /// If not specified, means no state data will be preserved. + /// + /// Note: This requires the StatefulFailoverInjection feature gate to be enabled, + /// which is alpha. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statePreservation")] + pub state_preservation: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -179,15 +196,64 @@ pub enum ClusterResourceBindingFailoverApplicationPurgeMode { Never, } +/// StatePreservation defines the policy for preserving and restoring state data +/// during failover events for stateful applications. +/// +/// When an application fails over from one cluster to another, this policy enables +/// the extraction of critical data from the original resource configuration. +/// Upon successful migration, the extracted data is then re-injected into the new +/// resource, ensuring that the application can resume operation with its previous +/// state intact. +/// This is particularly useful for stateful applications where maintaining data +/// consistency across failover events is crucial. +/// If not specified, means no state data will be preserved. +/// +/// Note: This requires the StatefulFailoverInjection feature gate to be enabled, +/// which is alpha. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterResourceBindingFailoverApplicationStatePreservation { + /// Rules contains a list of StatePreservationRule configurations. + /// Each rule specifies a JSONPath expression targeting specific pieces of + /// state data to be preserved during failover events. An AliasLabelName is associated + /// with each rule, serving as a label key when the preserved data is passed + /// to the new cluster. + pub rules: Vec, +} + +/// StatePreservationRule defines a single rule for state preservation. +/// It includes a JSONPath expression and an alias name that will be used +/// as a label key when passing state information to the new cluster. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterResourceBindingFailoverApplicationStatePreservationRules { + /// AliasLabelName is the name that will be used as a label key when the preserved + /// data is passed to the new cluster. This facilitates the injection of the + /// preserved state back into the application resources during recovery. + #[serde(rename = "aliasLabelName")] + pub alias_label_name: String, + /// JSONPath is the JSONPath template used to identify the state data + /// to be preserved from the original resource configuration. + /// The JSONPath syntax follows the Kubernetes specification: + /// https://kubernetes.io/docs/reference/kubectl/jsonpath/ + /// + /// Note: The JSONPath expression will start searching from the "status" field of + /// the API resource object by default. For example, to extract the "availableReplicas" + /// from a Deployment, the JSONPath expression should be "{.availableReplicas}", not + /// "{.status.availableReplicas}". + #[serde(rename = "jsonPath")] + pub json_path: String, +} + /// GracefulEvictionTask represents a graceful eviction task. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterResourceBindingGracefulEvictionTasks { + /// ClustersBeforeFailover records the clusters where running the application before failover. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clustersBeforeFailover")] + pub clusters_before_failover: Option>, /// CreationTimestamp is a timestamp representing the server time when this object was /// created. /// Clients should not set this value to avoid the time inconsistency issue. /// It is represented in RFC3339 form(like '2021-04-25T10:02:10Z') and is in UTC. /// - /// /// Populated by the system. Read-only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationTimestamp")] pub creation_timestamp: Option, @@ -205,8 +271,17 @@ pub struct ClusterResourceBindingGracefulEvictionTasks { /// This may be an empty string. #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, + /// PreservedLabelState represents the application state information collected from the original cluster, + /// and it will be injected into the new cluster in form of application labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preservedLabelState")] + pub preserved_label_state: Option>, /// Producer indicates the controller who triggered the eviction. pub producer: String, + /// PurgeMode represents how to deal with the legacy applications on the + /// cluster from which the application is migrated. + /// Valid options are "Immediately", "Graciously" and "Never". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] + pub purge_mode: Option, /// Reason contains a programmatic identifier indicating the reason for the eviction. /// Producers may define expected values and meanings for this field, /// and whether the values are considered a guaranteed API. @@ -224,30 +299,34 @@ pub struct ClusterResourceBindingGracefulEvictionTasks { pub suppress_deletion: Option, } +/// GracefulEvictionTask represents a graceful eviction task. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterResourceBindingGracefulEvictionTasksPurgeMode { + Immediately, + Graciously, + Never, +} + /// Placement represents the rule for select clusters to propagate resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterResourceBindingPlacement { /// ClusterAffinities represents scheduling restrictions to multiple cluster /// groups that indicated by ClusterAffinityTerm. /// - /// /// The scheduler will evaluate these groups one by one in the order they /// appear in the spec, the group that does not satisfy scheduling restrictions /// will be ignored which means all clusters in this group will not be selected /// unless it also belongs to the next group(a cluster could belong to multiple /// groups). /// - /// /// If none of the groups satisfy the scheduling restrictions, then scheduling /// fails, which means no cluster will be selected. /// - /// /// Note: /// 1. ClusterAffinities can not co-exist with ClusterAffinity. /// 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster /// can be scheduling candidates. /// - /// /// Potential use case 1: /// The private clusters in the local data center could be the main group, and /// the managed clusters provided by cluster providers could be the secondary @@ -255,7 +334,6 @@ pub struct ClusterResourceBindingPlacement { /// to the main group and the second group will only be considered in case of /// the main group does not satisfy restrictions(like, lack of resources). /// - /// /// Potential use case 2: /// For the disaster recovery scenario, the clusters could be organized to /// primary and backup groups, the workloads would be scheduled to primary @@ -846,6 +924,16 @@ pub struct ClusterResourceBindingResource { pub uid: Option, } +/// SchedulePriority represents the scheduling priority assigned to workloads. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterResourceBindingSchedulePriority { + /// Priority specifies the scheduling priority for the binding. + /// Higher values indicate a higher priority. + /// If not explicitly set, the default value is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, +} + /// Suspension declares the policy for suspending different aspects of propagation. /// nil means no suspension. no default values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -861,6 +949,15 @@ pub struct ClusterResourceBindingSuspension { /// Note: Can not co-exist with Dispatching which is used to suspend all. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dispatchingOnClusters")] pub dispatching_on_clusters: Option, + /// Scheduling controls whether scheduling should be suspended, the scheduler will pause scheduling and not + /// process resource binding when the value is true and resume scheduling when it's false or nil. + /// This is designed for third-party systems to temporarily pause the scheduling of applications, which enabling + /// manage resource allocation, prioritize critical workloads, etc. + /// It is expected that third-party systems use an admission webhook to suspend scheduling at the time of + /// ResourceBinding creation. Once a ResourceBinding has been scheduled, it cannot be paused afterward, as it may + /// lead to ineffective suspension. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheduling: Option, } /// DispatchingOnClusters declares a list of clusters to which the dispatching diff --git a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs index 7f9251744..92bd1e5cf 100644 --- a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs +++ b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs @@ -27,7 +27,6 @@ pub struct ResourceBindingSpec { /// ConflictResolution declares how potential conflict should be handled when /// a resource that is being propagated already exists in the target cluster. /// - /// /// It defaults to "Abort" which means stop propagating to avoid unexpected /// overwrites. The "Overwrite" might be useful when migrating legacy cluster /// resources to Karmada, in which case conflict is predictable and can be @@ -82,12 +81,14 @@ pub struct ResourceBindingSpec { /// It works with the status.lastScheduledTime field, and only when this timestamp is later than timestamp in /// status.lastScheduledTime will the rescheduling actually execute, otherwise, ignored. /// - /// /// It is represented in RFC3339 form (like '2006-01-02T15:04:05Z') and is in UTC. #[serde(default, skip_serializing_if = "Option::is_none", rename = "rescheduleTriggeredAt")] pub reschedule_triggered_at: Option, /// Resource represents the Kubernetes resource to be propagated. pub resource: ResourceBindingResource, + /// SchedulePriority represents the scheduling priority assigned to workloads. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulePriority")] + pub schedule_priority: Option, /// SchedulerName represents which scheduler to proceed the scheduling. /// It inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy). #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] @@ -153,6 +154,22 @@ pub struct ResourceBindingFailoverApplication { /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] pub purge_mode: Option, + /// StatePreservation defines the policy for preserving and restoring state data + /// during failover events for stateful applications. + /// + /// When an application fails over from one cluster to another, this policy enables + /// the extraction of critical data from the original resource configuration. + /// Upon successful migration, the extracted data is then re-injected into the new + /// resource, ensuring that the application can resume operation with its previous + /// state intact. + /// This is particularly useful for stateful applications where maintaining data + /// consistency across failover events is crucial. + /// If not specified, means no state data will be preserved. + /// + /// Note: This requires the StatefulFailoverInjection feature gate to be enabled, + /// which is alpha. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "statePreservation")] + pub state_preservation: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -180,15 +197,64 @@ pub enum ResourceBindingFailoverApplicationPurgeMode { Never, } +/// StatePreservation defines the policy for preserving and restoring state data +/// during failover events for stateful applications. +/// +/// When an application fails over from one cluster to another, this policy enables +/// the extraction of critical data from the original resource configuration. +/// Upon successful migration, the extracted data is then re-injected into the new +/// resource, ensuring that the application can resume operation with its previous +/// state intact. +/// This is particularly useful for stateful applications where maintaining data +/// consistency across failover events is crucial. +/// If not specified, means no state data will be preserved. +/// +/// Note: This requires the StatefulFailoverInjection feature gate to be enabled, +/// which is alpha. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ResourceBindingFailoverApplicationStatePreservation { + /// Rules contains a list of StatePreservationRule configurations. + /// Each rule specifies a JSONPath expression targeting specific pieces of + /// state data to be preserved during failover events. An AliasLabelName is associated + /// with each rule, serving as a label key when the preserved data is passed + /// to the new cluster. + pub rules: Vec, +} + +/// StatePreservationRule defines a single rule for state preservation. +/// It includes a JSONPath expression and an alias name that will be used +/// as a label key when passing state information to the new cluster. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ResourceBindingFailoverApplicationStatePreservationRules { + /// AliasLabelName is the name that will be used as a label key when the preserved + /// data is passed to the new cluster. This facilitates the injection of the + /// preserved state back into the application resources during recovery. + #[serde(rename = "aliasLabelName")] + pub alias_label_name: String, + /// JSONPath is the JSONPath template used to identify the state data + /// to be preserved from the original resource configuration. + /// The JSONPath syntax follows the Kubernetes specification: + /// https://kubernetes.io/docs/reference/kubectl/jsonpath/ + /// + /// Note: The JSONPath expression will start searching from the "status" field of + /// the API resource object by default. For example, to extract the "availableReplicas" + /// from a Deployment, the JSONPath expression should be "{.availableReplicas}", not + /// "{.status.availableReplicas}". + #[serde(rename = "jsonPath")] + pub json_path: String, +} + /// GracefulEvictionTask represents a graceful eviction task. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceBindingGracefulEvictionTasks { + /// ClustersBeforeFailover records the clusters where running the application before failover. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clustersBeforeFailover")] + pub clusters_before_failover: Option>, /// CreationTimestamp is a timestamp representing the server time when this object was /// created. /// Clients should not set this value to avoid the time inconsistency issue. /// It is represented in RFC3339 form(like '2021-04-25T10:02:10Z') and is in UTC. /// - /// /// Populated by the system. Read-only. #[serde(default, skip_serializing_if = "Option::is_none", rename = "creationTimestamp")] pub creation_timestamp: Option, @@ -206,8 +272,17 @@ pub struct ResourceBindingGracefulEvictionTasks { /// This may be an empty string. #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, + /// PreservedLabelState represents the application state information collected from the original cluster, + /// and it will be injected into the new cluster in form of application labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preservedLabelState")] + pub preserved_label_state: Option>, /// Producer indicates the controller who triggered the eviction. pub producer: String, + /// PurgeMode represents how to deal with the legacy applications on the + /// cluster from which the application is migrated. + /// Valid options are "Immediately", "Graciously" and "Never". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] + pub purge_mode: Option, /// Reason contains a programmatic identifier indicating the reason for the eviction. /// Producers may define expected values and meanings for this field, /// and whether the values are considered a guaranteed API. @@ -225,30 +300,34 @@ pub struct ResourceBindingGracefulEvictionTasks { pub suppress_deletion: Option, } +/// GracefulEvictionTask represents a graceful eviction task. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ResourceBindingGracefulEvictionTasksPurgeMode { + Immediately, + Graciously, + Never, +} + /// Placement represents the rule for select clusters to propagate resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceBindingPlacement { /// ClusterAffinities represents scheduling restrictions to multiple cluster /// groups that indicated by ClusterAffinityTerm. /// - /// /// The scheduler will evaluate these groups one by one in the order they /// appear in the spec, the group that does not satisfy scheduling restrictions /// will be ignored which means all clusters in this group will not be selected /// unless it also belongs to the next group(a cluster could belong to multiple /// groups). /// - /// /// If none of the groups satisfy the scheduling restrictions, then scheduling /// fails, which means no cluster will be selected. /// - /// /// Note: /// 1. ClusterAffinities can not co-exist with ClusterAffinity. /// 2. If both ClusterAffinity and ClusterAffinities are not set, any cluster /// can be scheduling candidates. /// - /// /// Potential use case 1: /// The private clusters in the local data center could be the main group, and /// the managed clusters provided by cluster providers could be the secondary @@ -256,7 +335,6 @@ pub struct ResourceBindingPlacement { /// to the main group and the second group will only be considered in case of /// the main group does not satisfy restrictions(like, lack of resources). /// - /// /// Potential use case 2: /// For the disaster recovery scenario, the clusters could be organized to /// primary and backup groups, the workloads would be scheduled to primary @@ -847,6 +925,16 @@ pub struct ResourceBindingResource { pub uid: Option, } +/// SchedulePriority represents the scheduling priority assigned to workloads. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ResourceBindingSchedulePriority { + /// Priority specifies the scheduling priority for the binding. + /// Higher values indicate a higher priority. + /// If not explicitly set, the default value is 0. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub priority: Option, +} + /// Suspension declares the policy for suspending different aspects of propagation. /// nil means no suspension. no default values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -862,6 +950,15 @@ pub struct ResourceBindingSuspension { /// Note: Can not co-exist with Dispatching which is used to suspend all. #[serde(default, skip_serializing_if = "Option::is_none", rename = "dispatchingOnClusters")] pub dispatching_on_clusters: Option, + /// Scheduling controls whether scheduling should be suspended, the scheduler will pause scheduling and not + /// process resource binding when the value is true and resume scheduling when it's false or nil. + /// This is designed for third-party systems to temporarily pause the scheduling of applications, which enabling + /// manage resource allocation, prioritize critical workloads, etc. + /// It is expected that third-party systems use an admission webhook to suspend scheduling at the time of + /// ResourceBinding creation. Once a ResourceBinding has been scheduled, it cannot be paused afterward, as it may + /// lead to ineffective suspension. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scheduling: Option, } /// DispatchingOnClusters declares a list of clusters to which the dispatching diff --git a/kube-custom-resources-rs/src/workload_codeflare_dev/v1beta2/appwrappers.rs b/kube-custom-resources-rs/src/workload_codeflare_dev/v1beta2/appwrappers.rs index f1667b976..d32b6757a 100644 --- a/kube-custom-resources-rs/src/workload_codeflare_dev/v1beta2/appwrappers.rs +++ b/kube-custom-resources-rs/src/workload_codeflare_dev/v1beta2/appwrappers.rs @@ -59,11 +59,22 @@ pub struct AppWrapperComponentsPodSetInfos { /// NodeSelectors to be added to the PodSpecTemplate #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] pub node_selector: Option>, + /// SchedulingGates to be added to the PodSpecTemplate + #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingGates")] + pub scheduling_gates: Option>, /// Tolerations to be added to the PodSpecTemplate #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, } +/// PodSchedulingGate is associated to a Pod to guard its scheduling. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AppWrapperComponentsPodSetInfosSchedulingGates { + /// Name of the scheduling gate. + /// Each scheduling gate must have a unique name field. + pub name: String, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -112,10 +123,8 @@ pub struct AppWrapperStatus { pub component_status: Option>, /// Conditions hold the latest available observations of the AppWrapper current state. /// - /// /// The type of the condition could be: /// - /// /// - QuotaReserved: The AppWrapper was admitted by Kueue and has quota allocated to it /// - ResourcesDeployed: The contained resources are deployed (or being deployed) on the cluster /// - PodsReady: All pods of the contained resources are in the Ready or Succeeded state @@ -139,10 +148,8 @@ pub struct AppWrapperStatusComponentStatus { pub api_version: String, /// Conditions hold the latest available observations of the Component's current state. /// - /// /// The type of the condition could be: /// - /// /// - ResourcesDeployed: The component is deployed on the cluster #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, diff --git a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1/instancesets.rs b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1/instancesets.rs index a3d53b250..c3c737623 100644 --- a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1/instancesets.rs +++ b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1/instancesets.rs @@ -21,9 +21,6 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct InstanceSetSpec { - /// Credential used to connect to DB engine - #[serde(default, skip_serializing_if = "Option::is_none")] - pub credential: Option, /// Specifies the desired Ordinals of the default template. /// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under the default template. /// @@ -33,6 +30,9 @@ pub struct InstanceSetSpec { /// $(cluster.name)-$(component.name)-0、$(cluster.name)-$(component.name)-1 and $(cluster.name)-$(component.name)-7 #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultTemplateOrdinals")] pub default_template_ordinals: Option, + /// Provides fine-grained control over the spec update process of all instances. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceUpdateStrategy")] + pub instance_update_strategy: Option, /// Overrides values in default Template. /// /// @@ -58,8 +58,8 @@ pub struct InstanceSetSpec { /// /// /// - serial: update Members one by one that guarantee minimum component unavailable time. - /// - bestEffortParallel: update Members in parallel that guarantee minimum component un-writable time. /// - parallel: force parallel + /// - bestEffortParallel: update Members in parallel that guarantee minimum component un-writable time. #[serde(default, skip_serializing_if = "Option::is_none", rename = "memberUpdateStrategy")] pub member_update_strategy: Option, /// Provides actions to do membership dynamic reconfiguration. @@ -125,10 +125,7 @@ pub struct InstanceSetSpec { /// Defaults to 1 if unspecified. #[serde(default, skip_serializing_if = "Option::is_none")] pub replicas: Option, - /// Provides method to probe role. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleProbe")] - pub role_probe: Option, - /// A list of roles defined in the system. + /// A list of roles defined in the system. Instanceset obtains role through pods' role label `kubeblocks.io/role`. #[serde(default, skip_serializing_if = "Option::is_none")] pub roles: Option>, /// Represents a label query over pods that should match the desired replica count indicated by the `replica` field. @@ -137,15 +134,9 @@ pub struct InstanceSetSpec { pub selector: InstanceSetSelector, /// PodTemplateSpec describes the data a pod should have when created from a template pub template: InstanceSetTemplate, - /// Indicates the StatefulSetUpdateStrategy that will be - /// employed to update Pods in the InstanceSet when a revision is made to - /// Template. - /// UpdateStrategy.Type will be set to appsv1.OnDeleteStatefulSetStrategyType if MemberUpdateStrategy is not nil - /// - /// - /// Note: This field will be removed in future version. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] - pub update_strategy: Option, + /// Provides variables which are used to call Actions. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateVars")] + pub template_vars: Option>, /// Specifies a list of PersistentVolumeClaim templates that define the storage requirements for each replica. /// Each template specifies the desired characteristics of a persistent volume, such as storage class, /// size, and access modes. @@ -155,203 +146,6 @@ pub struct InstanceSetSpec { pub volume_claim_templates: Option>, } -/// Credential used to connect to DB engine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredential { - /// Represents the user's password for the credential. - /// The corresponding environment variable will be KB_ITS_PASSWORD. - pub password: InstanceSetCredentialPassword, - /// Defines the user's name for the credential. - /// The corresponding environment variable will be KB_ITS_USERNAME. - pub username: InstanceSetCredentialUsername, -} - -/// Represents the user's password for the credential. -/// The corresponding environment variable will be KB_ITS_PASSWORD. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialPassword { - /// Specifies the value of the environment variable. This field is optional and defaults to an empty string. - /// The value can include variable references in the format $(VAR_NAME) which will be expanded using previously defined environment variables in the container and any service environment variables. - /// - /// - /// If a variable cannot be resolved, the reference in the input string will remain unchanged. - /// Double $$ can be used to escape the $(VAR_NAME) syntax, resulting in a single $ and producing the string literal "$(VAR_NAME)". - /// Escaped references will not be expanded, regardless of whether the variable exists or not. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Defines the source for the environment variable's value. This field is optional and cannot be used if the 'Value' field is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Defines the source for the environment variable's value. This field is optional and cannot be used if the 'Value' field is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialPasswordValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialPasswordValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialPasswordValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialPasswordValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialPasswordValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Defines the user's name for the credential. -/// The corresponding environment variable will be KB_ITS_USERNAME. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialUsername { - /// Specifies the value of the environment variable. This field is optional and defaults to an empty string. - /// The value can include variable references in the format $(VAR_NAME) which will be expanded using previously defined environment variables in the container and any service environment variables. - /// - /// - /// If a variable cannot be resolved, the reference in the input string will remain unchanged. - /// Double $$ can be used to escape the $(VAR_NAME) syntax, resulting in a single $ and producing the string literal "$(VAR_NAME)". - /// Escaped references will not be expanded, regardless of whether the variable exists or not. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Defines the source for the environment variable's value. This field is optional and cannot be used if the 'Value' field is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Defines the source for the environment variable's value. This field is optional and cannot be used if the 'Value' field is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialUsernameValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialUsernameValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialUsernameValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialUsernameValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetCredentialUsernameValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - /// Specifies the desired Ordinals of the default template. /// The Ordinals used to specify the ordinal of the instance (pod) names to be generated under the default template. /// @@ -375,10 +169,46 @@ pub struct InstanceSetDefaultTemplateOrdinalsRanges { pub start: i32, } -/// InstanceTemplate allows customization of individual replica configurations within a Component, -/// without altering the base component template defined in ClusterComponentSpec. -/// It enables the application of distinct settings to specific instances (replicas), -/// providing flexibility while maintaining a common configuration baseline. +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstanceUpdateStrategy { + /// Specifies how the rolling update should be applied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] + pub rolling_update: Option, + /// Indicates the type of the update strategy. + /// Default is RollingUpdate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, +} + +/// Specifies how the rolling update should be applied. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstanceUpdateStrategyRollingUpdate { + /// The maximum number of instances that can be unavailable during the update. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. This can not be 0. + /// Defaults to 1. The field applies to all instances. That means if there is any unavailable pod, + /// it will be counted towards MaxUnavailable. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] + pub max_unavailable: Option, + /// Indicates the number of instances that should be updated during a rolling update. + /// The remaining instances will remain untouched. This is helpful in defining how many instances + /// should participate in the update process. + /// Value can be an absolute number (ex: 5) or a percentage of desired instances (ex: 10%). + /// Absolute number is calculated from percentage by rounding up. + /// The default value is ComponentSpec.Replicas (i.e., update all instances). + #[serde(default, skip_serializing_if = "Option::is_none")] + pub replicas: Option, +} + +/// Provides fine-grained control over the spec update process of all instances. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum InstanceSetInstanceUpdateStrategyType { + RollingUpdate, + OnDelete, +} + +/// InstanceTemplate allows customization of individual replica configurations in a Component. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstances { /// Specifies a map of key-value pairs to be merged into the Pod's existing annotations. @@ -389,15 +219,12 @@ pub struct InstanceSetInstances { /// Add new or override existing envs. #[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, - /// Specifies an override for the first container's image in the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, /// Specifies a map of key-value pairs that will be merged into the Pod's existing labels. /// Values for existing keys will be overwritten, and new keys will be added. #[serde(default, skip_serializing_if = "Option::is_none")] pub labels: Option>, /// Name specifies the unique name of the instance Pod created using this InstanceTemplate. - /// This name is constructed by concatenating the component's name, the template's name, and the instance's ordinal + /// This name is constructed by concatenating the Component's name, the template's name, and the instance's ordinal /// using the pattern: $(cluster.name)-$(component.name)-$(template.name)-$(ordinal). Ordinals start from 0. /// The specified name overrides any default naming conventions or patterns. pub name: String, @@ -412,7 +239,7 @@ pub struct InstanceSetInstances { #[serde(default, skip_serializing_if = "Option::is_none")] pub ordinals: Option, /// Specifies the number of instances (Pods) to create from this InstanceTemplate. - /// This field allows setting how many replicated instances of the component, + /// This field allows setting how many replicated instances of the Component, /// with the specific overrides in the InstanceTemplate, are created. /// The default value is 1. A value of 0 disables instance creation. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -424,18 +251,6 @@ pub struct InstanceSetInstances { /// Specifies the scheduling policy for the Component. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingPolicy")] pub scheduling_policy: Option, - /// Defines VolumeClaimTemplates to override. - /// Add new or override existing volume claim templates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplates")] - pub volume_claim_templates: Option>, - /// Defines VolumeMounts to override. - /// Add new or override existing volume mounts of the first container in the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - /// Defines Volumes to override. - /// Add new or override existing volumes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, } /// EnvVar represents an environment variable present in a Container. @@ -1511,2002 +1326,17 @@ pub struct InstanceSetInstancesSchedulingPolicyTopologySpreadConstraintsLabelSel /// values is an array of string values. If the operator is In or NotIn, /// the values array must be non-empty. If the operator is Exists or DoesNotExist, /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// PersistentVolumeClaim is a user's request for and claim to a persistent volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplates { - /// APIVersion defines the versioned schema of this representation of an object. - /// Servers should convert recognized schemas to the latest internal value, and - /// may reject unrecognized values. - /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Kind is a string value representing the REST resource this object represents. - /// Servers may infer this from the endpoint the client submits requests to. - /// Cannot be updated. - /// In CamelCase. - /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// Standard object's metadata. - /// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// spec defines the desired characteristics of a volume requested by a pod author. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none")] - pub spec: Option, - /// status represents the current information/status of a persistent volume claim. - /// Read-only. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none")] - pub status: Option, -} - -/// Standard object's metadata. -/// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub finalizers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// spec defines the desired characteristics of a volume requested by a pod author. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesSpec { - /// accessModes contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// dataSource field can be used to specify either: - /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - /// * An existing PVC (PersistentVolumeClaim) - /// If the provisioner or an external controller can support the specified data source, - /// it will create a new volume based on the contents of the specified data source. - /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - /// volume is desired. This may be any object from a non-empty API group (non - /// core object) or a PersistentVolumeClaim object. - /// When this field is specified, volume binding will only succeed if the type of - /// the specified object matches some installed volume populator or dynamic - /// provisioner. - /// This field will replace the functionality of the dataSource field and as such - /// if both fields are non-empty, they must have the same value. For backwards - /// compatibility, when namespace isn't specified in dataSourceRef, - /// both fields (dataSource and dataSourceRef) will be set to the same - /// value automatically if one of them is empty and the other is non-empty. - /// When namespace is specified in dataSourceRef, - /// dataSource isn't set to the same value and must be empty. - /// There are three important differences between dataSource and dataSourceRef: - /// * While dataSource only allows two specific types of objects, dataSourceRef - /// allows any non-core object, as well as PersistentVolumeClaim objects. - /// * While dataSource ignores disallowed values (dropping them), dataSourceRef - /// preserves all values, and generates an error if a disallowed value is - /// specified. - /// * While dataSource only allows local objects, dataSourceRef allows objects - /// in any namespaces. - /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. - /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - /// that are lower than previous value but must still be higher than capacity recorded in the - /// status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// selector is a label query over volumes to consider for binding. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - /// If specified, the CSI driver will create or update the volume with the attributes defined - /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - /// will be set by the persistentvolume controller if it exists. - /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] - pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. - /// Value of Filesystem is implied when not included in claim spec. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// dataSource field can be used to specify either: -/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) -/// * An existing PVC (PersistentVolumeClaim) -/// If the provisioner or an external controller can support the specified data source, -/// it will create a new volume based on the contents of the specified data source. -/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, -/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. -/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty -/// volume is desired. This may be any object from a non-empty API group (non -/// core object) or a PersistentVolumeClaim object. -/// When this field is specified, volume binding will only succeed if the type of -/// the specified object matches some installed volume populator or dynamic -/// provisioner. -/// This field will replace the functionality of the dataSource field and as such -/// if both fields are non-empty, they must have the same value. For backwards -/// compatibility, when namespace isn't specified in dataSourceRef, -/// both fields (dataSource and dataSourceRef) will be set to the same -/// value automatically if one of them is empty and the other is non-empty. -/// When namespace is specified in dataSourceRef, -/// dataSource isn't set to the same value and must be empty. -/// There are three important differences between dataSource and dataSourceRef: -/// * While dataSource only allows two specific types of objects, dataSourceRef -/// allows any non-core object, as well as PersistentVolumeClaim objects. -/// * While dataSource ignores disallowed values (dropping them), dataSourceRef -/// preserves all values, and generates an error if a disallowed value is -/// specified. -/// * While dataSource only allows local objects, dataSourceRef allows objects -/// in any namespaces. -/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, - /// Namespace is the namespace of resource being referenced - /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// resources represents the minimum resources the volume should have. -/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements -/// that are lower than previous value but must still be higher than capacity recorded in the -/// status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// selector is a label query over volumes to consider for binding. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// status represents the current information/status of a persistent volume claim. -/// Read-only. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesStatus { - /// accessModes contains the actual access modes the volume backing the PVC has. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// allocatedResourceStatuses stores status of resource being resized for the given PVC. - /// Key names follow standard Kubernetes label syntax. Valid values are either: - /// * Un-prefixed keys: - /// - storage - the capacity of the volume. - /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" - /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered - /// reserved and hence may not be used. - /// - /// - /// ClaimResourceStatus can be in any of following states: - /// - ControllerResizeInProgress: - /// State set when resize controller starts resizing the volume in control-plane. - /// - ControllerResizeFailed: - /// State set when resize has failed in resize controller with a terminal error. - /// - NodeResizePending: - /// State set when resize controller has finished resizing the volume but further resizing of - /// volume is needed on the node. - /// - NodeResizeInProgress: - /// State set when kubelet starts resizing the volume. - /// - NodeResizeFailed: - /// State set when resizing has failed in kubelet with a terminal error. Transient errors don't set - /// NodeResizeFailed. - /// For example: if expanding a PVC for more capacity - this field can be one of the following states: - /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeInProgress" - /// - pvc.status.allocatedResourceStatus['storage'] = "ControllerResizeFailed" - /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizePending" - /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeInProgress" - /// - pvc.status.allocatedResourceStatus['storage'] = "NodeResizeFailed" - /// When this field is not set, it means that no resize operation is in progress for the given PVC. - /// - /// - /// A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus - /// should ignore the update for the purpose it was designed. For example - a controller that - /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid - /// resources associated with PVC. - /// - /// - /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResourceStatuses")] - pub allocated_resource_statuses: Option>, - /// allocatedResources tracks the resources allocated to a PVC including its capacity. - /// Key names follow standard Kubernetes label syntax. Valid values are either: - /// * Un-prefixed keys: - /// - storage - the capacity of the volume. - /// * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" - /// Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered - /// reserved and hence may not be used. - /// - /// - /// Capacity reported here may be larger than the actual capacity when a volume expansion operation - /// is requested. - /// For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. - /// If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. - /// If a volume expansion capacity request is lowered, allocatedResources is only - /// lowered if there are no expansion operations in progress and if the actual volume capacity - /// is equal or lower than the requested capacity. - /// - /// - /// A controller that receives PVC update with previously unknown resourceName - /// should ignore the update for the purpose it was designed. For example - a controller that - /// only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid - /// resources associated with PVC. - /// - /// - /// This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allocatedResources")] - pub allocated_resources: Option>, - /// capacity represents the actual resources of the underlying volume. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub capacity: Option>, - /// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - /// resized then the Condition will be set to 'ResizeStarted'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub conditions: Option>, - /// currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - /// When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - /// This is an alpha field and requires enabling VolumeAttributesClass feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVolumeAttributesClassName")] - pub current_volume_attributes_class_name: Option, - /// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - /// When this is unset, there is no ModifyVolume operation being attempted. - /// This is an alpha field and requires enabling VolumeAttributesClass feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyVolumeStatus")] - pub modify_volume_status: Option, - /// phase represents the current phase of PersistentVolumeClaim. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub phase: Option, -} - -/// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. -/// When this is unset, there is no ModifyVolume operation being attempted. -/// This is an alpha field and requires enabling VolumeAttributesClass feature. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesStatusModifyVolumeStatus { - /// status is the status of the ControllerModifyVolume operation. It can be in any of following states: - /// - Pending - /// Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as - /// the specified VolumeAttributesClass not existing. - /// - InProgress - /// InProgress indicates that the volume is being modified. - /// - Infeasible - /// Infeasible indicates that the request has been rejected as invalid by the CSI driver. To - /// resolve the error, a valid VolumeAttributesClass needs to be specified. - /// Note: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately. - pub status: String, - /// targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetVolumeAttributesClassName")] - pub target_volume_attributes_class_name: Option, -} - -/// VolumeMount describes a mounting of a Volume within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeMounts { - /// Path within the container at which the volume should be mounted. Must - /// not contain ':'. - #[serde(rename = "mountPath")] - pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host - /// to container and the other way around. - /// When not set, MountPropagationNone is used. - /// This field is beta in 1.10. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - /// This must match the Name of a Volume. - pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. - /// Defaults to "" (volume's root). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. - /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - /// Defaults to "" (volume's root). - /// SubPathExpr and SubPath are mutually exclusive. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -/// Volume represents a named volume in a pod that may be accessed by any container in the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] - pub aws_elastic_block_store: Option, - /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] - pub azure_disk: Option, - /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] - pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cinder: Option, - /// configMap represents a configMap that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub csi: Option, - /// downwardAPI represents downward API about the pod that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] - pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. - /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - /// and deleted when the pod is removed. - /// - /// - /// Use this if: - /// a) the volume is only needed while the pod runs, - /// b) features of normal volumes like restoring from snapshot or capacity - /// tracking are needed, - /// c) the storage driver is specified through a storage class, and - /// d) the storage driver supports dynamic volume provisioning through - /// a PersistentVolumeClaim (see EphemeralVolumeSource for more - /// information on the connection between this volume type - /// and PersistentVolumeClaim). - /// - /// - /// Use PersistentVolumeClaim or one of the vendor-specific - /// APIs for volumes that persist for longer than the lifecycle - /// of an individual pod. - /// - /// - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - /// be used that way - see the documentation of the driver for - /// more information. - /// - /// - /// A pod can use both types of ephemeral volumes and - /// persistent volumes at the same time. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ephemeral: Option, - /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub fc: Option, - /// flexVolume represents a generic volume resource that is - /// provisioned/attached using an exec based plugin. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] - pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] - pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - /// into the Pod's container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] - pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host - /// machine that is directly exposed to the container. This is generally - /// used for system agents or other privileged things that are allowed - /// to see the host machine. Most containers will NOT need this. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] - pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://examples.k8s.io/volumes/iscsi/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub iscsi: Option, - /// name of the volume. - /// Must be a DNS_LABEL and unique within the pod. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a - /// PersistentVolumeClaim in the same namespace. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] - pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] - pub portworx_volume: Option, - /// projected items for all in one resources secrets, configmaps, and downward API - #[serde(default, skip_serializing_if = "Option::is_none")] - pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/rbd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rbd: Option, - /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] - pub scale_io: Option, - /// secret represents a secret that should populate this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] - pub vsphere_volume: Option, -} - -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesAzureDisk { - /// cachingMode is the Host Caching mode: None, Read Only, Read Write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] - pub caching_mode: Option, - /// diskName is the Name of the data disk in the blob storage - #[serde(rename = "diskName")] - pub disk_name: String, - /// diskURI is the URI of data disk in the blob storage - #[serde(rename = "diskURI")] - pub disk_uri: String, - /// fsType is Filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretName is the name of secret that contains Azure Storage Account Name and Key - #[serde(rename = "secretName")] - pub secret_name: String, - /// shareName is the azure share Name - #[serde(rename = "shareName")] - pub share_name: String, -} - -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - pub monitors: Vec, - /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] - pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. -/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesCephfsSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// cinder represents a cinder volume attached and mounted on kubelets host machine. -/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesCinder { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect - /// to OpenStack. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// secretRef is optional: points to a secret object containing parameters used to connect -/// to OpenStack. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesCinderSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// configMap represents a configMap that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. - /// Consult with your admin for the correct name as registered in the cluster. - pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". - /// If not provided, the empty value is passed to the associated CSI driver - /// which will determine the default filesystem to apply. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing - /// sensitive information to pass to the CSI driver to complete the CSI - /// NodePublishVolume and NodeUnpublishVolume calls. - /// This field is optional, and may be empty if no secret is required. If the - /// secret object contains more than one secret, all secret references are passed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] - pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. - /// Defaults to false (read/write). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI - /// driver. Consult your driver's documentation for supported values. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] - pub volume_attributes: Option>, -} - -/// nodePublishSecretRef is a reference to the secret object containing -/// sensitive information to pass to the CSI driver to complete the CSI -/// NodePublishVolume and NodeUnpublishVolume calls. -/// This field is optional, and may be empty if no secret is required. If the -/// secret object contains more than one secret, all secret references are passed. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesCsiNodePublishSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// downwardAPI represents downward API about the pod that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a - /// Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Items is a list of downward API volume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// emptyDir represents a temporary directory that shares a pod's lifetime. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. - /// The default is "" which means to use the node's default medium. - /// Must be an empty string (default) or Memory. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none")] - pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. - /// The size limit is also applicable for memory medium. - /// The maximum usage on memory medium EmptyDir would be the minimum value between - /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. - /// The default is nil which means that the limit is undefined. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] - pub size_limit: Option, -} - -/// ephemeral represents a volume that is handled by a cluster storage driver. -/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, -/// and deleted when the pod is removed. -/// -/// -/// Use this if: -/// a) the volume is only needed while the pod runs, -/// b) features of normal volumes like restoring from snapshot or capacity -/// tracking are needed, -/// c) the storage driver is specified through a storage class, and -/// d) the storage driver supports dynamic volume provisioning through -/// a PersistentVolumeClaim (see EphemeralVolumeSource for more -/// information on the connection between this volume type -/// and PersistentVolumeClaim). -/// -/// -/// Use PersistentVolumeClaim or one of the vendor-specific -/// APIs for volumes that persist for longer than the lifecycle -/// of an individual pod. -/// -/// -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to -/// be used that way - see the documentation of the driver for -/// more information. -/// -/// -/// A pod can use both types of ephemeral volumes and -/// persistent volumes at the same time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. - /// The pod in which this EphemeralVolumeSource is embedded will be the - /// owner of the PVC, i.e. the PVC will be deleted together with the - /// pod. The name of the PVC will be `-` where - /// `` is the name from the `PodSpec.Volumes` array - /// entry. Pod validation will reject the pod if the concatenated name - /// is not valid for a PVC (for example, too long). - /// - /// - /// An existing PVC with that name that is not owned by the pod - /// will *not* be used for the pod to avoid using an unrelated - /// volume by mistake. Starting the pod is then blocked until - /// the unrelated PVC is removed. If such a pre-created PVC is - /// meant to be used by the pod, the PVC has to updated with an - /// owner reference to the pod once the pod exists. Normally - /// this should not be necessary, but it may be useful when - /// manually reconstructing a broken cluster. - /// - /// - /// This field is read-only and no changes will be made by Kubernetes - /// to the PVC after it has been created. - /// - /// - /// Required, must not be nil. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] - pub volume_claim_template: Option, -} - -/// Will be used to create a stand-alone PVC to provision the volume. -/// The pod in which this EphemeralVolumeSource is embedded will be the -/// owner of the PVC, i.e. the PVC will be deleted together with the -/// pod. The name of the PVC will be `-` where -/// `` is the name from the `PodSpec.Volumes` array -/// entry. Pod validation will reject the pod if the concatenated name -/// is not valid for a PVC (for example, too long). -/// -/// -/// An existing PVC with that name that is not owned by the pod -/// will *not* be used for the pod to avoid using an unrelated -/// volume by mistake. Starting the pod is then blocked until -/// the unrelated PVC is removed. If such a pre-created PVC is -/// meant to be used by the pod, the PVC has to updated with an -/// owner reference to the pod once the pod exists. Normally -/// this should not be necessary, but it may be useful when -/// manually reconstructing a broken cluster. -/// -/// -/// This field is read-only and no changes will be made by Kubernetes -/// to the PVC after it has been created. -/// -/// -/// Required, must not be nil. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC - /// when creating it. No other fields are allowed and will be rejected during - /// validation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is - /// copied unchanged into the PVC that gets created from this - /// template. The same fields as in a PersistentVolumeClaim - /// are also valid here. - pub spec: InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpec, -} - -/// May contain labels and annotations that will be copied into the PVC -/// when creating it. No other fields are allowed and will be rejected during -/// validation. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub finalizers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// The specification for the PersistentVolumeClaim. The entire content is -/// copied unchanged into the PVC that gets created from this -/// template. The same fields as in a PersistentVolumeClaim -/// are also valid here. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// dataSource field can be used to specify either: - /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - /// * An existing PVC (PersistentVolumeClaim) - /// If the provisioner or an external controller can support the specified data source, - /// it will create a new volume based on the contents of the specified data source. - /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - /// volume is desired. This may be any object from a non-empty API group (non - /// core object) or a PersistentVolumeClaim object. - /// When this field is specified, volume binding will only succeed if the type of - /// the specified object matches some installed volume populator or dynamic - /// provisioner. - /// This field will replace the functionality of the dataSource field and as such - /// if both fields are non-empty, they must have the same value. For backwards - /// compatibility, when namespace isn't specified in dataSourceRef, - /// both fields (dataSource and dataSourceRef) will be set to the same - /// value automatically if one of them is empty and the other is non-empty. - /// When namespace is specified in dataSourceRef, - /// dataSource isn't set to the same value and must be empty. - /// There are three important differences between dataSource and dataSourceRef: - /// * While dataSource only allows two specific types of objects, dataSourceRef - /// allows any non-core object, as well as PersistentVolumeClaim objects. - /// * While dataSource ignores disallowed values (dropping them), dataSourceRef - /// preserves all values, and generates an error if a disallowed value is - /// specified. - /// * While dataSource only allows local objects, dataSourceRef allows objects - /// in any namespaces. - /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. - /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - /// that are lower than previous value but must still be higher than capacity recorded in the - /// status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// selector is a label query over volumes to consider for binding. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - /// If specified, the CSI driver will create or update the volume with the attributes defined - /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - /// will be set by the persistentvolume controller if it exists. - /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] - pub volume_attributes_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. - /// Value of Filesystem is implied when not included in claim spec. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// dataSource field can be used to specify either: -/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) -/// * An existing PVC (PersistentVolumeClaim) -/// If the provisioner or an external controller can support the specified data source, -/// it will create a new volume based on the contents of the specified data source. -/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, -/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. -/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty -/// volume is desired. This may be any object from a non-empty API group (non -/// core object) or a PersistentVolumeClaim object. -/// When this field is specified, volume binding will only succeed if the type of -/// the specified object matches some installed volume populator or dynamic -/// provisioner. -/// This field will replace the functionality of the dataSource field and as such -/// if both fields are non-empty, they must have the same value. For backwards -/// compatibility, when namespace isn't specified in dataSourceRef, -/// both fields (dataSource and dataSourceRef) will be set to the same -/// value automatically if one of them is empty and the other is non-empty. -/// When namespace is specified in dataSourceRef, -/// dataSource isn't set to the same value and must be empty. -/// There are three important differences between dataSource and dataSourceRef: -/// * While dataSource only allows two specific types of objects, dataSourceRef -/// allows any non-core object, as well as PersistentVolumeClaim objects. -/// * While dataSource ignores disallowed values (dropping them), dataSourceRef -/// preserves all values, and generates an error if a disallowed value is -/// specified. -/// * While dataSource only allows local objects, dataSourceRef allows objects -/// in any namespaces. -/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, - /// Namespace is the namespace of resource being referenced - /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// resources represents the minimum resources the volume should have. -/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements -/// that are lower than previous value but must still be higher than capacity recorded in the -/// status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// selector is a label query over volumes to consider for binding. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesFc { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// lun is Optional: FC target lun number - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// targetWWNs is Optional: FC target worldwide names (WWNs) - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] - pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) - /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub wwids: Option>, -} - -/// flexVolume represents a generic volume resource that is -/// provisioned/attached using an exec based plugin. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesFlexVolume { - /// driver is the name of the driver to use for this volume. - pub driver: String, - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// options is Optional: this field holds extra command options if any. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing - /// sensitive information to pass to the plugin scripts. This may be - /// empty if no secret object is specified. If the secret object - /// contains more than one secret, all secrets are passed to the plugin - /// scripts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// secretRef is Optional: secretRef is reference to the secret object containing -/// sensitive information to pass to the plugin scripts. This may be -/// empty if no secret object is specified. If the secret object -/// contains more than one secret, all secrets are passed to the plugin -/// scripts. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesFlexVolumeSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - /// should be considered as deprecated - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] - pub dataset_name: Option, - /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] - pub dataset_uuid: Option, -} - -/// gcePersistentDisk represents a GCE Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(rename = "pdName")] - pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -/// into the Pod's container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesGitRepo { - /// directory is the target directory name. - /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - /// git repository. Otherwise, if specified, the volume will contain the git repository in - /// the subdirectory with the given name. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub directory: Option, - /// repository is the URL - pub repository: String, - /// revision is the commit hash for the specified revision. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub revision: Option, -} - -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/glusterfs/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub endpoints: String, - /// path is the Glusterfs volume path. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// hostPath represents a pre-existing file or directory on the host -/// machine that is directly exposed to the container. This is generally -/// used for system agents or other privileged things that are allowed -/// to see the host machine. Most containers will NOT need this. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesHostPath { - /// path of the directory on the host. - /// If the path is a symlink, it will follow the link to the real path. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - pub path: String, - /// type for HostPath Volume - /// Defaults to "" - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// iscsi represents an ISCSI Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://examples.k8s.io/volumes/iscsi/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesIscsi { - /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] - pub chap_auth_discovery: Option, - /// chapAuthSession defines whether support iSCSI Session CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] - pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. - /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - /// : will be created for the connection. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] - pub initiator_name: Option, - /// iqn is the target iSCSI Qualified Name. - pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. - /// Defaults to 'default' (tcp). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] - pub iscsi_interface: Option, - /// lun represents iSCSI Target Lun number. - pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is the CHAP Secret for iSCSI target and initiator authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(rename = "targetPortal")] - pub target_portal: String, -} - -/// secretRef is the CHAP Secret for iSCSI target and initiator authentication -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesIscsiSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// nfs represents an NFS mount on the host that shares a pod's lifetime -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesNfs { - /// path that is exported by the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// server is the hostname or IP address of the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub server: String, -} - -/// persistentVolumeClaimVolumeSource represents a reference to a -/// PersistentVolumeClaim in the same namespace. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(rename = "claimName")] - pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. - /// Default false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// pdID is the ID that identifies Photon Controller persistent disk - #[serde(rename = "pdID")] - pub pd_id: String, -} - -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesPortworxVolume { - /// fSType represents the filesystem type to mount - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID uniquely identifies a Portworx volume - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// projected items for all in one resources secrets, configmaps, and downward API -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// sources is the list of volume projections - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sources: Option>, -} - -/// Projection that may be projected along with other supported volume types -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSources { - /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field - /// of ClusterTrustBundle objects in an auto-updating file. - /// - /// - /// Alpha, gated by the ClusterTrustBundleProjection feature gate. - /// - /// - /// ClusterTrustBundle objects can either be selected by name, or by the - /// combination of signer name and a label selector. - /// - /// - /// Kubelet performs aggressive normalization of the PEM contents written - /// into the pod filesystem. Esoteric PEM features such as inter-block - /// comments and block headers are stripped. Certificates are deduplicated. - /// The ordering of certificates within the file is arbitrary, and Kubelet - /// may change the order over time. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] - pub cluster_trust_bundle: Option, - /// configMap information about the configMap data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// downwardAPI information about the downwardAPI data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// secret information about the secret data to project - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// serviceAccountToken is information about the serviceAccountToken data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] - pub service_account_token: Option, -} - -/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field -/// of ClusterTrustBundle objects in an auto-updating file. -/// -/// -/// Alpha, gated by the ClusterTrustBundleProjection feature gate. -/// -/// -/// ClusterTrustBundle objects can either be selected by name, or by the -/// combination of signer name and a label selector. -/// -/// -/// Kubelet performs aggressive normalization of the PEM contents written -/// into the pod filesystem. Esoteric PEM features such as inter-block -/// comments and block headers are stripped. Certificates are deduplicated. -/// The ordering of certificates within the file is arbitrary, and Kubelet -/// may change the order over time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesClusterTrustBundle { - /// Select all ClusterTrustBundles that match this label selector. Only has - /// effect if signerName is set. Mutually-exclusive with name. If unset, - /// interpreted as "match nothing". If set but empty, interpreted as "match - /// everything". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// Select a single ClusterTrustBundle by object name. Mutually-exclusive - /// with signerName and labelSelector. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) - /// aren't available. If using name, then the named ClusterTrustBundle is - /// allowed not to exist. If using signerName, then the combination of - /// signerName and labelSelector is allowed to match zero - /// ClusterTrustBundles. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// Relative path from the volume root to write the bundle. - pub path: String, - /// Select all ClusterTrustBundles that match this signer name. - /// Mutually-exclusive with name. The contents of all selected - /// ClusterTrustBundles will be unified and deduplicated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] - pub signer_name: Option, -} - -/// Select all ClusterTrustBundles that match this label selector. Only has -/// effect if signerName is set. Mutually-exclusive with name. If unset, -/// interpreted as "match nothing". If set but empty, interpreted as "match -/// everything". -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// configMap information about the configMap data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// downwardAPI information about the downwardAPI data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesDownwardApi { - /// Items is a list of DownwardAPIVolume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// secret information about the secret data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional field specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// serviceAccountToken is information about the serviceAccountToken data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token - /// must identify itself with an identifier specified in the audience of the - /// token, and otherwise should reject the token. The audience defaults to the - /// identifier of the apiserver. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service - /// account token. As the token approaches expiration, the kubelet volume - /// plugin will proactively rotate the service account token. The kubelet will - /// start trying to rotate the token if the token is older than 80 percent of - /// its time to live or if the token is older than 24 hours.Defaults to 1 hour - /// and must be at least 10 minutes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] - pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the - /// token into. - pub path: String, -} - -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesQuobyte { - /// group to map volume access to - /// Default is no group - #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services - /// specified as a string as host:port pair (multiple entries are separated with commas) - /// which acts as the central registry for volumes - pub registry: String, - /// tenant owning the given Quobyte volume in the Backend - /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tenant: Option, - /// user to map volume access to - /// Defaults to serivceaccount user - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, - /// volume is a string that references an already created Quobyte volume by name. - pub volume: String, -} - -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/rbd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// image is the rados image name. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub image: String, - /// keyring is the path to key ring for RBDUser. - /// Default is /etc/ceph/keyring. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keyring: Option, - /// monitors is a collection of Ceph monitors. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub monitors: Vec, - /// pool is the rados pool name. - /// Default is rbd. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided - /// overrides keyring. - /// Default is nil. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is the rados user name. - /// Default is admin. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is name of the authentication secret for RBDUser. If provided -/// overrides keyring. -/// Default is nil. -/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesRbdSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesScaleIo { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". - /// Default is "xfs". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// gateway is the host address of the ScaleIO API Gateway. - pub gateway: String, - /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] - pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other - /// sensitive information. If this is not provided, Login operation will fail. - #[serde(rename = "secretRef")] - pub secret_ref: InstanceSetInstancesVolumesScaleIoSecretRef, - /// sslEnabled Flag enable/disable SSL communication with Gateway, default false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] - pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - /// Default is ThinProvisioned. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] - pub storage_mode: Option, - /// storagePool is the ScaleIO Storage Pool associated with the protection domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] - pub storage_pool: Option, - /// system is the name of the storage system as configured in ScaleIO. - pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system - /// that is associated with this volume source. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// secretRef references to the secret for ScaleIO user and other -/// sensitive information. If this is not provided, Login operation will fail. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesScaleIoSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// secret represents a secret that should populate this volume. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values - /// for mode bits. Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// optional field specify whether the Secret or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesStorageos { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API - /// credentials. If not specified, default values will be attempted. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume - /// names are only unique within a namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no - /// namespace is specified then the Pod's namespace will be used. This allows the - /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - /// Set VolumeName to any name to override the default behaviour. - /// Set to "default" if you are not using namespaces within StorageOS. - /// Namespaces that do not pre-exist within StorageOS will be created. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] - pub volume_namespace: Option, -} - -/// secretRef specifies the secret to use for obtaining the StorageOS API -/// credentials. If not specified, default values will be attempted. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesStorageosSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesVsphereVolume { - /// fsType is filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] - pub storage_policy_id: Option, - /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] - pub storage_policy_name: Option, - /// volumePath is the path that identifies vSphere volume vmdk - #[serde(rename = "volumePath")] - pub volume_path: String, + pub values: Option>, } /// Defines the desired state of the state machine. It includes the configuration details for the state machine. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum InstanceSetMemberUpdateStrategy { Serial, - BestEffortParallel, Parallel, + BestEffortParallel, } /// Provides actions to do membership dynamic reconfiguration. @@ -3528,6 +1358,9 @@ pub struct InstanceSetMembershipReconfiguration { /// If the Image is not configured, the Image from the previous non-nil action will be used. #[serde(default, skip_serializing_if = "Option::is_none", rename = "promoteAction")] pub promote_action: Option, + /// Defines the procedure for a controlled transition of a role to a new replica. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub switchover: Option, /// Specifies the environment variables that can be used in all following Actions: /// - KB_ITS_USERNAME: Represents the username part of the credential /// - KB_ITS_PASSWORD: Represents the password part of the credential @@ -3598,6 +1431,262 @@ pub struct InstanceSetMembershipReconfigurationPromoteAction { pub image: Option, } +/// Defines the procedure for a controlled transition of a role to a new replica. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchover { + /// Defines the command to run. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub exec: Option, + /// Specifies the state that the cluster must reach before the Action is executed. + /// Currently, this is only applicable to the `postProvision` action. + /// + /// + /// The conditions are as follows: + /// + /// + /// - `Immediately`: Executed right after the Component object is created. + /// The readiness of the Component and its resources is not guaranteed at this stage. + /// - `RuntimeReady`: The Action is triggered after the Component object has been created and all associated + /// runtime resources (e.g. Pods) are in a ready state. + /// - `ComponentReady`: The Action is triggered after the Component itself is in a ready state. + /// This process does not affect the readiness state of the Component or the Cluster. + /// - `ClusterReady`: The Action is executed after the Cluster is in a ready state. + /// This execution does not alter the Component or the Cluster's state of readiness. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preCondition")] + pub pre_condition: Option, + /// Defines the strategy to be taken when retrying the Action after a failure. + /// + /// + /// It specifies the conditions under which the Action should be retried and the limits to apply, + /// such as the maximum number of retries and backoff strategy. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryPolicy")] + pub retry_policy: Option, + /// Specifies the maximum duration in seconds that the Action is allowed to run. + /// + /// + /// If the Action does not complete within this time frame, it will be terminated. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] + pub timeout_seconds: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverExec { + /// Args represents the arguments that are passed to the `command` for execution. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub args: Option>, + /// Specifies the command to be executed inside the container. + /// The working directory for this command is the container's root directory('/'). + /// Commands are executed directly without a shell environment, meaning shell-specific syntax ('|', etc.) is not supported. + /// If the shell is required, it must be explicitly invoked in the command. + /// + /// + /// A successful execution is indicated by an exit status of 0; any non-zero status signifies a failure. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub command: Option>, + /// Specifies the name of the container within the same pod whose resources will be shared with the action. + /// This allows the action to utilize the specified container's resources without executing within it. + /// + /// + /// The name must match one of the containers defined in `componentDefinition.spec.runtime`. + /// + /// + /// The resources that can be shared are included: + /// + /// + /// - volume mounts + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub container: Option, + /// Represents a list of environment variables that will be injected into the container. + /// These variables enable the container to adapt its behavior based on the environment it's running in. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub env: Option>, + /// Specifies the container image to be used for running the Action. + /// + /// + /// When specified, a dedicated container will be created using this image to execute the Action. + /// All actions with same image will share the same container. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub image: Option, + /// Used in conjunction with the `targetPodSelector` field to refine the selection of target pod(s) for Action execution. + /// The impact of this field depends on the `targetPodSelector` value: + /// + /// + /// - When `targetPodSelector` is set to `Any` or `All`, this field will be ignored. + /// - When `targetPodSelector` is set to `Role`, only those replicas whose role matches the `matchingKey` + /// will be selected for the Action. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchingKey")] + pub matching_key: Option, + /// Defines the criteria used to select the target Pod(s) for executing the Action. + /// This is useful when there is no default target replica identified. + /// It allows for precise control over which Pod(s) the Action should run in. + /// + /// + /// If not specified, the Action will be executed in the pod where the Action is triggered, such as the pod + /// to be removed or added; or a random pod if the Action is triggered at the component level, such as + /// post-provision or pre-terminate of the component. + /// + /// + /// This field cannot be updated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPodSelector")] + pub target_pod_selector: Option, +} + +/// EnvVar represents an environment variable present in a Container. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverExecEnv { + /// Name of the environment variable. Must be a C_IDENTIFIER. + pub name: String, + /// Variable references $(VAR_NAME) are expanded + /// using the previously defined environment variables in the container and + /// any service environment variables. If a variable cannot be resolved, + /// the reference in the input string will be unchanged. Double $$ are reduced + /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + /// Escaped references will never be expanded, regardless of whether the variable + /// exists or not. + /// Defaults to "". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + /// Source for the environment variable's value. Cannot be used if value is not empty. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +/// Source for the environment variable's value. Cannot be used if value is not empty. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverExecEnvValueFrom { + /// Selects a key of a ConfigMap. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] + pub config_map_key_ref: Option, + /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] + pub field_ref: Option, + /// Selects a resource of the container: only resources limits and requests + /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] + pub resource_field_ref: Option, + /// Selects a key of a secret in the pod's namespace + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +/// Selects a key of a ConfigMap. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverExecEnvValueFromConfigMapKeyRef { + /// The key to select. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, +/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverExecEnvValueFromFieldRef { + /// Version of the schema the FieldPath is written in terms of, defaults to "v1". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] + pub api_version: Option, + /// Path of the field to select in the specified API version. + #[serde(rename = "fieldPath")] + pub field_path: String, +} + +/// Selects a resource of the container: only resources limits and requests +/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverExecEnvValueFromResourceFieldRef { + /// Container name: required for volumes, optional for env vars + #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] + pub container_name: Option, + /// Specifies the output format of the exposed resources, defaults to "1" + #[serde(default, skip_serializing_if = "Option::is_none")] + pub divisor: Option, + /// Required: resource to select + pub resource: String, +} + +/// Selects a key of a secret in the pod's namespace +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverExecEnvValueFromSecretKeyRef { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Defines the command to run. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum InstanceSetMembershipReconfigurationSwitchoverExecTargetPodSelector { + Any, + All, + Role, + Ordinal, +} + +/// Defines the strategy to be taken when retrying the Action after a failure. +/// +/// +/// It specifies the conditions under which the Action should be retried and the limits to apply, +/// such as the maximum number of retries and backoff strategy. +/// +/// +/// This field cannot be updated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetMembershipReconfigurationSwitchoverRetryPolicy { + /// Defines the maximum number of retry attempts that should be made for a given Action. + /// This value is set to 0 by default, indicating that no retries will be made. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRetries")] + pub max_retries: Option, + /// Indicates the duration of time to wait between each retry attempt. + /// This value is set to 0 by default, indicating that there will be no delay between retry attempts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retryInterval")] + pub retry_interval: Option, +} + /// Specifies the environment variables that can be used in all following Actions: /// - KB_ITS_USERNAME: Represents the username part of the credential /// - KB_ITS_PASSWORD: Represents the password part of the credential @@ -3620,79 +1709,53 @@ pub struct InstanceSetMembershipReconfigurationSwitchoverAction { pub image: Option, } -/// Provides method to probe role. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetRoleProbe { - /// Defines a custom method for role probing. - /// Actions defined here are executed in series. - /// Upon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles. - /// The latest [BusyBox](https://busybox.net/) image will be used if Image is not configured. - /// Environment variables can be used in Command: - /// - v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix - /// - KB_ITS_USERNAME: username part of the credential - /// - KB_ITS_PASSWORD: password part of the credential - #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHandler")] - pub custom_handler: Option>, - /// Specifies the minimum number of consecutive failures for the probe to be considered failed after having succeeded. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// Specifies the number of seconds to wait after the container has started before initiating role probing. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// Specifies the frequency (in seconds) of probe execution. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Specifies the method for updating the pod role label. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleUpdateMechanism")] - pub role_update_mechanism: Option, - /// Specifies the minimum number of consecutive successes for the probe to be considered successful after having failed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// Specifies the number of seconds after which the probe times out. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - +/// ReplicaRole represents a role that can be assigned to a component instance, defining its behavior and responsibilities. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetRoleProbeCustomHandler { - /// Additional parameters used to perform specific statements. This field is optional. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// A set of instructions that will be executed within the Container to retrieve or process role information. This field is required. - pub command: Vec, - /// Refers to the utility image that contains the command which can be utilized to retrieve or process role information. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, -} - -/// Provides method to probe role. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum InstanceSetRoleProbeRoleUpdateMechanism { - ReadinessProbeEventUpdate, - #[serde(rename = "DirectAPIServerEventUpdate")] - DirectApiServerEventUpdate, -} - -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub struct InstanceSetRoles { - /// Specifies the service capabilities of this member. - #[serde(rename = "accessMode")] - pub access_mode: InstanceSetRolesAccessMode, - /// Indicates if this member has voting rights. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "canVote")] - pub can_vote: Option, - /// Determines if this member is the leader. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "isLeader")] - pub is_leader: Option, - /// Defines the role name of the replica. + /// Name defines the role's unique identifier. This value is used to set the "apps.kubeblocks.io/role" label + /// on the corresponding object to identify its role. + /// + /// + /// For example, common role names include: + /// - "leader": The primary/master instance that handles write operations + /// - "follower": Secondary/replica instances that replicate data from the leader + /// - "learner": Read-only instances that don't participate in elections + /// + /// + /// This field is immutable once set. pub name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum InstanceSetRolesAccessMode { - None, - Readonly, - ReadWrite, + /// ParticipatesInQuorum indicates if pods with this role are counted when determining quorum. + /// This affects update strategies that need to maintain quorum for availability. Roles participate + /// in quorum should have higher update priority than roles do not participate in quorum. + /// The default value is false. + /// + /// + /// For example, in a 5-pod component where: + /// - 2 learner pods (participatesInQuorum=false) + /// - 2 follower pods (participatesInQuorum=true) + /// - 1 leader pod (participatesInQuorum=true) + /// The quorum size would be 3 (based on the 3 participating pods), allowing parallel updates + /// of 2 learners and 1 follower while maintaining quorum. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "participatesInQuorum")] + pub participates_in_quorum: Option, + /// UpdatePriority determines the order in which pods with different roles are updated. + /// Pods are sorted by this priority (higher numbers = higher priority) and updated accordingly. + /// Roles with the highest priority will be updated last. + /// The default priority is 0. + /// + /// + /// For example: + /// - Leader role may have priority 2 (updated last) + /// - Follower role may have priority 1 (updated before leader) + /// - Learner role may have priority 0 (updated first) + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePriority")] + pub update_priority: Option, } /// Represents a label query over pods that should match the desired replica count indicated by the `replica` field. @@ -10280,44 +8343,6 @@ pub struct InstanceSetTemplateSpecVolumesVsphereVolume { pub volume_path: String, } -/// Indicates the StatefulSetUpdateStrategy that will be -/// employed to update Pods in the InstanceSet when a revision is made to -/// Template. -/// UpdateStrategy.Type will be set to appsv1.OnDeleteStatefulSetStrategyType if MemberUpdateStrategy is not nil -/// -/// -/// Note: This field will be removed in future version. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetUpdateStrategy { - /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] - pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. - /// Default is RollingUpdate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. - /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - /// Absolute number is calculated from percentage by rounding up. This can not be 0. - /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the - /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to - /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it - /// will be counted towards MaxUnavailable. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] - pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned - /// for updates. During a rolling update, all pods from ordinal Replicas-1 to - /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. - /// This is helpful in being able to do a canary based deployment. The default value is 0. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, -} - /// PersistentVolumeClaim is a user's request for and claim to a persistent volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetVolumeClaimTemplates { @@ -10717,9 +8742,6 @@ pub struct InstanceSetStatus { /// readyReplicas is the number of instances created for this InstanceSet with a Ready Condition. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyReplicas")] pub ready_replicas: Option, - /// Indicates whether it is required for the InstanceSet to have at least one primary instance ready. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readyWithoutPrimary")] - pub ready_without_primary: Option, /// replicas is the number of instances created by the InstanceSet controller. pub replicas: i32, /// TemplatesStatus represents status of each instance generated by InstanceTemplates @@ -10750,27 +8772,52 @@ pub struct InstanceSetStatusMembersStatus { } /// Defines the role of the replica in the cluster. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetStatusMembersStatusRole { - /// Specifies the service capabilities of this member. - #[serde(rename = "accessMode")] - pub access_mode: InstanceSetStatusMembersStatusRoleAccessMode, - /// Indicates if this member has voting rights. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "canVote")] - pub can_vote: Option, - /// Determines if this member is the leader. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "isLeader")] - pub is_leader: Option, - /// Defines the role name of the replica. + /// Name defines the role's unique identifier. This value is used to set the "apps.kubeblocks.io/role" label + /// on the corresponding object to identify its role. + /// + /// + /// For example, common role names include: + /// - "leader": The primary/master instance that handles write operations + /// - "follower": Secondary/replica instances that replicate data from the leader + /// - "learner": Read-only instances that don't participate in elections + /// + /// + /// This field is immutable once set. pub name: String, -} - -/// Defines the role of the replica in the cluster. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum InstanceSetStatusMembersStatusRoleAccessMode { - None, - Readonly, - ReadWrite, + /// ParticipatesInQuorum indicates if pods with this role are counted when determining quorum. + /// This affects update strategies that need to maintain quorum for availability. Roles participate + /// in quorum should have higher update priority than roles do not participate in quorum. + /// The default value is false. + /// + /// + /// For example, in a 5-pod component where: + /// - 2 learner pods (participatesInQuorum=false) + /// - 2 follower pods (participatesInQuorum=true) + /// - 1 leader pod (participatesInQuorum=true) + /// The quorum size would be 3 (based on the 3 participating pods), allowing parallel updates + /// of 2 learners and 1 follower while maintaining quorum. + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "participatesInQuorum")] + pub participates_in_quorum: Option, + /// UpdatePriority determines the order in which pods with different roles are updated. + /// Pods are sorted by this priority (higher numbers = higher priority) and updated accordingly. + /// Roles with the highest priority will be updated last. + /// The default priority is 0. + /// + /// + /// For example: + /// - Leader role may have priority 2 (updated last) + /// - Follower role may have priority 1 (updated before leader) + /// - Learner role may have priority 0 (updated first) + /// + /// + /// This field is immutable once set. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePriority")] + pub update_priority: Option, } /// InstanceTemplateStatus aggregates the status of replicas for each InstanceTemplate diff --git a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs index dc2ae2943..145bb8beb 100644 --- a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs +++ b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs @@ -148,7 +148,6 @@ pub struct InstanceSetSpec { /// Indicates the StatefulSetUpdateStrategy that will be /// employed to update Pods in the InstanceSet when a revision is made to /// Template. - /// UpdateStrategy.Type will be set to appsv1.OnDeleteStatefulSetStrategyType if MemberUpdateStrategy is not nil /// /// /// Note: This field will be removed in future version. @@ -3631,6 +3630,11 @@ pub struct InstanceSetMembershipReconfigurationSwitchoverAction { /// Provides method to probe role. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetRoleProbe { + /// Specifies the builtin handler name to use to probe the role of the main container. + /// Available handlers include: mysql, postgres, mongodb, redis, etcd, kafka. + /// Use CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtinHandlerName")] + pub builtin_handler_name: Option, /// Defines a custom method for role probing. /// Actions defined here are executed in series. /// Upon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles. @@ -10703,41 +10707,48 @@ pub struct InstanceSetTemplateSpecVolumesVsphereVolume { /// Indicates the StatefulSetUpdateStrategy that will be /// employed to update Pods in the InstanceSet when a revision is made to /// Template. -/// UpdateStrategy.Type will be set to appsv1.OnDeleteStatefulSetStrategyType if MemberUpdateStrategy is not nil /// /// /// Note: This field will be removed in future version. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetUpdateStrategy { - /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] - pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. - /// Default is RollingUpdate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetUpdateStrategyRollingUpdate { /// The maximum number of pods that can be unavailable during the update. /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). /// Absolute number is calculated from percentage by rounding up. This can not be 0. - /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the - /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to - /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it - /// will be counted towards MaxUnavailable. + /// Defaults to 1. The field applies to all pods. That means if there is any unavailable pod, + /// it will be counted towards MaxUnavailable. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned - /// for updates. During a rolling update, all pods from ordinal Replicas-1 to - /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. - /// This is helpful in being able to do a canary based deployment. The default value is 0. + /// Members(Pods) update strategy. + /// + /// + /// - serial: update Members one by one that guarantee minimum component unavailable time. + /// - bestEffortParallel: update Members in parallel that guarantee minimum component un-writable time. + /// - parallel: force parallel + #[serde(default, skip_serializing_if = "Option::is_none", rename = "memberUpdateStrategy")] + pub member_update_strategy: Option, + /// Partition indicates the number of pods that should be updated during a rolling update. + /// The remaining pods will remain untouched. This is helpful in defining how many pods + /// should participate in the update process. The update process will follow the order + /// of pod names in descending lexicographical (dictionary) order. The default value is + /// Replicas (i.e., update all pods). #[serde(default, skip_serializing_if = "Option::is_none")] pub partition: Option, } +/// Indicates the StatefulSetUpdateStrategy that will be +/// employed to update Pods in the InstanceSet when a revision is made to +/// Template. +/// +/// +/// Note: This field will be removed in future version. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum InstanceSetUpdateStrategyMemberUpdateStrategy { + Serial, + BestEffortParallel, + Parallel, +} + /// PersistentVolumeClaim is a user's request for and claim to a persistent volume #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetVolumeClaimTemplates {